diff options
author | Max Kellermann <max@musicpd.org> | 2016-10-27 22:04:38 +0200 |
---|---|---|
committer | Max Kellermann <max@musicpd.org> | 2016-10-27 22:04:38 +0200 |
commit | 726fc53e624a9b4005194cd57cba035e89b3331d (patch) | |
tree | 811ad241452bb513562d2cfd92017860165384f7 /src/client | |
parent | c598686bd90aa49285e3e6bb7ad222231e1d3995 (diff) |
Client: add AllowFile() overload which throws exception
Diffstat (limited to 'src/client')
-rw-r--r-- | src/client/Client.hxx | 5 | ||||
-rw-r--r-- | src/client/ClientFile.cxx | 25 |
2 files changed, 29 insertions, 1 deletions
diff --git a/src/client/Client.hxx b/src/client/Client.hxx index 10411cb93..82149016e 100644 --- a/src/client/Client.hxx +++ b/src/client/Client.hxx @@ -176,9 +176,12 @@ public: * We cannot fix this as long as there are plugins that open a file by * its name, and not by file descriptor / callbacks. * + * Throws #std::runtime_error on error. + * * @param path_fs the absolute path name in filesystem encoding - * @return true if access is allowed */ + void AllowFile(Path path_fs) const; + bool AllowFile(Path path_fs, Error &error) const; /** diff --git a/src/client/ClientFile.cxx b/src/client/ClientFile.cxx index 15c40df9e..e3715485f 100644 --- a/src/client/ClientFile.cxx +++ b/src/client/ClientFile.cxx @@ -26,6 +26,31 @@ #include <unistd.h> +void +Client::AllowFile(Path path_fs) const +{ +#ifdef WIN32 + (void)path_fs; + + throw ProtocolError(ACK_ERROR_PERMISSION, "Access denied"); +#else + if (uid >= 0 && (uid_t)uid == geteuid()) + /* always allow access if user runs his own MPD + instance */ + return; + + if (uid < 0) + /* unauthenticated client */ + throw ProtocolError(ACK_ERROR_PERMISSION, "Access denied"); + + const FileInfo fi(path_fs); + + if (fi.GetUid() != (uid_t)uid && (fi.GetMode() & 0444) != 0444) + /* client is not owner */ + throw ProtocolError(ACK_ERROR_PERMISSION, "Access denied"); +#endif +} + bool Client::AllowFile(Path path_fs, Error &error) const { |