From 1d24a50bda149604760cdc1fd53f65b988c61f0c Mon Sep 17 00:00:00 2001
From: José Bollo <jose.bollo@iot.bzh>
Date: Fri, 5 May 2017 19:22:55 +0200
Subject: implement authorisation check
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Change-Id: I2ef74b715a115acd11fa13744ba921e875f0bc65
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
---
 include/afb/afb-auth.h       | 21 +++++++++++++--------
 include/afb/afb-binding-v2.h |  2 +-
 2 files changed, 14 insertions(+), 9 deletions(-)

(limited to 'include')

diff --git a/include/afb/afb-auth.h b/include/afb/afb-auth.h
index fe29adec..ee089e7f 100644
--- a/include/afb/afb-auth.h
+++ b/include/afb/afb-auth.h
@@ -22,19 +22,24 @@
  */
 enum afb_auth_type
 {
-	afb_auth_No = 0,
-	afb_auth_Permission,
-	afb_auth_Or,
-	afb_auth_And,
-	afb_auth_Yes
+	afb_auth_No = 0,	/** never authorized, no data */
+	afb_auth_Token,		/** authorized if token valid, no data */
+	afb_auth_LOA,		/** authorized if LOA greater than data 'loa' */
+	afb_auth_Permission,	/** authorized if permission 'text' is granted */
+	afb_auth_Or,		/** authorized if 'first' or 'next' is authorized */
+	afb_auth_And,		/** authorized if 'first' and 'next' are authorized */
+	afb_auth_Not,		/** authorized if 'first' is not authorized */
+	afb_auth_Yes		/** always authorized, no data */
 };
 
-struct afb_auth_desc
+struct afb_auth
 {
-	enum afb_auth_type type;
+	const enum afb_auth_type type;
 	union {
 		const char *text;
-		struct afb_auth_desc *child[2];
+		const unsigned loa;
+		const struct afb_auth *first;
 	};
+	const struct afb_auth *next;
 };
 
diff --git a/include/afb/afb-binding-v2.h b/include/afb/afb-binding-v2.h
index 80e2385d..19bff05a 100644
--- a/include/afb/afb-binding-v2.h
+++ b/include/afb/afb-binding-v2.h
@@ -43,7 +43,7 @@ struct afb_verb_v2
 {
 	const char *verb;                       /* name of the verb */
 	void (*callback)(struct afb_req req);   /* callback function implementing the verb */
-	struct afb_auth *auth;			/* required authorisation */
+	const struct afb_auth *auth;			/* required authorisation */
 	uint32_t session;                       /* authorisation and session requirements of the verb */
 };
 
-- 
cgit