From: František Dvořák Date: Wed, 15 Jun 2011 14:42:09 +0000 (+0000) Subject: Missing support for GET_STATISTICS auth section. Add access to statistics for WMS... X-Git-Tag: glite-lb-doc_R_1_2_9_1~8 X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=9a60d3b68426d28dba9365ec4a7b5598a0665d26;p=jra1mw.git Missing support for GET_STATISTICS auth section. Add access to statistics for WMS DN in yaim. --- diff --git a/org.glite.lb.server/src/stats.c b/org.glite.lb.server/src/stats.c index f9f5678..2219232 100644 --- a/org.glite.lb.server/src/stats.c +++ b/org.glite.lb.server/src/stats.c @@ -37,6 +37,7 @@ limitations under the License. #include "glite/jobid/strmd5.h" #include "stats.h" +#include "authz_policy.h" #define GROUPS_HASHTABLE_SIZE 1000 @@ -546,11 +547,16 @@ static int findStat( ) { edg_wll_JobStatCode later_state; + struct _edg_wll_GssPrincipal_data princ; + edg_wll_ResetError(ctx); + memset(&princ, 0, sizeof princ); + princ.name = ctx->peerName; + princ.fqans = ctx->fqans; switch (ctx->count_statistics) { case 0: return edg_wll_SetError(ctx,ENOSYS,NULL); - case 1: if (!ctx->noAuth) return edg_wll_SetError(ctx,EPERM,NULL); - break; + case 1: if (!ctx->noAuth && !check_authz_policy(&ctx->authz_policy, &princ, GET_STATISTICS)) + return edg_wll_SetError(ctx, EPERM, NULL); case 2: break; default: abort(); } diff --git a/org.glite.lb.yaim/config/functions/config_glite_lb.in b/org.glite.lb.yaim/config/functions/config_glite_lb.in index 2b5c8da..8a02c45 100644 --- a/org.glite.lb.yaim/config/functions/config_glite_lb.in +++ b/org.glite.lb.yaim/config/functions/config_glite_lb.in @@ -113,6 +113,7 @@ EOF eval value=\"$`echo GLITE_LB_AUTHZ_$section`\" case "$section" in ADMIN_ACCESS) value="$value,$superusers" ;; + GET_STATISTICS) value="$value,$wms" ;; READ_ALL) value="$value,$wms,$rtm" ;; PURGE) value="$value,$wms" ;; LOG_WMS_EVENTS) value="$value,$wms" ;;