1
0
mirror of https://github.com/OpenNebula/one.git synced 2024-12-22 13:33:52 +03:00

Bug #1804, #2618: Create auth request uses the new object's target group

This commit is contained in:
Carlos Martín 2014-01-29 18:15:06 +01:00
parent 6ba694d6b2
commit 51b7327d09
6 changed files with 18 additions and 14 deletions

View File

@ -85,18 +85,21 @@ public:
*
* OBJECT:<-1|OBJECT_TMPL_XML64>:CREATE:UID:AUTH
*
* @param uid of the object owner
* @param gid of the object group
* @param type of the object to be created
* @param txml template of the new object
*/
void add_create_auth(PoolObjectSQL::ObjectType type, const string& txml)
{
PoolObjectAuth perms; //oid & gid set to -1
void add_create_auth(int uid, int gid, PoolObjectSQL::ObjectType type, const string& txml)
{
PoolObjectAuth perms; //oid & gid set to -1
perms.uid = uid;
perms.obj_type = type;
perms.uid = uid;
perms.gid = gid;
perms.obj_type = type;
add_auth(AuthRequest::CREATE, perms, txml);
}
add_auth(AuthRequest::CREATE, perms, txml);
}
/**
* Adds a new authorization item to this request

View File

@ -41,7 +41,7 @@ bool RequestManagerAllocate::allocate_authorization(
tmpl->to_xml(tmpl_str);
}
ar.add_create_auth(auth_object, tmpl_str);
ar.add_create_auth(att.uid, att.gid, auth_object, tmpl_str);
if ( cluster_perms->oid != ClusterPool::NONE_CLUSTER_ID )
{
@ -99,7 +99,7 @@ bool VirtualMachineAllocate::allocate_authorization(
// ------------------ Authorize VM create operation ------------------------
ar.add_create_auth(auth_object, tmpl->to_xml(t64));
ar.add_create_auth(att.uid, att.gid, auth_object, tmpl->to_xml(t64));
VirtualMachine::set_auth_request(att.uid, ar, ttmpl);
@ -485,7 +485,7 @@ void ImageAllocate::request_execute(xmlrpc_c::paramList const& params,
// ------------------ Check permissions and ACLs ----------------------
tmpl->to_xml(tmpl_str);
ar.add_create_auth(auth_object, tmpl_str); // CREATE IMAGE
ar.add_create_auth(att.uid, att.gid, auth_object, tmpl_str); // CREATE IMAGE
ar.add_auth(AuthRequest::USE, ds_perms); // USE DATASTORE

View File

@ -85,7 +85,7 @@ void RequestManagerClone::request_execute(
tmpl->to_xml(tmpl_str);
ar.add_create_auth(auth_object, tmpl_str);
ar.add_create_auth(att.uid, att.gid, auth_object, tmpl_str);
if (UserPool::authorize(ar) == -1)
{

View File

@ -364,7 +364,7 @@ void ImageClone::request_execute(
tmpl->to_xml(tmpl_str);
ar.add_create_auth(auth_object, tmpl_str); // CREATE IMAGE
ar.add_create_auth(att.uid, att.gid, auth_object, tmpl_str); // CREATE IMAGE
ar.add_auth(AuthRequest::USE, ds_perms); // USE DATASTORE

View File

@ -187,7 +187,8 @@ void VMTemplateInstantiate::request_execute(xmlrpc_c::paramList const& paramList
tmpl->to_xml(tmpl_str);
ar.add_create_auth(auth_object, tmpl_str); // CREATE TEMPLATE
// CREATE TEMPLATE
ar.add_create_auth(att.uid, att.gid, auth_object, tmpl_str);
}
VirtualMachine::set_auth_request(att.uid, ar, tmpl);

View File

@ -68,7 +68,7 @@ bool RequestManagerVirtualMachine::vm_authorization(
{
string t_xml;
ar.add_create_auth(PoolObjectSQL::IMAGE, tmpl->to_xml(t_xml));
ar.add_create_auth(att.uid, att.gid, PoolObjectSQL::IMAGE, tmpl->to_xml(t_xml));
}
if ( vtmpl != 0 )