class OpenNebula::Acl
Abstract rules of the type USER RESOURCE RIGHTS which are:
USER -> #<num> @<num> ALL RESOURCE -> + separated list and "/{#,@,%}<num>|ALL" VM, HOST NET IMAGE USER TEMPLATE GROUP ACL SECGROUP VDC RIGHTS -> + separated list USE MANAGE ADMIN CREATE
Constants
- RESOURCES
- RIGHTS
- USERS
Public Class Methods
Creates an empty XML representation. It contains the id, if it is specified.
@param pe_id [Integer] rule ID
@return [String] an empty XML representation
# File lib/opennebula/acl.rb, line 89 def self.build_xml(pe_id=nil) if pe_id acl_xml = "<ACL><ID>#{pe_id}</ID></ACL>" else acl_xml = "<ACL></ACL>" end XMLElement.build_xml(acl_xml,'ACL') end
Constructor
@param xml [String] must be an xml built with {.build_xml} @param client [Client] represents an XML-RPC connection
# File lib/opennebula/acl.rb, line 79 def initialize(xml, client) super(xml,client) end
Parses a rule string, e.g. “#5 HOST+VM/@12 INFO+CREATE+DELETE”
@param rule_str [String] an ACL rule in string format
@return [Array] an Array containing 3 strings (hex 64b numbers), or OpenNebula::Error objects
# File lib/opennebula/acl.rb, line 151 def self.parse_rule(rule_str) ret = Array.new rule_str = rule_str.split(" ") if rule_str.length != 3 && rule_str.length != 4 return OpenNebula::Error.new( "String needs three components: User, Resource, Rights") end ret << parse_users(rule_str[0]) ret << parse_resources(rule_str[1]) ret << parse_rights(rule_str[2]) if rule_str.length > 3 ret << parse_zone(rule_str[3]) end errors=ret.map do |arg| if OpenNebula.is_error?(arg) arg.message else nil end end errors.compact! if errors.length>0 return OpenNebula::Error.new(errors.join(', ')) end return ret end
Private Class Methods
Calculates the numeric value for a String containing an individual (#<id>), group (@<id>) or all (*) ID component
@param id_str [String] Rule Id string
@return [Integer] the numeric value for the given id_str
# File lib/opennebula/acl.rb, line 271 def self.calculate_ids(id_str) raise "ID string '#{id_str}' malformed" if !id_str.match(/^([\#@\%]\d+|\*)$/) value = 0 case id_str[0..0] when "#" value = USERS["UID"] users_value = id_str[1..-1].to_i + value when "@" value = USERS["GID"] users_value = id_str[1..-1].to_i + value when "*" users_value = USERS["ALL"] when "%" value = USERS["CLUSTER"] users_value = id_str[1..-1].to_i + value end return users_value end
Converts a resources string to a hex. number
@param resources [String] Resources component string
@return [String] A string containing a hex number
# File lib/opennebula/acl.rb, line 206 def self.parse_resources(resources) begin ret = 0 resources = resources.split("/") if resources.size != 2 raise "Resource '#{resources}' malformed" end resources[0].split("+").each{ |resource| if !RESOURCES[resource.upcase] raise "Resource '#{resource}' does not exist" end ret += RESOURCES[resource.upcase] } ret += calculate_ids(resources[1]) return ret.to_i.to_s(16) rescue Exception => e return OpenNebula::Error.new(e.message) end end
Converts a rights string to a hex. number
@param rights [String] Rights component string
@return [String] A string containing a hex number
# File lib/opennebula/acl.rb, line 235 def self.parse_rights(rights) begin ret = 0 rights = rights.split("+") rights.each{ |right| raise "Right '#{right}' does not exist" if !RIGHTS[right.upcase] ret += RIGHTS[right.upcase] } return ret.to_i.to_s(16) rescue Exception => e return OpenNebula::Error.new(e.message) end end
Converts a string in the form [#<id>, @<id>, *] to a hex. number
@param users [String] Users component string
@return [String] A string containing a hex number
# File lib/opennebula/acl.rb, line 193 def self.parse_users(users) begin return calculate_ids(users).to_i.to_s(16) rescue Exception => e return OpenNebula::Error.new(e.message) end end
Converts a string in the form [#<id>, *] to a hex. number
@param zone [String] Zone component string
@return [String] A string containing a hex number
# File lib/opennebula/acl.rb, line 257 def self.parse_zone(zone) begin return calculate_ids(zone).to_i.to_s(16) rescue Exception => e return OpenNebula::Error.new(e.message) end end
Public Instance Methods
Creates a new ACL rule.
@param user [String]
A string containing a hex number, e.g. 0x100000001
@param resource [String]
A string containing a hex number, e.g. 0x2100000001
@param rights [String]
A string containing a hex number, e.g. 0x10
@param zone [String]
A string containing a hex number, e.g. 0x100000001
@return [nil, OpenNebula::Error] nil in case of success, Error
otherwise
# File lib/opennebula/acl.rb, line 112 def allocate(user, resource, rights, zone=nil) if !zone.nil? return super( AclPool::ACL_POOL_METHODS[:addrule], user, resource, rights, zone ) else return super( AclPool::ACL_POOL_METHODS[:addrule], user, resource, rights) end end
Does nothing, individual ACL rules info can't be retrieved from OpenNebula
@return [nil] nil
# File lib/opennebula/acl.rb, line 139 def info() return nil end