[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-API] [PATCH] CA-35368: use unambiguous key-tag in permission

2 files changed, 5 insertions(+), 4 deletions(-)
ocaml/idl/ocaml_backend/gen_rbac.ml |    5 +++--
ocaml/idl/ocaml_backend/rbac.ml     |    4 ++--


# HG changeset patch
# User Marcus Granado <marcus.granado@xxxxxxxxxx>
# Date 1259760103 0
# Node ID 27bf2365d9e208039b1f663f82a4cc46b89305a1
# Parent  994723beb3142a90e7247ed5c4cd947bf6e77a83
CA-35368: use unambiguous key-tag in permission

Signed-off-by: Marcus Granado <marcus.granado@xxxxxxxxxxxxx>

diff -r 994723beb314 -r 27bf2365d9e2 ocaml/idl/ocaml_backend/gen_rbac.ml
--- a/ocaml/idl/ocaml_backend/gen_rbac.ml       Tue Dec 01 12:16:01 2009 +0000
+++ b/ocaml/idl/ocaml_backend/gen_rbac.ml       Wed Dec 02 13:21:43 2009 +0000
@@ -80,7 +80,8 @@
 let permission_name wire_name =
        let s1 =replace_char (Printf.sprintf "permission_%s" wire_name) '.' '_' 
in
        let s2 = replace_char s1 '/' '_' in
-       Stringext.String.replace "*" "WILDCHAR" s2
+       let s3 = Stringext.String.replace "*" "WILDCHAR" s2 in
+       Stringext.String.replace ":" "_" s3
 
 let permission_index = ref 0
 let writer_permission name nperms =
@@ -215,7 +216,7 @@
                concat (xperm,((r,xperm::perms)::r2),extra_rs)
 
 let get_key_permission_name permission key_name =
-  permission ^ "/key_" ^ key_name
+  permission ^ "/key:" ^ key_name
 
 let add_permission_to_roles roles_permissions (obj: obj) (x: message) =
        let msg_allowed_roles = x.msg_allowed_roles in
diff -r 994723beb314 -r 27bf2365d9e2 ocaml/idl/ocaml_backend/rbac.ml
--- a/ocaml/idl/ocaml_backend/rbac.ml   Tue Dec 01 12:16:01 2009 +0000
+++ b/ocaml/idl/ocaml_backend/rbac.ml   Wed Dec 02 13:21:43 2009 +0000
@@ -97,11 +97,11 @@
 
 (* create a key permission name that can be in the session *)
 let get_key_permission_name permission key_name =
-       permission ^ "/key_" ^ key_name
+       permission ^ "/key:" ^ key_name
 
 (* create a key-error permission name that is never in the session *)
 let get_keyERR_permission_name permission err =
-       permission ^ "/keyERR_" ^ err
+       permission ^ "/keyERR:" ^ err
 
 let permission_of_action ?args ~keys _action =
        (* all permissions are in lowercase, see gen_rbac.writer_ *)

Attachment: xen-api.hg.patch
Description: Text Data

_______________________________________________
xen-api mailing list
xen-api@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/mailman/listinfo/xen-api

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.