RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-01-13 01:01:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

MINOR: cli: create new function cli_has_level() to validate permissions

Browse Source 
This function is used to check that the CLI features the appropriate
level of permissions or to prepare the adequate error message.
This commit is contained in:
Willy Tarreau 2016-11-23 17:01:39 +01:00
parent 69e9644e35
commit de57a578ba
2 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/proto/cli.h
View File

@ -27,5 +27,7 @@
struct cli_kw* cli_find_kw(char **args); struct cli_kw* cli_find_kw(char **args);
void cli_register_kw(struct cli_kw_list *kw_list); void cli_register_kw(struct cli_kw_list *kw_list);
int cli_has_level(struct appctx *appctx, int level);
#endif /* _PROTO_CLI_H */ #endif /* _PROTO_CLI_H */

18
src/cli.c
View File

@ -472,6 +472,24 @@ static int stats_parse_global(char **args, int section_type, struct proxy *curpx
return 0; return 0;
} }
/* Verifies that the CLI at least has a level at least as high as <level>
* (typically ACCESS_LVL_ADMIN). Returns 1 if OK, otherwise 0. In case of
* failure, an error message is prepared and the appctx's state is adjusted
* to print it so that a return 1 is enough to abort any processing.
*/
int cli_has_level(struct appctx *appctx, int level)
{
struct stream_interface *si = appctx->owner;
struct stream *s = si_strm(si);
if (strm_li(s)->bind_conf->level < level) {
appctx->ctx.cli.msg = stats_permission_denied_msg;
appctx->st0 = STAT_CLI_PRINT;
return 0;
}
return 1;
}
/* print a string of text buffer to <out>. The format is : /* print a string of text buffer to <out>. The format is :
* Non-printable chars \t, \n, \r and \e are * encoded in C format. * Non-printable chars \t, \n, \r and \e are * encoded in C format.