openstack
/
keystone
Code Issues Proposed changes

Use keystone.common.provider_api for endpoint_policy APIs 

This change converts the usage of self.<provider_api> to
keystone.common.providers_api.ProviderAPIs.<provider_api> in manager
and controller logic. This is the correct way to reference
providers from other managers and controllers now that dependency
injection has been eliminated.

Change-Id: Ic38ee0128b6a5a486ab9854c4e331d6df62c5cb9
This commit is contained in:
Lance Bragstad 2017-12-27 16:56:49 +00:00
parent eb7f1e885e
commit 88d840e3ce
2 changed files with 54 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
keystone/endpoint_policy/controllers.py
View File

@ -13,9 +13,13 @@
# under the License.
from keystone.common import controller
from keystone.common import provider_api
from keystone import notifications
PROVIDERS = provider_api.ProviderAPIs
class EndpointPolicyV3Controller(controller.V3Controller):
collection_name = 'endpoints'
member_name = 'endpoint'
@ -32,110 +36,112 @@ class EndpointPolicyV3Controller(controller.V3Controller):
'deleted', 'policy', self._on_policy_delete)
def _on_endpoint_delete(self, service, resource_type, operation, payload):
self.endpoint_policy_api.delete_association_by_endpoint(
PROVIDERS.endpoint_policy_api.delete_association_by_endpoint(
payload['resource_info'])
def _on_service_delete(self, service, resource_type, operation, payload):
self.endpoint_policy_api.delete_association_by_service(
PROVIDERS.endpoint_policy_api.delete_association_by_service(
payload['resource_info'])
def _on_region_delete(self, service, resource_type, operation, payload):
self.endpoint_policy_api.delete_association_by_region(
PROVIDERS.endpoint_policy_api.delete_association_by_region(
payload['resource_info'])
def _on_policy_delete(self, service, resource_type, operation, payload):
self.endpoint_policy_api.delete_association_by_policy(
PROVIDERS.endpoint_policy_api.delete_association_by_policy(
payload['resource_info'])
@controller.protected()
def create_policy_association_for_endpoint(self, request,
policy_id, endpoint_id):
"""Create an association between a policy and an endpoint."""
self.policy_api.get_policy(policy_id)
self.catalog_api.get_endpoint(endpoint_id)
self.endpoint_policy_api.create_policy_association(
PROVIDERS.policy_api.get_policy(policy_id)
PROVIDERS.catalog_api.get_endpoint(endpoint_id)
PROVIDERS.endpoint_policy_api.create_policy_association(
policy_id, endpoint_id=endpoint_id)
@controller.protected()
def check_policy_association_for_endpoint(self, request,
policy_id, endpoint_id):
"""Check an association between a policy and an endpoint."""
self.policy_api.get_policy(policy_id)
self.catalog_api.get_endpoint(endpoint_id)
self.endpoint_policy_api.check_policy_association(
PROVIDERS.policy_api.get_policy(policy_id)
PROVIDERS.catalog_api.get_endpoint(endpoint_id)
PROVIDERS.endpoint_policy_api.check_policy_association(
policy_id, endpoint_id=endpoint_id)
@controller.protected()
def delete_policy_association_for_endpoint(self, request,
policy_id, endpoint_id):
"""Delete an association between a policy and an endpoint."""
self.policy_api.get_policy(policy_id)
self.catalog_api.get_endpoint(endpoint_id)
self.endpoint_policy_api.delete_policy_association(
PROVIDERS.policy_api.get_policy(policy_id)
PROVIDERS.catalog_api.get_endpoint(endpoint_id)
PROVIDERS.endpoint_policy_api.delete_policy_association(
policy_id, endpoint_id=endpoint_id)
@controller.protected()
def create_policy_association_for_service(self, request,
policy_id, service_id):
"""Create an association between a policy and a service."""
self.policy_api.get_policy(policy_id)
self.catalog_api.get_service(service_id)
self.endpoint_policy_api.create_policy_association(
PROVIDERS.policy_api.get_policy(policy_id)
PROVIDERS.catalog_api.get_service(service_id)
PROVIDERS.endpoint_policy_api.create_policy_association(
policy_id, service_id=service_id)
@controller.protected()
def check_policy_association_for_service(self, request,
policy_id, service_id):
"""Check an association between a policy and a service."""
self.policy_api.get_policy(policy_id)
self.catalog_api.get_service(service_id)
self.endpoint_policy_api.check_policy_association(
PROVIDERS.policy_api.get_policy(policy_id)
PROVIDERS.catalog_api.get_service(service_id)
PROVIDERS.endpoint_policy_api.check_policy_association(
policy_id, service_id=service_id)
@controller.protected()
def delete_policy_association_for_service(self, request,
policy_id, service_id):
"""Delete an association between a policy and a service."""
self.policy_api.get_policy(policy_id)
self.catalog_api.get_service(service_id)
self.endpoint_policy_api.delete_policy_association(
PROVIDERS.policy_api.get_policy(policy_id)
PROVIDERS.catalog_api.get_service(service_id)
PROVIDERS.endpoint_policy_api.delete_policy_association(
policy_id, service_id=service_id)
@controller.protected()
def create_policy_association_for_region_and_service(
self, request, policy_id, service_id, region_id):
"""Create an association between a policy and region+service."""
self.policy_api.get_policy(policy_id)
self.catalog_api.get_service(service_id)
self.catalog_api.get_region(region_id)
self.endpoint_policy_api.create_policy_association(
PROVIDERS.policy_api.get_policy(policy_id)
PROVIDERS.catalog_api.get_service(service_id)
PROVIDERS.catalog_api.get_region(region_id)
PROVIDERS.endpoint_policy_api.create_policy_association(
policy_id, service_id=service_id, region_id=region_id)
@controller.protected()
def check_policy_association_for_region_and_service(
self, request, policy_id, service_id, region_id):
"""Check an association between a policy and region+service."""
self.policy_api.get_policy(policy_id)
self.catalog_api.get_service(service_id)
self.catalog_api.get_region(region_id)
self.endpoint_policy_api.check_policy_association(
PROVIDERS.policy_api.get_policy(policy_id)
PROVIDERS.catalog_api.get_service(service_id)
PROVIDERS.catalog_api.get_region(region_id)
PROVIDERS.endpoint_policy_api.check_policy_association(
policy_id, service_id=service_id, region_id=region_id)
@controller.protected()
def delete_policy_association_for_region_and_service(
self, request, policy_id, service_id, region_id):
"""Delete an association between a policy and region+service."""
self.policy_api.get_policy(policy_id)
self.catalog_api.get_service(service_id)
self.catalog_api.get_region(region_id)
self.endpoint_policy_api.delete_policy_association(
PROVIDERS.policy_api.get_policy(policy_id)
PROVIDERS.catalog_api.get_service(service_id)
PROVIDERS.catalog_api.get_region(region_id)
PROVIDERS.endpoint_policy_api.delete_policy_association(
policy_id, service_id=service_id, region_id=region_id)
@controller.protected()
def get_policy_for_endpoint(self, request, endpoint_id):
"""Get the effective policy for an endpoint."""
self.catalog_api.get_endpoint(endpoint_id)
ref = self.endpoint_policy_api.get_policy_for_endpoint(endpoint_id)
PROVIDERS.catalog_api.get_endpoint(endpoint_id)
ref = PROVIDERS.endpoint_policy_api.get_policy_for_endpoint(
endpoint_id
)
# NOTE(henry-nash): since the collection and member for this class is
# set to endpoints, we have to handle wrapping this policy entity
# ourselves.
@ -159,7 +165,9 @@ class EndpointPolicyV3Controller(controller.V3Controller):
@controller.protected()
def list_endpoints_for_policy(self, request, policy_id):
"""List endpoints with the effective association to a policy."""
self.policy_api.get_policy(policy_id)
refs = self.endpoint_policy_api.list_endpoints_for_policy(policy_id)
PROVIDERS.policy_api.get_policy(policy_id)
refs = PROVIDERS.endpoint_policy_api.list_endpoints_for_policy(
policy_id
)
return EndpointPolicyV3Controller.wrap_collection(request.context_dict,
refs)

14
keystone/endpoint_policy/core.py
View File

@ -15,6 +15,7 @@
from oslo_log import log
from keystone.common import manager
from keystone.common import provider_api
import keystone.conf
from keystone import exception
from keystone.i18n import _
@ -22,6 +23,7 @@ from keystone.i18n import _
CONF = keystone.conf.CONF
LOG = log.getLogger(__name__)
PROVIDERS = provider_api.ProviderAPIs
class Manager(manager.Manager):
@ -84,7 +86,7 @@ class Manager(manager.Manager):
def _get_endpoint(endpoint_id, policy_id):
try:
return self.catalog_api.get_endpoint(endpoint_id)
return PROVIDERS.catalog_api.get_endpoint(endpoint_id)
except exception.EndpointNotFound:
msg = ('Endpoint %(endpoint_id)s referenced in '
'association for policy %(policy_id)s not found.')
@ -151,8 +153,8 @@ class Manager(manager.Manager):
return endpoints_found
matching_endpoints = []
endpoints = self.catalog_api.list_endpoints()
regions = self.catalog_api.list_regions()
endpoints = PROVIDERS.catalog_api.list_endpoints()
regions = PROVIDERS.catalog_api.list_regions()
for ref in self.list_associations_for_policy(policy_id):
if ref.get('endpoint_id') is not None:
matching_endpoints.append(
@ -187,7 +189,7 @@ class Manager(manager.Manager):
def _get_policy(policy_id, endpoint_id):
try:
return self.policy_api.get_policy(policy_id)
return PROVIDERS.policy_api.get_policy(policy_id)
except exception.PolicyNotFound:
msg = ('Policy %(policy_id)s referenced in association '
'for endpoint %(endpoint_id)s not found.')
@ -218,7 +220,7 @@ class Manager(manager.Manager):
# There wasn't one for that region & service, let's
# chase up the region tree
regions_examined.append(region_id)
region = self.catalog_api.get_region(region_id)
region = PROVIDERS.catalog_api.get_region(region_id)
region_id = None
if region.get('parent_region_id') is not None:
region_id = region['parent_region_id']
@ -242,7 +244,7 @@ class Manager(manager.Manager):
# There wasn't a policy explicitly defined for this endpoint, so
# now let's see if there is one for the Region & Service.
endpoint = self.catalog_api.get_endpoint(endpoint_id)
endpoint = PROVIDERS.catalog_api.get_endpoint(endpoint_id)
policy_id = _look_for_policy_for_region_and_service(endpoint)
if policy_id is not None:
return _get_policy(policy_id, endpoint_id)