UserData.cc
Go to the documentation of this file.
1/*
2 * Copyright (C) 1996-2022 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9/* DEBUG: section 28 Access Control */
10
11#include "squid.h"
12#include "acl/Checklist.h"
13#include "acl/Options.h"
14#include "acl/UserData.h"
15#include "ConfigParser.h"
16#include "debug/Stream.h"
17#include "globals.h"
18#include "sbuf/Algorithms.h"
19#include "util.h"
20
22
23bool
24ACLUserData::match(char const *user)
25{
26 debugs(28, 7, "user is " << user << ", case_insensitive is " << flags.case_insensitive);
27
28 if (user == nullptr || strcmp(user, "-") == 0)
29 return 0;
30
31 if (flags.required) {
32 debugs(28, 7, "aclMatchUser: user REQUIRED and auth-info present.");
33 return 1;
34 }
35
36 bool result = (userDataNames.find(SBuf(user)) != userDataNames.end());
37 debugs(28, 7, "returning " << result);
38 return result;
39}
40
43{
44 SBufList sl;
45
46 if (flags.required) {
47 sl.push_back(SBuf("REQUIRED"));
48 return sl;
49 }
50
51 if (flags.case_insensitive)
52 sl.push_back(SBuf("-i"));
53
54 sl.insert(sl.end(), userDataNames.begin(), userDataNames.end());
55
56 debugs(28,5, "ACLUserData dump output: " <<
58 SBuf(" ")));
59 return sl;
60}
61
62static bool
63CaseSensitiveSBufCompare(const SBuf &lhs, const SBuf &rhs)
64{
65 return (lhs.cmp(rhs) < 0);
66}
67
68static bool
69CaseInsensitveSBufCompare(const SBuf &lhs, const SBuf &rhs)
70{
71 return (lhs.caseCmp(rhs) < 0);
72}
73
75 userDataNames(CaseSensitiveSBufCompare)
76{
77 flags.case_insensitive = false;
78 flags.required = false;
79}
80
81const Acl::Options &
83{
84 static auto MyCaseSensitivityOption = Acl::CaseSensitivityOption();
85 static const Acl::Options MyOptions = { &MyCaseSensitivityOption };
86 MyCaseSensitivityOption.linkWith(&CaseInsensitive_);
87 return MyOptions;
88}
89
90void
92{
93 debugs(28, 2, "parsing user list");
94 flags.case_insensitive = bool(CaseInsensitive_);
95
96 char *t = nullptr;
97 if ((t = ConfigParser::strtokFile())) {
98 SBuf s(t);
99 debugs(28, 5, "first token is " << s);
100
101 if (s.cmp("-i",2) == 0) {
102 debugs(28, 5, "Going case-insensitive");
103 flags.case_insensitive = true;
104 // due to how the std::set API work, if we want to change
105 // the comparison function we have to create a new std::set
107 newUdn.insert(userDataNames.begin(), userDataNames.end());
108 swap(userDataNames,newUdn);
109 } else if (s.cmp("REQUIRED") == 0) {
110 debugs(28, 5, "REQUIRED-type enabled");
111 flags.required = true;
112 } else {
113 if (flags.case_insensitive)
114 s.toLower();
115
116 debugs(28, 6, "Adding user " << s);
117 userDataNames.insert(s);
118 }
119 }
120
121 debugs(28, 3, "Case-insensitive-switch is " << flags.case_insensitive);
122 /* we might inherit from a previous declaration */
123
124 debugs(28, 4, "parsing following tokens");
125
126 while ((t = ConfigParser::strtokFile())) {
127 SBuf s(t);
128 debugs(28, 6, "Got token: " << s);
129
130 if (flags.case_insensitive)
131 s.toLower();
132
133 debugs(28, 6, "Adding user " << s);
134 userDataNames.insert(s);
135 }
136
137 if (flags.required && !userDataNames.empty()) {
138 debugs(28, DBG_PARSE_NOTE(1), "WARNING: detected attempt to add usernames to an acl of type REQUIRED");
139 userDataNames.clear();
140 }
141
142 debugs(28,4, "ACL contains " << userDataNames.size() << " users");
143}
144
145bool
147{
148 debugs(28,6,"required: " << flags.required << ", number of users: " << userDataNames.size());
149 if (flags.required)
150 return false;
151 return userDataNames.empty();
152}
153
SBuf JoinContainerToSBuf(const ContainerIterator &begin, const ContainerIterator &end, const SBuf &separator, const SBuf &prefix=SBuf(), const SBuf &suffix=SBuf())
convenience wrapper of JoinContainerIntoSBuf with no caller-supplied SBuf
Definition: Algorithms.h:98
static bool CaseInsensitveSBufCompare(const SBuf &lhs, const SBuf &rhs)
Definition: UserData.cc:69
static bool CaseSensitiveSBufCompare(const SBuf &lhs, const SBuf &rhs)
Definition: UserData.cc:63
std::set< SBuf, bool(*)(const SBuf &, const SBuf &)> UserDataNames_t
Definition: UserData.h:37
UserDataNames_t userDataNames
Definition: UserData.h:38
struct ACLUserData::@25 flags
virtual const Acl::Options & lineOptions()
supported ACL "line" options (e.g., "-i")
Definition: UserData.cc:82
virtual SBufList dump() const
Definition: UserData.cc:42
bool empty() const
Definition: UserData.cc:146
virtual void parse()
Definition: UserData.cc:91
bool match(char const *user)
Definition: UserData.cc:24
static Acl::BooleanOptionValue CaseInsensitive_
whether parse() is called in a case insensitive context
Definition: UserData.h:32
static char * strtokFile()
Definition: ConfigParser.cc:64
Definition: SBuf.h:94
int caseCmp(const SBuf &S, const size_type n) const
shorthand version for case-insensitive compare()
Definition: SBuf.h:283
int cmp(const SBuf &S, const size_type n) const
shorthand version for compare()
Definition: SBuf.h:275
void toLower()
converts all characters to lower case;
Definition: SBuf.cc:811
#define DBG_PARSE_NOTE(x)
Definition: Stream.h:45
#define debugs(SECTION, LEVEL, CONTENT)
Definition: Stream.h:196
const BooleanOption & CaseSensitivityOption()
Definition: Options.cc:241
std::vector< const Option * > Options
Definition: Options.h:214
OptionValue< bool > BooleanOptionValue
Definition: Options.h:200
std::list< SBuf > SBufList
Definition: forward.h:23

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors