Send a master control function back to the wheel system
(self, clear_load)
| 3829 | } |
| 3830 | |
| 3831 | def wheel(self, clear_load): |
| 3832 | """ |
| 3833 | Send a master control function back to the wheel system |
| 3834 | """ |
| 3835 | # All wheel ops pass through eauth |
| 3836 | auth_type, err_name, key, sensitive_load_keys = self._prep_auth_info(clear_load) |
| 3837 | |
| 3838 | # Authenticate |
| 3839 | auth_check = self.loadauth.check_authentication(clear_load, auth_type, key=key) |
| 3840 | error = auth_check.get("error") |
| 3841 | |
| 3842 | if error: |
| 3843 | # Authentication error occurred: do not continue. |
| 3844 | return {"error": error} |
| 3845 | |
| 3846 | # Authorize |
| 3847 | username = auth_check.get("username") |
| 3848 | if auth_type != "user": |
| 3849 | wheel_check = self.ckminions.wheel_check( |
| 3850 | auth_check.get("auth_list", []), |
| 3851 | clear_load["fun"], |
| 3852 | clear_load.get("kwarg", {}), |
| 3853 | ) |
| 3854 | if not wheel_check: |
| 3855 | return { |
| 3856 | "error": { |
| 3857 | "name": err_name, |
| 3858 | "message": ( |
| 3859 | 'Authentication failure of type "{}" occurred for ' |
| 3860 | "user {}.".format(auth_type, username) |
| 3861 | ), |
| 3862 | } |
| 3863 | } |
| 3864 | elif isinstance(wheel_check, dict) and "error" in wheel_check: |
| 3865 | # A dictionary with an error name/message was handled by ckminions.wheel_check |
| 3866 | return wheel_check |
| 3867 | |
| 3868 | # No error occurred, consume sensitive settings from the clear_load if passed. |
| 3869 | for item in sensitive_load_keys: |
| 3870 | clear_load.pop(item, None) |
| 3871 | else: |
| 3872 | if "user" in clear_load: |
| 3873 | username = clear_load["user"] |
| 3874 | if salt.auth.AuthUser(username).is_sudo(): |
| 3875 | username = self.opts.get("user", "root") |
| 3876 | else: |
| 3877 | username = salt.utils.user.get_user() |
| 3878 | |
| 3879 | # Authorized. Do the job! |
| 3880 | try: |
| 3881 | jid = salt.utils.jid.gen_jid(self.opts) |
| 3882 | fun = clear_load.pop("fun") |
| 3883 | tag = tagify(jid, prefix="wheel") |
| 3884 | data = { |
| 3885 | "fun": f"wheel.{fun}", |
| 3886 | "jid": jid, |
| 3887 | "tag": tag, |
| 3888 | "user": username, |