X-Git-Url: https://git.distorted.org.uk/~mdw/disorder/blobdiff_plain/ba39faf632da43d64106536f256153c2092346e4..e70701e7285cbdb70e17c4e7e19b4c861b84f25b:/lib/trackdb.c?ds=sidebyside diff --git a/lib/trackdb.c b/lib/trackdb.c index 3694748..648189f 100644 --- a/lib/trackdb.c +++ b/lib/trackdb.c @@ -17,7 +17,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA */ -/** @file server/trackdb.c +/** @file lib/trackdb.c * @brief Track database * * This file is getting in desparate need of splitting up... @@ -64,7 +64,7 @@ #include "hash.h" #include "unicode.h" #include "unidata.h" -#include "mime.h" +#include "base64.h" #define RESCAN "disorder-rescan" #define DEADLOCK "disorder-deadlock" @@ -113,7 +113,7 @@ DB *trackdb_prefsdb; * - Values are UTF-8(NFC(unicode(path name))) * - There can be more than one value per key * - Presence of key,value means that path matches the search terms - * - Only tracks fond in @ref tracks_tracksdb are represented here + * - Only tracks fond in @ref trackdb_tracksdb are represented here * - This database can be reconstructed, it contains no user data */ DB *trackdb_searchdb; @@ -349,7 +349,7 @@ static DB *open_db(const char *path, } /** @brief Open track databases - * @param Flags flags word + * @param flags Flags flags word * * @p flags should have one of: * - @p TRACKDB_NO_UPGRADE, if no upgrade should be attempted @@ -2459,6 +2459,10 @@ static int create_user(const char *user, error(0, "invalid username '%s'", user); return -1; } + if(parse_rights(rights, 0, 1)) { + error(0, "invalid rights string"); + return -1; + } /* data for this user */ if(password) kvp_set(&k, "password", password); @@ -2485,10 +2489,16 @@ static int one_old_user(const char *user, const char *password, /* pick rights */ if(!strcmp(user, "root")) rights = "all"; - else if(trusted(user)) - rights = rights_string(config->default_rights|RIGHT_ADMIN|RIGHT_RESCAN); - else - rights = rights_string(config->default_rights); + else if(trusted(user)) { + rights_type r; + + parse_rights(config->default_rights, &r, 1); + r &= ~(rights_type)(RIGHT_SCRATCH__MASK|RIGHT_MOVE__MASK|RIGHT_REMOVE__MASK); + r |= (RIGHT_ADMIN|RIGHT_RESCAN + |RIGHT_SCRATCH_ANY|RIGHT_MOVE_ANY|RIGHT_REMOVE_ANY); + rights = rights_string(r); + } else + rights = config->default_rights; return create_user(user, password, rights, 0/*email*/, 0/*confirmation*/, tid, DB_NOOVERWRITE); } @@ -2564,18 +2574,18 @@ const char *trackdb_get_password(const char *user) { * @param user Username * @param password Password or NULL * @param rights Initial rights - * @param email Email address + * @param email Email address or NULL + * @param confirmation Confirmation string or NULL * @return 0 on success, non-0 on error */ int trackdb_adduser(const char *user, const char *password, - rights_type rights, + const char *rights, const char *email, const char *confirmation) { int e; - const char *r = rights_string(rights); - WITH_TRANSACTION(create_user(user, password, r, email, confirmation, + WITH_TRANSACTION(create_user(user, password, rights, email, confirmation, tid, DB_NOOVERWRITE)); if(e) { error(0, "cannot created user '%s' because they already exist", user); @@ -2583,16 +2593,16 @@ int trackdb_adduser(const char *user, } else { if(email) info("created user '%s' with rights '%s' and email address '%s'", - user, r, email); + user, rights, email); else - info("created user '%s' with rights '%s'", user, r); + info("created user '%s' with rights '%s'", user, rights); return 0; } } /** @brief Delete a user * @param user User to delete - * @param 0 on success, non-0 if the user didn't exist anyway + * @return 0 on success, non-0 if the user didn't exist anyway */ int trackdb_deluser(const char *user) { int e; @@ -2658,7 +2668,7 @@ int trackdb_edituserinfo(const char *user, error(0, "cannot remove 'rights' key from user '%s'", user); return -1; } - if(parse_rights(value, 0)) { + if(parse_rights(value, 0, 1)) { error(0, "invalid rights string"); return -1; }