class OpenNebula::Acl

Abstract rules of the type USER RESOURCE RIGHTS which are:

USER      -> #<num>
             @<num>
             ALL
RESOURCE  -> + separated list and "/{#,@,%}<num>|ALL"
             VM,
             HOST
             NET
             IMAGE
             USER
             TEMPLATE
             GROUP
             ACL
             SECGROUP
             VDC
RIGHTS    -> + separated list
             USE
             MANAGE
             ADMIN
             CREATE

Constants

RESOURCES
RIGHTS
USERS

Public Class Methods

build_xml(pe_id=nil) click to toggle source

Creates an empty XML representation. It contains the id, if it is specified.

@param pe_id [Integer] rule ID

@return [String] an empty XML representation

# File lib/opennebula/acl.rb, line 89
def self.build_xml(pe_id=nil)
    if pe_id
        acl_xml = "<ACL><ID>#{pe_id}</ID></ACL>"
    else
        acl_xml = "<ACL></ACL>"
    end

    XMLElement.build_xml(acl_xml,'ACL')
end
new(xml, client) click to toggle source

Constructor

@param xml [String] must be an xml built with {.build_xml} @param client [Client] represents an XML-RPC connection

Calls superclass method
# File lib/opennebula/acl.rb, line 79
def initialize(xml, client)
    super(xml,client)
end
parse_rule(rule_str) click to toggle source

Parses a rule string, e.g. “#5 HOST+VM/@12 INFO+CREATE+DELETE”

@param rule_str [String] an ACL rule in string format

@return [Array] an Array containing 3 strings (hex 64b numbers), or OpenNebula::Error objects

# File lib/opennebula/acl.rb, line 151
def self.parse_rule(rule_str)
    ret = Array.new

    rule_str = rule_str.split(" ")

    if rule_str.length != 3 && rule_str.length != 4
        return OpenNebula::Error.new(
            "String needs three components: User, Resource, Rights")
    end

    ret << parse_users(rule_str[0])
    ret << parse_resources(rule_str[1])
    ret << parse_rights(rule_str[2])

    if rule_str.length > 3
        ret << parse_zone(rule_str[3])
    end

    errors=ret.map do |arg|
        if OpenNebula.is_error?(arg)
            arg.message
        else
            nil
        end
    end

    errors.compact!

    if errors.length>0
        return OpenNebula::Error.new(errors.join(', '))
    end

    return ret
end

Private Class Methods

calculate_ids(id_str) click to toggle source

Calculates the numeric value for a String containing an individual (#<id>), group (@<id>) or all (*) ID component

@param id_str [String] Rule Id string

@return [Integer] the numeric value for the given id_str

# File lib/opennebula/acl.rb, line 271
def self.calculate_ids(id_str)
    raise "ID string '#{id_str}' malformed" if
        !id_str.match(/^([\#@\%]\d+|\*)$/)

    value = 0

    case id_str[0..0]
        when "#"
            value = USERS["UID"]
            users_value = id_str[1..-1].to_i + value

        when "@"
            value = USERS["GID"]
            users_value = id_str[1..-1].to_i + value

        when "*"
            users_value = USERS["ALL"]

        when "%"
            value = USERS["CLUSTER"]
            users_value = id_str[1..-1].to_i + value
    end

    return users_value
end
parse_resources(resources) click to toggle source

Converts a resources string to a hex. number

@param resources [String] Resources component string

@return [String] A string containing a hex number

# File lib/opennebula/acl.rb, line 206
def self.parse_resources(resources)
    begin
        ret = 0
        resources = resources.split("/")

        if resources.size != 2
            raise "Resource '#{resources}' malformed"
        end

        resources[0].split("+").each{ |resource|
            if !RESOURCES[resource.upcase]
                raise "Resource '#{resource}' does not exist"
            end
            ret += RESOURCES[resource.upcase]
        }

        ret += calculate_ids(resources[1])

        return ret.to_i.to_s(16)
    rescue Exception  => e
        return OpenNebula::Error.new(e.message)
    end
end
parse_rights(rights) click to toggle source

Converts a rights string to a hex. number

@param rights [String] Rights component string

@return [String] A string containing a hex number

# File lib/opennebula/acl.rb, line 235
def self.parse_rights(rights)
    begin
        ret = 0
        rights = rights.split("+")

        rights.each{ |right|
            raise "Right '#{right}' does not exist" if !RIGHTS[right.upcase]

            ret += RIGHTS[right.upcase]
        }

        return ret.to_i.to_s(16)
    rescue Exception  => e
        return OpenNebula::Error.new(e.message)
    end
end
parse_users(users) click to toggle source

Converts a string in the form [#<id>, @<id>, *] to a hex. number

@param users [String] Users component string

@return [String] A string containing a hex number

# File lib/opennebula/acl.rb, line 193
def self.parse_users(users)
   begin
       return calculate_ids(users).to_i.to_s(16)
   rescue Exception  => e
       return OpenNebula::Error.new(e.message)
   end
end
parse_zone(zone) click to toggle source

Converts a string in the form [#<id>, *] to a hex. number

@param zone [String] Zone component string

@return [String] A string containing a hex number

# File lib/opennebula/acl.rb, line 257
def self.parse_zone(zone)
   begin
       return calculate_ids(zone).to_i.to_s(16)
   rescue Exception  => e
       return OpenNebula::Error.new(e.message)
   end
end

Public Instance Methods

allocate(user, resource, rights, zone=nil) click to toggle source

Creates a new ACL rule.

@param user [String]

A string containing a hex number, e.g. 0x100000001

@param resource [String]

A string containing a hex number, e.g. 0x2100000001

@param rights [String]

A string containing a hex number, e.g. 0x10

@param zone [String]

A string containing a hex number, e.g. 0x100000001

@return [nil, OpenNebula::Error] nil in case of success, Error

otherwise
Calls superclass method
# File lib/opennebula/acl.rb, line 112
def allocate(user, resource, rights, zone=nil)
    if !zone.nil?
        return super( AclPool::ACL_POOL_METHODS[:addrule],
                    user,
                    resource,
                    rights,
                    zone )
    else
        return super( AclPool::ACL_POOL_METHODS[:addrule],
                    user,
                    resource,
                    rights)
    end
end
delete() click to toggle source

Deletes the Acl rule

@return [nil, OpenNebula::Error] nil in case of success, Error

otherwise
Calls superclass method
# File lib/opennebula/acl.rb, line 131
def delete()
    super(AclPool::ACL_POOL_METHODS[:delrule])
end
info() click to toggle source

Does nothing, individual ACL rules info can't be retrieved from OpenNebula

@return [nil] nil

# File lib/opennebula/acl.rb, line 139
def info()
    return nil
end
Also aliased as: info!
info!()
Alias for: info