From 7744150944223685b4ef7a7dc4750a31e98772fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Mart=C3=ADn?= Date: Fri, 21 Feb 2014 15:23:24 +0100 Subject: [PATCH] Feature #2727: Delete acl rules that apply to a zone when that zone is deleted --- include/AclManager.h | 14 ++++++++++++ include/RequestManagerDelete.h | 2 ++ src/acl/AclManager.cc | 41 ++++++++++++++++++++++++++++++++++ src/rm/RequestManagerDelete.cc | 15 +++++++++++++ 4 files changed, 72 insertions(+) diff --git a/include/AclManager.h b/include/AclManager.h index 32eb30e5d1..c870e6a7fb 100644 --- a/include/AclManager.h +++ b/include/AclManager.h @@ -142,6 +142,13 @@ public: */ void del_cid_rules(int cid); + /** + * Deletes rules that apply to this cluster id + * + * @param zid The zone id + */ + void del_zid_rules(int zid); + /** * Deletes all rules that apply to this resource * @@ -308,6 +315,13 @@ private: long long resource_req, long long resource_mask); + /** + * Deletes all rules that match the zone mask + * + * @param zone_req Mask to match + */ + void del_zone_matching_rules(long long zone_req); + // ---------------------------------------- // Local zone // ---------------------------------------- diff --git a/include/RequestManagerDelete.h b/include/RequestManagerDelete.h index 2a387708a4..f5db3ee36c 100644 --- a/include/RequestManagerDelete.h +++ b/include/RequestManagerDelete.h @@ -310,6 +310,8 @@ public: }; ~ZoneDelete(){}; + + int drop(int oid, PoolObjectSQL * object, string& error_msg); }; /* -------------------------------------------------------------------------- */ diff --git a/src/acl/AclManager.cc b/src/acl/AclManager.cc index 96f8ede4d7..6d0c07659d 100644 --- a/src/acl/AclManager.cc +++ b/src/acl/AclManager.cc @@ -785,6 +785,18 @@ void AclManager::del_cid_rules(int cid) /* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */ +void AclManager::del_zid_rules(int zid) +{ + long long request = AclRule::INDIVIDUAL_ID | zid; + + // Delete rules that match + // __ __/__ __ #zid + del_zone_matching_rules(request); +} + +/* -------------------------------------------------------------------------- */ +/* -------------------------------------------------------------------------- */ + void AclManager::del_resource_rules(int oid, PoolObjectSQL::ObjectType obj_type) { long long request = obj_type | @@ -862,6 +874,35 @@ void AclManager::del_resource_matching_rules(long long resource_req, /* -------------------------------------------------------------------------- */ /* -------------------------------------------------------------------------- */ +void AclManager::del_zone_matching_rules(long long zone_req) +{ + multimap::iterator it; + + vector oids; + vector::iterator oid_it; + string error_str; + + lock(); + + for ( it = acl_rules.begin(); it != acl_rules.end(); it++ ) + { + if ( it->second->zone == zone_req ) + { + oids.push_back(it->second->oid); + } + } + + unlock(); + + for ( oid_it = oids.begin() ; oid_it < oids.end(); oid_it++ ) + { + del_rule(*oid_it, error_str); + } +} + +/* -------------------------------------------------------------------------- */ +/* -------------------------------------------------------------------------- */ + void AclManager::reverse_search(int uid, const set& user_groups, PoolObjectSQL::ObjectType obj_type, diff --git a/src/rm/RequestManagerDelete.cc b/src/rm/RequestManagerDelete.cc index 57ec0211a9..fd1afa404d 100644 --- a/src/rm/RequestManagerDelete.cc +++ b/src/rm/RequestManagerDelete.cc @@ -302,3 +302,18 @@ int UserDelete::drop(int oid, PoolObjectSQL * object, string& error_msg) return rc; } + +/* ------------------------------------------------------------------------- */ +/* ------------------------------------------------------------------------- */ + +int ZoneDelete::drop(int oid, PoolObjectSQL * object, string& error_msg) +{ + int rc = RequestManagerDelete::drop(oid, object, error_msg); + + if ( rc == 0 ) + { + aclm->del_zid_rules(oid); + } + + return rc; +}