Revision 5e12acfe doc/rapi.rst

b/doc/rapi.rst
24 24
``/var/lib/ganeti/rapi/users``) on startup. Changes to the file will be
25 25
read automatically.
26 26

  
27
Each line consists of two or three fields separated by whitespace. The
28
first two fields are for username and password. The third field is
29
optional and can be used to specify per-user options. Currently,
30
``write`` is the only option supported and enables the user to execute
31
operations modifying the cluster. Lines starting with the hash sign
32
(``#``) are treated as comments.
27
Lines starting with the hash sign (``#``) are treated as comments. Each
28
line consists of two or three fields separated by whitespace. The first
29
two fields are for username and password. The third field is optional
30
and can be used to specify per-user options (separated by comma without
31
spaces). Available options:
32

  
33
.. pyassert::
34

  
35
  rapi.RAPI_ACCESS_ALL == set([
36
    rapi.RAPI_ACCESS_WRITE,
37
    rapi.RAPI_ACCESS_READ,
38
    ])
39

  
40
:pyeval:`rapi.RAPI_ACCESS_WRITE`
41
  Enables the user to execute operations modifying the cluster. Implies
42
  :pyeval:`rapi.RAPI_ACCESS_READ` access.
43
:pyeval:`rapi.RAPI_ACCESS_READ`
44
  Allow access to operations querying for information.
33 45

  
34 46
Passwords can either be written in clear text or as a hash. Clear text
35 47
passwords may not start with an opening brace (``{``) or they must be
......
51 63
  # Hashed password for Jessica
52 64
  jessica {HA1}7046452df2cbb530877058712cf17bd4 write
53 65

  
66
  # Monitoring can query for values
67
  monitoring {HA1}ec018ffe72b8e75bb4d508ed5b6d079c query
68

  
69
  # A user who can query and write
70
  superuser {HA1}ec018ffe72b8e75bb4d508ed5b6d079c query,write
71

  
54 72

  
55 73
.. [#pwhash] Using the MD5 hash of username, realm and password is
56 74
   described in :rfc:`2617` ("HTTP Authentication"), sections 3.2.2.2
......
1121 1139

  
1122 1140
Request information for connecting to instance's console.
1123 1141

  
1124
Supports the following commands: ``GET``.
1142
.. pyassert::
1143

  
1144
  not (hasattr(rlib2.R_2_instances_name_console, "PUT") or
1145
       hasattr(rlib2.R_2_instances_name_console, "POST") or
1146
       hasattr(rlib2.R_2_instances_name_console, "DELETE"))
1147

  
1148
Supports the following commands: ``GET``. Requires authentication with
1149
one of the following options:
1150
:pyeval:`utils.CommaJoin(rlib2.R_2_instances_name_console.GET_ACCESS)`.
1125 1151

  
1126 1152
``GET``
1127 1153
~~~~~~~
......
1640 1666
:pyeval:`utils.CommaJoin(constants.QR_VIA_RAPI)`. See the :doc:`query2
1641 1667
design document <design-query2>` for more details.
1642 1668

  
1643
Supports the following commands: ``GET``, ``PUT``.
1669
.. pyassert::
1670

  
1671
  (rlib2.R_2_query.GET_ACCESS == rlib2.R_2_query.PUT_ACCESS and
1672
   not (hasattr(rlib2.R_2_query, "POST") or
1673
        hasattr(rlib2.R_2_query, "DELETE")))
1674

  
1675
Supports the following commands: ``GET``, ``PUT``. Requires
1676
authentication with one of the following options:
1677
:pyeval:`utils.CommaJoin(rlib2.R_2_query.GET_ACCESS)`.
1644 1678

  
1645 1679
``GET``
1646 1680
~~~~~~~

Also available in: Unified diff