From: Daniel Kouřil <kouril@ics.muni.cz>
Date: Wed, 17 Mar 2010 21:06:37 +0000 (+0000)
Subject: - added new authZ actions
X-Git-Tag: glite-jobid-api-c_R_1_0_2_1~74
X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=24b106608574f30e676bd9ed728ed528ece99619;p=jra1mw.git

- added new authZ actions
- extended status fields made available for RTM & comp.
---

diff --git a/org.glite.lb.server/src/authz_policy.c b/org.glite.lb.server/src/authz_policy.c
index 136805c..cfc09e5 100644
--- a/org.glite.lb.server/src/authz_policy.c
+++ b/org.glite.lb.server/src/authz_policy.c
@@ -22,10 +22,13 @@ limitations under the License.
 #include "authz_policy.h"
 
 struct action_name action_names[] = {
-    { READ_ALL,		"READ_ALL" },
+    { ADMIN_ACCESS,	"ADMIN_ACCESS" },
     { STATUS_FOR_RTM,	"STATUS_FOR_RTM" },
     { LOG_WMS_EVENTS,	"LOG_WMS_EVENTS" },
+    { LOG_CE_EVENTS,	"LOG_CE_EVENTS" },
     { LOG_GENERAL_EVENTS,	"LOG_GENERAL_EVENTS" },
+    { GET_STATISTICS,	"GET_STATISTICS" },
+    { REGISTER_JOBS,	"REGISTER_JOBS" },	
 };
 
 static int num_actions =
@@ -87,6 +90,17 @@ find_authz_action(const char *name)
     return ACTION_UNDEF;
 }
 
+const char *
+action2name(authz_action a)
+{
+    int i;
+
+    for (i = 0; i < num_actions; i++)
+	if (action_names[i].action == a)
+	    return action_names[i].name;
+    return NULL;
+}
+
 authz_attr_id
 find_authz_attr(const char *name)
 {
@@ -103,11 +117,25 @@ blacken_fields(edg_wll_JobStat *stat, int flags)
 {
     edg_wll_JobStat new_stat;
 
-    memset(&new_stat, 0, sizeof(new_stat));
+    edg_wll_InitStatus(&new_stat);
 
     if (flags & STATUS_FOR_RTM) {
 	new_stat.state = stat->state;
-	/* XXX save anything else */
+	edg_wlc_JobIdDup(stat->jobId, &new_stat.jobId);
+	if (stat->destination)
+	    new_stat.destination = strdup(stat->destination);
+	if (stat->network_server)
+	    new_stat.network_server = strdup(stat->network_server);
+	new_stat.stateEnterTime = stat->stateEnterTime;
+	new_stat.lastUpdateTime = stat->lastUpdateTime;
+	if (stat->stateEnterTimes) {
+	    int i = 1 + stat->stateEnterTimes[0];
+	    new_stat.stateEnterTimes = malloc(sizeof(*stat->stateEnterTimes)*i);
+	    memcpy(new_stat.stateEnterTimes, stat->stateEnterTimes,
+		   sizeof(*stat->stateEnterTimes)*i);
+	}
+	if (stat->ui_host)
+	    new_stat.ui_host = strdup(stat->ui_host);
     }
 
     edg_wll_FreeStatus(stat);
diff --git a/org.glite.lb.server/src/authz_policy.h b/org.glite.lb.server/src/authz_policy.h
index 4e10969..c326510 100644
--- a/org.glite.lb.server/src/authz_policy.h
+++ b/org.glite.lb.server/src/authz_policy.h
@@ -24,10 +24,13 @@ limitations under the License.
 
 typedef enum {
     ACTION_UNDEF	= 0,
-    READ_ALL		= 2,
-    STATUS_FOR_RTM	= 4,
-    LOG_WMS_EVENTS	= 8,
-    LOG_GENERAL_EVENTS	= 16,
+    ADMIN_ACCESS	= 1 << 0,
+    STATUS_FOR_RTM	= 1 << 1,
+    LOG_WMS_EVENTS	= 1 << 2,
+    LOG_CE_EVENTS	= 1 << 3,
+    LOG_GENERAL_EVENTS	= 1 << 4,
+    GET_STATISTICS	= 1 << 5,
+    REGISTER_JOBS	= 1 << 6,
 } authz_action;
 
 typedef struct action_name {
@@ -37,8 +40,8 @@ typedef struct action_name {
 
 typedef enum {
     ATTR_UNDEF		= 0,
-    ATTR_SUBJECT	= 2,
-    ATTR_FQAN		= 4,
+    ATTR_SUBJECT	= 1,
+    ATTR_FQAN		= 2,
 } authz_attr_id;
 
 struct attr_id_name {
@@ -55,6 +58,9 @@ check_authz_policy(edg_wll_authz_policy, edg_wll_GssPrincipal, authz_action);
 authz_action
 find_authz_action(const char *name);
 
+const char *
+action2name(authz_action);
+
 authz_attr_id
 find_authz_attr(const char *name);
 
diff --git a/org.glite.lb.server/src/lb_authz.c b/org.glite.lb.server/src/lb_authz.c
index 0cbbbac..250995b 100644
--- a/org.glite.lb.server/src/lb_authz.c
+++ b/org.glite.lb.server/src/lb_authz.c
@@ -888,27 +888,36 @@ int
 check_store_authz(edg_wll_Context ctx, edg_wll_Event *ev)
 {
    char *pem_string = NULL;
-   char *request = NULL;
+   const char *request = NULL;
    int ret;
+   authz_action action;
 
    /* XXX make a real RSL ? */
 
    switch (ev->any.type) {
 	case EDG_WLL_EVENT_REGJOB:
+	     action = REGISTER_JOBS;
+	     break;
+
+	case EDG_WLL_EVENT_CURDESCR:
 	case EDG_WLL_EVENT_USERTAG:
 	case EDG_WLL_EVENT_CHANGEACL:
-	case EDG_WLL_EVENT_NOTIFICATION:
-	case EDG_WLL_EVENT_RESOURCEUSAGE:
+	     action = LOG_GENERAL_EVENTS;
+	     break;
+
+	case EDG_WLL_EVENT_RUNNING:
 	case EDG_WLL_EVENT_REALLYRUNNING:
-	case EDG_WLL_EVENT_SUSPEND:
-	case EDG_WLL_EVENT_RESUME:
-	     request = "LOG_GENERAL_EVENTS";
+	case EDG_WLL_EVENT_DONE:
+	     action = LOG_CE_EVENTS;
 	     break;
+
 	default:
-	     request = "LOG_WMS_EVENTS";
+	     action = LOG_WMS_EVENTS;
 	     break;
    }
 
+   request = (char *) action2name(action);
+
    ret = edg_wll_gss_get_client_pem(&ctx->connections->serverConnection->gss,
 				    server_cert, server_key,
                                     &pem_string);
@@ -932,7 +941,7 @@ int edg_wll_amIroot(const char *subj, char **fqans,edg_wll_authz_policy policy)
 	princ.name = (char *) subj;
 	princ.fqans = fqans;
 
-	return check_authz_policy(policy, &princ, READ_ALL);
+	return check_authz_policy(policy, &princ, ADMIN_ACCESS);
 }
 
 edg_wll_authz_policy