From 09c8334988386c3dac7183eaaa3021c216818395 Mon Sep 17 00:00:00 2001 From: "Ruben S. Montero" Date: Mon, 11 Jul 2011 14:13:34 +0200 Subject: [PATCH 1/7] bug: Users can not deploy VMs. A new default ACL rule has been added to support the USERS group --- src/acl/AclManager.cc | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/src/acl/AclManager.cc b/src/acl/AclManager.cc index 61b9a0832f..d6a9338a8f 100644 --- a/src/acl/AclManager.cc +++ b/src/acl/AclManager.cc @@ -64,10 +64,20 @@ AclManager::AclManager(SqlDB * _db) : db(_db), lastOID(-1) if (lastOID == -1) { - // Add a default rule - // @1 VM+NET+IMAGE+TEMPLATE/* CREATE+INFO_POOL_MINE + // Add a default rules for the ACL engine string error_str; - add_rule(0x200000001LL, 0x2d400000000LL, 0x41LL, error_str); + + // Users in group USERS can create and look at standard resources + // @1 VM+NET+IMAGE+TEMPLATE/* CREATE+INFO_POOL_MINE + add_rule(0x0000000200000001LL, + 0x000002d400000000LL, + 0x0000000000000041LL, error_str); + + // Users in USERS can deploy VMs in any HOST + // @1 HOST/* USE + add_rule(0x0000000200000001LL, + 0x0000002400000000LL, + 0x0000000000000004LL, error_str); } } From 0183895ce0ace7712858681b9049e4db0a56b86e Mon Sep 17 00:00:00 2001 From: "Ruben S. Montero" Date: Mon, 11 Jul 2011 14:18:43 +0200 Subject: [PATCH 2/7] bug: Public attribute for Templates was not passed to AuthManager --- src/rm/RequestManagerVMTemplate.cc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/rm/RequestManagerVMTemplate.cc b/src/rm/RequestManagerVMTemplate.cc index bf87b51847..ec409a06f0 100644 --- a/src/rm/RequestManagerVMTemplate.cc +++ b/src/rm/RequestManagerVMTemplate.cc @@ -27,6 +27,7 @@ void VMTemplateInstantiate::request_execute(xmlrpc_c::paramList const& paramList string name = xmlrpc_c::value_string(paramList.getString(2)); int rc, ouid, ogid, vid; + bool pub; Nebula& nd = Nebula::instance(); VirtualMachinePool* vmpool = nd.get_vmpool(); @@ -51,6 +52,7 @@ void VMTemplateInstantiate::request_execute(xmlrpc_c::paramList const& paramList tmpl = rtmpl->clone_template(); ouid = rtmpl->get_uid(); ogid = rtmpl->get_gid(); + pub = rtmpl->isPublic(); rtmpl->unlock(); @@ -61,7 +63,7 @@ void VMTemplateInstantiate::request_execute(xmlrpc_c::paramList const& paramList { AuthRequest ar(att.uid, att.gid); - ar.add_auth(auth_object, id, ogid, auth_op, ouid, false); + ar.add_auth(auth_object, id, ogid, auth_op, ouid, pub); VirtualMachine::set_auth_request(att.uid, ar, tmpl); From 0940802149bb3ef0f55cc6be51efe2db2463c960 Mon Sep 17 00:00:00 2001 From: Javi Fontan Date: Mon, 11 Jul 2011 16:03:12 +0200 Subject: [PATCH 3/7] Added User::SELF constant to ruby OCA --- src/oca/ruby/OpenNebula/User.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/oca/ruby/OpenNebula/User.rb b/src/oca/ruby/OpenNebula/User.rb index f87cdf4597..a2425f7bcc 100644 --- a/src/oca/ruby/OpenNebula/User.rb +++ b/src/oca/ruby/OpenNebula/User.rb @@ -31,6 +31,8 @@ module OpenNebula :delgroup => "user.delgroup" } + SELF = -1 + # Creates a User description with just its identifier # this method should be used to create plain User objects. # +id+ the id of the user @@ -60,7 +62,7 @@ module OpenNebula # --------------------------------------------------------------------- # XML-RPC Methods for the User Object # --------------------------------------------------------------------- - + # Retrieves the information of the given User. def info() super(USER_METHODS[:info], 'USER') From 3c2418627476f8a1c448e8544867bea1a0878934 Mon Sep 17 00:00:00 2001 From: Javi Fontan Date: Mon, 11 Jul 2011 16:04:03 +0200 Subject: [PATCH 4/7] oneuser show without arguments asks for logged user's info --- src/cli/oneuser | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/cli/oneuser b/src/cli/oneuser index 6fba896458..ffb4346786 100755 --- a/src/cli/oneuser +++ b/src/cli/oneuser @@ -137,8 +137,10 @@ cmd=CommandParser::CmdParser.new(ARGV) do Shows information for the given User EOT - command :show, show_desc, :userid, :options=>OpenNebulaHelper::XML do - helper.show_resource(args[0],options) + command :show, show_desc, [:userid, nil], + :options=>OpenNebulaHelper::XML do + user=args[0] || OpenNebula::User::SELF + helper.show_resource(user,options) end end From 8bed6dbb1697d75161d46703a9b2b41c23cc99d4 Mon Sep 17 00:00:00 2001 From: Javi Fontan Date: Mon, 11 Jul 2011 16:05:45 +0200 Subject: [PATCH 5/7] Boolean variables are printed by common boolean_to_str --- src/cli/one_helper.rb | 6 +++--- src/cli/one_helper/oneimage_helper.rb | 13 +++++-------- src/cli/one_helper/onetemplate_helper.rb | 4 ++-- src/cli/one_helper/oneuser_helper.rb | 3 ++- src/cli/one_helper/onevnet_helper.rb | 6 +++--- 5 files changed, 15 insertions(+), 17 deletions(-) diff --git a/src/cli/one_helper.rb b/src/cli/one_helper.rb index 9920c2eba7..683d71f83f 100644 --- a/src/cli/one_helper.rb +++ b/src/cli/one_helper.rb @@ -331,11 +331,11 @@ EOT "OpenNebula #{poolname} name or id" end - def OpenNebulaHelper.public_to_str(str) + def OpenNebulaHelper.boolean_to_str(str) if str.to_i == 1 - public_str = "Y" + "Yes" else - public_str = "N" + "No" end end diff --git a/src/cli/one_helper/oneimage_helper.rb b/src/cli/one_helper/oneimage_helper.rb index 7332873151..f05aa50652 100644 --- a/src/cli/one_helper/oneimage_helper.rb +++ b/src/cli/one_helper/oneimage_helper.rb @@ -25,10 +25,6 @@ class OneImageHelper < OpenNebulaHelper::OneHelper "oneimage.yaml" end - def self.persistent_to_str(str) - str.to_i==1 ? "Yes" : "No" - end - def self.state_to_str(id) id = id.to_i state_str = Image::IMAGE_STATES[id] @@ -68,9 +64,10 @@ class OneImageHelper < OpenNebulaHelper::OneHelper puts str % ["TYPE", image.type_str] puts str % ["REGISTER TIME", OpenNebulaHelper.time_to_str(image['REGTIME'])] - puts str % ["PUBLIC", OpenNebulaHelper.public_to_str(image['PUBLIC'])] + puts str % ["PUBLIC", + OpenNebulaHelper.boolean_to_str(image['PUBLIC'])] puts str % ["PERSISTENT", - OneImageHelper.persistent_to_str(image["PERSISTENT"])] + OneImageHelper.boolean_to_str(image["PERSISTENT"])] puts str % ["SOURCE", image['SOURCE']] puts str % ["STATE", image.short_state_str] puts str % ["RUNNING_VMS", image['RUNNING_VMS']] @@ -112,12 +109,12 @@ class OneImageHelper < OpenNebulaHelper::OneHelper column :PUBLIC, "Whether the Image is public or not", :size=>3 do |d| - OpenNebulaHelper.public_to_str(d["PUBLIC"]) + OpenNebulaHelper.boolean_to_str(d["PUBLIC"]) end column :PERSISTENT, "Whether the Image is persistent or not", :size=>3 do |d| - OneImageHelper.persistent_to_str(d["PERSISTENT"]) + OneImageHelper.boolean_to_str(d["PERSISTENT"]) end column :STAT, "State of the Image", :size=>4 do |d| diff --git a/src/cli/one_helper/onetemplate_helper.rb b/src/cli/one_helper/onetemplate_helper.rb index e2c406e7f1..c1f24ac553 100644 --- a/src/cli/one_helper/onetemplate_helper.rb +++ b/src/cli/one_helper/onetemplate_helper.rb @@ -53,7 +53,7 @@ class OneTemplateHelper < OpenNebulaHelper::OneHelper puts str % ["REGISTER TIME", OpenNebulaHelper.time_to_str(template['REGTIME'])] puts str % ["PUBLIC", - OpenNebulaHelper.public_to_str(template['PUBLIC'])] + OpenNebulaHelper.boolean_to_str(template['PUBLIC'])] puts CLIHelper.print_header(str_h1 % "TEMPLATE CONTENTS",false) @@ -87,7 +87,7 @@ class OneTemplateHelper < OpenNebulaHelper::OneHelper column :PUBLIC, "Whether the Template is public or not", :size=>3 do |d| - OpenNebulaHelper.public_to_str(d["PUBLIC"]) + OpenNebulaHelper.boolean_to_str(d["PUBLIC"]) end default :ID, :USER, :GROUP, :NAME, :REGTIME, :PUBLIC diff --git a/src/cli/one_helper/oneuser_helper.rb b/src/cli/one_helper/oneuser_helper.rb index 7550d667b0..15409c569c 100644 --- a/src/cli/one_helper/oneuser_helper.rb +++ b/src/cli/one_helper/oneuser_helper.rb @@ -72,7 +72,8 @@ class OneUserHelper < OpenNebulaHelper::OneHelper puts str % ["NAME", user.name] puts str % ["MAIN_GROUP", user.gid] puts str % ["PASSWORD", user['PASSWORD']] - puts str % ["ENABLED", user['ENABLED']] + puts str % ["ENABLED", + OpenNebulaHelper.boolean_to_str(user['ENABLED'])] puts CLIHelper.print_header(str_h1 % "GROUPS", false) diff --git a/src/cli/one_helper/onevnet_helper.rb b/src/cli/one_helper/onevnet_helper.rb index 2fd9915cd9..3d46a45aad 100644 --- a/src/cli/one_helper/onevnet_helper.rb +++ b/src/cli/one_helper/onevnet_helper.rb @@ -55,7 +55,7 @@ class OneVNetHelper < OpenNebulaHelper::OneHelper puts str % ["ID", vn.id.to_s] puts str % ["USER", vn['UNAME']] puts str % ["GROUP", vn['GNAME']] - puts str % ["PUBLIC", OpenNebulaHelper.public_to_str(vn['PUBLIC'])] + puts str % ["PUBLIC", OpenNebulaHelper.boolean_to_str(vn['PUBLIC'])] puts CLIHelper.print_header(str_h1 % ["VIRTUAL NETWORK TEMPLATE"], false) @@ -107,8 +107,8 @@ class OneVNetHelper < OpenNebulaHelper::OneHelper end column :PUBLIC, "Whether the Virtual Network is public or not", - :size=>3 do |d| - OpenNebulaHelper.public_to_str(d['PUBLIC']) + :size=>1 do |d| + OpenNebulaHelper.boolean_to_str(d['PUBLIC']) end column :LEASES, "Number of this Virtual Network's given leases", From 2f2868872584b6a6cae70da570ba97256e98fce6 Mon Sep 17 00:00:00 2001 From: Javi Fontan Date: Mon, 11 Jul 2011 16:06:48 +0200 Subject: [PATCH 6/7] Users only have one group (CLI change) --- src/cli/one_helper/oneuser_helper.rb | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/src/cli/one_helper/oneuser_helper.rb b/src/cli/one_helper/oneuser_helper.rb index 15409c569c..24f2fd87e1 100644 --- a/src/cli/one_helper/oneuser_helper.rb +++ b/src/cli/one_helper/oneuser_helper.rb @@ -70,17 +70,10 @@ class OneUserHelper < OpenNebulaHelper::OneHelper CLIHelper.print_header(str_h1 % "USER #{user['ID']} INFORMATION") puts str % ["ID", user.id.to_s] puts str % ["NAME", user.name] - puts str % ["MAIN_GROUP", user.gid] + puts str % ["GROUP", user.gid] puts str % ["PASSWORD", user['PASSWORD']] puts str % ["ENABLED", OpenNebulaHelper.boolean_to_str(user['ENABLED'])] - puts - - CLIHelper.print_header(str_h1 % "GROUPS", false) - CLIHelper.print_header("%-15s %-20s" % ["ID","NAME"]) - user.group_ids.each do |gid| - puts "%-15s %-20s" % [gid, self.gid_to_str(gid.to_s)] - end end def format_pool(pool, options, top=false) From 75bcc46dd78d3a912cc41e8693ffc1f22f22ecfc Mon Sep 17 00:00:00 2001 From: "Ruben S. Montero" Date: Mon, 11 Jul 2011 16:49:17 +0200 Subject: [PATCH 7/7] bug: Templates are now render in ASCI strings without syntax errors (for update methods) --- src/oca/ruby/OpenNebula/XMLUtils.rb | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/src/oca/ruby/OpenNebula/XMLUtils.rb b/src/oca/ruby/OpenNebula/XMLUtils.rb index fbdee3b79e..912c2e4561 100644 --- a/src/oca/ruby/OpenNebula/XMLUtils.rb +++ b/src/oca/ruby/OpenNebula/XMLUtils.rb @@ -214,14 +214,15 @@ module OpenNebula str_line << n.collect {|n2| if n2 && n2.class==REXML::Element - str = ind_tab + n2.name + "=" - str += n2.text if n2.text + str = "" + str << ind_tab << n2.name << '=' + str << attr_to_str(n2.text) if n2.text str end - }.compact.join(","+ind_enter) + }.compact.join(','+ind_enter) str_line<<" ]" else - str_line<