diff --git a/src/oca/ruby/OpenNebula/Acl.rb b/src/oca/ruby/OpenNebula/Acl.rb index 7347ca72fc..ae481b1e50 100644 --- a/src/oca/ruby/OpenNebula/Acl.rb +++ b/src/oca/ruby/OpenNebula/Acl.rb @@ -39,15 +39,15 @@ module OpenNebula # INFO_POOL_MINE # INSTANTIATE # CHOWN - class Acl - + class Acl + USERS = { "UID" => 4294967296, "GID" => 8589934592, "ALL" => 17179869184 - } - - + } + + RESOURCES = { "VM" => 68719476736, "HOST" => 137438953472, @@ -58,61 +58,61 @@ module OpenNebula "GROUP" => 4398046511104, "ACL" => 8796093022208 } - - RIGHTS = { - "CREATE" => 1, # Auth. to create an object - "DELETE" => 2, # Auth. to delete an object - "USE" => 4, # Auth. to use an object - "MANAGE" => 8, # Auth. to manage an object - "INFO" => 16, # Auth. to view an object - "INFO_POOL" => 32, # Auth. to view any object in the pool - "INFO_POOL_MINE"=> 64, # Auth. to view user and/or group objects + + RIGHTS = { + "CREATE" => 1, # Auth. to create an object + "DELETE" => 2, # Auth. to delete an object + "USE" => 4, # Auth. to use an object + "MANAGE" => 8, # Auth. to manage an object + "INFO" => 16, # Auth. to view an object + "INFO_POOL" => 32, # Auth. to view any object in the pool + "INFO_POOL_MINE"=> 64, # Auth. to view user and/or group objects "INSTANTIATE" => 128,# Auth. to instantiate a VM from a TEMPLATE - "CHOWN" => 256 # Auth. to change ownership of an object + "CHOWN" => 256 # Auth. to change ownership of an object } - - + + def initialize(rule_str=nil) @content = { :users => 0, :resources => 0, :rights => 0 } - + parse_rule(rule_str) if rule_str end - - + + def set_hex_rule(users,resources,rights) set_hex_users users set_hex_resources resources set_hex_rights rights end - + def set_hex_users(users) @content[:users] = users end - + def set_hex_resources(resources) @content[:resources] = resources end - + def set_hex_rights(rights) @content[:rights] = rights - end - + end + def set_users(users) @content[:users] = users.to_i.to_s(10) end - + def set_resources(resources) @content[:resources] = resources.to_i.to_s(10) end - + def set_rights(rights) @content[:rights] = rights.to_i.to_s(10) - end - + end + def parse_rule(rule_str) begin rule_str = rule_str.split(" ") @@ -123,19 +123,19 @@ module OpenNebula @content[:users] = OpenNebula::Error.new(e.message) end end - + def parse_users(users) begin - @content[:users] = calculate_users(users) + @content[:users] = calculate_users(users) rescue Exception => e @content[:resources] = OpenNebula::Error.new(e.message) end end - + def parse_resources(resources) begin resources = resources.split("/") - + if resources.size != 2 @content[:resources] = OpenNebula::Error.new( "Resource #{resources} not well formed") @@ -145,75 +145,75 @@ module OpenNebula resources[0].split("+").each{ |resource| next if !RESOURCES[resource.upcase] @content[:resources] = @content[:resources] + RESOURCES[resource.upcase].to_i - } + } - @content[:resources] = @content[:resources] + + @content[:resources] = @content[:resources] + calculate_users(resources[1]).to_i - - @content[:resources] = @content[:resources].to_s(16) + + @content[:resources] = @content[:resources].to_s(16) rescue Exception => e @content[:resources] = OpenNebula::Error.new(e.message) - end + end end - + def parse_rights(rights) begin rights = rights.split("+") - + rights.each{ |right| next if !RIGHTS[right.upcase] - + @content[:rights] = @content[:rights] + RIGHTS[right.upcase] } - - @content[:rights] = @content[:rights].to_i.to_s(16) + + @content[:rights] = @content[:rights].to_i.to_s(16) rescue Exception => e @content[:rights] = OpenNebula::Error.new(e.message) - end + end end - - + + def calculate_users(users_str) if users_str == "*" return USERS["ALL"] - end - - value = 0 - + end + + value = 0 + case users_str[0..0] when "#" value = USERS["UID"] when "@" value = USERS["GID"] end - + users_value = users_str[1..-1].to_i + value - + return users_value.to_i.to_s(16) end - + def users @content[:users] end - + def resources @content[:resources] end - + def rights @content[:rights] end - + def is_error? - OpenNebula.is_error?(@content[:users]) || - OpenNebula.is_error?(@content[:resources]) || + OpenNebula.is_error?(@content[:users]) || + OpenNebula.is_error?(@content[:resources]) || OpenNebula.is_error?(@content[:rights]) || @content[:users] == 0 || @content[:resources] == 0 || - @content[:rights] == 0 + @content[:rights] == 0 end - - def error + + def error @content.each{ |part| return part if OpenNebula.is_error?(part) } diff --git a/src/oca/ruby/OpenNebula/AclPool.rb b/src/oca/ruby/OpenNebula/AclPool.rb index e42b68759d..e7c773a8a3 100644 --- a/src/oca/ruby/OpenNebula/AclPool.rb +++ b/src/oca/ruby/OpenNebula/AclPool.rb @@ -34,7 +34,7 @@ module OpenNebula def initialize(client) super('ACL_POOL','ACL',client) end - + def factory(element_xml) acl=REXML::Document.new(element_xml).root OpenNebula::Acl.new(acl['USER'], acl['RESOURCE'], acl['RIGHTS']) @@ -56,27 +56,27 @@ module OpenNebula # +resource+ A hex number, e.g. 0x2100000001 # +rights+ A hex number, e.g. 0x10 def addrule(user, resource, rights) - rc = @client.call( ACL_POOL_METHODS[:addrule], - user, - resource, + rc = @client.call( ACL_POOL_METHODS[:addrule], + user, + resource, rights ) rc = nil if !OpenNebula.is_error?(rc) return rc end - + # Adds a new ACL rule. # # +rule+ Rule tring def addrule_with_str(rule_str) rule = Acl.new rule_str - + return rule.error if rule.is_error? - - rc = @client.call( ACL_POOL_METHODS[:addrule], - rule.users, - rule.resources, + + rc = @client.call( ACL_POOL_METHODS[:addrule], + rule.users, + rule.resources, rule.rights ) rc = nil if !OpenNebula.is_error?(rc)