mirror of
https://github.com/OpenNebula/one.git
synced 2024-12-23 17:33:56 +03:00
Add default ACLs (group.default) when creating a new group from the CLI
This commit is contained in:
parent
67ac6f6662
commit
324f574651
@ -245,7 +245,7 @@ CONF_CLI_DIRS="$CONF_LOCATION/cli"
|
||||
|
||||
if [ "$CLIENT" = "yes" ]; then
|
||||
MAKE_DIRS="$MAKE_DIRS $LIB_ECO_CLIENT_DIRS $LIB_OCCI_CLIENT_DIRS \
|
||||
$LIB_OCA_CLIENT_DIRS $LIB_CLI_CLIENT_DIRS $CONF_CLI_DIRS"
|
||||
$LIB_OCA_CLIENT_DIRS $LIB_CLI_CLIENT_DIRS $CONF_CLI_DIRS $ETC_LOCATION"
|
||||
elif [ "$SUNSTONE" = "yes" ]; then
|
||||
MAKE_DIRS="$MAKE_DIRS $SUNSTONE_DIRS $LIB_OCA_CLIENT_DIRS"
|
||||
else
|
||||
@ -313,6 +313,7 @@ INSTALL_CLIENT_FILES=(
|
||||
CLI_BIN_FILES:$BIN_LOCATION
|
||||
CLI_LIB_FILES:$LIB_LOCATION/ruby/cli
|
||||
ONE_CLI_LIB_FILES:$LIB_LOCATION/ruby/cli/one_helper
|
||||
ETC_CLIENT_FILES:$ETC_LOCATION
|
||||
CLI_CONF_FILES:$CONF_LOCATION/cli
|
||||
OCA_LIB_FILES:$LIB_LOCATION/ruby
|
||||
RUBY_OPENNEBULA_LIB_FILES:$LIB_LOCATION/ruby/OpenNebula
|
||||
@ -556,7 +557,8 @@ ONEDB_MIGRATOR_FILES="src/onedb/1.rb \
|
||||
#-------------------------------------------------------------------------------
|
||||
|
||||
ETC_FILES="share/etc/oned.conf \
|
||||
share/etc/defaultrc"
|
||||
share/etc/defaultrc \
|
||||
src/cli/etc/group.default"
|
||||
|
||||
#-------------------------------------------------------------------------------
|
||||
# Virtualization drivers config. files, to be installed under $ETC_LOCATION
|
||||
@ -793,6 +795,8 @@ CLI_CONF_FILES="src/cli/etc/onegroup.yaml \
|
||||
src/cli/etc/onevnet.yaml \
|
||||
src/cli/etc/oneacl.yaml"
|
||||
|
||||
ETC_CLIENT_FILES="src/cli/etc/group.default"
|
||||
|
||||
#-----------------------------------------------------------------------------
|
||||
# Sunstone files
|
||||
#-----------------------------------------------------------------------------
|
||||
|
@ -16,6 +16,12 @@
|
||||
|
||||
require 'one_helper'
|
||||
|
||||
if ONE_LOCATION
|
||||
GROUP_DEFAULT=ONE_LOCATION+"/etc/group.default"
|
||||
else
|
||||
GROUP_DEFAULT="/etc/one/group.default"
|
||||
end
|
||||
|
||||
class OneGroupHelper < OpenNebulaHelper::OneHelper
|
||||
def self.rname
|
||||
"GROUP"
|
||||
@ -25,6 +31,49 @@ class OneGroupHelper < OpenNebulaHelper::OneHelper
|
||||
"onegroup.yaml"
|
||||
end
|
||||
|
||||
def create_resource(options, &block)
|
||||
group = factory
|
||||
|
||||
rc = block.call(group)
|
||||
if OpenNebula.is_error?(rc)
|
||||
return -1, rc.message
|
||||
else
|
||||
puts "ID: #{group.id.to_s}"
|
||||
end
|
||||
|
||||
exit_code = 0
|
||||
|
||||
puts "Creating default ACL rules from #{GROUP_DEFAULT}" if options[:verbose]
|
||||
File.open(GROUP_DEFAULT).each_line{ |l|
|
||||
next if l.match(/^#/)
|
||||
|
||||
rule = "@#{group.id} #{l}"
|
||||
parse = OpenNebula::Acl.parse_rule(rule)
|
||||
if OpenNebula.is_error?(parse)
|
||||
puts "Error parsing rule #{rule}"
|
||||
puts "Error message" << parse.message
|
||||
exit_code = -1
|
||||
next
|
||||
end
|
||||
|
||||
xml = OpenNebula::Acl.build_xml
|
||||
acl = OpenNebula::Acl.new(xml, @client)
|
||||
rc = acl.allocate(*parse)
|
||||
if OpenNebula.is_error?(rc)
|
||||
puts "Error creating rule #{rule}"
|
||||
puts "Error message" << rc.message
|
||||
exit_code = -1
|
||||
next
|
||||
else
|
||||
msg = "ACL_ID: #{acl.id.to_s}"
|
||||
msg << " RULE: #{rule.strip}" if options[:verbose]
|
||||
puts msg
|
||||
end
|
||||
}
|
||||
|
||||
exit_code
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def factory(id=nil)
|
||||
|
@ -60,27 +60,17 @@ cmd = CommandParser::CmdParser.new(ARGV) do
|
||||
[:rights, nil] do
|
||||
case args.length
|
||||
when 1
|
||||
new_args=Acl.parse_rule(args[0])
|
||||
new_args = Acl.parse_rule(args[0])
|
||||
|
||||
if OpenNebula.is_error?(new_args)
|
||||
next -1, new_args.message
|
||||
end
|
||||
when 3
|
||||
new_args=args
|
||||
else
|
||||
next -1, "Wrong number of arguments, must be 1 or 3"
|
||||
end
|
||||
|
||||
errors=new_args.map do |arg|
|
||||
if OpenNebula.is_error?(arg)
|
||||
arg.message
|
||||
else
|
||||
nil
|
||||
end
|
||||
end
|
||||
|
||||
errors.compact!
|
||||
|
||||
if errors.length>0
|
||||
next -1, errors.join(', ')
|
||||
end
|
||||
|
||||
helper.create_resource(options) do |rule|
|
||||
rule.allocate(*new_args)
|
||||
end
|
||||
|
@ -142,14 +142,28 @@ module OpenNebula
|
||||
rule_str = rule_str.split(" ")
|
||||
|
||||
if rule_str.length != 3
|
||||
return [OpenNebula::Error.new(
|
||||
"String needs three components: User, Resource, Rights")]
|
||||
return OpenNebula::Error.new(
|
||||
"String needs three components: User, Resource, Rights")
|
||||
end
|
||||
|
||||
ret << parse_users(rule_str[0])
|
||||
ret << parse_resources(rule_str[1])
|
||||
ret << parse_rights(rule_str[2])
|
||||
|
||||
errors=ret.map do |arg|
|
||||
if OpenNebula.is_error?(arg)
|
||||
arg.message
|
||||
else
|
||||
nil
|
||||
end
|
||||
end
|
||||
|
||||
errors.compact!
|
||||
|
||||
if errors.length>0
|
||||
return OpenNebula::Error.new(errors.join(', '))
|
||||
end
|
||||
|
||||
return ret
|
||||
end
|
||||
|
||||
@ -184,7 +198,7 @@ private
|
||||
|
||||
resources[0].split("+").each{ |resource|
|
||||
if !RESOURCES[resource.upcase]
|
||||
raise "Resource '#{resource}' does not exist"
|
||||
raise "Resource '#{resource}' does not exist"
|
||||
end
|
||||
ret += RESOURCES[resource.upcase]
|
||||
}
|
||||
@ -226,7 +240,7 @@ private
|
||||
#
|
||||
# @return [Integer] the numeric value for the given id_str
|
||||
def self.calculate_ids(id_str)
|
||||
raise "ID string '#{id_str}' malformed" if
|
||||
raise "ID string '#{id_str}' malformed" if
|
||||
!id_str.match(/^([\#@]\d+|\*)$/)
|
||||
|
||||
value = 0
|
||||
|
Loading…
Reference in New Issue
Block a user