diff options
| author | Russ Allbery <rra@stanford.edu> | 2007-09-18 23:40:37 +0000 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2007-09-18 23:40:37 +0000 |
| commit | 088e2ecba73fedebb0b7729a1f07022fd6155c22 (patch) | |
| tree | 2d55f924132d08cb1ebd56a5c482db5d855f9a47 | |
| parent | e435832256e0ba069b771e9bb350e749600efcd4 (diff) | |
Document the locked flag in the server backend and client man pages.
Document locked flag issues when implementing a new object type.
| -rw-r--r-- | TODO | 2 | ||||
| -rw-r--r-- | client/wallet.pod | 5 | ||||
| -rw-r--r-- | docs/design-api | 10 | ||||
| -rwxr-xr-x | server/wallet-backend | 5 |
4 files changed, 20 insertions, 2 deletions
@@ -5,8 +5,6 @@ Required to replace leland_srvtab: * Implement support for the unchanging flag on keytabs and the backend remctl calls to retrieve the existing keytab. -* Implement the locked flag. - * Add arbitrary attribute setting and retrieval to objects and include the attributes in the object show display. diff --git a/client/wallet.pod b/client/wallet.pod index a330b0a..263e623 100644 --- a/client/wallet.pod +++ b/client/wallet.pod @@ -111,6 +111,11 @@ Administrators can run any command on any object or ACL except for C<get> and C<store>. For C<get> and C<show>, they must still be authorized by either the appropriate specific ACL or the owner ACL. +If the locked flag is set on an object, no commands can be run on that +object that change data except the C<flags> commands, nor can the C<get> +command be used on that object. C<show>, C<getacl>, and C<owner> or +C<expires> without an argument can still be used on that object. + =over 4 =item acl add <id> <scheme> <identifier> diff --git a/docs/design-api b/docs/design-api index 48c5a66..af2ff65 100644 --- a/docs/design-api +++ b/docs/design-api @@ -45,6 +45,10 @@ Object API administrator will want to destroy an orphaned wallet database entry after something happened to the remote system entry. + If you override this method and perform actions before calling the + parent method, be sure to check the locked flag first and abort if the + object is locked. + flag_clear(FLAG, PRINCIPAL, HOSTNAME [, DATETIME]) Normally, objects won't have to override this method, but if the @@ -68,6 +72,9 @@ Object API Don't forget to call log_action() after successfully retrieving the data to update the history and trace information. + Be sure to check the locked flag first and abort if the object is + locked before returning any data. + store(DATA, PRINCIPAL, HOSTNAME [, DATETIME]) Store user-supplied data into the given object. This may not be @@ -76,6 +83,9 @@ Object API storing data can just not implement this method and the default store() method will return an appropriate error. + Be sure to check the locked flag first and abort if the object is + locked without storing any data. + If this method is implemented, don't forget to call log_action() after successfully storing the data to update the history and trace information. diff --git a/server/wallet-backend b/server/wallet-backend index 1eafee5..b54f6c3 100755 --- a/server/wallet-backend +++ b/server/wallet-backend @@ -223,6 +223,11 @@ Administrators can run any command on any object or ACL except for C<get> and C<store>. For C<get> and C<show>, they must still be authorized by either the appropriate specific ACL or the owner ACL. +If the locked flag is set on an object, no commands can be run on that +object that change data except the C<flags> commands, nor can the C<get> +command be used on that object. C<show>, C<getacl>, and C<owner> or +C<expires> without an argument can still be used on that object. + =over 4 =item acl add <id> <scheme> <identifier> |