diff --git a/src/rm/RequestManagerAction.cc b/src/rm/RequestManagerAction.cc index 27a24b798e..cb9032de67 100644 --- a/src/rm/RequestManagerAction.cc +++ b/src/rm/RequestManagerAction.cc @@ -18,7 +18,6 @@ #include "NebulaLog.h" #include "Nebula.h" -#include "UserPool.h" /* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */ diff --git a/src/rm/RequestManagerHostAllocate.cc b/src/rm/RequestManagerHostAllocate.cc index 7d3393f4d0..c78971497f 100644 --- a/src/rm/RequestManagerHostAllocate.cc +++ b/src/rm/RequestManagerHostAllocate.cc @@ -17,23 +17,25 @@ #include "RequestManager.h" #include "NebulaLog.h" +#include "AuthManager.h" + /* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */ void RequestManager::HostAllocate::execute( xmlrpc_c::paramList const& paramList, xmlrpc_c::value * const retval) -{ +{ string session; string hostname; - string im_mad_name; - string vmm_mad_name; + string im_mad_name; + string vmm_mad_name; string tm_mad_name; - int hid; + int hid; - int rc; + int rc; ostringstream oss; /* -- RPC specific vars -- */ @@ -49,25 +51,39 @@ void RequestManager::HostAllocate::execute( vmm_mad_name = xmlrpc_c::value_string(paramList.getString(3)); tm_mad_name = xmlrpc_c::value_string(paramList.getString(4)); - // Only oneadmin can add new hosts + //Authenticate the user rc = HostAllocate::upool->authenticate(session); - - if ( rc != 0 ) - { - goto error_authenticate; + + if ( rc == -1 ) + { + goto error_authenticate; } + + //Authorize the operation + if ( rc != 0 ) // rc == 0 means oneadmin + { + AuthRequest ar(rc); + + ar.add_auth(AuthRequest::HOST,-1,AuthRequest::CREATE,0,false); + + if (UserPool::authorize(ar) == -1) + { + goto error_authorize; + } + } + // Perform the allocation in the hostpool rc = HostAllocate::hpool->allocate(&hid, hostname, - im_mad_name, + im_mad_name, vmm_mad_name, - tm_mad_name); - if ( rc == -1 ) - { - goto error_host_allocate; + tm_mad_name); + if ( rc == -1 ) + { + goto error_host_allocate; } - - // All nice, return the new hid to client + + // All nice, return the new hid to client arrayData.push_back(xmlrpc_c::value_boolean(true)); // SUCCESS arrayData.push_back(xmlrpc_c::value_int(hid)); arrayresult = new xmlrpc_c::value_array(arrayData); @@ -79,25 +95,26 @@ void RequestManager::HostAllocate::execute( return; error_authenticate: - oss << "User not authorized to add new hosts"; + oss << "Error in user authentication"; + goto error_common; + +error_authorize: + oss << "User not authorized to allocate a new HOST"; goto error_common; error_host_allocate: - oss << "Can not allocate host " << hostname << - " in the HostPool, returned error code [" << rc << "]"; + oss << "Error inserting HOST in the database, check oned.log"; goto error_common; error_common: - arrayData.push_back(xmlrpc_c::value_boolean(false)); // FAILURE arrayData.push_back(xmlrpc_c::value_string(oss.str())); - - NebulaLog::log("ReM",Log::ERROR,oss); - + + NebulaLog::log("ReM",Log::ERROR,oss); + xmlrpc_c::value_array arrayresult_error(arrayData); *retval = arrayresult_error; - return; } diff --git a/src/rm/RequestManagerHostDelete.cc b/src/rm/RequestManagerHostDelete.cc index 9bafd227d2..4bd0c50333 100644 --- a/src/rm/RequestManagerHostDelete.cc +++ b/src/rm/RequestManagerHostDelete.cc @@ -17,17 +17,19 @@ #include "RequestManager.h" #include "NebulaLog.h" +#include "AuthManager.h" + /* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */ void RequestManager::HostDelete::execute( xmlrpc_c::paramList const& paramList, xmlrpc_c::value * const retval) -{ +{ string session; // of the host to delete from the HostPool - int hid; + int hid; Host * host; ostringstream oss; int rc; @@ -41,31 +43,44 @@ void RequestManager::HostDelete::execute( // Get the parameters session = xmlrpc_c::value_string(paramList.getString(0)); hid = xmlrpc_c::value_int (paramList.getInt(1)); - - // Only oneadmin can delete hosts + + //Authenticate the user rc = HostDelete::upool->authenticate(session); - - if ( rc != 0 ) - { - goto error_authenticate; + + if ( rc == -1 ) + { + goto error_authenticate; } - - // Perform the allocation in the hostpool - host = HostDelete::hpool->get(hid,true); - - if ( host == 0 ) - { - goto error_host_get; + + //Authorize the operation + if ( rc != 0 ) // rc == 0 means oneadmin + { + AuthRequest ar(rc); + + ar.add_auth(AuthRequest::HOST,hid,AuthRequest::DELETE,0,false); + + if (UserPool::authorize(ar) == -1) + { + goto error_authorize; + } } - + + // Perform the allocation in the hostpool + host = HostDelete::hpool->get(hid,true); + + if ( host == 0 ) + { + goto error_host_get; + } + rc = HostDelete::hpool->drop(host); host->unlock(); - // All nice, return the host info to the client + // All nice, return the host info to the client arrayData.push_back(xmlrpc_c::value_boolean( rc == 0 )); // SUCCESS arrayresult = new xmlrpc_c::value_array(arrayData); - + // Copy arrayresult into retval mem space *retval = *arrayresult; // and get rid of the original @@ -74,7 +89,11 @@ void RequestManager::HostDelete::execute( return; error_authenticate: - oss << "User not authorized to delete hosts"; + oss << "Error in user authentication"; + goto error_common; + +error_authorize: + oss << "User not authorized to delete HOST"; goto error_common; error_host_get: @@ -86,11 +105,11 @@ error_common: arrayData.push_back(xmlrpc_c::value_boolean(false)); // FAILURE arrayData.push_back(xmlrpc_c::value_string(oss.str())); - + xmlrpc_c::value_array arrayresult_error(arrayData); *retval = arrayresult_error; - + return; } diff --git a/src/rm/RequestManagerHostEnable.cc b/src/rm/RequestManagerHostEnable.cc index 4e000dadbd..78cdc70e34 100644 --- a/src/rm/RequestManagerHostEnable.cc +++ b/src/rm/RequestManagerHostEnable.cc @@ -17,13 +17,15 @@ #include "RequestManager.h" #include "NebulaLog.h" +#include "AuthManager.h" + /* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */ void RequestManager::HostEnable::execute( xmlrpc_c::paramList const& paramList, xmlrpc_c::value * const retval) -{ +{ string session; int hid; @@ -43,39 +45,51 @@ void RequestManager::HostEnable::execute( hid = xmlrpc_c::value_int(paramList.getInt(1)); enable = xmlrpc_c::value_boolean(paramList.getBoolean(2)); - // Only oneadmin can enable hosts + //Authenticate the user rc = HostEnable::upool->authenticate(session); - - if ( rc != 0) - { - goto error_authenticate; + + if ( rc == -1 ) + { + goto error_authenticate; } - host = HostEnable::hpool->get(hid,true); - - if ( host == 0 ) - { - goto error_host_get; + //Authorize the operation + if ( rc != 0 ) // rc == 0 means oneadmin + { + AuthRequest ar(rc); + + ar.add_auth(AuthRequest::HOST,hid,AuthRequest::MANAGE,0,false); + + if (UserPool::authorize(ar) == -1) + { + goto error_authorize; + } } - + + host = HostEnable::hpool->get(hid,true); + + if ( host == 0 ) + { + goto error_host_get; + } + if ( enable == true) { - host->enable(); + host->enable(); } else { - host->disable(); + host->disable(); } HostEnable::hpool->update(host); - + host->unlock(); - + //Result - arrayData.push_back(xmlrpc_c::value_boolean(true)); arrayresult = new xmlrpc_c::value_array(arrayData); - + *retval = *arrayresult; delete arrayresult; @@ -83,15 +97,19 @@ void RequestManager::HostEnable::execute( return; error_authenticate: - oss << "Only oneadmin can enable hosts"; + oss << "Error in user authentication"; + goto error_common; + +error_authorize: + oss << "User not authorized to enable HOST"; goto error_common; error_host_get: - oss << "Error getting host with HID = " << hid; + oss << "Error getting host with HID = " << hid; goto error_common; error_common: - NebulaLog::log("ReM",Log::ERROR,oss); + NebulaLog::log("ReM",Log::ERROR,oss); arrayData.push_back(xmlrpc_c::value_boolean(false)); arrayData.push_back(xmlrpc_c::value_string(oss.str())); @@ -99,7 +117,7 @@ error_common: xmlrpc_c::value_array arrayresult_error(arrayData); *retval = arrayresult_error; - + return; } diff --git a/src/rm/RequestManagerHostInfo.cc b/src/rm/RequestManagerHostInfo.cc index b586d59675..3bff4b530c 100644 --- a/src/rm/RequestManagerHostInfo.cc +++ b/src/rm/RequestManagerHostInfo.cc @@ -23,13 +23,13 @@ void RequestManager::HostInfo::execute( xmlrpc_c::paramList const& paramList, xmlrpc_c::value * const retval) -{ +{ string session; - int hid; + int hid; int rc; Host * host; - + ostringstream oss; /* -- RPC specific vars -- */ @@ -42,7 +42,7 @@ void RequestManager::HostInfo::execute( session = xmlrpc_c::value_string(paramList.getString(0)); hid = xmlrpc_c::value_int (paramList.getInt(1)); - // Check if it is a valid user + //Authenticate the user rc = HostInfo::upool->authenticate(session); if ( rc == -1 ) @@ -51,18 +51,18 @@ void RequestManager::HostInfo::execute( } // Get the host from the HostPool - host = HostInfo::hpool->get(hid,true); - - if ( host == 0 ) - { - goto error_host_get; + host = HostInfo::hpool->get(hid,true); + + if ( host == 0 ) + { + goto error_host_get; } - + oss << *host; - + host->unlock(); - - // All nice, return the host info to the client + + // All nice, return the host info to the client arrayData.push_back(xmlrpc_c::value_boolean(true)); // SUCCESS arrayData.push_back(xmlrpc_c::value_string(oss.str())); @@ -75,24 +75,24 @@ void RequestManager::HostInfo::execute( return; error_authenticate: - oss << "User not authenticated, HostInfo call aborted."; + oss << "Error in user authentication"; goto error_common; error_host_get: - oss << "Error getting host with HID = " << hid; + oss << "Error getting host with HID = " << hid; goto error_common; error_common: arrayData.push_back(xmlrpc_c::value_boolean(false)); // FAILURE arrayData.push_back(xmlrpc_c::value_string(oss.str())); - - NebulaLog::log("ReM",Log::ERROR,oss); - + + NebulaLog::log("ReM",Log::ERROR,oss); + xmlrpc_c::value_array arrayresult_error(arrayData); *retval = arrayresult_error; - + return; } diff --git a/src/rm/RequestManagerHostPoolInfo.cc b/src/rm/RequestManagerHostPoolInfo.cc index ba598a803d..945bbe6471 100755 --- a/src/rm/RequestManagerHostPoolInfo.cc +++ b/src/rm/RequestManagerHostPoolInfo.cc @@ -23,11 +23,11 @@ void RequestManager::HostPoolInfo::execute( xmlrpc_c::paramList const& paramList, xmlrpc_c::value * const retval) -{ +{ string session; ostringstream oss; int rc; - + /* -- RPC specific vars -- */ vector arrayData; xmlrpc_c::value_array * arrayresult; @@ -37,8 +37,7 @@ void RequestManager::HostPoolInfo::execute( // Get the parameters session = xmlrpc_c::value_string(paramList.getString(0)); - - // Check if it is a valid user + //Authenticate the user rc = HostPoolInfo::upool->authenticate(session); if ( rc == -1 ) @@ -46,16 +45,16 @@ void RequestManager::HostPoolInfo::execute( goto error_authenticate; } - // Perform the allocation in the vmpool + // Perform the allocation in the vmpool rc = HostPoolInfo::hpool->dump(oss,""); - + if ( rc != 0 ) - { + { goto error_dump; } - - //All nice, return the host info to the client - arrayData.push_back(xmlrpc_c::value_boolean(true)); // SUCCESS + + //All nice, return the host info to the client + arrayData.push_back(xmlrpc_c::value_boolean(true)); // SUCCESS arrayData.push_back(xmlrpc_c::value_string(oss.str())); arrayresult = new xmlrpc_c::value_array(arrayData); @@ -69,24 +68,24 @@ void RequestManager::HostPoolInfo::execute( return; error_authenticate: - oss << "User not authenticated, RequestManagerHostPoolInfo aborted."; + oss << "Error in user authentication"; goto error_common; error_dump: - oss << "Error getting host pool"; + oss << "Error getting host pool"; goto error_common; error_common: arrayData.push_back(xmlrpc_c::value_boolean(false)); // FAILURE arrayData.push_back(xmlrpc_c::value_string(oss.str())); - - NebulaLog::log("ReM",Log::ERROR,oss); - + + NebulaLog::log("ReM",Log::ERROR,oss); + xmlrpc_c::value_array arrayresult_error(arrayData); *retval = arrayresult_error; - + return; }