shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-02-26 09:57:23 +03:00
Code Releases Wiki Activity

Feature #2653: Store zone_id in AclManager and send it to PoolObjectAuth

Browse Source
This commit is contained in:
Ruben S. Montero 2014-01-25 20:41:13 +01:00
parent 42f05a88ff
commit 2c6049b754
3 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
include/PoolObjectAuth.h
View File

@ -47,11 +47,12 @@ public:
void get_acl_rules(AclRule& owner_rule,
AclRule& group_rule,
AclRule& other_rule) const;
AclRule& other_rule,
int zone_id) const;
string type_to_str() const
{
return PoolObjectSQL::type_to_str(obj_type);
return PoolObjectSQL::type_to_str(obj_type);
};
/* --------------------------- Attributes ------------------------------- */

2
src/acl/AclManager.cc
View File

@ -239,7 +239,7 @@ const bool AclManager::authorize(
AclRule other_rule;
multimap<long long, AclRule *> tmp_rules;
obj_perms.get_acl_rules(owner_rule, group_rule, other_rule);
obj_perms.get_acl_rules(owner_rule, group_rule, other_rule, zone_id);
tmp_rules.insert( make_pair(owner_rule.user, &owner_rule) );
tmp_rules.insert( make_pair(group_rule.user, &group_rule) );

9
src/pool/PoolObjectAuth.cc
View File

@ -20,15 +20,14 @@
void PoolObjectAuth::get_acl_rules(AclRule& owner_rule,
AclRule& group_rule,
AclRule& other_rule) const
AclRule& other_rule,
int zone_id) const
{
long long perm_user, perm_resource, perm_rights, perm_zone;
perm_resource = obj_type | AclRule::INDIVIDUAL_ID | oid;
// TODO: zone id is 0 in stand alone mode
//perm_zone = AclRule::INDIVIDUAL_ID | Nebula::instance().get_zone_id();
perm_zone = AclRule::INDIVIDUAL_ID | 0;
perm_zone = AclRule::INDIVIDUAL_ID | zone_id;
// -------------------------------------------------------------------------
// Rule "#uid ob_type/#oid user_rights #zone"
@ -81,7 +80,7 @@ void PoolObjectAuth::get_acl_rules(AclRule& owner_rule,
// -------------------------------------------------------------------------
// Rule "* ob_type/#oid others_rights"
// -------------------------------------------------------------------------
perm_user = AclRule::ALL_ID;
perm_rights = 0;