X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/disorder/blobdiff_plain/b12be54a68a7738d948d866eb7b9231f8e55a12e..5891b0a8916232a54a4856e186b1d21a44b38a48:/lib/configuration.c

diff --git a/lib/configuration.c b/lib/configuration.c
index 3ddfea1..7ed9276 100644
--- a/lib/configuration.c
+++ b/lib/configuration.c
@@ -39,6 +39,7 @@
 #include <pcre.h>
 #include <signal.h>
 
+#include "rights.h"
 #include "configuration.h"
 #include "mem.h"
 #include "log.h"
@@ -489,6 +490,23 @@ static int set_backend(const struct config_state *cs,
   return 0;
 }
 
+static int set_rights(const struct config_state *cs,
+		      const struct conf *whoami,
+		      int nvec, char **vec) {
+  if(nvec != 1) {
+    error(0, "%s:%d: '%s' requires one argument",
+	  cs->path, cs->line, whoami->name);
+    return -1;
+  }
+  if(parse_rights(vec[0], 0, 1)) {
+    error(0, "%s:%d: invalid rights string '%s'",
+	  cs->path, cs->line, vec[0]);
+    return -1;
+  }
+  *ADDRESS(cs->config, char *) = vec[0];
+  return 0;
+}
+
 /* free functions */
 
 static void free_none(struct config attribute((unused)) *c,
@@ -587,6 +605,7 @@ static const struct conftype
   type_restrict = { set_restrict, free_none },
   type_namepart = { set_namepart, free_namepartlist },
   type_transform = { set_transform, free_transformlist },
+  type_rights = { set_rights, free_none },
   type_backend = { set_backend, free_none };
 
 /* specific validation routine */
@@ -902,6 +921,7 @@ static const struct conf conf[] = {
   { C(cookie_login_lifetime),  &type_integer,    validate_positive },
   { C(cookie_key_lifetime),  &type_integer,      validate_positive },
   { C(dbversion),        &type_integer,          validate_positive },
+  { C(default_rights),   &type_rights,           validate_any },
   { C(device),           &type_string,           validate_any },
   { C(gap),              &type_integer,          validate_non_negative },
   { C(history),          &type_integer,          validate_positive },
@@ -1167,7 +1187,26 @@ static void config_postdefaults(struct config *c,
     c->sample_format.bits = 16;
     c->sample_format.endian = ENDIAN_NATIVE;
     break; 
- }
+  }
+  if(!c->default_rights) {
+    rights_type r = RIGHTS__MASK & ~(RIGHT_ADMIN|RIGHT_REGISTER
+				     |RIGHT_MOVE__MASK
+				     |RIGHT_SCRATCH__MASK
+				     |RIGHT_REMOVE__MASK);
+    /* The idea is to approximate the meaning of the old 'restrict' directive
+     * in the default rights if they are not overridden. */
+    if(c->restrictions & RESTRICT_SCRATCH)
+      r |= RIGHT_SCRATCH_MINE|RIGHT_SCRATCH_RANDOM;
+    else
+      r |= RIGHT_SCRATCH_ANY;
+    if(!(c->restrictions & RESTRICT_MOVE))
+      r |= RIGHT_MOVE_ANY;
+    if(c->restrictions & RESTRICT_REMOVE)
+      r |= RIGHT_REMOVE_MINE;
+    else
+      r |= RIGHT_REMOVE_ANY;
+    c->default_rights = rights_string(r);
+  }
 }
 
 /** @brief (Re-)read the config file
@@ -1210,6 +1249,13 @@ int config_read(int server) {
   config_postdefaults(c, server);
   /* everything is good so we shall use the new config */
   config_free(config);
+  /* warn about obsolete directives */
+  if(c->restrictions)
+    error(0, "'restrict' will be removed in a future version");
+  if(c->allow.n)
+    error(0, "'allow' will be removed in a future version");
+  if(c->trust.n)
+    error(0, "'trust' will be removed in a future version");
   config = c;
   return 0;
 }