From d43b4209e997ba9b20b9ebea0504246af93aebb9 Mon Sep 17 00:00:00 2001
From: Lingxian Kong <anlin.kong@gmail.com>
Date: Fri, 23 Aug 2019 15:46:34 +1200
Subject: [PATCH] Support backup filtering

Support to filter backups by instance_id and all_projects(admin only by
default).

Story: #2006433
Task: #36343

Change-Id: Ia483bbafb8d106a9d46ab908cf5659f06fb3b7ed
---
 trove/backup/models.py           | 20 ++++++++++----------
 trove/backup/service.py          | 16 ++++++++++++++--
 trove/common/policies/backups.py | 10 ++++++++++
 3 files changed, 34 insertions(+), 12 deletions(-)

diff --git a/trove/backup/models.py b/trove/backup/models.py
index 2c5c617c1e..829e100d9b 100644
--- a/trove/backup/models.py
+++ b/trove/backup/models.py
@@ -182,22 +182,22 @@ class Backup(object):
         return query.all(), marker
 
     @classmethod
-    def list(cls, context, datastore=None):
-        """
-        list all live Backups belong to given tenant
-        :param cls:
-        :param context: tenant_id included
-        :param datastore: datastore to filter by
-        :return:
-        """
+    def list(cls, context, datastore=None, instance_id=None,
+             all_projects=False):
         query = DBBackup.query()
-        filters = [DBBackup.tenant_id == context.tenant,
-                   DBBackup.deleted == 0]
+        filters = [DBBackup.deleted == 0]
+
+        if not all_projects:
+            filters.append(DBBackup.tenant_id == context.tenant)
+        if instance_id:
+            filters.append(DBBackup.instance_id == instance_id)
+
         if datastore:
             ds = datastore_models.Datastore.load(datastore)
             filters.append(datastore_models.DBDatastoreVersion.
                            datastore_id == ds.id)
             query = query.join(datastore_models.DBDatastoreVersion)
+
         query = query.filter(*filters)
         return cls._paginate(context, query)
 
diff --git a/trove/backup/service.py b/trove/backup/service.py
index ddb3e99ee4..c410b21eb5 100644
--- a/trove/backup/service.py
+++ b/trove/backup/service.py
@@ -39,9 +39,21 @@ class BackupController(wsgi.Controller):
         """
         LOG.debug("Listing backups for tenant %s", tenant_id)
         datastore = req.GET.get('datastore')
+        instance_id = req.GET.get('instance_id')
+        all_projects = req.GET.get('all_projects', False)
         context = req.environ[wsgi.CONTEXT_KEY]
-        policy.authorize_on_tenant(context, 'backup:index')
-        backups, marker = Backup.list(context, datastore)
+
+        if all_projects:
+            policy.authorize_on_tenant(context, 'backup:index:all_projects')
+        else:
+            policy.authorize_on_tenant(context, 'backup:index')
+
+        backups, marker = Backup.list(
+            context,
+            datastore=datastore,
+            instance_id=instance_id,
+            all_projects=all_projects
+        )
         view = views.BackupViews(backups)
         paged = pagination.SimplePaginatedDataView(req.url, 'backups', view,
                                                    marker)
diff --git a/trove/common/policies/backups.py b/trove/common/policies/backups.py
index 0ab36e6c92..312e49509c 100644
--- a/trove/common/policies/backups.py
+++ b/trove/common/policies/backups.py
@@ -45,6 +45,16 @@ rules = [
                 'method': 'GET'
             }
         ]),
+    policy.DocumentedRuleDefault(
+        name='backup:index:all_projects',
+        check_str='role:admin',
+        description='List backups for all the projects.',
+        operations=[
+            {
+                'path': PATH_BACKUPS,
+                'method': 'GET'
+            }
+        ]),
     policy.DocumentedRuleDefault(
         name='backup:show',
         check_str='rule:admin_or_owner',