Changeset 9e75ff8 for fedd/federation
- Timestamp:
- Jan 7, 2011 5:20:41 PM (14 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master
- Children:
- f158ccf
- Parents:
- 454f398 (diff), 490ee21 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the(diff)
links above to see all the changes relative to each parent. - File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/federation/ns2topdl.py
r490ee21 r9e75ff8 11 11 from remote_service import xmlrpc_handler, soap_handler 12 12 from service_error import * 13 from authorizer import authorizer 13 from authorizer import authorizer, abac_authorizer 14 14 15 15 … … 31 31 self.tcl_splitter = config.get("ns2topdl", "tcl_splitter", 32 32 "/usr/testbed/lib/ns2ir/parse.tcl") 33 self.auth_type = config.get('ns2topdl', 'auth_type') or 'legacy' 33 34 access_db = config.get("ns2topdl", "accessdb", None) 34 allow_any = config.getboolean("ns2topdl", "allow_any", False) 35 self.allow_any = config.getboolean("ns2topdl", "allow_any", False) 36 auth_dir = config.get('ns2topdl', 'auth_dir') 35 37 36 38 self.log = logging.getLogger("fedd.ns2topdl") … … 47 49 "using local one") 48 50 49 if access_db and allow_any: 51 52 if self.auth_type == 'legacy': 53 if access_db and self.allow_any: 54 raise service_error(service_error.internal, 55 "Cannot specify both an access database and " + 56 "allow_any for ns2topdl") 57 58 if access_db: 59 try: 60 read_simple_accessdb(access_db, self.auth, 'ns2topdl') 61 except EnvironmentError, e: 62 raise service_error(service_error.internal, 63 "Error reading accessDB %s: %s" % (access_db, e)) 64 except ValueError: 65 raise service_error(service_error.internal, "%s" % e) 66 elif self.allow_any: 67 auth.set_global_attribute("ns2topdl") 68 elif self.auth_type == 'abac': 69 self.auth = abac_authorizer(load=auth_dir) 70 else: 50 71 raise service_error(service_error.internal, 51 "Cannot specify both an access database and allow_any " +\ 52 "for ns2topdl") 53 54 if access_db: 55 try: 56 read_simple_accessdb(access_db, self.auth, 'ns2topdl') 57 except EnvironmentError, e: 58 raise service_error(service_error.internal, 59 "Error reading accessDB %s: %s" % (access_db, e)) 60 except ValueError: 61 raise service_error(service_error.internal, "%s" % e) 62 elif allow_any: 63 auth.set_global_attribute("ns2topdl") 72 "Unknown auth_type: %s" % self.auth_type) 64 73 65 74 … … 81 90 """ 82 91 83 if not self.auth.check_attribute(fid, 'ns2topdl'): 84 raise service_error(service_error.access, "Access Denied") 92 if self.allow_any: 93 self.auth.set_attribute(fid, 'ns2topdl') 94 95 access_ok, proof = self.auth.check_attribute(fid, 'ns2topdl', 96 with_proof=True) 97 98 if not access_ok: 99 raise service_error(service_error.access, "Access Denied", 100 proof=proof) 85 101 86 102 try: … … 137 153 'experimentdescription': { 138 154 'topdldescription': top.to_dict(), 139 } 155 }, 156 'proof': proof.to_dict(), 140 157 } 141 158
Note: See TracChangeset
for help on using the changeset viewer.