Horizon UI support for Octavia
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

95 lines
3.4 KiB

# Copyright 2016 IBM Corp.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""API over the barbican service.
"""
from barbicanclient import client as barbican_client
from django.conf import settings
from django.views import generic
from keystoneclient.auth.identity import v2 as auth_v2
from keystoneclient.auth.identity import v3 as auth_v3
from keystoneclient import session
from horizon.utils.memoized import memoized # noqa
from openstack_dashboard.api import base
from openstack_dashboard.api import keystone
from openstack_dashboard.api.rest import urls
from openstack_dashboard.api.rest import utils as rest_utils
@memoized
def barbicanclient(request):
project_id = request.user.project_id
region = request.user.services_region
endpoint = base.url_for(request, 'key-manager')
if keystone.get_version() < 3:
auth = auth_v2.Token(settings.OPENSTACK_KEYSTONE_URL,
request.user.token.id,
tenant_id=project_id)
else:
domain_id = request.session.get('domain_context')
auth = auth_v3.Token(settings.OPENSTACK_KEYSTONE_URL,
request.user.token.id,
project_id=project_id,
project_domain_id=domain_id)
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
cacert = getattr(settings, 'OPENSTACK_SSL_CACERT', None)
# If 'insecure' is True, 'verify' is False in all cases; otherwise
# pass the cacert path if it is present, or True if no cacert.
verify = not insecure and (cacert or True)
return barbican_client.Client(session=session.Session(auth=auth,
verify=verify),
endpoint=endpoint,
region_name=region)
@urls.register
class SSLCertificates(generic.View):
"""API for working with SSL certificate containers.
"""
url_regex = r'barbican/certificates/$'
@rest_utils.ajax()
def get(self, request):
"""List certificate containers.
The listing result is an object with property "items".
"""
limit = getattr(settings, 'API_RESULT_LIMIT', 1000)
containers = barbicanclient(request).containers
params = {'limit': limit, 'type': 'certificate'}
result = containers._api.get('containers', params=params)
return {'items': result.get('containers')}
@urls.register
class Secrets(generic.View):
"""API for working with secrets.
"""
url_regex = r'barbican/secrets/$'
@rest_utils.ajax()
def get(self, request):
"""List secrets.
The listing result is an object with property "items".
"""
limit = getattr(settings, 'API_RESULT_LIMIT', 1000)
secrets = barbicanclient(request).secrets
params = {'limit': limit}
result = secrets._api.get('secrets', params=params)
return {'items': result.get('secrets')}