[X2Go-Commits] x2gobroker.git - build-main (branch) updated: efadd7bc9a73ae99a0a537ec308a074666a085a0

X2Go dev team git-admin at x2go.org
Sun May 19 13:03:05 CEST 2013


The branch, build-main has been updated
       via  efadd7bc9a73ae99a0a537ec308a074666a085a0 (commit)
      from  96019c8aaf5c5cf2d6587314232411b523dc73fd (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 x2gobroker/brokers/base_broker.py |   60 ++++++++++++++++++++-----------------
 1 file changed, 33 insertions(+), 27 deletions(-)

The diff of changes is:
diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py
index 4ab60c8..caaf85c 100644
--- a/x2gobroker/brokers/base_broker.py
+++ b/x2gobroker/brokers/base_broker.py
@@ -196,15 +196,14 @@ class X2GoBroker(object):
 
         _acls = self.get_acl_defaults()
         _acls.update(acls)
-
         _order = {}
-        _order['users'] = _order['groups'] = _order['clients'] = _acls['acl-any-order']
+        _order[u'users'] = _order[u'groups'] = _order[u'clients'] = _acls[u'acl-any-order']
 
-        try: _order['users'] = _acls['acl-users-order']
+        try: _order[u'users'] = _acls[u'acl-users-order']
         except KeyError: pass
-        try: _order['groups'] = _acls['acl-groups-order']
+        try: _order[u'groups'] = _acls[u'acl-groups-order']
         except KeyError: pass
-        try: _order['clients'] = _acls['acl-clients-order']
+        try: _order[u'clients'] = _acls[u'acl-clients-order']
         except KeyError: pass
 
         # to pass an ACL test, all three keys in the dict below have to be set to True
@@ -225,62 +224,62 @@ class X2GoBroker(object):
         ### clients access is granted first, if that fails then we return False here...
 
         # FIXME: provide code for client based access control
-        if not _grant_availability['by_client']:
+        if not _grant_availability[u'by_client']:
             return False
 
         ### no user/group ACLs are in use, allow access then...
 
-        if len(_acls['acl-users-allow'] + _acls['acl-users-deny'] + _acls['acl-groups-allow'] + _acls['acl-groups-deny']) == 0:
+        if len(_acls[u'acl-users-allow'] + _acls[u'acl-users-deny'] + _acls[u'acl-groups-allow'] + _acls[u'acl-groups-deny']) == 0:
             return True
 
         ### CHECKING on a per-user basis...
 
         _allow_user_override = False
         _explicitly_deny_user = False
-        if len( _acls['acl-users-allow'] + _acls['acl-users-deny'] ) > 0:
+        if len( _acls[u'acl-users-allow'] + _acls[u'acl-users-deny'] ) > 0:
 
             _allow_user = False
             _deny_user = False
 
-            if username in _acls['acl-users-allow'] or 'ALL' in _acls['acl-users-allow']:
+            if username in _acls[u'acl-users-allow'] or u'ALL' in _acls[u'acl-users-allow']:
                 _allow_user_override = True
                 _allow_user = True
 
-            if username in _acls['acl-users-deny']:
+            if username in _acls[u'acl-users-deny']:
                 _explicitly_deny_user = True
-            if _explicitly_deny_user or ('ALL' in _acls['acl-users-deny']):
+            if _explicitly_deny_user or (u'ALL' in _acls[u'acl-users-deny']):
                 _deny_user = True
 
-            if _order['users'] == 'allow-deny':
-                _grant_availability['by_user'] = (_allow_user or _deny_user) and (_allow_user and (not _deny_user))
+            if _order[u'users'] == 'allow-deny':
+                _grant_availability[u'by_user'] = (_allow_user or _deny_user) and (_allow_user and (not _deny_user))
             else:
-                _grant_availability['by_user'] = (_allow_user or _deny_user) and ((not _deny_user) or _allow_user)
+                _grant_availability[u'by_user'] = (_allow_user or _deny_user) and ((not _deny_user) or _allow_user)
 
             # if a user has been granted access directly, then the corresponding session profile(s)
             # will be provided to him/her, it does not matter what the group acl will have to say to this...
-            if _grant_availability['by_user']:
+            if _grant_availability[u'by_user']:
                 return True
 
         ### CHECKING on a per-group basis...
 
-        if len(_acls['acl-groups-allow'] + _acls['acl-groups-deny']) > 0:
+        if len(_acls[u'acl-groups-allow'] + _acls[u'acl-groups-deny']) > 0:
             _allow_group = False
             _deny_group = False
 
-            _user_groups = ['ALL'] + self.get_user_groups(username, primary_groups=True)
+            _user_groups = [u'ALL'] + self.get_user_groups(username, primary_groups=True)
 
-            _allow_group = bool(len(set(_user_groups).intersection( set(_acls['acl-groups-allow']) )))
-            _deny_group = bool(len(set(_user_groups).intersection( set(_acls['acl-groups-deny']) )))
+            _allow_group = bool(len(set(_user_groups).intersection( set(_acls[u'acl-groups-allow']) )))
+            _deny_group = bool(len(set(_user_groups).intersection( set(_acls[u'acl-groups-deny']) )))
 
-            if _order['groups'] == 'allow-deny':
-                _grant_availability['by_group'] = (_allow_group or _deny_group) and (_allow_group and (not _deny_group))
+            if _order[u'groups'] == 'allow-deny':
+                _grant_availability[u'by_group'] = (_allow_group or _deny_group) and (_allow_group and (not _deny_group))
             else:
-                _grant_availability['by_group'] = (_allow_group or _deny_group) and (not _deny_group) or _allow_group
+                _grant_availability[u'by_group'] = (_allow_group or _deny_group) and (not _deny_group) or _allow_group
 
             # if a group has been granted access, with one exception: if the thread model for users is
             # allow-deny, then we presume that the acl-users-deny entry has precendence over
             # acl-groups-allow/acl-groups-deny.
-            if (_grant_availability['by_group'] and not _explicitly_deny_user) or _allow_user_override:
+            if (_grant_availability[u'by_group'] and not _explicitly_deny_user) or _allow_user_override:
                 return True
 
         return False
@@ -583,18 +582,25 @@ class X2GoBroker(object):
 
         return list_of_profiles
 
-    def select_profile(self, profile_name='DEFAULT'):
+    def select_session(self, profile_id):
         """\
         Start/resume a session by selecting a profile name offered by the X2Go client.
 
         The X2Go server that the session is launched on is selected automatically by the X2Go session
         broker.
 
-        @param profile_name: a dictionary object containing information on a selected session profile
-        @type profile_name: C{dict}
+        @param profile_id: the selected profile ID. This matches one of the dictionary keys offered by the C{list_profiles} method
+        @type profile_id: C{dict}
 
         """
-        return {}
+        profile = self.get_profile(profile_id)
+
+        selected_session = {
+            'server': profile[u'host'],
+            'port': profile[u'sshport'],
+        }
+
+        return selected_session
 
     def change_password(self, new='', old=''):
         """\


hooks/post-receive
-- 
x2gobroker.git (HTTP(S) Session broker for X2Go)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).




More information about the x2go-commits mailing list