diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | TODO | 6 | ||||
| -rw-r--r-- | client/wallet.pod | 8 | ||||
| -rwxr-xr-x | server/wallet-backend | 16 | ||||
| -rw-r--r-- | tests/server/backend-t.in | 12 |
5 files changed, 39 insertions, 5 deletions
@@ -2,6 +2,8 @@ wallet 0.3 (unreleased) + Add support for displaying the history of objects and ACLs. + The keytab backend now supports limiting generated keytabs to particular enctypes by setting an attribute on the object. @@ -12,10 +12,6 @@ Minimum required to replace leland_srvtab: Release 0.3: -* Provide some way of getting at the history tables. Need to get object - and ACL history either by object or for all objects, at least. Global - history should be by timestamp and possibly limit by timestamp. - * Log all server actions to syslog. * Write the NetDB ACL verifier. @@ -114,6 +110,8 @@ Future work: * Support displaying and possibly specifying dates in some format more normal than seconds since epoch. +* Support limiting returned history information by timestamp. + * There is a lot of duplicate code in wallet-backend. Convert that to use some sort of data-driven model with argument count and flags so that the method calls can be written only once. diff --git a/client/wallet.pod b/client/wallet.pod index 957cd24..779e691 100644 --- a/client/wallet.pod +++ b/client/wallet.pod @@ -155,6 +155,14 @@ Destroy the ACL <id>. This ACL must no longer be referenced by any object or the ACL destruction will fail. The special ACL named C<ADMIN> cannot be destroyed. +=item acl history <id> + +Display the history of the ACL <id>. Each change to the ACL (not +including changes to the name of the ACL) will be represented by two +lines. The first line will have a timestamp of the change followed by a +description of the change, and the second line will give the user who made +the change and the host from which the change was mde. + =item acl remove <id> <scheme> <identifier> Remove the entry with <scheme> and <identifier> from the ACL <id>. <id> diff --git a/server/wallet-backend b/server/wallet-backend index 3f84ecd..ceb5b84 100755 --- a/server/wallet-backend +++ b/server/wallet-backend @@ -71,6 +71,14 @@ sub command { } elsif ($action eq 'destroy') { check_args (1, 1, [], @args); $server->acl_destroy (@args) or die $server->error; + } elsif ($action eq 'history') { + check_args (1, 1, [], @args); + my $output = $server->acl_history (@args); + if (defined $output) { + print $output; + } else { + die $server->error; + } } elsif ($action eq 'remove') { check_args (3, 3, [], @args); $server->acl_remove (@args) or die $server->error; @@ -271,6 +279,14 @@ Destroy the ACL <id>. This ACL must no longer be referenced by any object or the ACL destruction will fail. The special ACL named C<ADMIN> cannot be destroyed. +=item acl history <id> + +Display the history of the ACL <id>. Each change to the ACL (not +including changes to the name of the ACL) will be represented by two +lines. The first line will have a timestamp of the change followed by a +description of the change, and the second line will give the user who made +the change and the host from which the change was mde. + =item acl remove <id> <scheme> <identifier> Remove the entry with <scheme> and <identifier> from the ACL <id>. <id> diff --git a/tests/server/backend-t.in b/tests/server/backend-t.in index 85fb0ce..761b1ef 100644 --- a/tests/server/backend-t.in +++ b/tests/server/backend-t.in @@ -9,7 +9,7 @@ use strict; use IO::String; -use Test::More tests => 802; +use Test::More tests => 812; # Create a dummy class for Wallet::Server that prints what method was called # with its arguments and returns data for testing. @@ -45,6 +45,13 @@ sub acl_remove sub acl_rename { shift; print "acl_rename @_\n"; ($_[0] eq 'error') ? undef : 1 } +sub acl_history { + shift; + print "acl_history @_\n"; + return if $_[0] eq 'error'; + return 'acl_history'; +} + sub acl_show { shift; print "acl_show @_\n"; @@ -190,6 +197,7 @@ my %commands = (create => [2, 2], my %acl_commands = (add => [3, 3], create => [1, 1], destroy => [1, 1], + history => [1, 1], remove => [3, 3], rename => [2, 2], show => [1, 1]); @@ -331,6 +339,8 @@ for my $command (sort keys %acl_commands) { my $expected; if ($command eq 'show') { $expected = "$new\nacl_$command name$extra\nacl_show"; + } elsif ($command eq 'history') { + $expected = "$new\nacl_$command name$extra\nacl_history"; } else { $expected = "$new\nacl_$command name$extra\n"; } |