diff options
author | Kartik K. Agaram <vc@akkartik.com> | 2022-01-02 21:33:49 -0800 |
---|---|---|
committer | Kartik K. Agaram <vc@akkartik.com> | 2022-01-02 21:33:49 -0800 |
commit | 2d0bb4438cda0e225034e65e0f5963bcbc9b3fe5 (patch) | |
tree | 20d11de5db49f0d8d43fafd9022ceaac975d2b8e /src/teliva.c | |
parent | e07fe0c87af577fdb1368671e488c0a0edc386b2 (diff) | |
download | teliva-2d0bb4438cda0e225034e65e0f5963bcbc9b3fe5.tar.gz |
editing file permissions
Diffstat (limited to 'src/teliva.c')
-rw-r--r-- | src/teliva.c | 95 |
1 files changed, 54 insertions, 41 deletions
diff --git a/src/teliva.c b/src/teliva.c index 50a77a5..56d1182 100644 --- a/src/teliva.c +++ b/src/teliva.c @@ -51,8 +51,8 @@ static const char* trim(const char* in) { return result; } -const char* default_file_operations_predicate = "function file_operation_permitted(filename, mode)\n return false\nend"; -const char* file_operations_predicate; +const char* default_file_operations_predicate_body = "return false"; +const char* file_operations_predicate_body; int net_operations_permitted = false; static void render_permissions(lua_State* L); @@ -104,7 +104,7 @@ static void render_permissions(lua_State* L) { attrset(A_NORMAL); mvaddstr(LINES-1, COLS-12, ""); int file_colors = COLOR_PAIR_SAFE; - if (file_operations_predicate && strcmp(default_file_operations_predicate, trim(file_operations_predicate)) != 0) + if (file_operations_predicate_body && strcmp(default_file_operations_predicate_body, trim(file_operations_predicate_body)) != 0) file_colors = COLOR_PAIR_WARN; int net_colors = net_operations_permitted ? COLOR_PAIR_WARN : COLOR_PAIR_SAFE; if (file_colors == COLOR_PAIR_WARN && net_colors == COLOR_PAIR_WARN) { @@ -1096,7 +1096,9 @@ static void render_permissions_screen() { attrset(A_NORMAL); mvaddstr(7, 5, "File operations"); - int y = render_wrapped_text(7, 30, COLS-5, file_operations_predicate); + mvaddstr(7, 30, "function file_operation_permitted(filename, mode)"); + int y = render_wrapped_text(8, 32, COLS-5, file_operations_predicate_body); + mvaddstr(y, 30, "end"); y += 2; int net_colors = net_operations_permitted ? COLOR_PAIR_WARN : COLOR_PAIR_SAFE; @@ -1116,14 +1118,14 @@ static void render_permissions_screen() { default: abort(); } - ++y; + y++; attroff(A_REVERSE); attroff(COLOR_PAIR(net_colors)); mvaddstr(y, 30, "(No nuance available for network operations.)"); - int file_operations_safe = strcmp(default_file_operations_predicate, trim(file_operations_predicate)) == 0; + int file_operations_safe = strcmp(default_file_operations_predicate_body, trim(file_operations_predicate_body)) == 0; int net_operations_safe = (net_operations_permitted == 0); - int file_operations_unsafe = strcmp("return true", trim(file_operations_predicate)) == 0; + int file_operations_unsafe = strcmp("return true", trim(file_operations_predicate_body)) == 0; int net_operations_unsafe = (net_operations_permitted != 0); if (file_operations_safe && net_operations_safe) { attron(COLOR_PAIR(COLOR_PAIR_SAFE)); @@ -1156,33 +1158,34 @@ static void render_permissions_screen() { refresh(); } +extern void editNonCode2(char* filename); extern void resumeNonCodeEdit(); -static void edit_file_operations_predicate() { - static char file_operations_predicate_buffer[512]; +static void edit_file_operations_predicate_body() { + static char file_operations_predicate_body_buffer[512]; /* save to disk */ - char outfilename[] = "teliva_file_operations_predicate_XXXXXX"; + char outfilename[] = "teliva_file_operations_predicate_body_XXXXXX"; int outfd = mkstemp(outfilename); if (outfd == -1) { endwin(); - perror("edit_file_operations_predicate: error in creating temporary file"); + perror("edit_file_operations_predicate_body: error in creating temporary file"); abort(); } FILE* out = fdopen(outfd, "w"); assert(out != NULL); - fprintf(out, "%s", file_operations_predicate); + fprintf(out, "%s", file_operations_predicate_body); fclose(out); - rename(outfilename, "teliva_file_operations_predicate"); - editNonCode("teliva_file_operations_predicate"); + rename(outfilename, "teliva_file_operations_predicate_body"); + editNonCode2("teliva_file_operations_predicate_body"); // error handling assert(trustedL); int oldtop = lua_gettop(trustedL); while (1) { int status; - memset(file_operations_predicate_buffer, '\0', 512); - FILE* in = fopen("teliva_file_operations_predicate", "r"); - fread(file_operations_predicate_buffer, 500, 1, in); /* TODO: error message if file too large */ + memset(file_operations_predicate_body_buffer, '\0', 512); + FILE* in = fopen("teliva_file_operations_predicate_body", "r"); + fread(file_operations_predicate_body_buffer, 500, 1, in); /* TODO: error message if file too large */ fclose(in); - status = luaL_loadbuffer(trustedL, file_operations_predicate_buffer, strlen(file_operations_predicate_buffer), "file_operation_permitted") + status = luaL_loadbuffer(trustedL, file_operations_predicate_body_buffer, strlen(file_operations_predicate_body_buffer), "file_operation_permitted") || docall(trustedL, 0, 1); if (status == 0 || lua_isnil(trustedL, -1)) break; @@ -1191,10 +1194,10 @@ static void edit_file_operations_predicate() { resumeNonCodeEdit(); lua_pop(trustedL, 1); } - file_operations_predicate = file_operations_predicate_buffer; + file_operations_predicate_body = file_operations_predicate_body_buffer; if (lua_gettop(trustedL) != oldtop) { endwin(); - printf("edit_file_operations_predicate: memory leak %d -> %d\n", oldtop, lua_gettop(trustedL)); + printf("edit_file_operations_predicate_body: memory leak %d -> %d\n", oldtop, lua_gettop(trustedL)); exit(1); } } @@ -1207,7 +1210,7 @@ static void permissions_view() { case CTRL_X: return; case CTRL_F: - edit_file_operations_predicate(); + edit_file_operations_predicate_body(); break; case CTRL_N: net_operations_permitted = !net_operations_permitted; @@ -1255,11 +1258,11 @@ static void save_permissions_to_user_configuration(lua_State* L) { const char* image_name = lua_tostring(L, -1); if (strcmp(image_name, Image_name) != 0) { fprintf(out, "- image_name: %s\n", image_name); - fprintf(out, " file_operations_predicate:\n"); - lua_getfield(L, -2, "file_operations_predicate"); + fprintf(out, " file_operations_predicate_body:\n"); + lua_getfield(L, -2, "file_operations_predicate_body"); if (!lua_isnil(L, -1)) emit_multiline_string(out, lua_tostring(L, -1)); - lua_pop(L, 1); /* file_operations_predicate */ + lua_pop(L, 1); /* file_operations_predicate_body */ lua_getfield(L, -2, "net_operations_permitted"); fprintf(out, " net_operations_permitted: %s\n", lua_tostring(L, -1)); lua_pop(L, 1); /* net_operations_permitted */ @@ -1268,9 +1271,9 @@ static void save_permissions_to_user_configuration(lua_State* L) { } lua_settop(L, oldtop); fprintf(out, "- image_name: %s\n", Image_name); - fprintf(out, " file_operations_predicate:\n"); - assert(file_operations_predicate); - emit_multiline_string(out, file_operations_predicate); + fprintf(out, " file_operations_predicate_body:\n"); + assert(file_operations_predicate_body); + emit_multiline_string(out, file_operations_predicate_body); fprintf(out, " net_operations_permitted: %d\n", net_operations_permitted); fclose(out); if (in) fclose(in); @@ -1278,21 +1281,26 @@ static void save_permissions_to_user_configuration(lua_State* L) { } static void load_permissions_from_user_configuration(lua_State* L) { - static char file_operations_predicate_buffer[512]; + static char file_operations_predicate_body_buffer[512]; initialize_trustedL(); - file_operations_predicate = default_file_operations_predicate; - int status = luaL_loadbuffer(trustedL, file_operations_predicate, strlen(file_operations_predicate), "file_operation_permitted") + char file_operations_predicate_buffer[1024]; + memset(file_operations_predicate_buffer, '\0', 1024); + file_operations_predicate_body = default_file_operations_predicate_body; + strcpy(file_operations_predicate_buffer, "function file_operation_permitted(filename, mode)\n"); + strncat(file_operations_predicate_buffer, file_operations_predicate_body, 1020); + strncat(file_operations_predicate_buffer, "\nend", 1020); + int status = luaL_loadbuffer(trustedL, file_operations_predicate_buffer, strlen(file_operations_predicate_buffer), "file_operation_permitted") || docall(trustedL, 0, 1); if (status != 0 && lua_isnil(trustedL, -1)) { endwin(); - printf("can't load default file operations predicate\n"); + printf("can't load default file operations predicate_body\n"); exit(1); } const char* rcfilename = user_configuration_filename(); FILE* in = fopen(rcfilename, "r"); if (in == NULL) return; - file_operations_predicate = default_file_operations_predicate; - assert(file_operations_predicate); + file_operations_predicate_body = default_file_operations_predicate_body; + assert(file_operations_predicate_body); /* read entries from rcfilename and look for a match with the current * Image_name. */ int oldtop = lua_gettop(L); @@ -1302,13 +1310,13 @@ static void load_permissions_from_user_configuration(lua_State* L) { lua_getfield(L, -1, "image_name"); const char* image_name = lua_tostring(L, -1); if (strcmp(image_name, Image_name) == 0) { - lua_getfield(L, -2, "file_operations_predicate"); + lua_getfield(L, -2, "file_operations_predicate_body"); if (!lua_isnil(L, -1)) { - memset(file_operations_predicate_buffer, '\0', 512); - strncpy(file_operations_predicate_buffer, lua_tostring(L, -1), 500); - file_operations_predicate = file_operations_predicate_buffer; + memset(file_operations_predicate_body_buffer, '\0', 512); + strncpy(file_operations_predicate_body_buffer, lua_tostring(L, -1), 500); + file_operations_predicate_body = file_operations_predicate_body_buffer; } - lua_pop(L, 1); /* file_operations_predicate */ + lua_pop(L, 1); /* file_operations_predicate_body */ lua_getfield(L, -2, "net_operations_permitted"); net_operations_permitted = lua_tointeger(L, -1); lua_pop(L, 1); /* net_operations_permitted */ @@ -1318,14 +1326,19 @@ static void load_permissions_from_user_configuration(lua_State* L) { lua_settop(L, oldtop); fclose(in); /* trusted section */ - assert(file_operations_predicate); - status = luaL_loadbuffer(trustedL, file_operations_predicate, strlen(file_operations_predicate), "file_operation_permitted") + assert(file_operations_predicate_body); + strcpy(file_operations_predicate_buffer, "function file_operation_permitted(filename, mode)\n"); + strncat(file_operations_predicate_buffer, file_operations_predicate_body, 1020); + if (file_operations_predicate_buffer[strlen(file_operations_predicate_buffer)-1] != '\n') + strncat(file_operations_predicate_buffer, "\n", 1020); + strncat(file_operations_predicate_buffer, "end", 1020); + status = luaL_loadbuffer(trustedL, file_operations_predicate_buffer, strlen(file_operations_predicate_buffer), "file_operation_permitted") || docall(trustedL, 0, 1); if (status == 0 || lua_isnil(trustedL, -1)) return; /* TODO: more graceful error handling */ endwin(); - printf("error in loading file operations predicate from %s\n", rcfilename); + printf("error in loading file operations predicate_body from %s\n", rcfilename); exit(1); } |