1 files changed, 12 insertions, 3 deletions

diff --git a/rainbow/rainbow/util.py b/rainbow/rainbow/util.py
index 5cd4029..3679c20 100644
--- a/rainbow/rainbow/util.py
+++ b/rainbow/rainbow/util.py
@@ -95,12 +95,21 @@ class Checker(object):
        In particular, this class does not know the special rules that adhere to
        uid 0.
     """
-    def __init__(self, path, uid, gid):
+    def __init__(self, path, uid, gid, groups=None):
         self.path = path
         self.uid = uid
         self.gid = gid
+        self.groups = set(groups or []).union(set([gid]))
         self.observation = stat(self.path)
 
+    def __repr__(self):
+        return "Checker(%r, %r, %r, groups=%r)" % (self.path, self.uid, self.gid, self.groups)
+
+    def __str__(self):
+        return ("Checker(%s, %s, %s, %s) -> mode: %o uid: %s, gid: %s" %
+            (self.path, self.uid, self.gid, self.groups, self.observation[ST_MODE],
+            self.observation[ST_UID], self.observation[ST_GID]))
+
     def positive(self, needed, mask):
         # I'm going to try to turn off bits in mode as I verify that they can
         # be satisfied.
@@ -108,7 +117,7 @@ class Checker(object):
         real_mode = o[ST_MODE]
         if self.uid == o[ST_UID]:
             needed &= ~((real_mode & 0700) >> 6)
-        if self.gid == o[ST_GID]:
+        if o[ST_GID] in self.groups:
             needed &= ~((real_mode & 0070) >> 3)
         needed &= ~(real_mode & 0007)
         # Make sure needed is empty and real_mode satisfies stat.
@@ -122,7 +131,7 @@ class Checker(object):
         allowed = 0
         if self.uid == o[ST_UID]:
             allowed |= (real_mode & 0700) >> 6
-        if self.gid == o[ST_GID]:
+        if o[ST_GID] in self.groups:
             allowed |= (real_mode & 0070) >> 3
         allowed |= (real_mode & 0007)
         # Did we avoid everything?