Главная Обзор Помощь
Вход
n4u
/
kvs
2
0
Ответвить 0
Файлы Задачи 0 Запросы на слияние 0 Вики
Дерево: 4219ad4902
Ветки Метки
kvs
/
src
/
kvs_acl.erl

kvs_acl.erl 2.2 KB
История Исходник

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. -module(kvs_acl).
    2. 

  2. -copyright('Synrc Research Center s.r.o.').
    3. 

  3. -compile(export_all).
    4. 

  4. 

  5. -include_lib("kvs/include/acls.hrl").
    6. 

  6. -include_lib("kvs/include/users.hrl").
    7. 

  7. -include_lib("kvs/include/groups.hrl").
    8. 

  8. -include_lib("kvs/include/feeds.hrl").
    9. 

  9. 

  10. define_access(Accessor, Resource, Action) -> 
    11. 

  11.     Entry = #acl_entry{ id = {Accessor, Resource},
    12. 

  12.                         accessor= Accessor,
    13. 

  13.                         action  = Action,
    14. 

  14.                         feed_id = Resource},
    15. 

  15.     case kvs:add(Entry) of {error, exist} -> kvs:put(Entry#acl_entry{action=Action}); {ok, E} -> E end.
    16. 

  16. 

  17. check(Keys) ->
    18. 

  18.     Acls = [Acl || {ok, Acl = #acl_entry{}} <- [kvs:get(acl_entry, Key) || Key <- Keys]],
    19. 

  19.     case Acls of [] -> none;
    20. 

  20.         [#acl_entry{action = Action} | _] -> Action end.
    21. 

  21. 

  22. check_access(#user{id = UId, type = UType}, #feed{id = FId}) ->
    23. 

  23.     Feed = {feed, FId},
    24. 

  24.     Query = [ {{user, UId}, Feed}, {{user_type, UType}, Feed}, {default, Feed}],
    25. 

  25.     check(Query);
    26. 

  26. 

  27. check_access(#user{id = UId, type = UType}, #group{id = GId}) ->
    28. 

  28.     Group = {group, GId},
    29. 

  29.     Query = [ {{user, UId}, Group}, {{user_type, UType}, Group}, {default, Group}],
    30. 

  30.     check(Query);
    31. 

  31. 

  32. 

  33. check_access(#user{id = AId, type = AType}, #user{id = RId}) ->
    34. 

  34.     User = {user, RId},
    35. 

  35.     Query = [ {{user, AId}, User}, {{user_type, AType}, User}, {default, User} ],
    36. 

  36.     check(Query);
    37. 

  37. 

  38. check_access({user_type, Type}, #user{id = RId}) ->
    39. 

  39.     User = {user, RId},
    40. 

  40.     Query = [ {{user_type, Type}, User}, {default, User} ],
    41. 

  41.     check(Query);
    42. 

  42. 

  43. check_access({user_type, Type}, #feed{id = FId}) ->
    44. 

  44.     Feed = {feed, FId},
    45. 

  45.     Query = [ {{user_type, Type}, Feed}, {default, Feed} ],
    46. 

  46.     check(Query);
    47. 

  47. 

  48. check_access({user_type, Type}, #group{id = GId}) ->
    49. 

  49.     Group = {group, GId},
    50. 

  50.     Query = [{{user_type, Type}, Group}, {default, Group}],
    51. 

  51.     check(Query);
    52. 

  52. 

  53. check_access({ip, _Ip} = Accessor, {feature, _Feature} = Resource) ->
    54. 

  54.     Query = [{Accessor, Resource}, {default, Resource}],
    55. 

  55.     check(Query);
    56. 

  56. 

  57. check_access(#user{id = AId, type = AType}, {feature, _Feature} = R) ->
    58. 

  58.     Query = [ {{user, AId}, R}, {{user_type, AType}, R}, {default, R} ],
    59. 

  59.     check(Query);
    60. 

  60. 

  61. check_access(UId, {feature, _Feature} = Resource) ->
    62. 

  62.     case kvs:get(user, UId) of
    63. 

  63.         {ok, User} -> check_access(User, Resource);
    64. 

  64.         E -> E
    65. 

  65.     end.
    66.