class LdapACLs(object): # FIXME: parameter aren't nice for an interface implements(IACLs) def __init__(self, session): self.session = session self.acls = None self.__allowed_commands = {} self._read_acls() def _read_acls(self): user = User(self.session) lo, po = get_machine_connection() self.acls = LDAP_ACLs(lo, user.username, ucr['ldap/base']) self.__permitted_commands = None def is_command_allowed(self, request, command): kwargs = {} content_type = request.getHeader('Content-Type') or '' if content_type.startswith('application/json'): kwargs.update(dict( options=request.options, flavor=request.getHeader('X-UMC-Flavor') )) return self.acls.is_command_allowed(command, **kwargs) def get_permitted_commands(self, moduleManager): if self.__permitted_commands is None: # fixes performance leak? self.__permitted_commands = moduleManager.permitted_commands(ucr['hostname'], self.acls) return self.__permitted_commands def get_module_providing(self, moduleManager, command): permitted_commands = self.get_permitted_commands(moduleManager) return moduleManager.module_providing(permitted_commands, command) def get_method_name(self, moduleManager, module_name, command): module = self.get_permitted_commands(moduleManager)[module_name] methods = (cmd.method for cmd in module.commands if cmd.name == command) for method in methods: return method def json(self): return json.dumps(self.acls.json())
def _read_acls(self): user = User(self.session) lo, po = get_machine_connection() self.acls = LDAP_ACLs(lo, user.username, ucr['ldap/base']) self.__permitted_commands = None