Renaming trusts.py to security.py and adding method add_security_info
Change-Id: Ia25afa6c24cbdba8eabfbd2adc0e7ca40a04b8b6
This commit is contained in:
parent
de34c8a92b
commit
b5140060a0
@ -25,7 +25,7 @@ from mistral import exceptions as exc
|
||||
from mistral import expressions as expr
|
||||
from mistral.openstack.common import log as logging
|
||||
from mistral.services import action_manager as a_m
|
||||
from mistral.services import trusts
|
||||
from mistral.services import security
|
||||
from mistral.workbook import parser as spec_parser
|
||||
|
||||
|
||||
@ -164,7 +164,7 @@ def add_openstack_data_to_context(context, db_workbook):
|
||||
context = {}
|
||||
|
||||
if CONF.pecan.auth_enable:
|
||||
workbook_ctx = trusts.create_context(
|
||||
workbook_ctx = security.create_context(
|
||||
db_workbook.trust_id, db_workbook.project_id
|
||||
)
|
||||
|
||||
|
@ -12,12 +12,9 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
from oslo.config import cfg
|
||||
|
||||
from mistral import context
|
||||
from mistral.db.v2 import api as db_api
|
||||
from mistral import exceptions as exc
|
||||
from mistral.services import trusts
|
||||
from mistral.services import security
|
||||
from mistral.workbook import parser as spec_parser
|
||||
|
||||
|
||||
@ -79,14 +76,6 @@ def _get_action_values(action_spec, definition, scope):
|
||||
'scope': scope
|
||||
}
|
||||
|
||||
_add_security_info(values)
|
||||
security.add_security_info(values)
|
||||
|
||||
return values
|
||||
|
||||
|
||||
def _add_security_info(values):
|
||||
if cfg.CONF.pecan.auth_enable and not values['name'].startswith('std.'):
|
||||
values.update({
|
||||
'trust_id': trusts.create_trust().id,
|
||||
'project_id': context.ctx().project_id
|
||||
})
|
||||
|
@ -22,8 +22,8 @@ from mistral.engine1 import rpc
|
||||
from mistral.openstack.common import log
|
||||
from mistral.openstack.common import periodic_task
|
||||
from mistral.openstack.common import threadgroup
|
||||
from mistral.services import security
|
||||
from mistral.services import triggers
|
||||
from mistral.services import trusts
|
||||
from mistral.workbook import parser as spec_parser
|
||||
|
||||
LOG = log.getLogger(__name__)
|
||||
@ -45,7 +45,9 @@ class MistralPeriodicTasks(periodic_task.PeriodicTasks):
|
||||
# Setup admin context before schedule triggers.
|
||||
wb = db_api_v1.workbook_get(t['workbook_name'])
|
||||
|
||||
auth_ctx.set_ctx(trusts.create_context(wb.trust_id, wb.project_id))
|
||||
auth_ctx.set_ctx(
|
||||
security.create_context(wb.trust_id, wb.project_id)
|
||||
)
|
||||
|
||||
try:
|
||||
task = spec_parser.get_workbook_spec_from_yaml(
|
||||
@ -71,7 +73,7 @@ class MistralPeriodicTasks(periodic_task.PeriodicTasks):
|
||||
|
||||
for t in triggers.get_next_cron_triggers():
|
||||
# Setup admin context before schedule triggers.
|
||||
ctx = trusts.create_context(t.trust_id, t.project_id)
|
||||
ctx = security.create_context(t.trust_id, t.project_id)
|
||||
|
||||
auth_ctx.set_ctx(ctx)
|
||||
|
||||
|
@ -14,9 +14,6 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# TODO(rakhmerov): Is this module properly named and placed?
|
||||
# According to its interface it may be called 'security'.
|
||||
|
||||
from oslo.config import cfg
|
||||
|
||||
from mistral import context
|
||||
@ -76,3 +73,11 @@ def delete_trust(workbook):
|
||||
|
||||
keystone_client = keystone.client_for_trusts(workbook.trust_id)
|
||||
keystone_client.trusts.delete(workbook.trust_id)
|
||||
|
||||
|
||||
def add_security_info(secure_object_values, scope='private'):
|
||||
if cfg.CONF.pecan.auth_enable and scope == 'private':
|
||||
secure_object_values.update({
|
||||
'trust_id': create_trust().id,
|
||||
'project_id': context.ctx().project_id
|
||||
})
|
@ -14,12 +14,10 @@
|
||||
|
||||
from croniter import croniter
|
||||
import datetime
|
||||
from oslo.config import cfg
|
||||
|
||||
from mistral import context
|
||||
from mistral.db.v1 import api as db_api_v1
|
||||
from mistral.db.v2 import api as db_api_v2
|
||||
from mistral.services import trusts
|
||||
from mistral.services import security
|
||||
from mistral.workbook import parser as spec_parser
|
||||
|
||||
|
||||
@ -102,16 +100,8 @@ def create_cron_trigger(name, pattern, workflow_name, workflow_input,
|
||||
'scope': 'private'
|
||||
}
|
||||
|
||||
_add_security_info(values)
|
||||
security.add_security_info(values)
|
||||
|
||||
trig = db_api_v2.create_cron_trigger(values)
|
||||
|
||||
return trig
|
||||
|
||||
|
||||
def _add_security_info(values):
|
||||
if cfg.CONF.pecan.auth_enable:
|
||||
values.update({
|
||||
'trust_id': trusts.create_trust().id,
|
||||
'project_id': context.ctx().project_id
|
||||
})
|
||||
|
@ -14,18 +14,15 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
from oslo.config import cfg
|
||||
|
||||
from mistral import context
|
||||
from mistral.db.v1 import api as db_api_v1
|
||||
from mistral.db.v2 import api as db_api_v2
|
||||
from mistral.services import security
|
||||
from mistral.services import triggers
|
||||
from mistral.services import trusts
|
||||
from mistral.workbook import parser as spec_parser
|
||||
|
||||
|
||||
def create_workbook_v1(values, scope='private'):
|
||||
_add_security_info(values, scope)
|
||||
security.add_security_info(values, scope)
|
||||
|
||||
return db_api_v1.workbook_create(values)
|
||||
|
||||
@ -118,15 +115,6 @@ def _get_workbook_values(wb_spec, definition, scope):
|
||||
'scope': scope
|
||||
}
|
||||
|
||||
_add_security_info(values, scope)
|
||||
security.add_security_info(values, scope)
|
||||
|
||||
return values
|
||||
|
||||
|
||||
# TODO(rakhmerov): needs to be generalized (repeats for other services).
|
||||
def _add_security_info(values, scope):
|
||||
if cfg.CONF.pecan.auth_enable and scope == 'private':
|
||||
values.update({
|
||||
'trust_id': trusts.create_trust().id,
|
||||
'project_id': context.ctx().project_id
|
||||
})
|
||||
|
@ -12,20 +12,17 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
from oslo.config import cfg
|
||||
|
||||
from mistral import context
|
||||
from mistral.db.v2 import api as db_api
|
||||
from mistral.services import trusts
|
||||
from mistral.services import security
|
||||
from mistral import utils
|
||||
from mistral.workbook import parser as spec_parser
|
||||
|
||||
|
||||
WORKFLOWS_PATH = '../resources/workflows'
|
||||
STD_WF_PATH = '../resources/workflows'
|
||||
|
||||
|
||||
def register_standard_workflows():
|
||||
workflow_paths = utils.get_file_list(WORKFLOWS_PATH)
|
||||
workflow_paths = utils.get_file_list(STD_WF_PATH)
|
||||
|
||||
for wf_path in workflow_paths:
|
||||
workflow_definition = open(wf_path).read()
|
||||
@ -73,7 +70,7 @@ def _get_workflow_values(wf_spec, definition, scope):
|
||||
'scope': scope
|
||||
}
|
||||
|
||||
_add_security_info(values, scope)
|
||||
security.add_security_info(values, scope)
|
||||
|
||||
return values
|
||||
|
||||
@ -88,11 +85,3 @@ def _create_or_update_workflow(wf_spec, definition, scope):
|
||||
values = _get_workflow_values(wf_spec, definition, scope)
|
||||
|
||||
return db_api.create_or_update_workflow(values['name'], values)
|
||||
|
||||
|
||||
def _add_security_info(values, scope):
|
||||
if cfg.CONF.pecan.auth_enable and scope == 'private':
|
||||
values.update({
|
||||
'trust_id': trusts.create_trust().id,
|
||||
'project_id': context.ctx().project_id
|
||||
})
|
||||
|
@ -69,7 +69,7 @@ class TestWorkbooksController(base.FunctionalTest):
|
||||
|
||||
@mock.patch.object(db_api, "workbook_create",
|
||||
base.create_mock_workbook(WORKBOOKS[0]))
|
||||
@mock.patch("mistral.services.trusts.create_trust",
|
||||
@mock.patch("mistral.services.security.create_trust",
|
||||
mock.MagicMock(return_value=WORKBOOKS[0]))
|
||||
def test_post(self):
|
||||
resp = self.app.post_json('/v1/workbooks', WORKBOOKS[0])
|
||||
@ -79,7 +79,7 @@ class TestWorkbooksController(base.FunctionalTest):
|
||||
|
||||
@mock.patch.object(db_api, "workbook_create",
|
||||
mock.MagicMock(side_effect=exceptions.DBDuplicateEntry))
|
||||
@mock.patch("mistral.services.workbooks._add_security_info",
|
||||
@mock.patch("mistral.services.security.add_security_info",
|
||||
mock.MagicMock(return_value=None))
|
||||
def test_post_dup(self):
|
||||
resp = self.app.post_json('/v1/workbooks', WORKBOOKS[0],
|
||||
|
@ -20,7 +20,7 @@ from oslo.config import cfg
|
||||
from mistral import context as auth_ctx
|
||||
from mistral import expressions as expr
|
||||
from mistral.openstack.common import log as logging
|
||||
from mistral.services import trusts
|
||||
from mistral.services import security
|
||||
from mistral import utils
|
||||
|
||||
|
||||
@ -142,7 +142,7 @@ def add_openstack_data_to_context(workflow_db, context):
|
||||
wf_ctx = auth_ctx.ctx()
|
||||
|
||||
if not wf_ctx:
|
||||
wf_ctx = trusts.create_context(
|
||||
wf_ctx = security.create_context(
|
||||
workflow_db.trust_id,
|
||||
workflow_db.project_id
|
||||
)
|
||||
|
Loading…
Reference in New Issue
Block a user