- Timestamp:
- 09/02/19 20:11:12 (5 years ago)
- Location:
- trunk/LATMOS-Accounts
- Files:
-
- 1 added
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LATMOS-Accounts/bin/la-cli
r2209 r2282 25 25 'no-unexp|wo-unexp' => \my $nounexp, 26 26 'with-unexp' => \my $unexp, 27 'u|username=s' => \my $username, 27 28 'help' => sub { pod2usage(0) }, 28 29 ) or pod2usage(); … … 52 53 Take into account only propagated objects (attribute 'exported'=1) (default) 53 54 55 =item -u|--username USER 56 57 Simulated access like user USER is login 58 54 59 =back 55 60 56 61 =cut 57 62 58 my $LA = LATMOS::Accounts->new($config, noacl => 1);63 my $LA = LATMOS::Accounts->new($config, noacl => $username ? 0 : 1); 59 64 my $labase = $LA->base($base); 60 65 $labase && $labase->load or die "Cannot load base"; -
trunk/LATMOS-Accounts/bin/la-dump
r2280 r2282 81 81 $otype ||= 'user'; 82 82 83 my $LA = LATMOS::Accounts->new($config, noacl => 1);83 my $LA = LATMOS::Accounts->new($config, noacl => $username ? 0 : 1); 84 84 my $labase = $LA->base($base); 85 85 $labase && $labase->load or die "Cannot load base"; -
trunk/LATMOS-Accounts/bin/la-qacls
r1044 r2282 66 66 =cut 67 67 68 my $LA = LATMOS::Accounts->new($config, noacl => 0);68 my $LA = LATMOS::Accounts->new($config, noacl => $user ? 0 : 1); 69 69 70 70 my $labase = $LA->base($base); … … 73 73 74 74 if ($user) { 75 $labase-> {_user} = $user;75 $labase->SetConnectedUser($user); 76 76 } 77 77 … … 85 85 ) foreach(qw(@CREATE @DELETE)); 86 86 87 printf("%s%s %s\n", 88 ($labase->check_acl($obj, $_, 'r') ? 'r' : ' '), 89 ($labase->check_acl($obj, $_, 'w') ? 'w' : ' '), 90 $_, 91 ) foreach($labase->list_canonical_fields($otype, 'a')); 87 foreach($labase->list_canonical_fields($otype, 'a')) { 88 my $attr = $labase->attribute($otype, $_); 89 printf("%s%s %s\n", 90 ($attr->readable ? ($labase->check_acl($obj, $_, 'r') ? 'r' : ' ') : '-'), 91 ($attr->ro ? '-' : ($labase->check_acl($obj, $_, 'w') ? 'w' : ' ')), 92 $_, 93 ) 94 } -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Acls.pm
r2278 r2282 29 29 }, $class 30 30 ); 31 if ($file) {32 $acls->read_acl_file($file) or return;33 }34 31 35 32 # Default ACLS: 36 $acls->add( '*.log', [ '$uid: read', '*: deny' ] );33 # $acls->add( '*.log', [ '$uid: read', '*: deny' ] ); 37 34 $acls->add( 38 35 'user.{userPasswd,userPassword,encryptedPassword,oldPassword}', 39 36 [ '$uid: write', '*: deny' ], 40 37 ); 38 39 if ($file) { 40 $acls->read_acl_file($file) or return; 41 } 42 41 43 $acls 42 44 } -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases.pm
r2281 r2282 1185 1185 my ($self, $username) = @_; 1186 1186 1187 $self->{_user} = $username ;1188 la_log(LA_DEBUG, "Connected as $username");1187 $self->{_user} = $username || ''; 1188 la_log(LA_DEBUG, "Connected as `$username'"); 1189 1189 } 1190 1190 -
trunk/LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Objects.pm
r2280 r2282 240 240 my ($self, $cfield) = @_; 241 241 $self->base->check_acl($self, $cfield, 'r') or do { 242 $self->base->log(LA_ ERR, "Permission denied to get %s/%s",242 $self->base->log(LA_DEBUG, "Permission denied to get %s/%s", 243 243 $self->id, $cfield 244 244 );
Note: See TracChangeset
for help on using the changeset viewer.