Changeset 40eab39 for fedd


Ignore:
Timestamp:
Nov 26, 2008 3:10:47 PM (16 years ago)
Author:
Ted Faber <faber@…>
Branches:
axis_example, compt_changes, info-ops, master, version-1.30, version-2.00, version-3.01, version-3.02
Children:
93a06fb
Parents:
c7e40f5
Message:

Better debugging logging for acess decisions. Rename some attributes to a more general naming convention.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • fedd/fedd_access.py

    rc7e40f5 r40eab39  
    3838    class parse_error(RuntimeError): pass
    3939
    40     bool_attrs = ("dynamic_projects", "project_priority", "allow_proxy")
     40    bool_attrs = ("project_priority", "allow_proxy")
    4141    emulab_attrs = ("boss", "ops", "domain", "fileserver", "eventserver")
    4242    id_attrs = ("testbed", "proxy",
    4343            "proxy_cert_file", "proxy_cert_pwd", "proxy_trusted_certs",
    44             "dynamic_projects_url", "dynamic_projects_cert_file",
    45             "dynamic_projects_cert_pwd", "dynamic_projects_trusted_certs")
     44            "project_allocation_uri", "project_allocation_cert_file",
     45            "project_allocation_cert_pwd", "project_allocation_trusted_certs")
    4646    id_list_attrs = ("restricted",)
    4747
     
    117117
    118118        if config.has_option("globals", "proxy_cert_file"):
    119             if not self.dynamic_projects_cert_file:
    120                 self.dynamic_projects_cert_file = \
     119            if not self.project_allocation_cert_file:
     120                self.project_allocation_cert_file = \
    121121                        config.get("globals", "proxy_cert_file")
    122122                if config.has_option("globals", "proxy_cert_pwd"):
    123                     self.dynamic_projects_cert_pwd = \
     123                    self.project_allocation_cert_pwd = \
    124124                            config.get("globals", "proxy_cert_pwd")
    125125
    126126        if config.has_option("globals", "proxy_trusted_certs"):
    127             if not self.dynamic_projects_trusted_certs:
    128                 self.dynamic_projects_trusted_certs =\
     127            if not self.project_allocation_trusted_certs:
     128                self.project_allocation_trusted_certs =\
    129129                        config.get("globals", proxy_trusted_certs)
    130130
    131131        if config.has_option("globals", "cert_file"):
    132132            has_pwd = config.has_option("globals", "cert_pwd")
    133             if not self.dynamic_projects_cert_file:
    134                 self.dynamic_projects_cert_file = \
     133            if not self.project_allocation_cert_file:
     134                self.project_allocation_cert_file = \
    135135                        config.get("globals", "cert_file")
    136136                if has_pwd:
    137                     self.dynamic_projects_cert_pwd = \
     137                    self.project_allocation_cert_pwd = \
    138138                            config.get("globals", "cert_pwd")
    139139            if not self.proxy_cert_file:
     
    146146                self.proxy_trusted_certs = \
    147147                        config.get("globals", "trusted_certs")
    148             if not self.dynamic_projects_trusted_certs:
    149                 self.dynamic_projects_trusted_certs = \
     148            if not self.project_allocation_trusted_certs:
     149                self.project_allocation_trusted_certs = \
    150150                        config.get("globals", "trusted_certs")
    151151
    152         proj_certs = (self.dynamic_projects_cert_file,
    153                 self.dynamic_projects_trusted_certs,
    154                 self.dynamic_projects_cert_pwd)
     152        proj_certs = (self.project_allocation_cert_file,
     153                self.project_allocation_trusted_certs,
     154                self.project_allocation_cert_pwd)
    155155
    156156        self.soap_services = {\
     
    172172
    173173
    174         if not config.has_option("access", "dynamic_projects_url"):
     174        if not config.has_option("access", "project_allocation_uri"):
    175175            self.allocate_project = \
    176176                fedd_allocate_project_local(config, auth)
     
    451451        # Confirm authorization
    452452        for u in user:
     453            self.log.debug("[lookup_access] Checking access for %s" % \
     454                    ((tb, project, u),))
    453455            if self.auth.check_attribute((tb, project, u), 'access'):
     456                self.log.debug("[lookup_access] Access granted")
    454457                break
     458            else:
     459                self.log.debug("[lookup_access] Access Denied")
    455460        else:
    456461            raise service_error(service_error.access, "Access denied")
     
    582587                            "Access denied (nodetypes %s)" % \
    583588                            str(', ').join(inaccessible))
    584             # These collect the keys for teh two roles into single sets, one
     589            # These collect the keys for the two roles into single sets, one
    585590            # for creation and one for service.  The sets are a simple way to
    586591            # eliminate duplicates
     
    618623                            [ {'node': { 'hardware' :  [ h ] } } \
    619624                                    for h in restricted ]
    620                                
    621625                    ap = self.allocate_project.dynamic_project(preq)
    622626                else:
Note: See TracChangeset for help on using the changeset viewer.