Merge "Support admin to get all events"
This commit is contained in:
commit
f4f1a4069f
|
@ -21,6 +21,7 @@
|
||||||
import datetime
|
import datetime
|
||||||
|
|
||||||
from oslo_log import log
|
from oslo_log import log
|
||||||
|
from oslo_utils import strutils
|
||||||
import pecan
|
import pecan
|
||||||
from pecan import rest
|
from pecan import rest
|
||||||
import six
|
import six
|
||||||
|
@ -65,7 +66,10 @@ class EventQuery(base.Query):
|
||||||
field = wsme.wsattr(wtypes.text)
|
field = wsme.wsattr(wtypes.text)
|
||||||
'''
|
'''
|
||||||
Name of the field to filter on. Can be either a trait name or field of an
|
Name of the field to filter on. Can be either a trait name or field of an
|
||||||
event. Use start_timestamp/end_timestamp to filter on `generated` field
|
event.
|
||||||
|
1) Use start_timestamp/end_timestamp to filter on `generated` field.
|
||||||
|
2) Specify the 'all_tenants=True' query parameter to get all events for all
|
||||||
|
projects, this is only allowed by admin users.
|
||||||
'''
|
'''
|
||||||
|
|
||||||
def __repr__(self):
|
def __repr__(self):
|
||||||
|
@ -205,6 +209,10 @@ def _event_query_to_event_filter(q):
|
||||||
{'operator': i.op, 'field': i.field})
|
{'operator': i.op, 'field': i.field})
|
||||||
raise base.ClientSideError(error)
|
raise base.ClientSideError(error)
|
||||||
evt_model_filter[i.field] = i.value
|
evt_model_filter[i.field] = i.value
|
||||||
|
elif i.field == 'all_tenants' and admin_proj:
|
||||||
|
all_tenants = strutils.bool_from_string(i.value)
|
||||||
|
if all_tenants:
|
||||||
|
admin_proj = None
|
||||||
else:
|
else:
|
||||||
trait_type = i.type or 'string'
|
trait_type = i.type or 'string'
|
||||||
traits_filter.append({"key": i.field,
|
traits_filter.append({"key": i.field,
|
||||||
|
|
|
@ -638,6 +638,20 @@ class AclRestrictedEventTestBase(v2.FunctionalTest):
|
||||||
data = self.get_json('/events/2', headers=a_headers)
|
data = self.get_json('/events/2', headers=a_headers)
|
||||||
self.assertEqual('admin_ev', data['event_type'])
|
self.assertEqual('admin_ev', data['event_type'])
|
||||||
|
|
||||||
|
@tests_db.run_with('sqlite', 'mysql', 'pgsql', 'mongodb', 'es')
|
||||||
|
def test_admin_access_all(self):
|
||||||
|
a_headers = {"X-Roles": "admin",
|
||||||
|
"X-User-Id": self.admin_user_id,
|
||||||
|
"X-Project-Id": self.admin_proj_id}
|
||||||
|
data = self.get_json('/events', headers=a_headers,
|
||||||
|
q=[{'field': 'all_tenants',
|
||||||
|
'value': 'True',
|
||||||
|
'type': 'string',
|
||||||
|
'op': 'eq'}])
|
||||||
|
self.assertEqual(3, len(data))
|
||||||
|
self.assertEqual(set(['empty_ev', 'admin_ev', 'user_ev']),
|
||||||
|
set(ev['event_type'] for ev in data))
|
||||||
|
|
||||||
@tests_db.run_with('sqlite', 'mysql', 'pgsql', 'mongodb', 'es')
|
@tests_db.run_with('sqlite', 'mysql', 'pgsql', 'mongodb', 'es')
|
||||||
def test_admin_access_trait_filter_no_access(self):
|
def test_admin_access_trait_filter_no_access(self):
|
||||||
a_headers = {"X-Roles": "admin",
|
a_headers = {"X-Roles": "admin",
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Specify the 'all_tenants=True' query parameter to get all events for all
|
||||||
|
projects, this is only allowed by admin users.
|
Loading…
Reference in New Issue