Skip to content

Commit

Permalink
Remove the username and class from the url
Browse files Browse the repository at this point in the history
- /user/class/profile/level -> /profile/level
- use the authenticated user name from the request
- use the hardcoded class ZOWE

Signed-off-by: Fyodor Kovin <[email protected]>
  • Loading branch information
fkovinAtRocket committed Mar 26, 2019
1 parent 3d98813 commit 2190d7b
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions c/authService.c
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,8 @@
#include "zis/client.h"
#include "httpserver.h"

#define SAF_CLASS "ZOWE"

/*
* A handler performing the SAF_AUTH check: checks if the user has the
* specified access to the specified entity in the specified class
Expand Down Expand Up @@ -66,8 +68,7 @@ int installAuthCheckService(HttpServer *server) {
return 0;
}

static int extractQuery(StringList *path, char **userName, char **class,
char **entity, char **access) {
static int extractQuery(StringList *path, char **entity, char **access) {
const StringListElt *pathElt;

#define TEST_NEXT_AND_SET($ptr) do { \
Expand All @@ -85,8 +86,6 @@ static int extractQuery(StringList *path, char **userName, char **class,
if (pathElt == NULL) {
return -1;
}
TEST_NEXT_AND_SET(userName);
TEST_NEXT_AND_SET(class);
TEST_NEXT_AND_SET(entity);
TEST_NEXT_AND_SET(access);
return 0;
Expand Down Expand Up @@ -146,13 +145,14 @@ static void respond(HttpResponse *res, int rc, const ZISAuthServiceStatus

static int serveAuthCheck(HttpService *service, HttpResponse *res) {
HttpRequest *req = res->request;
char *userName, *class, *entity, *accessStr;
char *entity, *accessStr;
int access = 0;
int rc = 0, rsn = 0, safStatus = 0;
ZISAuthServiceStatus reqStatus = {0};
CrossMemoryServerName *privilegedServerName;
const char *userName = req->username, *class = SAF_CLASS;

rc = extractQuery(req->parsedFile, &userName, &class, &entity, &accessStr);
rc = extractQuery(req->parsedFile, &entity, &accessStr);
if (rc != 0) {
respondWithError(res, HTTP_STATUS_BAD_REQUEST, "Broken auth query");
return 0;
Expand Down

0 comments on commit 2190d7b

Please sign in to comment.