openstack/horizon
Code Issues Proposed changes
Files
18e8ea810d540f5d464e3ac38c5fefb0814d0b1f
horizon/openstack_dashboard/dashboards/identity/domains/views.py
David Lyle 18e8ea810d Separating Identity Dashboard and using RBAC 
Moving identity panels to their own dashboard.

RBAC is now used to determine the data to load in the identity
dashboard. Using the default policy file, a user with role member
will now be able to see their project list.

Also, adding a policy check mechanism at the panel and dashboard
level to determine which panels and dashboards the user can access.

Implements blueprint separate-identity-dash

Change-Id: I7ebfec2bf6e44899bec79d3b23c90d56a976200f
2014-08-18 16:40:56 -06:00

91 lines
3.5 KiB
Python
Raw Blame History

# Copyright 2013 Hewlett-Packard Development Company, L.P.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from django.core.urlresolvers import reverse
from django.utils.translation import ugettext_lazy as _
from horizon import exceptions
from horizon import messages
from horizon import tables
from horizon import workflows
from openstack_dashboard import api
from openstack_dashboard import policy
from openstack_dashboard.dashboards.identity.domains import constants
from openstack_dashboard.dashboards.identity.domains \
import tables as project_tables
from openstack_dashboard.dashboards.identity.domains \
import workflows as project_workflows
class IndexView(tables.DataTableView):
table_class = project_tables.DomainsTable
template_name = constants.DOMAINS_INDEX_VIEW_TEMPLATE
def get_data(self):
domains = []
domain_context = self.request.session.get('domain_context', None)
if policy.check((("identity", "identity:list_domains"),),
self.request):
try:
if domain_context:
domain = api.keystone.domain_get(self.request,
domain_context)
domains.append(domain)
else:
domains = api.keystone.domain_list(self.request)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve domain list.'))
elif policy.check((("identity", "identity:get_domain"),),
self.request):
try:
domain = api.keystone.domain_get(self.request,
self.request.user.domain_id)
domains.append(domain)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve domain information.'))
else:
msg = _("Insufficient privilege level to view domain information.")
messages.info(self.request, msg)
return domains
class CreateDomainView(workflows.WorkflowView):
workflow_class = project_workflows.CreateDomain
class UpdateDomainView(workflows.WorkflowView):
workflow_class = project_workflows.UpdateDomain
def get_initial(self):
initial = super(UpdateDomainView, self).get_initial()
domain_id = self.kwargs['domain_id']
initial['domain_id'] = domain_id
try:
# get initial domain info
domain_info = api.keystone.domain_get(self.request,
domain_id)
for field in constants.DOMAIN_INFO_FIELDS:
initial[field] = getattr(domain_info, field, None)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve domain details.'),
redirect=reverse(constants.DOMAINS_INDEX_URL))
return initial
View Git Blame Copy Permalink