Make project_id a formal target alias
This makes ImageTarget integrate the aliasing of project_id to owner, avoiding the need to do it every time we use ImageTarget. This will simplify subsequent patches. Change-Id: Ia9998f638546ac36cd200f0c9002eadd18b71094
This commit is contained in:
parent
0309814d93
commit
b8926ab429
@ -186,13 +186,11 @@ class ImageRepoProxy(glance.domain.proxy.Repo):
|
|||||||
|
|
||||||
def save(self, image, from_state=None):
|
def save(self, image, from_state=None):
|
||||||
target = dict(image.target)
|
target = dict(image.target)
|
||||||
target['project_id'] = target.get('owner', None)
|
|
||||||
self.policy.enforce(self.context, 'modify_image', target)
|
self.policy.enforce(self.context, 'modify_image', target)
|
||||||
return super(ImageRepoProxy, self).save(image, from_state=from_state)
|
return super(ImageRepoProxy, self).save(image, from_state=from_state)
|
||||||
|
|
||||||
def add(self, image):
|
def add(self, image):
|
||||||
target = dict(image.target)
|
target = dict(image.target)
|
||||||
target['project_id'] = target.get('owner', None)
|
|
||||||
self.policy.enforce(self.context, 'add_image', target)
|
self.policy.enforce(self.context, 'add_image', target)
|
||||||
return super(ImageRepoProxy, self).add(image)
|
return super(ImageRepoProxy, self).add(image)
|
||||||
|
|
||||||
@ -220,7 +218,6 @@ class ImageProxy(glance.domain.proxy.Image):
|
|||||||
@visibility.setter
|
@visibility.setter
|
||||||
def visibility(self, value):
|
def visibility(self, value):
|
||||||
target = dict(self.target)
|
target = dict(self.target)
|
||||||
target['project_id'] = target.get('owner', None)
|
|
||||||
_enforce_image_visibility(self.policy, self.context, value, target)
|
_enforce_image_visibility(self.policy, self.context, value, target)
|
||||||
self.image.visibility = value
|
self.image.visibility = value
|
||||||
|
|
||||||
@ -243,14 +240,12 @@ class ImageProxy(glance.domain.proxy.Image):
|
|||||||
|
|
||||||
def delete(self):
|
def delete(self):
|
||||||
target = dict(self.target)
|
target = dict(self.target)
|
||||||
target['project_id'] = target.get('owner', None)
|
|
||||||
self.policy.enforce(self.context, 'delete_image', target)
|
self.policy.enforce(self.context, 'delete_image', target)
|
||||||
return self.image.delete()
|
return self.image.delete()
|
||||||
|
|
||||||
def deactivate(self):
|
def deactivate(self):
|
||||||
LOG.debug('Attempting deactivate')
|
LOG.debug('Attempting deactivate')
|
||||||
target = dict(ImageTarget(self.image))
|
target = dict(ImageTarget(self.image))
|
||||||
target['project_id'] = target.get('owner', None)
|
|
||||||
self.policy.enforce(self.context, 'deactivate', target=target)
|
self.policy.enforce(self.context, 'deactivate', target=target)
|
||||||
LOG.debug('Deactivate allowed, continue')
|
LOG.debug('Deactivate allowed, continue')
|
||||||
self.image.deactivate()
|
self.image.deactivate()
|
||||||
@ -258,14 +253,12 @@ class ImageProxy(glance.domain.proxy.Image):
|
|||||||
def reactivate(self):
|
def reactivate(self):
|
||||||
LOG.debug('Attempting reactivate')
|
LOG.debug('Attempting reactivate')
|
||||||
target = dict(ImageTarget(self.image))
|
target = dict(ImageTarget(self.image))
|
||||||
target['project_id'] = target.get('owner', None)
|
|
||||||
self.policy.enforce(self.context, 'reactivate', target=target)
|
self.policy.enforce(self.context, 'reactivate', target=target)
|
||||||
LOG.debug('Reactivate allowed, continue')
|
LOG.debug('Reactivate allowed, continue')
|
||||||
self.image.reactivate()
|
self.image.reactivate()
|
||||||
|
|
||||||
def get_data(self, *args, **kwargs):
|
def get_data(self, *args, **kwargs):
|
||||||
target = dict(ImageTarget(self.image))
|
target = dict(ImageTarget(self.image))
|
||||||
target['project_id'] = target.get('owner', None)
|
|
||||||
self.policy.enforce(self.context, 'download_image', target)
|
self.policy.enforce(self.context, 'download_image', target)
|
||||||
return self.image.get_data(*args, **kwargs)
|
return self.image.get_data(*args, **kwargs)
|
||||||
|
|
||||||
@ -551,10 +544,14 @@ class ImageTarget(abc.Mapping):
|
|||||||
yield key
|
yield key
|
||||||
for key in getattr(self.target, 'extra_properties', {}).keys():
|
for key in getattr(self.target, 'extra_properties', {}).keys():
|
||||||
yield key
|
yield key
|
||||||
|
for alias in ['project_id']:
|
||||||
|
yield alias
|
||||||
|
|
||||||
def key_transforms(self, key):
|
def key_transforms(self, key):
|
||||||
if key == 'id':
|
if key == 'id':
|
||||||
key = 'image_id'
|
key = 'image_id'
|
||||||
|
elif key == 'project_id':
|
||||||
|
key = 'owner'
|
||||||
|
|
||||||
return key
|
return key
|
||||||
|
|
||||||
|
@ -1105,3 +1105,10 @@ class TestImageTarget(base.IsolatedUnitTest):
|
|||||||
image = ImageStub()
|
image = ImageStub()
|
||||||
target = glance.api.policy.ImageTarget(image)
|
target = glance.api.policy.ImageTarget(image)
|
||||||
self.assertNotIn('locations', list(target))
|
self.assertNotIn('locations', list(target))
|
||||||
|
|
||||||
|
def test_image_target_project_id_alias(self):
|
||||||
|
image = ImageStub()
|
||||||
|
target = glance.api.policy.ImageTarget(image)
|
||||||
|
self.assertIn('project_id', target)
|
||||||
|
self.assertEqual(image.owner, target['project_id'])
|
||||||
|
self.assertEqual(image.owner, target['owner'])
|
||||||
|
Loading…
Reference in New Issue
Block a user