mirror of
https://github.com/OpenNebula/one.git
synced 2025-02-27 13:57:23 +03:00
feature #407: Changed implementation for user.chown. Removed host.chown. set_gid/uid in PoolObjectSQL does not check gid. Old groups updated when changing users primary groups
This commit is contained in:
parent
954038d426
commit
d6206edfa8
@ -78,41 +78,27 @@ public:
|
||||
return uid;
|
||||
};
|
||||
|
||||
/**
|
||||
* Changes the object's owner id
|
||||
* @param _uid New User ID
|
||||
* @return 0 on success, -1 if the object does not have an owner
|
||||
*/
|
||||
int set_uid(int _uid)
|
||||
{
|
||||
if( uid == -1 )
|
||||
{
|
||||
return -1;
|
||||
}
|
||||
|
||||
uid = _uid;
|
||||
return 0;
|
||||
}
|
||||
|
||||
int get_gid()
|
||||
{
|
||||
return gid;
|
||||
};
|
||||
|
||||
/**
|
||||
* Changes the object's owner id
|
||||
* @param _uid New User ID
|
||||
*/
|
||||
void set_uid(int _uid)
|
||||
{
|
||||
uid = _uid;
|
||||
}
|
||||
|
||||
/**
|
||||
* Changes the object's group id
|
||||
* @param _gid New Group ID
|
||||
* @return 0 on success, -1 if the object does not have a group
|
||||
*/
|
||||
int set_gid(int _gid)
|
||||
void set_gid(int _gid)
|
||||
{
|
||||
if( gid == -1 )
|
||||
{
|
||||
return -1;
|
||||
}
|
||||
|
||||
gid = _gid;
|
||||
return 0;
|
||||
};
|
||||
|
||||
/* --------------------------------------------------------------------- */
|
||||
|
@ -40,47 +40,7 @@ protected:
|
||||
|
||||
/* -------------------------------------------------------------------- */
|
||||
|
||||
void request_execute(xmlrpc_c::paramList const& _paramList);
|
||||
|
||||
/* -------------------------------------------------------------------- */
|
||||
|
||||
virtual int set_uid(int noid, PoolObjectSQL * object, string& error_msg)
|
||||
{
|
||||
int rc = object->set_uid(noid);
|
||||
if ( rc < 0 )
|
||||
{
|
||||
ostringstream oss;
|
||||
oss << object_name(auth_object) << " objects do not have owner";
|
||||
|
||||
error_msg = oss.str();
|
||||
}
|
||||
|
||||
pool->update(object);
|
||||
|
||||
object->unlock();
|
||||
|
||||
return rc;
|
||||
};
|
||||
|
||||
/* -------------------------------------------------------------------- */
|
||||
|
||||
virtual int set_gid(int ngid, PoolObjectSQL * object, string& error_msg)
|
||||
{
|
||||
int rc = object->set_gid(ngid);
|
||||
if ( rc < 0 )
|
||||
{
|
||||
ostringstream oss;
|
||||
oss << object_name(auth_object) << " objects do not have group";
|
||||
|
||||
error_msg = oss.str();
|
||||
}
|
||||
|
||||
pool->update(object);
|
||||
|
||||
object->unlock();
|
||||
|
||||
return rc;
|
||||
};
|
||||
virtual void request_execute(xmlrpc_c::paramList const& _paramList);
|
||||
};
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
@ -161,24 +121,6 @@ public:
|
||||
/* ------------------------------------------------------------------------- */
|
||||
/* ------------------------------------------------------------------------- */
|
||||
|
||||
class HostChown : public RequestManagerChown
|
||||
{
|
||||
public:
|
||||
HostChown():
|
||||
RequestManagerChown("HostChown",
|
||||
"Changes ownership of a host")
|
||||
{
|
||||
Nebula& nd = Nebula::instance();
|
||||
pool = nd.get_hpool();
|
||||
auth_object = AuthRequest::HOST;
|
||||
};
|
||||
|
||||
~HostChown(){};
|
||||
};
|
||||
|
||||
/* ------------------------------------------------------------------------- */
|
||||
/* ------------------------------------------------------------------------- */
|
||||
|
||||
class UserChown : public RequestManagerChown
|
||||
{
|
||||
public:
|
||||
@ -195,40 +137,7 @@ public:
|
||||
|
||||
/* -------------------------------------------------------------------- */
|
||||
|
||||
int set_gid(int ngid, PoolObjectSQL * object, string& error_msg)
|
||||
{
|
||||
User * user = static_cast<User*>(object);
|
||||
int oid = user->get_oid();
|
||||
|
||||
user->set_gid(ngid);
|
||||
|
||||
// Main group is also in the Group IDs set
|
||||
// This call's return code is not checked, because this new main group
|
||||
// could be already a secondary group
|
||||
user->add_group(ngid);
|
||||
|
||||
pool->update(object);
|
||||
object->unlock();
|
||||
|
||||
// Now add the User's ID to the Group
|
||||
Nebula& nd = Nebula::instance();
|
||||
GroupPool * gpool = nd.get_gpool();
|
||||
Group * group = gpool->get(ngid, true);
|
||||
|
||||
if( group == 0 )
|
||||
{
|
||||
get_error(object_name(AuthRequest::GROUP),ngid);
|
||||
return -1;
|
||||
}
|
||||
|
||||
group->add_user(oid);
|
||||
|
||||
gpool->update(group);
|
||||
|
||||
group->unlock();
|
||||
|
||||
return 0;
|
||||
};
|
||||
virtual void request_execute(xmlrpc_c::paramList const& _paramList);
|
||||
};
|
||||
|
||||
/* -------------------------------------------------------------------------- */
|
||||
|
@ -308,7 +308,6 @@ void RequestManager::register_xml_methods()
|
||||
xmlrpc_c::methodPtr template_chown(new TemplateChown());
|
||||
xmlrpc_c::methodPtr vn_chown(new VirtualNetworkChown());
|
||||
xmlrpc_c::methodPtr image_chown(new ImageChown());
|
||||
xmlrpc_c::methodPtr host_chown(new HostChown());
|
||||
xmlrpc_c::methodPtr user_chown(new UserChown());
|
||||
|
||||
/* VM related methods */
|
||||
@ -334,13 +333,11 @@ void RequestManager::register_xml_methods()
|
||||
RequestManagerRegistry.addMethod("one.templatepool.info",template_pool_info);
|
||||
|
||||
/* Host related methods*/
|
||||
|
||||
RequestManagerRegistry.addMethod("one.host.enable", host_enable);
|
||||
RequestManagerRegistry.addMethod("one.host.update", host_update);
|
||||
RequestManagerRegistry.addMethod("one.host.allocate", host_allocate);
|
||||
RequestManagerRegistry.addMethod("one.host.delete", host_delete);
|
||||
RequestManagerRegistry.addMethod("one.host.info", host_info);
|
||||
RequestManagerRegistry.addMethod("one.host.chown", host_chown);
|
||||
|
||||
RequestManagerRegistry.addMethod("one.hostpool.info", hostpool_info);
|
||||
|
||||
|
@ -28,18 +28,12 @@ void RequestManagerChown::request_execute(xmlrpc_c::paramList const& paramList)
|
||||
int noid = xmlrpc_c::value_int(paramList.getInt(2));
|
||||
int ngid = xmlrpc_c::value_int(paramList.getInt(3));
|
||||
|
||||
PoolObjectSQL * object;
|
||||
string str;
|
||||
|
||||
Nebula& nd = Nebula::instance();
|
||||
GroupPool * gpool = nd.get_gpool();
|
||||
UserPool * upool = nd.get_upool();
|
||||
UserPool * upool = static_cast<UserPool *>(pool);
|
||||
|
||||
string error_msg;
|
||||
int rc;
|
||||
PoolObjectSQL * object;
|
||||
|
||||
// TODO: maybe this authorization should include new user and new group
|
||||
// tokens
|
||||
if ( basic_authorization(oid) == false )
|
||||
{
|
||||
return;
|
||||
@ -47,14 +41,24 @@ void RequestManagerChown::request_execute(xmlrpc_c::paramList const& paramList)
|
||||
|
||||
// ------------- Check new user and group id's ---------------------
|
||||
|
||||
if ( noid > -1 && upool->get(noid,false) == 0 )
|
||||
if ( noid < 0 )
|
||||
{
|
||||
failure_response(XML_RPC_API,request_error("Wrong user ID",""));
|
||||
return;
|
||||
}
|
||||
else if ( upool->get(noid,false) == 0 )
|
||||
{
|
||||
failure_response(NO_EXISTS,
|
||||
get_error(object_name(AuthRequest::USER),noid));
|
||||
return;
|
||||
}
|
||||
|
||||
if ( ngid > -1 && gpool->get(ngid,false) == 0 )
|
||||
if ( ngid < 0 )
|
||||
{
|
||||
failure_response(XML_RPC_API,request_error("Wrong group ID",""));
|
||||
return;
|
||||
}
|
||||
else if ( gpool->get(ngid,false) == 0 )
|
||||
{
|
||||
failure_response(NO_EXISTS,
|
||||
get_error(object_name(AuthRequest::GROUP),ngid));
|
||||
@ -71,23 +75,111 @@ void RequestManagerChown::request_execute(xmlrpc_c::paramList const& paramList)
|
||||
return;
|
||||
}
|
||||
|
||||
if ( noid > -1 )
|
||||
{
|
||||
rc = set_uid(noid, object, error_msg);
|
||||
}
|
||||
if ( rc == 0 && ngid > -1 )
|
||||
{
|
||||
rc = set_gid(ngid, object, error_msg);
|
||||
}
|
||||
object->set_uid(noid);
|
||||
object->set_gid(ngid);
|
||||
|
||||
if ( rc != 0 )
|
||||
{
|
||||
failure_response(INTERNAL, request_error(error_msg,""));
|
||||
return;
|
||||
}
|
||||
pool->update(object);
|
||||
|
||||
object->unlock();
|
||||
|
||||
success_response(oid);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
/* -------------------------------------------------------------------------- */
|
||||
/* -------------------------------------------------------------------------- */
|
||||
|
||||
void UserChown::request_execute(xmlrpc_c::paramList const& paramList)
|
||||
{
|
||||
int oid = xmlrpc_c::value_int(paramList.getInt(1));
|
||||
//int noid = xmlrpc_c::value_int(paramList.getInt(2)); Not used for users
|
||||
int ngid = xmlrpc_c::value_int(paramList.getInt(3));
|
||||
int old_gid;
|
||||
|
||||
string str;
|
||||
|
||||
Nebula& nd = Nebula::instance();
|
||||
GroupPool * gpool = nd.get_gpool();
|
||||
UserPool * upool = static_cast<UserPool *>(pool);
|
||||
|
||||
User * user;
|
||||
Group * group;
|
||||
|
||||
if ( basic_authorization(oid) == false )
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
// ------------- Check new primary group id for user ---------------------
|
||||
|
||||
if ( ngid < 0 )
|
||||
{
|
||||
failure_response(XML_RPC_API,request_error("Wrong group ID",""));
|
||||
return;
|
||||
}
|
||||
else if ( gpool->get(ngid,false) == 0 )
|
||||
{
|
||||
failure_response(NO_EXISTS,
|
||||
get_error(object_name(AuthRequest::GROUP),ngid));
|
||||
return;
|
||||
}
|
||||
|
||||
// ------------- Change users primary group ---------------------
|
||||
|
||||
user = upool->get(oid,true);
|
||||
|
||||
if ( user == 0 )
|
||||
{
|
||||
failure_response(NO_EXISTS,
|
||||
get_error(object_name(AuthRequest::USER),oid));
|
||||
return;
|
||||
}
|
||||
|
||||
if ((old_gid = user->get_gid()) == ngid)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
user->set_gid(ngid);
|
||||
|
||||
user->add_group(ngid);
|
||||
user->del_group(old_gid);
|
||||
|
||||
upool->update(user);
|
||||
|
||||
user->unlock();
|
||||
|
||||
// ------------- Updates new group with this new user ---------------------
|
||||
|
||||
group = gpool->get(ngid, true);
|
||||
|
||||
if( group == 0 )
|
||||
{
|
||||
get_error(object_name(AuthRequest::GROUP),ngid); //TODO Rollback
|
||||
return;
|
||||
}
|
||||
|
||||
group->add_user(oid);
|
||||
|
||||
gpool->update(group);
|
||||
|
||||
group->unlock();
|
||||
|
||||
// ------------- Updates old group removing the user ---------------------
|
||||
|
||||
group = gpool->get(old_gid, true);
|
||||
|
||||
if( group != 0 )
|
||||
{
|
||||
group->del_user(oid);
|
||||
|
||||
gpool->update(group);
|
||||
|
||||
group->unlock();
|
||||
}
|
||||
|
||||
success_response(oid);
|
||||
|
||||
return;
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user