From 23a6b180f975c24c8ee4190467c74b78fde0d084 Mon Sep 17 00:00:00 2001
From: Russ Allbery <eagle@eyrie.org>
Date: Sun, 3 Jan 2016 19:29:20 -0800
Subject: Add Wallet::ACL::External ACL type

A new ACL type, external (Wallet::ACL::External), is now supported.
This ACL runs an external command to check if access is allowed, and
passes the principal and the ACL identifier to that command.  To
enable this ACL type for an existing wallet database, use wallet-admin
to register the new verifier.

Change-Id: I21b72b4373eefc92985aca1505e2d1a1ec699602
---
 perl/t/data/acl-command | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100755 perl/t/data/acl-command

(limited to 'perl/t/data/acl-command')

diff --git a/perl/t/data/acl-command b/perl/t/data/acl-command
new file mode 100755
index 0000000..e368118
--- /dev/null
+++ b/perl/t/data/acl-command
@@ -0,0 +1,43 @@
+#!/bin/sh
+#
+# An external ACL implementation.  Checks that the first argument is
+# eagle@eyrie.org, the second argument is "test", and then returns success,
+# failure, or reports an error based on whether the second argument is
+# success, failure, or error.
+#
+# Written by Russ Allbery <eagle@eyrie.org>
+# Copyright 2016 Russ Allbery <eagle@eyrie.org>
+#
+# See LICENSE for licensing terms.
+
+set -e
+
+# Check the initial principal argument.
+if [ "$1" != 'eagle@eyrie.org' ]; then
+    echo 'incorrect principal' >&2
+    exit 1
+fi
+
+# Check that the second argument is test.
+if [ "$2" != 'test' ]; then
+    echo 'incorrect second argument' >&2
+    exit 1
+fi
+
+# Process the third argument.
+case $3 in
+    success)
+        exit 0
+        ;;
+    failure)
+        exit 1
+        ;;
+    error)
+        echo 'some error' >&2
+        exit 1
+        ;;
+    *)
+        echo 'unknown third argument' >&2
+        exit 1
+        ;;
+esac
-- 
cgit v1.2.3