shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-03-21 14:50:08 +03:00
Code Releases Wiki Activity

Update ACL Operations in Ruby OCA and oneacl CLI command

Browse Source
This commit is contained in:
Carlos Martín 2011-12-30 20:48:16 +01:00
parent 417ba7d0dc
commit b88965051a
4 changed files with 20 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/authm_mad/one_auth_mad.rb
View File

@ -94,7 +94,7 @@ class AuthDriver < OpenNebulaDriver
# @param [String] password of the user registered in OpenNebula "-" if none
# @param [String] secret filed of the auth string
def authN(request_id, user_id, driver, user, password, secret)
#OpenNebula.log_debug("authN: #{request_id} #{user_id} #{driver} #{password} #{secret}")
OpenNebula.log_debug("authN: #{request_id} #{user_id} #{driver} #{password} #{secret}")
unless @authN_protocols.include?(driver)
return send_message(

6
src/cli/etc/oneacl.yaml
View File

@ -18,9 +18,9 @@
:size: 5
:right: true
:OPE_CDUMIPpTWYA:
:OPE_UMAC:
:desc: Operation to which the rule applies
:size: 15
:size: 8
:right: true
:default:
@ -28,4 +28,4 @@
- :USER
- :RES_VHNIUTG
- :RID
- :OPE_CDUMIPpTWYA
- :OPE_UMAC

34
src/cli/one_helper/oneacl_helper.rb
View File

@ -69,32 +69,18 @@ private
# TODO check that @content[:resources_str] is valid
def self.right_mask(str)
mask = "-----------"
mask = "----"
str.split("+").each{|type|
case type
when "CREATE"
mask[0] = "C"
when "DELETE"
mask[1] = "D"
when "USE"
mask[2] = "U"
mask[0] = "U"
when "MANAGE"
mask[3] = "M"
when "INFO"
mask[4] = "I"
when "INFO_POOL"
mask[5] = "P"
when "INFO_POOL_MINE"
mask[6] = "p"
when "INSTANTIATE"
mask[7] = "T"
when "CHOWN"
mask[8] = "W"
when "DEPLOY"
mask[9] = "Y"
when "CHAUTH"
mask[10] = "A"
mask[1] = "M"
when "ADMIN"
mask[2] = "A"
when "CREATE"
mask[3] = "C"
end
}
@ -124,12 +110,12 @@ private
d['STRING'].split(" ")[1].split("/")[1]
end
column :OPE_CDUMIPpTWYA,
"Operation to which the rule applies", :size =>15 do |d|
column :OPE_UMAC,
"Operation to which the rule applies", :size =>8 do |d|
OneAclHelper::right_mask d['STRING'].split(" ")[2]
end
default :ID, :USER, :RES_VHNIUTG, :RID, :OPE_CDUMIPpTWYA
default :ID, :USER, :RES_VHNIUTG, :RID, :OPE_UMAC
end
table

26
src/oca/ruby/OpenNebula/Acl.rb
View File

@ -32,17 +32,10 @@ module OpenNebula
# GROUP
# ACL
# RIGHTS -> + separated list
# CREATE
# DELETE
# USE
# MANAGE
# INFO
# INFO_POOL
# INFO_POOL_MINE
# INSTANTIATE
# CHOWN
# DEPLOY
# CHAUTH
# ADMIN
# CREATE
class Acl < PoolElement
USERS = {
@ -64,17 +57,10 @@ module OpenNebula
RIGHTS =
{
"CREATE" => 0x1, # Auth. to create an object
"DELETE" => 0x2, # Auth. to delete an object
"USE" => 0x4, # Auth. to use an object
"MANAGE" => 0x8, # Auth. to manage an object
"INFO" => 0x10, # Auth. to view an object
"INFO_POOL" => 0x20, # Auth. to view any object in the pool
"INFO_POOL_MINE"=> 0x40, # Auth. to view user and/or group objects
"INSTANTIATE" => 0x80, # Auth. to instantiate a VM from a TEMPLATE
"CHOWN" => 0x100,# Auth. to change ownership of an object
"DEPLOY" => 0x200,# Auth. to deploy a VM in a Host
"CHAUTH" => 0x400 # Auth. to change the auth driver of a USER
"USE" => 0x1, # Auth. to use an object
"MANAGE" => 0x2, # Auth. to perform management actions
"ADMIN" => 0x4, # Auth. to perform administrative actions
"CREATE" => 0x8 # Auth. to create an object
}
# Constructor