This method sends out publications to the minions, it can only be used by the LocalClient.
(self, clear_load)
| 3930 | return self.loadauth.get_tok(clear_load["token"]) |
| 3931 | |
| 3932 | async def publish(self, clear_load): |
| 3933 | """ |
| 3934 | This method sends out publications to the minions, it can only be used |
| 3935 | by the LocalClient. |
| 3936 | """ |
| 3937 | extra = clear_load.get("kwargs", {}) |
| 3938 | |
| 3939 | publisher_acl = salt.acl.PublisherACL(self.opts["publisher_acl_blacklist"]) |
| 3940 | |
| 3941 | if publisher_acl.user_is_blacklisted( |
| 3942 | clear_load["user"] |
| 3943 | ) or publisher_acl.cmd_is_blacklisted(clear_load["fun"]): |
| 3944 | log.error( |
| 3945 | "%s does not have permissions to run %s. Please contact " |
| 3946 | "your local administrator if you believe this is in " |
| 3947 | "error.\n", |
| 3948 | clear_load["user"], |
| 3949 | clear_load["fun"], |
| 3950 | ) |
| 3951 | return { |
| 3952 | "error": { |
| 3953 | "name": "AuthorizationError", |
| 3954 | "message": "Authorization error occurred.", |
| 3955 | } |
| 3956 | } |
| 3957 | |
| 3958 | # Retrieve the minions list |
| 3959 | delimiter = extra.get("delimiter", DEFAULT_TARGET_DELIM) |
| 3960 | |
| 3961 | _res = self.ckminions.check_minions( |
| 3962 | clear_load["tgt"], |
| 3963 | clear_load.get("tgt_type", "glob"), |
| 3964 | delimiter, |
| 3965 | fun=clear_load.get("fun"), |
| 3966 | ) |
| 3967 | minions = _res.get("minions", list()) |
| 3968 | missing = _res.get("missing", list()) |
| 3969 | ssh_minions = _res.get("ssh_minions", False) |
| 3970 | |
| 3971 | auth_key = clear_load.get("key", None) |
| 3972 | |
| 3973 | # Check for external auth calls and authenticate |
| 3974 | auth_type, err_name, key, sensitive_load_keys = self._prep_auth_info(extra) |
| 3975 | if auth_type == "user": |
| 3976 | auth_check = self.loadauth.check_authentication( |
| 3977 | clear_load, auth_type, key=key |
| 3978 | ) |
| 3979 | else: |
| 3980 | auth_check = self.loadauth.check_authentication(extra, auth_type) |
| 3981 | |
| 3982 | # Setup authorization list |
| 3983 | syndic_auth_list = None |
| 3984 | if "auth_list" in extra: |
| 3985 | syndic_auth_list = extra.pop("auth_list", []) |
| 3986 | # An auth_list was provided by the syndic and we're running as the same |
| 3987 | # user as the salt master process. |
| 3988 | if ( |
| 3989 | syndic_auth_list is not None |
no test coverage detected