XML-RPC: Verify connection permissions from the XML-RPC instance
authorMichal Novotny <minovotn@redhat.com>
Thu, 4 Oct 2012 17:44:39 +0000 (19:44 +0200)
committerMichal Novotny <minovotn@redhat.com>
Thu, 4 Oct 2012 17:44:39 +0000 (19:44 +0200)
Signed-off-by: Michal Novotny <minovotn@redhat.com>

classes/XmlRPC.php
classes/database-mysql.php
classes/database.php
classes/libvirt.php
xmlrpc-test.py

index 1b99b4c..9323e49 100644 (file)
                        if (!CONNECT_WITH_NULL_STRING && $uri == 'null')
                                $uri = false;
 
+                       if ($uri == 'list') {
+                               $tmp = $this->db->get_user_connection($idUser, true);
+                               if (empty($tmp))
+                                       return $this->log(TYPE_ERROR, __CLASS__.'::'.__FUNCTION__, 'Invalid connection permissions', 'No connection available for user specified');
+
+                               return $tmp;
+                       }
+
                        if ((array_key_exists('user', $ret['data']['connection'])) && (array_key_exists('password', $ret['data']['connection'])))
                                $lv = new Libvirt($uri, $ret['data']['connection']['user'], $ret['data']['connection']['password'], false, 'en');
                        else
index 5055e6f..227b781 100644 (file)
@@ -10,6 +10,7 @@
                private $tab_connections = 'connections';
                private $tab_users = 'users';
                private $tab_apikeys = 'apikeys';
+               private $tab_assoc = 'userconnections';
                private $connections = array();
                private $db;
 
                        if (!mysql_query($qry))
                                return false;
 
+                       $qry = 'CREATE TABLE IF NOT EXISTS '.$this->prefix.$this->tab_assoc.' (
+                                       `id` int(11) NOT NULL,
+                                       `idUser` int(11) NOT NULL,
+                                       `idConnection` int(11) NOT NULL,
+                                       PRIMARY KEY (`id`)
+                               ) ENGINE=MyISAM DEFAULT CHARSET=utf8;';
+
+                       if (!mysql_query($qry))
+                               return false;
+
                        /* Create a user with full permissions */
                        global $user_permissions;
                        $perms = 0;
                        return mysql_query($qry) ? $apikey : false;
                }
 
+               function get_user_connection($idUser, $getNames = false) {
+                       if ($getNames)
+                               $qry = 'SELECT a.idConnection, c.* FROM '.$this->prefix.$this->tab_assoc.' a '.
+                                       'LEFT JOIN '.$this->prefix.$this->tab_connections.' c ON c.id = a.idConnection '.
+                                       'WHERE a.idUser = '.$idUser;
+                       else
+                               $qry = 'SELECT idConnection FROM '.$this->prefix.$this->tab_assoc.' WHERE idUser = '.$idUser;
+
+                       $res = mysql_query($qry);
+
+                       $data = array();
+                       while ($rec = mysql_fetch_assoc($res)) {
+                               $cId = $rec['idConnection'];
+                               if ($getNames) {
+                                       $new_uri = false;
+                                       $tmp = $this->list_connections(true);
+                                       for ($i = 0; $i < sizeof($tmp); $i++) {
+                                               if ($tmp[$i]['id'] == $cId) {
+                                                       $id = $tmp[$i]['id'];
+                                                       $hv = $tmp[$i]['hypervisor'];
+                                                       $nm = $tmp[$i]['name'];
+                                                       $rh = $tmp[$i]['remote'];
+                                                       $rm = $tmp[$i]['method'];
+                                                       $rp = $tmp[$i]['require_pwd'];
+                                                       $un = $tmp[$i]['user'];
+                                                       $pwd= $tmp[$i]['password'];
+                                                       $hn = $tmp[$i]['host'];
+                                                       $lg = $tmp[$i]['logfile'];
+                                               }
+                                       }
+
+                                       $new_uri = Libvirt::generate_connection_uri($hv, $rh, $rm, $un, $hn);
+
+                                       $data[] = array(
+                                                               'id' => $cId,
+                                                               'name' => $nm,
+                                                               'uri' => $new_uri
+                                                       );
+                               }
+                               else
+                                       $data[] = $cId;
+                       }
+
+                       return $data;
+               }
+
                function user_edit($id, $user, $password, $perms) {
                        $user = mysql_real_escape_string($user);
                        $password = (strlen($password) > 0) ? hash('sha512', $password) : false;
index 0d14dcd..a337bc9 100644 (file)
                function refresh() {
                }
 
+               function get_user_connection($idUser) {
+                       return array();
+               }
+
                function generate_random_chars($len = 6) {
                        $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
 
index 8ea33d9..559c49c 100644 (file)
 
                function connect($uri = 'null', $login = false, $password = false) {
                        if ($login !== false && $password !== false) {
-                               $this->conn=libvirt_connect($uri, false, array(VIR_CRED_AUTHNAME => $login, VIR_CRED_PASSPHRASE => $password));
+                               $this->conn=@libvirt_connect($uri, false, array(VIR_CRED_AUTHNAME => $login, VIR_CRED_PASSPHRASE => $password));
                        } else {
-                               $this->conn=libvirt_connect($uri, false);
+                               $this->conn=@libvirt_connect($uri, false);
                        }
                        if ($this->conn==false)
                                return $this->_set_last_error();
                }
 
                function get_connect_information() {
+                       if (!$this->is_connected())
+                               return false;
                        $tmp = libvirt_connect_get_information($this->conn);
                        return ($tmp) ? $tmp : $this->_set_last_error();
                }
index 00731fa..5bd5aaa 100755 (executable)
@@ -40,6 +40,29 @@ try:
         address = input("Enter new address: ")
 
     proxy = xmlrpc.client.ServerProxy(address)
+
+    request['connection']['uri'] = 'list'
+    conns = proxy.Information.get(request)
+    conns_s = sorted(conns)
+
+    print("\n")
+    for connection in conns_s:
+        print("%s) %s" % (int(connection) + 1, conns[connection]['name']))
+    print("\n")
+
+    line = input("Choose connection: ")
+    try:
+        conn = int(line) - 1
+    except:
+        sys.exit(1)
+
+    conn = str(conn)
+    request['connection']['uri'] = conns[conn]['uri']
+    request_info['connection']['uri'] = request['connection']['uri']
+    request_name['connection']['uri'] = request['connection']['uri']
+
+    print("\nConnection URI: %s" % request['connection']['uri'])
+
     num = choose("Enter type: ", "Type", selections)
     if num == 0:
         num = choose("Enter your choice: ", "Information", info_types)