Statistics
| Branch: | Tag: | Revision:

one / src / rm / Request.cc @ 5bde303f

History | View | Annotate | Download (7.14 KB)

1
/* -------------------------------------------------------------------------- */
2
/* Copyright 2002-2011, OpenNebula Project Leads (OpenNebula.org)             */
3
/*                                                                            */
4
/* Licensed under the Apache License, Version 2.0 (the "License"); you may    */
5
/* not use this file except in compliance with the License. You may obtain    */
6
/* a copy of the License at                                                   */
7
/*                                                                            */
8
/* http://www.apache.org/licenses/LICENSE-2.0                                 */
9
/*                                                                            */
10
/* Unless required by applicable law or agreed to in writing, software        */
11
/* distributed under the License is distributed on an "AS IS" BASIS,          */
12
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   */
13
/* See the License for the specific language governing permissions and        */
14
/* limitations under the License.                                             */
15
/* -------------------------------------------------------------------------- */
16

    
17
#include "Request.h"
18
#include "Nebula.h"
19

    
20

    
21
/* -------------------------------------------------------------------------- */
22
/* -------------------------------------------------------------------------- */
23

    
24
void Request::execute(
25
        xmlrpc_c::paramList const& _paramList,
26
        xmlrpc_c::value *   const  _retval)
27
{
28
    retval  = _retval;
29
    session = xmlrpc_c::value_string (_paramList.getString(0));
30

    
31
    Nebula& nd = Nebula::instance();
32
    UserPool* upool = nd.get_upool();
33

    
34
    NebulaLog::log("ReM",Log::DEBUG, method_name + " method invoked");
35

    
36
    if ( upool->authenticate(session, uid, gid) == false )
37
    {
38
        failure_response(AUTHENTICATION, authenticate_error());
39
    }
40
    else
41
    {
42
        request_execute(_paramList);    
43
    }
44
};
45

    
46
/* -------------------------------------------------------------------------- */
47
/* -------------------------------------------------------------------------- */
48

    
49
bool Request::basic_authorization(int oid)
50
{
51
    PoolObjectSQL * object;
52

    
53
    bool pub;
54
    int  ouid;
55

    
56
    if ( uid == 0 )
57
    {
58
        return true;
59
    }
60

    
61
    if ( oid == -1 )
62
    {
63
        ouid = 0;
64
        pub  = false;
65
    }
66
    else
67
    {
68
        object = pool->get(oid,true);
69

    
70
        if ( object == 0 )
71
        {
72
            failure_response(NO_EXISTS, get_error("USER",oid)); //TODO
73
            return false;
74
        }
75

    
76
        ouid = object->get_uid();
77
        pub  = object->isPublic();
78

    
79
        object->unlock();
80
    }
81

    
82
   AuthRequest ar(uid);
83

    
84
   ar.add_auth(auth_object, oid, auth_op, ouid, pub);
85

    
86
   if (UserPool::authorize(ar) == -1)
87
   {
88
        failure_response(AUTHORIZATION, //TODO
89
                 authorization_error("INFO","USER",oid,-1));
90

    
91
        return false;
92
    }
93

    
94
    return true;
95
}
96

    
97
/* -------------------------------------------------------------------------- */
98
/* -------------------------------------------------------------------------- */
99

    
100
void Request::failure_response(ErrorCode ec, const string& str_val)
101
{    
102
    vector<xmlrpc_c::value> arrayData;
103

    
104
    arrayData.push_back(xmlrpc_c::value_boolean(false));
105
    arrayData.push_back(xmlrpc_c::value_string(str_val));
106
    arrayData.push_back(xmlrpc_c::value_int(ec));
107

    
108
    xmlrpc_c::value_array arrayresult(arrayData);
109

    
110
    *retval = arrayresult;
111

    
112
    NebulaLog::log("ReM",Log::ERROR,str_val);
113
}
114

    
115
/* -------------------------------------------------------------------------- */
116
/* -------------------------------------------------------------------------- */
117

    
118
void Request::success_response(int id)
119
{    
120
    vector<xmlrpc_c::value> arrayData;
121

    
122
    arrayData.push_back(xmlrpc_c::value_boolean(true));
123
    arrayData.push_back(xmlrpc_c::value_int(id));
124
    arrayData.push_back(xmlrpc_c::value_int(SUCCESS));
125

    
126

    
127
    xmlrpc_c::value_array arrayresult(arrayData);
128

    
129
    *retval = arrayresult;
130
}
131

    
132
/* -------------------------------------------------------------------------- */
133

    
134
void Request::success_response(const string& val)
135
{    
136
    vector<xmlrpc_c::value> arrayData;
137

    
138
    arrayData.push_back(xmlrpc_c::value_boolean(true));
139
    arrayData.push_back(xmlrpc_c::value_string(val));
140
    arrayData.push_back(xmlrpc_c::value_int(SUCCESS));
141

    
142
    xmlrpc_c::value_array arrayresult(arrayData);
143

    
144
    *retval = arrayresult;
145
}
146

    
147
/* -------------------------------------------------------------------------- */
148
/* -------------------------------------------------------------------------- */
149

    
150
string Request::object_name(AuthRequest::Object ob)
151
{
152
    switch (ob)
153
    {
154
        case AuthRequest::VM:
155
            return "virtual machine";
156
        case AuthRequest::HOST:
157
            return "host";
158
        case AuthRequest::NET:
159
            return "virtual network";
160
        case AuthRequest::IMAGE:
161
            return "image";
162
        case AuthRequest::USER:
163
            return "user";
164
        case AuthRequest::CLUSTER:
165
            return "cluster";
166
        case AuthRequest::TEMPLATE:
167
            return "virtual machine template";
168
        case AuthRequest::GROUP:
169
            return "group";
170
        default:
171
            return "-";
172
      }
173
};
174

    
175
/* -------------------------------------------------------------------------- */
176
/* -------------------------------------------------------------------------- */
177

    
178
string Request::authorization_error (const string &action,
179
                                     const string &object,
180
                                     int   uid,
181
                                     int   id)
182
{
183
    ostringstream oss;
184

    
185
    oss << "[" << method_name << "]" << " User [" << uid << "] not authorized"
186
        << " to perform " << action << " on " << object;
187

    
188

    
189
    if ( id != -1 )
190
    {
191
        oss << " [" << id << "].";
192
    }
193
    else
194
    {
195
        oss << " Pool";
196
    }
197

    
198
    return oss.str();
199
}
200

    
201
/* -------------------------------------------------------------------------- */
202

    
203
string Request::authenticate_error()
204
{
205
    ostringstream oss;
206

    
207
    oss << "[" << method_name << "]" << " User couldn't be authenticated," <<
208
           " aborting call.";
209

    
210
    return oss.str();
211
}
212

    
213
/* -------------------------------------------------------------------------- */
214

    
215
string Request::get_error (const string &object,
216
                           int id)
217
{
218
    ostringstream oss;
219

    
220
    oss << "[" << method_name << "]" << " Error getting " <<
221
           object;
222

    
223
   if ( id != -1 )
224
   {
225
       oss << " [" << id << "].";
226
   }
227
   else
228
   {
229
      oss << " Pool.";
230
   }
231

    
232
   return oss.str();
233
}
234
/* -------------------------------------------------------------------------- */
235

    
236
string Request::action_error (const string &action,
237
                              const string &object,
238
                              int id,
239
                              int rc)
240
{
241
    ostringstream oss;
242

    
243
    oss << "[" << method_name << "]" << " Error trying to " << action << " "
244
        << object;
245

    
246
    switch(id)
247
    {
248
        case -2:
249
            break;
250
        case -1:
251
            oss << "Pool.";
252
            break;
253
        default:
254
            oss << " [" << id << "].";
255
            break;
256
    }
257

    
258
    if ( rc != 0 )
259
    {
260
        oss << " Returned error code [" << rc << "].";
261
    }
262

    
263
    return oss.str();
264
}