10 staticforward PyTypeObject ACL_Type;
11 static PyObject* ACL_applyto(PyObject* obj, PyObject* args);
12 static PyObject* ACL_valid(PyObject* obj, PyObject* args);
15 static PyObject* ACL_get_state(PyObject *obj, PyObject* args);
16 static PyObject* ACL_set_state(PyObject *obj, PyObject* args);
18 staticforward PyTypeObject Entry_Type;
19 staticforward PyTypeObject Permset_Type;
20 static PyObject* Permset_new(PyTypeObject* type, PyObject* args, PyObject *keywds);
35 PyObject *parent_acl; /* The parent acl, so it won't run out on us */
41 PyObject *parent_entry; /* The parent entry, so it won't run out on us */
42 acl_permset_t permset;
47 /* Creation of a new ACL instance */
48 static PyObject* ACL_new(PyTypeObject* type, PyObject* args, PyObject *keywds) {
51 newacl = type->tp_alloc(type, 0);
54 ((ACL_Object*)newacl)->acl = NULL;
56 ((ACL_Object*)newacl)->entry_id = ACL_FIRST_ENTRY;
63 /* Initialization of a new ACL instance */
64 static int ACL_init(PyObject* obj, PyObject* args, PyObject *keywds) {
65 ACL_Object* self = (ACL_Object*) obj;
66 static char *kwlist[] = { "file", "fd", "text", "acl", "filedef", NULL };
71 ACL_Object* thesrc = NULL;
73 if(!PyTuple_Check(args) || PyTuple_Size(args) != 0 ||
74 (keywds != NULL && PyDict_Check(keywds) && PyDict_Size(keywds) > 1)) {
75 PyErr_SetString(PyExc_ValueError, "a max of one keyword argument must be passed");
78 if(!PyArg_ParseTupleAndKeywords(args, keywds, "|sisO!s", kwlist,
79 &file, &fd, &text, &ACL_Type, &thesrc, &filedef))
82 /* Free the old acl_t without checking for error, we don't
88 self->acl = acl_get_file(file, ACL_TYPE_ACCESS);
90 self->acl = acl_from_text(text);
92 self->acl = acl_get_fd(fd);
93 else if(thesrc != NULL)
94 self->acl = acl_dup(thesrc->acl);
95 else if(filedef != NULL)
96 self->acl = acl_get_file(filedef, ACL_TYPE_DEFAULT);
98 self->acl = acl_init(0);
100 if(self->acl == NULL) {
101 PyErr_SetFromErrno(PyExc_IOError);
108 /* Standard type functions */
109 static void ACL_dealloc(PyObject* obj) {
110 ACL_Object *self = (ACL_Object*) obj;
111 PyObject *err_type, *err_value, *err_traceback;
112 int have_error = PyErr_Occurred() ? 1 : 0;
115 PyErr_Fetch(&err_type, &err_value, &err_traceback);
116 if(self->acl != NULL && acl_free(self->acl) != 0)
117 PyErr_WriteUnraisable(obj);
119 PyErr_Restore(err_type, err_value, err_traceback);
123 /* Converts the acl to a text format */
124 static PyObject* ACL_str(PyObject *obj) {
126 ACL_Object *self = (ACL_Object*) obj;
129 text = acl_to_text(self->acl, NULL);
131 return PyErr_SetFromErrno(PyExc_IOError);
133 ret = PyString_FromString(text);
134 if(acl_free(text) != 0) {
136 return PyErr_SetFromErrno(PyExc_IOError);
142 static char __applyto_doc__[] = \
143 "Apply the ACL to a file or filehandle.\n" \
146 " - either a filename or a file-like object or an integer; this\n" \
147 " represents the filesystem object on which to act\n" \
148 " - optional flag representing the type of ACL to set, either\n" \
149 " ACL_TYPE_ACCESS (default) or ACL_TYPE_DEFAULT\n" \
152 /* Applyes the ACL to a file */
153 static PyObject* ACL_applyto(PyObject* obj, PyObject* args) {
154 ACL_Object *self = (ACL_Object*) obj;
156 acl_type_t type = ACL_TYPE_ACCESS;
160 if (!PyArg_ParseTuple(args, "O|i", &myarg, &type))
163 if(PyString_Check(myarg)) {
164 char *filename = PyString_AS_STRING(myarg);
165 nret = acl_set_file(filename, type, self->acl);
166 } else if((fd = PyObject_AsFileDescriptor(myarg)) != -1) {
167 nret = acl_set_fd(fd, self->acl);
169 PyErr_SetString(PyExc_TypeError, "argument 1 must be string, int, or file-like object");
173 return PyErr_SetFromErrno(PyExc_IOError);
176 /* Return the result */
181 static char __valid_doc__[] = \
182 "Test the ACL for validity.\n" \
184 "This method tests the ACL to see if it is a valid ACL\n" \
185 "in terms of the filesystem. More precisely, it checks:\n" \
186 "A valid ACL contains exactly one entry with each of the ACL_USER_OBJ,\n" \
187 "ACL_GROUP_OBJ, and ACL_OTHER tag types. Entries with ACL_USER and\n" \
188 "ACL_GROUP tag types may appear zero or more times in an ACL. An ACL that\n" \
189 "contains entries of ACL_USER or ACL_GROUP tag types must contain exactly\n" \
190 "one entry of the ACL_MASK tag type. If an ACL contains no entries of\n" \
191 "ACL_USER or ACL_GROUP tag types, the ACL_MASK entry is optional.\n" \
193 "All user ID qualifiers must be unique among all entries of ACL_USER tag\n" \
194 "type, and all group IDs must be unique among all entries of ACL_GROUP tag\n" \
197 "The method will return 1 for a valid ACL and 0 for an invalid one.\n" \
198 "This has been chosen because the specification for acl_valid in POSIX.1e\n" \
199 "documents only one possible value for errno in case of an invalid ACL, \n" \
200 "so we can't differentiate between classes of errors. Other suggestions \n" \
204 /* Checks the ACL for validity */
205 static PyObject* ACL_valid(PyObject* obj, PyObject* args) {
206 ACL_Object *self = (ACL_Object*) obj;
208 if(acl_valid(self->acl) == -1) {
219 static PyObject* ACL_get_state(PyObject *obj, PyObject* args) {
220 ACL_Object *self = (ACL_Object*) obj;
225 size = acl_size(self->acl);
227 return PyErr_SetFromErrno(PyExc_IOError);
229 if((ret = PyString_FromStringAndSize(NULL, size)) == NULL)
231 buf = PyString_AsString(ret);
233 if((nsize = acl_copy_ext(buf, self->acl, size)) == -1) {
235 return PyErr_SetFromErrno(PyExc_IOError);
241 static PyObject* ACL_set_state(PyObject *obj, PyObject* args) {
242 ACL_Object *self = (ACL_Object*) obj;
247 /* Parse the argument */
248 if (!PyArg_ParseTuple(args, "s#", &buf, &bufsize))
251 /* Try to import the external representation */
252 if((ptr = acl_copy_int(buf)) == NULL)
253 return PyErr_SetFromErrno(PyExc_IOError);
255 /* Free the old acl. Should we ignore errors here? */
256 if(self->acl != NULL) {
257 if(acl_free(self->acl) == -1)
258 return PyErr_SetFromErrno(PyExc_IOError);
263 /* Return the result */
268 /* tp_iter for the ACL type; since it can be iterated only
269 * destructively, the type is its iterator
271 static PyObject* ACL_iter(PyObject *obj) {
272 ACL_Object *self = (ACL_Object*)obj;
273 self->entry_id = ACL_FIRST_ENTRY;
278 /* the tp_iternext function for the ACL type */
279 static PyObject* ACL_iternext(PyObject *obj) {
280 ACL_Object *self = (ACL_Object*)obj;
281 acl_entry_t the_entry_t;
282 Entry_Object *the_entry_obj;
285 nerr = acl_get_entry(self->acl, self->entry_id, &the_entry_t);
286 self->entry_id = ACL_NEXT_ENTRY;
288 return PyErr_SetFromErrno(PyExc_IOError);
290 /* Docs says this is not needed */
291 /*PyErr_SetObject(PyExc_StopIteration, Py_None);*/
295 the_entry_obj = (Entry_Object*) PyType_GenericNew(&Entry_Type, NULL, NULL);
296 if(the_entry_obj == NULL)
299 the_entry_obj->entry = the_entry_t;
301 the_entry_obj->parent_acl = obj;
302 Py_INCREF(obj); /* For the reference we have in entry->parent */
304 return (PyObject*)the_entry_obj;
307 static char __ACL_delete_entry_doc__[] = \
308 "Deletes an entry from the ACL.\n" \
310 "Note: Only with level 2\n" \
312 " - the Entry object which should be deleted; note that after\n" \
313 " this function is called, that object is unusable any longer\n" \
314 " and should be deleted\n" \
317 /* Deletes an entry from the ACL */
318 static PyObject* ACL_delete_entry(PyObject *obj, PyObject *args) {
319 ACL_Object *self = (ACL_Object*)obj;
322 if (!PyArg_ParseTuple(args, "O!", &Entry_Type, &e))
325 if(acl_delete_entry(self->acl, e->entry) == -1)
326 return PyErr_SetFromErrno(PyExc_IOError);
328 /* Return the result */
333 static char __ACL_calc_mask_doc__[] = \
334 "Compute the file group class mask.\n" \
336 "The calc_mask() method calculates and sets the permissions \n" \
337 "associated with the ACL_MASK Entry of the ACL.\n" \
338 "The value of the new permissions is the union of the permissions \n" \
339 "granted by all entries of tag type ACL_GROUP, ACL_GROUP_OBJ, or \n" \
340 "ACL_USER. If the ACL already contains an ACL_MASK entry, its \n" \
341 "permissions are overwritten; if it does not contain an ACL_MASK \n" \
342 "Entry, one is added.\n" \
344 "The order of existing entries in the ACL is undefined after this \n" \
348 /* Updates the mask entry in the ACL */
349 static PyObject* ACL_calc_mask(PyObject *obj, PyObject *args) {
350 ACL_Object *self = (ACL_Object*)obj;
352 if(acl_calc_mask(&self->acl) == -1)
353 return PyErr_SetFromErrno(PyExc_IOError);
355 /* Return the result */
360 static char __ACL_append_doc__[] = \
361 "Append a new Entry to the ACL and return it.\n" \
363 "This is a convenience function to create a new Entry \n" \
364 "and append it to the ACL.\n" \
365 "If a parameter of type Entry instance is given, the \n" \
366 "entry will be a copy of that one (as if copied with \n" \
367 "Entry.copy()), otherwise, the new entry will be empty.\n" \
370 /* Convenience method to create a new Entry */
371 static PyObject* ACL_append(PyObject *obj, PyObject *args) {
372 ACL_Object* self = (ACL_Object*) obj;
373 Entry_Object* newentry;
374 Entry_Object* oldentry = NULL;
377 newentry = (Entry_Object*)PyType_GenericNew(&Entry_Type, NULL, NULL);
378 if(newentry == NULL) {
382 if (!PyArg_ParseTuple(args, "|O!", &Entry_Type, &oldentry))
385 nret = acl_create_entry(&self->acl, &newentry->entry);
388 return PyErr_SetFromErrno(PyExc_IOError);
391 if(oldentry != NULL) {
392 nret = acl_copy_entry(newentry->entry, oldentry->entry);
395 return PyErr_SetFromErrno(PyExc_IOError);
399 newentry->parent_acl = obj;
402 return (PyObject*)newentry;
405 /***** Entry type *****/
407 /* Creation of a new Entry instance */
408 static PyObject* Entry_new(PyTypeObject* type, PyObject* args, PyObject *keywds) {
411 newentry = PyType_GenericNew(type, args, keywds);
413 if(newentry != NULL) {
414 ((Entry_Object*)newentry)->entry = NULL;
415 ((Entry_Object*)newentry)->parent_acl = NULL;
421 /* Initialization of a new Entry instance */
422 static int Entry_init(PyObject* obj, PyObject* args, PyObject *keywds) {
423 Entry_Object* self = (Entry_Object*) obj;
424 ACL_Object* parent = NULL;
426 if (!PyArg_ParseTuple(args, "O!", &ACL_Type, &parent))
429 if(acl_create_entry(&parent->acl, &self->entry) == -1) {
430 PyErr_SetFromErrno(PyExc_IOError);
434 self->parent_acl = (PyObject*)parent;
440 /* Free the Entry instance */
441 static void Entry_dealloc(PyObject* obj) {
442 Entry_Object *self = (Entry_Object*) obj;
443 PyObject *err_type, *err_value, *err_traceback;
444 int have_error = PyErr_Occurred() ? 1 : 0;
447 PyErr_Fetch(&err_type, &err_value, &err_traceback);
448 if(self->parent_acl != NULL) {
449 Py_DECREF(self->parent_acl);
450 self->parent_acl = NULL;
453 PyErr_Restore(err_type, err_value, err_traceback);
457 /* Converts the entry to a text format */
458 static PyObject* Entry_str(PyObject *obj) {
463 PyObject *format, *list;
464 Entry_Object *self = (Entry_Object*) obj;
466 if(acl_get_tag_type(self->entry, &tag) == -1) {
467 PyErr_SetFromErrno(PyExc_IOError);
470 if(tag == ACL_USER || tag == ACL_GROUP) {
471 if((p = acl_get_qualifier(self->entry)) == NULL) {
472 PyErr_SetFromErrno(PyExc_IOError);
475 qualifier = *(uid_t*)p;
481 format = PyString_FromString("ACL entry for %s");
484 list = PyTuple_New(1);
485 if(tag == ACL_UNDEFINED_TAG) {
486 PyTuple_SetItem(list, 0, PyString_FromString("undefined type"));
487 } else if(tag == ACL_USER_OBJ) {
488 PyTuple_SetItem(list, 0, PyString_FromString("the owner"));
489 } else if(tag == ACL_GROUP_OBJ) {
490 PyTuple_SetItem(list, 0, PyString_FromString("the group"));
491 } else if(tag == ACL_OTHER) {
492 PyTuple_SetItem(list, 0, PyString_FromString("the others"));
493 } else if(tag == ACL_USER) {
494 PyTuple_SetItem(list, 0, PyString_FromFormat("user with uid %d", qualifier));
495 } else if(tag == ACL_GROUP) {
496 PyTuple_SetItem(list, 0, PyString_FromFormat("group with gid %d", qualifier));
497 } else if(tag == ACL_MASK) {
498 PyTuple_SetItem(list, 0, PyString_FromString("the mask"));
500 PyTuple_SetItem(list, 0, PyString_FromString("UNKNOWN_TAG_TYPE!"));
502 ret = PyString_Format(format, list);
508 /* Sets the tag type of the entry */
509 static int Entry_set_tag_type(PyObject* obj, PyObject* value, void* arg) {
510 Entry_Object *self = (Entry_Object*) obj;
513 PyErr_SetString(PyExc_TypeError,
514 "tag type deletion is not supported");
518 if(!PyInt_Check(value)) {
519 PyErr_SetString(PyExc_TypeError,
520 "tag type must be integer");
523 if(acl_set_tag_type(self->entry, (acl_tag_t)PyInt_AsLong(value)) == -1) {
524 PyErr_SetFromErrno(PyExc_IOError);
531 /* Returns the tag type of the entry */
532 static PyObject* Entry_get_tag_type(PyObject *obj, void* arg) {
533 Entry_Object *self = (Entry_Object*) obj;
536 if (self->entry == NULL) {
537 PyErr_SetString(PyExc_AttributeError, "entry attribute");
540 if(acl_get_tag_type(self->entry, &value) == -1) {
541 PyErr_SetFromErrno(PyExc_IOError);
545 return PyInt_FromLong(value);
548 /* Sets the qualifier (either uid_t or gid_t) for the entry,
549 * usable only if the tag type if ACL_USER or ACL_GROUP
551 static int Entry_set_qualifier(PyObject* obj, PyObject* value, void* arg) {
552 Entry_Object *self = (Entry_Object*) obj;
556 PyErr_SetString(PyExc_TypeError,
557 "qualifier deletion is not supported");
561 if(!PyInt_Check(value)) {
562 PyErr_SetString(PyExc_TypeError,
563 "tag type must be integer");
566 uidgid = PyInt_AsLong(value);
567 if(acl_set_qualifier(self->entry, (void*)&uidgid) == -1) {
568 PyErr_SetFromErrno(PyExc_IOError);
575 /* Returns the qualifier of the entry */
576 static PyObject* Entry_get_qualifier(PyObject *obj, void* arg) {
577 Entry_Object *self = (Entry_Object*) obj;
581 if (self->entry == NULL) {
582 PyErr_SetString(PyExc_AttributeError, "entry attribute");
585 if((p = acl_get_qualifier(self->entry)) == NULL) {
586 PyErr_SetFromErrno(PyExc_IOError);
592 return PyInt_FromLong(value);
595 /* Returns the parent ACL of the entry */
596 static PyObject* Entry_get_parent(PyObject *obj, void* arg) {
597 Entry_Object *self = (Entry_Object*) obj;
599 Py_INCREF(self->parent_acl);
600 return self->parent_acl;
603 /* Returns the a new Permset representing the permset of the entry
604 * FIXME: Should return a new reference to the same object, which
605 * should be created at init time!
607 static PyObject* Entry_get_permset(PyObject *obj, void* arg) {
608 Entry_Object *self = (Entry_Object*)obj;
612 p = Permset_new(&Permset_Type, NULL, NULL);
615 ps = (Permset_Object*)p;
616 if(acl_get_permset(self->entry, &ps->permset) == -1) {
617 PyErr_SetFromErrno(PyExc_IOError);
620 ps->parent_entry = obj;
626 /* Sets the permset of the entry to the passed Permset */
627 static int Entry_set_permset(PyObject* obj, PyObject* value, void* arg) {
628 Entry_Object *self = (Entry_Object*)obj;
631 if(!PyObject_IsInstance(value, (PyObject*)&Permset_Type)) {
632 PyErr_SetString(PyExc_TypeError, "argument 1 must be posix1e.Permset");
635 p = (Permset_Object*)value;
636 if(acl_set_permset(self->entry, p->permset) == -1) {
637 PyErr_SetFromErrno(PyExc_IOError);
643 static char __Entry_copy_doc__[] = \
644 "Copy an ACL entry.\n" \
646 "This method sets all the parameters to those of another\n" \
647 "entry, even one of another's ACL\n" \
649 " - src, instance of type Entry\n" \
652 /* Sets all the entry parameters to another's entry */
653 static PyObject* Entry_copy(PyObject *obj, PyObject *args) {
654 Entry_Object *self = (Entry_Object*)obj;
657 if(!PyArg_ParseTuple(args, "O!", &Entry_Type, &other))
660 if(acl_copy_entry(self->entry, other->entry) == -1)
661 return PyErr_SetFromErrno(PyExc_IOError);
667 /**** Permset type *****/
669 /* Creation of a new Permset instance */
670 static PyObject* Permset_new(PyTypeObject* type, PyObject* args, PyObject *keywds) {
671 PyObject* newpermset;
673 newpermset = PyType_GenericNew(type, args, keywds);
675 if(newpermset != NULL) {
676 ((Permset_Object*)newpermset)->permset = NULL;
677 ((Permset_Object*)newpermset)->parent_entry = NULL;
683 /* Initialization of a new Permset instance */
684 static int Permset_init(PyObject* obj, PyObject* args, PyObject *keywds) {
685 Permset_Object* self = (Permset_Object*) obj;
686 Entry_Object* parent = NULL;
688 if (!PyArg_ParseTuple(args, "O!", &Entry_Type, &parent))
691 if(acl_get_permset(parent->entry, &self->permset) == -1) {
692 PyErr_SetFromErrno(PyExc_IOError);
696 self->parent_entry = (PyObject*)parent;
702 /* Free the Permset instance */
703 static void Permset_dealloc(PyObject* obj) {
704 Permset_Object *self = (Permset_Object*) obj;
705 PyObject *err_type, *err_value, *err_traceback;
706 int have_error = PyErr_Occurred() ? 1 : 0;
709 PyErr_Fetch(&err_type, &err_value, &err_traceback);
710 if(self->parent_entry != NULL) {
711 Py_DECREF(self->parent_entry);
712 self->parent_entry = NULL;
715 PyErr_Restore(err_type, err_value, err_traceback);
719 /* Permset string representation */
720 static PyObject* Permset_str(PyObject *obj) {
721 Permset_Object *self = (Permset_Object*) obj;
724 pstr[0] = get_perm(self->permset, ACL_READ) ? 'r' : '-';
725 pstr[1] = get_perm(self->permset, ACL_WRITE) ? 'w' : '-';
726 pstr[2] = get_perm(self->permset, ACL_EXECUTE) ? 'x' : '-';
727 return PyString_FromStringAndSize(pstr, 3);
730 static char __Permset_clear_doc__[] = \
731 "Clear all permissions from the permission set.\n" \
734 /* Clears all permissions from the permset */
735 static PyObject* Permset_clear(PyObject* obj, PyObject* args) {
736 Permset_Object *self = (Permset_Object*) obj;
738 if(acl_clear_perms(self->permset) == -1)
739 return PyErr_SetFromErrno(PyExc_IOError);
741 /* Return the result */
746 static PyObject* Permset_get_right(PyObject *obj, void* arg) {
747 Permset_Object *self = (Permset_Object*) obj;
749 if(get_perm(self->permset, (int)arg)) {
758 static int Permset_set_right(PyObject* obj, PyObject* value, void* arg) {
759 Permset_Object *self = (Permset_Object*) obj;
763 if(!PyInt_Check(value)) {
764 PyErr_SetString(PyExc_ValueError, "a maximum of one argument must be passed");
767 on = PyInt_AsLong(value);
769 nerr = acl_add_perm(self->permset, (int)arg);
771 nerr = acl_delete_perm(self->permset, (int)arg);
773 PyErr_SetFromErrno(PyExc_IOError);
779 static char __Permset_add_doc__[] = \
780 "Add a permission to the permission set.\n" \
782 "The add() function adds the permission contained in \n" \
783 "the argument perm to the permission set. An attempt \n" \
784 "to add a permission that is already contained in the \n" \
785 "permission set is not considered an error.\n" \
787 " - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...\n" \
790 "Can raise: IOError\n" \
793 static PyObject* Permset_add(PyObject* obj, PyObject* args) {
794 Permset_Object *self = (Permset_Object*) obj;
797 if (!PyArg_ParseTuple(args, "i", &right))
800 if(acl_add_perm(self->permset, (acl_perm_t) right) == -1)
801 return PyErr_SetFromErrno(PyExc_IOError);
803 /* Return the result */
808 static char __Permset_delete_doc__[] = \
809 "Delete a permission from the permission set.\n" \
811 "The delete() function deletes the permission contained in \n" \
812 "the argument perm from the permission set. An attempt \n" \
813 "to delete a permission that is not contained in the \n" \
814 "permission set is not considered an error.\n" \
816 " - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...\n" \
819 "Can raise: IOError\n" \
822 static PyObject* Permset_delete(PyObject* obj, PyObject* args) {
823 Permset_Object *self = (Permset_Object*) obj;
826 if (!PyArg_ParseTuple(args, "i", &right))
829 if(acl_delete_perm(self->permset, (acl_perm_t) right) == -1)
830 return PyErr_SetFromErrno(PyExc_IOError);
832 /* Return the result */
837 static char __Permset_test_doc__[] = \
838 "Test if a permission exists in the permission set.\n" \
840 "The test() function tests if the permission contained in \n" \
841 "the argument perm exits the permission set.\n" \
843 " - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...\n" \
846 "Can raise: IOError\n" \
849 static PyObject* Permset_test(PyObject* obj, PyObject* args) {
850 Permset_Object *self = (Permset_Object*) obj;
854 if (!PyArg_ParseTuple(args, "i", &right))
857 ret = get_perm(self->permset, (acl_perm_t) right);
859 return PyErr_SetFromErrno(PyExc_IOError);
872 static char __ACL_Type_doc__[] = \
873 "Type which represents a POSIX ACL\n" \
876 " Only one keword parameter should be provided:\n"
877 " - file=\"...\", meaning create ACL representing\n"
878 " the access ACL of that file\n" \
879 " - filedef=\"...\", meaning create ACL representing\n"
880 " the default ACL of that directory\n" \
881 " - fd=<int>, meaning create ACL representing\n" \
882 " the access ACL of that file descriptor\n" \
883 " - text=\"...\", meaning create ACL from a \n" \
884 " textual description\n" \
885 " - acl=<ACL instance>, meaning create a copy\n" \
886 " of an existing ACL instance\n" \
887 "If no parameters are passed, create an empty ACL; this\n" \
888 "makes sense only when your OS supports ACL modification\n" \
889 " (i.e. it implements full POSIX.1e support)\n" \
892 /* ACL type methods */
893 static PyMethodDef ACL_methods[] = {
894 {"applyto", ACL_applyto, METH_VARARGS, __applyto_doc__},
895 {"valid", ACL_valid, METH_NOARGS, __valid_doc__},
897 {"__getstate__", ACL_get_state, METH_NOARGS, "Dumps the ACL to an external format."},
898 {"__setstate__", ACL_set_state, METH_VARARGS, "Loads the ACL from an external format."},
899 {"delete_entry", ACL_delete_entry, METH_VARARGS, __ACL_delete_entry_doc__},
900 {"calc_mask", ACL_calc_mask, METH_NOARGS, __ACL_calc_mask_doc__},
901 {"append", ACL_append, METH_VARARGS, __ACL_append_doc__},
903 {NULL, NULL, 0, NULL}
907 /* The definition of the ACL Type */
908 static PyTypeObject ACL_Type = {
909 PyObject_HEAD_INIT(NULL)
914 ACL_dealloc, /* tp_dealloc */
920 0, /* tp_as_number */
921 0, /* tp_as_sequence */
922 0, /* tp_as_mapping */
925 ACL_str, /* tp_str */
928 0, /* tp_as_buffer */
929 Py_TPFLAGS_DEFAULT, /* tp_flags */
930 __ACL_Type_doc__, /* tp_doc */
933 0, /* tp_richcompare */
934 0, /* tp_weaklistoffset */
942 ACL_methods, /* tp_methods */
947 0, /* tp_descr_get */
948 0, /* tp_descr_set */
949 0, /* tp_dictoffset */
950 ACL_init, /* tp_init */
952 ACL_new, /* tp_new */
957 /* Entry type methods */
958 static PyMethodDef Entry_methods[] = {
959 {"copy", Entry_copy, METH_VARARGS, __Entry_copy_doc__},
960 {NULL, NULL, 0, NULL}
963 static char __Entry_tagtype_doc__[] = \
964 "The tag type of the current entry\n" \
966 "This is one of:\n" \
967 " - ACL_UNDEFINED_TAG\n" \
968 " - ACL_USER_OBJ\n" \
970 " - ACL_GROUP_OBJ\n" \
976 static char __Entry_qualifier_doc__[] = \
977 "The qualifier of the current entry\n" \
979 "If the tag type is ACL_USER, this should be a user id.\n" \
980 "If the tag type if ACL_GROUP, this should be a group id.\n" \
981 "Else, it doesn't matter.\n" \
984 static char __Entry_parent_doc__[] = \
985 "The parent ACL of this entry\n" \
988 static char __Entry_permset_doc__[] = \
989 "The permission set of this ACL entry\n" \
993 static PyGetSetDef Entry_getsets[] = {
994 {"tag_type", Entry_get_tag_type, Entry_set_tag_type, __Entry_tagtype_doc__},
995 {"qualifier", Entry_get_qualifier, Entry_set_qualifier, __Entry_qualifier_doc__},
996 {"parent", Entry_get_parent, NULL, __Entry_parent_doc__},
997 {"permset", Entry_get_permset, Entry_set_permset, __Entry_permset_doc__},
1001 static char __Entry_Type_doc__[] = \
1002 "Type which represents an entry in an ACL.\n" \
1004 "The type exists only if the OS has full support for POSIX.1e\n" \
1005 "Can be created either by:\n" \
1006 " e = posix1e.Entry(myACL) # this creates a new entry in the ACL\n" \
1008 " for entry in myACL:\n" \
1011 "Note that the Entry keeps a reference to its ACL, so even if \n" \
1012 "you delete the ACL, it won't be cleaned up and will continue to \n" \
1013 "exist until its Entry(ies) will be deleted.\n" \
1015 /* The definition of the Entry Type */
1016 static PyTypeObject Entry_Type = {
1017 PyObject_HEAD_INIT(NULL)
1020 sizeof(Entry_Object),
1022 Entry_dealloc, /* tp_dealloc */
1028 0, /* tp_as_number */
1029 0, /* tp_as_sequence */
1030 0, /* tp_as_mapping */
1033 Entry_str, /* tp_str */
1034 0, /* tp_getattro */
1035 0, /* tp_setattro */
1036 0, /* tp_as_buffer */
1037 Py_TPFLAGS_DEFAULT, /* tp_flags */
1038 __Entry_Type_doc__, /* tp_doc */
1039 0, /* tp_traverse */
1041 0, /* tp_richcompare */
1042 0, /* tp_weaklistoffset */
1044 0, /* tp_iternext */
1045 Entry_methods, /* tp_methods */
1047 Entry_getsets, /* tp_getset */
1050 0, /* tp_descr_get */
1051 0, /* tp_descr_set */
1052 0, /* tp_dictoffset */
1053 Entry_init, /* tp_init */
1055 Entry_new, /* tp_new */
1058 /* Permset type methods */
1059 static PyMethodDef Permset_methods[] = {
1060 {"clear", Permset_clear, METH_NOARGS, __Permset_clear_doc__, },
1061 {"add", Permset_add, METH_VARARGS, __Permset_add_doc__, },
1062 {"delete", Permset_delete, METH_VARARGS, __Permset_delete_doc__, },
1063 {"test", Permset_test, METH_VARARGS, __Permset_test_doc__, },
1064 {NULL, NULL, 0, NULL}
1067 static char __Permset_execute_doc__[] = \
1068 "Execute permsission\n" \
1070 "This is a convenience method of access; the \n" \
1071 "same effect can be achieved using the functions\n" \
1072 "add(), test(), delete(), and those can take any \n" \
1073 "permission defined by your platform.\n" \
1076 static char __Permset_read_doc__[] = \
1077 "Read permsission\n" \
1079 "This is a convenience method of access; the \n" \
1080 "same effect can be achieved using the functions\n" \
1081 "add(), test(), delete(), and those can take any \n" \
1082 "permission defined by your platform.\n" \
1085 static char __Permset_write_doc__[] = \
1086 "Write permsission\n" \
1088 "This is a convenience method of access; the \n" \
1089 "same effect can be achieved using the functions\n" \
1090 "add(), test(), delete(), and those can take any \n" \
1091 "permission defined by your platform.\n" \
1094 /* Permset getset */
1095 static PyGetSetDef Permset_getsets[] = {
1096 {"execute", Permset_get_right, Permset_set_right, __Permset_execute_doc__, (void*)ACL_EXECUTE},
1097 {"read", Permset_get_right, Permset_set_right, __Permset_read_doc__, (void*)ACL_READ},
1098 {"write", Permset_get_right, Permset_set_right, __Permset_write_doc__, (void*)ACL_WRITE},
1102 static char __Permset_Type_doc__[] = \
1103 "Type which represents the permission set in an ACL entry\n" \
1105 "The type exists only if the OS has full support for POSIX.1e\n" \
1106 "Can be created either by:\n" \
1107 " perms = myEntry.permset\n" \
1109 " perms = posix1e.Permset(myEntry)\n" \
1111 "Note that the Permset keeps a reference to its Entry, so even if \n" \
1112 "you delete the entry, it won't be cleaned up and will continue to \n" \
1113 "exist until its Permset will be deleted.\n" \
1116 /* The definition of the Permset Type */
1117 static PyTypeObject Permset_Type = {
1118 PyObject_HEAD_INIT(NULL)
1121 sizeof(Permset_Object),
1123 Permset_dealloc, /* tp_dealloc */
1129 0, /* tp_as_number */
1130 0, /* tp_as_sequence */
1131 0, /* tp_as_mapping */
1134 Permset_str, /* tp_str */
1135 0, /* tp_getattro */
1136 0, /* tp_setattro */
1137 0, /* tp_as_buffer */
1138 Py_TPFLAGS_DEFAULT, /* tp_flags */
1139 __Permset_Type_doc__,/* tp_doc */
1140 0, /* tp_traverse */
1142 0, /* tp_richcompare */
1143 0, /* tp_weaklistoffset */
1145 0, /* tp_iternext */
1146 Permset_methods, /* tp_methods */
1148 Permset_getsets, /* tp_getset */
1151 0, /* tp_descr_get */
1152 0, /* tp_descr_set */
1153 0, /* tp_dictoffset */
1154 Permset_init, /* tp_init */
1156 Permset_new, /* tp_new */
1161 /* Module methods */
1163 static char __deletedef_doc__[] = \
1164 "Delete the default ACL from a directory.\n" \
1166 "This function deletes the default ACL associated with \n" \
1167 "a directory (the ACL which will be ANDed with the mode\n" \
1168 "parameter to the open, creat functions).\n" \
1170 " - a string representing the directory whose default ACL\n" \
1171 " should be deleted\n" \
1174 /* Deletes the default ACL from a directory */
1175 static PyObject* aclmodule_delete_default(PyObject* obj, PyObject* args) {
1178 /* Parse the arguments */
1179 if (!PyArg_ParseTuple(args, "s", &filename))
1182 if(acl_delete_def_file(filename) == -1) {
1183 return PyErr_SetFromErrno(PyExc_IOError);
1186 /* Return the result */
1191 /* The module methods */
1192 static PyMethodDef aclmodule_methods[] = {
1193 {"delete_default", aclmodule_delete_default, METH_VARARGS, __deletedef_doc__},
1194 {NULL, NULL, 0, NULL}
1197 static char __posix1e_doc__[] = \
1198 "POSIX.1e ACLs manipulation\n" \
1200 "This module provides support for manipulating POSIX.1e ACLS\n" \
1202 "Depending on the operating system support for POSIX.1e, \n" \
1203 "the ACL type will have more or less capabilities:\n" \
1204 " - level 1, only basic support, you can create\n" \
1205 " ACLs from files and text descriptions;\n" \
1206 " once created, the type is immutable\n" \
1207 " - level 2, complete support, you can alter\n"\
1208 " the ACL once it is created\n" \
1210 "Also, in level 2, more types are available, corresponding\n" \
1211 "to acl_entry_t (Entry type), acl_permset_t (Permset type).\n" \
1214 ">>> import posix1e\n" \
1215 ">>> acl1 = posix1e.ACL(file=\"file.txt\") \n" \
1216 ">>> print acl1\n" \
1221 ">>> b = posix1e.ACL(text=\"u::rx,g::-,o::-\")\n" \
1227 ">>> b.applyto(\"file.txt\")\n" \
1228 ">>> print posix1e.ACL(file=\"file.txt\")\n" \
1236 void initposix1e(void) {
1239 ACL_Type.ob_type = &PyType_Type;
1240 if(PyType_Ready(&ACL_Type) < 0)
1244 Entry_Type.ob_type = &PyType_Type;
1245 if(PyType_Ready(&Entry_Type) < 0)
1248 Permset_Type.ob_type = &PyType_Type;
1249 if(PyType_Ready(&Permset_Type) < 0)
1253 m = Py_InitModule3("posix1e", aclmodule_methods, __posix1e_doc__);
1255 d = PyModule_GetDict(m);
1259 Py_INCREF(&ACL_Type);
1260 if (PyDict_SetItemString(d, "ACL",
1261 (PyObject *) &ACL_Type) < 0)
1264 /* 23.3.6 acl_type_t values */
1265 PyModule_AddIntConstant(m, "ACL_TYPE_ACCESS", ACL_TYPE_ACCESS);
1266 PyModule_AddIntConstant(m, "ACL_TYPE_DEFAULT", ACL_TYPE_DEFAULT);
1270 Py_INCREF(&Entry_Type);
1271 if (PyDict_SetItemString(d, "Entry",
1272 (PyObject *) &Entry_Type) < 0)
1275 Py_INCREF(&Permset_Type);
1276 if (PyDict_SetItemString(d, "Permset",
1277 (PyObject *) &Permset_Type) < 0)
1280 /* 23.2.2 acl_perm_t values */
1281 PyModule_AddIntConstant(m, "ACL_READ", ACL_READ);
1282 PyModule_AddIntConstant(m, "ACL_WRITE", ACL_WRITE);
1283 PyModule_AddIntConstant(m, "ACL_EXECUTE", ACL_EXECUTE);
1285 /* 23.2.5 acl_tag_t values */
1286 PyModule_AddIntConstant(m, "ACL_UNDEFINED_TAG", ACL_UNDEFINED_TAG);
1287 PyModule_AddIntConstant(m, "ACL_USER_OBJ", ACL_USER_OBJ);
1288 PyModule_AddIntConstant(m, "ACL_USER", ACL_USER);
1289 PyModule_AddIntConstant(m, "ACL_GROUP_OBJ", ACL_GROUP_OBJ);
1290 PyModule_AddIntConstant(m, "ACL_GROUP", ACL_GROUP);
1291 PyModule_AddIntConstant(m, "ACL_MASK", ACL_MASK);
1292 PyModule_AddIntConstant(m, "ACL_OTHER", ACL_OTHER);
projects / pylibacl.git / blob