| Class | Puppet::Network::AuthStore |
| In: |
lib/puppet/network/authstore.rb
|
| Parent: | Object |
# File lib/puppet/network/authstore.rb, line 66
66: def initialize
67: @globalallow = nil
68: @declarations = []
69: end
Mark a given pattern as allowed.
# File lib/puppet/network/authstore.rb, line 15
15: def allow(pattern)
16: # a simple way to allow anyone at all to connect
17: if pattern == "*"
18: @globalallow = true
19: else
20: store(:allow, pattern)
21: end
22:
23: return nil
24: end
Is a given combination of name and ip address allowed? If either input is non-nil, then both inputs must be provided. If neither input is provided, then the authstore is considered local and defaults to "true".
# File lib/puppet/network/authstore.rb, line 29
29: def allowed?(name, ip)
30: if name or ip
31: # This is probably unnecessary, and can cause some weirdnesses in
32: # cases where we're operating over localhost but don't have a real
33: # IP defined.
34: unless name and ip
35: raise Puppet::DevError, "Name and IP must be passed to 'allowed?'"
36: end
37: # else, we're networked and such
38: else
39: # we're local
40: return true
41: end
42:
43: # yay insecure overrides
44: if globalallow?
45: return true
46: end
47:
48: if decl = @declarations.find { |d| d.match?(name, ip) }
49: return decl.result
50: end
51:
52: self.info "defaulting to no access for %s" % name
53: return false
54: end
Deny a given pattern.
# File lib/puppet/network/authstore.rb, line 57
57: def deny(pattern)
58: store(:deny, pattern)
59: end