blob: 0ed12a122987364b39cd5553154c1720ec35d30e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
require 'ipaddr'
require 'puppet/server/authstore'
module Puppet
class Server
# Define a set of rights and who has access to them.
class Rights < Hash
# We basically just proxy directly to our rights. Each Right stores
# its own auth abilities.
[:allow, :allowed?, :deny].each do |method|
define_method(method) do |name, *args|
name = name.intern if name.is_a? String
if obj = right(name)
obj.send(method, *args)
else
raise ArgumentError, "Unknown right '%s'" % name
end
end
end
def [](name)
name = name.intern if name.is_a? String
super(name)
end
# Define a new right to which access can be provided.
def newright(name)
name = name.intern if name.is_a? String
shortname = Right.shortname(name)
if self.include? name
raise ArgumentError, "Right '%s' is already defined" % name
else
self[name] = Right.new(name, shortname)
end
end
private
# Retrieve a right by name.
def right(name)
name = name.intern if name.is_a? String
self[name]
end
# A right.
class Right < AuthStore
attr_accessor :name, :shortname
Puppet::Util.logmethods(self, true)
def self.shortname(name)
name.to_s[0..0]
end
def initialize(name, shortname = nil)
@name = name
@shortname = shortname
unless @shortname
@shortname = Right.shortname(name)
end
super()
end
def to_s
"access[%s]" % @name
end
# There's no real check to do at this point
def valid?
true
end
end
end
end
end
#
# $Id$
|
