[X2Go-Commits] x2gobroker.git - build-main (branch) updated: efadd7bc9a73ae99a0a537ec308a074666a085a0
X2Go dev team
git-admin at x2go.org
Sun May 19 13:04:39 CEST 2013
The branch, build-main has been updated
via efadd7bc9a73ae99a0a537ec308a074666a085a0 (commit)
from 96019c8aaf5c5cf2d6587314232411b523dc73fd (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
x2gobroker/brokers/base_broker.py | 60 ++++++++++++++++++++-----------------
1 file changed, 33 insertions(+), 27 deletions(-)
The diff of changes is:
diff --git a/x2gobroker/brokers/base_broker.py b/x2gobroker/brokers/base_broker.py
index 4ab60c8..caaf85c 100644
--- a/x2gobroker/brokers/base_broker.py
+++ b/x2gobroker/brokers/base_broker.py
@@ -196,15 +196,14 @@ class X2GoBroker(object):
_acls = self.get_acl_defaults()
_acls.update(acls)
-
_order = {}
- _order['users'] = _order['groups'] = _order['clients'] = _acls['acl-any-order']
+ _order[u'users'] = _order[u'groups'] = _order[u'clients'] = _acls[u'acl-any-order']
- try: _order['users'] = _acls['acl-users-order']
+ try: _order[u'users'] = _acls[u'acl-users-order']
except KeyError: pass
- try: _order['groups'] = _acls['acl-groups-order']
+ try: _order[u'groups'] = _acls[u'acl-groups-order']
except KeyError: pass
- try: _order['clients'] = _acls['acl-clients-order']
+ try: _order[u'clients'] = _acls[u'acl-clients-order']
except KeyError: pass
# to pass an ACL test, all three keys in the dict below have to be set to True
@@ -225,62 +224,62 @@ class X2GoBroker(object):
### clients access is granted first, if that fails then we return False here...
# FIXME: provide code for client based access control
- if not _grant_availability['by_client']:
+ if not _grant_availability[u'by_client']:
return False
### no user/group ACLs are in use, allow access then...
- if len(_acls['acl-users-allow'] + _acls['acl-users-deny'] + _acls['acl-groups-allow'] + _acls['acl-groups-deny']) == 0:
+ if len(_acls[u'acl-users-allow'] + _acls[u'acl-users-deny'] + _acls[u'acl-groups-allow'] + _acls[u'acl-groups-deny']) == 0:
return True
### CHECKING on a per-user basis...
_allow_user_override = False
_explicitly_deny_user = False
- if len( _acls['acl-users-allow'] + _acls['acl-users-deny'] ) > 0:
+ if len( _acls[u'acl-users-allow'] + _acls[u'acl-users-deny'] ) > 0:
_allow_user = False
_deny_user = False
- if username in _acls['acl-users-allow'] or 'ALL' in _acls['acl-users-allow']:
+ if username in _acls[u'acl-users-allow'] or u'ALL' in _acls[u'acl-users-allow']:
_allow_user_override = True
_allow_user = True
- if username in _acls['acl-users-deny']:
+ if username in _acls[u'acl-users-deny']:
_explicitly_deny_user = True
- if _explicitly_deny_user or ('ALL' in _acls['acl-users-deny']):
+ if _explicitly_deny_user or (u'ALL' in _acls[u'acl-users-deny']):
_deny_user = True
- if _order['users'] == 'allow-deny':
- _grant_availability['by_user'] = (_allow_user or _deny_user) and (_allow_user and (not _deny_user))
+ if _order[u'users'] == 'allow-deny':
+ _grant_availability[u'by_user'] = (_allow_user or _deny_user) and (_allow_user and (not _deny_user))
else:
- _grant_availability['by_user'] = (_allow_user or _deny_user) and ((not _deny_user) or _allow_user)
+ _grant_availability[u'by_user'] = (_allow_user or _deny_user) and ((not _deny_user) or _allow_user)
# if a user has been granted access directly, then the corresponding session profile(s)
# will be provided to him/her, it does not matter what the group acl will have to say to this...
- if _grant_availability['by_user']:
+ if _grant_availability[u'by_user']:
return True
### CHECKING on a per-group basis...
- if len(_acls['acl-groups-allow'] + _acls['acl-groups-deny']) > 0:
+ if len(_acls[u'acl-groups-allow'] + _acls[u'acl-groups-deny']) > 0:
_allow_group = False
_deny_group = False
- _user_groups = ['ALL'] + self.get_user_groups(username, primary_groups=True)
+ _user_groups = [u'ALL'] + self.get_user_groups(username, primary_groups=True)
- _allow_group = bool(len(set(_user_groups).intersection( set(_acls['acl-groups-allow']) )))
- _deny_group = bool(len(set(_user_groups).intersection( set(_acls['acl-groups-deny']) )))
+ _allow_group = bool(len(set(_user_groups).intersection( set(_acls[u'acl-groups-allow']) )))
+ _deny_group = bool(len(set(_user_groups).intersection( set(_acls[u'acl-groups-deny']) )))
- if _order['groups'] == 'allow-deny':
- _grant_availability['by_group'] = (_allow_group or _deny_group) and (_allow_group and (not _deny_group))
+ if _order[u'groups'] == 'allow-deny':
+ _grant_availability[u'by_group'] = (_allow_group or _deny_group) and (_allow_group and (not _deny_group))
else:
- _grant_availability['by_group'] = (_allow_group or _deny_group) and (not _deny_group) or _allow_group
+ _grant_availability[u'by_group'] = (_allow_group or _deny_group) and (not _deny_group) or _allow_group
# if a group has been granted access, with one exception: if the thread model for users is
# allow-deny, then we presume that the acl-users-deny entry has precendence over
# acl-groups-allow/acl-groups-deny.
- if (_grant_availability['by_group'] and not _explicitly_deny_user) or _allow_user_override:
+ if (_grant_availability[u'by_group'] and not _explicitly_deny_user) or _allow_user_override:
return True
return False
@@ -583,18 +582,25 @@ class X2GoBroker(object):
return list_of_profiles
- def select_profile(self, profile_name='DEFAULT'):
+ def select_session(self, profile_id):
"""\
Start/resume a session by selecting a profile name offered by the X2Go client.
The X2Go server that the session is launched on is selected automatically by the X2Go session
broker.
- @param profile_name: a dictionary object containing information on a selected session profile
- @type profile_name: C{dict}
+ @param profile_id: the selected profile ID. This matches one of the dictionary keys offered by the C{list_profiles} method
+ @type profile_id: C{dict}
"""
- return {}
+ profile = self.get_profile(profile_id)
+
+ selected_session = {
+ 'server': profile[u'host'],
+ 'port': profile[u'sshport'],
+ }
+
+ return selected_session
def change_password(self, new='', old=''):
"""\
hooks/post-receive
--
x2gobroker.git (HTTP(S) Session broker for X2Go)
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "x2gobroker.git" (HTTP(S) Session broker for X2Go).
More information about the x2go-commits
mailing list