openstack/tricircle
Code Issues Proposed changes

Merge "Use DocumentedRuleDefault instead of RuleDefault"

Browse Source
This commit is contained in:
Zuul 2017-10-20 01:17:36 +00:00 committed by Gerrit Code Review
commit 2b164d8dff
5 changed files with 137 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -34,6 +34,7 @@ nosetests.xml
.mr.developer.cfg .mr.developer.cfg
.project .project
.pydevproject .pydevproject
.idea
# Complexity # Complexity
output/*.html output/*.html

3
etc/policy-generator.conf Normal file
View File

@ -0,0 +1,3 @@
[DEFAULT]
output_file = etc/tricircle-policy.yaml.sample
namespace = tricircle

2
setup.cfg
View File

@ -57,6 +57,8 @@ oslo.config.opts =
tricircle.db = tricircle.db.opts:list_opts tricircle.db = tricircle.db.opts:list_opts
tricircle.network = tricircle.network.opts:list_opts tricircle.network = tricircle.network.opts:list_opts
tricircle.xjob = tricircle.xjob.opts:list_opts tricircle.xjob = tricircle.xjob.opts:list_opts
oslo.policy.policies =
tricircle = tricircle.common.policy:list_policies
tricircle.network.type_drivers = tricircle.network.type_drivers =
local = tricircle.network.drivers.type_local:LocalTypeDriver local = tricircle.network.drivers.type_local:LocalTypeDriver
vlan = tricircle.network.drivers.type_vlan:VLANTypeDriver vlan = tricircle.network.drivers.type_vlan:VLANTypeDriver

5
tox.ini
View File

@ -42,6 +42,11 @@ deps =
commands = oslo-config-generator --config-file=etc/api-cfg-gen.conf commands = oslo-config-generator --config-file=etc/api-cfg-gen.conf
oslo-config-generator --config-file=etc/xjob-cfg-gen.conf oslo-config-generator --config-file=etc/xjob-cfg-gen.conf
[testenv:genpolicy]
deps =
-r{toxinidir}/test-requirements.txt
commands = oslopolicy-sample-generator --config-file=etc/policy-generator.conf
[testenv:docs] [testenv:docs]
deps = deps =
-r{toxinidir}/test-requirements.txt -r{toxinidir}/test-requirements.txt

170
tricircle/common/policy.py
View File

@ -65,50 +65,132 @@ ADMIN_API_JOB_DELETE = 'admin_api:jobs:delete'
tricircle_admin_api_policies = [ tricircle_admin_api_policies = [
policy.RuleDefault(ADMIN_API_PODS_CREATE, policy.DocumentedRuleDefault(ADMIN_API_PODS_CREATE,
'rule:admin_api', 'rule:admin_api',
description='Create pod'), description='Create pod.',
policy.RuleDefault(ADMIN_API_PODS_DELETE, operations=[
'rule:admin_api', {
description='Delete pod'), 'path': '/pods',
policy.RuleDefault(ADMIN_API_PODS_SHOW, 'method': 'POST'
'rule:admin_api', }
description='Show pod detail'), ]),
policy.RuleDefault(ADMIN_API_PODS_LIST, policy.DocumentedRuleDefault(ADMIN_API_PODS_DELETE,
'rule:admin_api', 'rule:admin_api',
description='List pods'), description='Delete specified pod.',
operations=[
policy.RuleDefault(ADMIN_API_ROUTINGS_CREATE, {
'rule:admin_api', 'path': '/pods/{pod_id}',
description='Create resource routing'), 'method': 'DELETE'
policy.RuleDefault(ADMIN_API_ROUTINGS_DELETE, }
'rule:admin_api', ]),
description='Delete resource routing'), policy.DocumentedRuleDefault(ADMIN_API_PODS_SHOW,
policy.RuleDefault(ADMIN_API_ROUTINGS_PUT, 'rule:admin_api',
'rule:admin_api', description='Show pod details.',
description='Update resource routing'), operations=[
policy.RuleDefault(ADMIN_API_ROUTINGS_SHOW, {
'rule:admin_api', 'path': '/pods/{pod_id}',
description='Show resource routing detail'), 'method': 'GET'
policy.RuleDefault(ADMIN_API_ROUTINGS_LIST, }
'rule:admin_api', ]),
description='List resource routings'), policy.DocumentedRuleDefault(ADMIN_API_PODS_LIST,
'rule:admin_api',
policy.RuleDefault(ADMIN_API_JOB_CREATE, description='List pods.',
'rule:admin_api', operations=[
description='Create job'), {
policy.RuleDefault(ADMIN_API_JOB_LIST, 'path': '/pods',
'rule:admin_api', 'method': 'GET'
description='List jobs'), }
policy.RuleDefault(ADMIN_API_JOB_SCHEMA_LIST, ]),
'rule:admin_api', policy.DocumentedRuleDefault(ADMIN_API_ROUTINGS_CREATE,
description='List job schemas'), 'rule:admin_api',
policy.RuleDefault(ADMIN_API_JOB_REDO, description='Create resource routing',
'rule:admin_api', operations=[
description='Redo job'), {
policy.RuleDefault(ADMIN_API_JOB_DELETE, 'path': '/routings',
'rule:admin_api', 'method': 'POST'
description='Delete job') }
]),
policy.DocumentedRuleDefault(ADMIN_API_ROUTINGS_DELETE,
'rule:admin_api',
description='Delete resource routing',
operations=[
{
'path': '/routings/{id}',
'method': 'DELETE'
}
]),
policy.DocumentedRuleDefault(ADMIN_API_ROUTINGS_PUT,
'rule:admin_api',
description='Update resource routing',
operations=[
{
'path': '/routings/{id}',
'method': 'PUT'
}
]),
policy.DocumentedRuleDefault(ADMIN_API_ROUTINGS_SHOW,
'rule:admin_api',
description='Show resource routing detail',
operations=[
{
'path': '/routings/{id}',
'method': 'GET'
}
]),
policy.DocumentedRuleDefault(ADMIN_API_ROUTINGS_LIST,
'rule:admin_api',
description='List resource routings',
operations=[
{
'path': '/routings',
'method': 'GET'
}
]),
policy.DocumentedRuleDefault(ADMIN_API_JOB_CREATE,
'rule:admin_api',
description='Create job',
operations=[
{
'path': '/jobs',
'method': 'POST'
}
]),
policy.DocumentedRuleDefault(ADMIN_API_JOB_LIST,
'rule:admin_api',
description='List jobs',
operations=[
{
'path': '/jobs',
'method': 'GET'
}
]),
policy.DocumentedRuleDefault(ADMIN_API_JOB_SCHEMA_LIST,
'rule:admin_api',
description='List job schemas',
operations=[
{
'path': '/jobs/schemas',
'method': 'GET'
}
]),
policy.DocumentedRuleDefault(ADMIN_API_JOB_REDO,
'rule:admin_api',
description='Redo job',
operations=[
{
'path': '/jobs/{id}',
'method': 'PUT'
}
]),
policy.DocumentedRuleDefault(ADMIN_API_JOB_DELETE,
'rule:admin_api',
description='Delete job',
operations=[
{
'path': '/jobs/{id}',
'method': 'DELETE'
}
])
] ]