Mentions légales du service

Skip to content
Snippets Groups Projects
Commit 593aeb2a authored by Cyril Rohr's avatar Cyril Rohr
Browse files

Added preliminary descriptions of the authorization, jobsets, statuses and oar services.

parent db478fd3
No related branches found
No related tags found
No related merge requests found
{
"contact": "cyril.rohr@irisa.fr",
"description": "Returns the access policy for a particular service accessed by a given user.",
"doc": "\/authorization\/doc",
"name": "Authorization",
"type": "service",
"uid": "authorization",
"uri": "\/authorization"
}
\ No newline at end of file
{
"description": "Manages the creation\/deletion and update of job sets.",
"doc": "\/jobsets\/doc",
"name": "Jobsets",
"policies": {
"DELETE": {
"admin_groups": "CT",
"authorized_groups": "rennes,grenoble,bordeaux,toulouse,sophia,orsay,nancy,lille,lyon",
"user_must_be_owner": true
},
"GET": {
"admin_groups": "CT",
"authorized_groups": "rennes,grenoble,bordeaux,toulouse,sophia,orsay,nancy,lille,lyon",
"user_must_be_owner": true
},
"POST": {
"admin_groups": "CT",
"authorized_groups": "rennes,grenoble,bordeaux,toulouse,sophia,orsay,nancy,lille,lyon",
"user_must_be_owner": true
},
"PUT": {
"admin_groups": "CT",
"authorized_groups": "rennes,grenoble,bordeaux,toulouse,sophia,orsay,nancy,lille,lyon",
"user_must_be_owner": true
}
},
"type": "service",
"uid": "jobsets",
"uri": "\/jobsets"
}
\ No newline at end of file
{
"contact": "bruno.bzeznik@imag.fr",
"description": null,
"doc": null,
"name": "OAR",
"type": "service",
"uid": "oar",
"uri": "\/oar-site"
}
\ No newline at end of file
{
"contact": "cyril.rohr@irisa.fr",
"description": "Returns the status of a given resource.",
"doc": "\/statuses\/doc",
"name": "Statuses",
"type": "service",
"uid": "statuses",
"uri": "\/statuses"
}
\ No newline at end of file
# TODO: services and their access policies # +policies+ is a hash describing the policies for authorizing or refusing access to a particular operation on a specific service:
\ No newline at end of file # * the key is the name of the operation (in the case of REST APIs, the operation should be one of the HTTP methods);
# * the value is a hash that must contain:
# - a comma separated list of +authorized_groups+ ("*" if no restriction),
# - a +user_must_be_owner+ boolean indicating if the user requesting the resource must also own it and,
# - a comma separated list of +admin_groups+, who will be able to access the resource even if they do not own it.
# No +policies+ means that the authorization decision is delegated to the API receiving the request.
service :authorization do
name "Authorization"
description "Returns the access policy for a particular service accessed by a given user."
doc "/authorization/doc"
uri "/authorization"
contact "cyril.rohr@irisa.fr"
end
service :jobsets do
name "Jobsets"
description "Manages the creation/deletion and update of job sets."
uri "/jobsets"
doc "/jobsets/doc"
policies( 'GET' => {:admin_groups => "CT", :authorized_groups => SITES.join(","), :user_must_be_owner => true},
'POST' => {:admin_groups => "CT", :authorized_groups => SITES.join(","), :user_must_be_owner => true},
'DELETE' => {:admin_groups => "CT", :authorized_groups => SITES.join(","), :user_must_be_owner => true},
'PUT' => {:admin_groups => "CT", :authorized_groups => SITES.join(","), :user_must_be_owner => true} )
end
service :statuses do
name "Statuses"
uri "/statuses"
doc "/statuses/doc"
contact "cyril.rohr@irisa.fr"
description "Returns the status of a given resource."
end
service :oar do
name "OAR"
uri "/oar-site"
doc
contact "bruno.bzeznik@imag.fr"
description
end
\ No newline at end of file
module G5K module G5K
SITES = %w{rennes grenoble bordeaux toulouse sophia orsay nancy lille lyon}
class Tree < Hash class Tree < Hash
attr_reader :contents, :path attr_reader :contents, :path
def write(repository, &block) def write(repository, &block)
...@@ -48,14 +50,14 @@ module G5K ...@@ -48,14 +50,14 @@ module G5K
end end
end end
class ReferenceGenerator class ReferenceGenerator
attr_reader :data attr_reader :data
def method_missing(method, *args) def method_missing(method, *args)
@context.recursive_merge!(method.to_sym => args.first) @context.recursive_merge!(method.to_sym => args.first)
end end
%w{site cluster environment node}.each do |method| %w{site cluster environment node service}.each do |method|
define_method(method) do |uid, *options, &block| define_method(method) do |uid, *options, &block|
key = method.pluralize.to_sym key = method.pluralize.to_sym
uid = uid.to_s uid = uid.to_s
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment