int SetUsersRestrictedDotFiles()

in src/common/commonutils/UserUtils.c [2862:2955]

• 81 lines of code
• 20 McCabe index (conditional complexity)

int SetUsersRestrictedDotFiles(unsigned int* modes, unsigned int numberOfModes, unsigned int mode, OsConfigLogHandle log)
{
    const char* pathTemplate = "%s/%s";

    SimplifiedUser* userList = NULL;
    unsigned int userListSize = 0, i = 0, j = 0;
    DIR* home = NULL;
    struct dirent* entry = NULL;
    char* path = NULL;
    size_t length = 0;
    bool oneGoodMode = false;
    int status = 0, _status = 0;

    if ((NULL == modes) || (0 == numberOfModes))
    {
        OsConfigLogError(log, "SetUsersRestrictedDotFiles: invalid arguments (%p, %u)", modes, numberOfModes);
        return EINVAL;
    }

    if (0 == (status = EnumerateUsers(&userList, &userListSize, NULL, log)))
    {
        for (i = 0; i < userListSize; i++)
        {
            if (userList[i].noLogin || userList[i].cannotLogin || userList[i].isLocked)
            {
                continue;
            }
            else if (DirectoryExists(userList[i].home) && (NULL != (home = opendir(userList[i].home))))
            {
                while (NULL != (entry = readdir(home)))
                {
                    if ((DT_REG == entry->d_type) && ('.' == entry->d_name[0]))
                    {
                        length = strlen(pathTemplate) + strlen(userList[i].home) + strlen(entry->d_name);
                        if (NULL == (path = malloc(length + 1)))
                        {
                            OsConfigLogError(log, "SetUsersRestrictedDotFiles: out of memory");
                            status = ENOMEM;
                            break;
                        }

                        memset(path, 0, length + 1);
                        snprintf(path, length, pathTemplate, userList[i].home, entry->d_name);

                        oneGoodMode = false;

                        for (j = 0; j < numberOfModes; j++)
                        {
                            if (0 == CheckFileAccess(path, userList[i].userId, userList[i].groupId, modes[j], NULL, log))
                            {
                                OsConfigLogInfo(log, "SetUsersRestrictedDotFiles: user %u already has proper restricted access (%03o) set for their dot file '%s'",
                                    userList[i].userId, modes[j], path);
                                oneGoodMode = true;
                                break;
                            }
                        }

                        if (false == oneGoodMode)
                        {
                            if (0 == (_status = SetFileAccess(path, userList[i].userId, userList[i].groupId, mode, log)))
                            {
                                OsConfigLogInfo(log, "SetUsersRestrictedDotFiles: user %u now has restricted access (%03o) set for their dot file '%s'",
                                    userList[i].userId, mode, path);
                            }
                            else
                            {
                                OsConfigLogInfo(log, "SetUsersRestrictedDotFiles: cannot set restricted access (%u) for user %u dot file '%s'",
                                    mode, userList[i].userId, path);

                                if (0 == status)
                                {
                                    status = _status;
                                }
                            }
                        }

                        FREE_MEMORY(path);
                    }
                }

                closedir(home);
            }
        }
    }

    FreeUsersList(&userList, userListSize);

    if (0 == status)
    {
        OsConfigLogInfo(log, "SetUserDotFilesAccess: all users who can login now have proper restricted access to their dot files, if any");
    }

    return status;
}