openstack/keystone
Code Issues Proposed changes

Convert OS-REVOKE to flask dispatching

Browse Source 
Convert OS-REVOKE to flask dispatching.

Change-Id: I2504d4326b8c35fd6d9a0d929afc7e658e9c14f9
Partial-Bug: #1776504
This commit is contained in:
Morgan Fainberg
2018-07-31 15:05:15 -07:00
parent d42e955203
commit a4d9a4f13b
5 changed files with 87 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
keystone/api/__init__.py
View File

@@ -12,7 +12,8 @@
from keystone.api import credentials from keystone.api import credentials
from keystone.api import discovery from keystone.api import discovery
from keystone.api import os_revoke
from keystone.api import trusts from keystone.api import trusts
__all__ = ('discovery', 'credentials', 'trusts') __all__ = ('discovery', 'credentials', 'os_revoke', 'trusts')
__apis__ = (discovery, credentials, trusts) __apis__ = (discovery, credentials, os_revoke, trusts)

83
keystone/api/os_revoke.py Normal file
View File

@@ -0,0 +1,83 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# This file handles all flask-restful resources for /v3/OS-REVOKE/events
import functools
import flask
import flask_restful
from oslo_utils import timeutils
from keystone.common import json_home
from keystone.common import provider_api
from keystone.common import rbac_enforcer
from keystone import exception
from keystone.i18n import _
from keystone.server import flask as ks_flask
PROVIDERS = provider_api.ProviderAPIs
ENFORCER = rbac_enforcer.RBACEnforcer
_build_resource_relation = functools.partial(
json_home.build_v3_extension_resource_relation,
extension_name='OS-REVOKE', extension_version='1.0')
class OSRevokeResource(flask_restful.Resource):
def get(self):
ENFORCER.enforce_call(action='identity:list_revoke_events')
since = flask.request.args.get('since')
last_fetch = None
if since:
try:
last_fetch = timeutils.normalize_time(
timeutils.parse_isotime(since))
except ValueError:
raise exception.ValidationError(
message=_('invalidate date format %s') % since)
# FIXME(notmorgan): The revocation events cannot have resource options
# added to them or lazy-loaded relationships as long as to_dict
# is called outside of an active session context. This API is unused
# and should be deprecated in the near future. Fix this before adding
# resource_options or any lazy-loaded relationships to the revocation
# events themselves.
events = PROVIDERS.revoke_api.list_events(last_fetch=last_fetch)
# Build the links by hand as the standard controller calls require ids
response = {'events': [event.to_dict() for event in events],
'links': {
'next': None,
'self': '%s/v3/OS-REVOKE/events' % ks_flask.base_url(),
'previous': None}
}
return response
class OSRevokeAPI(ks_flask.APIBase):
_name = 'events'
_import_name = __name__
_api_url_prefix = '/OS-REVOKE'
resources = []
resource_mapping = [
ks_flask.construct_resource_map(
resource=OSRevokeResource,
url='/events',
resource_kwargs={},
rel='events',
resource_relation_func=_build_resource_relation
)
]
APIs = (OSRevokeAPI,)

52
keystone/revoke/controllers.py
View File

@@ -1,52 +0,0 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from oslo_utils import timeutils
from keystone.common import controller
from keystone.common import provider_api
from keystone import exception
from keystone.i18n import _
PROVIDERS = provider_api.ProviderAPIs
class RevokeController(controller.V3Controller):
@controller.protected()
def list_revoke_events(self, request):
since = request.params.get('since')
last_fetch = None
if since:
try:
last_fetch = timeutils.normalize_time(
timeutils.parse_isotime(since))
except ValueError:
raise exception.ValidationError(
message=_('invalid date format %s') % since)
# FIXME(notmorgan): The revocation events cannot have resource options
# added to them or lazy-loaded relationships as long as to_dict
# is called outside of an active session context. This API is unused
# and should be deprecated in the near future. Fix this before adding
# resource_options or any lazy-loaded relationships to the revocation
# events themselves.
events = PROVIDERS.revoke_api.list_events(last_fetch=last_fetch)
# Build the links by hand as the standard controller calls require ids
response = {'events': [event.to_dict() for event in events],
'links': {
'next': None,
'self': RevokeController.base_url(
request.context_dict,
path=request.context_dict['path']),
'previous': None}
}
return response

31
keystone/revoke/routers.py
View File

@@ -1,31 +0,0 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from keystone.common import json_home
from keystone.common import wsgi
from keystone.revoke import controllers
class Routers(wsgi.RoutersBase):
PATH_PREFIX = '/OS-REVOKE'
_path_prefixes = ('OS-REVOKE',)
def append_v3_routers(self, mapper, routers):
revoke_controller = controllers.RevokeController()
self._add_resource(
mapper, revoke_controller,
path=self.PATH_PREFIX + '/events',
get_action='list_revoke_events',
rel=json_home.build_v3_extension_resource_relation(
'OS-REVOKE', '1.0', 'events'))

4
keystone/server/flask/application.py
View File

@@ -38,12 +38,11 @@ from keystone.limit import routers as limit_routers
from keystone.oauth1 import routers as oauth1_routers from keystone.oauth1 import routers as oauth1_routers
from keystone.policy import routers as policy_routers from keystone.policy import routers as policy_routers
from keystone.resource import routers as resource_routers from keystone.resource import routers as resource_routers
from keystone.revoke import routers as revoke_routers
from keystone.token import _simple_cert as simple_cert_ext from keystone.token import _simple_cert as simple_cert_ext
# TODO(morgan): _MOVED_API_PREFIXES to be removed when the legacy dispatch # TODO(morgan): _MOVED_API_PREFIXES to be removed when the legacy dispatch
# support is removed. # support is removed.
_MOVED_API_PREFIXES = frozenset(['credentials', 'OS-TRUST']) _MOVED_API_PREFIXES = frozenset(['credentials', 'OS-REVOKE', 'OS-TRUST'])
LOG = log.getLogger(__name__) LOG = log.getLogger(__name__)
@@ -55,7 +54,6 @@ ALL_API_ROUTERS = [auth_routers,
limit_routers, limit_routers,
policy_routers, policy_routers,
resource_routers, resource_routers,
revoke_routers,
federation_routers, federation_routers,
oauth1_routers, oauth1_routers,
endpoint_policy_routers, endpoint_policy_routers,