1
0
mirror of https://github.com/OpenNebula/one.git synced 2024-12-24 21:34:01 +03:00
Commit Graph

50 Commits

Author SHA1 Message Date
Ruben S. Montero
9361376e90 feature #1288: Managers can now execute synchronous actions 2012-05-31 18:38:14 +02:00
Ruben S. Montero
e192b6348b feature #1288: Moved AuthRequest to its own file to prepare a generic synchronous request interface 2012-05-31 16:51:07 +02:00
Ruben S. Montero
552d370593 feature #1288: Better integration for Quotas with RequestManager 2012-05-30 02:20:16 +02:00
Ruben S. Montero
d6beb1fb06 feature #1288: Work on Quota interface. Integration with authZ/authN system 2012-05-29 00:36:13 +02:00
Carlos Martín
a76be30312 Feature #1096: Change authorization MAD definition to detect if there is any authZ driver enabled 2012-04-11 18:02:15 +02:00
Jaime Melis
a2b7cb6bc9 Bump to version 3.2.0 2012-01-12 12:29:18 +01:00
Carlos Martín
d36e3f1cf9 Feature #862: Remove PUBLIC from the authorization driver protocol 2012-01-10 15:24:01 +01:00
Ruben S. Montero
e6628a1f75 Feature #862: Re-factor PoolObjectAuth. Moved ObjectType to PoolObjectSQL. simplified interface for AuthManger::add_auth. 2012-01-03 02:58:23 +01:00
Carlos Martín
75d5e7a1fb Add the Object type to the PoolObjectAuth class 2012-01-02 22:14:43 +01:00
Carlos Martín
fef8cdbf08 Rename Permissions class to PoolObjectAuth and move it to its own .h file 2012-01-02 21:17:20 +01:00
Carlos Martín
eaa257103e Refactor PoolObjectSQL::Permissions to be a separate class. Use pointers for Permissions arguments 2012-01-02 19:21:54 +01:00
Carlos Martín
58b831c471 New class PoolObjectSQL::Permissions to move objects ownership and permission attributes to the Auth & ACL Managers 2011-12-29 22:05:11 +01:00
Carlos Martín
e2f51e7861 Change ACL operations to USE, MANAGE, ADMIN & CREATE 2011-12-29 08:09:53 -08:00
Ruben S. Montero
7a44026d66 bug #847: Get rid of unneeded constructor in AuthRequest 2011-10-21 10:15:26 +02:00
Ruben S. Montero
3a2cbc229b bug #847: This commit includes several changes to the auth mechanism:
1.- Simplified auth methods for UserPool
2.- Added special SERVER_AUTH method for sudo'ing
3.- Added special PUBLIC_AUTH method for only-public interface users
4.- Added special driver name ("default") to authenticate unknown users
2011-10-21 01:17:46 +02:00
Carlos Martín
319e170ea5 Bug #847: Add new ACL operation to change the user auth driver. TODO: update Sunstone acl tab 2011-10-20 17:46:33 +02:00
Ruben S. Montero
605d580c63 bug #847: The authentication driver is now not encoded as part of the secret. The base auth driver has been updated to deal with this new protocol 2011-10-12 01:00:50 +02:00
Ruben S. Montero
fcb352d09d bug #847: Tokens are never sha1_digested. Core authentication mechanism stores the passwords digested, client sends plain passwords. Includes OCA (Ruby), CloudAuth and CLI updates. Ozones needs redesign its password storafe strategy. 2011-10-12 00:27:03 +02:00
Ruben S. Montero
cbf64ecf1b bug #847: Auth drivers are set in OpenNebula core. Login tokens do not include the driver, so the hash logic needs update, see #911 2011-10-11 19:15:13 +02:00
Ruben S. Montero
3501633b3d Merge branch 'master' into feature-754 2011-08-30 17:09:57 +02:00
Carlos Martín
8706613748 Feature #718: Add new DEPLOY authorization operation in core 2011-08-05 16:35:24 +02:00
Ruben S. Montero
65606e7faf feture-754: OpenNebula core sends information about the ACL authZ result to the driver. Improved formating of auth strings. Check trivial authZ requests. 2011-07-27 11:27:16 +02:00
Ruben S. Montero
66485c6ed7 MULTIPLE GROUPS: Removed initial effort to support multiple user groups for the users. This should be easily recovered to complete this feature in the future 2011-07-07 19:01:04 +02:00
Ruben S. Montero
84a19e69ad feature #687: Minor changes in the ACL module 2011-07-03 14:13:43 +02:00
Carlos Martín
303db36d95 Feature #687: ACL Manager looks for rules that apply to any of the user's groups 2011-06-29 12:50:16 +02:00
Carlos Martín
05ea353f24 Feature #687: ACL rules now check the object's group 2011-06-28 12:56:37 +02:00
Carlos Martín
bfaabf357d Feature #687: Start work on ACL rules 2011-06-22 19:22:52 +02:00
Ruben S. Montero
8c8ead4f74 feature #407: new CHOWN operation in AuthManager 2011-06-03 18:26:59 +02:00
Carlos Martín
e28ad2a69d Feature #662, #407: Delete operator<< from PoolObjectSQL classes. Remove Cluster objects. 2011-06-03 15:33:48 +02:00
Ruben S. Montero
e61cd923c5 feature #662: Deleted unneeded file and moved object to string method 2011-05-31 00:16:57 +02:00
Ruben S. Montero
25068e4d59 feature #662: Allocate methods 2011-05-28 04:03:09 +02:00
Ruben S. Montero
fb3d3a88bb feature #662: Common method for publish requests 2011-05-27 00:21:14 +02:00
Ruben S. Montero
b050a5da9f feature #622: Public is now an attribute of PoolObjectSQL. Redesign of authorization function 2011-05-26 12:20:56 +02:00
Ruben S. Montero
01d932adea feature #622: Added auth for the pool infos. New Auth action is INFO_POOL 2011-05-24 17:52:17 +02:00
Ruben S. Montero
3efc2abdc1 Merge branch 'master' into feature-407
Conflicts:
	install.sh
2011-05-21 02:28:23 +02:00
Ruben S. Montero
5bfec3ab96 feature #513: Moved SSL utils to a common Helper Class 2011-05-12 17:20:52 +02:00
Carlos Martín
ae53d43789 Feature #407: Base implementation for groups.
So far groups can be managed, but resources can't be associated to a group.
Tasks done:

  * New basic onegroup command
  * RequestManager XML-RPC methods
  * New group pool
  * New GROUP authorization symbol
  * Basic GroupPool tests
  * Ruby OCA methods
2011-05-10 18:45:15 +02:00
Carlos Martín
2649590d34 Feature #487: Several bugfixes and new INSTANTIATE auth. operation 2011-04-05 16:05:46 +02:00
Carlos Martín
5b9fed52f7 Feature #487: First version of TemplatePool added to the core: DB, Pool and RM methods. 2011-03-30 19:03:49 +02:00
Jaime Melis
4980255942 Update copyright year to 2011 2011-02-25 14:34:44 +01:00
Tino Vázquez
0659115f70 feature #203: Finishing RM authorization task 2010-07-13 18:16:05 +02:00
Tino Vázquez
aea644f944 feature #203: Auth for USERS 2010-07-09 20:12:19 +02:00
Ruben S. Montero
c752146975 feature #203: Encode object_ids (templates) for CREATE operations 2010-07-09 09:14:35 +02:00
Ruben S. Montero
76e83df632 feature #203: Simplified driver load procedure and getter 2010-07-08 18:50:32 +02:00
Ruben S. Montero
b14eefeeec feature #203: Plain authn/authz policies 2010-07-08 17:50:49 +02:00
Ruben S. Montero
7f646b8b66 feature 203: Requests now follow the new format 2010-07-08 16:36:33 +02:00
Ruben S. Montero
3388563a9d feature #203: Conforming new protocol spec 2010-07-08 15:45:00 +02:00
Ruben S. Montero
a707f730f2 feature #203: Prevent race condition when a AuthRequests timeout. Now timeout timers are handled by the AuthManager. 2010-07-06 12:35:47 +02:00
Ruben S. Montero
42161d1ac5 feature #203: Syncrhonization functions for the AuthRequest. Added basic tests for the Authentication Manager 2010-05-29 03:42:30 +02:00
Ruben S. Montero
baca5e4a44 feature #203: Initial version for the Authorization Manager and Drivers 2010-05-28 00:27:29 +02:00