class LdapACLs(object): # FIXME: parameter aren't nice for an interface
implements(IACLs)
def __init__(self, session):
self.session = session
self.acls = None
self.__allowed_commands = {}
self._read_acls()
def _read_acls(self):
user = User(self.session)
lo, po = get_machine_connection()
self.acls = LDAP_ACLs(lo, user.username, ucr['ldap/base'])
self.__permitted_commands = None
def is_command_allowed(self, request, command):
kwargs = {}
content_type = request.getHeader('Content-Type') or ''
if content_type.startswith('application/json'):
kwargs.update(dict(
options=request.options,
flavor=request.getHeader('X-UMC-Flavor')
))
return self.acls.is_command_allowed(command, **kwargs)
def get_permitted_commands(self, moduleManager):
if self.__permitted_commands is None:
# fixes performance leak?
self.__permitted_commands = moduleManager.permitted_commands(ucr['hostname'], self.acls)
return self.__permitted_commands
def get_module_providing(self, moduleManager, command):
permitted_commands = self.get_permitted_commands(moduleManager)
return moduleManager.module_providing(permitted_commands, command)
def get_method_name(self, moduleManager, module_name, command):
module = self.get_permitted_commands(moduleManager)[module_name]
methods = (cmd.method for cmd in module.commands if cmd.name == command)
for method in methods:
return method
def json(self):
return json.dumps(self.acls.json())
def _read_acls(self): user = User(self.session) lo, po = get_machine_connection() self.acls = LDAP_ACLs(lo, user.username, ucr['ldap/base']) self.__permitted_commands = None
