Convert OS-REVOKE to flask dispatching
Convert OS-REVOKE to flask dispatching. Change-Id: I2504d4326b8c35fd6d9a0d929afc7e658e9c14f9 Partial-Bug: #1776504
This commit is contained in:
parent
d42e955203
commit
a4d9a4f13b
@ -12,7 +12,8 @@
|
||||
|
||||
from keystone.api import credentials
|
||||
from keystone.api import discovery
|
||||
from keystone.api import os_revoke
|
||||
from keystone.api import trusts
|
||||
|
||||
__all__ = ('discovery', 'credentials', 'trusts')
|
||||
__apis__ = (discovery, credentials, trusts)
|
||||
__all__ = ('discovery', 'credentials', 'os_revoke', 'trusts')
|
||||
__apis__ = (discovery, credentials, os_revoke, trusts)
|
||||
|
83
keystone/api/os_revoke.py
Normal file
83
keystone/api/os_revoke.py
Normal file
@ -0,0 +1,83 @@
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# This file handles all flask-restful resources for /v3/OS-REVOKE/events
|
||||
|
||||
import functools
|
||||
|
||||
import flask
|
||||
import flask_restful
|
||||
from oslo_utils import timeutils
|
||||
|
||||
from keystone.common import json_home
|
||||
from keystone.common import provider_api
|
||||
from keystone.common import rbac_enforcer
|
||||
from keystone import exception
|
||||
from keystone.i18n import _
|
||||
from keystone.server import flask as ks_flask
|
||||
|
||||
|
||||
PROVIDERS = provider_api.ProviderAPIs
|
||||
ENFORCER = rbac_enforcer.RBACEnforcer
|
||||
|
||||
|
||||
_build_resource_relation = functools.partial(
|
||||
json_home.build_v3_extension_resource_relation,
|
||||
extension_name='OS-REVOKE', extension_version='1.0')
|
||||
|
||||
|
||||
class OSRevokeResource(flask_restful.Resource):
|
||||
def get(self):
|
||||
ENFORCER.enforce_call(action='identity:list_revoke_events')
|
||||
since = flask.request.args.get('since')
|
||||
last_fetch = None
|
||||
if since:
|
||||
try:
|
||||
last_fetch = timeutils.normalize_time(
|
||||
timeutils.parse_isotime(since))
|
||||
except ValueError:
|
||||
raise exception.ValidationError(
|
||||
message=_('invalidate date format %s') % since)
|
||||
# FIXME(notmorgan): The revocation events cannot have resource options
|
||||
# added to them or lazy-loaded relationships as long as to_dict
|
||||
# is called outside of an active session context. This API is unused
|
||||
# and should be deprecated in the near future. Fix this before adding
|
||||
# resource_options or any lazy-loaded relationships to the revocation
|
||||
# events themselves.
|
||||
events = PROVIDERS.revoke_api.list_events(last_fetch=last_fetch)
|
||||
# Build the links by hand as the standard controller calls require ids
|
||||
response = {'events': [event.to_dict() for event in events],
|
||||
'links': {
|
||||
'next': None,
|
||||
'self': '%s/v3/OS-REVOKE/events' % ks_flask.base_url(),
|
||||
'previous': None}
|
||||
}
|
||||
return response
|
||||
|
||||
|
||||
class OSRevokeAPI(ks_flask.APIBase):
|
||||
_name = 'events'
|
||||
_import_name = __name__
|
||||
_api_url_prefix = '/OS-REVOKE'
|
||||
resources = []
|
||||
resource_mapping = [
|
||||
ks_flask.construct_resource_map(
|
||||
resource=OSRevokeResource,
|
||||
url='/events',
|
||||
resource_kwargs={},
|
||||
rel='events',
|
||||
resource_relation_func=_build_resource_relation
|
||||
)
|
||||
]
|
||||
|
||||
|
||||
APIs = (OSRevokeAPI,)
|
@ -1,52 +0,0 @@
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from oslo_utils import timeutils
|
||||
|
||||
from keystone.common import controller
|
||||
from keystone.common import provider_api
|
||||
from keystone import exception
|
||||
from keystone.i18n import _
|
||||
|
||||
|
||||
PROVIDERS = provider_api.ProviderAPIs
|
||||
|
||||
|
||||
class RevokeController(controller.V3Controller):
|
||||
@controller.protected()
|
||||
def list_revoke_events(self, request):
|
||||
since = request.params.get('since')
|
||||
last_fetch = None
|
||||
if since:
|
||||
try:
|
||||
last_fetch = timeutils.normalize_time(
|
||||
timeutils.parse_isotime(since))
|
||||
except ValueError:
|
||||
raise exception.ValidationError(
|
||||
message=_('invalid date format %s') % since)
|
||||
# FIXME(notmorgan): The revocation events cannot have resource options
|
||||
# added to them or lazy-loaded relationships as long as to_dict
|
||||
# is called outside of an active session context. This API is unused
|
||||
# and should be deprecated in the near future. Fix this before adding
|
||||
# resource_options or any lazy-loaded relationships to the revocation
|
||||
# events themselves.
|
||||
events = PROVIDERS.revoke_api.list_events(last_fetch=last_fetch)
|
||||
# Build the links by hand as the standard controller calls require ids
|
||||
response = {'events': [event.to_dict() for event in events],
|
||||
'links': {
|
||||
'next': None,
|
||||
'self': RevokeController.base_url(
|
||||
request.context_dict,
|
||||
path=request.context_dict['path']),
|
||||
'previous': None}
|
||||
}
|
||||
return response
|
@ -1,31 +0,0 @@
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from keystone.common import json_home
|
||||
from keystone.common import wsgi
|
||||
from keystone.revoke import controllers
|
||||
|
||||
|
||||
class Routers(wsgi.RoutersBase):
|
||||
|
||||
PATH_PREFIX = '/OS-REVOKE'
|
||||
|
||||
_path_prefixes = ('OS-REVOKE',)
|
||||
|
||||
def append_v3_routers(self, mapper, routers):
|
||||
revoke_controller = controllers.RevokeController()
|
||||
self._add_resource(
|
||||
mapper, revoke_controller,
|
||||
path=self.PATH_PREFIX + '/events',
|
||||
get_action='list_revoke_events',
|
||||
rel=json_home.build_v3_extension_resource_relation(
|
||||
'OS-REVOKE', '1.0', 'events'))
|
@ -38,12 +38,11 @@ from keystone.limit import routers as limit_routers
|
||||
from keystone.oauth1 import routers as oauth1_routers
|
||||
from keystone.policy import routers as policy_routers
|
||||
from keystone.resource import routers as resource_routers
|
||||
from keystone.revoke import routers as revoke_routers
|
||||
from keystone.token import _simple_cert as simple_cert_ext
|
||||
|
||||
# TODO(morgan): _MOVED_API_PREFIXES to be removed when the legacy dispatch
|
||||
# support is removed.
|
||||
_MOVED_API_PREFIXES = frozenset(['credentials', 'OS-TRUST'])
|
||||
_MOVED_API_PREFIXES = frozenset(['credentials', 'OS-REVOKE', 'OS-TRUST'])
|
||||
LOG = log.getLogger(__name__)
|
||||
|
||||
|
||||
@ -55,7 +54,6 @@ ALL_API_ROUTERS = [auth_routers,
|
||||
limit_routers,
|
||||
policy_routers,
|
||||
resource_routers,
|
||||
revoke_routers,
|
||||
federation_routers,
|
||||
oauth1_routers,
|
||||
endpoint_policy_routers,
|
||||
|
Loading…
Reference in New Issue
Block a user