WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-api

RE: [Xen-API] [PATCH] CA-35368: use unambiguous key-tag in permission

To: Marcus Granado <Marcus.Granado@xxxxxxxxxxxxx>, xen-api <xen-api@xxxxxxxxxxxxxxxxxxx>
Subject: RE: [Xen-API] [PATCH] CA-35368: use unambiguous key-tag in permission
From: Dave Scott <Dave.Scott@xxxxxxxxxxxxx>
Date: Wed, 2 Dec 2009 17:14:43 +0000
Accept-language: en-US
Acceptlanguage: en-US
Cc:
Delivery-date: Wed, 02 Dec 2009 09:14:43 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <27bf2365d9e208039b1f.1259760236@localhost>
List-help: <mailto:xen-api-request@lists.xensource.com?subject=help>
List-id: Discussion of API issues surrounding Xen <xen-api.lists.xensource.com>
List-post: <mailto:xen-api@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-api>, <mailto:xen-api-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-api>, <mailto:xen-api-request@lists.xensource.com?subject=unsubscribe>
References: <27bf2365d9e208039b1f.1259760236@localhost>
Sender: xen-api-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcpzUs/B53gVT6J1Tu+XxhGm0UdpgAAH/lrQ
Thread-topic: [Xen-API] [PATCH] CA-35368: use unambiguous key-tag in permission
Hi Marcus,

Do any of the RBAC automated tests depend on this patch? Is it urgent or can I 
add it to my pending queue and deal with it later?

Cheers,
Dave

> -----Original Message-----
> From: xen-api-bounces@xxxxxxxxxxxxxxxxxxx [mailto:xen-api-
> bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Marcus Granado
> Sent: 02 December 2009 13:24
> To: xen-api
> Subject: [Xen-API] [PATCH] CA-35368: use unambiguous key-tag in
> permission
> 
> 2 files changed, 5 insertions(+), 4 deletions(-)
> ocaml/idl/ocaml_backend/gen_rbac.ml |    5 +++--
> ocaml/idl/ocaml_backend/rbac.ml     |    4 ++--
> 
> 
> # HG changeset patch
> # User Marcus Granado <marcus.granado@xxxxxxxxxx> # Date 1259760103 0 #
> Node ID 27bf2365d9e208039b1f663f82a4cc46b89305a1
> # Parent  994723beb3142a90e7247ed5c4cd947bf6e77a83
> CA-35368: use unambiguous key-tag in permission
> 
> Signed-off-by: Marcus Granado <marcus.granado@xxxxxxxxxxxxx>
> 
> diff -r 994723beb314 -r 27bf2365d9e2
> ocaml/idl/ocaml_backend/gen_rbac.ml
> --- a/ocaml/idl/ocaml_backend/gen_rbac.ml     Tue Dec 01 12:16:01 2009
> +0000
> +++ b/ocaml/idl/ocaml_backend/gen_rbac.ml     Wed Dec 02 13:21:43 2009
> +0000
> @@ -80,7 +80,8 @@
>  let permission_name wire_name =
>       let s1 =replace_char (Printf.sprintf "permission_%s" wire_name)
> '.' '_' in
>       let s2 = replace_char s1 '/' '_' in
> -     Stringext.String.replace "*" "WILDCHAR" s2
> +     let s3 = Stringext.String.replace "*" "WILDCHAR" s2 in
> +     Stringext.String.replace ":" "_" s3
> 
>  let permission_index = ref 0
>  let writer_permission name nperms =
> @@ -215,7 +216,7 @@
>               concat (xperm,((r,xperm::perms)::r2),extra_rs)
> 
>  let get_key_permission_name permission key_name =
> -  permission ^ "/key_" ^ key_name
> +  permission ^ "/key:" ^ key_name
> 
>  let add_permission_to_roles roles_permissions (obj: obj) (x: message)
> =
>       let msg_allowed_roles = x.msg_allowed_roles in diff -r
> 994723beb314 -r 27bf2365d9e2 ocaml/idl/ocaml_backend/rbac.ml
> --- a/ocaml/idl/ocaml_backend/rbac.ml Tue Dec 01 12:16:01 2009
> +0000
> +++ b/ocaml/idl/ocaml_backend/rbac.ml Wed Dec 02 13:21:43 2009
> +0000
> @@ -97,11 +97,11 @@
> 
>  (* create a key permission name that can be in the session *)  let
> get_key_permission_name permission key_name =
> -     permission ^ "/key_" ^ key_name
> +     permission ^ "/key:" ^ key_name
> 
>  (* create a key-error permission name that is never in the session *)
> let get_keyERR_permission_name permission err =
> -     permission ^ "/keyERR_" ^ err
> +     permission ^ "/keyERR:" ^ err
> 
>  let permission_of_action ?args ~keys _action =
>       (* all permissions are in lowercase, see gen_rbac.writer_ *)

_______________________________________________
xen-api mailing list
xen-api@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/mailman/listinfo/xen-api

<Prev in Thread] Current Thread [Next in Thread>