diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-07-29 15:03:14 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-01 07:28:06 -0400 |
commit | a72e9289fe001c85a17acd667ca31d692fd99605 (patch) | |
tree | bcf76461776b7196b67823578e7a1a81810ca530 /src/providers/ipa/ipa_hbac.h | |
parent | f76725bbf87de0ac109a1a5b9898fc67ed2afa59 (diff) | |
download | sssd-a72e9289fe001c85a17acd667ca31d692fd99605.tar.gz sssd-a72e9289fe001c85a17acd667ca31d692fd99605.tar.bz2 sssd-a72e9289fe001c85a17acd667ca31d692fd99605.zip |
Add rule validator to libipa_hbac
https://fedorahosted.org/sssd/ticket/943
Diffstat (limited to 'src/providers/ipa/ipa_hbac.h')
-rw-r--r-- | src/providers/ipa/ipa_hbac.h | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/src/providers/ipa/ipa_hbac.h b/src/providers/ipa/ipa_hbac.h index a1d51378..7de49d1f 100644 --- a/src/providers/ipa/ipa_hbac.h +++ b/src/providers/ipa/ipa_hbac.h @@ -151,4 +151,27 @@ const char *hbac_error_string(enum hbac_error_code code); void hbac_free_info(struct hbac_info *info); + +#define HBAC_RULE_ELEMENT_USERS 0x01 +#define HBAC_RULE_ELEMENT_SERVICES 0x02 +#define HBAC_RULE_ELEMENT_TARGETHOSTS 0x04 +#define HBAC_RULE_ELEMENT_SOURCEHOSTS 0x08 + +/** + * @brief Evaluate whether an HBAC rule contains all necessary elements + * + * @param[in] rule An HBAC rule to evaluate + * @param[out] missing_attrs A list of attributes missing from the rule + * This is a bitmask that may contain one or more + * of HBAC_RULE_ELEMENT_USERS, + * HBAC_RULE_ELEMENT_SERVICES, + * HBAC_RULE_ELEMENT_TARGETHOSTS and + * HBAC_RULE_ELEMENT_SOURCEHOSTS + * + * @return True if the rule contains all mandatory attributes + * + * @note This function does not care if the rule is enabled or disabled + */ +bool hbac_rule_is_complete(struct hbac_rule *rule, uint32_t *missing_attrs); + #endif /* IPA_HBAC_H_ */ |