[pve-devel] r5541 - in pve-manager/pve2: . lib/PVE
svn-commits at proxmox.com
svn-commits at proxmox.com
Wed Feb 16 07:46:08 CET 2011
Author: dietmar
Date: 2011-02-16 07:46:08 +0100 (Wed, 16 Feb 2011)
New Revision: 5541
Modified:
pve-manager/pve2/ChangeLog
pve-manager/pve2/lib/PVE/REST.pm
Log:
* lib/PVE/REST.pm (rest_handler): use new PVE::RPCEnvironment
methods instead on ACLCache.
Modified: pve-manager/pve2/ChangeLog
===================================================================
--- pve-manager/pve2/ChangeLog 2011-02-16 06:37:11 UTC (rev 5540)
+++ pve-manager/pve2/ChangeLog 2011-02-16 06:46:08 UTC (rev 5541)
@@ -1,3 +1,8 @@
+2011-02-16 Proxmox Support Team <support at proxmox.com>
+
+ * lib/PVE/REST.pm (rest_handler): use new PVE::RPCEnvironment
+ methods instead on ACLCache.
+
2011-02-15 Proxmox Support Team <support at proxmox.com>
* lib/PVE/REST.pm (rest_handler): check access permissions using
Modified: pve-manager/pve2/lib/PVE/REST.pm
===================================================================
--- pve-manager/pve2/lib/PVE/REST.pm 2011-02-16 06:37:11 UTC (rev 5540)
+++ pve-manager/pve2/lib/PVE/REST.pm 2011-02-16 06:46:08 UTC (rev 5541)
@@ -17,7 +17,7 @@
use HTML::Entities;
use PVE::JSONSchema;
use PVE::AccessControl;
-use PVE::ACLCache;
+use PVE::RPCEnvironment;
use Data::Dumper; # fixme: remove
@@ -263,37 +263,24 @@
return OK;
}
-my $aclcache;
-my $aclversion;
-
sub rest_handler {
my ($method, $abs_uri, $rel_uri, $ticket, $params) = @_;
-
- PVE::Cluster::cfs_update();
- my $ucvers = PVE::Cluster::cfs_file_version('user.cfg');
- if (!$aclcache || !defined($aclversion) || !defined($ucvers) ||
- ($ucvers ne $aclversion)) {
- $aclversion = $ucvers;
- eval {
- my $cfg = PVE::Cluster::cfs_read_file('user.cfg');
- $aclcache = PVE::ACLCache->new($cfg);
- };
- if (my $err = $@) {
- my $msg = "Unable to load access control list: $err";
- syslog('err', $msg);
- return { status => HTTP_INTERNAL_SERVER_ERROR,
- message => $msg};
- }
- }
+ my $rpcenv = PVE::RPCEnvironment::get();
+ eval { $rpcenv->init_request(); };
+ if (my $err = $@) {
+ syslog('err', $err);
+ return { status => HTTP_INTERNAL_SERVER_ERROR, message => $err };
+ }
+
my $euid = $>;
if ($rel_uri eq '/ticket') {
my $user = $params->{username} || '';
my $pw = $params->{password} || '';
- if (!$aclcache->user_enabled($user)) {
+ if (!$rpcenv->user_enabled($user)) {
return {
status => HTTP_FORBIDDEN,
message => "No such user (user not enabled).",
@@ -314,7 +301,7 @@
if (defined($params->{path}) || defined($params->{permissions})) {
my @privs = PVE::Tools::split_list($params->{permissions});
if (!($params->{path} && $params->{permissions} &&
- $aclcache->check($user, $params->{path}, \@privs))) {
+ $rpcenv->check($user, $params->{path}, \@privs))) {
return {
status => HTTP_FORBIDDEN,
@@ -356,7 +343,7 @@
# check access permissions
if (my $perm = $info->{permissions}) {
- if (!$aclcache->check($username, $perm->{path}, $perm->{privs})) {
+ if (!$rpcenv->check($username, $perm->{path}, $perm->{privs})) {
my $privstr = join(',', @{$perm->{privs}});
my $path = PVE::Tools::template_replace($perm->{path}, $uri_param);
return {
@@ -397,8 +384,7 @@
# methods to other hosts?
return { proxy => 'localhost' } if $info->{protected} && ($euid != 0);
- # setup environment
- my $rpcenv = PVE::RPCEnvironment::get();
+ # set environment variables
$rpcenv->set_language('C'); # fixme:
$rpcenv->set_user($username);
More information about the pve-devel
mailing list