shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-03-28 14:50:08 +03:00
Code Releases Wiki Activity

Feature #687: Additional check for new ACL rules

Browse Source
This commit is contained in:
Carlos Martín 2011-07-01 12:54:31 +02:00
parent dc0a1edff5
commit 1b656b3b29
2 changed files with 25 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
include/RequestManagerPoolInfoFilter.h
View File

@ -41,9 +41,9 @@ protected:
/* -------------------------------------------------------------------- */
static const int ALL; /**< Secify all objects in the pool (-2) */
static const int MINE; /**< Secify user's objects in the pool (-3)*/
static const int MINE_GROUP; /**< Secify users + group objects (-1) */
static const int ALL; /**< Specify all objects in the pool (-2) */
static const int MINE; /**< Specify user's objects in the pool (-3)*/
static const int MINE_GROUP; /**< Specify users + group objects (-1) */
/* -------------------------------------------------------------------- */

22
src/acl/AclRule.cc
View File

@ -65,6 +65,17 @@ bool AclRule::malformed(string& error_str) const
oss << "[user] GROUP (@) and ALL (*) bits are exclusive";
}
if ( (user & 0x700000000LL) == 0 )
{
if ( error )
{
oss << "; ";
}
error = true;
oss << "[user] is missing one of the INDIVIDUAL, GROUP or ALL bits";
}
if ( user_id() < 0 )
{
if ( error )
@ -122,6 +133,17 @@ bool AclRule::malformed(string& error_str) const
oss << "[resource] GROUP (@) and ALL (*) bits are exclusive";
}
if ( (resource & 0x700000000LL) == 0 )
{
if ( error )
{
oss << "; ";
}
error = true;
oss << "[resource] is missing one of the INDIVIDUAL, GROUP or ALL bits";
}
if ( resource_id() < 0 )
{
if ( error )