10 staticforward PyTypeObject ACL_Type;
11 static PyObject* ACL_applyto(PyObject* obj, PyObject* args);
12 static PyObject* ACL_valid(PyObject* obj, PyObject* args);
15 static PyObject* ACL_get_state(PyObject *obj, PyObject* args);
16 static PyObject* ACL_set_state(PyObject *obj, PyObject* args);
18 staticforward PyTypeObject Entry_Type;
19 staticforward PyTypeObject Permset_Type;
20 static PyObject* Permset_new(PyTypeObject* type, PyObject* args, PyObject *keywds);
33 PyObject *parent_acl; /* The parent acl, so it won't run out on us */
39 PyObject *parent_entry; /* The parent entry, so it won't run out on us */
40 acl_permset_t permset;
45 /* Creation of a new ACL instance */
46 static PyObject* ACL_new(PyTypeObject* type, PyObject* args, PyObject *keywds) {
49 newacl = type->tp_alloc(type, 0);
52 ((ACL_Object*)newacl)->acl = NULL;
53 ((ACL_Object*)newacl)->entry_id = ACL_FIRST_ENTRY;
59 /* Initialization of a new ACL instance */
60 static int ACL_init(PyObject* obj, PyObject* args, PyObject *keywds) {
61 ACL_Object* self = (ACL_Object*) obj;
62 static char *kwlist[] = { "file", "fd", "text", "acl", "filedef", NULL };
67 ACL_Object* thesrc = NULL;
69 if(!PyTuple_Check(args) || PyTuple_Size(args) != 0 ||
70 (keywds != NULL && PyDict_Check(keywds) && PyDict_Size(keywds) > 1)) {
71 PyErr_SetString(PyExc_ValueError, "a max of one keyword argument must be passed");
74 if(!PyArg_ParseTupleAndKeywords(args, keywds, "|sisO!s", kwlist,
75 &file, &fd, &text, &ACL_Type, &thesrc, &filedef))
78 /* Free the old acl_t without checking for error, we don't
84 self->acl = acl_get_file(file, ACL_TYPE_ACCESS);
86 self->acl = acl_from_text(text);
88 self->acl = acl_get_fd(fd);
89 else if(thesrc != NULL)
90 self->acl = acl_dup(thesrc->acl);
91 else if(filedef != NULL)
92 self->acl = acl_get_file(filedef, ACL_TYPE_DEFAULT);
94 self->acl = acl_init(0);
96 if(self->acl == NULL) {
97 PyErr_SetFromErrno(PyExc_IOError);
104 /* Standard type functions */
105 static void ACL_dealloc(PyObject* obj) {
106 ACL_Object *self = (ACL_Object*) obj;
107 PyObject *err_type, *err_value, *err_traceback;
108 int have_error = PyErr_Occurred() ? 1 : 0;
111 PyErr_Fetch(&err_type, &err_value, &err_traceback);
112 if(self->acl != NULL && acl_free(self->acl) != 0)
113 PyErr_WriteUnraisable(obj);
115 PyErr_Restore(err_type, err_value, err_traceback);
119 /* Converts the acl to a text format */
120 static PyObject* ACL_str(PyObject *obj) {
122 ACL_Object *self = (ACL_Object*) obj;
125 text = acl_to_text(self->acl, NULL);
127 return PyErr_SetFromErrno(PyExc_IOError);
129 ret = PyString_FromString(text);
130 if(acl_free(text) != 0) {
132 return PyErr_SetFromErrno(PyExc_IOError);
138 static char __applyto_doc__[] = \
139 "Apply the ACL to a file or filehandle.\n" \
142 " - either a filename or a file-like object or an integer; this\n" \
143 " represents the filesystem object on which to act\n" \
144 " - optional flag representing the type of ACL to set, either\n" \
145 " ACL_TYPE_ACCESS (default) or ACL_TYPE_DEFAULT\n" \
148 /* Applyes the ACL to a file */
149 static PyObject* ACL_applyto(PyObject* obj, PyObject* args) {
150 ACL_Object *self = (ACL_Object*) obj;
152 acl_type_t type = ACL_TYPE_ACCESS;
156 if (!PyArg_ParseTuple(args, "O|i", &myarg, &type))
159 if(PyString_Check(myarg)) {
160 char *filename = PyString_AS_STRING(myarg);
161 nret = acl_set_file(filename, type, self->acl);
162 } else if((fd = PyObject_AsFileDescriptor(myarg)) != -1) {
163 nret = acl_set_fd(fd, self->acl);
165 PyErr_SetString(PyExc_TypeError, "argument 1 must be string, int, or file-like object");
169 return PyErr_SetFromErrno(PyExc_IOError);
172 /* Return the result */
177 static char __valid_doc__[] = \
178 "Test the ACL for validity.\n" \
180 "This method tests the ACL to see if it is a valid ACL\n" \
181 "in terms of the filesystem. More precisely, it checks:\n" \
182 "A valid ACL contains exactly one entry with each of the ACL_USER_OBJ,\n" \
183 "ACL_GROUP_OBJ, and ACL_OTHER tag types. Entries with ACL_USER and\n" \
184 "ACL_GROUP tag types may appear zero or more times in an ACL. An ACL that\n" \
185 "contains entries of ACL_USER or ACL_GROUP tag types must contain exactly\n" \
186 "one entry of the ACL_MASK tag type. If an ACL contains no entries of\n" \
187 "ACL_USER or ACL_GROUP tag types, the ACL_MASK entry is optional.\n" \
189 "All user ID qualifiers must be unique among all entries of ACL_USER tag\n" \
190 "type, and all group IDs must be unique among all entries of ACL_GROUP tag\n" \
193 "The method will return 1 for a valid ACL and 0 for an invalid one.\n" \
194 "This has been chosen because the specification for acl_valid in POSIX.1e\n" \
195 "documents only one possible value for errno in case of an invalid ACL, \n" \
196 "so we can't differentiate between classes of errors. Other suggestions \n" \
200 /* Checks the ACL for validity */
201 static PyObject* ACL_valid(PyObject* obj, PyObject* args) {
202 ACL_Object *self = (ACL_Object*) obj;
204 if(acl_valid(self->acl) == -1) {
215 static PyObject* ACL_get_state(PyObject *obj, PyObject* args) {
216 ACL_Object *self = (ACL_Object*) obj;
221 size = acl_size(self->acl);
223 return PyErr_SetFromErrno(PyExc_IOError);
225 if((ret = PyString_FromStringAndSize(NULL, size)) == NULL)
227 buf = PyString_AsString(ret);
229 if((nsize = acl_copy_ext(buf, self->acl, size)) == -1) {
231 return PyErr_SetFromErrno(PyExc_IOError);
237 static PyObject* ACL_set_state(PyObject *obj, PyObject* args) {
238 ACL_Object *self = (ACL_Object*) obj;
243 /* Parse the argument */
244 if (!PyArg_ParseTuple(args, "s#", &buf, &bufsize))
247 /* Try to import the external representation */
248 if((ptr = acl_copy_int(buf)) == NULL)
249 return PyErr_SetFromErrno(PyExc_IOError);
251 /* Free the old acl. Should we ignore errors here? */
252 if(self->acl != NULL) {
253 if(acl_free(self->acl) == -1)
254 return PyErr_SetFromErrno(PyExc_IOError);
259 /* Return the result */
264 /* tp_iter for the ACL type; since it can be iterated only
265 * destructively, the type is its iterator
267 static PyObject* ACL_iter(PyObject *obj) {
268 ACL_Object *self = (ACL_Object*)obj;
269 self->entry_id = ACL_FIRST_ENTRY;
274 /* the tp_iternext function for the ACL type */
275 static PyObject* ACL_iternext(PyObject *obj) {
276 ACL_Object *self = (ACL_Object*)obj;
277 acl_entry_t the_entry_t;
278 Entry_Object *the_entry_obj;
281 nerr = acl_get_entry(self->acl, self->entry_id, &the_entry_t);
282 self->entry_id = ACL_NEXT_ENTRY;
284 return PyErr_SetFromErrno(PyExc_IOError);
286 /* Docs says this is not needed */
287 /*PyErr_SetObject(PyExc_StopIteration, Py_None);*/
291 the_entry_obj = (Entry_Object*) PyType_GenericNew(&Entry_Type, NULL, NULL);
292 if(the_entry_obj == NULL)
295 the_entry_obj->entry = the_entry_t;
297 the_entry_obj->parent_acl = obj;
298 Py_INCREF(obj); /* For the reference we have in entry->parent */
300 return (PyObject*)the_entry_obj;
303 static char __ACL_delete_entry_doc__[] = \
304 "Deletes an entry from the ACL.\n" \
306 "Note: Only with level 2\n" \
308 " - the Entry object which should be deleted; note that after\n" \
309 " this function is called, that object is unusable any longer\n" \
310 " and should be deleted\n" \
313 /* Deletes an entry from the ACL */
314 static PyObject* ACL_delete_entry(PyObject *obj, PyObject *args) {
315 ACL_Object *self = (ACL_Object*)obj;
318 if (!PyArg_ParseTuple(args, "O!", &Entry_Type, &e))
321 if(acl_delete_entry(self->acl, e->entry) == -1)
322 return PyErr_SetFromErrno(PyExc_IOError);
324 /* Return the result */
329 static char __ACL_calc_mask_doc__[] = \
330 "Compute the file group class mask.\n" \
332 "The calc_mask() method calculates and sets the permissions \n" \
333 "associated with the ACL_MASK Entry of the ACL.\n" \
334 "The value of the new permissions is the union of the permissions \n" \
335 "granted by all entries of tag type ACL_GROUP, ACL_GROUP_OBJ, or \n" \
336 "ACL_USER. If the ACL already contains an ACL_MASK entry, its \n" \
337 "permissions are overwritten; if it does not contain an ACL_MASK \n" \
338 "Entry, one is added.\n" \
340 "The order of existing entries in the ACL is undefined after this \n" \
344 /* Updates the mask entry in the ACL */
345 static PyObject* ACL_calc_mask(PyObject *obj, PyObject *args) {
346 ACL_Object *self = (ACL_Object*)obj;
348 if(acl_calc_mask(&self->acl) == -1)
349 return PyErr_SetFromErrno(PyExc_IOError);
351 /* Return the result */
356 static char __ACL_append_doc__[] = \
357 "Append a new Entry to the ACL and return it.\n" \
359 "This is a convenience function to create a new Entry \n" \
360 "and append it to the ACL.\n" \
361 "If a parameter of type Entry instance is given, the \n" \
362 "entry will be a copy of that one (as if copied with \n" \
363 "Entry.copy()), otherwise, the new entry will be empty.\n" \
366 /* Convenience method to create a new Entry */
367 static PyObject* ACL_append(PyObject *obj, PyObject *args) {
368 ACL_Object* self = (ACL_Object*) obj;
369 Entry_Object* newentry;
370 Entry_Object* oldentry = NULL;
373 newentry = (Entry_Object*)PyType_GenericNew(&Entry_Type, NULL, NULL);
374 if(newentry == NULL) {
378 if (!PyArg_ParseTuple(args, "|O!", &Entry_Type, &oldentry))
381 nret = acl_create_entry(&self->acl, &newentry->entry);
384 return PyErr_SetFromErrno(PyExc_IOError);
387 if(oldentry != NULL) {
388 nret = acl_copy_entry(newentry->entry, oldentry->entry);
391 return PyErr_SetFromErrno(PyExc_IOError);
395 newentry->parent_acl = obj;
398 return (PyObject*)newentry;
401 /***** Entry type *****/
403 /* Creation of a new Entry instance */
404 static PyObject* Entry_new(PyTypeObject* type, PyObject* args, PyObject *keywds) {
407 newentry = PyType_GenericNew(type, args, keywds);
409 if(newentry != NULL) {
410 ((Entry_Object*)newentry)->entry = NULL;
411 ((Entry_Object*)newentry)->parent_acl = NULL;
417 /* Initialization of a new Entry instance */
418 static int Entry_init(PyObject* obj, PyObject* args, PyObject *keywds) {
419 Entry_Object* self = (Entry_Object*) obj;
420 ACL_Object* parent = NULL;
422 if (!PyArg_ParseTuple(args, "O!", &ACL_Type, &parent))
425 if(acl_create_entry(&parent->acl, &self->entry) == -1) {
426 PyErr_SetFromErrno(PyExc_IOError);
430 self->parent_acl = (PyObject*)parent;
436 /* Free the Entry instance */
437 static void Entry_dealloc(PyObject* obj) {
438 Entry_Object *self = (Entry_Object*) obj;
439 PyObject *err_type, *err_value, *err_traceback;
440 int have_error = PyErr_Occurred() ? 1 : 0;
443 PyErr_Fetch(&err_type, &err_value, &err_traceback);
444 if(self->parent_acl != NULL) {
445 Py_DECREF(self->parent_acl);
446 self->parent_acl = NULL;
449 PyErr_Restore(err_type, err_value, err_traceback);
453 /* Converts the entry to a text format */
454 static PyObject* Entry_str(PyObject *obj) {
459 PyObject *format, *list;
460 Entry_Object *self = (Entry_Object*) obj;
462 if(acl_get_tag_type(self->entry, &tag) == -1) {
463 PyErr_SetFromErrno(PyExc_IOError);
466 if(tag == ACL_USER || tag == ACL_GROUP) {
467 if((p = acl_get_qualifier(self->entry)) == NULL) {
468 PyErr_SetFromErrno(PyExc_IOError);
471 qualifier = *(uid_t*)p;
477 format = PyString_FromString("ACL entry for %s");
480 list = PyTuple_New(1);
481 if(tag == ACL_UNDEFINED_TAG) {
482 PyTuple_SetItem(list, 0, PyString_FromString("undefined type"));
483 } else if(tag == ACL_USER_OBJ) {
484 PyTuple_SetItem(list, 0, PyString_FromString("the owner"));
485 } else if(tag == ACL_GROUP_OBJ) {
486 PyTuple_SetItem(list, 0, PyString_FromString("the group"));
487 } else if(tag == ACL_OTHER) {
488 PyTuple_SetItem(list, 0, PyString_FromString("the others"));
489 } else if(tag == ACL_USER) {
490 PyTuple_SetItem(list, 0, PyString_FromFormat("user with uid %d", qualifier));
491 } else if(tag == ACL_GROUP) {
492 PyTuple_SetItem(list, 0, PyString_FromFormat("group with gid %d", qualifier));
493 } else if(tag == ACL_MASK) {
494 PyTuple_SetItem(list, 0, PyString_FromString("the mask"));
496 PyTuple_SetItem(list, 0, PyString_FromString("UNKNOWN_TAG_TYPE!"));
498 ret = PyString_Format(format, list);
504 /* Sets the tag type of the entry */
505 static int Entry_set_tag_type(PyObject* obj, PyObject* value, void* arg) {
506 Entry_Object *self = (Entry_Object*) obj;
509 PyErr_SetString(PyExc_TypeError,
510 "tag type deletion is not supported");
514 if(!PyInt_Check(value)) {
515 PyErr_SetString(PyExc_TypeError,
516 "tag type must be integer");
519 if(acl_set_tag_type(self->entry, (acl_tag_t)PyInt_AsLong(value)) == -1) {
520 PyErr_SetFromErrno(PyExc_IOError);
527 /* Returns the tag type of the entry */
528 static PyObject* Entry_get_tag_type(PyObject *obj, void* arg) {
529 Entry_Object *self = (Entry_Object*) obj;
532 if (self->entry == NULL) {
533 PyErr_SetString(PyExc_AttributeError, "entry attribute");
536 if(acl_get_tag_type(self->entry, &value) == -1) {
537 PyErr_SetFromErrno(PyExc_IOError);
541 return PyInt_FromLong(value);
544 /* Sets the qualifier (either uid_t or gid_t) for the entry,
545 * usable only if the tag type if ACL_USER or ACL_GROUP
547 static int Entry_set_qualifier(PyObject* obj, PyObject* value, void* arg) {
548 Entry_Object *self = (Entry_Object*) obj;
552 PyErr_SetString(PyExc_TypeError,
553 "qualifier deletion is not supported");
557 if(!PyInt_Check(value)) {
558 PyErr_SetString(PyExc_TypeError,
559 "tag type must be integer");
562 uidgid = PyInt_AsLong(value);
563 if(acl_set_qualifier(self->entry, (void*)&uidgid) == -1) {
564 PyErr_SetFromErrno(PyExc_IOError);
571 /* Returns the qualifier of the entry */
572 static PyObject* Entry_get_qualifier(PyObject *obj, void* arg) {
573 Entry_Object *self = (Entry_Object*) obj;
577 if (self->entry == NULL) {
578 PyErr_SetString(PyExc_AttributeError, "entry attribute");
581 if((p = acl_get_qualifier(self->entry)) == NULL) {
582 PyErr_SetFromErrno(PyExc_IOError);
588 return PyInt_FromLong(value);
591 /* Returns the parent ACL of the entry */
592 static PyObject* Entry_get_parent(PyObject *obj, void* arg) {
593 Entry_Object *self = (Entry_Object*) obj;
595 Py_INCREF(self->parent_acl);
596 return self->parent_acl;
599 /* Returns the a new Permset representing the permset of the entry
600 * FIXME: Should return a new reference to the same object, which
601 * should be created at init time!
603 static PyObject* Entry_get_permset(PyObject *obj, void* arg) {
604 Entry_Object *self = (Entry_Object*)obj;
608 p = Permset_new(&Permset_Type, NULL, NULL);
611 ps = (Permset_Object*)p;
612 if(acl_get_permset(self->entry, &ps->permset) == -1) {
613 PyErr_SetFromErrno(PyExc_IOError);
616 ps->parent_entry = obj;
622 /* Sets the permset of the entry to the passed Permset */
623 static int Entry_set_permset(PyObject* obj, PyObject* value, void* arg) {
624 Entry_Object *self = (Entry_Object*)obj;
627 if(!PyObject_IsInstance(value, (PyObject*)&Permset_Type)) {
628 PyErr_SetString(PyExc_TypeError, "argument 1 must be posix1e.Permset");
631 p = (Permset_Object*)value;
632 if(acl_set_permset(self->entry, p->permset) == -1) {
633 PyErr_SetFromErrno(PyExc_IOError);
639 static char __Entry_copy_doc__[] = \
640 "Copy an ACL entry.\n" \
642 "This method sets all the parameters to those of another\n" \
643 "entry, even one of another's ACL\n" \
645 " - src, instance of type Entry\n" \
648 /* Sets all the entry parameters to another's entry */
649 static PyObject* Entry_copy(PyObject *obj, PyObject *args) {
650 Entry_Object *self = (Entry_Object*)obj;
653 if(!PyArg_ParseTuple(args, "O!", &Entry_Type, &other))
656 if(acl_copy_entry(self->entry, other->entry) == -1)
657 return PyErr_SetFromErrno(PyExc_IOError);
663 /**** Permset type *****/
665 /* Creation of a new Permset instance */
666 static PyObject* Permset_new(PyTypeObject* type, PyObject* args, PyObject *keywds) {
667 PyObject* newpermset;
669 newpermset = PyType_GenericNew(type, args, keywds);
671 if(newpermset != NULL) {
672 ((Permset_Object*)newpermset)->permset = NULL;
673 ((Permset_Object*)newpermset)->parent_entry = NULL;
679 /* Initialization of a new Permset instance */
680 static int Permset_init(PyObject* obj, PyObject* args, PyObject *keywds) {
681 Permset_Object* self = (Permset_Object*) obj;
682 Entry_Object* parent = NULL;
684 if (!PyArg_ParseTuple(args, "O!", &Entry_Type, &parent))
687 if(acl_get_permset(parent->entry, &self->permset) == -1) {
688 PyErr_SetFromErrno(PyExc_IOError);
692 self->parent_entry = (PyObject*)parent;
698 /* Free the Permset instance */
699 static void Permset_dealloc(PyObject* obj) {
700 Permset_Object *self = (Permset_Object*) obj;
701 PyObject *err_type, *err_value, *err_traceback;
702 int have_error = PyErr_Occurred() ? 1 : 0;
705 PyErr_Fetch(&err_type, &err_value, &err_traceback);
706 if(self->parent_entry != NULL) {
707 Py_DECREF(self->parent_entry);
708 self->parent_entry = NULL;
711 PyErr_Restore(err_type, err_value, err_traceback);
715 /* Permset string representation */
716 static PyObject* Permset_str(PyObject *obj) {
717 Permset_Object *self = (Permset_Object*) obj;
720 pstr[0] = get_perm(self->permset, ACL_READ) ? 'r' : '-';
721 pstr[1] = get_perm(self->permset, ACL_WRITE) ? 'w' : '-';
722 pstr[2] = get_perm(self->permset, ACL_EXECUTE) ? 'x' : '-';
723 return PyString_FromStringAndSize(pstr, 3);
726 static char __Permset_clear_doc__[] = \
727 "Clear all permissions from the permission set.\n" \
730 /* Clears all permissions from the permset */
731 static PyObject* Permset_clear(PyObject* obj, PyObject* args) {
732 Permset_Object *self = (Permset_Object*) obj;
734 if(acl_clear_perms(self->permset) == -1)
735 return PyErr_SetFromErrno(PyExc_IOError);
737 /* Return the result */
742 static PyObject* Permset_get_right(PyObject *obj, void* arg) {
743 Permset_Object *self = (Permset_Object*) obj;
745 if(get_perm(self->permset, (int)arg)) {
754 static int Permset_set_right(PyObject* obj, PyObject* value, void* arg) {
755 Permset_Object *self = (Permset_Object*) obj;
759 if(!PyInt_Check(value)) {
760 PyErr_SetString(PyExc_ValueError, "a maximum of one argument must be passed");
763 on = PyInt_AsLong(value);
765 nerr = acl_add_perm(self->permset, (int)arg);
767 nerr = acl_delete_perm(self->permset, (int)arg);
769 PyErr_SetFromErrno(PyExc_IOError);
775 static char __Permset_add_doc__[] = \
776 "Add a permission to the permission set.\n" \
778 "The add() function adds the permission contained in \n" \
779 "the argument perm to the permission set. An attempt \n" \
780 "to add a permission that is already contained in the \n" \
781 "permission set is not considered an error.\n" \
783 " - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...\n" \
786 "Can raise: IOError\n" \
789 static PyObject* Permset_add(PyObject* obj, PyObject* args) {
790 Permset_Object *self = (Permset_Object*) obj;
793 if (!PyArg_ParseTuple(args, "i", &right))
796 if(acl_add_perm(self->permset, (acl_perm_t) right) == -1)
797 return PyErr_SetFromErrno(PyExc_IOError);
799 /* Return the result */
804 static char __Permset_delete_doc__[] = \
805 "Delete a permission from the permission set.\n" \
807 "The delete() function deletes the permission contained in \n" \
808 "the argument perm from the permission set. An attempt \n" \
809 "to delete a permission that is not contained in the \n" \
810 "permission set is not considered an error.\n" \
812 " - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...\n" \
815 "Can raise: IOError\n" \
818 static PyObject* Permset_delete(PyObject* obj, PyObject* args) {
819 Permset_Object *self = (Permset_Object*) obj;
822 if (!PyArg_ParseTuple(args, "i", &right))
825 if(acl_delete_perm(self->permset, (acl_perm_t) right) == -1)
826 return PyErr_SetFromErrno(PyExc_IOError);
828 /* Return the result */
833 static char __Permset_test_doc__[] = \
834 "Test if a permission exists in the permission set.\n" \
836 "The test() function tests if the permission contained in \n" \
837 "the argument perm exits the permission set.\n" \
839 " - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...\n" \
842 "Can raise: IOError\n" \
845 static PyObject* Permset_test(PyObject* obj, PyObject* args) {
846 Permset_Object *self = (Permset_Object*) obj;
850 if (!PyArg_ParseTuple(args, "i", &right))
853 ret = get_perm(self->permset, (acl_perm_t) right);
855 return PyErr_SetFromErrno(PyExc_IOError);
868 static char __ACL_Type_doc__[] = \
869 "Type which represents a POSIX ACL\n" \
872 " Only one keword parameter should be provided:\n"
873 " - file=\"...\", meaning create ACL representing\n"
874 " the access ACL of that file\n" \
875 " - filedef=\"...\", meaning create ACL representing\n"
876 " the default ACL of that directory\n" \
877 " - fd=<int>, meaning create ACL representing\n" \
878 " the access ACL of that file descriptor\n" \
879 " - text=\"...\", meaning create ACL from a \n" \
880 " textual description\n" \
881 " - acl=<ACL instance>, meaning create a copy\n" \
882 " of an existing ACL instance\n" \
883 "If no parameters are passed, create an empty ACL; this\n" \
884 "makes sense only when your OS supports ACL modification\n" \
885 " (i.e. it implements full POSIX.1e support)\n" \
888 /* ACL type methods */
889 static PyMethodDef ACL_methods[] = {
890 {"applyto", ACL_applyto, METH_VARARGS, __applyto_doc__},
891 {"valid", ACL_valid, METH_NOARGS, __valid_doc__},
893 {"__getstate__", ACL_get_state, METH_NOARGS, "Dumps the ACL to an external format."},
894 {"__setstate__", ACL_set_state, METH_VARARGS, "Loads the ACL from an external format."},
895 {"delete_entry", ACL_delete_entry, METH_VARARGS, __ACL_delete_entry_doc__},
896 {"calc_mask", ACL_calc_mask, METH_NOARGS, __ACL_calc_mask_doc__},
897 {"append", ACL_append, METH_VARARGS, __ACL_append_doc__},
899 {NULL, NULL, 0, NULL}
903 /* The definition of the ACL Type */
904 static PyTypeObject ACL_Type = {
905 PyObject_HEAD_INIT(NULL)
910 ACL_dealloc, /* tp_dealloc */
916 0, /* tp_as_number */
917 0, /* tp_as_sequence */
918 0, /* tp_as_mapping */
921 ACL_str, /* tp_str */
924 0, /* tp_as_buffer */
925 Py_TPFLAGS_DEFAULT, /* tp_flags */
926 __ACL_Type_doc__, /* tp_doc */
929 0, /* tp_richcompare */
930 0, /* tp_weaklistoffset */
938 ACL_methods, /* tp_methods */
943 0, /* tp_descr_get */
944 0, /* tp_descr_set */
945 0, /* tp_dictoffset */
946 ACL_init, /* tp_init */
948 ACL_new, /* tp_new */
953 /* Entry type methods */
954 static PyMethodDef Entry_methods[] = {
955 {"copy", Entry_copy, METH_VARARGS, __Entry_copy_doc__},
956 {NULL, NULL, 0, NULL}
959 static char __Entry_tagtype_doc__[] = \
960 "The tag type of the current entry\n" \
962 "This is one of:\n" \
963 " - ACL_UNDEFINED_TAG\n" \
964 " - ACL_USER_OBJ\n" \
966 " - ACL_GROUP_OBJ\n" \
972 static char __Entry_qualifier_doc__[] = \
973 "The qualifier of the current entry\n" \
975 "If the tag type is ACL_USER, this should be a user id.\n" \
976 "If the tag type if ACL_GROUP, this should be a group id.\n" \
977 "Else, it doesn't matter.\n" \
980 static char __Entry_parent_doc__[] = \
981 "The parent ACL of this entry\n" \
984 static char __Entry_permset_doc__[] = \
985 "The permission set of this ACL entry\n" \
989 static PyGetSetDef Entry_getsets[] = {
990 {"tag_type", Entry_get_tag_type, Entry_set_tag_type, __Entry_tagtype_doc__},
991 {"qualifier", Entry_get_qualifier, Entry_set_qualifier, __Entry_qualifier_doc__},
992 {"parent", Entry_get_parent, NULL, __Entry_parent_doc__},
993 {"permset", Entry_get_permset, Entry_set_permset, __Entry_permset_doc__},
997 static char __Entry_Type_doc__[] = \
998 "Type which represents an entry in an ACL.\n" \
1000 "The type exists only if the OS has full support for POSIX.1e\n" \
1001 "Can be created either by:\n" \
1002 " e = posix1e.Entry(myACL) # this creates a new entry in the ACL\n" \
1004 " for entry in myACL:\n" \
1007 "Note that the Entry keeps a reference to its ACL, so even if \n" \
1008 "you delete the ACL, it won't be cleaned up and will continue to \n" \
1009 "exist until its Entry(ies) will be deleted.\n" \
1011 /* The definition of the Entry Type */
1012 static PyTypeObject Entry_Type = {
1013 PyObject_HEAD_INIT(NULL)
1016 sizeof(Entry_Object),
1018 Entry_dealloc, /* tp_dealloc */
1024 0, /* tp_as_number */
1025 0, /* tp_as_sequence */
1026 0, /* tp_as_mapping */
1029 Entry_str, /* tp_str */
1030 0, /* tp_getattro */
1031 0, /* tp_setattro */
1032 0, /* tp_as_buffer */
1033 Py_TPFLAGS_DEFAULT, /* tp_flags */
1034 __Entry_Type_doc__, /* tp_doc */
1035 0, /* tp_traverse */
1037 0, /* tp_richcompare */
1038 0, /* tp_weaklistoffset */
1040 0, /* tp_iternext */
1041 Entry_methods, /* tp_methods */
1043 Entry_getsets, /* tp_getset */
1046 0, /* tp_descr_get */
1047 0, /* tp_descr_set */
1048 0, /* tp_dictoffset */
1049 Entry_init, /* tp_init */
1051 Entry_new, /* tp_new */
1054 /* Permset type methods */
1055 static PyMethodDef Permset_methods[] = {
1056 {"clear", Permset_clear, METH_NOARGS, __Permset_clear_doc__, },
1057 {"add", Permset_add, METH_VARARGS, __Permset_add_doc__, },
1058 {"delete", Permset_delete, METH_VARARGS, __Permset_delete_doc__, },
1059 {"test", Permset_test, METH_VARARGS, __Permset_test_doc__, },
1060 {NULL, NULL, 0, NULL}
1063 static char __Permset_execute_doc__[] = \
1064 "Execute permsission\n" \
1066 "This is a convenience method of access; the \n" \
1067 "same effect can be achieved using the functions\n" \
1068 "add(), test(), delete(), and those can take any \n" \
1069 "permission defined by your platform.\n" \
1072 static char __Permset_read_doc__[] = \
1073 "Read permsission\n" \
1075 "This is a convenience method of access; the \n" \
1076 "same effect can be achieved using the functions\n" \
1077 "add(), test(), delete(), and those can take any \n" \
1078 "permission defined by your platform.\n" \
1081 static char __Permset_write_doc__[] = \
1082 "Write permsission\n" \
1084 "This is a convenience method of access; the \n" \
1085 "same effect can be achieved using the functions\n" \
1086 "add(), test(), delete(), and those can take any \n" \
1087 "permission defined by your platform.\n" \
1090 /* Permset getset */
1091 static PyGetSetDef Permset_getsets[] = {
1092 {"execute", Permset_get_right, Permset_set_right, __Permset_execute_doc__, (void*)ACL_EXECUTE},
1093 {"read", Permset_get_right, Permset_set_right, __Permset_read_doc__, (void*)ACL_READ},
1094 {"write", Permset_get_right, Permset_set_right, __Permset_write_doc__, (void*)ACL_WRITE},
1098 static char __Permset_Type_doc__[] = \
1099 "Type which represents the permission set in an ACL entry\n" \
1101 "The type exists only if the OS has full support for POSIX.1e\n" \
1102 "Can be created either by:\n" \
1103 " perms = myEntry.permset\n" \
1105 " perms = posix1e.Permset(myEntry)\n" \
1107 "Note that the Permset keeps a reference to its Entry, so even if \n" \
1108 "you delete the entry, it won't be cleaned up and will continue to \n" \
1109 "exist until its Permset will be deleted.\n" \
1112 /* The definition of the Permset Type */
1113 static PyTypeObject Permset_Type = {
1114 PyObject_HEAD_INIT(NULL)
1117 sizeof(Permset_Object),
1119 Permset_dealloc, /* tp_dealloc */
1125 0, /* tp_as_number */
1126 0, /* tp_as_sequence */
1127 0, /* tp_as_mapping */
1130 Permset_str, /* tp_str */
1131 0, /* tp_getattro */
1132 0, /* tp_setattro */
1133 0, /* tp_as_buffer */
1134 Py_TPFLAGS_DEFAULT, /* tp_flags */
1135 __Permset_Type_doc__,/* tp_doc */
1136 0, /* tp_traverse */
1138 0, /* tp_richcompare */
1139 0, /* tp_weaklistoffset */
1141 0, /* tp_iternext */
1142 Permset_methods, /* tp_methods */
1144 Permset_getsets, /* tp_getset */
1147 0, /* tp_descr_get */
1148 0, /* tp_descr_set */
1149 0, /* tp_dictoffset */
1150 Permset_init, /* tp_init */
1152 Permset_new, /* tp_new */
1157 /* Module methods */
1159 static char __deletedef_doc__[] = \
1160 "Delete the default ACL from a directory.\n" \
1162 "This function deletes the default ACL associated with \n" \
1163 "a directory (the ACL which will be ANDed with the mode\n" \
1164 "parameter to the open, creat functions).\n" \
1166 " - a string representing the directory whose default ACL\n" \
1167 " should be deleted\n" \
1170 /* Deletes the default ACL from a directory */
1171 static PyObject* aclmodule_delete_default(PyObject* obj, PyObject* args) {
1174 /* Parse the arguments */
1175 if (!PyArg_ParseTuple(args, "s", &filename))
1178 if(acl_delete_def_file(filename) == -1) {
1179 return PyErr_SetFromErrno(PyExc_IOError);
1182 /* Return the result */
1187 /* The module methods */
1188 static PyMethodDef aclmodule_methods[] = {
1189 {"delete_default", aclmodule_delete_default, METH_VARARGS, __deletedef_doc__},
1190 {NULL, NULL, 0, NULL}
1193 static char __posix1e_doc__[] = \
1194 "POSIX.1e ACLs manipulation\n" \
1196 "This module provides support for manipulating POSIX.1e ACLS\n" \
1198 "Depending on the operating system support for POSIX.1e, \n" \
1199 "the ACL type will have more or less capabilities:\n" \
1200 " - level 1, only basic support, you can create\n" \
1201 " ACLs from files and text descriptions;\n" \
1202 " once created, the type is immutable\n" \
1203 " - level 2, complete support, you can alter\n"\
1204 " the ACL once it is created\n" \
1206 "Also, in level 2, more types are available, corresponding\n" \
1207 "to acl_entry_t (Entry type), acl_permset_t (Permset type).\n" \
1210 ">>> import posix1e\n" \
1211 ">>> acl1 = posix1e.ACL(file=\"file.txt\") \n" \
1212 ">>> print acl1\n" \
1217 ">>> b = posix1e.ACL(text=\"u::rx,g::-,o::-\")\n" \
1223 ">>> b.applyto(\"file.txt\")\n" \
1224 ">>> print posix1e.ACL(file=\"file.txt\")\n" \
1232 void initposix1e(void) {
1235 ACL_Type.ob_type = &PyType_Type;
1236 if(PyType_Ready(&ACL_Type) < 0)
1240 Entry_Type.ob_type = &PyType_Type;
1241 if(PyType_Ready(&Entry_Type) < 0)
1244 Permset_Type.ob_type = &PyType_Type;
1245 if(PyType_Ready(&Permset_Type) < 0)
1249 m = Py_InitModule3("posix1e", aclmodule_methods, __posix1e_doc__);
1251 d = PyModule_GetDict(m);
1255 Py_INCREF(&ACL_Type);
1256 if (PyDict_SetItemString(d, "ACL",
1257 (PyObject *) &ACL_Type) < 0)
1260 /* 23.3.6 acl_type_t values */
1261 PyModule_AddIntConstant(m, "ACL_TYPE_ACCESS", ACL_TYPE_ACCESS);
1262 PyModule_AddIntConstant(m, "ACL_TYPE_DEFAULT", ACL_TYPE_DEFAULT);
1266 Py_INCREF(&Entry_Type);
1267 if (PyDict_SetItemString(d, "Entry",
1268 (PyObject *) &Entry_Type) < 0)
1271 Py_INCREF(&Permset_Type);
1272 if (PyDict_SetItemString(d, "Permset",
1273 (PyObject *) &Permset_Type) < 0)
1276 /* 23.2.2 acl_perm_t values */
1277 PyModule_AddIntConstant(m, "ACL_READ", ACL_READ);
1278 PyModule_AddIntConstant(m, "ACL_WRITE", ACL_WRITE);
1279 PyModule_AddIntConstant(m, "ACL_EXECUTE", ACL_EXECUTE);
1281 /* 23.2.5 acl_tag_t values */
1282 PyModule_AddIntConstant(m, "ACL_UNDEFINED_TAG", ACL_UNDEFINED_TAG);
1283 PyModule_AddIntConstant(m, "ACL_USER_OBJ", ACL_USER_OBJ);
1284 PyModule_AddIntConstant(m, "ACL_USER", ACL_USER);
1285 PyModule_AddIntConstant(m, "ACL_GROUP_OBJ", ACL_GROUP_OBJ);
1286 PyModule_AddIntConstant(m, "ACL_GROUP", ACL_GROUP);
1287 PyModule_AddIntConstant(m, "ACL_MASK", ACL_MASK);
1288 PyModule_AddIntConstant(m, "ACL_OTHER", ACL_OTHER);
projects / pylibacl.git / blob