Merge "Pass request to build_driver_hints"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
b5b7c692b9
|
|
@ -269,8 +269,7 @@ class ProjectAssignmentV3(controller.V3Controller):
|
|||
|
||||
@controller.filterprotected('domain_id', 'enabled', 'name')
|
||||
def list_user_projects(self, request, filters, user_id):
|
||||
hints = ProjectAssignmentV3.build_driver_hints(request.context_dict,
|
||||
filters)
|
||||
hints = ProjectAssignmentV3.build_driver_hints(request, filters)
|
||||
refs = self.assignment_api.list_projects_for_user(user_id,
|
||||
hints=hints)
|
||||
return ProjectAssignmentV3.wrap_collection(request.context_dict,
|
||||
|
|
@ -331,26 +330,18 @@ class RoleV3(controller.V3Controller):
|
|||
return self._create_role(request.context_dict, role)
|
||||
|
||||
def list_roles_wrapper(self, request):
|
||||
# If there is no domain_id filter defined, then we only want to return
|
||||
# global roles, so we set the domain_id filter to None.
|
||||
# NOTE(jamielennox): this is still using context_dict because it's
|
||||
# writing to the query dict. Why is it writing to the query dict?
|
||||
params = request.context_dict['query_string']
|
||||
if 'domain_id' not in params:
|
||||
request.context_dict['query_string']['domain_id'] = None
|
||||
|
||||
if request.context_dict['query_string']['domain_id'] is not None:
|
||||
if request.params.get('domain_id'):
|
||||
return self.list_domain_roles(request)
|
||||
else:
|
||||
return self.list_roles(request)
|
||||
|
||||
@controller.filterprotected('name', 'domain_id')
|
||||
def list_roles(self, request, filters):
|
||||
return self._list_roles(request.context_dict, filters)
|
||||
return self._list_roles(request, filters)
|
||||
|
||||
@controller.filterprotected('name', 'domain_id')
|
||||
def list_domain_roles(self, request, filters):
|
||||
return self._list_roles(request.context_dict, filters)
|
||||
return self._list_roles(request, filters)
|
||||
|
||||
def get_role_wrapper(self, context, role_id):
|
||||
if self._is_domain_role_target(role_id):
|
||||
|
|
@ -415,11 +406,10 @@ class RoleV3(controller.V3Controller):
|
|||
ref = self.role_api.create_role(ref['id'], ref, initiator)
|
||||
return RoleV3.wrap_member(context, ref)
|
||||
|
||||
def _list_roles(self, context, filters):
|
||||
hints = RoleV3.build_driver_hints(context, filters)
|
||||
refs = self.role_api.list_roles(
|
||||
hints=hints)
|
||||
return RoleV3.wrap_collection(context, refs, hints=hints)
|
||||
def _list_roles(self, request, filters):
|
||||
hints = RoleV3.build_driver_hints(request, filters)
|
||||
refs = self.role_api.list_roles(hints=hints)
|
||||
return RoleV3.wrap_collection(request.context_dict, refs, hints=hints)
|
||||
|
||||
def _get_role(self, context, role_id):
|
||||
ref = self.role_api.get_role(role_id)
|
||||
|
|
@ -435,6 +425,22 @@ class RoleV3(controller.V3Controller):
|
|||
initiator = notifications._get_request_audit_info(context)
|
||||
self.role_api.delete_role(role_id, initiator)
|
||||
|
||||
@classmethod
|
||||
def build_driver_hints(cls, request, supported_filters):
|
||||
# NOTE(jamielennox): To handle the default case of no domain_id defined
|
||||
# the role_assignment backend does some hackery to distinguish between
|
||||
# global and domain scoped roles. This backend behaviour relies upon a
|
||||
# value of domain_id being set (not just defaulting to None). Manually
|
||||
# set the empty filter if its not provided.
|
||||
|
||||
hints = super(RoleV3, cls).build_driver_hints(request,
|
||||
supported_filters)
|
||||
|
||||
if not request.params.get('domain_id'):
|
||||
hints.add_filter('domain_id', None)
|
||||
|
||||
return hints
|
||||
|
||||
|
||||
@dependency.requires('role_api')
|
||||
class ImpliedRolesV3(controller.V3Controller):
|
||||
|
|
|
|||
|
|
@ -235,7 +235,7 @@ class RegionV3(controller.V3Controller):
|
|||
|
||||
@controller.filterprotected('parent_region_id')
|
||||
def list_regions(self, request, filters):
|
||||
hints = RegionV3.build_driver_hints(request.context_dict, filters)
|
||||
hints = RegionV3.build_driver_hints(request, filters)
|
||||
refs = self.catalog_api.list_regions(hints)
|
||||
return RegionV3.wrap_collection(request.context_dict,
|
||||
refs,
|
||||
|
|
@ -279,7 +279,7 @@ class ServiceV3(controller.V3Controller):
|
|||
|
||||
@controller.filterprotected('type', 'name')
|
||||
def list_services(self, request, filters):
|
||||
hints = ServiceV3.build_driver_hints(request.context_dict, filters)
|
||||
hints = ServiceV3.build_driver_hints(request, filters)
|
||||
refs = self.catalog_api.list_services(hints=hints)
|
||||
return ServiceV3.wrap_collection(request.context_dict,
|
||||
refs,
|
||||
|
|
@ -361,7 +361,7 @@ class EndpointV3(controller.V3Controller):
|
|||
|
||||
@controller.filterprotected('interface', 'service_id', 'region_id')
|
||||
def list_endpoints(self, request, filters):
|
||||
hints = EndpointV3.build_driver_hints(request.context_dict, filters)
|
||||
hints = EndpointV3.build_driver_hints(request, filters)
|
||||
refs = self.catalog_api.list_endpoints(hints=hints)
|
||||
return EndpointV3.wrap_collection(request.context_dict,
|
||||
refs,
|
||||
|
|
|
|||
|
|
@ -218,9 +218,8 @@ def filterprotected(*filters, **callback):
|
|||
target = dict()
|
||||
if filters:
|
||||
for item in filters:
|
||||
if item in request.context_dict['query_string']:
|
||||
i = request.context_dict['query_string'][item]
|
||||
target[item] = i
|
||||
if item in request.params:
|
||||
target[item] = request.params[item]
|
||||
|
||||
LOG.debug('RBAC: Adding query filter params (%s)', (
|
||||
', '.join(['%s=%s' % (item, target[item])
|
||||
|
|
@ -625,25 +624,23 @@ class V3Controller(wsgi.Application):
|
|||
return refs
|
||||
|
||||
@classmethod
|
||||
def build_driver_hints(cls, context, supported_filters):
|
||||
def build_driver_hints(cls, request, supported_filters):
|
||||
"""Build list hints based on the context query string.
|
||||
|
||||
:param context: contains the query_string from which any list hints can
|
||||
be extracted
|
||||
:param request: the current request
|
||||
:param supported_filters: list of filters supported, so ignore any
|
||||
keys in query_dict that are not in this list.
|
||||
|
||||
"""
|
||||
query_dict = context['query_string']
|
||||
hints = driver_hints.Hints()
|
||||
|
||||
if query_dict is None:
|
||||
if not request.params:
|
||||
return hints
|
||||
|
||||
for key in query_dict:
|
||||
for key, value in request.params.items():
|
||||
# Check if this is an exact filter
|
||||
if supported_filters is None or key in supported_filters:
|
||||
hints.add_filter(key, query_dict[key])
|
||||
hints.add_filter(key, value)
|
||||
continue
|
||||
|
||||
# Check if it is an inexact filter
|
||||
|
|
@ -672,7 +669,7 @@ class V3Controller(wsgi.Application):
|
|||
if comparator.startswith('i'):
|
||||
case_sensitive = False
|
||||
comparator = comparator[1:]
|
||||
hints.add_filter(base_key, query_dict[key],
|
||||
hints.add_filter(base_key, value,
|
||||
comparator=comparator,
|
||||
case_sensitive=case_sensitive)
|
||||
|
||||
|
|
|
|||
|
|
@ -84,7 +84,7 @@ class CredentialV3(controller.V3Controller):
|
|||
|
||||
@controller.filterprotected('user_id', 'type')
|
||||
def list_credentials(self, request, filters):
|
||||
hints = CredentialV3.build_driver_hints(request.context_dict, filters)
|
||||
hints = CredentialV3.build_driver_hints(request, filters)
|
||||
refs = self.credential_api.list_credentials(hints)
|
||||
ret_refs = [self._blob_to_json(r) for r in refs]
|
||||
return CredentialV3.wrap_collection(request.context_dict, ret_refs,
|
||||
|
|
|
|||
|
|
@ -99,7 +99,7 @@ class IdentityProvider(_ControllerBase):
|
|||
|
||||
@controller.filterprotected('id', 'enabled')
|
||||
def list_identity_providers(self, request, filters):
|
||||
hints = self.build_driver_hints(request.context_dict, filters)
|
||||
hints = self.build_driver_hints(request, filters)
|
||||
ref = self.federation_api.list_idps(hints=hints)
|
||||
ref = [self.filter_params(x) for x in ref]
|
||||
return IdentityProvider.wrap_collection(request.context_dict,
|
||||
|
|
@ -495,7 +495,7 @@ class ServiceProvider(_ControllerBase):
|
|||
|
||||
@controller.filterprotected('id', 'enabled')
|
||||
def list_service_providers(self, request, filters):
|
||||
hints = self.build_driver_hints(request.context_dict, filters)
|
||||
hints = self.build_driver_hints(request, filters)
|
||||
ref = self.federation_api.list_sps(hints=hints)
|
||||
ref = [self.filter_params(x) for x in ref]
|
||||
return ServiceProvider.wrap_collection(request.context_dict,
|
||||
|
|
|
|||
|
|
@ -227,7 +227,7 @@ class UserV3(controller.V3Controller):
|
|||
|
||||
@controller.filterprotected('domain_id', 'enabled', 'name')
|
||||
def list_users(self, request, filters):
|
||||
hints = UserV3.build_driver_hints(request.context_dict, filters)
|
||||
hints = UserV3.build_driver_hints(request, filters)
|
||||
domain = self._get_domain_id_for_list_request(request)
|
||||
refs = self.identity_api.list_users(domain_scope=domain, hints=hints)
|
||||
return UserV3.wrap_collection(request.context_dict, refs, hints=hints)
|
||||
|
|
@ -235,7 +235,7 @@ class UserV3(controller.V3Controller):
|
|||
@controller.filterprotected('domain_id', 'enabled', 'name',
|
||||
callback=_check_group_protection)
|
||||
def list_users_in_group(self, request, filters, group_id):
|
||||
hints = UserV3.build_driver_hints(request.context_dict, filters)
|
||||
hints = UserV3.build_driver_hints(request, filters)
|
||||
refs = self.identity_api.list_users_in_group(group_id, hints=hints)
|
||||
return UserV3.wrap_collection(request.context_dict, refs, hints=hints)
|
||||
|
||||
|
|
@ -320,14 +320,14 @@ class GroupV3(controller.V3Controller):
|
|||
|
||||
@controller.filterprotected('domain_id', 'name')
|
||||
def list_groups(self, request, filters):
|
||||
hints = GroupV3.build_driver_hints(request.context_dict, filters)
|
||||
hints = GroupV3.build_driver_hints(request, filters)
|
||||
domain = self._get_domain_id_for_list_request(request)
|
||||
refs = self.identity_api.list_groups(domain_scope=domain, hints=hints)
|
||||
return GroupV3.wrap_collection(request.context_dict, refs, hints=hints)
|
||||
|
||||
@controller.filterprotected('name', callback=_check_user_protection)
|
||||
def list_groups_for_user(self, request, filters, user_id):
|
||||
hints = GroupV3.build_driver_hints(request.context_dict, filters)
|
||||
hints = GroupV3.build_driver_hints(request, filters)
|
||||
refs = self.identity_api.list_groups_for_user(user_id, hints=hints)
|
||||
return GroupV3.wrap_collection(request.context_dict, refs, hints=hints)
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class PolicyV3(controller.V3Controller):
|
|||
|
||||
@controller.filterprotected('type')
|
||||
def list_policies(self, request, filters):
|
||||
hints = PolicyV3.build_driver_hints(request.context_dict, filters)
|
||||
hints = PolicyV3.build_driver_hints(request, filters)
|
||||
refs = self.policy_api.list_policies(hints=hints)
|
||||
return PolicyV3.wrap_collection(request.context_dict,
|
||||
refs, hints=hints)
|
||||
|
|
|
|||
|
|
@ -149,7 +149,7 @@ class DomainV3(controller.V3Controller):
|
|||
|
||||
@controller.filterprotected('enabled', 'name')
|
||||
def list_domains(self, request, filters):
|
||||
hints = DomainV3.build_driver_hints(request.context_dict, filters)
|
||||
hints = DomainV3.build_driver_hints(request, filters)
|
||||
refs = self.resource_api.list_domains(hints=hints)
|
||||
return DomainV3.wrap_collection(request.context_dict,
|
||||
refs, hints=hints)
|
||||
|
|
@ -260,7 +260,7 @@ class ProjectV3(controller.V3Controller):
|
|||
@controller.filterprotected('domain_id', 'enabled', 'name',
|
||||
'parent_id', 'is_domain')
|
||||
def list_projects(self, request, filters):
|
||||
hints = ProjectV3.build_driver_hints(request.context_dict, filters)
|
||||
hints = ProjectV3.build_driver_hints(request, filters)
|
||||
# If 'is_domain' has not been included as a query, we default it to
|
||||
# False (which in query terms means '0'
|
||||
if 'is_domain' not in request.params:
|
||||
|
|
|
|||
Loading…
Reference in New Issue