diff --git a/src/authm_mad/one_auth_mad.rb b/src/authm_mad/one_auth_mad.rb index 9ab1ac6bd4..a6ac6b3b22 100755 --- a/src/authm_mad/one_auth_mad.rb +++ b/src/authm_mad/one_auth_mad.rb @@ -94,7 +94,7 @@ class AuthDriver < OpenNebulaDriver # @param [String] password of the user registered in OpenNebula "-" if none # @param [String] secret filed of the auth string def authN(request_id, user_id, driver, user, password, secret) - #OpenNebula.log_debug("authN: #{request_id} #{user_id} #{driver} #{password} #{secret}") + OpenNebula.log_debug("authN: #{request_id} #{user_id} #{driver} #{password} #{secret}") unless @authN_protocols.include?(driver) return send_message( diff --git a/src/cli/etc/oneacl.yaml b/src/cli/etc/oneacl.yaml index c0c65e6425..4d1e7b66f9 100644 --- a/src/cli/etc/oneacl.yaml +++ b/src/cli/etc/oneacl.yaml @@ -18,9 +18,9 @@ :size: 5 :right: true -:OPE_CDUMIPpTWYA: +:OPE_UMAC: :desc: Operation to which the rule applies - :size: 15 + :size: 8 :right: true :default: @@ -28,4 +28,4 @@ - :USER - :RES_VHNIUTG - :RID -- :OPE_CDUMIPpTWYA +- :OPE_UMAC diff --git a/src/cli/one_helper/oneacl_helper.rb b/src/cli/one_helper/oneacl_helper.rb index 93a5bae9e7..9198e8516c 100644 --- a/src/cli/one_helper/oneacl_helper.rb +++ b/src/cli/one_helper/oneacl_helper.rb @@ -69,32 +69,18 @@ private # TODO check that @content[:resources_str] is valid def self.right_mask(str) - mask = "-----------" + mask = "----" str.split("+").each{|type| case type - when "CREATE" - mask[0] = "C" - when "DELETE" - mask[1] = "D" when "USE" - mask[2] = "U" + mask[0] = "U" when "MANAGE" - mask[3] = "M" - when "INFO" - mask[4] = "I" - when "INFO_POOL" - mask[5] = "P" - when "INFO_POOL_MINE" - mask[6] = "p" - when "INSTANTIATE" - mask[7] = "T" - when "CHOWN" - mask[8] = "W" - when "DEPLOY" - mask[9] = "Y" - when "CHAUTH" - mask[10] = "A" + mask[1] = "M" + when "ADMIN" + mask[2] = "A" + when "CREATE" + mask[3] = "C" end } @@ -124,12 +110,12 @@ private d['STRING'].split(" ")[1].split("/")[1] end - column :OPE_CDUMIPpTWYA, - "Operation to which the rule applies", :size =>15 do |d| + column :OPE_UMAC, + "Operation to which the rule applies", :size =>8 do |d| OneAclHelper::right_mask d['STRING'].split(" ")[2] end - default :ID, :USER, :RES_VHNIUTG, :RID, :OPE_CDUMIPpTWYA + default :ID, :USER, :RES_VHNIUTG, :RID, :OPE_UMAC end table diff --git a/src/oca/ruby/OpenNebula/Acl.rb b/src/oca/ruby/OpenNebula/Acl.rb index 37bba80163..f9e23fdf53 100644 --- a/src/oca/ruby/OpenNebula/Acl.rb +++ b/src/oca/ruby/OpenNebula/Acl.rb @@ -32,17 +32,10 @@ module OpenNebula # GROUP # ACL # RIGHTS -> + separated list - # CREATE - # DELETE # USE # MANAGE - # INFO - # INFO_POOL - # INFO_POOL_MINE - # INSTANTIATE - # CHOWN - # DEPLOY - # CHAUTH + # ADMIN + # CREATE class Acl < PoolElement USERS = { @@ -64,17 +57,10 @@ module OpenNebula RIGHTS = { - "CREATE" => 0x1, # Auth. to create an object - "DELETE" => 0x2, # Auth. to delete an object - "USE" => 0x4, # Auth. to use an object - "MANAGE" => 0x8, # Auth. to manage an object - "INFO" => 0x10, # Auth. to view an object - "INFO_POOL" => 0x20, # Auth. to view any object in the pool - "INFO_POOL_MINE"=> 0x40, # Auth. to view user and/or group objects - "INSTANTIATE" => 0x80, # Auth. to instantiate a VM from a TEMPLATE - "CHOWN" => 0x100,# Auth. to change ownership of an object - "DEPLOY" => 0x200,# Auth. to deploy a VM in a Host - "CHAUTH" => 0x400 # Auth. to change the auth driver of a USER + "USE" => 0x1, # Auth. to use an object + "MANAGE" => 0x2, # Auth. to perform management actions + "ADMIN" => 0x4, # Auth. to perform administrative actions + "CREATE" => 0x8 # Auth. to create an object } # Constructor