diff options
author | John Keiser <jkeiser@opscode.com> | 2014-07-24 18:54:51 -0600 |
---|---|---|
committer | John Keiser <jkeiser@opscode.com> | 2014-08-22 09:20:48 -0700 |
commit | 317d7231983fea9a6f4e59a1451e80e58e0d781a (patch) | |
tree | 411ac89b17bd9da14eb55b00d4a139e5e1982283 | |
parent | 5c6c2a6921fe8c7d091854eb644ac0f42208126e (diff) | |
download | chef-zero-317d7231983fea9a6f4e59a1451e80e58e0d781a.tar.gz |
Clients have access to themselves
-rw-r--r-- | lib/chef_zero/data_normalizer.rb | 4 | ||||
-rw-r--r-- | lib/chef_zero/endpoints/acl_base.rb | 3 | ||||
-rw-r--r-- | lib/chef_zero/endpoints/acl_endpoint.rb | 2 | ||||
-rw-r--r-- | lib/chef_zero/endpoints/acls_endpoint.rb | 2 |
4 files changed, 7 insertions, 4 deletions
diff --git a/lib/chef_zero/data_normalizer.rb b/lib/chef_zero/data_normalizer.rb index 463cc47..8f592d4 100644 --- a/lib/chef_zero/data_normalizer.rb +++ b/lib/chef_zero/data_normalizer.rb @@ -3,10 +3,10 @@ require 'chef_zero/rest_base' module ChefZero class DataNormalizer - def self.normalize_acls(acls, requestor) + def self.normalize_acls(acls) %w(create read update delete grant).each do |perm| acls[perm] ||= {} - acls[perm]['actors'] ||= [ requestor ] + acls[perm]['actors'] ||= [] acls[perm]['groups'] ||= [ 'admins' ] end acls diff --git a/lib/chef_zero/endpoints/acl_base.rb b/lib/chef_zero/endpoints/acl_base.rb index b527ff0..352cd8d 100644 --- a/lib/chef_zero/endpoints/acl_base.rb +++ b/lib/chef_zero/endpoints/acl_base.rb @@ -33,6 +33,9 @@ module ChefZero acls[perm] ||= {} acls[perm]['actors'] ||= [] acls[perm]['actors'] = owners | acls[perm]['actors'] + if path.size == 4 && path[0] == 'organizations' && path[2] == 'clients' + acls[perm]['actors'] |= [ path[3] ] + end end acls end diff --git a/lib/chef_zero/endpoints/acl_endpoint.rb b/lib/chef_zero/endpoints/acl_endpoint.rb index 072e8cb..9470dfc 100644 --- a/lib/chef_zero/endpoints/acl_endpoint.rb +++ b/lib/chef_zero/endpoints/acl_endpoint.rb @@ -29,7 +29,7 @@ module ChefZero # Needs to be 405, but account returns 404 raise RestErrorResponse.new(404, "Object not found: #{build_uri(request.base_uri, request.rest_path)}") end - acls = DataNormalizer.normalize_acls(get_acls(request, path), request.requestor) + acls = DataNormalizer.normalize_acls(get_acls(request, path)) json_response(200, { perm => acls[perm] }) end diff --git a/lib/chef_zero/endpoints/acls_endpoint.rb b/lib/chef_zero/endpoints/acls_endpoint.rb index 9208a6d..ec0fd34 100644 --- a/lib/chef_zero/endpoints/acls_endpoint.rb +++ b/lib/chef_zero/endpoints/acls_endpoint.rb @@ -13,7 +13,7 @@ module ChefZero class AclsEndpoint < AclBase def get(request) path = request.rest_path[0..-2] # Strip off _acl - acls = DataNormalizer.normalize_acls(get_acls(request, path), request.requestor) + acls = DataNormalizer.normalize_acls(get_acls(request, path)) json_response(200, acls) end |