SFA-4
MyPLC 5.0 does away with the min_role_id field in the SliceTag. This is replaced by a list of roles that can set the tag in
the TagType. Updated permission checks accordingly for setting SliceTags from the RSpec.
import sys
from StringIO import StringIO
import sys
from StringIO import StringIO
class Sliver:
def __init__(self, node):
self.node = node
class Sliver:
def __init__(self, node):
self.node = node
return n
# Add a new slice tag
return n
# Add a new slice tag
- def add_tag(self, tagname, value, node = None, role_id = 30):
+ def add_tag(self, tagname, value, node = None, role = "user"):
tt = self.network.lookupTagType(tagname)
tt = self.network.lookupTagType(tagname)
- if not tt.permit_update(role_id):
+ if not tt.permit_update(role):
raise InvalidRSpec("permission denied to modify '%s' tag" % tagname)
tag = Slicetag()
tag.initialize(tagname, value, node, self.network)
raise InvalidRSpec("permission denied to modify '%s' tag" % tagname)
tag = Slicetag()
tag.initialize(tagname, value, node, self.network)
return tag
# Update a slice tag if it exists, else add it
return tag
# Update a slice tag if it exists, else add it
- def update_tag(self, tagname, value, node = None, role_id = 30):
+ def update_tag(self, tagname, value, node = None, role = "user"):
+ tt = self.network.lookupTagType(tagname)
+ if not tt.permit_update(role):
+ raise InvalidRSpec("permission denied to modify '%s' tag" % tagname)
tag = self.get_tag(tagname, node)
if tag:
tag = self.get_tag(tagname, node)
if tag:
- if not tag.permit_update(role_id, value):
- raise InvalidRSpec("permission denied to modify '%s' tag" % tagname)
- tag = self.add_tag(tagname, value, node, role_id)
+ tag = self.add_tag(tagname, value, node, role)
- def update_multi_tag(self, tagname, value, node = None, role_id = 30):
+ def update_multi_tag(self, tagname, value, node = None, role = "user"):
tags = self.get_multi_tag(tagname, node)
for tag in tags:
if tag and tag.value == value:
break
else:
tags = self.get_multi_tag(tagname, node)
for tag in tags:
if tag and tag.value == value:
break
else:
- tag = self.add_tag(tagname, value, node, role_id)
+ tag = self.add_tag(tagname, value, node, role)
return tag
def tags_to_xml(self, xml, node = None):
return tag
def tags_to_xml(self, xml, node = None):
class Slicetag:
newid = -1
class Slicetag:
newid = -1
-# filter_fields = ['slice_tag_id','slice_id','tagname','value','node_id','category','min_role_id']
filter_fields = ['slice_tag_id','slice_id','tagname','value','node_id','category']
ignore_tags = ['hmac','ssh_key']
def __init__(self, tag = None):
filter_fields = ['slice_tag_id','slice_id','tagname','value','node_id','category']
ignore_tags = ['hmac','ssh_key']
def __init__(self, tag = None):
self.value = tag['value']
self.node_id = tag['node_id']
self.category = tag['category']
self.value = tag['value']
self.node_id = tag['node_id']
self.category = tag['category']
-# self.min_role_id = tag['min_role_id']
self.status = None
# Create a new slicetag that will be written to the DB later
self.status = None
# Create a new slicetag that will be written to the DB later
else:
self.node_id = None
self.category = tt.category
else:
self.node_id = None
self.category = tt.category
-# self.min_role_id = tt.min_role_id
- def permit_update(self, role_id, value = None):
- if value and self.value == value:
- return True
- # xxx FIXME - the new model in PLCAPI has roles and not min_role_id
- #if role_id > self.min_role_id:
- # return False
- return False
-
def change(self, value):
if self.value != value:
self.value = value
def change(self, value):
if self.value != value:
self.value = value
self.id = tagtype['tag_type_id']
self.category = tagtype['category']
self.tagname = tagtype['tagname']
self.id = tagtype['tag_type_id']
self.category = tagtype['category']
self.tagname = tagtype['tagname']
-# self.min_role_id = tagtype['min_role_id']
+ self.roles = tagtype['roles']
self.multi = False
self.in_rspec = False
if self.category == 'slice/rspec':
self.multi = False
self.in_rspec = False
if self.category == 'slice/rspec':
if self.tagname in ['codemux', 'ip_addresses', 'vsys']:
self.multi = True
if self.tagname in ['codemux', 'ip_addresses', 'vsys']:
self.multi = True
- def permit_update(self, role_id):
- # XXX FIXME ditto
- #if role_id > self.min_role_id:
- # return False
+ def permit_update(self, role):
+ if role in self.roles:
+ return True
Write any slice tags that have been added or modified back to the DB
"""
for tag in self.getSliceTags():
Write any slice tags that have been added or modified back to the DB
"""
for tag in self.getSliceTags():
- if tag.category == 'slice/rspec' and not tag.was_updated() and tag.permit_update(None, 30):
- # The user wants to delete this tag
- tag.delete()
+ if tag.category == 'slice/rspec' and not tag.was_updated():
+ tt = self.lookupTagType(tag.tagname)
+ if tt.permit_update("user"):
+ tag.delete()
# Update slice tags in database
for tag in self.getSliceTags():
# Update slice tags in database
for tag in self.getSliceTags():