|
@@ -1,32 +1,11 @@
|
|
|
# lcmlog-server
|
|
|
|
|
|
Server side of a tool for reading and writing the lcm staff logs.
|
|
|
-The program doesn't accept any command line options.
|
|
|
|
|
|
-## Initialize the environment
|
|
|
-To initialize the environment, use the `lcmlog-server-utils` script.
|
|
|
+- `lcmlog-server`: main script
|
|
|
+- `lcmlog-server-utils`: utility script
|
|
|
|
|
|
-### 1) Initialization of the folder structure
|
|
|
-The default directory is `/var/local/log/lcmlog-data`
|
|
|
-
|
|
|
-## The authentication process
|
|
|
-In the script directory there is a folder named `auth` that contain the following files:
|
|
|
-* UPDATE
|
|
|
-* 150/
|
|
|
- * GET
|
|
|
- * POST
|
|
|
-* Admin/
|
|
|
- * GET
|
|
|
- * POST
|
|
|
-
|
|
|
-Every file contains the list of the uid of the users that can send and request logs and update the database. If you want to add a new user, you have to add his uid in these files.
|
|
|
-
|
|
|
-### Manage the authentication process: lcmlog-auth-utils
|
|
|
-The script `lcmlog-auth-utils` can help to manage this authentication process. It offers two options:
|
|
|
-* authinit: called with the `-i` option, it makes the initialization of the auth folder structure.
|
|
|
-* authlookup: called with the `-l` option, show you who is now authorized using `getent`.
|
|
|
-
|
|
|
-## The three methods
|
|
|
+## Input pipeline
|
|
|
The first line is always the name of the method and can be only `GET`, `POST` or `UPDATE`.
|
|
|
|
|
|
### GET
|
|
@@ -48,5 +27,46 @@ The `UPDATE` method is used to regenerate the internal server database.
|
|
|
It should only be called if a log file is added by hand, or if some of the log files get renamed or corrupted.
|
|
|
It assumes that all the log files are correctly formatted.
|
|
|
|
|
|
-## The format of the log files
|
|
|
-_To do_
|
|
|
+## The authentication groups
|
|
|
+There are four authentication groups with the following privileges:
|
|
|
+- 150: `GET 150`, `GET Admin` and `POST 150`.
|
|
|
+- Admin: `GET 150`, `GET Admin`, `POST 150`, `POST Admin` and `UPDATE`.
|
|
|
+- Nirvana (ex admin): `GET 150`, `GET Admin` and `POST Admin`.
|
|
|
+- Valhalla (ex 150): `GET 150` and `GET Admin`.
|
|
|
+
|
|
|
+## Initialize the environment
|
|
|
+The default directory is `/var/local/log/lcmlog-data`.
|
|
|
+
|
|
|
+### 1) Initialization of the folder structure
|
|
|
+Initialize the environment using `lcmlog-server-utils -i`. The structure is:
|
|
|
+- `auth`
|
|
|
+ - `auth.toml`
|
|
|
+ - `150`
|
|
|
+ - `Admin`
|
|
|
+ - `Nirvana`
|
|
|
+ - `Valhalla`
|
|
|
+- `data`
|
|
|
+ - `.data`
|
|
|
+- `logs`
|
|
|
+ - `logfile`
|
|
|
+
|
|
|
+### 2) Add users in authentication groups
|
|
|
+Edit files in `auth` folder for add users in a group. The format of a row is:
|
|
|
+```
|
|
|
+UID username
|
|
|
+```
|
|
|
+
|
|
|
+### 3) Update ACL
|
|
|
+Authentication for read/write is based upon the access control list. To update ACL after _every_ changes in the `auth` folder, use `lcmlog-server-utils -u`.
|
|
|
+
|
|
|
+## Manage the environment
|
|
|
+You can lookup authorizations using `lcmlog-server-utils -l`.
|
|
|
+
|
|
|
+You can change authorizations by editing files in `auth` folder and then using `lcmlog-server-utils -u` to update ACL.
|
|
|
+
|
|
|
+You can change the default privileges of an authentication groups by editing the `auth/auth.toml` file:
|
|
|
+```
|
|
|
+["example-group"]
|
|
|
+auth=["priv-1","priv-2",...]
|
|
|
+```
|
|
|
+The adviable privileges are: `GET 150`, `GET Admin`, `POST 150`, `POST Admin` and `UPDATE`. You don't need to do run any command.
|