Changeset 12926


Ignore:
Timestamp:
09/01/15 14:10:37 (4 years ago)
Author:
jkarder
Message:

#2355:

  • changed sandboxing to always use an unrestricted permission set
  • removed IsAllowedPrivileged role and according IsPrivileged code
Location:
trunk/sources
Files:
19 edited

Legend:

Unmodified
Added
Removed
  • trunk/sources/HeuristicLab.Clients.Hive.Administrator/3.3/HiveRoles.cs

    r12012 r12926  
    2828    public const string User = "Hive User";
    2929    public const string Slave = "Hive Slave";
    30     public const string IsAllowedPrivileged = "Hive IsAllowedPrivileged";
    3130
    3231    public static bool CheckAdminUserPermissions() {
  • trunk/sources/HeuristicLab.Clients.Hive.JobManager/3.3/Views/RefreshableHiveJobView.Designer.cs

    r12012 r12926  
    7070      this.toolTip = new System.Windows.Forms.ToolTip(this.components);
    7171      this.refreshButton = new System.Windows.Forms.Button();
    72       this.isPrivilegedCheckBox = new System.Windows.Forms.CheckBox();
    7372      this.UnloadButton = new System.Windows.Forms.Button();
    7473      this.refreshAutomaticallyCheckBox = new System.Windows.Forms.CheckBox();
     
    332331      this.resourceNamesTextBox.Location = new System.Drawing.Point(70, 52);
    333332      this.resourceNamesTextBox.Name = "resourceNamesTextBox";
    334       this.resourceNamesTextBox.Size = new System.Drawing.Size(385, 20);
     333      this.resourceNamesTextBox.Size = new System.Drawing.Size(471, 20);
    335334      this.resourceNamesTextBox.TabIndex = 2;
    336335      this.resourceNamesTextBox.Validated += new System.EventHandler(this.resourceNamesTextBox_Validated);
     
    365364      this.refreshButton.UseVisualStyleBackColor = true;
    366365      this.refreshButton.Click += new System.EventHandler(this.refreshButton_Click);
    367       //
    368       // isPrivilegedCheckBox
    369       //
    370       this.isPrivilegedCheckBox.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Right)));
    371       this.isPrivilegedCheckBox.AutoSize = true;
    372       this.isPrivilegedCheckBox.Location = new System.Drawing.Point(491, 54);
    373       this.isPrivilegedCheckBox.Name = "isPrivilegedCheckBox";
    374       this.isPrivilegedCheckBox.Size = new System.Drawing.Size(72, 17);
    375       this.isPrivilegedCheckBox.TabIndex = 3;
    376       this.isPrivilegedCheckBox.Text = "Privileged";
    377       this.toolTip.SetToolTip(this.isPrivilegedCheckBox, "If checked, the task will be executed in a privileged sandbox on the slave.");
    378       this.isPrivilegedCheckBox.UseVisualStyleBackColor = true;
    379       this.isPrivilegedCheckBox.CheckedChanged += new System.EventHandler(this.isPrivilegedCheckBox_CheckChanged);
    380366      //
    381367      // UnloadButton
     
    475461      this.searchButton.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Right)));
    476462      this.searchButton.Image = HeuristicLab.Common.Resources.VSImageLibrary.Zoom;
    477       this.searchButton.Location = new System.Drawing.Point(461, 50);
     463      this.searchButton.Location = new System.Drawing.Point(547, 50);
    478464      this.searchButton.Name = "searchButton";
    479465      this.searchButton.Size = new System.Drawing.Size(24, 24);
     
    487473      this.Controls.Add(this.UnloadButton);
    488474      this.Controls.Add(this.searchButton);
    489       this.Controls.Add(this.isPrivilegedCheckBox);
    490475      this.Controls.Add(this.infoGroupBox);
    491476      this.Controls.Add(this.refreshAutomaticallyCheckBox);
     
    542527    private System.Windows.Forms.Label calculatingLabel;
    543528    private System.Windows.Forms.Label jobsLabel;
    544     private System.Windows.Forms.CheckBox isPrivilegedCheckBox;
    545529    private System.Windows.Forms.TabPage stateTabPage;
    546530    private HeuristicLab.MainForm.WindowsForms.ViewHost stateLogViewHost;
  • trunk/sources/HeuristicLab.Clients.Hive.JobManager/3.3/Views/RefreshableHiveJobView.cs

    r12012 r12926  
    119119          executionTimeTextBox.Text = string.Empty;
    120120          resourceNamesTextBox.Text = string.Empty;
    121           isPrivilegedCheckBox.Checked = false;
    122121          refreshAutomaticallyCheckBox.Checked = false;
    123122          lock (runCollectionViewLocker) {
     
    132131          executionTimeTextBox.Text = Content.ExecutionTime.ToString();
    133132          resourceNamesTextBox.Text = Content.Job.ResourceNames;
    134           isPrivilegedCheckBox.Checked = Content.Job.IsPrivileged;
    135133          refreshAutomaticallyCheckBox.Checked = Content.RefreshAutomatically;
    136134          logView.Content = Content.Log;
     
    163161      searchButton.Enabled = !Locked;
    164162      jobsTreeView.Enabled = !Locked;
    165       isPrivilegedCheckBox.Enabled = !Locked;
    166163      refreshAutomaticallyCheckBox.Enabled = !Locked;
    167164      refreshButton.Enabled = !Locked;
     
    191188          this.jobsTreeView.ReadOnly = !Content.IsControllable || Content.ExecutionState != ExecutionState.Prepared || alreadyUploaded || Content.IsProgressing;
    192189
    193           this.isPrivilegedCheckBox.Enabled = HiveClient.Instance.IsAllowedPrivileged && Content.IsControllable && !(Content.ExecutionState != ExecutionState.Prepared || alreadyUploaded) && !Content.IsProgressing;
    194190          this.refreshAutomaticallyCheckBox.Enabled = Content.IsControllable && alreadyUploaded && jobsLoaded && Content.ExecutionState == ExecutionState.Started && !Content.IsProgressing;
    195191          this.refreshButton.Enabled = Content.IsDownloadable && alreadyUploaded && !Content.IsProgressing;
     
    279275      lock (runCollectionViewLocker) {
    280276        runCollectionViewHost.Content = GetAllRunsFromJob(Content);
    281       }
    282       if (InvokeRequired) {
    283         Invoke(new Action(() => { isPrivilegedCheckBox.Checked = Content.Job.IsPrivileged; }));
    284       } else {
    285         isPrivilegedCheckBox.Checked = Content.Job.IsPrivileged;
    286277      }
    287278    }
     
    423414    }
    424415
    425     private void isPrivilegedCheckBox_CheckChanged(object sender, EventArgs e) {
    426       if (Content != null && !SuppressEvents) Content.Job.IsPrivileged = isPrivilegedCheckBox.Checked;
    427     }
    428 
    429416    private void refreshButton_Click(object sender, EventArgs e) {
    430417      var invoker = new Action<RefreshableJob>(HiveClient.LoadJob);
  • trunk/sources/HeuristicLab.Clients.Hive.Slave/3.3/SlaveTask.cs

    r12920 r12926  
    105105
    106106    private AppDomain CreateAppDomain(Task task, String pluginDir, string configFileName) {
    107       if (task.IsPrivileged) {
    108         appDomain = SandboxManager.CreateAndInitPrivilegedSandbox(task.Id.ToString(), pluginDir, Path.Combine(pluginDir, configFileName));
    109       } else {
    110         appDomain = SandboxManager.CreateAndInitSandbox(task.Id.ToString(), pluginDir, Path.Combine(pluginDir, configFileName));
    111       }
     107      appDomain = SandboxManager.CreateAndInitSandbox(task.Id.ToString(), pluginDir, Path.Combine(pluginDir, configFileName));
    112108      appDomain.UnhandledException += new UnhandledExceptionEventHandler(AppDomain_UnhandledException);
    113109
  • trunk/sources/HeuristicLab.Clients.Hive/3.3/HiveClient.cs

    r12579 r12926  
    6868      set { alreadyUploadedPlugins = value; }
    6969    }
    70 
    71     private bool isAllowedPrivileged;
    72     public bool IsAllowedPrivileged {
    73       get { return isAllowedPrivileged; }
    74       set { isAllowedPrivileged = value; }
    75     }
    7670    #endregion
    7771
     
    9993
    10094      try {
    101         IsAllowedPrivileged = HiveServiceLocator.Instance.CallHiveService((s) => s.IsAllowedPrivileged());
    102 
    10395        jobs = new HiveItemCollection<RefreshableJob>();
    10496        var jobsLoaded = HiveServiceLocator.Instance.CallHiveService<IEnumerable<Job>>(s => s.GetJobs());
     
    275267        refreshableJob.Progress.Status = "Uploading Job...";
    276268        refreshableJob.Job.Id = HiveServiceLocator.Instance.CallHiveService((s) => s.AddJob(refreshableJob.Job));
    277         bool isPrivileged = refreshableJob.Job.IsPrivileged;
    278269        refreshableJob.Job = HiveServiceLocator.Instance.CallHiveService((s) => s.GetJob(refreshableJob.Job.Id)); // update owner and permissions
    279         refreshableJob.Job.IsPrivileged = isPrivileged;
    280270        cancellationToken.ThrowIfCancellationRequested();
    281271
     
    298288        foreach (HiveTask hiveTask in refreshableJob.HiveTasks) {
    299289          var task = TS.Task.Factory.StartNew((hj) => {
    300             UploadTaskWithChildren(refreshableJob.Progress, (HiveTask)hj, null, resourceIds, jobCount, totalJobCount, configFilePlugin.Id, refreshableJob.Job.Id, refreshableJob.Log, refreshableJob.Job.IsPrivileged, cancellationToken);
     290            UploadTaskWithChildren(refreshableJob.Progress, (HiveTask)hj, null, resourceIds, jobCount, totalJobCount, configFilePlugin.Id, refreshableJob.Job.Id, refreshableJob.Log, cancellationToken);
    301291          }, hiveTask);
    302292          task.ContinueWith((x) => refreshableJob.Log.LogException(x.Exception), TaskContinuationOptions.OnlyOnFaulted);
     
    343333    /// </summary>
    344334    /// <param name="parentHiveTask">shall be null if its the root task</param>
    345     private void UploadTaskWithChildren(IProgress progress, HiveTask hiveTask, HiveTask parentHiveTask, IEnumerable<Guid> groups, int[] taskCount, int totalJobCount, Guid configPluginId, Guid jobId, ILog log, bool isPrivileged, CancellationToken cancellationToken) {
     335    private void UploadTaskWithChildren(IProgress progress, HiveTask hiveTask, HiveTask parentHiveTask, IEnumerable<Guid> groups, int[] taskCount, int totalJobCount, Guid configPluginId, Guid jobId, ILog log, CancellationToken cancellationToken) {
    346336      taskUploadSemaphore.WaitOne();
    347337      bool semaphoreReleased = false;
     
    375365        hiveTask.Task.PluginsNeededIds.Add(configPluginId);
    376366        hiveTask.Task.JobId = jobId;
    377         hiveTask.Task.IsPrivileged = isPrivileged;
    378367
    379368        log.LogMessage(string.Format("Uploading task ({0} kb, {1} objects)", taskData.Data.Count() / 1024, hiveTask.ItemTask.GetObjectGraphObjects().Count()));
     
    398387          var task = TS.Task.Factory.StartNew((tuple) => {
    399388            var arguments = (Tuple<HiveTask, HiveTask>)tuple;
    400             UploadTaskWithChildren(progress, arguments.Item1, arguments.Item2, groups, taskCount, totalJobCount, configPluginId, jobId, log, isPrivileged, cancellationToken);
     389            UploadTaskWithChildren(progress, arguments.Item1, arguments.Item2, groups, taskCount, totalJobCount, configPluginId, jobId, log, cancellationToken);
    401390          }, new Tuple<HiveTask, HiveTask>(child, hiveTask));
    402391          task.ContinueWith((x) => log.LogException(x.Exception), TaskContinuationOptions.OnlyOnFaulted);
     
    442431        IDictionary<Guid, HiveTask> allHiveTasks = downloader.Results;
    443432        var parents = allHiveTasks.Values.Where(x => !x.Task.ParentTaskId.HasValue);
    444         refreshableJob.Job.IsPrivileged = allHiveTasks.Any(x => x.Value.Task.IsPrivileged);
    445433
    446434        refreshableJob.Progress.Status = "Downloading/deserializing complete. Displaying tasks...";
  • trunk/sources/HeuristicLab.Clients.Hive/3.3/ServiceClients/HiveServiceClient.cs

    r9219 r12926  
    351351       
    352352        [System.Runtime.Serialization.OptionalFieldAttribute()]
    353         private bool IsPrivilegedField;
    354        
    355         [System.Runtime.Serialization.OptionalFieldAttribute()]
    356353        private System.Guid JobIdField;
    357354       
     
    415412                    this.IsParentTaskField = value;
    416413                    this.RaisePropertyChanged("IsParentTask");
    417                 }
    418             }
    419         }
    420        
    421         [System.Runtime.Serialization.DataMemberAttribute()]
    422         public bool IsPrivileged
    423         {
    424             get
    425             {
    426                 return this.IsPrivilegedField;
    427             }
    428             set
    429             {
    430                 if ((this.IsPrivilegedField.Equals(value) != true))
    431                 {
    432                     this.IsPrivilegedField = value;
    433                     this.RaisePropertyChanged("IsPrivileged");
    434414                }
    435415            }
     
    25532533        System.Collections.Generic.List<HeuristicLab.Clients.Hive.JobPermission> GetJobPermissions(System.Guid jobId);
    25542534       
    2555         [System.ServiceModel.OperationContractAttribute(Action="http://tempuri.org/IHiveService/IsAllowedPrivileged", ReplyAction="http://tempuri.org/IHiveService/IsAllowedPrivilegedResponse")]
    2556         bool IsAllowedPrivileged();
    2557        
    25582535        [System.ServiceModel.OperationContractAttribute(Action="http://tempuri.org/IHiveService/Hello", ReplyAction="http://tempuri.org/IHiveService/HelloResponse")]
    25592536        void Hello(HeuristicLab.Clients.Hive.Slave slave);
     
    28822859        }
    28832860       
    2884         public bool IsAllowedPrivileged()
    2885         {
    2886             return base.Channel.IsAllowedPrivileged();
    2887         }
    2888        
    28892861        public void Hello(HeuristicLab.Clients.Hive.Slave slave)
    28902862        {
  • trunk/sources/HeuristicLab.Clients.Hive/3.3/ServiceClients/Job.cs

    r12012 r12926  
    2727  public partial class Job : IDeepCloneable, IContent {
    2828
    29     private bool isPrivileged;
    30     public bool IsPrivileged {
    31       get { return isPrivileged; }
    32       set { isPrivileged = value; }
    33     }
    34 
    3529    #region Constructors and Cloning
    3630    public Job() {
     
    4842      this.Description = original.Description;
    4943      this.Id = original.Id;
    50       this.IsPrivileged = original.IsPrivileged;
    5144      this.Permission = original.Permission;
    5245    }
  • trunk/sources/HeuristicLab.Clients.Hive/3.3/ServiceClients/Task.cs

    r12012 r12926  
    4343      this.FinishWhenChildJobsFinished = original.FinishWhenChildJobsFinished;
    4444      this.JobId = original.JobId;
    45       this.IsPrivileged = original.IsPrivileged;
    4645    }
    4746
  • trunk/sources/HeuristicLab.PluginInfrastructure/3.3/Sandboxing/SandboxManager.cs

    r12012 r12926  
    2525using System.Security.Permissions;
    2626using HeuristicLab.PluginInfrastructure.Manager;
    27 using System.IO;
    2827
    2928namespace HeuristicLab.PluginInfrastructure.Sandboxing {
     
    3130
    3231    /// <summary>
    33     /// Creates an privileged sandbox, meaning that the executed code is fully trusted and permissions are not restricted.
     32    /// Creates a privileged sandbox, meaning that the executed code is fully trusted and permissions are not restricted.
    3433    /// This method is a fall back for trusted users in HeuristicLab Hive.
    3534    /// </summary>   
    36     public static AppDomain CreateAndInitPrivilegedSandbox(string appDomainName, string applicationBase, string configFilePath) {
     35    public static AppDomain CreateAndInitSandbox(string appDomainName, string applicationBase, string configFilePath) {
    3736      PermissionSet pSet;
    3837      pSet = new PermissionSet(PermissionState.Unrestricted);
     
    5352      return applicationDomain;
    5453    }
    55 
    56     /// <summary>
    57     /// Creates a sandbox with restricted permissions.
    58     /// Code that is executed in such an AppDomain is partially-trusted and is not allowed to call or override
    59     /// methods that require full trust.
    60     /// </summary>   
    61     public static AppDomain CreateAndInitSandbox(string appDomainName, string applicationBase, string configFilePath) {
    62       PermissionSet pSet;
    63 
    64       pSet = new PermissionSet(PermissionState.None);
    65       pSet.AddPermission(new SecurityPermission(PermissionState.None));
    66       pSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
    67       pSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Infrastructure));
    68       pSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.UnmanagedCode));
    69       pSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.SerializationFormatter));
    70       //needed for HeuristicLab.Persistence, see DynamicMethod Constructor (String, Type, array<Type []()>[], Type, Boolean)
    71       pSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.ControlEvidence));
    72       pSet.AddPermission(new ReflectionPermission(PermissionState.Unrestricted));
    73 
    74       FileIOPermission ioPerm = new FileIOPermission(PermissionState.None);
    75       //allow path discovery for system drive, needed by HeuristicLab.Persistence: Serializer.BuildTypeCache() -> Assembly.CodeBase
    76       ioPerm.AddPathList(FileIOPermissionAccess.PathDiscovery, Path.GetPathRoot(Path.GetFullPath(Environment.SystemDirectory)));
    77       //allow full access to the appdomain's base directory
    78       ioPerm.AddPathList(FileIOPermissionAccess.AllAccess, applicationBase);
    79       pSet.AddPermission(ioPerm);
    80 
    81       AppDomainSetup setup = new AppDomainSetup();
    82       setup.PrivateBinPath = applicationBase;
    83       setup.ApplicationBase = applicationBase;
    84       setup.ConfigurationFile = configFilePath;
    85 
    86       Type applicationManagerType = typeof(SandboxApplicationManager);
    87       AppDomain applicationDomain = AppDomain.CreateDomain(appDomainName, null, setup, pSet, null);
    88       SandboxApplicationManager applicationManager = (SandboxApplicationManager)applicationDomain.CreateInstanceAndUnwrap(applicationManagerType.Assembly.FullName, applicationManagerType.FullName, true, BindingFlags.NonPublic | BindingFlags.Instance, null, null, null, null);
    89 
    90       PluginManager pm = new PluginManager(applicationBase);
    91       pm.DiscoverAndCheckPlugins();
    92       applicationManager.PrepareApplicationDomain(pm.Applications, pm.Plugins);
    93 
    94       return applicationDomain;
    95     }
    9654  }
    9755}
  • trunk/sources/HeuristicLab.Services.Hive.DataAccess/3.3/HiveDataContext.dbml

    r12878 r12926  
    7676      <Column Name="Command" Type="global::HeuristicLab.Services.Hive.DataAccess.Command?" DbType="VarChar(30)" CanBeNull="true" />
    7777      <Column Name="JobId" Storage="_HiveExperimentId" Type="System.Guid" DbType="UniqueIdentifier NOT NULL" CanBeNull="false" />
    78       <Column Name="IsPrivileged" Type="System.Boolean" DbType="Bit" CanBeNull="false" />
    7978      <Association Name="Task_AssignedResource" Member="AssignedResources" ThisKey="TaskId" OtherKey="TaskId" Type="AssignedResource" />
    8079      <Association Name="Task_RequiredPlugin" Member="RequiredPlugins" ThisKey="TaskId" OtherKey="TaskId" Type="RequiredPlugin" />
  • trunk/sources/HeuristicLab.Services.Hive.DataAccess/3.3/HiveDataContext.dbml.layout

    r12878 r12926  
    2727      </nestedChildShapes>
    2828    </classShape>
    29     <classShape Id="695bfc39-59f3-4e60-8644-f847964bf62c" absoluteBounds="6.5, 1, 2, 3.3093082682291666">
     29    <classShape Id="695bfc39-59f3-4e60-8644-f847964bf62c" absoluteBounds="6.5, 1, 2, 3.1170068359374996">
    3030      <DataClassMoniker Name="/HiveDataContext/Task" />
    3131      <nestedChildShapes>
    32         <elementListCompartment Id="a6a30e11-03d1-4869-82e6-b733f4ef9974" absoluteBounds="6.5150000000000006, 1.46, 1.9700000000000002, 2.7493082682291665" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" />
     32        <elementListCompartment Id="a6a30e11-03d1-4869-82e6-b733f4ef9974" absoluteBounds="6.5150000000000006, 1.46, 1.9700000000000002, 2.5570068359375" name="DataPropertiesCompartment" titleTextColor="Black" itemTextColor="Black" />
    3333      </nestedChildShapes>
    3434    </classShape>
     
    141141      </nodes>
    142142    </associationConnector>
    143     <associationConnector edgePoints="[(8.0192961430407 : 3.90397379557292); (8.0192961430407 : 5.04807657877604); (8.875 : 5.04807657877604)]" fixedFrom="NotFixed" fixedTo="NotFixed">
     143    <associationConnector edgePoints="[(8.5 : 4.1170068359375); (8.875 : 4.5)]" fixedFrom="NotFixed" fixedTo="NotFixed">
    144144      <AssociationMoniker Name="/HiveDataContext/Task/Task_AssignedResource" />
    145145      <nodes>
     
    148148      </nodes>
    149149    </associationConnector>
    150     <associationConnector edgePoints="[(7.20145120722822 : 3.90397379557292); (7.20145120722822 : 5.875)]" fixedFrom="NotFixed" fixedTo="NotFixed">
     150    <associationConnector edgePoints="[(7.4687475 : 4.1170068359375); (7.4687475 : 5.875)]" fixedFrom="NotFixed" fixedTo="NotFixed">
    151151      <AssociationMoniker Name="/HiveDataContext/Task/Task_RequiredPlugin" />
    152152      <nodes>
     
    176176      </nodes>
    177177    </associationConnector>
    178     <associationConnector edgePoints="[(6.125 : 3.46715413411458); (6.5 : 3.46715413411458)]" fixedFrom="NotFixed" fixedTo="NotFixed">
     178    <associationConnector edgePoints="[(6.125 : 3.37100341796875); (6.5 : 3.37100341796875)]" fixedFrom="NotFixed" fixedTo="NotFixed">
    179179      <AssociationMoniker Name="/HiveDataContext/Job/Job_Task" />
    180180      <nodes>
  • trunk/sources/HeuristicLab.Services.Hive.DataAccess/3.3/HiveDataContext.designer.cs

    r12878 r12926  
    16201620    private System.Guid _HiveExperimentId;
    16211621   
    1622     private bool _IsPrivileged;
    1623    
    16241622    private EntitySet<AssignedResource> _AssignedResources;
    16251623   
     
    16641662    partial void OnJobIdChanging(System.Guid value);
    16651663    partial void OnJobIdChanged();
    1666     partial void OnIsPrivilegedChanging(bool value);
    1667     partial void OnIsPrivilegedChanged();
    16681664    #endregion
    16691665   
     
    19241920          this.SendPropertyChanged("JobId");
    19251921          this.OnJobIdChanged();
    1926         }
    1927       }
    1928     }
    1929    
    1930     [global::System.Data.Linq.Mapping.ColumnAttribute(Storage="_IsPrivileged", DbType="Bit")]
    1931     public bool IsPrivileged
    1932     {
    1933       get
    1934       {
    1935         return this._IsPrivileged;
    1936       }
    1937       set
    1938       {
    1939         if ((this._IsPrivileged != value))
    1940         {
    1941           this.OnIsPrivilegedChanging(value);
    1942           this.SendPropertyChanging();
    1943           this._IsPrivileged = value;
    1944           this.SendPropertyChanged("IsPrivileged");
    1945           this.OnIsPrivilegedChanged();
    19461922        }
    19471923      }
  • trunk/sources/HeuristicLab.Services.Hive.DataAccess/3.3/SQL Scripts/Initialize Hive Database.sql

    r12878 r12926  
    8686  [Command] VarChar(30),
    8787  [JobId] UniqueIdentifier NOT NULL,
    88   [IsPrivileged] Bit NOT NULL,
    8988  CONSTRAINT [PK_dbo.Task] PRIMARY KEY ([TaskId])
    9089  )
  • trunk/sources/HeuristicLab.Services.Hive.DataAccess/3.3/SQL Scripts/Prepare Hive Database.sql

    r12878 r12926  
    113113CREATE NONCLUSTERED INDEX [TaskJobIdIndex]
    114114ON [dbo].[Task] ([JobId])
    115 INCLUDE ([TaskId],[TaskState],[ExecutionTimeMs],[LastHeartbeat],[ParentTaskId],[Priority],[CoresNeeded],[MemoryNeeded],[IsParentTask],[FinishWhenChildJobsFinished],[Command],[IsPrivileged])
     115INCLUDE ([TaskId],[TaskState],[ExecutionTimeMs],[LastHeartbeat],[ParentTaskId],[Priority],[CoresNeeded],[MemoryNeeded],[IsParentTask],[FinishWhenChildJobsFinished],[Command])
    116116GO
    117117
     
    119119CREATE NONCLUSTERED INDEX [TaskGetWaitingTasksIndex]
    120120ON [dbo].[Task] ([TaskState],[IsParentTask],[FinishWhenChildJobsFinished],[CoresNeeded],[MemoryNeeded])
    121 INCLUDE ([TaskId],[ExecutionTimeMs],[LastHeartbeat],[ParentTaskId],[Priority],[Command],[JobId],[IsPrivileged])
     121INCLUDE ([TaskId],[ExecutionTimeMs],[LastHeartbeat],[ParentTaskId],[Priority],[Command],[JobId])
    122122GO
    123123
  • trunk/sources/HeuristicLab.Services.Hive/3.3/Converter.cs

    r12878 r12926  
    4444        Command = source.Command.ToDto(),
    4545        JobId = source.JobId,
    46         IsPrivileged = source.IsPrivileged,
    4746        PluginsNeededIds = source.RequiredPlugins.Select(x => x.PluginId).ToList(),
    4847        StateLog = source.StateLogs.Select(x => x.ToDto()).OrderBy(x => x.DateTime).ToList(),
     
    7271      target.Command = source.Command.ToEntity();
    7372      target.JobId = source.JobId;
    74       target.IsPrivileged = source.IsPrivileged;
    7573      var ids = target.RequiredPlugins.Select(x => x.PluginId);
    7674      target.RequiredPlugins.AddRange(source.PluginsNeededIds
  • trunk/sources/HeuristicLab.Services.Hive/3.3/DataTransfer/Task.cs

    r12012 r12926  
    4444    [DataMember]
    4545    public Guid JobId { get; set; }
    46     [DataMember]
    47     public bool IsPrivileged { get; set; }
    4846
    4947    public Task() {
  • trunk/sources/HeuristicLab.Services.Hive/3.3/HiveRoles.cs

    r12012 r12926  
    2525    public const string Slave = "Hive Slave";
    2626    public const string Client = "Hive User";
    27     public const string IsAllowedPrivileged = "Hive IsAllowedPrivileged";
    2827  }
    2928}
  • trunk/sources/HeuristicLab.Services.Hive/3.3/HiveService.cs

    r12878 r12926  
    469469    }
    470470
     471    // BackwardsCompatibility3.3
     472    #region Backwards compatible code, remove with 3.4
    471473    public bool IsAllowedPrivileged() {
    472       RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
    473       return RoleVerifier.IsInRole(HiveRoles.IsAllowedPrivileged);
    474     }
     474      return true;
     475    }
     476    #endregion
    475477    #endregion
    476478
  • trunk/sources/HeuristicLab.Services.Hive/3.3/ServiceContracts/IHiveService.cs

    r12878 r12926  
    9797    IEnumerable<JobPermission> GetJobPermissions(Guid jobId);
    9898
     99    // BackwardsCompatibility3.3
     100    #region Backwards compatible code, remove with 3.4
    99101    [OperationContract]
    100102    bool IsAllowedPrivileged(); // current user may execute privileged task
     103    #endregion
    101104    #endregion
    102105
Note: See TracChangeset for help on using the changeset viewer.