blazar/climate/api/service.py
Yuriy Taraday 573fb0cc1f Remove explicit access to is_admin in context
is_admin should not be exlicitely accessed from code. Policies should be
used to check if it's set and context.elevated() to run something in
admin context.

Change-Id: I27754a378073844c3e24d94038a5d24f9a3c6dc3
2014-02-19 17:05:41 +04:00

107 lines
3.3 KiB
Python

# Copyright (c) 2013 Mirantis Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from climate import context
from climate import exceptions
from climate.manager import rpcapi as manager_rpcapi
from climate.openstack.common import log as logging
from climate import policy
from climate.utils import trusts
LOG = logging.getLogger(__name__)
class API(object):
def __init__(self):
self.manager_rpcapi = manager_rpcapi.ManagerRPCAPI()
## Leases operations
@policy.authorize('leases', 'get')
def get_leases(self):
"""List all existing leases."""
ctx = context.current()
if policy.enforce(ctx, 'admin', {}, do_raise=False):
tenant_id = None
else:
tenant_id = ctx.tenant_id
return self.manager_rpcapi.list_leases(tenant_id=tenant_id)
@policy.authorize('leases', 'create')
def create_lease(self, data):
"""Create new lease.
:param data: New lease characteristics.
:type data: dict
"""
# here API should go to Keystone API v3 and create trust
trust = trusts.create_trust()
trust_id = trust.id
data.update({'trust_id': trust_id})
return self.manager_rpcapi.create_lease(data)
@policy.authorize('leases', 'get')
def get_lease(self, lease_id):
"""Get lease by its ID.
:param lease_id: ID of the lease in Climate DB.
:type lease_id: str
"""
return self.manager_rpcapi.get_lease(lease_id)
@policy.authorize('leases', 'update')
def update_lease(self, lease_id, data):
"""Update lease. Only name changing and prolonging may be proceeded.
:param lease_id: ID of the lease in Climate DB.
:type lease_id: str
:param data: New lease characteristics.
:type data: dict
"""
new_name = data.pop('name', None)
end_date = data.pop('end_date', None)
start_date = data.pop('start_date', None)
if data:
raise exceptions.ClimateException('Only name changing and '
'dates changing may be '
'proceeded.')
data = {}
if new_name:
data['name'] = new_name
if end_date:
data['end_date'] = end_date
if start_date:
data['start_date'] = start_date
return self.manager_rpcapi.update_lease(lease_id, data)
@policy.authorize('leases', 'delete')
def delete_lease(self, lease_id):
"""Delete specified lease.
:param lease_id: ID of the lease in Climate DB.
:type lease_id: str
"""
self.manager_rpcapi.delete_lease(lease_id)
## Plugins operations
@policy.authorize('plugins', 'get')
def get_plugins(self):
"""List all possible plugins."""
pass