Forum: Ruby DRb method access

I am writing a simple distributed system in drb. I have all the peers,
and one server to do the bootstrapping. In that server, I have a few
methods like "suggest_peer", and "start_service" and "stop_service".

When a peer connects to the server, he is able to call all three
methods. I want him to be able to call only the first one.

Also,I have a file that initializes the server, and has a little cmd
line so I can start the service, debug, log and all that. I want that
cmd line to be able to call the second and third methods, as well as the
first one.

How can I do that? How can I prevent peers from stopping the service?
If I put the service methods as private, I can't call them from the cmd
line.

Thanks

Pavlos Vin wrote in post #1006186:
> I am writing a simple distributed system in drb. I have all the peers,
> and one server to do the bootstrapping. In that server, I have a few
> methods like "suggest_peer", and "start_service" and "stop_service".
>
> When a peer connects to the server, he is able to call all three
> methods. I want him to be able to call only the first one.
>
> Also,I have a file that initializes the server, and has a little cmd
> line

A file has a command line?  What does that mean?

7stud -- wrote in post #1006249:
> Pavlos Vin wrote in post #1006186:
>> I am writing a simple distributed system in drb. I have all the peers,
>> and one server to do the bootstrapping. In that server, I have a few
>> methods like "suggest_peer", and "start_service" and "stop_service".
>>
>> When a peer connects to the server, he is able to call all three
>> methods. I want him to be able to call only the first one.
>>
>> Also,I have a file that initializes the server, and has a little cmd
>> line
>
> A file has a command line?  What does that mean?

sorry.. i meant i have a program.
I have server.rb which is the class, and a run-server.rb which provides 
a nice front end, from where i can start and stop the server, save some 
info etc.
I want to be able to start and stop the service of the server from that 
front end, but I want the peers that connect to the server to not be 
able to stop the service.

Can I somehow put restrictions on those methods?

Sure.


class Service
  def suggest_peer
    puts 'suggest_peer'
  end

  def start_service
    puts 'start_service'
  end

  def stop_service
    puts 'stop_service'
  end
end

class MethodAccessProxy
  def initialize(service)
    @service = service
  end

  def suggest_peer
    @service.suggest_peer
  end

  def start_service(password)
    check_access
    @service.start_service
  end

  def stop_service(password)
    check_access
    @service.stop_service
  end

  def check_access
    #identify client
    if <client doesn't have access>
      raise "Illegal Access: get lost."
    end
  end

end

7stud -- wrote in post #1006452:
> Sure.
...
>   def check_access
>     #identify client
>     if <client doesn't have access>
>       raise "Illegal Access: get lost."
>     end
>   end

7stud: that's not a helpful answer. He was asking for exactly how to 
determine the client identity when receiving a DRb method call, which 
you haven't shown. If you don't know, then better to say nothing.

Pavlos: one option is to start two different DRb services, implementing 
different methods and listening on different ports, and then use a DRb 
ACL to restrict access to one of them.

The ACL class is in /usr/lib/ruby/1.8/drb/acl.rb or wherever it is on 
your system. To use it, instantiate this class and pass it as a :tcp_acl 
parameter to DRbServer.new, or call DRbServer.default_acl(acl) first. 
You can see this in drb/drb.rb.

Looking through the drb.rb code, I think it may also be possible to do 
something like this in your DRb method:

Thread.current['DRb']['client'].peeraddr[3]

to determine who is talking to you. But this is untested, you'll need to 
play with it.

HTH,

Brian.