| /* |
| * Copyright (C) 2007 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #ifndef AMEND_PERMISSIONS_H_ |
| #define AMEND_PERMISSIONS_H_ |
| |
| #include <stdbool.h> |
| |
| #define PERM_NONE (0) |
| #define PERM_STAT (1<<0) |
| #define PERM_READ (1<<1) |
| #define PERM_WRITE (1<<2) // including create, delete, mkdir, rmdir |
| #define PERM_CHMOD (1<<3) |
| #define PERM_CHOWN (1<<4) |
| #define PERM_CHGRP (1<<5) |
| #define PERM_SETUID (1<<6) |
| #define PERM_SETGID (1<<7) |
| |
| #define PERMSET_READ (PERM_STAT | PERM_READ) |
| #define PERMSET_WRITE (PERMSET_READ | PERM_WRITE) |
| |
| #define PERMSET_ALL \ |
| (PERM_STAT | PERM_READ | PERM_WRITE | PERM_CHMOD | \ |
| PERM_CHOWN | PERM_CHGRP | PERM_SETUID | PERM_SETGID) |
| |
| typedef struct { |
| unsigned int requested; |
| unsigned int allowed; |
| const char *path; |
| bool recursive; |
| } PermissionRequest; |
| |
| typedef struct { |
| PermissionRequest *requests; |
| int numRequests; |
| int requestsAllocated; |
| } PermissionRequestList; |
| |
| /* Properly clear out a PermissionRequestList. |
| * |
| * @return 0 if list is non-NULL, negative otherwise. |
| */ |
| int initPermissionRequestList(PermissionRequestList *list); |
| |
| /* Add a permission request to the list, allocating more space |
| * if necessary. |
| * |
| * @return 0 on success or a negative value on failure. |
| */ |
| int addPermissionRequestToList(PermissionRequestList *list, |
| const char *path, bool recursive, unsigned int permissions); |
| |
| /* Free anything allocated by addPermissionRequestToList(). The caller |
| * is responsible for freeing the actual PermissionRequestList. |
| */ |
| void freePermissionRequestListElements(PermissionRequestList *list); |
| |
| |
| /* |
| * Global permission table |
| */ |
| |
| typedef struct { |
| const char *path; |
| unsigned int allowed; |
| } Permission; |
| |
| int permissionInit(void); |
| void permissionCleanup(void); |
| |
| /* Returns the allowed permissions for the path in "outAllowed". |
| * Returns 0 if successful, negative if a parameter or global state |
| * is bad. |
| */ |
| int getAllowedPermissions(const char *path, bool recursive, |
| unsigned int *outAllowed); |
| |
| /* More-recently-registered permissions override older permissions. |
| */ |
| int registerPermissionSet(int count, Permission *set); |
| |
| /* Check to make sure that each request is allowed. |
| * |
| * @param requests The list of permission requests |
| * @param updateAllowed If true, update the "allowed" field in each |
| * element of the list |
| * @return the number of requests that were denied, or negative if |
| * an error occurred. |
| */ |
| int countPermissionConflicts(PermissionRequestList *requests, |
| bool updateAllowed); |
| |
| /* Inspection/testing/debugging functions |
| */ |
| int getPermissionCount(void); |
| const Permission *getPermissionAt(int index); |
| |
| #endif // AMEND_PERMISSIONS_H_ |