From 22325c2e892fbff05d642c095d645045f2a5e0b2 Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Mon, 24 Sep 2007 18:33:19 +0000 Subject: Add support for attribute setting and retrieval to the front end and document them in the user documentation. --- server/wallet-backend | 85 ++++++++++++++++++++++++++++++++++----------------- 1 file changed, 57 insertions(+), 28 deletions(-) (limited to 'server') diff --git a/server/wallet-backend b/server/wallet-backend index b54f6c3..2ab3daf 100755 --- a/server/wallet-backend +++ b/server/wallet-backend @@ -23,16 +23,16 @@ use Wallet::Server; # Check all arguments against a very restricted set of allowed characters and # to ensure the right number of arguments are taken. The arguments are the -# number of arguments expected, a reference to an array of which argument -# numbers shouldn't be checked, and then the arguments. +# number of arguments expected (minimum and maximum), a reference to an array +# of which argument numbers shouldn't be checked, and then the arguments. # # This function is probably temporary and will be replaced with something that # knows more about the syntax of each command and can check more things. sub check_args { - my ($count, $exclude, @args) = @_; - if (@args < $count) { + my ($min, $max, $exclude, @args) = @_; + if (@args < $min) { die "insufficient arguments\n"; - } elsif (@args > $count) { + } elsif (@args > $max and $max != -1) { die "too many arguments\n"; } my %exclude = map { $_ => 1 } @$exclude; @@ -63,22 +63,22 @@ sub command { if ($command eq 'acl') { my $action = shift @args; if ($action eq 'add') { - check_args (3, [], @args); + check_args (3, 3, [], @args); $server->acl_add (@args) or die $server->error; } elsif ($action eq 'create') { - check_args (1, [], @args); + check_args (1, 1, [], @args); $server->acl_create (@args) or die $server->error; } elsif ($action eq 'destroy') { - check_args (1, [], @args); + check_args (1, 1, [], @args); $server->acl_destroy (@args) or die $server->error; } elsif ($action eq 'remove') { - check_args (3, [], @args); + check_args (3, 3, [], @args); $server->acl_remove (@args) or die $server->error; } elsif ($action eq 'rename') { - check_args (2, [], @args); + check_args (2, 2, [], @args); $server->acl_rename (@args) or die $server->error; } elsif ($action eq 'show') { - check_args (1, [], @args); + check_args (1, 1, [], @args); my $output = $server->acl_show (@args); if (defined $output) { print $output; @@ -89,17 +89,16 @@ sub command { die "unknown command acl $action\n"; } } elsif ($command eq 'create') { - check_args (2, [], @args); + check_args (2, 2, [], @args); $server->create (@args) or die $server->error; } elsif ($command eq 'destroy') { - check_args (2, [], @args); + check_args (2, 2, [], @args); $server->destroy (@args) or die $server->error; } elsif ($command eq 'expires') { + check_args (2, 3, [], @args); if (@args > 2) { - check_args (3, [], @args); $server->expires (@args) or die $server->error; } else { - check_args (2, [], @args); my $output = $server->expires (@args); if (defined $output) { print $output, "\n"; @@ -111,17 +110,16 @@ sub command { } } elsif ($command eq 'flag') { my $action = shift @args; + check_args (3, 3, [], @args); if ($action eq 'clear') { - check_args (3, [], @args); $server->flag_clear (@args) or die $server->error; } elsif ($action eq 'set') { - check_args (3, [], @args); $server->flag_set (@args) or die $server->error; } else { die "unknown command flag $action\n"; } } elsif ($command eq 'get') { - check_args (2, [], @args); + check_args (2, 2, [], @args); my $output = $server->get (@args); if (defined $output) { print $output; @@ -129,7 +127,7 @@ sub command { die $server->error; } } elsif ($command eq 'getacl') { - check_args (3, [], @args); + check_args (3, 3, [], @args); my $output = $server->acl (@args); if (defined $output) { print $output, "\n"; @@ -138,12 +136,19 @@ sub command { } else { die $server->error; } + } elsif ($command eq 'getattr') { + check_args (3, 3, [], @args); + my @result = $server->attr (@args); + if (not @result and $server->error) { + die $server->error; + } elsif (@result) { + print join ("\n", @result, ''); + } } elsif ($command eq 'owner') { + check_args (2, 3, [], @args); if (@args > 2) { - check_args (3, [], @args); $server->owner (@args) or die $server->error; } else { - check_args (2, [], @args); my $output = $server->owner (@args); if (defined $output) { print $output, "\n"; @@ -154,10 +159,13 @@ sub command { } } } elsif ($command eq 'setacl') { - check_args (4, [], @args); + check_args (4, 4, [], @args); $server->acl (@args) or die $server->error; + } elsif ($command eq 'setattr') { + check_args (4, -1, [], @args); + $server->attr (@args) or die $server->error; } elsif ($command eq 'show') { - check_args (2, [], @args); + check_args (2, 2, [], @args); my $output = $server->show (@args); if (defined $output) { print $output; @@ -165,7 +173,7 @@ sub command { die $server->error; } } elsif ($command eq 'store') { - check_args (3, [3], @args); + check_args (3, 3, [3], @args); $server->store (@args) or die $server->error; } else { die "unknown command $command\n"; @@ -214,10 +222,12 @@ B takes no traditional options. Most commands are only available to wallet administrators (users on the C ACL). The exceptions are C, C, C, C, -C, and C. All of those commands have their own ACLs, -and if the appropriate ACL is set, it alone is checked to see if the user -has access. Otherwise, C, C, and C access is permitted if -the user is authorized by the owner ACL of the object. +C, C, C, and C. All of those +commands have their own ACLs except C, which uses the C ACL, +and C, which uses the C ACL. If the appropriate ACL is set, +it alone is checked to see if the user has access. Otherwise, C, +C, C, C, and C access is permitted if the +user is authorized by the owner ACL of the object. Administrators can run any command on any object or ACL except for C and C. For C and C, they must still be authorized by @@ -316,6 +326,15 @@ if the C, C, or C ACLs aren't set, authorization falls back to checking the owner ACL. See the C command for displaying or setting it. +=item getattr + +Prints the object attribute for the object identified by and +. Attributes are used to store backend-specific information for a +particular object type, and must be an attribute type known to the +underlying object implementation. The attribute values, if any, are printed +one per line. If the attribute is not set on this object, nothing is +printed. + =item owner [] If is not given, displays the current owner ACL of the object @@ -332,6 +351,16 @@ Sets the ACL , which must be one of C, C, C, C, or C, to on the object identified by and . If is the empty string, clears that ACL on the object. +=item setattr [ ...] + +Sets the object attribute for the object identified by and +. Attributes are used to store backend-specific information for a +particular object type, and must be an attribute type known to the +underlying object implementation. To clear the attribute for this object, +pass in a of the empty string (C<''>). + +Currently, no object attributes are implemented. + =item show Displays the current object metadata for the object identified by -- cgit v1.2.3