1
0
mirror of https://github.com/OpenNebula/one.git synced 2025-01-24 02:03:52 +03:00

Merge branch 'master' of git.opennebula.org:one

This commit is contained in:
Jaime Melis 2012-01-12 12:29:37 +01:00
commit 4869bc3634
4 changed files with 24 additions and 6 deletions

View File

@ -131,6 +131,7 @@ public:
Nebula& nd = Nebula::instance();
pool = nd.get_hpool();
auth_object = PoolObjectSQL::HOST;
auth_op = AuthRequest::ADMIN;
};
~HostDelete(){};
@ -149,6 +150,7 @@ public:
Nebula& nd = Nebula::instance();
pool = nd.get_gpool();
auth_object = PoolObjectSQL::GROUP;
auth_op = AuthRequest::ADMIN;
};
~GroupDelete(){};
@ -166,6 +168,7 @@ public:
Nebula& nd = Nebula::instance();
pool = nd.get_upool();
auth_object = PoolObjectSQL::USER;
auth_op = AuthRequest::ADMIN;
};
~UserDelete(){};

View File

@ -816,7 +816,7 @@ ONEDB_MIGRATOR_FILES="src/onedb/2.0_to_2.9.80.rb \
src/onedb/2.9.90_to_3.0.0.rb \
src/onedb/3.0.0_to_3.1.0.rb \
src/onedb/3.1.0_to_3.1.80.rb \
src/onedb/3.1.80_to_3.1.85.rb \
src/onedb/3.1.80_to_3.2.0.rb \
src/onedb/onedb.rb \
src/onedb/onedb_backend.rb"

View File

@ -18,11 +18,11 @@ include REXML
module Migrator
def db_version
"3.1.85"
"3.2.0"
end
def one_version
"OpenNebula 3.1.85"
"OpenNebula 3.2.0"
end
HOST_RIGHTS =
@ -40,6 +40,21 @@ module Migrator
# 0x400 "CHAUTH"
}
USER_GROUP_RIGHTS =
{
0x1 => 0x8, # "CREATE" => "CREATE"
0x2 => 0x4, # "DELETE" => "ADMIN"
0x4 => 0x1, # "USE" => "USE"
0x8 => 0x2, # "MANAGE" => "MANAGE"
0x10 => 0x1, # "INFO" => "USE"
# 0x20 "INFO_POOL"
# 0x40 "INFO_POOL_MINE"
0x80 => 0x1, # "INSTANTIATE" => "USE"
0x100 => 0x2, # "CHOWN" => "MANAGE"
0x200 => 0x4, # "DEPLOY" => "ADMIN"
0x400 => 0x4 # "CHAUTH" => "ADMIN"
}
RIGHTS =
{
0x1 => 0x8, # "CREATE" => "CREATE"
@ -74,6 +89,8 @@ module Migrator
if ( row[:resource] & 0x2000000000 != 0 ) # Resource contains HOST
rights_hash = HOST_RIGHTS
elsif ( row[:resource] & 0x0000050000000000 != 0 ) # Resource contains USER or GROUP
rights_hash = USER_GROUP_RIGHTS
else
rights_hash = RIGHTS
end

View File

@ -48,9 +48,7 @@ bool RequestManagerDelete::delete_authorization(int oid,
AuthRequest ar(att.uid, att.gid);
ar.add_create_auth(auth_object, "");
ar.add_auth(auth_op, perms);
ar.add_auth(auth_op, perms); // <MANAGE|ADMIN> OBJECT
if (UserPool::authorize(ar) == -1)
{