Class: OpenNebula::Acl

Inherits:
PoolElement show all
Defined in:
lib/OpenNebula/Acl.rb

Overview

Abstract rules of the type USER RESOURCE RIGHTS which are:

USER      -> #<num>
             @<num>
             ALL
RESOURCE  -> + separated list and "/{#,@}<num>|ALL"
             VM,
             HOST
             NET
             IMAGE
             USER
             TEMPLATE
             GROUP
             ACL
RIGHTS    -> + separated list
             USE
             MANAGE
             ADMIN
             CREATE

Constant Summary collapse

USERS =
{
    "UID"           => 0x100000000,
    "GID"           => 0x200000000,
    "ALL"           => 0x400000000
}
RESOURCES =
{
    "VM"            => 0x1000000000,
    "HOST"          => 0x2000000000,
    "NET"           => 0x4000000000,
    "IMAGE"         => 0x8000000000,
    "USER"          => 0x10000000000,
    "TEMPLATE"      => 0x20000000000,
    "GROUP"         => 0x40000000000,
    "DATASTORE"     => 0x100000000000,
    "CLUSTER"       => 0x200000000000
}
RIGHTS =
{
    "USE"           => 0x1,  # Auth. to use an object
    "MANAGE"        => 0x2,  # Auth. to perform management actions
    "ADMIN"         => 0x4,  # Auth. to perform administrative actions
    "CREATE"        => 0x8   # Auth. to create an object
}

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from PoolElement

#id, #name, new_with_id, #to_str

Methods inherited from XMLElement

#[], #add_element, #attr, #delete_element, #each, #each_xpath, #has_elements?, #initialize_xml, #name, #retrieve_elements, #template_like_str, #template_str, #template_xml, #text, #to_hash, #to_xml

Constructor Details

#initialize(xml, client) ⇒ Acl

Constructor

Parameters:

  • xml (String)

    must be an xml built with #build_xml

  • client (Client)

    represents an XML-RPC connection



72
73
74
# File 'lib/OpenNebula/Acl.rb', line 72

def initialize(xml, client)
    super(xml,client)
end

Class Method Details

.build_xml(pe_id = nil) ⇒ String

Creates an empty XML representation. It contains the id, if it is specified.

Parameters:

  • pe_id (Integer) (defaults to: nil)

    rule ID

  • client (Client)

    represents an XML-RPC connection

Returns:

  • (String)

    an empty XML representation



83
84
85
86
87
88
89
90
91
# File 'lib/OpenNebula/Acl.rb', line 83

def self.build_xml(pe_id=nil)
    if pe_id
        acl_xml = "<ACL><ID>#{pe_id}</ID></ACL>"
    else
        acl_xml = "<ACL></ACL>"
    end

    XMLElement.build_xml(acl_xml,'ACL')
end

.parse_rule(rule_str) ⇒ Array

Parses a rule string, e.g. “#5 HOST+VM/@12 INFO+CREATE+DELETE”

or OpenNebula::Error objects

Parameters:

  • rule_str (String)

    an ACL rule in string format

Returns:

  • (Array)

    an Array containing 3 strings (hex 64b numbers),



133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
# File 'lib/OpenNebula/Acl.rb', line 133

def self.parse_rule(rule_str)
    ret = Array.new

    rule_str = rule_str.split(" ")

    if rule_str.length != 3
        return OpenNebula::Error.new(
            "String needs three components: User, Resource, Rights")
    end

    ret << parse_users(rule_str[0])
    ret << parse_resources(rule_str[1])
    ret << parse_rights(rule_str[2])

    errors=ret.map do |arg|
        if OpenNebula.is_error?(arg)
            arg.message
        else
            nil
        end
    end

    errors.compact!

    if errors.length>0
        return OpenNebula::Error.new(errors.join(', '))
    end

    return ret
end

Instance Method Details

#allocate(user, resource, rights) ⇒ nil, OpenNebula::Error

Creates a new ACL rule.

Parameters:

  • user (String)

    A string containing a hex number, e.g. 0x100000001

  • resource (String)

    A string containing a hex number, e.g. 0x2100000001

  • rights (String)

    A string containing a hex number, e.g. 0x10

Returns:



104
105
106
107
108
109
# File 'lib/OpenNebula/Acl.rb', line 104

def allocate(user, resource, rights)
    return super( AclPool::ACL_POOL_METHODS[:addrule],
                  user,
                  resource,
                  rights )
end

#deletenil, OpenNebula::Error

Deletes the Acl rule

Returns:



115
116
117
# File 'lib/OpenNebula/Acl.rb', line 115

def delete()
    super(AclPool::ACL_POOL_METHODS[:delrule])
end

#infonil

Does nothing, individual ACL rules info can’t be retrieved from OpenNebula

Returns:

  • (nil)

    nil



123
124
125
# File 'lib/OpenNebula/Acl.rb', line 123

def info()
    return nil
end