Merge "Pass request to build_driver_hints"
This commit is contained in:
commit
b5b7c692b9
|
@ -269,8 +269,7 @@ class ProjectAssignmentV3(controller.V3Controller):
|
||||||
|
|
||||||
@controller.filterprotected('domain_id', 'enabled', 'name')
|
@controller.filterprotected('domain_id', 'enabled', 'name')
|
||||||
def list_user_projects(self, request, filters, user_id):
|
def list_user_projects(self, request, filters, user_id):
|
||||||
hints = ProjectAssignmentV3.build_driver_hints(request.context_dict,
|
hints = ProjectAssignmentV3.build_driver_hints(request, filters)
|
||||||
filters)
|
|
||||||
refs = self.assignment_api.list_projects_for_user(user_id,
|
refs = self.assignment_api.list_projects_for_user(user_id,
|
||||||
hints=hints)
|
hints=hints)
|
||||||
return ProjectAssignmentV3.wrap_collection(request.context_dict,
|
return ProjectAssignmentV3.wrap_collection(request.context_dict,
|
||||||
|
@ -331,26 +330,18 @@ class RoleV3(controller.V3Controller):
|
||||||
return self._create_role(request.context_dict, role)
|
return self._create_role(request.context_dict, role)
|
||||||
|
|
||||||
def list_roles_wrapper(self, request):
|
def list_roles_wrapper(self, request):
|
||||||
# If there is no domain_id filter defined, then we only want to return
|
if request.params.get('domain_id'):
|
||||||
# global roles, so we set the domain_id filter to None.
|
|
||||||
# NOTE(jamielennox): this is still using context_dict because it's
|
|
||||||
# writing to the query dict. Why is it writing to the query dict?
|
|
||||||
params = request.context_dict['query_string']
|
|
||||||
if 'domain_id' not in params:
|
|
||||||
request.context_dict['query_string']['domain_id'] = None
|
|
||||||
|
|
||||||
if request.context_dict['query_string']['domain_id'] is not None:
|
|
||||||
return self.list_domain_roles(request)
|
return self.list_domain_roles(request)
|
||||||
else:
|
else:
|
||||||
return self.list_roles(request)
|
return self.list_roles(request)
|
||||||
|
|
||||||
@controller.filterprotected('name', 'domain_id')
|
@controller.filterprotected('name', 'domain_id')
|
||||||
def list_roles(self, request, filters):
|
def list_roles(self, request, filters):
|
||||||
return self._list_roles(request.context_dict, filters)
|
return self._list_roles(request, filters)
|
||||||
|
|
||||||
@controller.filterprotected('name', 'domain_id')
|
@controller.filterprotected('name', 'domain_id')
|
||||||
def list_domain_roles(self, request, filters):
|
def list_domain_roles(self, request, filters):
|
||||||
return self._list_roles(request.context_dict, filters)
|
return self._list_roles(request, filters)
|
||||||
|
|
||||||
def get_role_wrapper(self, context, role_id):
|
def get_role_wrapper(self, context, role_id):
|
||||||
if self._is_domain_role_target(role_id):
|
if self._is_domain_role_target(role_id):
|
||||||
|
@ -415,11 +406,10 @@ class RoleV3(controller.V3Controller):
|
||||||
ref = self.role_api.create_role(ref['id'], ref, initiator)
|
ref = self.role_api.create_role(ref['id'], ref, initiator)
|
||||||
return RoleV3.wrap_member(context, ref)
|
return RoleV3.wrap_member(context, ref)
|
||||||
|
|
||||||
def _list_roles(self, context, filters):
|
def _list_roles(self, request, filters):
|
||||||
hints = RoleV3.build_driver_hints(context, filters)
|
hints = RoleV3.build_driver_hints(request, filters)
|
||||||
refs = self.role_api.list_roles(
|
refs = self.role_api.list_roles(hints=hints)
|
||||||
hints=hints)
|
return RoleV3.wrap_collection(request.context_dict, refs, hints=hints)
|
||||||
return RoleV3.wrap_collection(context, refs, hints=hints)
|
|
||||||
|
|
||||||
def _get_role(self, context, role_id):
|
def _get_role(self, context, role_id):
|
||||||
ref = self.role_api.get_role(role_id)
|
ref = self.role_api.get_role(role_id)
|
||||||
|
@ -435,6 +425,22 @@ class RoleV3(controller.V3Controller):
|
||||||
initiator = notifications._get_request_audit_info(context)
|
initiator = notifications._get_request_audit_info(context)
|
||||||
self.role_api.delete_role(role_id, initiator)
|
self.role_api.delete_role(role_id, initiator)
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def build_driver_hints(cls, request, supported_filters):
|
||||||
|
# NOTE(jamielennox): To handle the default case of no domain_id defined
|
||||||
|
# the role_assignment backend does some hackery to distinguish between
|
||||||
|
# global and domain scoped roles. This backend behaviour relies upon a
|
||||||
|
# value of domain_id being set (not just defaulting to None). Manually
|
||||||
|
# set the empty filter if its not provided.
|
||||||
|
|
||||||
|
hints = super(RoleV3, cls).build_driver_hints(request,
|
||||||
|
supported_filters)
|
||||||
|
|
||||||
|
if not request.params.get('domain_id'):
|
||||||
|
hints.add_filter('domain_id', None)
|
||||||
|
|
||||||
|
return hints
|
||||||
|
|
||||||
|
|
||||||
@dependency.requires('role_api')
|
@dependency.requires('role_api')
|
||||||
class ImpliedRolesV3(controller.V3Controller):
|
class ImpliedRolesV3(controller.V3Controller):
|
||||||
|
|
|
@ -235,7 +235,7 @@ class RegionV3(controller.V3Controller):
|
||||||
|
|
||||||
@controller.filterprotected('parent_region_id')
|
@controller.filterprotected('parent_region_id')
|
||||||
def list_regions(self, request, filters):
|
def list_regions(self, request, filters):
|
||||||
hints = RegionV3.build_driver_hints(request.context_dict, filters)
|
hints = RegionV3.build_driver_hints(request, filters)
|
||||||
refs = self.catalog_api.list_regions(hints)
|
refs = self.catalog_api.list_regions(hints)
|
||||||
return RegionV3.wrap_collection(request.context_dict,
|
return RegionV3.wrap_collection(request.context_dict,
|
||||||
refs,
|
refs,
|
||||||
|
@ -279,7 +279,7 @@ class ServiceV3(controller.V3Controller):
|
||||||
|
|
||||||
@controller.filterprotected('type', 'name')
|
@controller.filterprotected('type', 'name')
|
||||||
def list_services(self, request, filters):
|
def list_services(self, request, filters):
|
||||||
hints = ServiceV3.build_driver_hints(request.context_dict, filters)
|
hints = ServiceV3.build_driver_hints(request, filters)
|
||||||
refs = self.catalog_api.list_services(hints=hints)
|
refs = self.catalog_api.list_services(hints=hints)
|
||||||
return ServiceV3.wrap_collection(request.context_dict,
|
return ServiceV3.wrap_collection(request.context_dict,
|
||||||
refs,
|
refs,
|
||||||
|
@ -361,7 +361,7 @@ class EndpointV3(controller.V3Controller):
|
||||||
|
|
||||||
@controller.filterprotected('interface', 'service_id', 'region_id')
|
@controller.filterprotected('interface', 'service_id', 'region_id')
|
||||||
def list_endpoints(self, request, filters):
|
def list_endpoints(self, request, filters):
|
||||||
hints = EndpointV3.build_driver_hints(request.context_dict, filters)
|
hints = EndpointV3.build_driver_hints(request, filters)
|
||||||
refs = self.catalog_api.list_endpoints(hints=hints)
|
refs = self.catalog_api.list_endpoints(hints=hints)
|
||||||
return EndpointV3.wrap_collection(request.context_dict,
|
return EndpointV3.wrap_collection(request.context_dict,
|
||||||
refs,
|
refs,
|
||||||
|
|
|
@ -218,9 +218,8 @@ def filterprotected(*filters, **callback):
|
||||||
target = dict()
|
target = dict()
|
||||||
if filters:
|
if filters:
|
||||||
for item in filters:
|
for item in filters:
|
||||||
if item in request.context_dict['query_string']:
|
if item in request.params:
|
||||||
i = request.context_dict['query_string'][item]
|
target[item] = request.params[item]
|
||||||
target[item] = i
|
|
||||||
|
|
||||||
LOG.debug('RBAC: Adding query filter params (%s)', (
|
LOG.debug('RBAC: Adding query filter params (%s)', (
|
||||||
', '.join(['%s=%s' % (item, target[item])
|
', '.join(['%s=%s' % (item, target[item])
|
||||||
|
@ -625,25 +624,23 @@ class V3Controller(wsgi.Application):
|
||||||
return refs
|
return refs
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def build_driver_hints(cls, context, supported_filters):
|
def build_driver_hints(cls, request, supported_filters):
|
||||||
"""Build list hints based on the context query string.
|
"""Build list hints based on the context query string.
|
||||||
|
|
||||||
:param context: contains the query_string from which any list hints can
|
:param request: the current request
|
||||||
be extracted
|
|
||||||
:param supported_filters: list of filters supported, so ignore any
|
:param supported_filters: list of filters supported, so ignore any
|
||||||
keys in query_dict that are not in this list.
|
keys in query_dict that are not in this list.
|
||||||
|
|
||||||
"""
|
"""
|
||||||
query_dict = context['query_string']
|
|
||||||
hints = driver_hints.Hints()
|
hints = driver_hints.Hints()
|
||||||
|
|
||||||
if query_dict is None:
|
if not request.params:
|
||||||
return hints
|
return hints
|
||||||
|
|
||||||
for key in query_dict:
|
for key, value in request.params.items():
|
||||||
# Check if this is an exact filter
|
# Check if this is an exact filter
|
||||||
if supported_filters is None or key in supported_filters:
|
if supported_filters is None or key in supported_filters:
|
||||||
hints.add_filter(key, query_dict[key])
|
hints.add_filter(key, value)
|
||||||
continue
|
continue
|
||||||
|
|
||||||
# Check if it is an inexact filter
|
# Check if it is an inexact filter
|
||||||
|
@ -672,7 +669,7 @@ class V3Controller(wsgi.Application):
|
||||||
if comparator.startswith('i'):
|
if comparator.startswith('i'):
|
||||||
case_sensitive = False
|
case_sensitive = False
|
||||||
comparator = comparator[1:]
|
comparator = comparator[1:]
|
||||||
hints.add_filter(base_key, query_dict[key],
|
hints.add_filter(base_key, value,
|
||||||
comparator=comparator,
|
comparator=comparator,
|
||||||
case_sensitive=case_sensitive)
|
case_sensitive=case_sensitive)
|
||||||
|
|
||||||
|
|
|
@ -84,7 +84,7 @@ class CredentialV3(controller.V3Controller):
|
||||||
|
|
||||||
@controller.filterprotected('user_id', 'type')
|
@controller.filterprotected('user_id', 'type')
|
||||||
def list_credentials(self, request, filters):
|
def list_credentials(self, request, filters):
|
||||||
hints = CredentialV3.build_driver_hints(request.context_dict, filters)
|
hints = CredentialV3.build_driver_hints(request, filters)
|
||||||
refs = self.credential_api.list_credentials(hints)
|
refs = self.credential_api.list_credentials(hints)
|
||||||
ret_refs = [self._blob_to_json(r) for r in refs]
|
ret_refs = [self._blob_to_json(r) for r in refs]
|
||||||
return CredentialV3.wrap_collection(request.context_dict, ret_refs,
|
return CredentialV3.wrap_collection(request.context_dict, ret_refs,
|
||||||
|
|
|
@ -99,7 +99,7 @@ class IdentityProvider(_ControllerBase):
|
||||||
|
|
||||||
@controller.filterprotected('id', 'enabled')
|
@controller.filterprotected('id', 'enabled')
|
||||||
def list_identity_providers(self, request, filters):
|
def list_identity_providers(self, request, filters):
|
||||||
hints = self.build_driver_hints(request.context_dict, filters)
|
hints = self.build_driver_hints(request, filters)
|
||||||
ref = self.federation_api.list_idps(hints=hints)
|
ref = self.federation_api.list_idps(hints=hints)
|
||||||
ref = [self.filter_params(x) for x in ref]
|
ref = [self.filter_params(x) for x in ref]
|
||||||
return IdentityProvider.wrap_collection(request.context_dict,
|
return IdentityProvider.wrap_collection(request.context_dict,
|
||||||
|
@ -495,7 +495,7 @@ class ServiceProvider(_ControllerBase):
|
||||||
|
|
||||||
@controller.filterprotected('id', 'enabled')
|
@controller.filterprotected('id', 'enabled')
|
||||||
def list_service_providers(self, request, filters):
|
def list_service_providers(self, request, filters):
|
||||||
hints = self.build_driver_hints(request.context_dict, filters)
|
hints = self.build_driver_hints(request, filters)
|
||||||
ref = self.federation_api.list_sps(hints=hints)
|
ref = self.federation_api.list_sps(hints=hints)
|
||||||
ref = [self.filter_params(x) for x in ref]
|
ref = [self.filter_params(x) for x in ref]
|
||||||
return ServiceProvider.wrap_collection(request.context_dict,
|
return ServiceProvider.wrap_collection(request.context_dict,
|
||||||
|
|
|
@ -227,7 +227,7 @@ class UserV3(controller.V3Controller):
|
||||||
|
|
||||||
@controller.filterprotected('domain_id', 'enabled', 'name')
|
@controller.filterprotected('domain_id', 'enabled', 'name')
|
||||||
def list_users(self, request, filters):
|
def list_users(self, request, filters):
|
||||||
hints = UserV3.build_driver_hints(request.context_dict, filters)
|
hints = UserV3.build_driver_hints(request, filters)
|
||||||
domain = self._get_domain_id_for_list_request(request)
|
domain = self._get_domain_id_for_list_request(request)
|
||||||
refs = self.identity_api.list_users(domain_scope=domain, hints=hints)
|
refs = self.identity_api.list_users(domain_scope=domain, hints=hints)
|
||||||
return UserV3.wrap_collection(request.context_dict, refs, hints=hints)
|
return UserV3.wrap_collection(request.context_dict, refs, hints=hints)
|
||||||
|
@ -235,7 +235,7 @@ class UserV3(controller.V3Controller):
|
||||||
@controller.filterprotected('domain_id', 'enabled', 'name',
|
@controller.filterprotected('domain_id', 'enabled', 'name',
|
||||||
callback=_check_group_protection)
|
callback=_check_group_protection)
|
||||||
def list_users_in_group(self, request, filters, group_id):
|
def list_users_in_group(self, request, filters, group_id):
|
||||||
hints = UserV3.build_driver_hints(request.context_dict, filters)
|
hints = UserV3.build_driver_hints(request, filters)
|
||||||
refs = self.identity_api.list_users_in_group(group_id, hints=hints)
|
refs = self.identity_api.list_users_in_group(group_id, hints=hints)
|
||||||
return UserV3.wrap_collection(request.context_dict, refs, hints=hints)
|
return UserV3.wrap_collection(request.context_dict, refs, hints=hints)
|
||||||
|
|
||||||
|
@ -320,14 +320,14 @@ class GroupV3(controller.V3Controller):
|
||||||
|
|
||||||
@controller.filterprotected('domain_id', 'name')
|
@controller.filterprotected('domain_id', 'name')
|
||||||
def list_groups(self, request, filters):
|
def list_groups(self, request, filters):
|
||||||
hints = GroupV3.build_driver_hints(request.context_dict, filters)
|
hints = GroupV3.build_driver_hints(request, filters)
|
||||||
domain = self._get_domain_id_for_list_request(request)
|
domain = self._get_domain_id_for_list_request(request)
|
||||||
refs = self.identity_api.list_groups(domain_scope=domain, hints=hints)
|
refs = self.identity_api.list_groups(domain_scope=domain, hints=hints)
|
||||||
return GroupV3.wrap_collection(request.context_dict, refs, hints=hints)
|
return GroupV3.wrap_collection(request.context_dict, refs, hints=hints)
|
||||||
|
|
||||||
@controller.filterprotected('name', callback=_check_user_protection)
|
@controller.filterprotected('name', callback=_check_user_protection)
|
||||||
def list_groups_for_user(self, request, filters, user_id):
|
def list_groups_for_user(self, request, filters, user_id):
|
||||||
hints = GroupV3.build_driver_hints(request.context_dict, filters)
|
hints = GroupV3.build_driver_hints(request, filters)
|
||||||
refs = self.identity_api.list_groups_for_user(user_id, hints=hints)
|
refs = self.identity_api.list_groups_for_user(user_id, hints=hints)
|
||||||
return GroupV3.wrap_collection(request.context_dict, refs, hints=hints)
|
return GroupV3.wrap_collection(request.context_dict, refs, hints=hints)
|
||||||
|
|
||||||
|
|
|
@ -34,7 +34,7 @@ class PolicyV3(controller.V3Controller):
|
||||||
|
|
||||||
@controller.filterprotected('type')
|
@controller.filterprotected('type')
|
||||||
def list_policies(self, request, filters):
|
def list_policies(self, request, filters):
|
||||||
hints = PolicyV3.build_driver_hints(request.context_dict, filters)
|
hints = PolicyV3.build_driver_hints(request, filters)
|
||||||
refs = self.policy_api.list_policies(hints=hints)
|
refs = self.policy_api.list_policies(hints=hints)
|
||||||
return PolicyV3.wrap_collection(request.context_dict,
|
return PolicyV3.wrap_collection(request.context_dict,
|
||||||
refs, hints=hints)
|
refs, hints=hints)
|
||||||
|
|
|
@ -149,7 +149,7 @@ class DomainV3(controller.V3Controller):
|
||||||
|
|
||||||
@controller.filterprotected('enabled', 'name')
|
@controller.filterprotected('enabled', 'name')
|
||||||
def list_domains(self, request, filters):
|
def list_domains(self, request, filters):
|
||||||
hints = DomainV3.build_driver_hints(request.context_dict, filters)
|
hints = DomainV3.build_driver_hints(request, filters)
|
||||||
refs = self.resource_api.list_domains(hints=hints)
|
refs = self.resource_api.list_domains(hints=hints)
|
||||||
return DomainV3.wrap_collection(request.context_dict,
|
return DomainV3.wrap_collection(request.context_dict,
|
||||||
refs, hints=hints)
|
refs, hints=hints)
|
||||||
|
@ -260,7 +260,7 @@ class ProjectV3(controller.V3Controller):
|
||||||
@controller.filterprotected('domain_id', 'enabled', 'name',
|
@controller.filterprotected('domain_id', 'enabled', 'name',
|
||||||
'parent_id', 'is_domain')
|
'parent_id', 'is_domain')
|
||||||
def list_projects(self, request, filters):
|
def list_projects(self, request, filters):
|
||||||
hints = ProjectV3.build_driver_hints(request.context_dict, filters)
|
hints = ProjectV3.build_driver_hints(request, filters)
|
||||||
# If 'is_domain' has not been included as a query, we default it to
|
# If 'is_domain' has not been included as a query, we default it to
|
||||||
# False (which in query terms means '0'
|
# False (which in query terms means '0'
|
||||||
if 'is_domain' not in request.params:
|
if 'is_domain' not in request.params:
|
||||||
|
|
Loading…
Reference in New Issue