#!/bin/bash # ========== # $File: //guest/amo/scripts/triggers/streamblock.sh $ # $Revision: #1 $ # $Change: 24577 $ # # $Author: amo $ # $DateTimeTZ: 2018/09/05 08:48:58 -0700 PDT $ # ========== # PURPOSE # A trigger script relating to 'form-save' for streams. # The purpose is to prevent the creation/edit of streams by certain users. # This is achieved by checking if the user saving the stream spec form is a member of a certain group. # # Trigger table entry looks like this: # streamblock form-save stream "%//scripts/triggers/streamblock.sh% %user% %formname% %clientip% %quote%%groups%%quote%" # # A user belonging to the group defined below would see the following message when attempting to save a stream form: # # 'streamblock' validation failed: User thisUser (123.123.123.123) is not allowed to change //streams/name/mainline. # # ----------- # Potential additions: # * Any and all optimisations for the script itself; this is a thrown-together example test. # * The group name is hard-coded here (the 'sb' variable) but could be moved to the trigger definition instead. # * The streams to which this applies is also hard-coded here; better to move it to the trigger definition instead. # This should allow for simpler administration such as multiple triggers for more than one pattern. # ----------- # this is the group we're looking for in the 'groups' list passed by the trigger def'n. sb=streamblock # four parameters, as defined in the trigger def'n username=$1 streamname=$2 ipaddr=$3 groups=$4 # the outer 'if' check searches for stream names that match the pattern below. # the inner 'if' checks if the group list includes our blocked one (identified above). if [[ $streamname == //streams/name/* ]] then if echo "$groups" | grep -qs $sb then echo "User $username ($ipaddr) is not allowed to change $streamname." exit 1 else exit 0 fi else # not in the set of restricted streams - success. exit 0 fi
# | Change | User | Description | Committed | |
---|---|---|---|---|---|
#1 | 24577 | Adam Morriss | Moving trigger script to 'triggers' folder | ||
//guest/amo/scripts/streamblock.sh | |||||
#2 | 24496 | Adam Morriss | Comments added to the script, should I get the opportunity to revisit this. | ||
#1 | 24495 | Adam Morriss |
Script to block creation/edit of streams by users belonging to a certain group. Plenty more to do here. |