fixed memory leaks
[public/netxms.git] / src / server / core / graph.cpp
1 /*
2 ** NetXMS - Network Management System
3 ** Copyright (C) 2003-2013 Raden Solutions
4 **
5 ** This program is free software; you can redistribute it and/or modify
6 ** it under the terms of the GNU Lesser General Public License as published by
7 ** the Free Software Foundation; either version 3 of the License, or
8 ** (at your option) any later version.
9 **
10 ** This program is distributed in the hope that it will be useful,
11 ** but WITHOUT ANY WARRANTY; without even the implied warranty of
12 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 ** GNU General Public License for more details.
14 **
15 ** You should have received a copy of the GNU Lesser General Public License
16 ** along with this program; if not, write to the Free Software
17 ** Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18 **
19 ** File: graph.cpp
20 **
21 **/
22
23 #include "nxcore.h"
24
25 /**
26 * Load graph's ACL - load for all graphs if graphId is 0
27 */
28 GRAPH_ACL_ENTRY *LoadGraphACL(UINT32 graphId, int *pnACLSize)
29 {
30 int i, nSize;
31 GRAPH_ACL_ENTRY *pACL = NULL;
32 DB_RESULT hResult;
33
34 if (graphId == 0)
35 {
36 hResult = DBSelect(g_hCoreDB, _T("SELECT graph_id,user_id,user_rights FROM graph_acl"));
37 }
38 else
39 {
40 TCHAR szQuery[256];
41
42 _sntprintf(szQuery, sizeof(szQuery) / sizeof(TCHAR), _T("SELECT graph_id,user_id,user_rights FROM graph_acl WHERE graph_id=%d"), graphId);
43 hResult = DBSelect(g_hCoreDB, szQuery);
44 }
45 if (hResult != NULL)
46 {
47 nSize = DBGetNumRows(hResult);
48 if (nSize > 0)
49 {
50 pACL = (GRAPH_ACL_ENTRY *)malloc(sizeof(GRAPH_ACL_ENTRY) * nSize);
51 for(i = 0; i < nSize; i++)
52 {
53 pACL[i].dwGraphId = DBGetFieldULong(hResult, i, 0);
54 pACL[i].dwUserId = DBGetFieldULong(hResult, i, 1);
55 pACL[i].dwAccess = DBGetFieldULong(hResult, i, 2);
56 }
57 }
58 *pnACLSize = nSize;
59 DBFreeResult(hResult);
60 }
61 else
62 {
63 *pnACLSize = -1; // Database error
64 }
65 return pACL;
66 }
67
68 /**
69 * Check access to the graph
70 */
71 BOOL CheckGraphAccess(GRAPH_ACL_ENTRY *pACL, int nACLSize, UINT32 graphId, UINT32 graphUserId, UINT32 graphDesiredAccess)
72 {
73 int i;
74
75 for(i = 0; i < nACLSize; i++)
76 {
77 if (pACL[i].dwGraphId == graphId)
78 {
79 if ((pACL[i].dwUserId == graphUserId) ||
80 ((pACL[i].dwUserId & GROUP_FLAG) && CheckUserMembership(graphUserId, pACL[i].dwUserId)))
81 {
82 if ((pACL[i].dwAccess & graphDesiredAccess) == graphDesiredAccess)
83 return TRUE;
84 }
85 }
86 }
87 return FALSE;
88 }
89
90 /**
91 * Check access to the graph
92 */
93 UINT32 GetGraphAccessCheckResult(UINT32 graphId, UINT32 graphUserId)
94 {
95 // Check existence and access rights
96 TCHAR szQuery[16384];
97 DB_RESULT hResult;
98 UINT32 dwOwner;
99 GRAPH_ACL_ENTRY *pACL = NULL;
100 int nACLSize;
101 UINT32 rcc = RCC_DB_FAILURE;
102
103 _sntprintf(szQuery, sizeof(szQuery) / sizeof(TCHAR), _T("SELECT owner_id FROM graphs WHERE graph_id=%d"), graphId);
104 hResult = DBSelect(g_hCoreDB, szQuery);
105 if (hResult != NULL)
106 {
107 if (DBGetNumRows(hResult) > 0)
108 {
109 dwOwner = DBGetFieldULong(hResult, 0, 0);
110 pACL = LoadGraphACL(graphId, &nACLSize);
111 if (nACLSize != -1)
112 {
113 if ((graphUserId == 0) ||
114 (graphUserId == dwOwner) ||
115 CheckGraphAccess(pACL, nACLSize, graphId, graphUserId, NXGRAPH_ACCESS_WRITE))
116 {
117 rcc = RCC_SUCCESS;
118 }
119 else
120 {
121 rcc = RCC_ACCESS_DENIED;
122 }
123 safe_free(pACL);
124 }
125 else
126 {
127 rcc = RCC_DB_FAILURE;
128 }
129 }
130 else
131 {
132 rcc = RCC_INVALID_GRAPH_ID;
133 }
134 DBFreeResult(hResult);
135 }
136 return rcc;
137 };
138
139 /**
140 * Check if graph name already exist
141 */
142 GRAPH_ACL_AND_ID IsGraphNameExists(const TCHAR *graphName)
143 {
144 TCHAR szQuery[256];
145 GRAPH_ACL_ENTRY *pACL = NULL;
146 DB_RESULT hResult;
147 GRAPH_ACL_AND_ID result;
148 result.graphId = 0;
149
150 // Check existence and access rights
151 _sntprintf(szQuery, sizeof(szQuery) / sizeof(TCHAR), _T("SELECT graph_id FROM graphs WHERE name=%s"),
152 (const TCHAR *)DBPrepareString(g_hCoreDB, graphName));
153 hResult = DBSelect(g_hCoreDB, szQuery);
154
155 if (hResult != NULL)
156 {
157 if (DBGetNumRows(hResult) > 0)
158 {
159 result.graphId = DBGetFieldULong(hResult, 0, 0);
160 result.status = RCC_OBJECT_ALREADY_EXISTS;
161 }
162 else
163 {
164 result.status = RCC_SUCCESS;
165 }
166 DBFreeResult(hResult);
167 }
168 else
169 {
170 result.status = RCC_DB_FAILURE;
171 }
172 return result;
173 }