From f1478e680ef30dc13dfee37d912d948c3c636647 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlos=20Mart=C3=ADn?= <cmartins@fdi.ucm.es>
Date: Thu, 12 Jan 2012 12:07:03 +0100
Subject: [PATCH 1/3] Feature #862: Change RMDelete auth. request to ADMIN for
 Hosts, Groups and Users, and MANAGE for the rest

---
 include/RequestManagerDelete.h | 3 +++
 src/rm/RequestManagerDelete.cc | 4 +---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/include/RequestManagerDelete.h b/include/RequestManagerDelete.h
index cff2f25b64..ea3485a8a9 100644
--- a/include/RequestManagerDelete.h
+++ b/include/RequestManagerDelete.h
@@ -131,6 +131,7 @@ public:
         Nebula& nd  = Nebula::instance();
         pool        = nd.get_hpool();
         auth_object = PoolObjectSQL::HOST;
+        auth_op     = AuthRequest::ADMIN;
     };
 
     ~HostDelete(){};
@@ -149,6 +150,7 @@ public:
         Nebula& nd = Nebula::instance();
         pool       = nd.get_gpool();
         auth_object = PoolObjectSQL::GROUP;
+        auth_op     = AuthRequest::ADMIN;
     };
 
     ~GroupDelete(){};
@@ -166,6 +168,7 @@ public:
         Nebula& nd  = Nebula::instance();
         pool        = nd.get_upool();
         auth_object = PoolObjectSQL::USER;
+        auth_op     = AuthRequest::ADMIN;
     };
 
     ~UserDelete(){};
diff --git a/src/rm/RequestManagerDelete.cc b/src/rm/RequestManagerDelete.cc
index 8c912d89d8..a8e3c44d77 100644
--- a/src/rm/RequestManagerDelete.cc
+++ b/src/rm/RequestManagerDelete.cc
@@ -48,9 +48,7 @@ bool RequestManagerDelete::delete_authorization(int                oid,
 
     AuthRequest ar(att.uid, att.gid);
 
-    ar.add_create_auth(auth_object, "");
-
-    ar.add_auth(auth_op, perms);
+    ar.add_auth(auth_op, perms);    // <MANAGE|ADMIN> OBJECT
 
     if (UserPool::authorize(ar) == -1)
     {

From 0e69749569ce09c67697e4668e569fb01ccae27c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlos=20Mart=C3=ADn?= <cmartins@fdi.ucm.es>
Date: Thu, 12 Jan 2012 12:22:01 +0100
Subject: [PATCH 2/3] Feature #862: Update onedb migrator for new delete
 authorization from commit:f1478e680ef30dc13dfee37d912d948c3c636647

---
 src/onedb/3.1.80_to_3.1.85.rb | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/src/onedb/3.1.80_to_3.1.85.rb b/src/onedb/3.1.80_to_3.1.85.rb
index 3e766e2701..b6c1ee9adb 100644
--- a/src/onedb/3.1.80_to_3.1.85.rb
+++ b/src/onedb/3.1.80_to_3.1.85.rb
@@ -40,6 +40,21 @@ module Migrator
 #       0x400                 "CHAUTH"
     }
 
+    USER_GROUP_RIGHTS =
+    {
+        0x1      => 0x8,    # "CREATE"        => "CREATE"
+        0x2      => 0x4,    # "DELETE"        => "ADMIN"
+        0x4      => 0x1,    # "USE"           => "USE"
+        0x8      => 0x2,    # "MANAGE"        => "MANAGE"
+        0x10     => 0x1,    # "INFO"          => "USE"
+#       0x20                  "INFO_POOL"
+#       0x40                  "INFO_POOL_MINE"
+        0x80     => 0x1,    # "INSTANTIATE"   => "USE"
+        0x100    => 0x2,    # "CHOWN"         => "MANAGE"
+        0x200    => 0x4,    # "DEPLOY"        => "ADMIN"
+        0x400    => 0x4     # "CHAUTH"        => "ADMIN"
+    }
+
     RIGHTS =
     {
         0x1      => 0x8,    # "CREATE"        => "CREATE"
@@ -74,6 +89,8 @@ module Migrator
 
             if ( row[:resource] & 0x2000000000 != 0 ) # Resource contains HOST
                 rights_hash = HOST_RIGHTS
+            elsif ( row[:resource] & 0x0000050000000000 != 0 ) # Resource contains USER or GROUP
+                rights_hash = USER_GROUP_RIGHTS
             else
                 rights_hash = RIGHTS
             end

From e8220c64560079d060c87bbe64d02086b1649a92 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Carlos=20Mart=C3=ADn?= <cmartins@fdi.ucm.es>
Date: Thu, 12 Jan 2012 12:27:08 +0100
Subject: [PATCH 3/3] Rename 3.1.85 migrator to 3.2.0

---
 install.sh                                            | 2 +-
 src/onedb/{3.1.80_to_3.1.85.rb => 3.1.80_to_3.2.0.rb} | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)
 rename src/onedb/{3.1.80_to_3.1.85.rb => 3.1.80_to_3.2.0.rb} (99%)

diff --git a/install.sh b/install.sh
index 01f46eed4c..19b2ae0a69 100755
--- a/install.sh
+++ b/install.sh
@@ -816,7 +816,7 @@ ONEDB_MIGRATOR_FILES="src/onedb/2.0_to_2.9.80.rb \
                       src/onedb/2.9.90_to_3.0.0.rb \
                       src/onedb/3.0.0_to_3.1.0.rb \
                       src/onedb/3.1.0_to_3.1.80.rb \
-                      src/onedb/3.1.80_to_3.1.85.rb \
+                      src/onedb/3.1.80_to_3.2.0.rb \
                       src/onedb/onedb.rb \
                       src/onedb/onedb_backend.rb"
 
diff --git a/src/onedb/3.1.80_to_3.1.85.rb b/src/onedb/3.1.80_to_3.2.0.rb
similarity index 99%
rename from src/onedb/3.1.80_to_3.1.85.rb
rename to src/onedb/3.1.80_to_3.2.0.rb
index b6c1ee9adb..1693b4a44b 100644
--- a/src/onedb/3.1.80_to_3.1.85.rb
+++ b/src/onedb/3.1.80_to_3.2.0.rb
@@ -18,11 +18,11 @@ include REXML
 
 module Migrator
     def db_version
-        "3.1.85"
+        "3.2.0"
     end
 
     def one_version
-        "OpenNebula 3.1.85"
+        "OpenNebula 3.2.0"
     end
 
     HOST_RIGHTS =