starlingx/ha
Code Issues Proposed changes
000df04ce1
ha/service-mgmt-api/sm-api/sm_api/api/acl.py
Sun Austin da53f143ee Fix flake8 errors and disable ignore case 
below issures are removed from ignore cases:
    E114 indentation is not a multiple of four (comment)
    E116 unexpected indentation (comment)
    E121 continuation line under-indented for hanging indent
    E122 continuation line missing indentation or outdented
    E123 closing bracket does not match indentation of opening bracket's line
    E124 closing bracket does not match visual indentation
    E125 continuation line with same indent as next logical line
    E126 continuation line over-indented for hanging indent
    E127 continuation line over-indented for visual indent
    E128 continuation line under-indented for visual indent
    E129 visually indented line with same indent as next logical line
    E131 continuation line unaligned for hanging indent
    E201 whitespace after '('
    E228 missing whitespace around modulo operator
    E231 missing whitespace after ','
    E241 multiple spaces after ':'
    E251 unexpected spaces around keyword / parameter equals
    E265 block comment should start with '#'
    E271 multiple spaces after keyword
    E302 expected 2 blank lines, found 1
    E303 too many blank lines
    E305 expected 2 blank lines after class or function definition, found 1
    E704 multiple statements on one line (def)
    E713 test for membership should be 'not in'
    E714 test for object identity should be 'is not'
    E722 do not use bare except'
    E731 do not assign a lambda expression, use a def
    E999 SyntaxError: invalid syntax (this is likely python3)
    F401 <foo> imported but unused
    F841 local variable 'foo' is assigned to but never used
    H201: no 'except:'
    H233: Python 3.x incompatible use of print operator
    B001 Do not use bare `except:`
    B004 Using `hasattr(x, '__call__')` to test
         if `x` is callable is unreliable.
    B305 `.next()` is not a thing on Python 3. Use the `next()` builtin.
    B306 `BaseException.message` has been deprecated as of Python 2.6
          and is removed in Python 3.
    B007 Loop control variable 'key' not used within the loop body.
remain below issues in ignores:
    E402 module level import not at top of file
    ./service-mgmt-api/sm-api/sm_api/cmd/__init__.py:25

    Hxxx since which are related with document format

    F811 redefinition of unused '<foo>' from line <x>
    ./service-mgmt-tools/sm-tools/sm_tools/sm_configure.py:18

    F821 undefined name 'e'
    ./service-mgmt-api/sm-api/sm_api/common/utils.py:448

    B006 Do not use mutable data structures for argument defaults.
    ./service-mgmt-api/sm-api/sm_api/common/service.py:59

    B008 Do not perform calls in argument defaults.
    ./service-mgmt-api/sm-api/sm_api/openstack/common/timeutils.py:117

Test have been done:Build,Deploy,some smc command,such as smc service-list,
smc service-show, sm-dump, etc

Story: 2003430
Task: 26524

Change-Id: I3e2a4a31f87e3ff66cfce86f54285e830ee1c3dc
Signed-off-by: Sun Austin <austin.sun@intel.com>
2018-11-07 08:12:37 +08:00

78 lines
2.3 KiB
Python
Raw Blame History

# -*- encoding: utf-8 -*-
#
# Copyright © 2012 New Dream Network, LLC (DreamHost)
#
# Author: Doug Hellmann <doug.hellmann@dreamhost.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Copyright (c) 2013-2014 Wind River Systems, Inc.
#
"""Access Control Lists (ACL's) control access the API server."""
from keystonemiddleware import auth_token as keystone_auth_token
from oslo_config import cfg
from pecan import hooks
from webob import exc
from sm_api.api.middleware import auth_token
from sm_api.common import policy
OPT_GROUP_NAME = 'keystone_authtoken'
def register_opts(conf):
"""Register keystoneclient middleware options
:param conf: SmApi settings.
"""
# conf.register_opts(keystone_auth_token._OPTS, group=OPT_GROUP_NAME)
keystone_auth_token.CONF = conf
register_opts(cfg.CONF)
def install(app, conf, public_routes):
"""Install ACL check on application.
:param app: A WSGI applicatin.
:param conf: Settings. Must include OPT_GROUP_NAME section.
:param public_routes: The list of the routes which will be allowed to
access without authentication.
:return: The same WSGI application with ACL installed.
"""
keystone_config = dict(conf.get(OPT_GROUP_NAME))
return auth_token.AuthTokenMiddleware(app,
conf=keystone_config,
public_api_routes=public_routes)
class AdminAuthHook(hooks.PecanHook):
"""Verify that the user has admin rights.
Checks whether the request context is an admin context and
rejects the request otherwise.
"""
def before(self, state):
ctx = state.request.context
if not policy.check_is_admin(ctx) and not ctx.is_public_api:
raise exc.HTTPForbidden()
View Git Blame Copy Permalink