21250cf20c
The Oslo Policy library provides support for RBAC policy enforcement across all OpenStack services. Update the devstack plugin to copy the default policy file over to /etc/trove in the gate environments. Note: Not adding a rule for 'reset-password' instance action as that API was discontinued years ago and is now just waiting for removal (Bug: 1645866). DocImpact Co-Authored-By: Ali Adil <aadil@tesora.com> Change-Id: Ic443a4c663301840406cad537159eab7b0b5ed1c Implements: blueprint trove-policy
39 lines
1.4 KiB
Python
39 lines
1.4 KiB
Python
# Copyright 2013 OpenStack Foundation
|
|
# Copyright 2013 Hewlett-Packard Development Company, L.P.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
from trove.common import policy
|
|
from trove.common import wsgi
|
|
from trove.limits import views
|
|
from trove.quota.quota import QUOTAS
|
|
|
|
|
|
class LimitsController(wsgi.Controller):
|
|
"""
|
|
Controller for accessing limits in the OpenStack API.
|
|
"""
|
|
|
|
def index(self, req, tenant_id):
|
|
"""
|
|
Return all absolute and rate limit information.
|
|
"""
|
|
context = req.environ[wsgi.CONTEXT_KEY]
|
|
policy.authorize_on_tenant(context, 'limits:index')
|
|
quotas = QUOTAS.get_all_quotas_by_tenant(tenant_id)
|
|
abs_limits = {k: v['hard_limit'] for k, v in quotas.items()}
|
|
rate_limits = req.environ.get("trove.limits", [])
|
|
|
|
return wsgi.Result(views.LimitViews(abs_limits,
|
|
rate_limits).data(), 200)
|