Commit fb044b4a authored by Pavel Spirek's avatar Pavel Spirek

Operation schema-digest renamed to get-schema-digest, NACM not evaluated...

Operation schema-digest renamed to get-schema-digest, NACM not evaluated anymore for internal operations
parent cd2ffc43
...@@ -554,11 +554,6 @@ class BaseDatastore: ...@@ -554,11 +554,6 @@ class BaseDatastore:
# Invoke an operation # Invoke an operation
def invoke_op_rpc(self, rpc: RpcInfo) -> ObjectValue: def invoke_op_rpc(self, rpc: RpcInfo) -> ObjectValue:
if self.nacm and (not rpc.skip_nacm_check):
nrpc = self.nacm.get_user_nacm(rpc.username)
if nrpc.check_rpc_name(rpc.op_name) == Action.DENY:
raise NacmForbiddenError("Op \"{}\" invocation denied for user \"{}\"".format(rpc.op_name, rpc.username))
if rpc.op_name == "conf-start": if rpc.op_name == "conf-start":
try: try:
cl_name = rpc.op_input_args["name"] cl_name = rpc.op_input_args["name"]
...@@ -611,10 +606,17 @@ class BaseDatastore: ...@@ -611,10 +606,17 @@ class BaseDatastore:
"status": "OK", "status": "OK",
"conf-changed": True "conf-changed": True
} }
elif rpc.op_name == "schema-digest": elif rpc.op_name == "get-schema-digest":
ret_data = self._dm.schema_digest() ret_data = self._dm.schema_digest()
else: else:
# User-defined operation # User-defined operation
if self.nacm and (not rpc.skip_nacm_check):
nrpc = self.nacm.get_user_nacm(rpc.username)
if nrpc.check_rpc_name(rpc.op_name) == Action.DENY:
raise NacmForbiddenError(
"Op \"{}\" invocation denied for user \"{}\"".format(rpc.op_name, rpc.username)
)
op_handler = OP_HANDLERS.get_handler(rpc.op_name) op_handler = OP_HANDLERS.get_handler(rpc.op_name)
if op_handler is None: if op_handler is None:
raise NoHandlerForOpError(rpc.op_name) raise NoHandlerForOpError(rpc.op_name)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment