Pass object type and name to external ACL verifiers

This requires changing the ACL verifier plumbing to pass object
type and name all the way through when verifying ACLs.  Hopefully
I caught everything.

3 files changed, 16 insertions, 13 deletions

diff --git a/perl/lib/Wallet/ACL/Base.pm b/perl/lib/Wallet/ACL/Base.pm
index 19ca612..3778c07 100644
--- a/perl/lib/Wallet/ACL/Base.pm
+++ b/perl/lib/Wallet/ACL/Base.pm
@@ -103,10 +103,12 @@ This method should be overridden by any child classes that want to
 implement validating the name of an ACL before creation.  The default
 implementation allows any name for an ACL.
 
-=item check(PRINCIPAL, ACL)
+=item check(PRINCIPAL, ACL, TYPE, NAME)
 
 This method should always be overridden by child classes.  The default
-implementation just declines all access.
+implementation just declines all access.  TYPE and NAME are the type and
+name of the object being accessed, which may be used by some ACL schemes
+or may be ignored.
 
 =item error([ERROR ...])
 
diff --git a/perl/lib/Wallet/ACL/External.pm b/perl/lib/Wallet/ACL/External.pm
index 77c2499..f1bd577 100644
--- a/perl/lib/Wallet/ACL/External.pm
+++ b/perl/lib/Wallet/ACL/External.pm
@@ -46,13 +46,12 @@ sub new {
 # The most trivial ACL verifier.  Returns true if the provided principal
 # matches the ACL.
 sub check {
-    my ($self, $principal, $acl) = @_;
+    my ($self, $principal, $acl, $type, $name) = @_;
     unless ($principal) {
         $self->error ('no principal specified');
         return;
     }
-    my @args = split (' ', $acl);
-    unshift @args, $principal;
+    my @args = ($principal, $type, $name, $acl);
     my $pid = open (EXTERNAL, '-|');
     if (not defined $pid) {
         $self->error ("cannot fork: $!");
@@ -134,14 +133,15 @@ an error.
 Creates a new ACL verifier.  For this verifier, this just confirms that
 the wallet configuration sets an external command.
 
-=item check(PRINCIPAL, ACL)
+=item check(PRINCIPAL, ACL, TYPE, NAME)
 
 Returns true if the external command returns success when run with that
-PRINCIPAL and ACL.  ACL will be split on whitespace and passed as multiple
-arguments.  So, for example, the ACL C<external mdbset shell> will, when
-triggered by a request from rra@EXAMPLE.COM, result in the command:
+PRINCIPAL, object TYPE and NAME, and ACL.  So, for example, the ACL C<external
+mdbset shell> will, when triggered by a request from rra@EXAMPLE.COM for the
+object C<file password>, result in the command:
 
-    $Wallet::Config::EXTERNAL_COMMAND rra@EXAMPLE.COM mdbset shell
+    $Wallet::Config::EXTERNAL_COMMAND rra@EXAMPLE.COM file password \
+        'mdbset shell'
 
 =item error()
 
diff --git a/perl/lib/Wallet/ACL/Nested.pm b/perl/lib/Wallet/ACL/Nested.pm
index 07833f8..3b6c827 100644
--- a/perl/lib/Wallet/ACL/Nested.pm
+++ b/perl/lib/Wallet/ACL/Nested.pm
@@ -59,7 +59,7 @@ sub syntax_check {
 # that entry.  We also want to keep track of things already checked in order
 # to avoid any loops.
 sub check {
-    my ($self, $principal, $group) = @_;
+    my ($self, $principal, $group, $type, $name) = @_;
     unless ($principal) {
         $self->error ('no principal specified');
         return;
@@ -78,8 +78,9 @@ sub check {
     # to go through each entry and decide if the given acl has access.
     my @members = $self->get_membership ($group);
     for my $entry (@members) {
-        my ($type, $name) = @{ $entry };
-        my $result = $acl->check_line ($principal, $type, $name);
+        my ($scheme, $identifier) = @{ $entry };
+        my $result = $acl->check_line ($principal, $scheme, $identifier,
+                                       $type, $name);
         return 1 if $result;
     }
     return 0;