shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-01-10 01:17:40 +03:00
Code Releases Wiki Activity

Add the Object type to the PoolObjectAuth class

Browse Source
This commit is contained in:
Carlos Martín 2012-01-02 22:14:43 +01:00
parent fef8cdbf08
commit 75d5e7a1fb
22 changed files with 85 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/AclManager.h
View File

@ -55,14 +55,12 @@ public:
* *
* @param uid The user ID requesting to be authorized * @param uid The user ID requesting to be authorized
* @param gid Group ID of the user * @param gid Group ID of the user
* @param obj_type The object over which the operation will be performed
* @param obj_perms The object's permission attributes * @param obj_perms The object's permission attributes
* @param op The operation to be authorized * @param op The operation to be authorized
* @return true if the authorization is granted by any rule * @return true if the authorization is granted by any rule
*/ */
const bool authorize(int uid, const bool authorize(int uid,
int gid, int gid,
AuthRequest::Object obj_type,
PoolObjectAuth * obj_perms, PoolObjectAuth * obj_perms,
AuthRequest::Operation op); AuthRequest::Operation op);

10
include/AuthManager.h
View File

@ -349,15 +349,13 @@ public:
* *
* OBJECT:OBJECT_ID:ACTION:OWNER:PUBLIC * OBJECT:OBJECT_ID:ACTION:OWNER:PUBLIC
* *
* @param ob the object over which the operation will be performed
* @param op the operation to be authorized * @param op the operation to be authorized
* @param ob_perms object's permission attributes * @param ob_perms object's permission attributes
*/ */
void add_auth(Object ob, void add_auth(Operation op,
Operation op,
PoolObjectAuth * ob_perms) PoolObjectAuth * ob_perms)
{ {
add_auth(ob, op, ob_perms, ""); add_auth(op, ob_perms, "");
} }
/** /**
@ -366,14 +364,12 @@ public:
* *
* OBJECT:OBJECT_ID:ACTION:OWNER:PUBLIC * OBJECT:OBJECT_ID:ACTION:OWNER:PUBLIC
* *
* @param ob the object over which the operation will be performed
* @param op the operation to be authorized * @param op the operation to be authorized
* @param ob_perms object's permission attributes * @param ob_perms object's permission attributes
* @param ob_template new object's template. If it is empty, * @param ob_template new object's template. If it is empty,
* it will be ignored * it will be ignored
*/ */
void add_auth(Object ob, void add_auth(Operation op,
Operation op,
PoolObjectAuth * ob_perms, PoolObjectAuth * ob_perms,
string ob_template); string ob_template);

2
include/Group.h
View File

@ -78,7 +78,7 @@ private:
// ************************************************************************* // *************************************************************************
Group(int id, const string& name): Group(int id, const string& name):
PoolObjectSQL(id,name,-1,-1,"","",table), PoolObjectSQL(id,name,-1,-1,"","",table,AuthRequest::GROUP),
ObjectCollection("USERS"){}; ObjectCollection("USERS"){};
virtual ~Group(){}; virtual ~Group(){};

2
include/PoolObjectAuth.h
View File

@ -26,6 +26,8 @@ class PoolObjectAuth
public: public:
PoolObjectAuth(PoolObjectSQL* obj) PoolObjectAuth(PoolObjectSQL* obj)
{ {
obj_type = obj->obj_type;
oid = obj->oid; oid = obj->oid;
uid = obj->uid; uid = obj->uid;
gid = obj->gid; gid = obj->gid;

7
include/PoolObjectSQL.h
View File

@ -20,6 +20,7 @@
#include "ObjectSQL.h" #include "ObjectSQL.h"
#include "ObjectXML.h" #include "ObjectXML.h"
#include "Template.h" #include "Template.h"
#include "AuthManager.h"
#include <pthread.h> #include <pthread.h>
#include <string.h> #include <string.h>
@ -45,7 +46,8 @@ public:
int _gid, int _gid,
const string& _uname, const string& _uname,
const string& _gname, const string& _gname,
const char * _table) const char * _table,
AuthRequest::Object _obj_type)
:ObjectSQL(), :ObjectSQL(),
ObjectXML(), ObjectXML(),
oid(id), oid(id),
@ -66,6 +68,7 @@ public:
other_m(0), other_m(0),
other_a(0), other_a(0),
obj_template(0), obj_template(0),
obj_type(_obj_type),
table(_table) table(_table)
{ {
pthread_mutex_init(&mutex,0); pthread_mutex_init(&mutex,0);
@ -455,6 +458,8 @@ protected:
*/ */
Template * obj_template; Template * obj_template;
AuthRequest::Object obj_type;
private: private:
/** /**

2
include/User.h
View File

@ -288,7 +288,7 @@ protected:
const string& _password, const string& _password,
const string& _auth_driver, const string& _auth_driver,
bool _enabled): bool _enabled):
PoolObjectSQL(id,_uname,-1,_gid,"",_gname,table), PoolObjectSQL(id,_uname,-1,_gid,"",_gname,table,AuthRequest::USER),
password(_password), password(_password),
auth_driver(_auth_driver), auth_driver(_auth_driver),
enabled(_enabled), enabled(_enabled),

11
src/acl/AclManager.cc
View File

@ -119,7 +119,6 @@ AclManager::~AclManager()
const bool AclManager::authorize( const bool AclManager::authorize(
int uid, int uid,
int gid, int gid,
AuthRequest::Object obj_type,
PoolObjectAuth * obj_perms, PoolObjectAuth * obj_perms,
AuthRequest::Operation op) AuthRequest::Operation op)
{ {
@ -133,7 +132,7 @@ const bool AclManager::authorize(
if ( obj_perms->oid >= 0 ) if ( obj_perms->oid >= 0 )
{ {
resource_oid_req = obj_type | AclRule::INDIVIDUAL_ID | obj_perms->oid; resource_oid_req = obj_perms->obj_type | AclRule::INDIVIDUAL_ID | obj_perms->oid;
} }
else else
{ {
@ -144,21 +143,21 @@ const bool AclManager::authorize(
if ( obj_perms->gid >= 0 ) if ( obj_perms->gid >= 0 )
{ {
resource_gid_req = obj_type | AclRule::GROUP_ID | obj_perms->gid; resource_gid_req = obj_perms->obj_type | AclRule::GROUP_ID | obj_perms->gid;
} }
else else
{ {
resource_gid_req = AclRule::NONE_ID; resource_gid_req = AclRule::NONE_ID;
} }
long long resource_all_req = obj_type | AclRule::ALL_ID; long long resource_all_req = obj_perms->obj_type | AclRule::ALL_ID;
long long rights_req = op; long long rights_req = op;
long long resource_oid_mask = long long resource_oid_mask =
( obj_type | AclRule::INDIVIDUAL_ID | 0x00000000FFFFFFFFLL ); ( obj_perms->obj_type | AclRule::INDIVIDUAL_ID | 0x00000000FFFFFFFFLL );
long long resource_gid_mask = long long resource_gid_mask =
( obj_type | AclRule::GROUP_ID | 0x00000000FFFFFFFFLL ); ( obj_perms->obj_type | AclRule::GROUP_ID | 0x00000000FFFFFFFFLL );
// Create a temporal rule, to log the request // Create a temporal rule, to log the request

9
src/authm/AuthManager.cc
View File

@ -30,8 +30,7 @@ const char * AuthManager::auth_driver_name = "auth_exe";
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */
void AuthRequest::add_auth(Object ob, void AuthRequest::add_auth(Operation op,
Operation op,
PoolObjectAuth * ob_perms, PoolObjectAuth * ob_perms,
string ob_template) string ob_template)
{ {
@ -42,7 +41,7 @@ void AuthRequest::add_auth(Object ob,
ostringstream oss; ostringstream oss;
bool auth; bool auth;
oss << Object_to_str(ob) << ":"; oss << Object_to_str(ob_perms->obj_type) << ":";
if ( !ob_template.empty() ) if ( !ob_template.empty() )
{ {
@ -82,7 +81,7 @@ void AuthRequest::add_auth(Object ob,
Nebula& nd = Nebula::instance(); Nebula& nd = Nebula::instance();
AclManager* aclm = nd.get_aclm(); AclManager* aclm = nd.get_aclm();
auth = aclm->authorize(uid, gid, ob, ob_perms, op); auth = aclm->authorize(uid, gid, ob_perms, op);
} }
oss << auth; // Store the ACL authorization result in the request oss << auth; // Store the ACL authorization result in the request
@ -103,7 +102,7 @@ void AuthRequest::add_auth(Object ob,
} }
oss << "Not authorized to perform " << Operation_to_str(op) oss << "Not authorized to perform " << Operation_to_str(op)
<< " " << Object_to_str(ob); << " " << Object_to_str(ob_perms->obj_type);
if ( ob_perms->oid != -1 ) if ( ob_perms->oid != -1 )
{ {

53
src/authm/test/AuthManagerTest.cc
View File

@ -188,34 +188,34 @@ public:
PoolObjectAuth perm; PoolObjectAuth perm;
perm.gid = 0; perm.gid = 0;
perm.uid = -1; perm.uid = -1;
perm.obj_type = AuthRequest::VM;
ar.add_auth(AuthRequest::VM, ar.add_auth(AuthRequest::CREATE,
AuthRequest::CREATE,
&perm, &perm,
"This is a template\n"); "This is a template\n");
perm.oid = 2; perm.oid = 2;
perm.gid = 0; perm.gid = 0;
perm.uid = 3; perm.uid = 3;
perm.obj_type = AuthRequest::IMAGE;
ar.add_auth(AuthRequest::IMAGE, ar.add_auth(AuthRequest::USE,
AuthRequest::USE,
&perm); &perm);
perm.oid = 4; perm.oid = 4;
perm.gid = 0; perm.gid = 0;
perm.uid = 5; perm.uid = 5;
perm.obj_type = AuthRequest::NET;
ar.add_auth(AuthRequest::NET, ar.add_auth(AuthRequest::MANAGE,
AuthRequest::MANAGE,
&perm); &perm);
perm.oid = 6; perm.oid = 6;
perm.gid = 0; perm.gid = 0;
perm.uid = 7; perm.uid = 7;
perm.obj_type = AuthRequest::HOST;
ar.add_auth(AuthRequest::HOST, ar.add_auth(AuthRequest::MANAGE,
AuthRequest::MANAGE,
&perm); &perm);
am->trigger(AuthManager::AUTHORIZE,&ar); am->trigger(AuthManager::AUTHORIZE,&ar);
@ -242,9 +242,9 @@ public:
perm.oid = -1; perm.oid = -1;
perm.gid = 0; perm.gid = 0;
perm.uid = -1; perm.uid = -1;
perm.obj_type = AuthRequest::VM;
ar1.add_auth(AuthRequest::VM, ar1.add_auth(AuthRequest::CREATE,
AuthRequest::CREATE,
&perm, &perm,
"This is a template\n"); "This is a template\n");
@ -306,18 +306,21 @@ public:
perm.oid = -1; perm.oid = -1;
perm.gid = -1; perm.gid = -1;
perm.uid = 2; perm.uid = 2;
ar.add_auth(AuthRequest::VM,AuthRequest::CREATE,&perm,"dGhpcy"); perm.obj_type = AuthRequest::VM;
ar.add_auth(AuthRequest::CREATE,&perm,"dGhpcy");
perm.oid = 2; perm.oid = 2;
perm.gid = 1; perm.gid = 1;
perm.uid = 2; perm.uid = 2;
ar.add_auth(AuthRequest::NET,AuthRequest::USE,&perm); perm.obj_type = AuthRequest::NET;
ar.add_auth(AuthRequest::USE,&perm);
perm.oid = 3; perm.oid = 3;
perm.gid = 1; perm.gid = 1;
perm.uid = 4; perm.uid = 4;
perm.group_u = 1; perm.group_u = 1;
ar.add_auth(AuthRequest::IMAGE,AuthRequest::USE,&perm); perm.obj_type = AuthRequest::IMAGE;
ar.add_auth(AuthRequest::USE,&perm);
CPPUNIT_ASSERT(ar.core_authorize() == true); CPPUNIT_ASSERT(ar.core_authorize() == true);
@ -326,48 +329,56 @@ public:
perm.oid = -1; perm.oid = -1;
perm.gid = -1; perm.gid = -1;
perm.uid = 2; perm.uid = 2;
ar1.add_auth(AuthRequest::VM,AuthRequest::CREATE,&perm,"dGhpcy"); perm.obj_type = AuthRequest::VM;
ar1.add_auth(AuthRequest::CREATE,&perm,"dGhpcy");
perm.oid = 2; perm.oid = 2;
perm.gid = 1; perm.gid = 1;
perm.uid = 2; perm.uid = 2;
ar1.add_auth(AuthRequest::NET,AuthRequest::USE,&perm); perm.obj_type = AuthRequest::NET;
ar1.add_auth(AuthRequest::USE,&perm);
perm.oid = 3; perm.oid = 3;
perm.gid = 1; perm.gid = 1;
perm.uid = 4; perm.uid = 4;
ar1.add_auth(AuthRequest::IMAGE,AuthRequest::USE,&perm); perm.obj_type = AuthRequest::IMAGE;
ar1.add_auth(AuthRequest::USE,&perm);
CPPUNIT_ASSERT(ar1.core_authorize() == false); CPPUNIT_ASSERT(ar1.core_authorize() == false);
perm.oid = -1; perm.oid = -1;
perm.gid = -1; perm.gid = -1;
perm.uid = 0; perm.uid = 0;
ar2.add_auth(AuthRequest::HOST,AuthRequest::CREATE,&perm,"dGhpcy"); perm.obj_type = AuthRequest::HOST;
ar2.add_auth(AuthRequest::CREATE,&perm,"dGhpcy");
CPPUNIT_ASSERT(ar2.core_authorize() == false); CPPUNIT_ASSERT(ar2.core_authorize() == false);
perm.oid = 5; perm.oid = 5;
perm.gid = 1; perm.gid = 1;
perm.uid = 2; perm.uid = 2;
ar3.add_auth(AuthRequest::VM,AuthRequest::MANAGE,&perm); perm.obj_type = AuthRequest::VM;
ar3.add_auth(AuthRequest::MANAGE,&perm);
CPPUNIT_ASSERT(ar3.core_authorize() == false); CPPUNIT_ASSERT(ar3.core_authorize() == false);
perm.oid = 4; perm.oid = 4;
perm.gid = 1; perm.gid = 1;
perm.uid = 2; perm.uid = 2;
ar4.add_auth(AuthRequest::VM,AuthRequest::MANAGE,&perm); perm.obj_type = AuthRequest::VM;
ar4.add_auth(AuthRequest::MANAGE,&perm);
CPPUNIT_ASSERT(ar4.core_authorize() == true); CPPUNIT_ASSERT(ar4.core_authorize() == true);
perm.oid = 4; perm.oid = 4;
perm.gid = -1; perm.gid = -1;
perm.uid = 0; perm.uid = 0;
ar5.add_auth(AuthRequest::HOST,AuthRequest::MANAGE,&perm); perm.obj_type = AuthRequest::HOST;
ar5.add_auth(AuthRequest::MANAGE,&perm);
CPPUNIT_ASSERT(ar5.core_authorize() == true); CPPUNIT_ASSERT(ar5.core_authorize() == true);
perm.oid = 4; perm.oid = 4;
perm.gid = -1; perm.gid = -1;
perm.uid = 0; perm.uid = 0;
ar6.add_auth(AuthRequest::HOST,AuthRequest::CREATE,&perm); perm.obj_type = AuthRequest::HOST;
ar6.add_auth(AuthRequest::CREATE,&perm);
CPPUNIT_ASSERT(ar6.core_authorize() == true); CPPUNIT_ASSERT(ar6.core_authorize() == true);
} }

2
src/host/Host.cc
View File

@ -35,7 +35,7 @@ Host::Host(
const string& _vmm_mad_name, const string& _vmm_mad_name,
const string& _vnm_mad_name, const string& _vnm_mad_name,
const string& _tm_mad_name): const string& _tm_mad_name):
PoolObjectSQL(id,_hostname,-1,-1,"","",table), PoolObjectSQL(id,_hostname,-1,-1,"","",table,AuthRequest::HOST),
state(INIT), state(INIT),
im_mad_name(_im_mad_name), im_mad_name(_im_mad_name),
vmm_mad_name(_vmm_mad_name), vmm_mad_name(_vmm_mad_name),

2
src/image/Image.cc
View File

@ -39,7 +39,7 @@ Image::Image(int _uid,
const string& _uname, const string& _uname,
const string& _gname, const string& _gname,
ImageTemplate * _image_template): ImageTemplate * _image_template):
PoolObjectSQL(-1,"",_uid,_gid,_uname,_gname,table), PoolObjectSQL(-1,"",_uid,_gid,_uname,_gname,table,AuthRequest::IMAGE),
type(OS), type(OS),
regtime(time(0)), regtime(time(0)),
source(""), source(""),

2
src/image/ImagePool.cc
View File

@ -329,7 +329,7 @@ void ImagePool::authorize_disk(VectorAttribute * disk,int uid, AuthRequest * ar)
perm = img->get_permissions(); perm = img->get_permissions();
img->unlock(); img->unlock();
ar->add_auth(AuthRequest::IMAGE, AuthRequest::USE, perm); ar->add_auth(AuthRequest::USE, perm);
delete perm; delete perm;
} }

2
src/pool/test/TestPoolSQL.h
View File

@ -30,7 +30,7 @@ class TestObjectSQL : public PoolObjectSQL
{ {
public: public:
//OBJECT ATTRIBUTES //OBJECT ATTRIBUTES
TestObjectSQL(int n=-1, string t="default"):PoolObjectSQL(-1,t,0,0,"","",table),number(n),text(t){}; TestObjectSQL(int n=-1, string t="default"):PoolObjectSQL(-1,t,0,0,"","",table,AuthRequest::VM),number(n),text(t){};
~TestObjectSQL(){}; ~TestObjectSQL(){};

2
src/rm/Request.cc
View File

@ -83,7 +83,7 @@ bool Request::basic_authorization(int oid,
AuthRequest ar(att.uid, att.gid); AuthRequest ar(att.uid, att.gid);
ar.add_auth(auth_object, op, perms); ar.add_auth(op, perms);
if ( perms != 0 ) if ( perms != 0 )
{ {

8
src/rm/RequestManagerAllocate.cc
View File

@ -33,17 +33,18 @@ bool RequestManagerAllocate::allocate_authorization(Template * tmpl,
PoolObjectAuth * perms = new PoolObjectAuth(); PoolObjectAuth * perms = new PoolObjectAuth();
perms->uid = att.uid; perms->uid = att.uid;
perms->obj_type = auth_object;
AuthRequest ar(att.uid, att.gid); AuthRequest ar(att.uid, att.gid);
if ( tmpl == 0 ) if ( tmpl == 0 )
{ {
ar.add_auth(auth_object, auth_op, perms); ar.add_auth(auth_op, perms);
} }
else else
{ {
string t64; string t64;
ar.add_auth(auth_object, auth_op, perms, tmpl->to_xml(t64)); ar.add_auth(auth_op, perms, tmpl->to_xml(t64));
} }
delete perms; delete perms;
@ -73,6 +74,7 @@ bool VirtualMachineAllocate::allocate_authorization(Template * tmpl,
PoolObjectAuth * perms = new PoolObjectAuth; PoolObjectAuth * perms = new PoolObjectAuth;
perms->uid = att.uid; perms->uid = att.uid;
perms->obj_type = auth_object;
AuthRequest ar(att.uid, att.gid); AuthRequest ar(att.uid, att.gid);
@ -80,7 +82,7 @@ bool VirtualMachineAllocate::allocate_authorization(Template * tmpl,
VirtualMachineTemplate * ttmpl = static_cast<VirtualMachineTemplate *>(tmpl); VirtualMachineTemplate * ttmpl = static_cast<VirtualMachineTemplate *>(tmpl);
ar.add_auth(auth_object, auth_op, perms, tmpl->to_xml(t64)); ar.add_auth(auth_op, perms, tmpl->to_xml(t64));
delete perms; delete perms;

2
src/rm/RequestManagerVMTemplate.cc
View File

@ -63,7 +63,7 @@ void VMTemplateInstantiate::request_execute(xmlrpc_c::paramList const& paramList
AuthRequest ar(att.uid, att.gid); AuthRequest ar(att.uid, att.gid);
string tmpl_txt; string tmpl_txt;
ar.add_auth(auth_object, auth_op, perms, tmpl->to_xml(tmpl_txt)); ar.add_auth(auth_op, perms, tmpl->to_xml(tmpl_txt));
VirtualMachine::set_auth_request(att.uid, ar, tmpl); VirtualMachine::set_auth_request(att.uid, ar, tmpl);

11
src/rm/RequestManagerVirtualMachine.cc
View File

@ -50,7 +50,7 @@ bool RequestManagerVirtualMachine::vm_authorization(int oid,
AuthRequest ar(att.uid, att.gid); AuthRequest ar(att.uid, att.gid);
ar.add_auth(auth_object, auth_op, vm_perms); ar.add_auth(auth_op, vm_perms);
delete vm_perms; delete vm_perms;
@ -58,8 +58,9 @@ bool RequestManagerVirtualMachine::vm_authorization(int oid,
{ {
PoolObjectAuth * host_perm = new PoolObjectAuth(); PoolObjectAuth * host_perm = new PoolObjectAuth();
host_perm->oid = hid; host_perm->oid = hid;
host_perm->obj_type = AuthRequest::HOST;
ar.add_auth(AuthRequest::HOST, AuthRequest::MANAGE, host_perm); ar.add_auth(AuthRequest::MANAGE, host_perm);
delete host_perm; delete host_perm;
} }
@ -67,13 +68,11 @@ bool RequestManagerVirtualMachine::vm_authorization(int oid,
{ {
PoolObjectAuth * image_perm = new PoolObjectAuth(); PoolObjectAuth * image_perm = new PoolObjectAuth();
image_perm->uid = att.uid; image_perm->uid = att.uid;
image_perm->obj_type = AuthRequest::IMAGE;
string t64; string t64;
ar.add_auth(AuthRequest::IMAGE, ar.add_auth(AuthRequest::CREATE, image_perm, tmpl->to_xml(t64));
AuthRequest::CREATE,
image_perm,
tmpl->to_xml(t64));
delete image_perm; delete image_perm;
} }

2
src/scheduler/src/sched/Scheduler.cc
View File

@ -346,10 +346,10 @@ void Scheduler::match()
{ {
PoolObjectAuth * host_perms = new PoolObjectAuth(); PoolObjectAuth * host_perms = new PoolObjectAuth();
host_perms->oid = host->get_hid(); host_perms->oid = host->get_hid();
host_perms->obj_type = AuthRequest::HOST;
matched = acls->authorize(uid, matched = acls->authorize(uid,
gid, gid,
AuthRequest::HOST,
host_perms, host_perms,
AuthRequest::MANAGE); AuthRequest::MANAGE);

2
src/vm/VirtualMachine.cc
View File

@ -43,7 +43,7 @@ VirtualMachine::VirtualMachine(int id,
const string& _uname, const string& _uname,
const string& _gname, const string& _gname,
VirtualMachineTemplate * _vm_template): VirtualMachineTemplate * _vm_template):
PoolObjectSQL(id,"",_uid,_gid,_uname,_gname,table), PoolObjectSQL(id,"",_uid,_gid,_uname,_gname,table,AuthRequest::VM),
last_poll(0), last_poll(0),
state(INIT), state(INIT),
lcm_state(LCM_INIT), lcm_state(LCM_INIT),

2
src/vm_template/VMTemplate.cc
View File

@ -29,7 +29,7 @@ VMTemplate::VMTemplate(int id,
const string& _uname, const string& _uname,
const string& _gname, const string& _gname,
VirtualMachineTemplate * _template_contents): VirtualMachineTemplate * _template_contents):
PoolObjectSQL(id,"",_uid,_gid,_uname,_gname,table), PoolObjectSQL(id,"",_uid,_gid,_uname,_gname,table,AuthRequest::TEMPLATE),
regtime(time(0)) regtime(time(0))
{ {
if (_template_contents != 0) if (_template_contents != 0)

2
src/vnm/VirtualNetwork.cc
View File

@ -36,7 +36,7 @@ VirtualNetwork::VirtualNetwork(int _uid,
const string& _uname, const string& _uname,
const string& _gname, const string& _gname,
VirtualNetworkTemplate * _vn_template): VirtualNetworkTemplate * _vn_template):
PoolObjectSQL(-1,"",_uid,_gid,_uname,_gname,table), PoolObjectSQL(-1,"",_uid,_gid,_uname,_gname,table,AuthRequest::NET),
bridge(""), bridge(""),
type(UNINITIALIZED), type(UNINITIALIZED),
leases(0) leases(0)

2
src/vnm/VirtualNetworkPool.cc
View File

@ -269,7 +269,7 @@ void VirtualNetworkPool::authorize_nic(VectorAttribute * nic,
perm = vnet->get_permissions(); perm = vnet->get_permissions();
vnet->unlock(); vnet->unlock();
ar->add_auth(AuthRequest::NET, AuthRequest::USE, perm); ar->add_auth(AuthRequest::USE, perm);
delete perm; delete perm;
} }