shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-01-03 01:17:41 +03:00
Code Releases Wiki Activity

feature #4369: Better const signature. Removed unused varibles and

Browse Source 
methods. ACL filter is generated in the ClusterPool class, moved DB name
to private scope. Copy constructor for object collection. Uniform
get_cluster_id function.
This commit is contained in:
Ruben S. Montero 2016-03-19 23:13:10 +01:00
parent 568a529487
commit 3fb8a0e161
16 changed files with 138 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
include/AclManager.h
View File

@ -261,17 +261,16 @@ private:
* @return true if any rule grants permission
*/
bool match_rules(
const long long &user_req,
const long long &resource_oid_req,
const long long &resource_gid_req,
long long user_req,
long long resource_oid_req,
long long resource_gid_req,
const set<long long>& resource_cid_req,
const long long &resource_all_req,
const long long &rights_req,
const long long &resource_oid_mask,
const long long &resource_gid_mask,
const long long &resource_cid_mask,
long long resource_all_req,
long long rights_req,
long long resource_oid_mask,
long long resource_gid_mask,
long long resource_cid_mask,
const multimap<long long, AclRule*>& rules);
/**
* Wrapper for match_rules. It will check if any rules in the temporary
* multimap or in the internal one grants permission.
@ -290,17 +289,16 @@ private:
* @return true if any rule grants permission
*/
bool match_rules_wrapper(
const long long &user_req,
const long long &resource_oid_req,
const long long &resource_gid_req,
long long user_req,
long long resource_oid_req,
long long resource_gid_req,
const set<long long>& resource_cid_req,
const long long &resource_all_req,
const long long &rights_req,
const long long &individual_obj_type,
const long long &group_obj_type,
const long long &cluster_obj_type,
long long resource_all_req,
long long rights_req,
long long individual_obj_type,
long long group_obj_type,
long long cluster_obj_type,
const multimap<long long, AclRule*> &tmp_rules);
/**
* Deletes all rules that match the user mask
*

9
include/Cluster.h
View File

@ -192,10 +192,6 @@ public:
*/
int from_xml(const string &xml_str);
static const char * datastore_table;
static const char * network_table;
private:
// -------------------------------------------------------------------------
@ -207,7 +203,6 @@ private:
// *************************************************************************
// Constructor
// *************************************************************************
Cluster(int id,
const string& name,
ClusterTemplate* cl_template);
@ -217,7 +212,6 @@ private:
// *************************************************************************
// Attributes (Private)
// *************************************************************************
ObjectCollection hosts;
ObjectCollection datastores;
ObjectCollection vnets;
@ -225,14 +219,15 @@ private:
// *************************************************************************
// DataBase implementation (Private)
// *************************************************************************
static const char * db_names;
static const char * db_bootstrap;
static const char * table;
static const char * datastore_table;
static const char * datastore_db_names;
static const char * datastore_db_bootstrap;
static const char * network_table;
static const char * network_db_names;
static const char * network_db_bootstrap;

10
include/ClusterPool.h
View File

@ -146,8 +146,16 @@ public:
limit);
};
/**
* Generates the cluster part of the ACL filter to look for objects. This
* filter is generated for objects that can be part of a cluster
* @param acl_filter stream to write the filter
* @param auth_object to generate the filter for
* @param cids vector of cluster ids
*/
static void cluster_acl_filter(ostringstream& filter,
PoolObjectSQL::ObjectType auth_object, const vector<int>& cids);
private:
/**
* Factory method to produce objects
* @return a pointer to the new object

18
include/Clusterable.h
View File

@ -19,8 +19,6 @@
#include "ObjectCollection.h"
using namespace std;
class Clusterable
{
public:
@ -40,7 +38,7 @@ public:
*
* @return The cluster IDs set
*/
set<int> get_cluster_ids() const
std::set<int> get_cluster_ids() const
{
return cluster_ids.clone();
};
@ -52,7 +50,7 @@ public:
*
* @return 0 on success, -1 otherwise
*/
int from_xml(const ObjectXML* xml, const string& xpath_prefix)
int from_xml(const ObjectXML* xml, const std::string& xpath_prefix)
{
return cluster_ids.from_xml(xml, xpath_prefix);
};
@ -63,21 +61,15 @@ public:
* @param xml the resulting XML string
* @return a reference to the generated string
*/
string& to_xml(string& xml) const
std::string& to_xml(std::string& xml) const
{
return cluster_ids.to_xml(xml);
};
protected:
Clusterable(const set<int> &_cluster_ids):
cluster_ids("CLUSTERS")
{
for(set<int>::iterator i=_cluster_ids.begin();i!=_cluster_ids.end();i++)
{
cluster_ids.add(*i);
}
};
Clusterable(const std::set<int> &_cluster_ids):
cluster_ids("CLUSTERS", _cluster_ids){};
~Clusterable(){};

10
include/ClusterableSingle.h
View File

@ -17,8 +17,6 @@
#ifndef CLUSTERABLE_SINGLE_H_
#define CLUSTERABLE_SINGLE_H_
using namespace std;
class ClusterableSingle
{
public:
@ -29,7 +27,7 @@ public:
* @param _cluster_id Id of the new cluster
* @param _cluster Name of the new cluster
*/
void set_cluster(int _cluster_id, const string& _cluster)
void set_cluster(int _cluster_id, const std::string& _cluster)
{
cluster_id = _cluster_id;
cluster = _cluster;
@ -50,7 +48,7 @@ public:
*
* @return The cluster name
*/
const string& get_cluster_name() const
const std::string& get_cluster_name() const
{
return cluster;
};
@ -58,7 +56,7 @@ public:
protected:
ClusterableSingle(int _cluster_id, const string& _cluster):
ClusterableSingle(int _cluster_id, const std::string& _cluster):
cluster_id(_cluster_id),
cluster(_cluster){};
@ -72,7 +70,7 @@ protected:
/**
* Name of the cluster this object belongs to.
*/
string cluster;
std::string cluster;
};
#endif /*CLUSTERABLE_SINGLE_H_*/

3
include/ObjectCollection.h
View File

@ -33,6 +33,9 @@ public:
ObjectCollection(const string& _collection_name)
:collection_name(_collection_name){};
ObjectCollection(const string& cname, const set<int>& cset)
:collection_name(cname), collection_set(cset){};
~ObjectCollection(){};
/**

9
include/ObjectXML.h
View File

@ -187,15 +187,6 @@ public:
return __search(name, value);
}
/**
* Get xml nodes by Xpath
* @param xpath_expr the Xpath for the elements
* @param content nodes for the given Xpath expression. The nodes are
* returned as pointers to the object nodes.
* @return the number of nodes found
*/
int get_nodes(const char * xpath_expr, std::vector<xmlNodePtr>& content) const;
/**
* Get xml nodes by Xpath
* @param xpath_expr the Xpath for the elements

38
include/RequestManagerAllocate.h
View File

@ -100,6 +100,17 @@ protected:
protected:
ClusterPool * clpool;
int get_cluster_id(xmlrpc_c::paramList const& paramList, int cluster_pos)
{
int cid = xmlrpc_c::value_int(paramList.getInt(cluster_pos));
if (cid == -1)
{
cid = ClusterPool::DEFAULT_CLUSTER_ID;
}
return cid;
};
private:
bool do_template;
@ -177,14 +188,7 @@ public:
int get_cluster_id(xmlrpc_c::paramList const& paramList)
{
int cid = xmlrpc_c::value_int(paramList.getInt(2));
if (cid == -1)
{
cid = ClusterPool::DEFAULT_CLUSTER_ID;
}
return cid;
return RequestManagerAllocate::get_cluster_id(paramList, 2);
};
int add_to_cluster(
@ -287,14 +291,7 @@ public:
int get_cluster_id(xmlrpc_c::paramList const& paramList)
{
int cid = xmlrpc_c::value_int(paramList.getInt(5));
if (cid == -1)
{
cid = ClusterPool::DEFAULT_CLUSTER_ID;
}
return cid;
return RequestManagerAllocate::get_cluster_id(paramList, 5);
};
int add_to_cluster(
@ -398,14 +395,7 @@ public:
int get_cluster_id(xmlrpc_c::paramList const& paramList)
{
int cid = xmlrpc_c::value_int(paramList.getInt(2));
if (cid == -1)
{
cid = ClusterPool::DEFAULT_CLUSTER_ID;
}
return cid;
return RequestManagerAllocate::get_cluster_id(paramList, 2);
};
int add_to_cluster(

10
include/RequestManagerCluster.h
View File

@ -84,11 +84,6 @@ protected:
PoolObjectSQL::ObjectType type,
bool add);
virtual Datastore::DatastoreType get_ds_type(PoolObjectSQL *obj)
{
return Datastore::FILE_DS;
};
/**
* Add object to cluster id collection
* @param cluster where to add the object
@ -204,11 +199,6 @@ public:
~RequestManagerClusterDatastore(){};
virtual Datastore::DatastoreType get_ds_type(PoolObjectSQL *obj)
{
return static_cast<Datastore*>(obj)->get_type();
};
virtual int add_object(
Cluster* cluster,
int id,

41
src/acl/AclManager.cc
View File

@ -398,15 +398,15 @@ const bool AclManager::authorize(
/* -------------------------------------------------------------------------- */
bool AclManager::match_rules_wrapper(
const long long &user_req,
const long long &resource_oid_req,
const long long &resource_gid_req,
long long user_req,
long long resource_oid_req,
long long resource_gid_req,
const set<long long>& resource_cid_req,
const long long &resource_all_req,
const long long &rights_req,
const long long &individual_obj_type,
const long long &group_obj_type,
const long long &cluster_obj_type,
long long resource_all_req,
long long rights_req,
long long individual_obj_type,
long long group_obj_type,
long long cluster_obj_type,
const multimap<long long, AclRule*> &tmp_rules)
{
bool auth = false;
@ -452,10 +452,10 @@ bool AclManager::match_rules_wrapper(
/* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */
inline bool match_cluster_req(
static bool match_cluster_req(
const set<long long> &resource_cid_req,
const long long &resource_cid_mask,
const long long &rule_resource)
long long resource_cid_mask,
long long rule_resource)
{
set<long long>::iterator i;
@ -474,15 +474,15 @@ inline bool match_cluster_req(
/* -------------------------------------------------------------------------- */
bool AclManager::match_rules(
const long long &user_req,
const long long &resource_oid_req,
const long long &resource_gid_req,
long long user_req,
long long resource_oid_req,
long long resource_gid_req,
const set<long long>& resource_cid_req,
const long long &resource_all_req,
const long long &rights_req,
const long long &resource_oid_mask,
const long long &resource_gid_mask,
const long long &resource_cid_mask,
long long resource_all_req,
long long rights_req,
long long resource_oid_mask,
long long resource_gid_mask,
long long resource_cid_mask,
const multimap<long long, AclRule*> &rules)
{
@ -532,7 +532,8 @@ bool AclManager::match_rules(
( ( it->second->resource & resource_oid_mask ) == resource_oid_req )
||
// Or rule's object type and one of the cluster object ID match
match_cluster_req(resource_cid_req, resource_cid_mask, it->second->resource)
match_cluster_req(resource_cid_req, resource_cid_mask,
it->second->resource)
);
if ( auth == true )

48
src/cluster/ClusterPool.cc
View File

@ -161,3 +161,51 @@ int ClusterPool::drop(PoolObjectSQL * objsql, string& error_msg)
return rc;
}
/* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */
void ClusterPool::cluster_acl_filter(ostringstream& filter,
PoolObjectSQL::ObjectType auth_object, const vector<int>& cids)
{
if ( cids.empty() )
{
return;
}
string fc = "";
switch (auth_object)
{
case PoolObjectSQL::HOST:
filter << " OR ";
break;
case PoolObjectSQL::DATASTORE:
filter << " OR oid IN ( SELECT oid from " << Cluster::datastore_table
<< " WHERE ";
fc = ")";
break;
case PoolObjectSQL::NET:
filter << " OR oid IN ( SELECT oid from " << Cluster::network_table
<< " WHERE ";
fc = ")";
break;
default:
return;
}
for ( vector<int>::const_iterator it = cids.begin(); it < cids.end(); it++ )
{
if ( it != cids.begin() )
{
filter << " OR ";
}
filter << "cid = " << *it;
}
filter << fc;
}

1
src/pool/ObjectCollection.cc
View File

@ -74,7 +74,6 @@ int ObjectCollection::from_xml(const ObjectXML* xml, const string& xpath_prefix)
rc = from_xml_node(content[0]);
xml->free_nodes(content);
content.clear();
return rc;
}

6
src/pool/PoolObjectSQL.cc
View File

@ -370,11 +370,7 @@ void PoolObjectSQL::get_permissions(PoolObjectAuth& auth)
if(cls != 0)
{
set<int> ids;
ids.insert(cls->get_cluster_id());
auth.cids = ids;
auth.cids.insert(cls->get_cluster_id());
}
}
}

32
src/pool/PoolSQL.cc
View File

@ -702,7 +702,8 @@ void PoolSQL::acl_filter(int uid,
{
filter.clear();
if ( uid == UserPool::ONEADMIN_ID || user_groups.count( GroupPool::ONEADMIN_ID ) == 1 )
if ( uid == UserPool::ONEADMIN_ID ||
user_groups.count( GroupPool::ONEADMIN_ID ) == 1 )
{
all = true;
return;
@ -740,34 +741,7 @@ void PoolSQL::acl_filter(int uid,
acl_filter << " OR gid = " << *it;
}
if (auth_object == PoolObjectSQL::HOST)
{
for ( it = cids.begin(); it < cids.end(); it++ )
{
acl_filter << " OR cid = " << *it;
}
}
string cl_table;
if (auth_object == PoolObjectSQL::DATASTORE)
{
cl_table = Cluster::datastore_table;
}
else if (auth_object == PoolObjectSQL::NET)
{
cl_table = Cluster::network_table;
}
if (!cl_table.empty())
{
for ( it = cids.begin(); it < cids.end(); it++ )
{
acl_filter << " OR oid IN ("
<< "SELECT oid from " << cl_table
<< " WHERE cid = " << *it << ")";
}
}
ClusterPool::cluster_acl_filter(acl_filter, auth_object, cids);
filter = acl_filter.str();
}

2
src/tm/TransferManager.cc
View File

@ -665,7 +665,6 @@ void TransferManager::prolog_action(int vid)
vector<const VectorAttribute *> disk;
const VectorAttribute * os_attr;
int num;
int disk_id;
string token_password;
@ -964,7 +963,6 @@ void TransferManager::prolog_resume_action(int vid)
int ds_id;
int disk_id;
int rc;
vector<const VectorAttribute *> disk;
int num;

14
src/xml/ObjectXML.cc
View File

@ -202,23 +202,13 @@ int ObjectXML::xpath_value(string& value,const char *doc,const char *the_xpath)
/* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */
int ObjectXML::get_nodes(
const string& xpath_expr,
int ObjectXML::get_nodes(const string& xpath_expr,
std::vector<xmlNodePtr>& content) const
{
return get_nodes(xpath_expr.c_str(), content);
}
/* -------------------------------------------------------------------------- */
int ObjectXML::get_nodes (
const char * xpath_expr,
vector<xmlNodePtr>& content) const
{
xmlXPathObjectPtr obj;
obj = xmlXPathEvalExpression(
reinterpret_cast<const xmlChar *>(xpath_expr), ctx);
reinterpret_cast<const xmlChar *>(xpath_expr.c_str()), ctx);
if (obj == 0)
{