Changeset ee950c2 for fedd/federation/protogeni_access.py
- Timestamp:
- Jan 10, 2012 5:28:15 PM (12 years ago)
- Branches:
- compt_changes, info-ops, master
- Children:
- f77a256
- Parents:
- d2e86f6
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/federation/protogeni_access.py
rd2e86f6 ree950c2 27 27 28 28 from access import access_base 29 from legacy_access import legacy_access30 29 from protogeni_proxy import protogeni_proxy 31 30 from geniapi_proxy import geniapi_proxy … … 42 41 fl.addHandler(nullHandler()) 43 42 44 class access(access_base , legacy_access):43 class access(access_base): 45 44 """ 46 45 The implementation of access control based on mapping users to projects. … … 115 114 # authorization information 116 115 self.auth_type = config.get('access', 'auth_type') \ 117 or ' legacy'116 or 'abac' 118 117 self.auth_dir = config.get('access', 'auth_dir') 119 118 accessdb = config.get("access", "accessdb") 120 119 # initialize the authorization system 121 if self.auth_type == 'legacy': 122 self.access = { } 123 if accessdb: 124 self.legacy_read_access(accessdb, self.make_access_info) 125 # Add the ownership attributes to the authorizer. Note that the 126 # indices of the allocation dict are strings, but the attributes are 127 # fedids, so there is a conversion. 128 self.state_lock.acquire() 129 for k in self.state.get('allocation', {}).keys(): 130 for o in self.state['allocation'][k].get('owners', []): 131 self.auth.set_attribute(o, fedid(hexstr=k)) 132 self.auth.set_attribute(fedid(hexstr=k),fedid(hexstr=k)) 133 134 self.state_lock.release() 135 self.lookup_access = self.legacy_lookup_access_base 136 elif self.auth_type == 'abac': 120 if self.auth_type == 'abac': 137 121 self.auth = abac_authorizer(load=self.auth_dir) 138 122 self.access = [ ]
Note: See TracChangeset
for help on using the changeset viewer.