ACL: add "All DVR (rw)" to delete a DVR entry.

This is to let a user remove a DVR entry created by another user rather than only being able to access it.
tvheadend · Feb 4, 2015 · d09e0c9 · d09e0c9
1 parent 2726332
commit d09e0c9
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 4 deletions.
diff --git a/docs/html/config_access.html b/docs/html/config_access.html
@@ -97,6 +97,11 @@
   <dd>
   Enable to access to DVR entries created by other users (read-only).
 
+  <dt><b>All DVR (rw)</b>
+  <dd>
+  Enable to access to DVR entries created by other users with the ability to
+  remove the DVR entries.
+
   <dt><b>DVR Config Profile</b>
   <dd>
   If set, the user will only be able to use the DVR config profile

diff --git a/src/access.c b/src/access.c
@@ -357,7 +357,7 @@ access_dump_a(access_t *a)
   int first;
 
   snprintf(buf, sizeof(buf),
-    "%s:%s [%c%c%c%c%c%c%c%c], conn=%u, chmin=%llu, chmax=%llu%s",
+    "%s:%s [%c%c%c%c%c%c%c%c%c], conn=%u, chmin=%llu, chmax=%llu%s",
     a->aa_representative ?: "<no-id>",
     a->aa_username ?: "<no-user>",
     a->aa_rights & ACCESS_STREAMING          ? 'S' : ' ',
@@ -367,6 +367,7 @@ access_dump_a(access_t *a)
     a->aa_rights & ACCESS_RECORDER           ? 'R' : ' ',
     a->aa_rights & ACCESS_HTSP_RECORDER      ? 'E' : ' ',
     a->aa_rights & ACCESS_ALL_RECORDER       ? 'L' : ' ',
+    a->aa_rights & ACCESS_ALL_RW_RECORDER    ? 'D' : ' ',
     a->aa_rights & ACCESS_ADMIN              ? '*' : ' ',
     a->aa_conn_limit,
     (long long)a->aa_chmin, (long long)a->aa_chmax,
@@ -819,6 +820,8 @@ access_entry_update_rights(access_entry_t *ae)
     r |= ACCESS_WEB_INTERFACE;
   if (ae->ae_admin)
     r |= ACCESS_ADMIN;
+  if (ae->ae_all_rw_dvr)
+    r |= ACCESS_ALL_RW_RECORDER;
   ae->ae_rights = r;
 }
 
@@ -1308,6 +1311,12 @@ const idclass_t access_entry_class = {
       .name     = "All DVR",
       .off      = offsetof(access_entry_t, ae_all_dvr),
     },
+    {
+      .type     = PT_BOOL,
+      .id       = "all_rw_dvr",
+      .name     = "All DVR (rw)",
+      .off      = offsetof(access_entry_t, ae_all_rw_dvr),
+    },
     {
       .type     = PT_STR,
       .id       = "dvr_config",
@@ -1417,6 +1426,7 @@ access_init(int createdefault, int noacl)
     ae->ae_dvr            = 1;
     ae->ae_htsp_dvr       = 1;
     ae->ae_all_dvr        = 1;
+    ae->ae_all_rw_dvr     = 1;
     ae->ae_webui          = 1;
     ae->ae_admin          = 1;
     access_entry_update_rights(ae);

diff --git a/src/access.h b/src/access.h
@@ -67,6 +67,7 @@ typedef struct access_entry {
   int ae_dvr;
   int ae_htsp_dvr;
   int ae_all_dvr;
+  int ae_all_rw_dvr;
   struct dvr_config *ae_dvr_config;
   LIST_ENTRY(access_entry) ae_dvr_config_link;
 
@@ -122,13 +123,14 @@ typedef struct access_ticket {
 #define ACCESS_HTSP_RECORDER      (1<<5)
 #define ACCESS_ALL_RECORDER       (1<<6)
 #define ACCESS_ADMIN              (1<<7)
+#define ACCESS_ALL_RW_RECORDER    (1<<8)
 #define ACCESS_OR                 (1<<30)
 
 #define ACCESS_FULL \
   (ACCESS_STREAMING | ACCESS_ADVANCED_STREAMING | \
    ACCESS_HTSP_STREAMING | ACCESS_WEB_INTERFACE | \
    ACCESS_RECORDER | ACCESS_HTSP_RECORDER | \
-   ACCESS_ALL_RECORDER | ACCESS_ADMIN)
+   ACCESS_ALL_RECORDER | ACCESS_ADMIN | ACCESS_ALL_RW_RECORDER)
 
 /**
  * Create a new ticket for the requested resource and generate a id for it

diff --git a/src/dvr/dvr.h b/src/dvr/dvr.h
@@ -486,6 +486,10 @@ static inline int dvr_entry_verify(dvr_entry_t *de, access_t *a, int readonly)
 {
   if (readonly && !access_verify2(a, ACCESS_ALL_RECORDER))
     return 0;
+
+  if (!access_verify2(a, ACCESS_ALL_RW_RECORDER))
+    return 0;
+
   if (strcmp(de->de_owner ?: "", a->aa_username ?: ""))
     return -1;
   return 0;

diff --git a/src/webui/static/app/acleditor.js b/src/webui/static/app/acleditor.js
@@ -7,8 +7,8 @@ tvheadend.acleditor = function(panel, index)
     var list = 'enabled,username,password,prefix,' +
                'webui,admin,' +
                'streaming,adv_streaming,htsp_streaming,' +
-               'profile,conn_limit,dvr,htsp_dvr,all_dvr,dvr_config,' +
-               'channel_min,channel_max,channel_tag,comment';
+               'profile,conn_limit,dvr,htsp_dvr,all_dvr,all_rw_dvr,' +
+	       'dvr_config,channel_min,channel_max,channel_tag,comment';
 
     tvheadend.idnode_grid(panel, {
         url: 'api/access/entry',
@@ -26,6 +26,7 @@ tvheadend.acleditor = function(panel, index)
             dvr:            { width: 150 },
             htsp_dvr:       { width: 150 },
             all_dvr:        { width: 150 },
+            all_rw_dvr:     { width: 150 },
             webui:          { width: 140 },
             admin:          { width: 100 },
             conn_limit:     { width: 160 },