WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-api

[Xen-API] [PATCH] CA-35368: add support to per-key RBAC

To: xen-api <xen-api@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-API] [PATCH] CA-35368: add support to per-key RBAC
From: Marcus Granado <marcus.granado@xxxxxxxxxx>
Date: Thu, 26 Nov 2009 17:17:41 +0000
Delivery-date: Thu, 26 Nov 2009 09:18:15 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-api-request@lists.xensource.com?subject=help>
List-id: Discussion of API issues surrounding Xen <xen-api.lists.xensource.com>
List-post: <mailto:xen-api@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-api>, <mailto:xen-api-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-api>, <mailto:xen-api-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-api-bounces@xxxxxxxxxxxxxxxxxxx
7 files changed, 126 insertions(+), 24 deletions(-)
ocaml/idl/datamodel.ml                |   23 +++++----
ocaml/idl/datamodel_types.ml          |    4 +
ocaml/idl/datamodel_utils.ml          |    6 ++
ocaml/idl/ocaml_backend/gen_rbac.ml   |   21 +++++++-
ocaml/idl/ocaml_backend/gen_server.ml |    3 -
ocaml/idl/ocaml_backend/rbac.ml       |   79 +++++++++++++++++++++++++++++++--
ocaml/idl/ocaml_backend/rbac_audit.ml |   14 ++---


# HG changeset patch
# User Marcus Granado <marcus.granado@xxxxxxxxxx>
# Date 1259255339 0
# Node ID c9fd958b25ee2e4334558024f64bf0659410e756
# Parent  c2e75d891d3dd4542066384cf07331bf727500ca
CA-35368: add support to per-key RBAC

Signed-off-by: Marcus Granado <marcus.granado@xxxxxxxxxxxxx>

diff -r c2e75d891d3d -r c9fd958b25ee ocaml/idl/datamodel.ml
--- a/ocaml/idl/datamodel.ml    Fri Nov 13 14:01:05 2009 +0000
+++ b/ocaml/idl/datamodel.ml    Thu Nov 26 17:08:59 2009 +0000
@@ -187,6 +187,7 @@
     ?(no_current_operations=false) ?(secret=false) ?(hide_from_docs=false)
     ?(pool_internal=false)
     ~allowed_roles
+    ?(map_keys_roles=[])
     ?(params=[]) ?versioned_params () = 
   (* if you specify versioned_params then these get put in the params field of 
the message record;
      otherwise params go in with no default values and 
param_release=call_release...
@@ -213,7 +214,8 @@
     msg_no_current_operations = no_current_operations;
     msg_hide_from_docs = hide_from_docs;
     msg_pool_internal = pool_internal;
-    msg_allowed_roles = allowed_roles
+    msg_allowed_roles = allowed_roles;
+    msg_map_keys_roles = map_keys_roles
   }
 
 let assert_operation_valid enum cls self = call 
@@ -2537,7 +2539,9 @@
 (** Make an object field record *)
 let field ?(in_oss_since = Some "3.0.3") ?(in_product_since = rel_rio) 
?(internal_only = false)
     ?internal_deprecated_since ?(ignore_foreign_key = false) 
?(writer_roles=None) ?(reader_roles=None)
-    ?(qualifier = RW) ?(ty = String) ?(effect = false) ?(default_value = None) 
?(persist = true) name desc =
+    ?(qualifier = RW) ?(ty = String) ?(effect = false) ?(default_value = None) 
?(persist = true)
+    ?(map_keys_roles=[]) (* list of (key_name,(writer_roles)) for a map field 
*)
+    name desc =
   
 
   Field { release={internal=get_product_releases in_product_since; 
@@ -2552,6 +2556,7 @@
          field_ignore_foreign_key = ignore_foreign_key;
          field_setter_roles = writer_roles;
          field_getter_roles = reader_roles;
+         field_map_keys_roles = map_keys_roles;
          }
 
 let uid ?(in_oss_since=Some "3.0.3") ?(reader_roles=None) refname =
@@ -2859,7 +2864,7 @@
       field ~qualifier:DynamicRO ~ty:String "type" "if the task has completed 
successfully, this field contains the type of the encoded result (i.e. name of 
the class whose reference is in the result field). Undefined otherwise.";
       field ~qualifier:DynamicRO ~ty:String "result" "if the task has 
completed successfully, this field contains the result value (either Void or an 
object reference). Undefined otherwise.";
       field ~qualifier:DynamicRO ~ty:(Set String) "error_info" "if the task 
has failed, this field contains the set of associated error strings. Undefined 
otherwise.";
-      field ~writer_roles:_R_VM_OP ~in_product_since:rel_miami 
~default_value:(Some (VMap [])) ~ty:(Map(String, String)) "other_config" 
"additional configuration";
+      field ~in_product_since:rel_miami ~default_value:(Some (VMap [])) 
~ty:(Map(String, String)) "other_config" "additional configuration" 
~map_keys_roles:[("applies_to",(_R_VM_OP));("XenCenterUUID",(_R_VM_OP))];
       (* field ~ty:(Set(Ref _alert)) ~in_product_since:rel_miami 
~qualifier:DynamicRO "alerts" "all alerts related to this task"; *)
       field ~qualifier:DynamicRO ~in_product_since:rel_orlando 
~default_value:(Some (VRef "")) ~ty:(Ref _task) "subtask_of" "Ref pointing to 
the task this is a substask of.";
       field ~qualifier:DynamicRO ~in_product_since:rel_orlando ~ty:(Set (Ref 
_task)) "subtasks"   "List pointing to all the substasks."; 
@@ -3481,7 +3486,7 @@
        namespace ~name:"API_version" ~contents:api_version ();
        field ~qualifier:DynamicRO ~ty:Bool "enabled" "True if the host is 
currently enabled";
        field ~qualifier:StaticRO ~ty:(Map(String, String)) "software_version" 
"version strings";
-       field ~ty:(Map(String, String)) "other_config" "additional 
configuration";
+       field ~ty:(Map(String, String)) "other_config" "additional 
configuration" 
~map_keys_roles:[("folder",(_R_VM_OP));("XenCenter.CustomFields.*",(_R_VM_OP))];
        field ~qualifier:StaticRO ~ty:(Set(String)) "capabilities" "Xen 
capabilities";
        field ~qualifier:DynamicRO ~ty:(Map(String, String)) 
"cpu_configuration" "The CPU configuration on this host.  May contain keys such 
as \"nr_nodes\", \"sockets_per_node\", \"cores_per_socket\", or 
\"threads_per_core\"";
        field ~qualifier:DynamicRO ~ty:String "sched_policy" "Scheduler policy 
currently in force on this host";
@@ -3618,7 +3623,7 @@
     ] @ (allowed_and_current_operations ~writer_roles:_R_POOL_OP 
network_operations) @ [
       field ~qualifier:DynamicRO ~ty:(Set (Ref _vif)) "VIFs" "list of 
connected vifs";
       field ~qualifier:DynamicRO ~ty:(Set (Ref _pif)) "PIFs" "list of 
connected pifs";
-      field ~writer_roles:_R_POOL_OP ~ty:(Map(String, String)) "other_config" 
"additional configuration" ;
+      field ~writer_roles:_R_POOL_OP ~ty:(Map(String, String)) "other_config" 
"additional configuration" 
~map_keys_roles:[("folder",(_R_VM_OP));("XenCenter.CustomFields.*",(_R_VM_OP));("XenCenterCreateInProgress",(_R_VM_OP))];
       field ~in_oss_since:None ~qualifier:DynamicRO "bridge" "name of the 
bridge corresponding to this network on the local host";
       field ~qualifier:DynamicRO ~in_product_since:rel_orlando 
~ty:(Map(String, Ref _blob)) ~default_value:(Some (VMap [])) "blobs" "Binary 
blobs associated with this network";
       field ~writer_roles:_R_POOL_OP ~in_product_since:rel_orlando 
~default_value:(Some (VSet [])) ~ty:(Set String) "tags" "user-specified tags 
for categorization purposes"
@@ -4112,7 +4117,7 @@
        field ~qualifier:StaticRO "type" "type of the storage repository";
        field ~qualifier:StaticRO "content_type" "the type of the SR's content, 
if required (e.g. ISOs)";
        field ~qualifier:DynamicRO "shared" ~ty:Bool "true if this SR is 
(capable of being) shared between multiple hosts";
-       field ~ty:(Map(String, String)) "other_config" "additional 
configuration";
+       field ~ty:(Map(String, String)) "other_config" "additional 
configuration" 
~map_keys_roles:[("folder",(_R_VM_OP));("XenCenter.CustomFields.*",(_R_VM_OP))];
        field  ~in_product_since:rel_orlando ~default_value:(Some (VSet [])) 
~ty:(Set String) "tags" "user-specified tags for categorization purposes";
        field ~ty:Bool ~qualifier:DynamicRO ~in_oss_since:None 
~internal_only:true "default_vdi_visibility" "";
        field ~in_oss_since:None ~ty:(Map(String, String)) 
~in_product_since:rel_miami ~qualifier:RW "sm_config" "SM dependent data" 
~default_value:(Some (VMap []));
@@ -4385,7 +4390,7 @@
        field ~qualifier:StaticRO ~ty:vdi_type "type" "type of the VDI";
        field ~qualifier:StaticRO ~ty:Bool "sharable" "true if this disk may be 
shared";
        field ~qualifier:StaticRO ~ty:Bool "read_only" "true if this disk may 
ONLY be mounted read-only";
-       field  ~ty:(Map(String, String)) "other_config" "additional 
configuration" ;
+       field ~ty:(Map(String, String)) "other_config" "additional 
configuration" 
~map_keys_roles:[("folder",(_R_VM_OP));("XenCenter.CustomFields.*",(_R_VM_OP))];
        field ~qualifier:DynamicRO ~ty:Bool "storage_lock" "true if this disk 
is locked at the storage level";
        (* XXX: location field was in the database in rio, now API in miami *)
        field ~in_oss_since:None ~in_product_since:rel_miami ~ty:String 
~qualifier:DynamicRO ~default_value:(Some (VString "")) "location" "location 
information";
@@ -5026,7 +5031,7 @@
                        ; field ~in_oss_since:None ~qualifier:RW ~ty:(Ref _sr) 
"default_SR" "Default SR for VDIs"
                        ; field ~in_oss_since:None ~qualifier:RW ~ty:(Ref _sr) 
"suspend_image_SR" "The SR in which VDIs for suspend images are created"
                        ; field ~in_oss_since:None ~qualifier:RW ~ty:(Ref _sr) 
"crash_dump_SR" "The SR in which VDIs for crash dumps are created"
-                       ; field ~writer_roles:_R_VM_OP ~in_oss_since:None 
~ty:(Map(String, String)) "other_config" "additional configuration"
+                       ; field ~in_oss_since:None ~ty:(Map(String, String)) 
"other_config" "additional configuration" 
~map_keys_roles:[("folder",(_R_VM_OP));("XenCenter.CustomFields.*",(_R_VM_OP));("EMPTY_FOLDERS",(_R_VM_OP))]
                        ; field ~in_oss_since:None 
~in_product_since:rel_orlando ~qualifier:DynamicRO ~ty:Bool 
~default_value:(Some (VBool false)) "ha_enabled" "true if HA is enabled on the 
pool, false otherwise"
                        ; field ~in_oss_since:None 
~in_product_since:rel_orlando ~qualifier:DynamicRO ~ty:(Map(String, String)) 
~default_value:(Some (VMap [])) "ha_configuration" "The current HA 
configuration"
                        ; field ~in_oss_since:None 
~in_product_since:rel_orlando ~qualifier:DynamicRO ~ty:(Set String) 
~default_value:(Some (VSet [])) "ha_statefiles" "HA statefile VDIs in use"
@@ -5437,7 +5442,7 @@
        field ~ty:(Map(String, String)) "platform" "platform-specific 
configuration";
 
        field "PCI_bus" "PCI bus path for pass-through devices";
-       field  ~ty:(Map(String, String)) "other_config" "additional 
configuration";
+       field  ~ty:(Map(String, String)) "other_config" "additional 
configuration" 
~map_keys_roles:[("folder",(_R_VM_OP));("XenCenter.CustomFields.*",(_R_VM_OP))];
        field ~qualifier:DynamicRO ~ty:Int "domid" "domain ID (if available, -1 
otherwise)";
        field ~qualifier:DynamicRO ~in_oss_since:None ~ty:String "domarch" 
"Domain architecture (if available, null string otherwise)";
        field ~in_oss_since:None ~qualifier:DynamicRO ~ty:(Map(String, String)) 
"last_boot_CPU_flags" "describes the CPU flags on which the VM was last booted";
diff -r c2e75d891d3d -r c9fd958b25ee ocaml/idl/datamodel_types.ml
--- a/ocaml/idl/datamodel_types.ml      Fri Nov 13 14:01:05 2009 +0000
+++ b/ocaml/idl/datamodel_types.ml      Thu Nov 26 17:08:59 2009 +0000
@@ -133,6 +133,7 @@
     msg_custom_marshaller: bool;
     msg_hide_from_docs: bool;
     msg_allowed_roles: string list option;
+    msg_map_keys_roles: (string * (string list option)) list
 }
 
 and field = {
@@ -148,7 +149,8 @@
     field_has_effect: bool;
     field_ignore_foreign_key: bool;
     field_setter_roles: string list option;
-    field_getter_roles: string list option
+    field_getter_roles: string list option;
+    field_map_keys_roles: (string * (string list option)) list
 }
 
 and error = { 
diff -r c2e75d891d3d -r c9fd958b25ee ocaml/idl/datamodel_utils.ml
--- a/ocaml/idl/datamodel_utils.ml      Fri Nov 13 14:01:05 2009 +0000
+++ b/ocaml/idl/datamodel_utils.ml      Thu Nov 26 17:08:59 2009 +0000
@@ -219,7 +219,8 @@
                 msg_hide_from_docs = false;
                 msg_pool_internal = false;
                 msg_db_only = fld.internal_only;
-                msg_allowed_roles = None
+                msg_allowed_roles = None;
+                msg_map_keys_roles = []
               } in
   let getter = { common with
                   msg_name = prefix "get_";
@@ -283,6 +284,7 @@
                          "Add the given key-value pair to the %s field of the 
given %s."
                          (String.concat "/" fld.full_name) x.name);
            msg_allowed_roles = fld.field_setter_roles;
+           msg_map_keys_roles = List.map (fun (k,(w))->(k,w)) 
fld.field_map_keys_roles;
            msg_tag = FromField(Add, fld) };
        { common with
            msg_name = prefix "remove_from_";
@@ -293,6 +295,7 @@
                          "Remove the given key and its corresponding value 
from the %s field of the given %s.  If the key is not in that Map, then do 
nothing."
                          (String.concat "/" fld.full_name) x.name);
            msg_allowed_roles = fld.field_setter_roles;
+           msg_map_keys_roles = List.map (fun (k,(w))->(k,w)) 
fld.field_map_keys_roles;
            msg_tag = FromField(Remove, fld) };
       ]
   | t, _ -> [
@@ -320,6 +323,7 @@
                 msg_session=false; msg_release=x.obj_release; 
msg_has_effect=false; msg_tag=Custom;
                 msg_force_custom = x.force_custom_actions;
                 msg_allowed_roles = None;
+                msg_map_keys_roles = [];
                 msg_obj_name=x.name } in
   (* Constructor *)
   let ctor = { common with 
diff -r c2e75d891d3d -r c9fd958b25ee ocaml/idl/ocaml_backend/gen_rbac.ml
--- a/ocaml/idl/ocaml_backend/gen_rbac.ml       Fri Nov 13 14:01:05 2009 +0000
+++ b/ocaml/idl/ocaml_backend/gen_rbac.ml       Thu Nov 26 17:08:59 2009 +0000
@@ -79,7 +79,8 @@
 let permission_description = "A basic permission"
 let permission_name wire_name =
        let s1 =replace_char (Printf.sprintf "permission_%s" wire_name) '.' '_' 
in
-       replace_char s1 '/' '_'
+       let s2 = replace_char s1 '/' '_' in
+       Stringext.String.replace "*" "WILDCHAR" s2
 
 let permission_index = ref 0
 let writer_permission name nperms =
@@ -213,8 +214,12 @@
                let r,perms = match r1 with []->(xr,[])|r1::_->r1 in 
                concat (xperm,((r,xperm::perms)::r2),extra_rs)
 
+let get_key_permission_name permission key_name =
+  permission ^ "/key_" ^ key_name
+
 let add_permission_to_roles roles_permissions (obj: obj) (x: message) =
        let msg_allowed_roles = x.msg_allowed_roles in
+       let msg_map_keys_roles = x.msg_map_keys_roles in
        let wire_name = DU.wire_name ~sync:true obj x in
        match msg_allowed_roles with
                | None -> (
@@ -222,7 +227,19 @@
                                (* a message should have at least one role *)
                                failwith (Printf.sprintf "No roles for message 
%s" wire_name);
                        )
-               | Some(allowed_roles) -> concat 
(wire_name,roles_permissions,allowed_roles)
+               | Some(allowed_roles) -> 
+                               let with_msg_roles_permissions =
+                                       (concat 
(wire_name,roles_permissions,allowed_roles))
+                               in
+                               List.fold_left
+                                       (fun rsps (k,rs)->
+                                               let wire_name_key = 
get_key_permission_name wire_name k in
+                                               match rs with
+                                               |None->failwith (Printf.sprintf 
"No roles for key %s" wire_name_key)
+                                               |Some(allowed_roles)->(concat 
(wire_name_key, rsps, allowed_roles))
+                                       )
+                                       with_msg_roles_permissions
+                                       msg_map_keys_roles
 
 let get_http_permissions_roles =
        List.fold_left
diff -r c2e75d891d3d -r c9fd958b25ee ocaml/idl/ocaml_backend/gen_server.ml
--- a/ocaml/idl/ocaml_backend/gen_server.ml     Fri Nov 13 14:01:05 2009 +0000
+++ b/ocaml/idl/ocaml_backend/gen_server.ml     Thu Nov 26 17:08:59 2009 +0000
@@ -158,7 +158,8 @@
   let rbac_check_begin = if has_session_arg
     then [
                        "let arg_names = "^(List.fold_right (fun arg args -> 
"\""^arg^"\"::"^args) string_args (if is_non_constructor_with_defaults then 
"\"default_args\"::[]" else "[]"))^" in";
-                       "Rbac.check session_id __call 
~args:(arg_names,__params) ~__context ~fn:(fun ()-> (*RBAC-BEGIN*)"]
+                       "let key_names = "^(List.fold_right (fun arg args -> 
"\""^arg^"\"::"^args) (List.map (fun (k,_)->k) x.msg_map_keys_roles) "[]")^" 
in";
+                       "Rbac.check session_id __call 
~args:(arg_names,__params) ~keys:key_names ~__context ~fn:(fun ()-> 
(*RBAC-BEGIN*)"]
     else []
   in
   let rbac_check_end = if has_session_arg then [") (*RBAC-END*)"] else [] in
diff -r c2e75d891d3d -r c9fd958b25ee ocaml/idl/ocaml_backend/rbac.ml
--- a/ocaml/idl/ocaml_backend/rbac.ml   Fri Nov 13 14:01:05 2009 +0000
+++ b/ocaml/idl/ocaml_backend/rbac.ml   Thu Nov 26 17:08:59 2009 +0000
@@ -95,6 +95,80 @@
                        session_permissions_tbl
                        session_id
 
+(* create a key permission name that can be in the session *)
+let get_key_permission_name permission key_name =
+       permission ^ "/key_" ^ key_name
+
+(* create a key-error permission name that is never in the session *)
+let get_keyERR_permission_name permission err =
+       permission ^ "/keyERR_" ^ err
+
+let permission_of_action ?args ~keys _action =
+       (* all permissions are in lowercase, see gen_rbac.writer_ *)
+       let action = (String.lowercase _action) in
+       if (List.length keys) < 1
+       then (* most actions do not use rbac-guarded map keys in the arguments 
*)
+               action
+
+       else (* only actions with rbac-guarded map keys fall here *)
+       match args with
+       |None -> begin (* this should never happen *)
+                       debug "DENYING access: no args for keyed-action %s" 
action;
+                       get_keyERR_permission_name action "DENY_NOARGS" (* will 
always deny *)
+               end
+       |Some (arg_keys,arg_values) ->
+               if (List.length arg_keys) <> (List.length arg_values)
+               then begin (* this should never happen *)
+                       debug "DENYING access: arg_keys and arg_values lengths 
don't match: arg_keys=[%s], arg_values=[%s]"
+                               ((List.fold_left (fun ss s->ss^s^",") "" 
arg_keys))
+                               ((List.fold_left (fun ss s->ss^(Xml.to_string 
s)^",") "" arg_values))
+                       ;
+                       get_keyERR_permission_name action "DENY_WRGLEN" (* will 
always deny *)  
+               end
+               else (* keys and values have the same length *)
+               let rec get_permission_name_of_keys arg_keys arg_values =
+                       match arg_keys,arg_values with
+                       |[],[]|_,[]|[],_-> (* this should never happen *)
+                               begin 
+                                       debug "DENYING access: no 'key' 
argument in the action %s" action;
+                                       get_keyERR_permission_name action 
"DENY_NOKEY" (* deny by default *)
+                               end
+                       |k::ks,v::vs->
+                               if k<>"key" (* "key" is defined in 
datamodel_utils.ml *)
+                               then
+                                       (get_permission_name_of_keys ks vs)
+                               else (* found "key" in args *)
+                                       match v with
+                                       | Xml.Element("value",_,(Xml.PCData 
key_name_in_args)::[]) ->
+                                       begin
+                                               (*debug "key_name_in_args=%s, 
keys=[%s]" key_name_in_args ((List.fold_left (fun ss s->ss^s^",") "" keys)) ;*)
+                                               try 
+                                               let key_name =
+                                                       List.find
+                                                       (fun key_name ->
+                                                        if 
Stringext.String.endswith "*" key_name
+                                                        then begin (* resolve 
wildcards at the end *)
+                                                                
Stringext.String.startswith
+                                                                        
(String.sub key_name 0 ((String.length key_name) - 1))
+                                                                        
key_name_in_args
+                                                        end
+                                                        else (* no wildcards 
to resolve *)
+                                                                key_name = 
key_name_in_args
+                                                       )
+                                                       keys
+                                               in
+                                                       get_key_permission_name 
action (String.lowercase key_name)
+                                               with Not_found -> (* expected, 
key_in_args is not rbac-protected *)
+                                                       action
+                                       end
+                                       |_ -> begin (* this should never happen 
*)
+                                                debug "DENYING access: wrong 
XML value [%s] in the 'key' argument of action %s" (Xml.to_string v) action;
+                                                get_keyERR_permission_name 
action "DENY_NOVALUE"
+                                       end
+               in
+               get_permission_name_of_keys arg_keys arg_values
+
+
 let is_permission_in_session ~session_id ~permission ~session =
        let find_linear elem set = List.exists (fun e -> e = elem) set in
        let find_log elem set = Permission_set.mem elem set in
@@ -137,10 +211,9 @@
 
 (* Execute fn if rbac access is allowed for action, otherwise fails. *)
 let nofn = fun () -> ()
-let check ?(extra_dmsg="") ?(extra_msg="") ?args ~__context ~fn session_id 
action =
+let check ?(extra_dmsg="") ?(extra_msg="") ?args ?(keys=[]) ~__context ~fn 
session_id action =
 
-       (* all permissions are in lowercase, see gen_rbac.writer_ *)
-       let permission = String.lowercase action in
+       let permission = permission_of_action action ?args ~keys in
        
        if (is_access_allowed ~__context ~session_id ~permission)
        then (* allow access to action *)
diff -r c2e75d891d3d -r c9fd958b25ee ocaml/idl/ocaml_backend/rbac_audit.ml
--- a/ocaml/idl/ocaml_backend/rbac_audit.ml     Fri Nov 13 14:01:05 2009 +0000
+++ b/ocaml/idl/ocaml_backend/rbac_audit.ml     Thu Nov 26 17:08:59 2009 +0000
@@ -299,7 +299,7 @@
        with e -> (* never bubble up the error here *) 
                D.debug "ignoring %s" (ExnHelper.string_of_exn e)
 
-let sexpr_of __context session_id allowed_denied ok_error result_error ?args 
action =
+let sexpr_of __context session_id allowed_denied ok_error result_error ?args 
action permission =
   let result_error = 
                if result_error = "" then result_error else ":"^result_error
        in
@@ -312,7 +312,7 @@
                SExpr.String (ok_error ^ result_error)::
     SExpr.String (call_type_of action)::
                (*SExpr.String (Helper_hostname.get_hostname ())::*)
-    SExpr.String action::
+    SExpr.String permission::
     (SExpr.Node (sexpr_of_parameters action args))::
                []
        )
@@ -321,11 +321,11 @@
 
 let fn_append_to_master_audit_log = ref None
 
-let audit_line_of __context session_id allowed_denied ok_error result_error 
action ?args =
+let audit_line_of __context session_id allowed_denied ok_error result_error 
action permission ?args =
        let _line = 
                (SExpr.string_of 
                         (sexpr_of __context session_id allowed_denied 
-                                       ok_error result_error ?args action
+                                       ok_error result_error ?args action 
permission
                         )
                )
        in
@@ -339,7 +339,7 @@
 let allowed_ok ~__context ~session_id ~action ~permission ?args ?result () =
        wrap (fun () ->
                if has_to_audit action then 
-                       audit_line_of __context session_id "ALLOWED" "OK" "" 
action ?args
+                       audit_line_of __context session_id "ALLOWED" "OK" "" 
action permission ?args
        )
 
 let allowed_error ~__context ~session_id ~action ~permission ?args ?error () =
@@ -350,13 +350,13 @@
                                | None -> ""
                                | Some error -> (ExnHelper.string_of_exn error)
                        in
-                       audit_line_of __context session_id "ALLOWED" "ERROR" 
error_str action ?args
+                       audit_line_of __context session_id "ALLOWED" "ERROR" 
error_str action permission ?args
        )
        
 let denied ~__context ~session_id ~action ~permission ?args () =
        wrap (fun () ->
                if has_to_audit action then
-                       audit_line_of __context session_id "DENIED" "" "" 
action ?args
+                       audit_line_of __context session_id "DENIED" "" "" 
action permission ?args
        )
 
 let session_destroy ~__context ~session_id =

Attachment: xen-api.hg.patch
Description: Text Data

_______________________________________________
xen-api mailing list
xen-api@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/mailman/listinfo/xen-api
<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-API] [PATCH] CA-35368: add support to per-key RBAC, Marcus Granado <=