diff options
| author | luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0> | 2006-04-21 02:36:30 +0000 |
|---|---|---|
| committer | luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0> | 2006-04-21 02:36:30 +0000 |
| commit | d9fd0026f04c6d7bd5cb28e20a3f40bd21c24467 (patch) | |
| tree | 513dccea837e4f5bd2297bba339157e3084b50a2 /lib/puppet/server | |
| parent | 4a029d98a6d4c01e09fa4a302731ca5ec7a12fee (diff) | |
| download | puppet-d9fd0026f04c6d7bd5cb28e20a3f40bd21c24467.tar.gz puppet-d9fd0026f04c6d7bd5cb28e20a3f40bd21c24467.tar.xz puppet-d9fd0026f04c6d7bd5cb28e20a3f40bd21c24467.zip | |
Go some work started on developing authorization, but I have made little progress. I might wait on this for the next point release.
git-svn-id: https://reductivelabs.com/svn/puppet/trunk@1127 980ebf18-57e1-0310-9a29-db15c13687c0
Diffstat (limited to 'lib/puppet/server')
| -rwxr-xr-x | lib/puppet/server/pelement.rb | 26 | ||||
| -rwxr-xr-x | lib/puppet/server/rights.rb | 63 |
2 files changed, 85 insertions, 4 deletions
diff --git a/lib/puppet/server/pelement.rb b/lib/puppet/server/pelement.rb index 7c4ee7fb3..9799a36af 100755 --- a/lib/puppet/server/pelement.rb +++ b/lib/puppet/server/pelement.rb @@ -3,12 +3,13 @@ require 'puppet/server' module Puppet -class Server::PElementServer +# Serve Puppet elements. Useful for querying, copying, and, um, other stuff. +class Server::PElement < Server::Handler attr_accessor :local - @interface = XMLRPC::Service::Interface.new("fileserver") { |iface| + @interface = XMLRPC::Service::Interface.new("pelementserver") { |iface| iface.add_method("string describe(string, string, array, array)") - iface.add_method("string list(string, string, boolean, array)") + iface.add_method("string list(string, array, string)") } # Describe a given object. This returns the 'is' values for every state @@ -76,6 +77,7 @@ class Server::PElementServer end end + # List all of the elements of a given type. def list(type, ignore = [], base = nil, client = nil, clientip = nil) @local = true unless client typeklass = nil @@ -83,15 +85,31 @@ class Server::PElementServer raise Puppet::Error, "Puppet type %s is unsupported" % type end + ignore = [ignore] unless ignore.is_a? Array bucket = TransBucket.new bucket.type = typeklass.name typeklass.list.each do |obj| + next if ignore.include? obj.name + object = TransObject.new(obj.name, typeklass.name) bucket << object end - bucket + if @local + return bucket + else + str = nil + case format + when "yaml": + str = YAML.dump(bucket) + else + raise XMLRPC::FaultException.new( + 1, "Unavailable config format %s" % format + ) + end + return CGI.escape(str) + end end private diff --git a/lib/puppet/server/rights.rb b/lib/puppet/server/rights.rb new file mode 100755 index 000000000..cd4b4b978 --- /dev/null +++ b/lib/puppet/server/rights.rb @@ -0,0 +1,63 @@ +require 'ipaddr' +require 'puppet/server/authstore' + +module Puppet +class Server + # Define a set of rights and who has access to them. + class Rights + # We basically just proxy directly to our rights. Each Right stores + # its own auth abilities. + [:allow, :allowed?, :deny].each do |method| + define_method(method) do |name, *args| + if obj = right(name) + obj.send(method, *args) + else + raise ArgumentError, "Unknown right '%s'" % name + end + end + end + + def initialize + @rights = {} + end + + # Define a new right to which access can be provided. + def newright(name) + name = name.intern if name.is_a? String + shortname = Right.shortname(name) + if @rights.include? shortname + raise ArgumentError, "Right '%s' is already defined" % name + else + @rights[shortname] = Right.new(name, shortname) + end + end + + private + + # Retrieve a right by name. + def right(name) + @rights[Right.shortname(name)] + end + + # A right. + class Right < AuthStore + attr_accessor :name, :shortname + + def self.shortname(name) + name.to_s[0..0] + end + + def initialize(name, shortname = nil) + @name = name + @shortname = shortname + unless @shortname + @shortname = Right.shortname(name) + end + super() + end + end + end +end +end +# +# $Id$ |