diff options
| author |   WuKong <rebirthmonkey@gmail.com> | 2015-07-01 11:08:04 +0200 |
|---|---|---|
| committer | WuKong <rebirthmonkey@gmail.com> | 2015-07-01 11:08:04 +0200 |
| commit | aa70ec0095fbfdb535c21599aec4c7f3215b3ba6 (patch) | |
| tree | e86715ac4656e2ea488d2721465484ce0789de7f /keystone-moon/doc/source/extensions/moon_api.rst | |
| parent | 9a05b86d2c87fff1ae550481fd15d4807a1df7aa (diff) | |
create a sub-dir for moon's doc
Change-Id: I06b66843f4bef550c6312a5f668f47d6861d6369
Signed-off-by: WuKong <rebirthmonkey@gmail.com>
Diffstat (limited to 'keystone-moon/doc/source/extensions/moon_api.rst')
| -rw-r--r-- | keystone-moon/doc/source/extensions/moon_api.rst | 628 |
1 files changed, 0 insertions, 628 deletions
diff --git a/keystone-moon/doc/source/extensions/moon_api.rst b/keystone-moon/doc/source/extensions/moon_api.rst deleted file mode 100644 index 1f7ad10b..00000000 --- a/keystone-moon/doc/source/extensions/moon_api.rst +++ /dev/null @@ -1,628 +0,0 @@ -Moon API -======== - -Here are Moon API with some examples of posted data and returned data. - -Intra-Extension API -------------------- - -Authz -~~~~~ - -* ``GET /OS-MOON/authz/{tenant_id}/{subject_id}/{object_id}/{action_id}`` - -.. code-block:: json - - return = { - "authz": "OK/KO/OutOfScope", - "tenant_id": "tenant_id", - "subject_id": "subject_id", - "object_id": "object_id", - "action_id": "action_id" - } - -Intra_Extension -~~~~~~~~~~~~~~~ - -* ``GET /OS-MOON/authz_policies`` - -.. code-block:: json - - return = { - "authz_policies": ["policy_name1", "policy_name2"] - } - -* ``GET /OS-MOON/intra_extensions`` - -.. code-block:: json - - return = { - "intra_extensions": ["ie_uuid1", "ie_uuid2"] - } - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}`` - -.. code-block:: json - - return = { - "intra_extensions": { - "id": "uuid1", - "description": "", - "tenant": "tenant_uuid", - "model": "", - "genre": "", - "authz": {}, - "admin": {} - } - } - -* ``POST /OS-MOON/intra_extensions`` - -.. code-block:: json - - post = { - "name" : "", - "policymodel": "", - "description": "" - } - return = { - "id": "uuid1", - "description": "", - "tenant": "tenant_uuid", - "model": "", - "genre": "", - "authz": {}, - "admin": {} - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}`` - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/tenant`` - -.. code-block:: json - - return = { - "tenant": "tenant_id" - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/tenant`` - -.. code-block:: json - - post = { - "tenant_id": "tenant_id" - } - return = { - "tenant": "tenant_id" - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/tenant/{tenant_id}`` - -Perimeter -~~~~~~~~~ - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subjects`` - -.. code-block:: json - - return = { - "subjects": ["sub_uuid1", "sub_uuid2"] - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subjects`` - -.. code-block:: json - - post = { - "subject_id" : "" - } - return = { - "subjects": ["sub_uuid1", "sub_uuid2"] - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject/{subject_id}`` - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/objects`` - -.. code-block:: json - - return = { - "objects": ["obj_uuid1", "obj_uuid2"] - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/objects`` - -.. code-block:: json - - post = { - "object_id" : "" - } - return = { - "objects": ["obj_uuid1", "obj_uuid2"] - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object/{object_id}`` - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/actions`` - -.. code-block:: json - - return = { - "actions": ["act_uuid1", "act_uuid2"] - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/actions`` - -.. code-block:: json - - post = { - "action_id" : "" - } - return = { - "actions": ["act_uuid1", "act_uuid2"] - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/actions/{action_id}`` - -Assignment -~~~~~~~~~~ - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subject_assignments`` - -.. code-block:: json - - return = { - "subject_assignments": { - "subject_security_level":{ - "user1": ["low"], - "user2": ["medium"], - "user3": ["high"] - } - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subject_assignments`` - -.. code-block:: json - - post = { - "subject_id" : "", - "subject_category_id" : "", - "subject_category_scope_id" : "" - } - return = { - "subject_assignments": { - "subject_security_level":{ - "user1": ["low"], - "user2": ["medium"], - "user3": ["high"] - } - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject_assignments/{subject_category}/{subject_id}/{subject_scope}`` - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/object_assignments`` - -.. code-block:: json - - return = { - "object_assignments": { - "object_security_level":{ - "vm1": ["low"], - "vm2": ["medium"], - "vm3": ["high"] - } - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/object_assignments`` - -.. code-block:: json - - post = { - "object_id" : "", - "object_category_id" : "", - "object_category_scope_id" : "" - } - return = { - "object_assignments": { - "object_security_level":{ - "vm1": ["low"], - "vm2": ["medium"], - "vm3": ["high"] - } - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object_assignments/{object_category}/{object_id}/{object_scope}`` - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/action_assignments`` - -.. code-block:: json - - return = { - "action_assignments": { - "computing_action":{ - "pause": ["vm_admin"], - "unpause": ["vm_admin"], - "start": ["vm_admin"], - "stop": ["vm_admin"] - } - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/action_assignments`` - -.. code-block:: json - - post = { - "action_id" : "", - "action_category_id" : "", - "action_category_scope_id" : "" - } - return = { - "action_assignments": { - "computing_action":{ - "pause": ["vm_admin"], - "unpause": ["vm_admin"], - "start": ["vm_admin"], - "stop": ["vm_admin"] - } - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/action_assignments/{action_category}/{action_id}/{action_scope}`` - -Metadata -~~~~~~~~ - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subject_categories`` - -.. code-block:: json - - return = { - "subject_categories": [ "subject_security_level" ] - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subject_categories`` - -.. code-block:: json - - post = { - "subject_category_id" : "" - } - return = { - "subject_categories": [ "subject_security_level" ] - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject_categories/{subject_category_id}`` - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/object_categories`` - -.. code-block:: json - - return = { - "object_categories": [ "object_security_level" ] - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/object_categories`` - -.. code-block:: json - - post = { - "object_category_id" : "" - } - return = { - "object_categories": [ "object_security_level" ] - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object_categories/{object_category_id}`` - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/action_categories`` - -.. code-block:: json - - return = { - "action_categories": [ "computing_action" ] - } - - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/action_categories`` - -.. code-block:: json - - post = { - "action_category_id" : "" - } - return = { - "action_categories": [ "computing_action" ] - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/action_categories/{action_category_id}`` - -Scope -~~~~~ - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subject_category_scope`` - -.. code-block:: json - - return = { - "subject_security_level": [ "high", "medium", "low" ] - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subject_category_scope`` - -.. code-block:: json - - post = { - "subject_category_id" : "", - "subject_category_scope_id" : "" - } - return = { - "subject_security_level": [ "high", "medium", "low" ] - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject_category_scope/{subject_category}/{subject_scope}`` - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/object_category_scope`` - -.. code-block:: json - - return = { - "object_security_level": [ "high", "medium", "low" ] - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/object_category_scope`` - -.. code-block:: json - - post = { - "object_category_id" : "", - "object_category_scope_id" : "" - } - return = { - "object_security_level": [ "high", "medium", "low" ] - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object_category_scope/{object_category}/{object_scope}`` - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/action_category_scope`` - -.. code-block:: json - - return = { - "computing_action": [ "vm_admin", "vm_access" ] - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/action_category_scope`` - -.. code-block:: json - - post = { - "action_id" : "", - "action_category_id" : "", - "action_category_scope_id" : "" - } - return = { - "computing_action": [ "vm_admin", "vm_access" ] - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/action_category_scope/{action_category}/{action_scope}`` - -Metarule -~~~~~~~~ - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/aggregation_algorithms`` - -.. code-block:: json - - return = { - "aggregation_algorithms": [ "and_true_aggregation", "..."] - } - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/aggregation_algorithm`` - -.. code-block:: json - - return = { - "aggregation_algorithm": "and_true_aggregation" - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/aggregation_algorithm`` - -.. code-block:: json - - post = { - "aggregation": "and_true_aggregation" - } - return = { - "aggregation_algorithm": "and_true_aggregation" - } - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/sub_meta_rule`` - -.. code-block:: json - - return = { - "sub_meta_rule": { - "subject_categories": ["role"], - "action_categories": ["ie_action"], - "object_categories": ["id"], - "relation": "relation_super" - } - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/sub_meta_rule`` - -.. code-block:: json - - post = { - "relation_super": { - "subject_categories": ["role"], - "action_categories": ["ie_action"], - "object_categories": ["id"], - } - } - return = { - "sub_meta_rule": { - "subject_categories": ["role"], - "action_categories": ["ie_action"], - "object_categories": ["id"], - "relation": "relation_super" - } - } - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/sub_meta_rule_relations`` - -.. code-block:: json - - return = { - "sub_meta_rule_relations": ["relation_super", ] - } - -Rules -~~~~~ - -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/sub_rules`` - -.. code-block:: json - - return = { - "sub_rules": { - "relation_super": [ - ["high", "vm_admin", "medium"], - ["high", "vm_admin", "low"], - ["medium", "vm_admin", "low"], - ["high", "vm_access", "high"], - ["high", "vm_access", "medium"], - ["high", "vm_access", "low"], - ["medium", "vm_access", "medium"], - ["medium", "vm_access", "low"], - ["low", "vm_access", "low"] - ] - } - } - -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/sub_rules`` - -.. code-block:: json - - post = { - "rules": ["admin", "vm_admin", "servers"], - "relation": "relation_super" - } - -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/sub_rules/{relation_name}/{rule}`` - - -Tenant mapping API ------------------- - -* ``GET /OS-MOON/tenants`` - -.. code-block:: json - - return = { - "tenant": { - "uuid1": { - "name": "tenant1", - "authz": "intra_extension_uuid1", - "admin": "intra_extension_uuid2" - }, - "uuid2": { - "name": "tenant2", - "authz": "intra_extension_uuid1", - "admin": "intra_extension_uuid2" - } - } - } - -* ``GET /OS-MOON/tenant/{tenant_uuid}`` - -.. code-block:: json - - return = { - "tenant": { - "uuid": { - "name": "tenant1", - "authz": "intra_extension_uuid1", - "admin": "intra_extension_uuid2" - } - } - } - -* ``POST /OS-MOON/tenant`` - -.. code-block:: json - - post = { - "id": "uuid", - "name": "tenant1", - "authz": "intra_extension_uuid1", - "admin": "intra_extension_uuid2" - } - return = { - "tenant": { - "uuid": { - "name": "tenant1", - "authz": "intra_extension_uuid1", - "admin": "intra_extension_uuid2" - } - } - } - -* ``DELETE /OS-MOON/tenant/{tenant_uuid}/{intra_extension_uuid}`` - -.. code-block:: json - - return = {} - -Logs API --------- - -* ``GET /OS-MOON/logs`` - -InterExtension API ------------------- - -* ``GET /OS-MOON/inter_extensions`` - -.. code-block:: json - - return = { - "inter_extensions": ["ie_uuid1", "ie_uuid2"] - } - -* ``GET /OS-MOON/inter_extensions/{inter_extensions_id}`` - -.. code-block:: json - - return = { - "inter_extensions": { - "id": "uuid1", - "description": "", - "requesting_intra_extension_uuid": "uuid1", - "requested_intra_extension_uuid": "uuid2", - "genre": "trust_OR_coordinate", - "virtual_entity_uuid": "ve_uuid1" - } - } - -* ``POST /OS-MOON/inter_extensions`` - -.. code-block:: json - - post = { - "description": "", - "requesting_intra_extension_uuid": uuid1, - "requested_intra_extension_uuid": uuid2, - "genre": "trust_OR_coordinate", - "virtual_entity_uuid": "ve_uuid1" - } - return = { - "id": "uuid1", - "description": "", - "requesting_intra_extension_uuid": uuid1, - "requested_intra_extension_uuid": uuid2, - "genre": "trust_OR_coordinate", - "virtual_entity_uuid": "ve_uuid1" - } - -* ``DELETE /OS-MOON/inter_extensions/{inter_extensions_id}`` - |