git://git.onelab.eu
/
plcapi.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
03f03eb
)
allow node authentication
author
Mark Huang
<mlhuang@cs.princeton.edu>
Thu, 1 Feb 2007 05:03:24 +0000
(
05:03
+0000)
committer
Mark Huang
<mlhuang@cs.princeton.edu>
Thu, 1 Feb 2007 05:03:24 +0000
(
05:03
+0000)
17 files changed:
PLC/Methods/GetAddressTypes.py
patch
|
blob
|
history
PLC/Methods/GetAddresses.py
patch
|
blob
|
history
PLC/Methods/GetBootStates.py
patch
|
blob
|
history
PLC/Methods/GetConfFiles.py
patch
|
blob
|
history
PLC/Methods/GetKeyTypes.py
patch
|
blob
|
history
PLC/Methods/GetKeys.py
patch
|
blob
|
history
PLC/Methods/GetMessages.py
patch
|
blob
|
history
PLC/Methods/GetNetworkMethods.py
patch
|
blob
|
history
PLC/Methods/GetNetworkTypes.py
patch
|
blob
|
history
PLC/Methods/GetPCUs.py
patch
|
blob
|
history
PLC/Methods/GetPeerName.py
patch
|
blob
|
history
PLC/Methods/GetPeers.py
patch
|
blob
|
history
PLC/Methods/GetPersons.py
patch
|
blob
|
history
PLC/Methods/GetRoles.py
patch
|
blob
|
history
PLC/Methods/GetSliceAttributeTypes.py
patch
|
blob
|
history
PLC/Methods/GetSliceInstantiations.py
patch
|
blob
|
history
PLC/Methods/GetSlices.py
patch
|
blob
|
history
diff --git
a/PLC/Methods/GetAddressTypes.py
b/PLC/Methods/GetAddressTypes.py
index
ed8ad3b
..
d10be73
100644
(file)
--- a/
PLC/Methods/GetAddressTypes.py
+++ b/
PLC/Methods/GetAddressTypes.py
@@
-15,7
+15,7
@@
class GetAddressTypes(Method):
returned.
"""
returned.
"""
- roles = ['admin', 'pi', 'user', 'tech']
+ roles = ['admin', 'pi', 'user', 'tech'
, 'node'
]
accepts = [
Auth(),
accepts = [
Auth(),
diff --git
a/PLC/Methods/GetAddresses.py
b/PLC/Methods/GetAddresses.py
index
24d5aa2
..
b299295
100644
(file)
--- a/
PLC/Methods/GetAddresses.py
+++ b/
PLC/Methods/GetAddresses.py
@@
-14,7
+14,7
@@
class GetAddresses(Method):
specified, only the specified details will be returned.
"""
specified, only the specified details will be returned.
"""
- roles = ['admin', 'pi', 'user', 'tech']
+ roles = ['admin', 'pi', 'user', 'tech'
, 'node'
]
accepts = [
Auth(),
accepts = [
Auth(),
diff --git
a/PLC/Methods/GetBootStates.py
b/PLC/Methods/GetBootStates.py
index
85540ff
..
4cd31be
100644
(file)
--- a/
PLC/Methods/GetBootStates.py
+++ b/
PLC/Methods/GetBootStates.py
@@
-9,7
+9,7
@@
class GetBootStates(Method):
Returns an array of all valid node boot states.
"""
Returns an array of all valid node boot states.
"""
- roles = ['admin', 'pi', 'user', 'tech']
+ roles = ['admin', 'pi', 'user', 'tech'
, 'node'
]
accepts = [
Auth()
accepts = [
Auth()
diff --git
a/PLC/Methods/GetConfFiles.py
b/PLC/Methods/GetConfFiles.py
index
c2204aa
..
89d5250
100644
(file)
--- a/
PLC/Methods/GetConfFiles.py
+++ b/
PLC/Methods/GetConfFiles.py
@@
-15,7
+15,7
@@
class GetConfFiles(Method):
details will be returned.
"""
details will be returned.
"""
- roles = ['admin']
+ roles = ['admin'
, 'node'
]
accepts = [
Auth(),
accepts = [
Auth(),
diff --git
a/PLC/Methods/GetKeyTypes.py
b/PLC/Methods/GetKeyTypes.py
index
dd685de
..
32bb658
100644
(file)
--- a/
PLC/Methods/GetKeyTypes.py
+++ b/
PLC/Methods/GetKeyTypes.py
@@
-9,7
+9,7
@@
class GetKeyTypes(Method):
Returns an array of all valid key types.
"""
Returns an array of all valid key types.
"""
- roles = ['admin', 'pi', 'user', 'tech']
+ roles = ['admin', 'pi', 'user', 'tech'
, 'node'
]
accepts = [
Auth()
accepts = [
Auth()
diff --git
a/PLC/Methods/GetKeys.py
b/PLC/Methods/GetKeys.py
index
73ad9b6
..
2d7550c
100644
(file)
--- a/
PLC/Methods/GetKeys.py
+++ b/
PLC/Methods/GetKeys.py
@@
-2,6
+2,7
@@
from PLC.Faults import *
from PLC.Method import Method
from PLC.Parameter import Parameter, Mixed
from PLC.Filter import Filter
from PLC.Method import Method
from PLC.Parameter import Parameter, Mixed
from PLC.Filter import Filter
+from PLC.Persons import Person, Persons
from PLC.Keys import Key, Keys
from PLC.Auth import Auth
from PLC.Keys import Key, Keys
from PLC.Auth import Auth
@@
-17,7
+18,7
@@
class GetKeys(Method):
keys.
"""
keys.
"""
- roles = ['admin', 'pi', 'user', 'tech']
+ roles = ['admin', 'pi', 'user', 'tech'
, 'node'
]
accepts = [
Auth(),
accepts = [
Auth(),
@@
-33,7
+34,8
@@
class GetKeys(Method):
keys = Keys(self.api, key_filter, return_fields)
# If we are not admin, make sure to only return our own keys
keys = Keys(self.api, key_filter, return_fields)
# If we are not admin, make sure to only return our own keys
- if 'admin' not in self.caller['roles']:
+ if isinstance(self.caller, Person) and \
+ 'admin' not in self.caller['roles']:
keys = filter(lambda key: key['key_id'] in self.caller['key_ids'], keys)
return keys
keys = filter(lambda key: key['key_id'] in self.caller['key_ids'], keys)
return keys
diff --git
a/PLC/Methods/GetMessages.py
b/PLC/Methods/GetMessages.py
index
1c9931f
..
b0eb44e
100644
(file)
--- a/
PLC/Methods/GetMessages.py
+++ b/
PLC/Methods/GetMessages.py
@@
-9,13
+9,13
@@
class GetMessages(Method):
"""
Returns an array of structs containing details about message
templates. If message template_filter is specified and is an array
"""
Returns an array of structs containing details about message
templates. If message template_filter is specified and is an array
- of message template identifiers
or hostnames, or a struct of
-
message template attributes, only message templates matching th
e
- filter will be returned. If return_fields is specified, only the
-
specified
details will be returned.
+ of message template identifiers
, or a struct of message template
+
attributes, only message templates matching the filter will b
e
+ returned. If return_fields is specified, only the specified
+ details will be returned.
"""
"""
- roles = ['admin']
+ roles = ['admin'
, 'node'
]
accepts = [
Auth(),
accepts = [
Auth(),
diff --git
a/PLC/Methods/GetNetworkMethods.py
b/PLC/Methods/GetNetworkMethods.py
index
88fe048
..
cee914a
100644
(file)
--- a/
PLC/Methods/GetNetworkMethods.py
+++ b/
PLC/Methods/GetNetworkMethods.py
@@
-9,7
+9,7
@@
class GetNetworkMethods(Method):
Returns a list of all valid network methods.
"""
Returns a list of all valid network methods.
"""
- roles = ['admin', 'pi', 'user', 'tech']
+ roles = ['admin', 'pi', 'user', 'tech'
, 'node'
]
accepts = [
Auth()
accepts = [
Auth()
diff --git
a/PLC/Methods/GetNetworkTypes.py
b/PLC/Methods/GetNetworkTypes.py
index
eab232b
..
dbddd9f
100644
(file)
--- a/
PLC/Methods/GetNetworkTypes.py
+++ b/
PLC/Methods/GetNetworkTypes.py
@@
-9,7
+9,7
@@
class GetNetworkTypes(Method):
Returns a list of all valid network types.
"""
Returns a list of all valid network types.
"""
- roles = ['admin', 'pi', 'user', 'tech']
+ roles = ['admin', 'pi', 'user', 'tech'
, 'node'
]
accepts = [
Auth()
accepts = [
Auth()
diff --git
a/PLC/Methods/GetPCUs.py
b/PLC/Methods/GetPCUs.py
index
13bd7dc
..
28d50d6
100644
(file)
--- a/
PLC/Methods/GetPCUs.py
+++ b/
PLC/Methods/GetPCUs.py
@@
-2,6
+2,9
@@
from PLC.Faults import *
from PLC.Method import Method
from PLC.Parameter import Parameter, Mixed
from PLC.Filter import Filter
from PLC.Method import Method
from PLC.Parameter import Parameter, Mixed
from PLC.Filter import Filter
+from PLC.Sites import Site, Sites
+from PLC.Persons import Person, Persons
+from PLC.Nodes import Node, Nodes
from PLC.PCUs import PCU, PCUs
from PLC.Auth import Auth
from PLC.PCUs import PCU, PCUs
from PLC.Auth import Auth
@@
-17,7
+20,7
@@
class GetPCUs(Method):
their sites.
"""
their sites.
"""
- roles = ['admin', 'pi', 'tech']
+ roles = ['admin', 'pi', 'tech'
, 'node'
]
accepts = [
Auth(),
accepts = [
Auth(),
@@
-29,14
+32,18
@@
class GetPCUs(Method):
returns = [PCU.fields]
def call(self, auth, pcu_filter = None, return_fields = None):
returns = [PCU.fields]
def call(self, auth, pcu_filter = None, return_fields = None):
- # If we are not admin
, make sure to only return our own PCUs
- if
'admin' not in self.caller['roles']
:
- #
Get list of PCUs that we are able to view
+ # If we are not admin
+ if
not (isinstance(self.caller, Person) and 'admin' in self.caller['roles'])
:
+ #
Return only the PCUs at our site
valid_pcu_ids = []
valid_pcu_ids = []
- if self.caller['site_ids']:
- sites = Sites(self.api, self.caller['site_ids'])
- for site in sites:
- valid_pcu_ids += site['pcu_ids']
+
+ if isinstance(self.caller, Person):
+ site_ids = self.caller['site_ids']
+ elif isinstance(self.caller, Node):
+ site_ids = [self.caller['site_id']]
+
+ for site in Sites(self.api, site_ids):
+ valid_pcu_ids += site['pcu_ids']
if not valid_pcu_ids:
return []
if not valid_pcu_ids:
return []
@@
-47,7
+54,7
@@
class GetPCUs(Method):
pcus = PCUs(self.api, pcu_filter, return_fields)
# Filter out PCUs that are not viewable
pcus = PCUs(self.api, pcu_filter, return_fields)
# Filter out PCUs that are not viewable
- if
'admin' not in self.caller['roles']
:
+ if
not (isinstance(self.caller, Person) and 'admin' in self.caller['roles'])
:
pcus = filter(lambda pcu: pcu['pcu_id'] in valid_pcu_ids, pcus)
return pcus
pcus = filter(lambda pcu: pcu['pcu_id'] in valid_pcu_ids, pcus)
return pcus
diff --git
a/PLC/Methods/GetPeerName.py
b/PLC/Methods/GetPeerName.py
index
ba5a5a7
..
30fbd94
100644
(file)
--- a/
PLC/Methods/GetPeerName.py
+++ b/
PLC/Methods/GetPeerName.py
@@
-9,7
+9,7
@@
class GetPeerName (Method):
Returns this peer's name, as defined in the config as PLC_NAME
"""
Returns this peer's name, as defined in the config as PLC_NAME
"""
- roles = ['admin', 'peer']
+ roles = ['admin', 'peer'
, 'node'
]
accepts = [Auth()]
accepts = [Auth()]
diff --git
a/PLC/Methods/GetPeers.py
b/PLC/Methods/GetPeers.py
index
b7509b0
..
235c27c
100644
(file)
--- a/
PLC/Methods/GetPeers.py
+++ b/
PLC/Methods/GetPeers.py
@@
-19,7
+19,7
@@
class GetPeers (Method):
specified details will be returned.
"""
specified details will be returned.
"""
- roles = ['admin']
+ roles = ['admin'
, 'node'
]
accepts = [
Auth(),
accepts = [
Auth(),
diff --git
a/PLC/Methods/GetPersons.py
b/PLC/Methods/GetPersons.py
index
6ac93ee
..
458fdac
100644
(file)
--- a/
PLC/Methods/GetPersons.py
+++ b/
PLC/Methods/GetPersons.py
@@
-18,10
+18,10
@@
class GetPersons(Method):
Users and techs may only retrieve details about themselves. PIs
may retrieve details about themselves and others at their
Users and techs may only retrieve details about themselves. PIs
may retrieve details about themselves and others at their
- sites. Admins may retrieve details about all accounts.
+ sites. Admins
and nodes
may retrieve details about all accounts.
"""
"""
- roles = ['admin', 'pi', 'user', 'tech']
+ roles = ['admin', 'pi', 'user', 'tech'
, 'node'
]
accepts = [
Auth(),
accepts = [
Auth(),
@@
-38,7
+38,8
@@
class GetPersons(Method):
def call(self, auth, person_filter = None, return_fields = None):
# If we are not admin, make sure to only return viewable accounts
def call(self, auth, person_filter = None, return_fields = None):
# If we are not admin, make sure to only return viewable accounts
- if 'admin' not in self.caller['roles']:
+ if isinstance(self.caller, Person) and \
+ 'admin' not in self.caller['roles']:
# Get accounts that we are able to view
valid_person_ids = [self.caller['person_id']]
if 'pi' in self.caller['roles'] and self.caller['site_ids']:
# Get accounts that we are able to view
valid_person_ids = [self.caller['person_id']]
if 'pi' in self.caller['roles'] and self.caller['site_ids']:
@@
-62,7
+63,8
@@
class GetPersons(Method):
persons = Persons(self.api, person_filter, return_fields)
# Filter out accounts that are not viewable
persons = Persons(self.api, person_filter, return_fields)
# Filter out accounts that are not viewable
- if 'admin' not in self.caller['roles']:
+ if isinstance(self.caller, Person) and \
+ 'admin' not in self.caller['roles']:
persons = filter(self.caller.can_view, persons)
return persons
persons = filter(self.caller.can_view, persons)
return persons
diff --git
a/PLC/Methods/GetRoles.py
b/PLC/Methods/GetRoles.py
index
7d7c264
..
0456662
100644
(file)
--- a/
PLC/Methods/GetRoles.py
+++ b/
PLC/Methods/GetRoles.py
@@
-9,7
+9,7
@@
class GetRoles(Method):
Get an array of structs containing details about all roles.
"""
Get an array of structs containing details about all roles.
"""
- roles = ['admin', 'pi', 'user', 'tech']
+ roles = ['admin', 'pi', 'user', 'tech'
, 'node'
]
accepts = [
Auth()
accepts = [
Auth()
@@
-17,6
+17,5
@@
class GetRoles(Method):
returns = [Role.fields]
returns = [Role.fields]
-
def call(self, auth):
return Roles(self.api)
def call(self, auth):
return Roles(self.api)
diff --git
a/PLC/Methods/GetSliceAttributeTypes.py
b/PLC/Methods/GetSliceAttributeTypes.py
index
2d53368
..
bc8f1ed
100644
(file)
--- a/
PLC/Methods/GetSliceAttributeTypes.py
+++ b/
PLC/Methods/GetSliceAttributeTypes.py
@@
-14,7
+14,7
@@
class GetSliceAttributeTypes(Method):
specified, only the specified details will be returned.
"""
specified, only the specified details will be returned.
"""
- roles = ['admin', 'pi', 'user', 'tech']
+ roles = ['admin', 'pi', 'user', 'tech'
, 'node'
]
accepts = [
Auth(),
accepts = [
Auth(),
@@
-26,6
+26,5
@@
class GetSliceAttributeTypes(Method):
returns = [SliceAttributeType.fields]
returns = [SliceAttributeType.fields]
-
def call(self, auth, attribute_type_filter = None, return_fields = None):
return SliceAttributeTypes(self.api, attribute_type_filter, return_fields)
def call(self, auth, attribute_type_filter = None, return_fields = None):
return SliceAttributeTypes(self.api, attribute_type_filter, return_fields)
diff --git
a/PLC/Methods/GetSliceInstantiations.py
b/PLC/Methods/GetSliceInstantiations.py
index
1cfcee9
..
174c209
100644
(file)
--- a/
PLC/Methods/GetSliceInstantiations.py
+++ b/
PLC/Methods/GetSliceInstantiations.py
@@
-9,7
+9,7
@@
class GetSliceInstantiations(Method):
Returns an array of all valid slice instantiation states.
"""
Returns an array of all valid slice instantiation states.
"""
- roles = ['admin', 'pi', 'user', 'tech']
+ roles = ['admin', 'pi', 'user', 'tech'
, 'node'
]
accepts = [
Auth()
accepts = [
Auth()
@@
-17,6
+17,5
@@
class GetSliceInstantiations(Method):
returns = [SliceInstantiation.fields['instantiation']]
returns = [SliceInstantiation.fields['instantiation']]
-
def call(self, auth):
return [slice_instantiation['instantiation'] for slice_instantiation in SliceInstantiations(self.api)]
def call(self, auth):
return [slice_instantiation['instantiation'] for slice_instantiation in SliceInstantiations(self.api)]
diff --git
a/PLC/Methods/GetSlices.py
b/PLC/Methods/GetSlices.py
index
2b85623
..
61f61c0
100644
(file)
--- a/
PLC/Methods/GetSlices.py
+++ b/
PLC/Methods/GetSlices.py
@@
-2,6
+2,7
@@
from PLC.Method import Method
from PLC.Parameter import Parameter, Mixed
from PLC.Filter import Filter
from PLC.Auth import Auth
from PLC.Parameter import Parameter, Mixed
from PLC.Filter import Filter
from PLC.Auth import Auth
+from PLC.Persons import Person, Persons
from PLC.Slices import Slice, Slices
class GetSlices(Method):
from PLC.Slices import Slice, Slices
class GetSlices(Method):
@@
-13,12
+14,12
@@
class GetSlices(Method):
specified details will be returned.
Users may only query slices of which they are members. PIs may
specified details will be returned.
Users may only query slices of which they are members. PIs may
- query any of the slices at their sites. Admins
may query an
y
- slice. If a slice that cannot be queried is specified in
+ query any of the slices at their sites. Admins
and nodes may quer
y
+
any
slice. If a slice that cannot be queried is specified in
slice_filter, details about that slice will not be returned.
"""
slice_filter, details about that slice will not be returned.
"""
- roles = ['admin', 'pi', 'user']
+ roles = ['admin', 'pi', 'user'
, 'node'
]
accepts = [
Auth(),
accepts = [
Auth(),
@@
-34,7
+35,8
@@
class GetSlices(Method):
def call(self, auth, slice_filter = None, return_fields = None):
# If we are not admin, make sure to return only viewable
# slices.
def call(self, auth, slice_filter = None, return_fields = None):
# If we are not admin, make sure to return only viewable
# slices.
- if 'admin' not in self.caller['roles']:
+ if isinstance(self.caller, Person) and \
+ 'admin' not in self.caller['roles']:
# Get slices that we are able to view
valid_slice_ids = self.caller['slice_ids']
if 'pi' in self.caller['roles'] and self.caller['site_ids']:
# Get slices that we are able to view
valid_slice_ids = self.caller['slice_ids']
if 'pi' in self.caller['roles'] and self.caller['site_ids']:
@@
-51,7
+53,8
@@
class GetSlices(Method):
slices = Slices(self.api, slice_filter, return_fields)
# Filter out slices that are not viewable
slices = Slices(self.api, slice_filter, return_fields)
# Filter out slices that are not viewable
- if 'admin' not in self.caller['roles']:
+ if isinstance(self.caller, Person) and \
+ 'admin' not in self.caller['roles']:
slices = filter(lambda slice: slice['slice_id'] in valid_slice_ids, slices)
return slices
slices = filter(lambda slice: slice['slice_id'] in valid_slice_ids, slices)
return slices
git://git.onelab.eu / plcapi.git / commitdiff