Merge "Policy in code for packages"
This commit is contained in:
commit
de887f73b2
@ -3,14 +3,6 @@
|
|||||||
"admin_api": "is_admin:True",
|
"admin_api": "is_admin:True",
|
||||||
"default": "",
|
"default": "",
|
||||||
|
|
||||||
"get_package": "rule:default",
|
|
||||||
"upload_package": "rule:default",
|
|
||||||
"modify_package": "rule:default",
|
|
||||||
"publicize_package": "rule:admin_api",
|
|
||||||
"manage_public_package": "rule:default",
|
|
||||||
"delete_package": "rule:default",
|
|
||||||
"download_package": "rule:default",
|
|
||||||
|
|
||||||
"get_category": "rule:default",
|
"get_category": "rule:default",
|
||||||
"delete_category": "rule:admin_api",
|
"delete_category": "rule:admin_api",
|
||||||
"add_category": "rule:admin_api",
|
"add_category": "rule:admin_api",
|
||||||
|
@ -17,10 +17,12 @@ import itertools
|
|||||||
|
|
||||||
from murano.common.policies import env_template
|
from murano.common.policies import env_template
|
||||||
from murano.common.policies import environment
|
from murano.common.policies import environment
|
||||||
|
from murano.common.policies import package
|
||||||
|
|
||||||
|
|
||||||
def list_rules():
|
def list_rules():
|
||||||
return itertools.chain(
|
return itertools.chain(
|
||||||
environment.list_rules(),
|
environment.list_rules(),
|
||||||
env_template.list_rules()
|
env_template.list_rules(),
|
||||||
|
package.list_rules()
|
||||||
)
|
)
|
||||||
|
85
murano/common/policies/package.py
Normal file
85
murano/common/policies/package.py
Normal file
@ -0,0 +1,85 @@
|
|||||||
|
# Copyright 2017 AT&T Corporation.
|
||||||
|
# All Rights Reserved.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
from oslo_policy import policy
|
||||||
|
|
||||||
|
from murano.common.policies import base
|
||||||
|
|
||||||
|
package_policies = [
|
||||||
|
policy.DocumentedRuleDefault(
|
||||||
|
name='get_package',
|
||||||
|
check_str=base.RULE_DEFAULT,
|
||||||
|
description="""Returns either detailed package information or
|
||||||
|
information specific to the package's UI or logo. In addition, checks for the
|
||||||
|
existence of a given package.""",
|
||||||
|
operations=[{'path': '/v1/catalog/packages/{package_id}',
|
||||||
|
'method': 'GET'},
|
||||||
|
{'path': '/v1/catalog/packages',
|
||||||
|
'method': 'GET'},
|
||||||
|
{'path': '/v1/catalog/packages/{package_id}/ui',
|
||||||
|
'method': 'GET'},
|
||||||
|
{'path': '/v1/catalog/packages/{package_id}/logo',
|
||||||
|
'method': 'GET'}]),
|
||||||
|
policy.DocumentedRuleDefault(
|
||||||
|
name='upload_package',
|
||||||
|
check_str=base.RULE_DEFAULT,
|
||||||
|
description='Upload a package to the application catalog.',
|
||||||
|
operations=[{'path': '/v1/catalog/packages',
|
||||||
|
'method': 'POST'}]),
|
||||||
|
policy.DocumentedRuleDefault(
|
||||||
|
name='modify_package',
|
||||||
|
check_str=base.RULE_DEFAULT,
|
||||||
|
description='Update package information for a given package.',
|
||||||
|
operations=[{'path': '/v1/catalog/packages/{package_id}',
|
||||||
|
'method': 'PATCH'}]),
|
||||||
|
policy.DocumentedRuleDefault(
|
||||||
|
name='publicize_package',
|
||||||
|
check_str=base.RULE_ADMIN_API,
|
||||||
|
description="""Publicize a package across all projects. Grants users in
|
||||||
|
any project the ability to use the package. Enforced only when `is_public`
|
||||||
|
parameter is set to True in the request body of the `update` or `upload`
|
||||||
|
package request.""",
|
||||||
|
operations=[{'path': '/v1/catalog/packages/{package_id}',
|
||||||
|
'method': 'PATCH'},
|
||||||
|
{'path': '/v1/catalog/packages',
|
||||||
|
'method': 'POST'}]),
|
||||||
|
policy.DocumentedRuleDefault(
|
||||||
|
name='manage_public_package',
|
||||||
|
check_str=base.RULE_DEFAULT,
|
||||||
|
description="""Either update, delete or check for the existence of a
|
||||||
|
public package. Only enforced when the package is public.""",
|
||||||
|
operations=[{'path': '/v1/catalog/packages/{package_id}',
|
||||||
|
'method': 'PATCH'},
|
||||||
|
{'path': '/v1/catalog/packages/{package_id}',
|
||||||
|
'method': 'DELETE'},
|
||||||
|
{'path': '/v1/catalog/packages',
|
||||||
|
'method': 'GET'}]),
|
||||||
|
policy.DocumentedRuleDefault(
|
||||||
|
name='delete_package',
|
||||||
|
check_str=base.RULE_DEFAULT,
|
||||||
|
description='Delete a given package.',
|
||||||
|
operations=[{'path': '/v1/catalog/packages/{package_id}',
|
||||||
|
'method': 'DELETE'}]),
|
||||||
|
policy.DocumentedRuleDefault(
|
||||||
|
name='download_package',
|
||||||
|
check_str=base.RULE_DEFAULT,
|
||||||
|
description='Download a package from the application catalog.',
|
||||||
|
operations=[{'path': '/v1/catalog/packages/{package_id}/download',
|
||||||
|
'method': 'GET'}])
|
||||||
|
]
|
||||||
|
|
||||||
|
|
||||||
|
def list_rules():
|
||||||
|
return package_policies
|
Loading…
Reference in New Issue
Block a user