Browse code

added checking for valid ACL groups

Jiri Kuthan authored on 15/06/2002 23:16:26
Showing 1 changed files
... ...
@@ -22,6 +22,10 @@ GENHA1='gen_ha1'
22 22
 MYSQL='mysql'
23 23
 SER='sr'
24 24
 
25
+# ACL name verification
26
+VERIFY_ACL=1
27
+ACL_GROUPS="local ld int"
28
+
25 29
 #### SQL names
26 30
 
27 31
 # Usr Loc Table
... ...
@@ -83,8 +87,10 @@ usage() {
83 87
 #params: none
84 88
 # output: PW
85 89
 prompt_pw() {
86
-    read -s -p "MySql Password: " PW
87
-    echo
90
+	if [ -z "$PW" ] ; then
91
+    	read -s -p "MySql Password: " PW
92
+    	echo
93
+	fi
88 94
 }
89 95
 
90 96
 
... ...
@@ -169,10 +175,31 @@ acl() {
169 175
 				usage
170 176
 				exit 1
171 177
 			fi
178
+			prompt_pw
179
+			is_user $2
180
+			if [ $? -ne 0 ] ; then
181
+				echo non-existent user
182
+				exit 1
183
+			fi
172 184
 			SIP_USER="$2"
173 185
 			shift 2
174 186
 			while [ $# -gt 0 ] ; do
175 187
 
188
+				if [ $VERIFY_ACL -eq 1 ] ; then
189
+					found=0
190
+					for i in $ACL_GROUPS ; do
191
+						if [ "$1" = "$i" ] ; then
192
+							found=1
193
+							break
194
+						fi
195
+					done	
196
+					if [ $found -eq 0 ] ; then
197
+						echo "Invalid privilege: $1 (ignored)"
198
+						shift
199
+						continue
200
+					fi
201
+				fi
202
+
176 203
         		QUERY="insert into $ACL_TABLE \
177 204
                 	($ACL_USER_COLUMN,$ACL_GROUP_COLUMN,$ACL_MODIFIED_COLUMN) \
178 205
                 	values ('$SIP_USER','$1', now());"
... ...
@@ -242,7 +269,10 @@ credentials()
242 269
 	fi
243 270
 }
244 271
 
272
+#================================================================
245 273
 
274
+# if the script calls itself ...
275
+export PW
246 276
 
247 277
 case $1 in
248 278
 
... ...
@@ -392,6 +422,9 @@ case $1 in
392 422
 
393 423
         QUERY="delete from $TABLE where $TABLE.$SUBSCRIBER_COLUMN='$1'"
394 424
 		sql_query "$QUERY"
425
+
426
+		$0 acl revoke $1 > /dev/null 2>&1
427
+		$0 dul $1   > /dev/null 2>&1
395 428
         ;;
396 429
 			
397 430
 	stat)