Changeset ee950c2 for fedd/federation/dragon_access.py
- Timestamp:
- Jan 10, 2012 5:28:15 PM (12 years ago)
- Branches:
- compt_changes, info-ops, master
- Children:
- f77a256
- Parents:
- d2e86f6
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/federation/dragon_access.py
rd2e86f6 ree950c2 12 12 from subprocess import Popen, call, PIPE, STDOUT 13 13 from access import access_base 14 from legacy_access import legacy_access15 14 16 15 from util import * 17 from allocate_project import allocate_project_local, allocate_project_remote18 16 from fedid import fedid, generate_fedid 19 17 from authorizer import authorizer, abac_authorizer … … 36 34 fl.addHandler(nullHandler()) 37 35 38 class access(access_base , legacy_access):36 class access(access_base): 39 37 """ 40 38 The implementation of access control based on mapping users to projects. … … 63 61 # authorization information 64 62 self.auth_type = config.get('access', 'auth_type') \ 65 or ' legacy'63 or 'abac' 66 64 self.auth_dir = config.get('access', 'auth_dir') 67 65 accessdb = config.get("access", "accessdb") 68 66 # initialize the authorization system 69 if self.auth_type == 'legacy': 70 self.access = { } 71 if accessdb: 72 self.legacy_read_access(accessdb, self.make_repo) 73 # Add the ownership attributes to the authorizer. Note that the 74 # indices of the allocation dict are strings, but the attributes are 75 # fedids, so there is a conversion. 76 self.state_lock.acquire() 77 for k in self.state.keys(): 78 for o in self.state[k].get('owners', []): 79 self.auth.set_attribute(o, fedid(hexstr=k)) 80 self.auth.set_attribute(fedid(hexstr=k),fedid(hexstr=k)) 81 self.state_lock.release() 82 self.lookup_access = self.legacy_lookup_access_base 83 elif self.auth_type == 'abac': 67 if self.auth_type == 'abac': 84 68 self.auth = abac_authorizer(load=self.auth_dir) 85 69 self.access = [ ]
Note: See TracChangeset
for help on using the changeset viewer.