Mailinglist Archive: yast-commit (1108 mails)
| < Previous | Next > |
[yast-commit] r50614 - /trunk/ldap-server/src/YaPI/LdapServer.pm
- From: rhafer@xxxxxxxxxxxxxxxx
- Date: Wed, 03 Sep 2008 12:00:22 -0000
- Message-id: <20080903120022.9847C30B15@xxxxxxxxxxxxxxxx>
Author: rhafer
Date: Wed Sep 3 14:00:22 2008
New Revision: 50614
URL: http://svn.opensuse.org/viewcvs/yast?rev=50614&view=rev
Log:
ACL support for YaPI
Modified:
trunk/ldap-server/src/YaPI/LdapServer.pm
Modified: trunk/ldap-server/src/YaPI/LdapServer.pm
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/YaPI/LdapServer.pm?rev=50614&r1=50613&r2=50614&view=diff
==============================================================================
--- trunk/ldap-server/src/YaPI/LdapServer.pm (original)
+++ trunk/ldap-server/src/YaPI/LdapServer.pm Wed Sep 3 14:00:22 2008
@@ -39,6 +39,14 @@
Add a new index statement %indexMap to the database section
+\@aclList = ReadAcl($suffix)
+
+ Returns a List of Maps with the ACL for this database
+
+$bool = WriteAcl($suffix,\@aclList)
+
+ Replace the existing ACLs of a database
+
\@list = ReadSchemaList()
Returns a list of all included schema items
@@ -203,14 +211,6 @@
sub ReadDatabaseList {
my $self = shift;
- my $rc = SCR->Execute('.ldapserver.init' );
- if ( ! $rc )
- {
- my $err = SCR->Error(".ldapserver");
- $err->{'code'} = "SCR_EXECUTE_FAILED";
- return $self->SetError(%{$err});
- }
-
my $dbList = SCR->Read('.ldapserver.databases');
if(! defined $dbList) {
my $err = SCR->Error(".ldapserver");
@@ -931,6 +931,7 @@
sub ReadIndex {
my $self = shift;
my $suffix = shift;
+ y2milestone("YaPI::LdapServer->ReadIndex()");
if(! defined $suffix || $suffix eq "") {
# error message at parameter check
@@ -1000,6 +1001,7 @@
my $orig_idxArray = undef;
my @new_idx = ();
+ y2milestone("YaPI::LdapServer->EditIndex()");
if(!defined $suffix || $suffix eq "") {
return $self->SetError(summary => "Missing parameter 'suffix'",
code => "PARAM_CHECK_FAILED");
@@ -1043,6 +1045,122 @@
}
=item *
+C<\@aclList = ReadAcl($suffix)>
+
+ Read ACLs of a Database
+
+ The return value is a list of maps defining the ACLs. The maps
+ has the following structure:
+
+ {
+ 'target' => {
+ # a Map defining the target objects of this ACL
+ # can contain any or multiple keys of the following
+ # types
+ 'attrs' => [ <list of attributetypes> ],
+ 'filter' => <LDAP filter string>,
+ 'dn' => {
+ 'style' => <'base' or 'subtree'>
+ 'value' => <LDAP DN>
+ }
+ },
+ 'access' => [
+ # a list of maps defining the access level of different
+ # indentities, each map looks like this:
+ 'level' =>
<'none'|'disclose'|'auth'|'compare'|'read'|'write'|'manage'>,
+ 'type' =>
<'self'|'users'|'anoymous'|'*'|'group'|'dn.base'|'dn.subtree'>
+ # if type is 'group', 'dn.base', 'dn.subtree':
+ 'value' => <a valid LDAP DN>
+ ]
+
+ }
+
+=cut
+BEGIN { $TYPEINFO{ReadAcl} = ["function", ["list", ["map", "string", "any"] ],
"string"]; }
+sub ReadAcl {
+ my $self = shift;
+ my $suffix = shift;
+
+ if(! defined $suffix || $suffix eq "") {
+ # error message at parameter check
+ return $self->SetError(summary => __("Missing parameter 'suffix'."),
+ code => "PARAM_CHECK_FAILED");
+ }
+ my $dblist = $self->ReadDatabaseList();
+ my $index = -2;
+
+ foreach my $db (@{$dblist})
+ {
+ if ( $db->{'suffix'} eq $suffix)
+ {
+ $index = $db->{'index'};
+ }
+ }
+
+ if ( $index <= 0 )
+ {
+ return $self->SetError(summary => "Database does not exist",
+ code => "DATABASE_NOT_FOUND");
+ }
+
+ my $aclList = SCR->Read( ".ldapserver.database.{$index}.acl" );
+ y2milestone("YAPI acllist: ".Data::Dumper->Dump([$aclList]));
+
+ return $aclList;
+}
+
+=item *
+C<$bool = WriteAcl($suffix,\@aclList)>
+
+ Update the ACLs of a Database, all exiting ACLs of that Database are
overwritten.
+
+ The aclList parameter must have the same structure as documented for the
+ ReadAcl function above.
+
+=cut
+BEGIN { $TYPEINFO{WriteAcl} = ["function", "boolean", "string", ["list",
["map", "string", "any"] ]]; }
+sub WriteAcl {
+ my $self = shift;
+ my $suffix = shift;
+ my $aclList = shift;
+
+ if(! defined $suffix || $suffix eq "") {
+ # error message at parameter check
+ return $self->SetError(summary => __("Missing parameter 'suffix'."),
+ code => "PARAM_CHECK_FAILED");
+ }
+ my $dblist = $self->ReadDatabaseList();
+ my $index = -2;
+
+ foreach my $db (@{$dblist})
+ {
+ if ( $db->{'suffix'} eq $suffix)
+ {
+ $index = $db->{'index'};
+ }
+ }
+
+ if ( $index <= 0 )
+ {
+ return $self->SetError(summary => "Database does not exist",
+ code => "DATABASE_NOT_FOUND");
+ }
+
+ if(! SCR->Write( ".ldapserver.database.{$index}.acl", $aclList ) ) {
+ my $err = SCR->Error(".ldapserver");
+ $err->{'code'} = "SCR_WRITE_FAILED";
+ return $self->SetError(%{$err});
+ }
+ if(! SCR->Execute(".ldapserver.commitChanges") ) {
+ my $err = SCR->Error(".ldapserver");
+ $err->{'code'} = "SCR_EXECUTE_FAILED";
+ return $self->SetError(%{$err});
+ }
+
+ return 1;
+}
+
+=item *
C<\@list = ReadSchemaList()>
Returns a list of all included schemas items
--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx
Date: Wed Sep 3 14:00:22 2008
New Revision: 50614
URL: http://svn.opensuse.org/viewcvs/yast?rev=50614&view=rev
Log:
ACL support for YaPI
Modified:
trunk/ldap-server/src/YaPI/LdapServer.pm
Modified: trunk/ldap-server/src/YaPI/LdapServer.pm
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/YaPI/LdapServer.pm?rev=50614&r1=50613&r2=50614&view=diff
==============================================================================
--- trunk/ldap-server/src/YaPI/LdapServer.pm (original)
+++ trunk/ldap-server/src/YaPI/LdapServer.pm Wed Sep 3 14:00:22 2008
@@ -39,6 +39,14 @@
Add a new index statement %indexMap to the database section
+\@aclList = ReadAcl($suffix)
+
+ Returns a List of Maps with the ACL for this database
+
+$bool = WriteAcl($suffix,\@aclList)
+
+ Replace the existing ACLs of a database
+
\@list = ReadSchemaList()
Returns a list of all included schema items
@@ -203,14 +211,6 @@
sub ReadDatabaseList {
my $self = shift;
- my $rc = SCR->Execute('.ldapserver.init' );
- if ( ! $rc )
- {
- my $err = SCR->Error(".ldapserver");
- $err->{'code'} = "SCR_EXECUTE_FAILED";
- return $self->SetError(%{$err});
- }
-
my $dbList = SCR->Read('.ldapserver.databases');
if(! defined $dbList) {
my $err = SCR->Error(".ldapserver");
@@ -931,6 +931,7 @@
sub ReadIndex {
my $self = shift;
my $suffix = shift;
+ y2milestone("YaPI::LdapServer->ReadIndex()");
if(! defined $suffix || $suffix eq "") {
# error message at parameter check
@@ -1000,6 +1001,7 @@
my $orig_idxArray = undef;
my @new_idx = ();
+ y2milestone("YaPI::LdapServer->EditIndex()");
if(!defined $suffix || $suffix eq "") {
return $self->SetError(summary => "Missing parameter 'suffix'",
code => "PARAM_CHECK_FAILED");
@@ -1043,6 +1045,122 @@
}
=item *
+C<\@aclList = ReadAcl($suffix)>
+
+ Read ACLs of a Database
+
+ The return value is a list of maps defining the ACLs. The maps
+ has the following structure:
+
+ {
+ 'target' => {
+ # a Map defining the target objects of this ACL
+ # can contain any or multiple keys of the following
+ # types
+ 'attrs' => [ <list of attributetypes> ],
+ 'filter' => <LDAP filter string>,
+ 'dn' => {
+ 'style' => <'base' or 'subtree'>
+ 'value' => <LDAP DN>
+ }
+ },
+ 'access' => [
+ # a list of maps defining the access level of different
+ # indentities, each map looks like this:
+ 'level' =>
<'none'|'disclose'|'auth'|'compare'|'read'|'write'|'manage'>,
+ 'type' =>
<'self'|'users'|'anoymous'|'*'|'group'|'dn.base'|'dn.subtree'>
+ # if type is 'group', 'dn.base', 'dn.subtree':
+ 'value' => <a valid LDAP DN>
+ ]
+
+ }
+
+=cut
+BEGIN { $TYPEINFO{ReadAcl} = ["function", ["list", ["map", "string", "any"] ],
"string"]; }
+sub ReadAcl {
+ my $self = shift;
+ my $suffix = shift;
+
+ if(! defined $suffix || $suffix eq "") {
+ # error message at parameter check
+ return $self->SetError(summary => __("Missing parameter 'suffix'."),
+ code => "PARAM_CHECK_FAILED");
+ }
+ my $dblist = $self->ReadDatabaseList();
+ my $index = -2;
+
+ foreach my $db (@{$dblist})
+ {
+ if ( $db->{'suffix'} eq $suffix)
+ {
+ $index = $db->{'index'};
+ }
+ }
+
+ if ( $index <= 0 )
+ {
+ return $self->SetError(summary => "Database does not exist",
+ code => "DATABASE_NOT_FOUND");
+ }
+
+ my $aclList = SCR->Read( ".ldapserver.database.{$index}.acl" );
+ y2milestone("YAPI acllist: ".Data::Dumper->Dump([$aclList]));
+
+ return $aclList;
+}
+
+=item *
+C<$bool = WriteAcl($suffix,\@aclList)>
+
+ Update the ACLs of a Database, all exiting ACLs of that Database are
overwritten.
+
+ The aclList parameter must have the same structure as documented for the
+ ReadAcl function above.
+
+=cut
+BEGIN { $TYPEINFO{WriteAcl} = ["function", "boolean", "string", ["list",
["map", "string", "any"] ]]; }
+sub WriteAcl {
+ my $self = shift;
+ my $suffix = shift;
+ my $aclList = shift;
+
+ if(! defined $suffix || $suffix eq "") {
+ # error message at parameter check
+ return $self->SetError(summary => __("Missing parameter 'suffix'."),
+ code => "PARAM_CHECK_FAILED");
+ }
+ my $dblist = $self->ReadDatabaseList();
+ my $index = -2;
+
+ foreach my $db (@{$dblist})
+ {
+ if ( $db->{'suffix'} eq $suffix)
+ {
+ $index = $db->{'index'};
+ }
+ }
+
+ if ( $index <= 0 )
+ {
+ return $self->SetError(summary => "Database does not exist",
+ code => "DATABASE_NOT_FOUND");
+ }
+
+ if(! SCR->Write( ".ldapserver.database.{$index}.acl", $aclList ) ) {
+ my $err = SCR->Error(".ldapserver");
+ $err->{'code'} = "SCR_WRITE_FAILED";
+ return $self->SetError(%{$err});
+ }
+ if(! SCR->Execute(".ldapserver.commitChanges") ) {
+ my $err = SCR->Error(".ldapserver");
+ $err->{'code'} = "SCR_EXECUTE_FAILED";
+ return $self->SetError(%{$err});
+ }
+
+ return 1;
+}
+
+=item *
C<\@list = ReadSchemaList()>
Returns a list of all included schemas items
--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx
| < Previous | Next > |