From 2190d7b265de8006fd825299d55e64cd7df98408 Mon Sep 17 00:00:00 2001 From: Fyodor Kovin Date: Tue, 26 Mar 2019 13:48:35 +0100 Subject: [PATCH] Remove the username and class from the url - /user/class/profile/level -> /profile/level - use the authenticated user name from the request - use the hardcoded class ZOWE Signed-off-by: Fyodor Kovin --- c/authService.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/c/authService.c b/c/authService.c index d7927e853..49ced1e8d 100644 --- a/c/authService.c +++ b/c/authService.c @@ -33,6 +33,8 @@ #include "zis/client.h" #include "httpserver.h" +#define SAF_CLASS "ZOWE" + /* * A handler performing the SAF_AUTH check: checks if the user has the * specified access to the specified entity in the specified class @@ -66,8 +68,7 @@ int installAuthCheckService(HttpServer *server) { return 0; } -static int extractQuery(StringList *path, char **userName, char **class, - char **entity, char **access) { +static int extractQuery(StringList *path, char **entity, char **access) { const StringListElt *pathElt; #define TEST_NEXT_AND_SET($ptr) do { \ @@ -85,8 +86,6 @@ static int extractQuery(StringList *path, char **userName, char **class, if (pathElt == NULL) { return -1; } - TEST_NEXT_AND_SET(userName); - TEST_NEXT_AND_SET(class); TEST_NEXT_AND_SET(entity); TEST_NEXT_AND_SET(access); return 0; @@ -146,13 +145,14 @@ static void respond(HttpResponse *res, int rc, const ZISAuthServiceStatus static int serveAuthCheck(HttpService *service, HttpResponse *res) { HttpRequest *req = res->request; - char *userName, *class, *entity, *accessStr; + char *entity, *accessStr; int access = 0; int rc = 0, rsn = 0, safStatus = 0; ZISAuthServiceStatus reqStatus = {0}; CrossMemoryServerName *privilegedServerName; + const char *userName = req->username, *class = SAF_CLASS; - rc = extractQuery(req->parsedFile, &userName, &class, &entity, &accessStr); + rc = extractQuery(req->parsedFile, &entity, &accessStr); if (rc != 0) { respondWithError(res, HTTP_STATUS_BAD_REQUEST, "Broken auth query"); return 0;