1. 20 Nov, 2007 2 commits
    • David Zeuthen's avatar
      b6959892
    • David Zeuthen's avatar
      add support for negative authorizations · 45f52acb
      David Zeuthen authored
      Negative authorizations is a way to block an entity; previously the
      algorithm was something like (ignoring the config file for now)
      
        Result is_authorized() {
          res = has_implicit_auth();
          if (res == YES) {
            return YES;
          } else if (has_explicit_auth()) {
            return YES;
          }
          return res;
        }
      
      Now it's
      
        Result is_authorized() {
          res = has_implicit_auth();
          expl = has_explicit_auth();
          is_blocked = has_negative_explicit_auth();
      
          if (is_blocked)
            return NO;
      
          if (res == YES) {
            return YES;
          } else if (has_explicit_auth()) {
            return YES;
          }
          return res;
        }
      
      E.g. just a single negative auth will force NO to be returned. I
      really, really need to write into the spec how this works; my mental
      L1 cache can't contain it anymore. Once it's formally defined we need
      to craft a test suite to verify that the code works according to
      spec...
      45f52acb
  2. 19 Nov, 2007 3 commits
  3. 18 Nov, 2007 1 commit
  4. 17 Nov, 2007 3 commits
  5. 12 Nov, 2007 5 commits
  6. 11 Nov, 2007 9 commits
  7. 10 Nov, 2007 2 commits
  8. 09 Nov, 2007 2 commits
  9. 08 Nov, 2007 9 commits
  10. 06 Nov, 2007 4 commits