Adding group authentication to the daemon.
This commit is contained in:
parent
366c5ad081
commit
d8cdb5ac64
@ -6,6 +6,7 @@ use strict;
|
|||||||
use warnings;
|
use warnings;
|
||||||
|
|
||||||
use Data::Dumper;
|
use Data::Dumper;
|
||||||
|
use Socket qw/SOL_SOCKET SO_PEERCRED/;
|
||||||
|
|
||||||
use Params::ValidationCompiler qw/validation_for/;
|
use Params::ValidationCompiler qw/validation_for/;
|
||||||
use Types::Standard qw/Object HashRef/;
|
use Types::Standard qw/Object HashRef/;
|
||||||
@ -30,14 +31,54 @@ sub new {
|
|||||||
my $socket = $params{socket};
|
my $socket = $params{socket};
|
||||||
my $message_manager = Cualsea::MessageManager->new( socket => $socket );
|
my $message_manager = Cualsea::MessageManager->new( socket => $socket );
|
||||||
my $message = $message_manager->read_message;
|
my $message = $message_manager->read_message;
|
||||||
|
if ( !$self->check_if_user_has_permissions( socket => $socket ) ) {
|
||||||
|
$self->write_no_permission( message_manager => $message_manager );
|
||||||
|
}
|
||||||
if ( !$self->check_is_command( message => $message ) ) {
|
if ( !$self->check_is_command( message => $message ) ) {
|
||||||
$self->write_malformed(
|
$self->write_malformed( message_manager => $message_manager );
|
||||||
message_manager => $message_manager );
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$message_manager->write_message( message => $message );
|
$message_manager->write_message( message => $message );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
{
|
||||||
|
my $validator = validation_for(
|
||||||
|
params => {
|
||||||
|
socket => { type => Object },
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
sub check_if_user_has_permissions {
|
||||||
|
my $self = shift;
|
||||||
|
my %params = $validator->(@_);
|
||||||
|
my $socket = $params{socket};
|
||||||
|
my ($pid, $uid, $gid) = unpack 'LLL', $socket->sockopt(SO_PEERCRED);
|
||||||
|
my $user = getpwuid($uid);
|
||||||
|
while (my ($name, undef, undef, $members) = getgrent()) {
|
||||||
|
if ($name eq 'cualsea') {
|
||||||
|
return List::Util::any { $_ eq $user } split ',', $members;
|
||||||
|
last;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
{
|
||||||
|
my $validator = validation_for(
|
||||||
|
params => {
|
||||||
|
message_manager => { type => Object }
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
sub write_no_permission {
|
||||||
|
my $self = shift;
|
||||||
|
my %params = $validator->(@_);
|
||||||
|
my $message_manager = $params{message_manager};
|
||||||
|
$message_manager->write_message(
|
||||||
|
message => { is_error => 1, status => 403 } );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
{
|
{
|
||||||
my $validator = validation_for(
|
my $validator = validation_for(
|
||||||
params => {
|
params => {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user