Revision 01d932ad

View differences:

include/AuthManager.h
281 281
        USE,        /** Authorization to use an object      */
282 282
        MANAGE,     /** Authorization to manage an object   */
283 283
        INFO,       /** Authorization to view an object     */
284
        INFO_POOL,  /** Authorization to view all objects in the pool */
284 285
        INSTANTIATE /** Authorization to instantiate a VM from a TEMPLATE   */
285 286
    };
286 287

  
include/RequestManagerPoolInfo.h
19 19

  
20 20
#include "Request.h"
21 21
#include "Nebula.h"
22
#include "AuthManager.h"
22 23

  
23 24
using namespace std;
24 25

  
......
43 44
    
44 45
    /* -------------------------------------------------------------------- */
45 46

  
46
    PoolSQL *pool;
47
    PoolSQL *           pool;
48
    AuthRequest::Object auth_object;
47 49
};
48 50

  
49 51
/* ------------------------------------------------------------------------- */
......
56 58
        RequestManagerPoolInfo("HostPoolInfo",
57 59
                               "Returns the host pool")
58 60
    {    
59
        Nebula& nd = Nebula::instance();
60
        pool       = nd.get_hpool();
61
        Nebula& nd  = Nebula::instance();
62
        pool        = nd.get_hpool();
63
        auth_object = AuthRequest::HOST;
61 64
    };
62 65

  
63 66
    ~HostPoolInfo(){};
......
75 78
    {    
76 79
        Nebula& nd = Nebula::instance();
77 80
        pool       = nd.get_cpool();
81
        auth_object = AuthRequest::CLUSTER;
78 82
    };
79 83

  
80 84
    ~ClusterPoolInfo(){};
......
97 101
    {    
98 102
        Nebula& nd = Nebula::instance();
99 103
        pool       = nd.get_gpool();
104
        auth_object = AuthRequest::GROUP;
100 105
    };
101 106

  
102 107
    ~GroupPoolInfo(){};
......
112 117
        RequestManagerPoolInfo("UserPoolInfo",
113 118
                               "Returns the user pool")
114 119
    {    
115
        Nebula& nd = Nebula::instance();
116
        pool       = nd.get_upool();
120
        Nebula& nd  = Nebula::instance();
121
        pool        = nd.get_upool();
122
        auth_object = AuthRequest::USER;
117 123
    };
118 124

  
119 125
    ~UserPoolInfo(){};
include/RequestManagerPoolInfoFilter.h
19 19

  
20 20
#include "Request.h"
21 21
#include "Nebula.h"
22
//#include "AuthManager.h"
22
#include "AuthManager.h"
23 23

  
24 24
using namespace std;
25 25

  
......
50 50
    
51 51
    /* -------------------------------------------------------------------- */
52 52

  
53
    PoolSQL *pool;
53
    PoolSQL *           pool;
54
    AuthRequest::Object auth_object;
54 55
};
55 56

  
56 57
/* ------------------------------------------------------------------------- */
......
63 64
        RequestManagerPoolInfoFilter("VirtualMachinePoolInfo",
64 65
                                     "Returns the virtual machine instances pool")
65 66
    {    
66
        Nebula& nd = Nebula::instance();
67
        pool       = nd.get_vmpool();
67
        Nebula& nd  = Nebula::instance();
68
        pool        = nd.get_vmpool();
69
        auth_object = AuthRequest::VM;
68 70
    };
69 71

  
70 72
    ~VirtualMachinePoolInfo(){};
......
80 82
        RequestManagerPoolInfoFilter("TemplatePoolInfo",
81 83
                                     "Returns the virtual machine template pool")
82 84
    {    
83
        Nebula& nd = Nebula::instance();
84
        pool       = nd.get_tpool();
85
        Nebula& nd  = Nebula::instance();
86
        pool        = nd.get_tpool();
87
        auth_object = AuthRequest::TEMPLATE;
85 88
    };
86 89

  
87 90
    ~TemplatePoolInfo(){};
......
102 105
        RequestManagerPoolInfoFilter("VirtualNetworkPoolInfo",
103 106
                                     "Returns the virtual network pool")
104 107
    {    
105
        Nebula& nd = Nebula::instance();
106
        pool       = nd.get_vnpool();
108
        Nebula& nd  = Nebula::instance();
109
        pool        = nd.get_vnpool();
110
        auth_object = AuthRequest::NET;
107 111
    };
108 112

  
109 113
    ~VirtualNetworkPoolInfo(){};
......
119 123
        RequestManagerPoolInfoFilter("ImagePoolInfo",
120 124
                                     "Returns the image pool")
121 125
    {    
122
        Nebula& nd = Nebula::instance();
123
        pool       = nd.get_ipool();
126
        Nebula& nd  = Nebula::instance();
127
        pool        = nd.get_ipool();
128
        auth_object = AuthRequest::IMAGE;
124 129
    };
125 130

  
126 131
    ~ImagePoolInfo(){};
src/authm/AuthManager.cc
92 92
            oss << "INFO:" ;
93 93
            break;
94 94

  
95
        case INFO_POOL:
96
            oss << "INFO_POOL:" ;
97
            break;
98

  
95 99
        case INSTANTIATE:
96 100
            oss << "INSTANTIATE:" ;
97 101
            break;
......
149 153
            case INFO: // This is for completeness, as the only INFO existing 
150 154
                       // is for UserPool, and just oneadmin can see it
151 155
                break;
156

  
157
            case INFO_POOL:
158
                if ( ob != USER )
159
                {
160
                    auth = true;
161
                }
162
                break;
152 163
        }
153 164
    }
154 165

  
src/rm/RequestManagerPoolInfo.cc
28 28
{
29 29
    ostringstream oss;
30 30
    int rc;
31
 
31

  
32
    //Authorize the operation
33
    if ( uid != 0 ) // uid == 0 means oneadmin
34
    {
35
        AuthRequest ar(uid);
36

  
37
        ar.add_auth(auth_object,
38
                    -1,
39
                    AuthRequest::INFO_POOL,
40
                    0,
41
                    false);
42

  
43
        if (UserPool::authorize(ar) == -1)
44
        {
45
            goto error_authorize;
46
        }
47
    }
48

  
32 49
    // Call the template pool dump
33 50
    rc = pool->dump(oss,"");
34 51

  
......
40 57
    success_response(oss.str());
41 58

  
42 59
    return;
60
//TODO Get the object name from the AuthRequest Class
61
error_authorize:
62
    failure_response(AUTHORIZATION,
63
                     authorization_error("INFO","USER",uid,-1));
64
    return;
43 65

  
44 66
error_dump: //TBD Improve Error messages for DUMP
45
    oss.str();
46 67
    failure_response(INTERNAL,"Internal Error");
47 68
    return;
48 69
}
src/rm/RequestManagerPoolInfoFilter.cc
66 66
            break;
67 67
    }
68 68

  
69
    //Authorize the operation
70
    if ( uid != 0 && (filter_flag == ALL || filter_flag >= 0) ) // uid == 0 means oneadmin
71
    {
72
        AuthRequest ar(uid);
73

  
74
        ar.add_auth(auth_object,
75
                    -1,
76
                    AuthRequest::INFO_POOL,
77
                    0,
78
                    false);
79

  
80
        if (UserPool::authorize(ar) == -1)
81
        {
82
            goto error_authorize;
83
        }
84
    }
85

  
69 86
    // Call the template pool dump
70 87
    rc = pool->dump(oss,where_string.str());
71 88

  
......
82 99
    failure_response(XML_RPC_API, "Incorrect filter_flag, must be >= -3.");
83 100
    return;
84 101

  
102
//TODO Get the object name from the AuthRequest Class
103
error_authorize:
104
    failure_response(AUTHORIZATION,
105
                     authorization_error("INFO","USER",uid,-1));
106
    return;
107

  
85 108
error_dump: //TBD Improve Error messages for DUMP
86 109
    oss.str();
87 110
    failure_response(INTERNAL,"Internal Error");

Also available in: Unified diff