DVR config: allow admin access (without DVR permissins) to the DVR co…

…nfig entries
tvheadend · Nov 20, 2014 · a6420f9 · a6420f9
1 parent d0a6684
commit a6420f9
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 5 deletions.
diff --git a/src/access.c b/src/access.c
@@ -331,7 +331,9 @@ access_verify(const char *username, const char *password,
       bits = 0;
   }
 
-  return (mask & bits) == mask ? 0 : -1;
+  return (mask & ACCESS_OR) ?
+         ((mask & bits) ? 0 : -1) :
+         ((mask & bits) == mask ? 0 : -1);
 }
 
 /*

diff --git a/src/access.h b/src/access.h
@@ -116,6 +116,7 @@ typedef struct access_ticket {
 #define ACCESS_WEB_INTERFACE      (1<<2)
 #define ACCESS_RECORDER           (1<<3)
 #define ACCESS_ADMIN              (1<<4)
+#define ACCESS_OR                 (1<<30)
 
 #define ACCESS_FULL \
   (ACCESS_STREAMING | ACCESS_ADVANCED_STREAMING | \
@@ -153,7 +154,9 @@ int access_verify(const char *username, const char *password,
 		  struct sockaddr *src, uint32_t mask);
 
 static inline int access_verify2(access_t *a, uint32_t mask)
-  { return (a->aa_rights & mask) == mask ? 0 : -1; }
+  { return (mask & ACCESS_OR) ?
+      ((a->aa_rights & mask) ? 0 : -1) :
+      ((a->aa_rights & mask) == mask ? 0 : -1); }
 
 int access_verify_list(htsmsg_t *list, const char *item);
 

diff --git a/src/api/api_dvr.c b/src/api/api_dvr.c
@@ -351,8 +351,10 @@ api_dvr_timerec_create
 void api_dvr_init ( void )
 {
   static api_hook_t ah[] = {
-    { "dvr/config/class",          ACCESS_RECORDER, api_idnode_class, (void*)&dvr_config_class },
-    { "dvr/config/grid",           ACCESS_RECORDER, api_idnode_grid, api_dvr_config_grid },
+    { "dvr/config/class",          ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER,
+                                     api_idnode_class, (void*)&dvr_config_class },
+    { "dvr/config/grid",           ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER,
+                                     api_idnode_grid, api_dvr_config_grid },
     { "dvr/config/create",         ACCESS_ADMIN, api_dvr_config_create, NULL },
 
     { "dvr/entry/class",           ACCESS_RECORDER, api_idnode_class, (void*)&dvr_entry_class },

diff --git a/src/dvr/dvr_config.c b/src/dvr/dvr_config.c
@@ -316,7 +316,7 @@ dvr_config_class_perm(idnode_t *self, access_t *a, htsmsg_t *msg_to_write)
   htsmsg_field_t *f;
   const char *uuid, *my_uuid;
 
-  if (access_verify2(a, ACCESS_RECORDER))
+  if (access_verify2(a, ACCESS_OR|ACCESS_ADMIN|ACCESS_RECORDER))
     return -1;
   if (!access_verify2(a, ACCESS_ADMIN))
     return 0;