#endif
}
-int Client::inode_permission(Inode *in, uid_t uid, UserGroups& groups, unsigned want)
+int Client::inode_permission(Inode *in, const UserPerm& perms, unsigned want)
{
- if (uid == 0)
+ if (perms.uid() == 0)
return 0;
+
+ RequestUserGroups groups(perms.uid(), perms.gid());
+ init_groups(&groups);
- if (uid != in->uid && (in->mode & S_IRWXG)) {
- int ret = _posix_acl_permission(in, uid, groups, want);
+ if (perms.uid() != in->uid && (in->mode & S_IRWXG)) {
+ int ret = _posix_acl_permission(in, perms.uid(), groups, want);
if (ret != -EAGAIN)
return ret;
}
// check permissions before doing anything else
- if (!in->check_mode(uid, groups, want))
+ if (!in->check_mode(perms.uid(), groups, want))
return -EACCES;
return 0;
}
friend class RequestUserGroups;
void init_groups(RequestUserGroups *groups);
- int inode_permission(Inode *in, uid_t uid, UserGroups& groups, unsigned want);
+ int inode_permission(Inode *in, const UserPerm& perms, unsigned want);
int xattr_permission(Inode *in, const char *name, unsigned want,
const UserPerm& perms);
int may_setattr(Inode *in, struct stat *st, int mask, const UserPerm& perms);
int may_delete(Inode *dir, const char *name, const UserPerm& perms);
int may_hardlink(Inode *in, const UserPerm& perms);
- int inode_permission(Inode *in, const UserPerm& perms, unsigned want) {
- RequestUserGroups groups(perms.uid(), perms.gid());
- init_groups(&groups);
- return inode_permission(in, perms.uid(), groups, want);
- }
-
int _getattr_for_perm(Inode *in, const UserPerm& perms);
int _getgrouplist(gid_t **sgids, int uid, int gid);
projects / ceph.git / commitdiff