Statistics
| Branch: | Tag: | Revision:

one / src / rm / RequestManagerAcl.cc @ bfaabf35

History | View | Annotate | Download (4.59 KB)

1
/* -------------------------------------------------------------------------- */
2
/* Copyright 2002-2011, OpenNebula Project Leads (OpenNebula.org)             */
3
/*                                                                            */
4
/* Licensed under the Apache License, Version 2.0 (the "License"); you may    */
5
/* not use this file except in compliance with the License. You may obtain    */
6
/* a copy of the License at                                                   */
7
/*                                                                            */
8
/* http://www.apache.org/licenses/LICENSE-2.0                                 */
9
/*                                                                            */
10
/* Unless required by applicable law or agreed to in writing, software        */
11
/* distributed under the License is distributed on an "AS IS" BASIS,          */
12
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   */
13
/* See the License for the specific language governing permissions and        */
14
/* limitations under the License.                                             */
15
/* -------------------------------------------------------------------------- */
16

    
17
#include "RequestManagerAcl.h"
18

    
19
using namespace std;
20

    
21
/* ------------------------------------------------------------------------- */
22
/* ------------------------------------------------------------------------- */
23

    
24
void RequestManagerAcl::request_execute(xmlrpc_c::paramList const& paramList)
25
{
26
/*
27
    xmlrpc-c version 1.07 can manage 64 bit numbers, but not all distros. ship
28
    the latest version.
29

30
    user      = xmlrpc_c::value_i8(paramList.getI8(1));
31
    resource  = xmlrpc_c::value_i8(paramList.getI8(2));
32
    rights    = xmlrpc_c::value_i8(paramList.getI8(3));
33
*/
34

    
35
    istringstream iss;
36

    
37
    iss.str( xmlrpc_c::value_string(paramList.getString(1)) );
38
    iss >> hex >> user;
39

    
40
    iss.clear();
41
    iss.str( xmlrpc_c::value_string(paramList.getString(2)) );
42
    iss >> hex >> resource;
43

    
44
    iss.clear();
45
    iss.str( xmlrpc_c::value_string(paramList.getString(3)) );
46
    iss >> hex >> rights;
47

    
48

    
49

    
50
    // TODO, debug
51
/*
52
    int iu, id, it;
53

54
    iss.clear();
55
    iss.str( xmlrpc_c::value_string(paramList.getString(1)) );
56
    iss >> iu;
57

58
    iss.clear();
59
    iss.str( xmlrpc_c::value_string(paramList.getString(2)) );
60
    iss >> id;
61

62
    iss.clear();
63
    iss.str( xmlrpc_c::value_string(paramList.getString(3)) );
64
    iss >> it;
65

66

67

68
    ostringstream oss;
69
    string u = xmlrpc_c::value_string(paramList.getString(1));
70
    string d = xmlrpc_c::value_string(paramList.getString(2));
71
    string t = xmlrpc_c::value_string(paramList.getString(3));
72

73
    oss << "\n";
74
    oss << "User :     " << u << ", " << iu << ", dec: " << dec  << user     << "\n";
75
    oss << "Resource : " << d << ", " << id << ", dec: "  << dec << resource << "\n";
76
    oss << "Rights :   " << t << ", " << it << ", dec: "  << dec << rights   << "\n";
77
    NebulaLog::log("ACL-RM",Log::DEBUG,oss);
78
*/
79

    
80
    Nebula& nd  = Nebula::instance();
81
    aclm        = nd.get_aclm();
82

    
83
    string error_msg;
84

    
85
    // TODO: Only oneadmin can manage ACL
86
    if ( uid != 0 )
87
    {
88
        failure_response(AUTHORIZATION,
89
                authorization_error("Only oneadmin can manage ACL rules"));
90
        return;
91
    }
92

    
93
    int rc = perform_operation(error_msg);
94

    
95
    if ( rc != 0 )
96
    {
97
        failure_response(INTERNAL, request_error(error_msg, ""));
98
        return;
99
    }
100

    
101
    success_response("");
102

    
103
    return;
104
}
105

    
106
/* ------------------------------------------------------------------------- */
107

    
108
int AclAddRule::perform_operation(string& error_msg)
109
{
110
    return aclm->add_rule(user, resource, rights);
111
}
112

    
113
/* ------------------------------------------------------------------------- */
114

    
115
int AclDelRule::perform_operation(string& error_msg)
116
{
117
    return aclm->del_rule(user, resource, rights);
118
}
119

    
120
/* ------------------------------------------------------------------------- */
121
/* ------------------------------------------------------------------------- */
122

    
123
void AclInfo::request_execute(xmlrpc_c::paramList const& paramList)
124
{
125
    Nebula& nd  = Nebula::instance();
126
    aclm        = nd.get_aclm();
127

    
128
    ostringstream oss;
129
    int rc;
130

    
131
    // TODO: Only oneadmin can manage ACL
132
    if ( uid != 0 )
133
    {
134
        failure_response(AUTHORIZATION,
135
                authorization_error("Only oneadmin can manage ACL rules"));
136
        return;
137
    }
138

    
139
    rc = aclm->dump(oss);
140

    
141
    if ( rc != 0 )
142
    {
143
        failure_response(INTERNAL, request_error("Internal Error",""));
144
        return;
145
    }
146

    
147
    success_response( oss.str() );
148

    
149
    return;
150
}
151

    
152
/* ------------------------------------------------------------------------- */