From 69a7bb37956031c32c3deb91d44b80490122b34d Mon Sep 17 00:00:00 2001
From: Matic Pogacnik <mpogacnik@anl.gov>
Date: Tue, 25 Aug 2020 10:51:41 +0200
Subject: [PATCH] Add AS write hooks

---
 documentation/release_notes.dox |  2 ++
 pdbApp/pdb.h                    | 10 ++++++++++
 pdbApp/pdbgroup.cpp             | 15 ++++++++++++++-
 pdbApp/pdbsingle.cpp            | 12 ++++++++++++
 4 files changed, 38 insertions(+), 1 deletion(-)

diff --git a/documentation/release_notes.dox b/documentation/release_notes.dox
index 627126e..da5ac6e 100644
--- a/documentation/release_notes.dox
+++ b/documentation/release_notes.dox
@@ -7,6 +7,8 @@ Release 1.3.2 (UNRELEASED)
 
 - Additions
  - Add new "structure" to @ref qsrv_group_map_types
+- Changes
+  - Add Access Security hooks for single and group writes.
 
 Release 1.3.1 (June 2021)
 =========================
diff --git a/pdbApp/pdb.h b/pdbApp/pdb.h
index ab04d4e..65c0597 100644
--- a/pdbApp/pdb.h
+++ b/pdbApp/pdb.h
@@ -2,6 +2,7 @@
 #define PDB_H
 
 #include <dbEvent.h>
+#include <asLib.h>
 
 #include <pv/configuration.h>
 #include <pv/pvAccess.h>
@@ -73,4 +74,13 @@ struct QSRV_API PDBProvider : public epics::pvAccess::ChannelProvider,
 QSRV_API
 void QSRVRegistrar_counters();
 
+class QSRV_API AsWritePvt {
+    void * pvt;
+public:
+    explicit AsWritePvt(void * pvt): pvt(pvt) {}
+    ~AsWritePvt() {
+        asTrapWriteAfterWrite(pvt);
+    }
+};
+
 #endif // PDB_H
diff --git a/pdbApp/pdbgroup.cpp b/pdbApp/pdbgroup.cpp
index 96a96c1..b329f5a 100644
--- a/pdbApp/pdbgroup.cpp
+++ b/pdbApp/pdbgroup.cpp
@@ -8,6 +8,7 @@
 #include <dbAccess.h>
 #include <dbChannel.h>
 #include <dbStaticLib.h>
+#include <asLib.h>
 
 #include <pv/pvAccess.h>
 #include <pv/configuration.h>
@@ -349,12 +350,24 @@ void PDBGroupPut::put(pvd::PVStructure::shared_pointer const & value,
     // assume value may be a different struct each time... lot of wasted prep work
     const size_t npvs = channel->pv->members.size();
     std::vector<std::tr1::shared_ptr<PVIF> > putpvif(npvs);
+    std::vector<AsWritePvt> asWritePvt;
 
     for(size_t i=0; i<npvs; i++)
     {
         PDBGroupPV::Info& info = channel->pv->members[i];
-        if(!info.allowProc) continue;
 
+        asWritePvt.push_back(AsWritePvt(
+            asTrapWriteWithData(channel->aspvt.at(i).aspvt,
+                            std::string(channel->cred.user.begin(), channel->cred.user.end()).c_str(),
+                            std::string(channel->cred.host.begin(), channel->cred.host.end()).c_str(),
+                            info.chan,
+                            info.chan->final_type,
+                            info.chan->final_no_elements,
+                            NULL
+                            )
+        ));
+
+        if(!info.allowProc) continue;
         putpvif[i].reset(info.builder->attach(value, info.attachment));
     }
 
diff --git a/pdbApp/pdbsingle.cpp b/pdbApp/pdbsingle.cpp
index 2a89a71..564ca89 100644
--- a/pdbApp/pdbsingle.cpp
+++ b/pdbApp/pdbsingle.cpp
@@ -2,6 +2,7 @@
 
 #include <string.h>
 
+#include <asLib.h>
 #include <dbAccess.h>
 #include <dbChannel.h>
 #include <dbStaticLib.h>
@@ -355,6 +356,17 @@ void PDBSinglePut::put(pvd::PVStructure::shared_pointer const & value,
     dbChannel *chan = channel->pv->chan;
     dbFldDes *fld = dbChannelFldDes(chan);
 
+    AsWritePvt asWritePvt (
+                asTrapWriteWithData(channel->aspvt.aspvt,
+                        std::string(channel->cred.user.begin(), channel->cred.user.end()).c_str(),
+                        std::string(channel->cred.host.begin(), channel->cred.host.end()).c_str(),
+                        chan,
+                        chan->final_type,
+                        chan->final_no_elements,
+                        NULL
+                        )
+    );
+
     pvd::Status ret;
     if(!channel->aspvt.canWrite()) {
         ret = pvd::Status::error("Put not permitted");