forked from libvirt/libvirt
-
Notifications
You must be signed in to change notification settings - Fork 11
/
genaclperms.py
executable file
·121 lines (97 loc) · 3.39 KB
/
genaclperms.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
#!/usr/bin/env python3
#
# Copyright (C) 2013-2019 Red Hat, Inc.
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library. If not, see
# <http://www.gnu.org/licenses/>.
#
import re
import sys
objects = [
"CONNECT", "DOMAIN", "INTERFACE",
"NETWORK_PORT", "NETWORK", "NODE_DEVICE",
"NWFILTER_BINDING", "NWFILTER",
"SECRET", "STORAGE_POOL", "STORAGE_VOL",
]
classes = {}
for obj in objects:
klass = obj.lower()
klass = re.sub(r'''(^\w|_\w)''', lambda a: a.group(1).upper(), klass)
klass = klass.replace("_", "")
klass = klass.replace("Nwfilter", "NWFilter")
klass = "vir" + klass + "Ptr"
classes[obj] = klass
objectstr = "|".join(objects)
opts = {}
in_opts = {}
perms = {}
aclfile = sys.argv[1]
with open(aclfile, "r") as fh:
for line in fh:
if in_opts:
if line.find("*/") != -1:
in_opts = False
else:
m = re.search(r'''\*\s*\@(\w+):\s*(.*?)\s*$''', line)
if m is not None:
opts[m.group(1)] = m.group(2)
elif line.find("**") != -1:
in_opts = True
else:
m = re.search(r'''VIR_ACCESS_PERM_(%s)_((?:\w|_)+),''' %
objectstr, line)
if m is not None:
obj = m.group(1)
perm = m.group(2).lower()
if perm == "last":
continue
perm = perm.replace("_", "-")
if obj not in perms:
perms[obj] = {}
perms[obj][perm] = {
"desc": opts.get("desc", None),
"message": opts.get("message", None),
"anonymous": opts.get("anonymous", None),
}
opts = {}
print('<?xml version="1.0" encoding="UTF-8"?>')
print('<!DOCTYPE html>')
print('<html xmlns="http://www.w3.org/1999/xhtml">')
print(' <body>')
for obj in sorted(perms.keys()):
klass = classes[obj]
olink = "object_" + obj.lower()
print(' <h3><a id="%s">%s</a></h3>' % (olink, klass))
print(' <table>')
print(' <thead>')
print(' <tr>')
print(' <th>Permission</th>')
print(' <th>Description</th>')
print(' </tr>')
print(' </thead>')
print(' <tbody>')
for perm in sorted(perms[obj].keys()):
description = perms[obj][perm]["desc"]
if description is None:
raise Exception("missing description for %s.%s" % (obj, perm))
plink = "perm_" + obj.lower() + "_" + perm.lower()
plink = plink.replace("-", "_")
print(' <tr>')
print(' <td><a id="%s">%s</a></td>' % (plink, perm))
print(' <td>%s</td>' % description)
print(' </tr>')
print(' </tbody>')
print(' </table>')
print(' </body>')
print('</html>')