Renaming trusts.py to security.py and adding method add_security_info

Change-Id: Ia25afa6c24cbdba8eabfbd2adc0e7ca40a04b8b6
This commit is contained in:
Renat Akhmerov 2014-11-24 15:24:50 +06:00
parent de34c8a92b
commit b5140060a0
9 changed files with 30 additions and 67 deletions

View File

@ -25,7 +25,7 @@ from mistral import exceptions as exc
from mistral import expressions as expr
from mistral.openstack.common import log as logging
from mistral.services import action_manager as a_m
from mistral.services import trusts
from mistral.services import security
from mistral.workbook import parser as spec_parser
@ -164,7 +164,7 @@ def add_openstack_data_to_context(context, db_workbook):
context = {}
if CONF.pecan.auth_enable:
workbook_ctx = trusts.create_context(
workbook_ctx = security.create_context(
db_workbook.trust_id, db_workbook.project_id
)

View File

@ -12,12 +12,9 @@
# See the License for the specific language governing permissions and
# limitations under the License.
from oslo.config import cfg
from mistral import context
from mistral.db.v2 import api as db_api
from mistral import exceptions as exc
from mistral.services import trusts
from mistral.services import security
from mistral.workbook import parser as spec_parser
@ -79,14 +76,6 @@ def _get_action_values(action_spec, definition, scope):
'scope': scope
}
_add_security_info(values)
security.add_security_info(values)
return values
def _add_security_info(values):
if cfg.CONF.pecan.auth_enable and not values['name'].startswith('std.'):
values.update({
'trust_id': trusts.create_trust().id,
'project_id': context.ctx().project_id
})

View File

@ -22,8 +22,8 @@ from mistral.engine1 import rpc
from mistral.openstack.common import log
from mistral.openstack.common import periodic_task
from mistral.openstack.common import threadgroup
from mistral.services import security
from mistral.services import triggers
from mistral.services import trusts
from mistral.workbook import parser as spec_parser
LOG = log.getLogger(__name__)
@ -45,7 +45,9 @@ class MistralPeriodicTasks(periodic_task.PeriodicTasks):
# Setup admin context before schedule triggers.
wb = db_api_v1.workbook_get(t['workbook_name'])
auth_ctx.set_ctx(trusts.create_context(wb.trust_id, wb.project_id))
auth_ctx.set_ctx(
security.create_context(wb.trust_id, wb.project_id)
)
try:
task = spec_parser.get_workbook_spec_from_yaml(
@ -71,7 +73,7 @@ class MistralPeriodicTasks(periodic_task.PeriodicTasks):
for t in triggers.get_next_cron_triggers():
# Setup admin context before schedule triggers.
ctx = trusts.create_context(t.trust_id, t.project_id)
ctx = security.create_context(t.trust_id, t.project_id)
auth_ctx.set_ctx(ctx)

View File

@ -14,9 +14,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
# TODO(rakhmerov): Is this module properly named and placed?
# According to its interface it may be called 'security'.
from oslo.config import cfg
from mistral import context
@ -76,3 +73,11 @@ def delete_trust(workbook):
keystone_client = keystone.client_for_trusts(workbook.trust_id)
keystone_client.trusts.delete(workbook.trust_id)
def add_security_info(secure_object_values, scope='private'):
if cfg.CONF.pecan.auth_enable and scope == 'private':
secure_object_values.update({
'trust_id': create_trust().id,
'project_id': context.ctx().project_id
})

View File

@ -14,12 +14,10 @@
from croniter import croniter
import datetime
from oslo.config import cfg
from mistral import context
from mistral.db.v1 import api as db_api_v1
from mistral.db.v2 import api as db_api_v2
from mistral.services import trusts
from mistral.services import security
from mistral.workbook import parser as spec_parser
@ -102,16 +100,8 @@ def create_cron_trigger(name, pattern, workflow_name, workflow_input,
'scope': 'private'
}
_add_security_info(values)
security.add_security_info(values)
trig = db_api_v2.create_cron_trigger(values)
return trig
def _add_security_info(values):
if cfg.CONF.pecan.auth_enable:
values.update({
'trust_id': trusts.create_trust().id,
'project_id': context.ctx().project_id
})

View File

@ -14,18 +14,15 @@
# See the License for the specific language governing permissions and
# limitations under the License.
from oslo.config import cfg
from mistral import context
from mistral.db.v1 import api as db_api_v1
from mistral.db.v2 import api as db_api_v2
from mistral.services import security
from mistral.services import triggers
from mistral.services import trusts
from mistral.workbook import parser as spec_parser
def create_workbook_v1(values, scope='private'):
_add_security_info(values, scope)
security.add_security_info(values, scope)
return db_api_v1.workbook_create(values)
@ -118,15 +115,6 @@ def _get_workbook_values(wb_spec, definition, scope):
'scope': scope
}
_add_security_info(values, scope)
security.add_security_info(values, scope)
return values
# TODO(rakhmerov): needs to be generalized (repeats for other services).
def _add_security_info(values, scope):
if cfg.CONF.pecan.auth_enable and scope == 'private':
values.update({
'trust_id': trusts.create_trust().id,
'project_id': context.ctx().project_id
})

View File

@ -12,20 +12,17 @@
# See the License for the specific language governing permissions and
# limitations under the License.
from oslo.config import cfg
from mistral import context
from mistral.db.v2 import api as db_api
from mistral.services import trusts
from mistral.services import security
from mistral import utils
from mistral.workbook import parser as spec_parser
WORKFLOWS_PATH = '../resources/workflows'
STD_WF_PATH = '../resources/workflows'
def register_standard_workflows():
workflow_paths = utils.get_file_list(WORKFLOWS_PATH)
workflow_paths = utils.get_file_list(STD_WF_PATH)
for wf_path in workflow_paths:
workflow_definition = open(wf_path).read()
@ -73,7 +70,7 @@ def _get_workflow_values(wf_spec, definition, scope):
'scope': scope
}
_add_security_info(values, scope)
security.add_security_info(values, scope)
return values
@ -88,11 +85,3 @@ def _create_or_update_workflow(wf_spec, definition, scope):
values = _get_workflow_values(wf_spec, definition, scope)
return db_api.create_or_update_workflow(values['name'], values)
def _add_security_info(values, scope):
if cfg.CONF.pecan.auth_enable and scope == 'private':
values.update({
'trust_id': trusts.create_trust().id,
'project_id': context.ctx().project_id
})

View File

@ -69,7 +69,7 @@ class TestWorkbooksController(base.FunctionalTest):
@mock.patch.object(db_api, "workbook_create",
base.create_mock_workbook(WORKBOOKS[0]))
@mock.patch("mistral.services.trusts.create_trust",
@mock.patch("mistral.services.security.create_trust",
mock.MagicMock(return_value=WORKBOOKS[0]))
def test_post(self):
resp = self.app.post_json('/v1/workbooks', WORKBOOKS[0])
@ -79,7 +79,7 @@ class TestWorkbooksController(base.FunctionalTest):
@mock.patch.object(db_api, "workbook_create",
mock.MagicMock(side_effect=exceptions.DBDuplicateEntry))
@mock.patch("mistral.services.workbooks._add_security_info",
@mock.patch("mistral.services.security.add_security_info",
mock.MagicMock(return_value=None))
def test_post_dup(self):
resp = self.app.post_json('/v1/workbooks', WORKBOOKS[0],

View File

@ -20,7 +20,7 @@ from oslo.config import cfg
from mistral import context as auth_ctx
from mistral import expressions as expr
from mistral.openstack.common import log as logging
from mistral.services import trusts
from mistral.services import security
from mistral import utils
@ -142,7 +142,7 @@ def add_openstack_data_to_context(workflow_db, context):
wf_ctx = auth_ctx.ctx()
if not wf_ctx:
wf_ctx = trusts.create_context(
wf_ctx = security.create_context(
workflow_db.trust_id,
workflow_db.project_id
)