shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-03-29 18:50:08 +03:00
Code Releases Wiki Activity

F #5202: fix object permissions in FSCK (#1789)

Browse Source
This commit is contained in:
Alejandro Huertas Herrero 2022-02-18 13:45:09 +01:00 committed by GitHub
parent 51fa93e353
commit 5d1569c899
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 60 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
src/onedb/fsck.rb
View File

@ -100,6 +100,18 @@ EOT
FEDERATED_TABLES = ["group_pool", "user_pool", "acl", "zone_pool",
"vdc_pool", "marketplace_pool", "marketplaceapp_pool", "db_versioning"].freeze
PERMISSIONS = {
'OWNER_U' => '1',
'OWNER_M' => '1',
'OWNER_A' => '0',
'GROUP_U' => '1',
'GROUP_M' => '0',
'GROUP_A' => '0',
'OTHER_U' => '0',
'OTHER_M' => '0',
'OTHER_A' => '0'
}
def tables
TABLES
end
@ -119,6 +131,25 @@ EOT
Nokogiri::XML::CDATA.new(elem.document(), text))
end
# Check & fix objects perrmissions
def fix_permissions(object, id, doc)
cperm = doc.xpath("/#{object}/PERMISSIONS")
return false if !(cperm.nil? || cperm.empty?)
log_error("#{object} #{id} missing permissions")
p_new_elem = doc.create_element('PERMISSIONS')
doc.root.add_child(p_new_elem)
PERMISSIONS.each do |key, value|
p_new_elem.add_child(
doc.create_element(key)
).content = value
end
true
end
########################################################################
# Acl
########################################################################

2
src/onedb/fsck/datastore.rb
View File

@ -46,6 +46,8 @@ module OneDBFsck
)
end
fix_permissions('DATASTORE', row[:oid], doc)
row[:body] = doc.root.to_s
# commit

2
src/onedb/fsck/image.rb
View File

@ -174,6 +174,8 @@ module OneDBFsck
end
}
fix_permissions('IMAGE', row[:oid], doc)
# row[:body] = doc.root.to_s
# # commit

2
src/onedb/fsck/marketplace.rb
View File

@ -68,6 +68,8 @@ module OneDBFsck
zone_elem.content = "0"
end
error = fix_permissions('MARKETPLACE', row[:oid], doc)
if (error)
@fixes_marketplace[row[:oid]] = doc.root.to_s
end

6
src/onedb/fsck/marketplaceapp.rb
View File

@ -39,6 +39,8 @@ module OneDBFsck
counters[:image][origin_id][:app_clones].add(row[:oid])
end
error = fix_permissions('MARKETPLACEAPP', row[:oid], doc)
####################################################################
#####################################################################
@ -61,6 +63,10 @@ module OneDBFsck
end
apps_fix[row[:oid]] = doc.root.to_s
elsif error
@db[:marketplaceapp_pool].where(
:oid => row[:oid]
).update(:body => doc.root.to_s)
end
# DATA: Add app to marketplace list. Used in marketplace check

2
src/onedb/fsck/network.rb
View File

@ -62,6 +62,8 @@ module OneDBFsck
error = check_vn_mad(doc, oid, error)
error = fix_permissions('VNET', row[:oid], doc)
@fixes_network[oid] = doc.root.to_s if error
end
end

8
src/onedb/fsck/template.rb
View File

@ -66,6 +66,12 @@ module OneDBFsck
end
if error
error = fix_permissions('VMTEMPLATE', row[:oid], doc)
next unless error
templates_fix[row[:oid]] = doc.root.to_s
next
end
@ -75,6 +81,8 @@ module OneDBFsck
boot.content = new_boot
fix_permissions('VMTEMPLATE', row[:oid], doc)
templates_fix[row[:oid]] = doc.root.to_s
end
end

6
src/onedb/fsck/vm.rb
View File

@ -40,6 +40,8 @@ module OneDBFsck
@vms_ports[port][cid] << vm_doc.root.at_xpath('ID').text.to_i
end
fix_permissions('VM', row[:oid], vm_doc)
# DATA: Images used by this VM
vm_doc.root.xpath("TEMPLATE/DISK/IMAGE_ID").each do |e|
img_id = e.text.to_i
@ -182,6 +184,10 @@ module OneDBFsck
}
vms_fix[row[:oid]] = vm_doc.root.to_s
else
@db[:vm_pool].where(
:oid => row[:oid]
).update(:body => vm_doc.root.to_s)
end
# DATA: add resources to host counters

2
src/onedb/fsck/vrouter.rb
View File

@ -70,7 +70,7 @@ module OneDBFsck
end
# DATA: re-do list of VM IDs per vrouter
error = false
error = fix_permissions('VROUTER', row[:oid], vrouter_doc)
counters_vrouter = counters[:vrouter][row[:oid]]