From: scottmk Date: Fri, 5 Mar 2010 20:32:19 +0000 (+0000) Subject: 1. In verifyObjectClass(): renamed meta to method_meta in order to distinguish X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=4868789a67b7275029462d083658ca16a1decf44;p=contrib%2FConifer.git 1. In verifyObjectClass(): renamed meta to method_meta in order to distinguish it from class metadata. Rearranged a bit for clarity. 2. Added or tweaked some comments. M Open-ILS/src/c-apps/oils_cstore.c git-svn-id: svn://svn.open-ils.org/ILS/trunk@15722 dcc99617-32d9-48b4-a31d-7c20da2025e4 --- diff --git a/Open-ILS/src/c-apps/oils_cstore.c b/Open-ILS/src/c-apps/oils_cstore.c index 6f76799314..9040858868 100644 --- a/Open-ILS/src/c-apps/oils_cstore.c +++ b/Open-ILS/src/c-apps/oils_cstore.c @@ -1239,37 +1239,43 @@ int dispatchCRUDMethod ( osrfMethodContext* ctx ) { return err; } +/** + @brief Verify that we have a valid class reference. + @param ctx Pointer to the method context. + @param param Pointer to the method parameters. + @return 1 if the class reference is valid, or zero if it isn't. + + The class of the method params must match the class to which the method id devoted. + For PCRUD there are additional restrictions. +*/ static int verifyObjectClass ( osrfMethodContext* ctx, const jsonObject* param ) { - int ret = 1; - osrfHash* meta = (osrfHash*) ctx->method->userData; - osrfHash* class = osrfHashGet( meta, "class" ); + osrfHash* method_meta = (osrfHash*) ctx->method->userData; + osrfHash* class = osrfHashGet( method_meta, "class" ); + // Compare the method's class to the parameters' class if (!param->classname || (strcmp( osrfHashGet(class, "classname"), param->classname ))) { - const char* temp_classname = param->classname; - if( ! temp_classname ) - temp_classname = "(null)"; - + // Oops -- they don't match. Complain. growing_buffer* msg = buffer_init(128); buffer_fadd( msg, "%s: %s method for type %s was passed a %s", MODULENAME, - osrfHashGet(meta, "methodtype"), + osrfHashGet(method_meta, "methodtype"), osrfHashGet(class, "classname"), - temp_classname + param->classname ? param->classname : "(null)" ); char* m = buffer_release(msg); osrfAppSessionStatus( ctx->session, OSRF_STATUS_BADREQUEST, "osrfMethodException", ctx->request, m ); - free(m); return 0; } + int ret = 1; #ifdef PCRUD ret = verifyObjectPCRUD( ctx, param ); #endif @@ -1279,11 +1285,21 @@ static int verifyObjectClass ( osrfMethodContext* ctx, const jsonObject* param ) #ifdef PCRUD +/** + @brief (PCRUD only) Verify that the user is properly logged in. + @param ctx Pointer to the method context. + @return If the user is logged in, a pointer to the user object from the authentication + server; otherwise NULL. +*/ static jsonObject* verifyUserPCRUD( osrfMethodContext* ctx ) { + + // Get the authkey (the first method parameter) const char* auth = jsonObjectGetString( jsonObjectGetIndex( ctx->params, 0 ) ); jsonObject* auth_object = jsonNewObject(auth); - jsonObject* user = oilsUtilsQuickReq("open-ils.auth","open-ils.auth.session.retrieve", - auth_object); + + // Fetch the user object from the authentication server + jsonObject* user = oilsUtilsQuickReq( "open-ils.auth", "open-ils.auth.session.retrieve", + auth_object ); jsonObjectFree(auth_object); if (!user->classname || strcmp(user->classname, "au")) { @@ -1302,11 +1318,10 @@ static jsonObject* verifyUserPCRUD( osrfMethodContext* ctx ) { free(m); jsonObjectFree(user); - user = jsonNULL; + user = NULL; } return user; - } static int verifyObjectPCRUD ( osrfMethodContext* ctx, const jsonObject* obj ) {