1 Introduction
2 Ground Rules

Building a File System
3 File Systems
4 File Content Data Structure
5 Allocation Cluster Manager
6 Exceptions and Emancipation
7 Base Classes, Testing, and More
8 File Meta Data
9 Native File Class
10 Our File System
11 Allocation Table
12 File System Support Code
13 Initializing the File System
14 Contiguous Files
15 Rebuilding the File System
16 Native File System Support Methods
17 Lookups, Wildcards, and Unicode, Oh My
18 Finishing the File System Class

The Init Program
19 Hardware Abstraction and UOS Architecture
20 Init Command Mode
21 Using Our File System
22 Hardware and Device Lists
23 Fun with Stores: Partitions
24 Fun with Stores: RAID
25 Fun with Stores: RAM Disks
26 Init wrap-up

The Executive
27 Overview of The Executive
28 Starting the Kernel
29 The Kernel
30 Making a Store Bootable
31 The MMC
32 The HMC
33 Loading the components
34 Using the File Processor
35 Symbols and the SSC
36 The File Processor and Device Management
37 The File Processor and File System Management
38 Finishing Executive Startup

Users and Security
39 Introduction to Users and Security
40 More Fun With Stores: File Heaps
41 File Heaps, part 2
42 SysUAF
43 TUser
44 SysUAF API

Terminal I/O
45 Shells and UCL
46 UOS API, the Application Side
47 UOS API, the Executive Side
48 I/O Devices
49 Streams
50 Terminal Output Filters
51 The TTerminal Class
52 Handles
53 Putting it All Together
54 Getting Terminal Input
55 QIO
56 Cooking Terminal Input
57 Putting it all together, part 2
58 Quotas and I/O

UCL
59 UCL Basics
60 Symbol Substitution
61 Command execution
62 Command execution, part 2
63 Command Abbreviation
64 ASTs
65 Expressions, Part 1
66 Expressions, Part 2: Support code
67 Expressions, part 3: Parsing
68 SYS_GETJPIW and SYS_TRNLNM
69 Expressions, part 4: Evaluation

UCL Lexical Functions
70 PROCESS_SCAN
71 PROCESS_SCAN, Part 2
72 TProcess updates
73 Unicode revisted
74 Lexical functions: F$CONTEXT
75 Lexical functions: F$PID
76 Lexical Functions: F$CUNITS
77 Lexical Functions: F$CVSI and F$CVUI
78 UOS Date and Time Formatting
79 Lexical Functions: F$CVTIME
80 LIB_CVTIME
81 Date/Time Contexts
82 SYS_GETTIM, LIB_Get_Timestamp, SYS_ASCTIM, and LIB_SYS_ASCTIM
83 Lexical Functions: F$DELTA_TIME
84 Lexical functions: F$DEVICE
85 SYS_DEVICE_SCAN
86 Lexical functions: F$DIRECTORY
87 Lexical functions: F$EDIT and F$ELEMENT
88 Lexical functions: F$ENVIRONMENT
89 SYS_GETUAI
90 Lexical functions: F$EXTRACT and F$IDENTIFIER
91 LIB_FAO and LIB_FAOL
92 LIB_FAO and LIB_FAOL, part 2
93 Lexical functions: F$FAO
94 File Processing Structures
95 Lexical functions: F$FILE_ATTRIBUTES
96 SYS_DISPLAY
97 Lexical functions: F$GETDVI
98 Parse_GetDVI
99 GetDVI
100 GetDVI, part 2
101 GetDVI, part 3
102 Lexical functions: F$GETJPI
103 GETJPI
104 Lexical functions: F$GETSYI
105 GETSYI
106 Lexical functions: F$INTEGER, F$LENGTH, F$LOCATE, and F$MATCH_WILD
107 Lexical function: F$PARSE
108 FILESCAN
109 SYS_PARSE
110 Lexical Functions: F$MODE, F$PRIVILEGE, and F$PROCESS
111 File Lookup Service
112 Lexical Functions: F$SEARCH
113 SYS_SEARCH
114 F$SETPRV and SYS_SETPRV
115 Lexical Functions: F$STRING, F$TIME, and F$TYPE
116 More on symbols
117 Lexical Functions: F$TRNLNM
118 SYS_TRNLNM, Part 2
119 Lexical functions: F$UNIQUE, F$USER, and F$VERIFY
120 Lexical functions: F$MESSAGE
121 TUOS_File_Wrapper
122 OPEN, CLOSE, and READ system services

UCL Commands
123 WRITE
124 Symbol assignment
125 The @ command
126 @ and EXIT
127 CRELNT system service
128 DELLNT system service
129 IF...THEN...ELSE
130 Comments, labels, and GOTO
131 GOSUB and RETURN
132 CALL, SUBROUTINE, and ENDSUBROUTINE
133 ON, SET {NO}ON, and error handling
134 INQUIRE
135 SYS_WRITE Service
136 OPEN
137 CLOSE
138 DELLNM system service
139 READ
140 Command Recall
141 RECALL
142 RUN
143 LIB_RUN
144 The Data Stream Interface
145 Preparing for execution
146 EOJ and LOGOUT
147 SYS_DELPROC and LIB_GET_FOREIGN

CUSPs and utilities
148 The I/O Queue
149 Timers
150 Logging in, part one
151 Logging in, part 2
152 System configuration
153 SET NODE utility
154 UUI
155 SETTERM utility
156 SETTERM utility, part 2
157 SETTERM utility, part 3
158 AUTHORIZE utility
159 AUTHORIZE utility, UI
160 AUTHORIZE utility, Access Restrictions
161 AUTHORIZE utility, Part 4
162 AUTHORIZE utility, Reporting
163 AUTHORIZE utility, Part 6
164 Authentication
165 Hashlib
166 Authenticate, Part 7
167 Logging in, part 3
168 DAY_OF_WEEK, CVT_FROM_INTERNAL_TIME, and SPAWN
169 DAY_OF_WEEK and CVT_FROM_INTERNAL_TIME
170 LIB_SPAWN
171 CREPRC
172 CREPRC, Part 2
173 COPY
174 COPY, part 2
175 COPY, part 3
176 COPY, part 4
177 LIB_Get_Default_File_Protection and LIB_Substitute_Wildcards
178 CREATESTREAM, STREAMNAME, and Set_Contiguous
179 Help Files
180 LBR Services
181 LBR Services, Part 2
182 LIBRARY utility
183 LIBRARY utility, Part 2
184 FS Services
185 FS Services, Part 2
186 Implementing Help
187 HELP
188 HELP, Part 2
189 DMG_Get_Key and LIB_Put_Formatted_Output
190 LIBRARY utility, Part 3
191 Shutting Down UOS
192 SHUTDOWN
193 WAIT
194 SETIMR
195 WAITFR and Scheduling
196 REPLY, OPCOM, and Mailboxes
197 REPLY utility
198 Mailboxes
199 BRKTHRU
200 OPCOM
201 Mailbox Services
202 Mailboxes, Part 2
203 DEFINE
204 CRELNM
205 DISABLE
206 STOP
207 OPCCRASH and SHUTDOWN
208 APPEND

Glossary/Index


Downloads

AUTHORIZE utility, part 6

In this article, we will look at the implementation of the ADD, COPY, DEFAULT, and MODIFY commands in the Authorize utility. 

function TAuth_Responder.Post_Processing : boolean ;

var Component : TUUI_Component ;
    I, I1 : integer ;
    Invert : boolean ;
    Last_Access_Spec, S, P : string ;
    This_Day : integer ;
    Last_Item_Was_Day : boolean ;
    Low_Range, This_Start_Time, New_Time : TDay_Hour ;
    Primary, Secondary : integer ;
    U : TUser ;

begin // TAuth_Responder.Post_Processing
    // Setup...
    Result := True ;
    Primary := 2 or 4 or 8 or 16 or 32 ;
    Secondary := 1 or 64 ;
As we discussed a couple of articles ago, the UUI has callbacks to allow a program to customize the UI. The Post_Processing method is called after all the command-line switches are processed. We also looked at the pre-processing of access restrictions, which we will now make use of. 

    // Process through the access restriction switches...
    Last_Access_Spec := '' ;
    while( Access_Switches <> '' ) do
    begin
        Invert := False ;
        S := lowercase( Next_Switch( Access_Switches, P ) ) ;
        P := lowercase( P ) ;
        if( Left( P, 1 ) = '(' ) then
        begin
            P := copy( P, 2, length( P ) ) ;
            if( copy( P, length( P ), 1 ) = ')' ) then
            begin
                setlength( P, length( P ) - 1 ) ;
            end ;
        end ;
        if( P = '' ) then
        begin
            if( MinMatch( S, 'access', 1 ) ) then
            begin
                continue ;
            end ;
            P := Last_Access_Spec ; // Use last specified access
        end ;
During pre-processing, we extracted the access restriction switches to a string which we will now iterate through. Each time through the loop, we get the next switch and remove it from Access_Switches. The loop ends when all of the switches have been processed. S is the switch and P are the parameters (if any). The syntax of the access switches allows for including specifications inside parentheses. The way we process the switches, these parentheses are irrelevant, so we simply remove the pair of parentheses from the current switch if they are present. If no parameters are specified, we default them to the last access specification that we encountered on the line. This handles situations such as the following:
/BATCH=(TUESDAY,8-11)/ACCESS
In this case, the /ACCESS switch "inherits" the /BATCH parameters as if it were specified as:
/ACCESS=(TUESDAY,8-11) 

        if( copy( S, 1, 1 ) = 'a' ) then
        begin
            Last_Access_Spec := P ;
            Component := UUI.Get_Component_By_Name( 'accesslist' ) ;
        end else
        if( copy( S, 1, 3 ) = 'noa' ) then
        begin
            Last_Access_Spec := P ;
            Component := UUI.Get_Component_By_Name( 'accesslist' ) ;
            Invert := True ; // Disallow access
        end else
        if( copy( S, 1, 1 ) = 'b' ) then
        begin
            Component := UUI.Get_Component_By_Name( 'batchlist' ) ;
        end else
        if( copy( S, 1, 1 ) = 'i' ) then
        begin
            Component := UUI.Get_Component_By_Name( 'interactivelist' ) ;
        end else
        if( copy( S, 1, 3 ) = 'noi' ) then
        begin
            if( P <> '' ) then
            begin
                Error_Code := AUTH_INVPARM ;
                Result := False ;
                exit ;
            end ;
            Component := UUI.Get_Component_By_Name( 'interactivelist' ) ;
            Component.Clear ;
            continue ;
        end else
        if( copy( S, 1, 1 ) = 'l' ) then
        begin
            Component := UUI.Get_Component_By_Name( 'locallist' ) ;
        end else
        if( copy( S, 1, 1 ) = 'n' ) then
        begin
            Component := UUI.Get_Component_By_Name( 'networklist' ) ;
        end else
        if( copy( S, 1, 1 ) = 'r' ) then
        begin
            Component := UUI.Get_Component_By_Name( 'remotelist' ) ;
        end else
Based on the first character of the access type, we select the appropriate UI component to update. Note that since the we already processed the valid switches earlier, we only need to check the first character of the switch - there won't be any invalid switches here. 

        begin
            // /PRIMEDAYS handling...

            // Set defaults...
            Primary := 2 or 4 or 8 or 16 or 32 ;
            Secondary := 1 or 64 ;

            while( P <> '' ) do
            begin
                I := pos( ',', P + ',' ) ;
                S := lowercase( trim( copy( P, 1, I - 1 ) ) ) ;
                P := copy( P, I + 1, length( P ) ) ;
                if( copy( S, 1, 2 ) = 'no' ) then
                begin
                    I := Access_Day( copy( S, 3, length( S ) ) ) ;
                    if( I < 0 ) then
                    begin
                        Error_Code := AUTH_INVDAY ;
                        Result := False ;
                        exit ;
                    end ;
                    I := 1 shl I ;
                    Secondary := Secondary or I ;
                    Primary := Primary and ( not I ) ;
                end else
                begin
                    I := Access_Day( S ) ;
                    if( I < 0 ) then
                    begin
                        Error_Code := AUTH_INVDAY ;
                        Result := False ;
                        exit ;
                    end ;
                    I := 1 shl I ;
                    Primary := Primary or I ;
                    Secondary := Secondary and ( not I ) ;
                end ;
            end ; // while( P <> '' )
        end ;
If the switch doesn't match any of the above, the only possibility is /primary. In this case, we default to primary days of Monday through Friday, and secondard days of Saturday and Sunday. The days are indicated by a bitmask, where Sunday is bit 0 (value of 1) and Saturday is bit 6. Then we iterate through the parameters, processing items delimited by commas. The processing for each item is a matter of converting each day to a bit value (or range of bits) after validating the name of the day. If the name is prefixed with "no", the day is assigned to the secondary days bitmask. Otherwise it is added to the primary days bitmask. Whichever bitmask it is added to, the same bit is removed from the alternate bitmask. 

        if( Last_Item_Was_Day ) then
        begin
            Low_Range.Days := This_Day ;
            Process_Access ;
        end ;
    end ; // while( Access_Switches <> '' )
If the last item processed was a day, we add an access item to the appropriate access list. Otherwise, we continue on to the next item in the access specifications. In this way, we can build restriction specifications as we process through the switches. 

    if( Operation = Op_Copy ) then
    begin
        if( Add_User( Target, False, 0 ) < 1 ) then
        begin
            UUI.Show_Error( AUTH_ADDERR, 'SYSUAF error' ) ;
            exit ;
        end ;
        U := Get_User( Target ) ;
        Update_User_From_UI( U ) ;
    end else
    if( Operation = Op_Modify ) then
    begin
        U := Get_User( Target ) ;
        Update_User_From_UI( U ) ;
    end ;
end ; // TAuth_Responder.Post_Processing
When we are done processing the access switches, if any, we then process the command. If the command is a copy, we first create the new user, then update the user from the UI. This will match the source account loaded earlier, as modified by switches. If the command is a modify command, the account characteristics were already added to the UI, modified by the switches. We get the specified user and then update it from the UI. 

    procedure Process_Access ;

    var I, I1 : integer ;

    begin
        // Remove any current items that conflict with this new time range...
        for I := Component.List_Count - 1 downto 0 do
        begin
            S := Component.List_Value( I ) ;
            Parse_Date( S, This_Start_Time, Primary, Secondary ) ;
            if( ( This_Start_Time.Days and Low_Range.Days ) <> 0 ) then // Overlapped day
            begin
                if( ( This_Start_Time.Start_Time <= Low_Range.End_Time )
                    and
                    ( This_Start_Time.End_Time >= Low_Range.Start_Time )
                  ) then
                begin // Overlapping time ranges
                    Component.List_Delete( I ) ; // Delete old time
                    if( This_Start_Time.Start_Time < Low_Range.Start_Time ) then
                    begin
                        New_Time := This_Start_Time ;
                        New_Time.End_Time := Low_Range.Start_Time - 1 ;
                        Component.Add_To_List( PChar( Time_To_String( New_Time ) ) ) ;
                    end ;
                    if( This_Start_Time.End_Time > Low_Range.End_Time ) then
                    begin
                        New_Time := This_Start_Time ;
                        New_Time.Start_Time := Low_Range.End_Time + 1 ;
                        Component.Add_To_List( PChar( Time_To_String( New_Time ) ) ) ;
                    end ;
                end ;
            end ;
        end ; // for I := 0 to Component.List_Count - 1

        // Add this time to the current item list...
        if( not Invert ) then
        begin
            I1 := Low_Range.Days ;
            for I := 0 to 6 do // Check each day
            begin
                if( ( I1 and ( 1 shl I ) ) <> 0 ) then // Found a day
                begin
                    Low_Range.Days := 1 shl I ;
                    Component.Add_To_List( PChar( Time_To_String( Low_Range ) ) ) ;
                end ;
            end ;
        end ; // if( not Invert )
    end ;
This local function processes the current access specification in S. Since it makes no sense to have conflicting restriction times, we make sure we remove any matched times from the existing access list. The new restriction may completely or partially replace an existing one. If there is a partial overlap, we save the portion(s) outside of the overlap, possibly splitting a single item into two separate ones. For instance, if the existing time is 1 PM to 4 PM, and the new time is 2 PM to 3 PM, the existing time is replaced by two items: one for 1 PM to 2 PM and one for 3 PM to 4 PM.

Finally we add the new restriction to the appropriate Component.

In the next article, we will begin look into the subject of authentication.

 

Copyright © 2022 by Alan Conroy. This article may be copied in whole or in part as long as this copyright is included.