summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/afb-auth.c16
-rw-r--r--src/afb-auth.h2
-rw-r--r--src/afb-xreq.c2
3 files changed, 10 insertions, 10 deletions
diff --git a/src/afb-auth.c b/src/afb-auth.c
index 900ec4c6..5c62f9f7 100644
--- a/src/afb-auth.c
+++ b/src/afb-auth.c
@@ -29,9 +29,9 @@
#include "afb-cred.h"
#include "verbose.h"
-static int check_permission(const char *permission, struct afb_xreq *xreq);
+static int check_permission(struct afb_xreq *xreq, const char *permission);
-int afb_auth_check(const struct afb_auth *auth, struct afb_xreq *xreq)
+int afb_auth_check(struct afb_xreq *xreq, const struct afb_auth *auth)
{
switch (auth->type) {
default:
@@ -46,18 +46,18 @@ int afb_auth_check(const struct afb_auth *auth, struct afb_xreq *xreq)
case afb_auth_Permission:
if (xreq->cred && auth->text)
- return check_permission(auth->text, xreq);
+ return check_permission(xreq, auth->text);
/* TODO: handle case of self permission */
return 1;
case afb_auth_Or:
- return afb_auth_check(auth->first, xreq) || afb_auth_check(auth->next, xreq);
+ return afb_auth_check(xreq, auth->first) || afb_auth_check(xreq, auth->next);
case afb_auth_And:
- return afb_auth_check(auth->first, xreq) && afb_auth_check(auth->next, xreq);
+ return afb_auth_check(xreq, auth->first) && afb_auth_check(xreq, auth->next);
case afb_auth_Not:
- return !afb_auth_check(auth->first, xreq);
+ return !afb_auth_check(xreq, auth->first);
case afb_auth_Yes:
return 1;
@@ -73,7 +73,7 @@ int afb_auth_check(const struct afb_auth *auth, struct afb_xreq *xreq)
static cynara *handle;
static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
-static int check_permission(const char *permission, struct afb_xreq *xreq)
+static int check_permission(struct afb_xreq *xreq, const char *permission)
{
int rc;
@@ -99,7 +99,7 @@ static int check_permission(const char *permission, struct afb_xreq *xreq)
/*********************************************************************************/
#else
-static int check_permission(const char *permission, struct afb_xreq *xreq)
+static int check_permission(struct afb_xreq *xreq, const char *permission)
{
WARNING("Granting permission %s by default of backend", permission);
return 1;
diff --git a/src/afb-auth.h b/src/afb-auth.h
index 75e5d56e..786f3970 100644
--- a/src/afb-auth.h
+++ b/src/afb-auth.h
@@ -20,4 +20,4 @@
struct afb_auth;
struct afb_xreq;
-extern int afb_auth_check(const struct afb_auth *auth, struct afb_xreq *xreq);
+extern int afb_auth_check(struct afb_xreq *xreq, const struct afb_auth *auth);
diff --git a/src/afb-xreq.c b/src/afb-xreq.c
index d021c528..8c7a38d5 100644
--- a/src/afb-xreq.c
+++ b/src/afb-xreq.c
@@ -823,7 +823,7 @@ static int xreq_session_check_apply_v2(struct afb_xreq *xreq, uint32_t sessionfl
return -1;
}
- if (auth && !afb_auth_check(auth, xreq)) {
+ if (auth && !afb_auth_check(xreq, auth)) {
afb_xreq_fail_f(xreq, "denied", "authorisation refused");
errno = EPERM;
return -1;