diff options
29 files changed, 1230 insertions, 965 deletions
diff --git a/keystone-moon/doc/source/extensions/moon/moon_api.rst b/keystone-moon/doc/source/extensions/moon/moon_api.rst index 1f7ad10b..f2546d4d 100644 --- a/keystone-moon/doc/source/extensions/moon/moon_api.rst +++ b/keystone-moon/doc/source/extensions/moon/moon_api.rst @@ -3,626 +3,842 @@ Moon API Here are Moon API with some examples of posted data and returned data. -Intra-Extension API -------------------- +All requests must be prefexied by /v3/OS-MOON. Authz -~~~~~ +----- -* ``GET /OS-MOON/authz/{tenant_id}/{subject_id}/{object_id}/{action_id}`` +**GET /authz/{tenant_id}/{subject_k_id}/{object_name}/{action_name}** + Authorization API. .. code-block:: json return = { - "authz": "OK/KO/OutOfScope", - "tenant_id": "tenant_id", - "subject_id": "subject_id", - "object_id": "object_id", - "action_id": "action_id" - } + "authz": "True or False" + } -Intra_Extension -~~~~~~~~~~~~~~~ -* ``GET /OS-MOON/authz_policies`` +Intra-Extension API +------------------- + +Configuration +~~~~~~~~~~~~~ + +**GET /configuration/templates** + + List all policy templates. .. code-block:: json return = { - "authz_policies": ["policy_name1", "policy_name2"] - } + "template_id": { + "name": "name of the template", + "description": "description of the template", + } + } + -* ``GET /OS-MOON/intra_extensions`` +**GET /configuration/aggregation_algorithms** + + List all aggregation algorithms. .. code-block:: json return = { - "intra_extensions": ["ie_uuid1", "ie_uuid2"] - } + "algorithm_id": { + "name": "name of the algorithm", + "description": "description of the algorithm", + } + } + + +**GET /configuration/sub_meta_rule_algorithms** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}`` + List all sub meta rule algorithms. .. code-block:: json return = { - "intra_extensions": { - "id": "uuid1", - "description": "", - "tenant": "tenant_uuid", - "model": "", - "genre": "", - "authz": {}, - "admin": {} - } - } + "algorithm_id": { + "name": "name of the algorithm", + "description": "description of the algorithm", + } + } -* ``POST /OS-MOON/intra_extensions`` + +Tenants +~~~~~~~ + +**GET /tenants** + + List all tenants. .. code-block:: json - post = { - "name" : "", - "policymodel": "", - "description": "" - } return = { - "id": "uuid1", - "description": "", - "tenant": "tenant_uuid", - "model": "", - "genre": "", - "authz": {}, - "admin": {} - } + "tenant_id": { + "name": "name of the tenant", + "description": "description of the tenant", + "intra_authz_extension_id": "id of the intra extension authz", + "intra_admin_extension_id": "id of the intra extension authz" + } + } -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}`` -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/tenant`` +**POST /tenants** + + Add a tenant. .. code-block:: json + post = { + "tenant_name": "name of the tenant", + "tenant_description": "description of the tenant", + "tenant_intra_authz_extension_id": "id of the intra extension authz", + "tenant_intra_admin_extension_id": "id of the intra extension admin" + } return = { - "tenant": "tenant_id" - } + "tenant_id": { + "name": "name of the tenant", + "description": "description of the tenant", + "intra_authz_extension_id": "id of the intra extension authz", + "intra_admin_extension_id": "id of the intra extension authz" + } + } + + +**POST /tenants/{tenant_id}** -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/tenant`` + Show information of one tenant. .. code-block:: json - post = { - "tenant_id": "tenant_id" - } return = { - "tenant": "tenant_id" - } + "tenant_id": { + "name": "name of the tenant", + "description": "description of the tenant", + "intra_authz_extension_id": "id of the intra extension authz", + "intra_admin_extension_id": "id of the intra extension authz" + } + } -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/tenant/{tenant_id}`` -Perimeter -~~~~~~~~~ +**POST /tenants/{tenant_id}** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subjects`` + Modify a tenant. .. code-block:: json + post = { + "tenant_name": "name of the tenant", + "tenant_description": "description of the tenant", + "tenant_intra_authz_extension_id": "id of the intra extension authz", + "tenant_intra_admin_extension_id": "id of the intra extension admin" + } return = { - "subjects": ["sub_uuid1", "sub_uuid2"] - } + "tenant_id": { + "name": "name of the tenant", + "description": "description of the tenant", + "intra_authz_extension_id": "id of the intra extension authz", + "intra_admin_extension_id": "id of the intra extension authz" + } + } -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subjects`` + +**DELETE /tenants/{tenant_id}** + + Delete a tenant. .. code-block:: json - post = { - "subject_id" : "" - } - return = { - "subjects": ["sub_uuid1", "sub_uuid2"] - } + return = {} + -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject/{subject_id}`` +Intra-Extension +~~~~~~~~~~~~~~~ -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/objects`` +**GET /intra_extensions/init** + + Initialize the root Intra_Extension (if needed). .. code-block:: json - return = { - "objects": ["obj_uuid1", "obj_uuid2"] - } + return = {} -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/objects`` + +**GET /intra_extensions** + + List all Intra_Extensions. .. code-block:: json - post = { - "object_id" : "" - } return = { - "objects": ["obj_uuid1", "obj_uuid2"] - } + "intra_extension_id": { + "name": "name of the intra extension", + "model": "model of the intra extension" + } + } + -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object/{object_id}`` +**POST /intra_extensions** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/actions`` + Create a new Intra_Extension. .. code-block:: json - return = { - "actions": ["act_uuid1", "act_uuid2"] - } + post = { + "intra_extension_name": "name of the intra extension", + "intra_extension_model": "model of the intra extension (taken from /configuration/templates)", + "intra_extension_description": "description of the intra extension", + + } + return = {} -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/actions`` + +**GET /intra_extensions/{intra_extension_id}/** + + Show details about one Intra_Extension. .. code-block:: json - post = { - "action_id" : "" - } return = { - "actions": ["act_uuid1", "act_uuid2"] - } + "id": "intra_extension_id", + "name": "name of the intra extension", + "model": "model of the intra extension", + "genre": "genre of the intra extension", + "description": "model of the intra extension" + } -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/actions/{action_id}`` -Assignment -~~~~~~~~~~ +**DELETE /intra_extensions/{intra_extension_id}/** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subject_assignments`` + Delete an Intra_Extension. .. code-block:: json - return = { - "subject_assignments": { - "subject_security_level":{ - "user1": ["low"], - "user2": ["medium"], - "user3": ["high"] - } - } + return = {} + + +Intra-Extension Subjects +~~~~~~~~~~~~~~~~~~~~~~~~ -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subject_assignments`` +**GET /intra_extensions/{intra_extension_id}/subjects** + + List all subjects. .. code-block:: json - post = { - "subject_id" : "", - "subject_category_id" : "", - "subject_category_scope_id" : "" - } return = { - "subject_assignments": { - "subject_security_level":{ - "user1": ["low"], - "user2": ["medium"], - "user3": ["high"] - } - } + "subject_id": { + "name": "name of the subject", + "keystone_id": "keystone id of the subject" + } + } + -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject_assignments/{subject_category}/{subject_id}/{subject_scope}`` +**POST /intra_extensions/{intra_extension_id}/subjects** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/object_assignments`` + List all subjects. .. code-block:: json + post = { + "subject_name": "name of the subject", + "subject_description": "description of the subject", + "subject_password": "password for the subject", + "subject_email": "email address of the subject" + } return = { - "object_assignments": { - "object_security_level":{ - "vm1": ["low"], - "vm2": ["medium"], - "vm3": ["high"] - } - } + "subject_id": { + "name": "name of the subject", + "keystone_id": "keystone id of the subject" + } + } + -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/object_assignments`` +**DELETE /intra_extensions/{intra_extension_id}/subjects/{subject_id}** + + Delete a subject. .. code-block:: json - post = { - "object_id" : "", - "object_category_id" : "", - "object_category_scope_id" : "" - } - return = { - "object_assignments": { - "object_security_level":{ - "vm1": ["low"], - "vm2": ["medium"], - "vm3": ["high"] - } - } + return = {} -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object_assignments/{object_category}/{object_id}/{object_scope}`` -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/action_assignments`` +**GET /intra_extensions/{intra_extension_id}/subject_categories** + + List all subject categories. .. code-block:: json return = { - "action_assignments": { - "computing_action":{ - "pause": ["vm_admin"], - "unpause": ["vm_admin"], - "start": ["vm_admin"], - "stop": ["vm_admin"] - } - } + "subject_category_id": { + "name": "name of the category", + "description": "description of the category" + } + } + -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/action_assignments`` +**POST /intra_extensions/{intra_extension_id}/subject_categories** + + Add a new subject category. .. code-block:: json - post = { - "action_id" : "", - "action_category_id" : "", - "action_category_scope_id" : "" - } + post = { + "subject_category_name": "name of the category", + "subject_category_description": "description of the category" + } return = { - "action_assignments": { - "computing_action":{ - "pause": ["vm_admin"], - "unpause": ["vm_admin"], - "start": ["vm_admin"], - "stop": ["vm_admin"] - } - } + "subject_category_id": { + "name": "name of the category", + "description": "description of the category" + } + } -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/action_assignments/{action_category}/{action_id}/{action_scope}`` -Metadata -~~~~~~~~ +**DELETE /intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subject_categories`` + Delete a subject category. .. code-block:: json - return = { - "subject_categories": [ "subject_security_level" ] - } + return = {} -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subject_categories`` + +**GET /intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}** + + List all subject scopes for a specific subject category. .. code-block:: json - post = { - "subject_category_id" : "" - } return = { - "subject_categories": [ "subject_security_level" ] - } + "subject_scope_id": { + "name": "name of the scope", + "description": "description of the scope" + } + } + -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject_categories/{subject_category_id}`` +**POST /intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/object_categories`` + Add a new subject scope for a specific subject category. .. code-block:: json + post = { + "subject_scope_name": "name of the scope", + "subject_scope_description": "description of the scope" + } return = { - "object_categories": [ "object_security_level" ] - } + "subject_scope_id": { + "name": "name of the scope", + "description": "description of the scope" + } + } -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/object_categories`` + +**DELETE /intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}** + + Delete a subject scope. .. code-block:: json - post = { - "object_category_id" : "" - } - return = { - "object_categories": [ "object_security_level" ] - } + return = {} + -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object_categories/{object_category_id}`` +**GET /intra_extensions/{intra_extension_id}/subject_assignments/{subject_id}/{subject_category_id}** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/action_categories`` + List all subject assignments for a subject and for a subject category. .. code-block:: json - return = { - "action_categories": [ "computing_action" ] - } + return = [ + "subject_assignment_id1", "subject_assignment_id2" + ] -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/action_categories`` +**POST /intra_extensions/{intra_extension_id}/subject_assignments** + + Add an assignment. .. code-block:: json - post = { - "action_category_id" : "" - } - return = { - "action_categories": [ "computing_action" ] - } + post = { + "subject_id": "id of the subject", + "subject_category_id": "id of the category", + "subject_scope_id": "id of the scope" + } + return = [ + "subject_assignment_id1", "subject_assignment_id2" + ] -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/action_categories/{action_category_id}`` -Scope -~~~~~ +**DELETE /intra_extensions/{intra_extension_id}/subject_assignments/{subject_id}/{subject_category_id}/{subject_scope_id}** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subject_category_scope`` + Delete a subject assignment. .. code-block:: json - return = { - "subject_security_level": [ "high", "medium", "low" ] - } + return = {} + + +Intra-Extension Objects +~~~~~~~~~~~~~~~~~~~~~~~ -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subject_category_scope`` +**GET /intra_extensions/{intra_extension_id}/objects** + + List all objects. .. code-block:: json - post = { - "subject_category_id" : "", - "subject_category_scope_id" : "" - } return = { - "subject_security_level": [ "high", "medium", "low" ] - } + "object_id": { + "name": "name of the object", + "keystone_id": "keystone id of the object" + } + } + -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject_category_scope/{subject_category}/{subject_scope}`` +**POST /intra_extensions/{intra_extension_id}/objects** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/object_category_scope`` + List all objects. .. code-block:: json + post = { + "object_name": "name of the object", + "object_description": "description of the object" + } return = { - "object_security_level": [ "high", "medium", "low" ] - } + "object_id": { + "name": "name of the object", + "keystone_id": "keystone id of the object" + } + } + + +**DELETE /intra_extensions/{intra_extension_id}/objects/{object_id}** + + Delete a object. -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/object_category_scope`` +.. code-block:: json + + return = {} + + +**GET /intra_extensions/{intra_extension_id}/object_categories** + + List all object categories. .. code-block:: json - post = { - "object_category_id" : "", - "object_category_scope_id" : "" - } return = { - "object_security_level": [ "high", "medium", "low" ] - } + "object_category_id": { + "name": "name of the category", + "description": "description of the category" + } + } -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object_category_scope/{object_category}/{object_scope}`` -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/action_category_scope`` +**POST /intra_extensions/{intra_extension_id}/object_categories** + + Add a new object category. .. code-block:: json + post = { + "object_category_name": "name of the category", + "object_category_description": "description of the category" + } return = { - "computing_action": [ "vm_admin", "vm_access" ] - } + "object_category_id": { + "name": "name of the category", + "description": "description of the category" + } + } + + +**DELETE /intra_extensions/{intra_extension_id}/object_categories/{object_category_id}** -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/action_category_scope`` + Delete a object category. + +.. code-block:: json + + return = {} + + +**GET /intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}** + + List all object scopes for a specific object category. .. code-block:: json - post = { - "action_id" : "", - "action_category_id" : "", - "action_category_scope_id" : "" - } return = { - "computing_action": [ "vm_admin", "vm_access" ] - } + "object_scope_id": { + "name": "name of the scope", + "description": "description of the scope" + } + } -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/action_category_scope/{action_category}/{action_scope}`` -Metarule -~~~~~~~~ +**POST /intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/aggregation_algorithms`` + Add a new object scope for a specific object category. .. code-block:: json + post = { + "object_scope_name": "name of the scope", + "object_scope_description": "description of the scope" + } return = { - "aggregation_algorithms": [ "and_true_aggregation", "..."] - } + "object_scope_id": { + "name": "name of the scope", + "description": "description of the scope" + } + } + + +**DELETE /intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}** + + Delete a object scope. + +.. code-block:: json + + return = {} -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/aggregation_algorithm`` + +**GET /intra_extensions/{intra_extension_id}/object_assignments/{object_id}/{object_category_id}** + + List all object assignments for a object and for a object category. + +.. code-block:: json + + return = [ + "object_assignment_id1", "object_assignment_id2" + ] + + +**POST /intra_extensions/{intra_extension_id}/object_assignments** + + Add an assignment. + +.. code-block:: json + + post = { + "object_id": "id of the object", + "object_category_id": "id of the category", + "object_scope_id": "id of the scope" + } + return = [ + "object_assignment_id1", "object_assignment_id2" + ] + + +**DELETE /intra_extensions/{intra_extension_id}/object_assignments/{object_id}/{object_category_id}/{object_scope_id}** + + Delete a object assignment. + +.. code-block:: json + + return = {} + + +Intra-Extension Actions +~~~~~~~~~~~~~~~~~~~~~~~ + +**GET /intra_extensions/{intra_extension_id}/actions** + + List all actions. .. code-block:: json return = { - "aggregation_algorithm": "and_true_aggregation" - } + "action_id": { + "name": "name of the action", + "keystone_id": "keystone id of the action" + } + } + + +**POST /intra_extensions/{intra_extension_id}/actions** -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/aggregation_algorithm`` + List all actions. .. code-block:: json - post = { - "aggregation": "and_true_aggregation" - } + post = { + "action_name": "name of the action", + "action_description": "description of the action", + "action_password": "password for the action", + "action_email": "email address of the action" + } return = { - "aggregation_algorithm": "and_true_aggregation" - } + "action_id": { + "name": "name of the action", + "keystone_id": "keystone id of the action" + } + } -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/sub_meta_rule`` + +**DELETE /intra_extensions/{intra_extension_id}/actions/{action_id}** + + Delete a action. + +.. code-block:: json + + return = {} + + +**GET /intra_extensions/{intra_extension_id}/action_categories** + + List all action categories. .. code-block:: json return = { - "sub_meta_rule": { - "subject_categories": ["role"], - "action_categories": ["ie_action"], - "object_categories": ["id"], - "relation": "relation_super" - } - } + "action_category_id": { + "name": "name of the category", + "description": "description of the category" + } + } -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/sub_meta_rule`` + +**POST /intra_extensions/{intra_extension_id}/action_categories** + + Add a new action category. .. code-block:: json - post = { - "relation_super": { - "subject_categories": ["role"], - "action_categories": ["ie_action"], - "object_categories": ["id"], - } - } + post = { + "action_category_name": "name of the category", + "action_category_description": "description of the category" + } return = { - "sub_meta_rule": { - "subject_categories": ["role"], - "action_categories": ["ie_action"], - "object_categories": ["id"], - "relation": "relation_super" - } - } + "action_category_id": { + "name": "name of the category", + "description": "description of the category" + } + } + -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/sub_meta_rule_relations`` +**DELETE /intra_extensions/{intra_extension_id}/action_categories/{action_category_id}** + + Delete a action category. + +.. code-block:: json + + return = {} + + +**GET /intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}** + + List all action scopes for a specific action category. .. code-block:: json return = { - "sub_meta_rule_relations": ["relation_super", ] - } + "action_scope_id": { + "name": "name of the scope", + "description": "description of the scope" + } + } + -Rules -~~~~~ +**POST /intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}** -* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/sub_rules`` + Add a new action scope for a specific action category. .. code-block:: json + post = { + "action_scope_name": "name of the scope", + "action_scope_description": "description of the scope" + } return = { - "sub_rules": { - "relation_super": [ - ["high", "vm_admin", "medium"], - ["high", "vm_admin", "low"], - ["medium", "vm_admin", "low"], - ["high", "vm_access", "high"], - ["high", "vm_access", "medium"], - ["high", "vm_access", "low"], - ["medium", "vm_access", "medium"], - ["medium", "vm_access", "low"], - ["low", "vm_access", "low"] - ] - } - } + "action_scope_id": { + "name": "name of the scope", + "description": "description of the scope" + } + } + + +**DELETE /intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}** -* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/sub_rules`` + Delete a action scope. .. code-block:: json - post = { - "rules": ["admin", "vm_admin", "servers"], - "relation": "relation_super" - } + return = {} + + +**GET /intra_extensions/{intra_extension_id}/action_assignments/{action_id}/{action_category_id}** + + List all action assignments for a action and for a action category. + +.. code-block:: json + + return = [ + "action_assignment_id1", "action_assignment_id2" + ] + + +**POST /intra_extensions/{intra_extension_id}/action_assignments** + + Add an assignment. + +.. code-block:: json -* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/sub_rules/{relation_name}/{rule}`` + post = { + "action_id": "id of the action", + "action_category_id": "id of the category", + "action_scope_id": "id of the scope" + } + return = [ + "action_assignment_id1", "action_assignment_id2" + ] -Tenant mapping API ------------------- +**DELETE /intra_extensions/{intra_extension_id}/action_assignments/{action_id}/{action_category_id}/{action_scope_id}** -* ``GET /OS-MOON/tenants`` + Delete a action assignment. + +.. code-block:: json + + return = {} + + +Intra-Extension Rules +~~~~~~~~~~~~~~~~~~~~~ + +**GET /intra_extensions/{intra_extension_id}/aggregation_algorithm** + + List aggregation algorithm for an intra extension. .. code-block:: json return = { - "tenant": { - "uuid1": { - "name": "tenant1", - "authz": "intra_extension_uuid1", - "admin": "intra_extension_uuid2" - }, - "uuid2": { - "name": "tenant2", - "authz": "intra_extension_uuid1", - "admin": "intra_extension_uuid2" - } - } - } + "aggregation_algorithm_id": { + "name": "name of the aggregation algorithm", + "description": "description of the aggregation algorithm" + } + } + -* ``GET /OS-MOON/tenant/{tenant_uuid}`` +**POST /intra_extensions/{intra_extension_id}/aggregation_algorithm** + + Set the current aggregation algorithm for an intra extension. .. code-block:: json + post = { + "aggregation_algorithm_id": "id of the aggregation algorithm", + "aggregation_algorithm_description": "description of the aggregation algorithm" + } return = { - "tenant": { - "uuid": { - "name": "tenant1", - "authz": "intra_extension_uuid1", - "admin": "intra_extension_uuid2" - } - } - } + "aggregation_algorithm_id": { + "name": "name of the aggregation algorithm", + "description": "description of the aggregation algorithm" + } + } + -* ``POST /OS-MOON/tenant`` +**GET /intra_extensions/{intra_extension_id}/sub_meta_rules** + + Show the current sub meta rules. .. code-block:: json - post = { - "id": "uuid", - "name": "tenant1", - "authz": "intra_extension_uuid1", - "admin": "intra_extension_uuid2" - } return = { - "tenant": { - "uuid": { - "name": "tenant1", - "authz": "intra_extension_uuid1", - "admin": "intra_extension_uuid2" - } - } - } + "sub_meta_rule_id": { + "name": "name of the aggregation algorithm", + "algorithm": "algorithm of the aggregation algorithm", + "subject_categories": ["subject_category_id1", "subject_category_id2"], + "object_categories": ["object_category_id1", "object_category_id2"], + "action_categories": ["action_category_id1", "action_category_id2"] + } + } -* ``DELETE /OS-MOON/tenant/{tenant_uuid}/{intra_extension_uuid}`` .. code-block:: json return = {} -Logs API --------- -* ``GET /OS-MOON/logs`` +**GET /intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}** + + Set the current sub meta rule. + +.. code-block:: json + + post = { + "sub_meta_rule_name": "name of the sub meta rule", + "sub_meta_rule_algorithm": "name of the sub meta rule algorithm", + "sub_meta_rule_subject_categories": ["subject_category_id1", "subject_category_id2"], + "sub_meta_rule_object_categories": ["object_category_id1", "object_category_id2"], + "sub_meta_rule_action_categories": ["action_category_id1", "action_category_id2"] + } + return = {} + -InterExtension API ------------------- +**GET /intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}** -* ``GET /OS-MOON/inter_extensions`` + List all rules. .. code-block:: json return = { - "inter_extensions": ["ie_uuid1", "ie_uuid2"] - } + "rule_id1": ["subject_scope_id1", "object_scope_id1", "action_scope_id1"], + "rule_id2": ["subject_scope_id2", "object_scope_id2", "action_scope_id2"] + } + + +**POST /intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}** -* ``GET /OS-MOON/inter_extensions/{inter_extensions_id}`` + Add a new rule. .. code-block:: json - return = { - "inter_extensions": { - "id": "uuid1", - "description": "", - "requesting_intra_extension_uuid": "uuid1", - "requested_intra_extension_uuid": "uuid2", - "genre": "trust_OR_coordinate", - "virtual_entity_uuid": "ve_uuid1" - } - } + post = { + "subject_categories": ["subject_scope_id1"], + "object_categories": ["object_scope_id1"], + "action_categories": ["action_scope_id1"], + "enabled": True + } + return = {} + -* ``POST /OS-MOON/inter_extensions`` +**DELETE /intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}** + + Delete a rule. .. code-block:: json - post = { - "description": "", - "requesting_intra_extension_uuid": uuid1, - "requested_intra_extension_uuid": uuid2, - "genre": "trust_OR_coordinate", - "virtual_entity_uuid": "ve_uuid1" - } - return = { - "id": "uuid1", - "description": "", - "requesting_intra_extension_uuid": uuid1, - "requested_intra_extension_uuid": uuid2, - "genre": "trust_OR_coordinate", - "virtual_entity_uuid": "ve_uuid1" - } + return = {} + + +Logs +~~~~ + +**GET /logs/{options}** + + List all logs. + Options can be: + + * ``filter=<filter_characters>`` + * ``from=<show logs from this date>`` + * ``to=<show logs to this date>`` + * ``event_number=<get n logs>`` + + Time format is '%Y-%m-%d-%H:%M:%S' (eg. "2015-04-15-13:45:20") + +.. code-block:: json -* ``DELETE /OS-MOON/inter_extensions/{inter_extensions_id}`` + return = [ + "2015-04-15-13:45:20 ...", + "2015-04-15-13:45:21 ...", + "2015-04-15-13:45:22 ...", + "2015-04-15-13:45:23 ..." + ] diff --git a/keystone-moon/keystone/common/config.py b/keystone-moon/keystone/common/config.py index 4ba740fe..b42b29d6 100644 --- a/keystone-moon/keystone/common/config.py +++ b/keystone-moon/keystone/common/config.py @@ -1173,34 +1173,7 @@ FILE_OPTIONS = { deprecated_name='cert_required', deprecated_group='ssl', deprecated_for_removal=True, help='Require client certificate.'), - ], - 'moon': [ - cfg.StrOpt('configuration_driver', - default='keystone.contrib.moon.backends.memory.ConfigurationConnector', - help='Configuration backend driver.'), - cfg.StrOpt('tenant_driver', - default='keystone.contrib.moon.backends.sql.TenantConnector', - help='Tenant backend driver.'), - cfg.StrOpt('authz_driver', - default='keystone.contrib.moon.backends.flat.SuperExtensionConnector', - help='Authorisation backend driver.'), - cfg.StrOpt('intraextension_driver', - default='keystone.contrib.moon.backends.sql.IntraExtensionConnector', - help='IntraExtension backend driver.'), - cfg.StrOpt('interextension_driver', - default='keystone.contrib.moon.backends.sql.InterExtensionConnector', - help='InterExtension backend driver.'), - cfg.StrOpt('log_driver', - default='keystone.contrib.moon.backends.flat.LogConnector', - help='Logs backend driver.'), - cfg.StrOpt('policy_directory', - default='/etc/keystone/policies', - help='Local directory where all policies are stored.'), - cfg.StrOpt('root_policy_directory', - default='policy_root', - help='Local directory where Root IntraExtension configuration is stored.'), ] - } diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py index 8e19ff81..ddc88fb8 100644 --- a/keystone-moon/keystone/contrib/moon/core.py +++ b/keystone-moon/keystone/contrib/moon/core.py @@ -27,20 +27,35 @@ from keystone.contrib.moon.algorithms import * CONF = cfg.CONF LOG = log.getLogger(__name__) -EXTENSION_DATA = { - 'name': 'OpenStack Moon APIs', - 'namespace': 'http://docs.openstack.org/identity/api/ext/' - 'OS-MOON', - 'alias': 'OS-MOON', - 'updated': '2015-09-02T12:00:0-00:00', - 'description': 'OpenStack Authorization Providers Mechanism.', - 'links': [{ - 'rel': 'describedby', - 'type': 'text/html', - 'href': 'https://git.opnfv.org/moon.git' - }]} -extension.register_admin_extension(EXTENSION_DATA['alias'], EXTENSION_DATA) -extension.register_public_extension(EXTENSION_DATA['alias'], EXTENSION_DATA) +OPTS = [ + cfg.StrOpt('configuration_driver', + default='keystone.contrib.moon.backends.memory.ConfigurationConnector', + help='Configuration backend driver.'), + cfg.StrOpt('tenant_driver', + default='keystone.contrib.moon.backends.sql.TenantConnector', + help='Tenant backend driver.'), + cfg.StrOpt('authz_driver', + default='keystone.contrib.moon.backends.flat.SuperExtensionConnector', + help='Authorisation backend driver.'), + cfg.StrOpt('intraextension_driver', + default='keystone.contrib.moon.backends.sql.IntraExtensionConnector', + help='IntraExtension backend driver.'), + cfg.StrOpt('interextension_driver', + default='keystone.contrib.moon.backends.sql.InterExtensionConnector', + help='InterExtension backend driver.'), + cfg.StrOpt('log_driver', + default='keystone.contrib.moon.backends.flat.LogConnector', + help='Logs backend driver.'), + cfg.StrOpt('policy_directory', + default='/etc/keystone/policies', + help='Local directory where all policies are stored.'), + cfg.StrOpt('root_policy_directory', + default='policy_root', + help='Local directory where Root IntraExtension configuration is stored.'), +] + +for option in OPTS: + CONF.register_opt(option, group="moon") def filter_input(func_or_str): @@ -150,7 +165,7 @@ def enforce(action_names, object_name, **extra): else: # id is not a known tenant ID, so we must check against the Root intra_extension intra_extension_id = intra_root_extension_id - LOG.warning("Cannot emanager because the intra-extension is unknown (fallback to the root intraextension)") + LOG.warning("Cannot manage because the intra-extension is unknown (fallback to the root intraextension)") for _tenant_id in tenants_dict: if tenants_dict[_tenant_id]['intra_authz_extension_id'] == intra_extension_id or \ tenants_dict[_tenant_id]['intra_admin_extension_id'] == intra_extension_id: @@ -369,18 +384,6 @@ class TenantManager(manager.Manager): self.moonlog_api.debug("add_tenant_dict {}".format(tenant_dict)) if 'intra_admin_extension_id' in tenant_dict and tenant_dict['intra_admin_extension_id']: if 'intra_authz_extension_id' in tenant_dict and tenant_dict['intra_authz_extension_id']: - # authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id']) - # admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id']) - # for _subject_id in authz_subjects_dict: - # if _subject_id not in admin_subjects_dict: - # self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id'], authz_subjects_dict[_subject_id]) - # for _subject_id in admin_subjects_dict: - # if _subject_id not in authz_subjects_dict: - # self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id'], admin_subjects_dict[_subject_id]) - - # TODO (ateroide): check whether we can replace the below code by the above one - # NOTE (ateroide): at a first glance: no, subject_id changes depending on which intra_extesion is used - # we must use name which is constant. authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.root_admin_id, tenant_dict['intra_authz_extension_id']) authz_subject_names_list = [authz_subjects_dict[subject_id]["name"] for subject_id in authz_subjects_dict] admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.root_admin_id, tenant_dict['intra_admin_extension_id']) @@ -440,10 +443,8 @@ class IntraExtensionManager(manager.Manager): def __init__(self): super(IntraExtensionManager, self).__init__(CONF.moon.intraextension_driver) - # self.root_admin_id = self.__compute_admin_id_for_root_extension() self._root_admin_id = None self._root_extension_id = None - # self.__init_aggregation_algorithm() def __init_root(self, root_extension_id=None): LOG.debug("__init_root {}".format(root_extension_id)) @@ -490,12 +491,6 @@ class IntraExtensionManager(manager.Manager): LOG.debug("self.driver.get_intra_extensions_dict()={}".format(self.driver.get_intra_extensions_dict())) return {self.root_extension_id: self.driver.get_intra_extensions_dict()[self.root_extension_id]} - # def __compute_admin_id_for_root_extension(self): - # for subject_id, subject_dict in self.driver.get_subjects_dict(self.root_extension_id).iteritems(): - # if subject_dict["name"] == "admin": - # return subject_id - # raise RootExtensionNotInitialized() - def get_root_extension_id(self): extensions = self.driver.get_intra_extensions_dict() for extension_id, extension_dict in extensions.iteritems(): @@ -507,15 +502,6 @@ class IntraExtensionManager(manager.Manager): raise IntraExtensionCreationError("The root extension is not created.") return extension['id'] - # def __init_aggregation_algorithm(self): - # try: - # self._root_extension_id = self.get_root_extension_id() - # self.aggregation_algorithm_dict = self.configuration_api.get_aggregation_algorithms_dict(self.root_extension_id) - # except AttributeError as e: - # LOG.warning("Error on init_aggregation_algorithm ({})".format(e)) - # self._root_extension_id = None - # self.aggregation_algorithm_dict = {} - def __get_authz_buffer(self, intra_extension_id, subject_id, object_id, action_id): """ :param intra_extension_id: @@ -602,8 +588,6 @@ class IntraExtensionManager(manager.Manager): meta_rule_dict[sub_meta_rule_id], self.driver.get_rules_dict(intra_extension_id, sub_meta_rule_id).values()) - # if not self.root_extension_id: - # self.__init_aggregation_algorithm() aggregation_algorithm_id = self.driver.get_aggregation_algorithm_id(intra_extension_id)['aggregation_algorithm'] if self.aggregation_algorithm_dict[aggregation_algorithm_id]['name'] == 'all_true': decision = all_true(decision_buffer) @@ -637,32 +621,15 @@ class IntraExtensionManager(manager.Manager): f = open(metadata_path) json_perimeter = json.load(f) - # subject_categories_dict = dict() for _cat in json_perimeter['subject_categories']: self.driver.set_subject_category_dict(intra_extension_dict["id"], uuid4().hex, {"name": _cat, "description": _cat}) - # Initialize scope categories - # for _cat in subject_categories_dict.keys(): - # self.driver.set_subject_scope_dict(intra_extension_dict["id"], _cat, {}) - # intra_extension_dict['subject_categories'] = subject_categories_dict - - # object_categories_dict = dict() for _cat in json_perimeter['object_categories']: self.driver.set_object_category_dict(intra_extension_dict["id"], uuid4().hex, {"name": _cat, "description": _cat}) - # Initialize scope categories - # for _cat in object_categories_dict.keys(): - # self.driver.set_object_scope_dict(intra_extension_dict["id"], _cat, {}) - # intra_extension_dict['object_categories'] = object_categories_dict - - # action_categories_dict = dict() for _cat in json_perimeter['action_categories']: self.driver.set_action_category_dict(intra_extension_dict["id"], uuid4().hex, {"name": _cat, "description": _cat}) - # Initialize scope categories - # for _cat in action_categories_dict.keys(): - # self.driver.set_action_scope_dict(intra_extension_dict["id"], _cat, {}) - # intra_extension_dict['action_categories'] = action_categories_dict def __load_perimeter_file(self, intra_extension_dict, policy_dir): @@ -805,7 +772,6 @@ class IntraExtensionManager(manager.Manager): metadata_path = os.path.join(policy_dir, 'metarule.json') f = open(metadata_path) json_metarule = json.load(f) - # ie["meta_rules"] = copy.deepcopy(json_metarule) metarule = dict() categories = { "subject_categories": self.driver.SUBJECT_CATEGORY, @@ -847,13 +813,10 @@ class IntraExtensionManager(manager.Manager): sub_rule_id = self.driver.get_uuid_from_name(intra_extension_dict["id"], sub_rule_name, self.driver.SUB_META_RULE) - # if sub_rule_name not in self.get_sub_meta_rule_relations("admin", ie["id"])["sub_meta_rule_relations"]: - # raise IntraExtensionException("Bad sub_rule_name name {} in rules".format(sub_rule_name)) rules[sub_rule_id] = list() for rule in json_rules[sub_rule_name]: subrule = list() _rule = list(rule) - # sub_rule_id = self.driver.get_uuid_from_name(intra_extension_dict["id"], sub_rule_name, self.driver.SUB_META_RULE) for category_uuid in sub_meta_rules[sub_rule_id]["subject_categories"]: scope_name = _rule.pop(0) scope_uuid = self.driver.get_uuid_from_name(intra_extension_dict["id"], @@ -881,7 +844,6 @@ class IntraExtensionManager(manager.Manager): else: # if value doesn't exist add a default value subrule.append(True) - # rules[sub_rule_id].append(subrule) self.driver.set_rule_dict(intra_extension_dict["id"], sub_rule_id, uuid4().hex, subrule) @enforce(("read", "write"), "intra_extensions") @@ -914,11 +876,6 @@ class IntraExtensionManager(manager.Manager): # Note (asteroide): Only one root Extension is authorized # and this extension is created at the very beginning of the server # so we don't need to use enforce here - # if self.get_root_extension_id(): - # # for ext in self.driver.get_intra_extensions_dict(): - # # Note (asteroide): if there is at least one Intra Extension, it implies that - # # the Root Intra Extension had already been created... - # return extensions = self.driver.get_intra_extensions_dict() for extension_id, extension_dict in extensions.iteritems(): if extension_dict["name"] == CONF.moon.root_policy_directory: @@ -930,10 +887,7 @@ class IntraExtensionManager(manager.Manager): ie_dict["genre"] = "admin" ie_dict["description"] = "policy_root" ref = self.driver.set_intra_extension_dict(ie_dict['id'], ie_dict) - # try: self.moonlog_api.debug("Creation of root IE: {}".format(ref)) - # except AttributeError: - # LOG.debug("Creation of root IE: {}".format(ref)) # read the template given by "model" and populate default variables template_dir = os.path.join(CONF.moon.policy_directory, ie_dict["model"]) diff --git a/keystone-moon/keystone/contrib/moon/routers.py b/keystone-moon/keystone/contrib/moon/routers.py index fd1c0adf..fd821a49 100644 --- a/keystone-moon/keystone/contrib/moon/routers.py +++ b/keystone-moon/keystone/contrib/moon/routers.py @@ -12,11 +12,14 @@ from oslo_log import log LOG = log.getLogger(__name__) -class Routers(wsgi.V3ExtensionRouter): +class Routers(wsgi.ComposableRouter): """API Endpoints for the Moon extension. """ - PATH_PREFIX = '/OS-MOON' + PATH_PREFIX = '' + + def __init__(self, description): + self.description = description @staticmethod def _get_rel(component): @@ -34,419 +37,462 @@ class Routers(wsgi.V3ExtensionRouter): tenants_controller = controllers.Tenants() logs_controller = controllers.Logs() inter_ext_controller = controllers.InterExtensions() + # Configuration route - self._add_resource( - mapper, configuration_controller, - path=self.PATH_PREFIX+'/configuration/templates', - get_action='get_policy_templates', - rel=self._get_rel('templates'), - path_vars={}) - self._add_resource( - mapper, configuration_controller, - path=self.PATH_PREFIX+'/configuration/aggregation_algorithms', - get_action='get_aggregation_algorithms', - rel=self._get_rel('aggregation_algorithms'), - path_vars={}) - self._add_resource( - mapper, configuration_controller, - path=self.PATH_PREFIX+'/configuration/sub_meta_rule_algorithms', - get_action='get_sub_meta_rule_algorithms', - rel=self._get_rel('sub_meta_rule_algorithms'), - path_vars={}) + mapper.connect( + self.PATH_PREFIX+'/configuration/templates', + controller=configuration_controller, + action='get_policy_templates', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/configuration/aggregation_algorithms', + controller=configuration_controller, + action='get_aggregation_algorithms', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/configuration/sub_meta_rule_algorithms', + controller=configuration_controller, + action='get_sub_meta_rule_algorithms', + conditions=dict(method=['GET'])) # Tenants route - self._add_resource( - mapper, tenants_controller, - path=self.PATH_PREFIX+'/tenants', - get_action='get_tenants', - post_action='add_tenant', - rel=self._get_rel('tenants'), - path_vars={}) - self._add_resource( - mapper, tenants_controller, - path=self.PATH_PREFIX+'/tenants/{tenant_id}', - get_action='get_tenant', - delete_action='del_tenant', - post_action='set_tenant', - rel=self._get_rel('tenants'), - path_vars={ - 'tenant_id': self._get_path('tenants'), - }) + mapper.connect( + self.PATH_PREFIX+'/tenants', + controller=tenants_controller, + action='get_tenants', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/tenants', + controller=tenants_controller, + action='add_tenant', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/tenants/{tenant_id}', + controller=tenants_controller, + action='get_tenant', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/tenants/{tenant_id}', + controller=tenants_controller, + action='del_tenant', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/tenants/{tenant_id}', + controller=tenants_controller, + action='set_tenant', + conditions=dict(method=['POST'])) # Authz route - self._add_resource( - mapper, authz_controller, - path=self.PATH_PREFIX+'/authz/{tenant_id}/{subject_k_id}/{object_name}/{action_name}', - get_action='get_authz', - rel=self._get_rel('authz'), - path_vars={ - 'tenant_id': self._get_path('tenants'), - 'subject_k_id': self._get_path('subjects'), - 'object_name': self._get_path('objects'), - 'action_name': self._get_path('actions'), - }) + mapper.connect( + self.PATH_PREFIX+'/authz/{tenant_id}/{subject_k_id}/{object_name}/{action_name}', + controller=authz_controller, + action='get_authz', + conditions=dict(method=['GET'])) # IntraExtensions/Admin route - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/init', - get_action='load_root_intra_extension', - rel=self._get_rel('intra_extensions'), - path_vars={}) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions', - get_action='get_intra_extensions', - post_action='add_intra_extension', - rel=self._get_rel('intra_extensions'), - path_vars={}) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}', - get_action='get_intra_extension', - delete_action='del_intra_extension', - post_action='set_intra_extension', - rel=self._get_rel('intra_extensions'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/init', + controller=intra_ext_controller, + action='load_root_intra_extension', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions', + controller=intra_ext_controller, + action='get_intra_extensions', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions', + controller=intra_ext_controller, + action='add_intra_extension', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}', + controller=intra_ext_controller, + action='get_intra_extension', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}', + controller=intra_ext_controller, + action='set_intra_extension', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}', + controller=intra_ext_controller, + action='del_intra_extension', + conditions=dict(method=['DELETE'])) # Metadata route - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories', - get_action='get_subject_categories', - post_action='add_subject_category', - rel=self._get_rel('subject_categories'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}', - get_action='get_subject_category', - delete_action='del_subject_category', - post_action='set_subject_category', - rel=self._get_rel('subject_categories'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories', - get_action='get_object_categories', - post_action='add_object_category', - rel=self._get_rel('object_categories'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}', - get_action='get_object_category', - delete_action='del_object_category', - post_action='set_object_category', - rel=self._get_rel('object_categories'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories', - get_action='get_action_categories', - post_action='add_action_category', - rel=self._get_rel('action_categories'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}', - get_action='get_action_category', - delete_action='del_action_category', - post_action='set_action_category', - rel=self._get_rel('action_categories'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories', + controller=intra_ext_controller, + action='get_subject_categories', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories', + controller=intra_ext_controller, + action='add_subject_category', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}', + controller=intra_ext_controller, + action='get_subject_category', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}', + controller=intra_ext_controller, + action='del_subject_category', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}', + controller=intra_ext_controller, + action='set_subject_category', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories', + controller=intra_ext_controller, + action='get_object_categories', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories', + controller=intra_ext_controller, + action='add_object_category', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}', + controller=intra_ext_controller, + action='get_object_category', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}', + controller=intra_ext_controller, + action='del_object_category', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}', + controller=intra_ext_controller, + action='set_object_category', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories', + controller=intra_ext_controller, + action='get_action_categories', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories', + controller=intra_ext_controller, + action='add_action_category', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}', + controller=intra_ext_controller, + action='get_action_category', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}', + controller=intra_ext_controller, + action='del_action_category', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}', + controller=intra_ext_controller, + action='set_action_category', + conditions=dict(method=['POST'])) # Perimeter route - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects', - get_action='get_subjects', - post_action='add_subject', - rel=self._get_rel('subjects'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}', - get_action='get_subject', - delete_action='del_subject', - post_action='set_subject', - rel=self._get_rel('subjects'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects', - get_action='get_objects', - post_action='add_object', - rel=self._get_rel('subjects'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}', - get_action='get_object', - delete_action='del_object', - post_action='set_object', - rel=self._get_rel('objects'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions', - get_action='get_actions', - post_action='add_action', - rel=self._get_rel('actions'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}', - get_action='get_action', - delete_action='del_action', - post_action='set_action', - rel=self._get_rel('actions'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects', + controller=intra_ext_controller, + action='get_subjects', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects', + controller=intra_ext_controller, + action='add_subject', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}', + controller=intra_ext_controller, + action='get_subject', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}', + controller=intra_ext_controller, + action='del_subject', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}', + controller=intra_ext_controller, + action='set_subject', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects', + controller=intra_ext_controller, + action='get_objects', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects', + controller=intra_ext_controller, + action='add_object', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}', + controller=intra_ext_controller, + action='get_object', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}', + controller=intra_ext_controller, + action='del_object', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}', + controller=intra_ext_controller, + action='set_object', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions', + controller=intra_ext_controller, + action='get_actions', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions', + controller=intra_ext_controller, + action='add_action', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}', + controller=intra_ext_controller, + action='get_action', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}', + controller=intra_ext_controller, + action='del_action', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}', + controller=intra_ext_controller, + action='set_action', + conditions=dict(method=['POST'])) # Scope route - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}', - get_action='get_subject_scopes', - post_action='add_subject_scope', - rel=self._get_rel('subject_scope'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}', - get_action='get_subject_scope', - delete_action='del_subject_scope', - post_action='set_subject_scope', - rel=self._get_rel('subject_scope'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}', - get_action='get_object_scopes', - post_action='add_object_scope', - rel=self._get_rel('object_scope'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}', - get_action='get_object_scope', - delete_action='del_object_scope', - post_action='set_object_scope', - rel=self._get_rel('object_scope'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}', - get_action='get_action_scopes', - post_action='add_action_scope', - rel=self._get_rel('action_scope'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}', - get_action='get_action_scope', - delete_action='del_action_scope', - post_action='set_action_scope', - rel=self._get_rel('action_scope'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}', + controller=intra_ext_controller, + action='get_subject_scopes', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}', + controller=intra_ext_controller, + action='add_subject_scope', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}', + controller=intra_ext_controller, + action='get_subject_scope', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}', + controller=intra_ext_controller, + action='del_subject_scope', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}', + controller=intra_ext_controller, + action='set_subject_scope', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}', + controller=intra_ext_controller, + action='get_object_scopes', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}', + controller=intra_ext_controller, + action='add_object_scope', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}', + controller=intra_ext_controller, + action='get_object_scope', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}', + controller=intra_ext_controller, + action='del_object_scope', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}', + controller=intra_ext_controller, + action='set_object_scope', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}', + controller=intra_ext_controller, + action='get_action_scopes', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}', + controller=intra_ext_controller, + action='add_action_scope', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}', + controller=intra_ext_controller, + action='get_action_scope', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}', + controller=intra_ext_controller, + action='del_action_scope', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}', + controller=intra_ext_controller, + action='set_action_scope', + conditions=dict(method=['POST'])) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_assignments', - post_action='add_subject_assignment', - rel=self._get_rel('subject_assignments'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_assignments', + controller=intra_ext_controller, + action='add_subject_assignment', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' 'subject_assignments/{subject_id}/{subject_category_id}', - get_action='get_subject_assignment', - rel=self._get_rel('subject_assignments'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' + controller=intra_ext_controller, + action='get_subject_assignment', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' 'subject_assignments/{subject_id}/{subject_category_id}/{subject_scope_id}', - delete_action='del_subject_assignment', - rel=self._get_rel('subject_assignments'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_assignments', - post_action='add_object_assignment', - rel=self._get_rel('object_assignments'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' + controller=intra_ext_controller, + action='del_subject_assignment', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_assignments', + controller=intra_ext_controller, + action='add_object_assignment', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' 'object_assignments/{object_id}/{object_category_id}', - get_action='get_object_assignment', - rel=self._get_rel('object_assignments'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' + controller=intra_ext_controller, + action='get_object_assignment', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' 'object_assignments/{object_id}/{object_category_id}/{object_scope_id}', - delete_action='del_object_assignment', - rel=self._get_rel('object_assignments'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_assignments', - post_action='add_action_assignment', - rel=self._get_rel('action_assignments'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' + controller=intra_ext_controller, + action='del_object_assignment', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_assignments', + controller=intra_ext_controller, + action='add_action_assignment', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' 'action_assignments/{action_id}/{action_category_id}', - get_action='get_action_assignment', - rel=self._get_rel('action_assignments'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' + controller=intra_ext_controller, + action='get_action_assignment', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/' 'action_assignments/{action_id}/{action_category_id}/{action_scope_id}', - delete_action='del_action_assignment', - rel=self._get_rel('action_assignments'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) + controller=intra_ext_controller, + action='del_action_assignment', + conditions=dict(method=['DELETE'])) # Metarule route - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/aggregation_algorithm', - post_action='set_aggregation_algorithm', - get_action='get_aggregation_algorithm', - rel=self._get_rel('aggregation_algorithms'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules', - get_action='get_sub_meta_rules', - post_action='add_sub_meta_rule', - rel=self._get_rel('sub_meta_rules'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}', - get_action='get_sub_meta_rule', - delete_action='del_sub_meta_rule', - post_action='set_sub_meta_rule', - rel=self._get_rel('sub_meta_rules'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/aggregation_algorithm', + controller=intra_ext_controller, + action='get_aggregation_algorithm', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/aggregation_algorithm', + controller=intra_ext_controller, + action='set_aggregation_algorithm', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules', + controller=intra_ext_controller, + action='get_sub_meta_rules', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules', + controller=intra_ext_controller, + action='add_sub_meta_rule', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}', + controller=intra_ext_controller, + action='get_sub_meta_rule', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}', + controller=intra_ext_controller, + action='del_sub_meta_rule', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}', + controller=intra_ext_controller, + action='set_sub_meta_rule', + conditions=dict(method=['POST'])) # Rules route - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}', - get_action='get_rules', - post_action='add_rule', - rel=self._get_rel('rules'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) - self._add_resource( - mapper, intra_ext_controller, - path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}', - get_action='get_rule', - delete_action='del_rule', - post_action='set_rule', - rel=self._get_rel('rules'), - path_vars={ - 'intra_extension_id': self._get_path('intra_extensions'), - }) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}', + controller=intra_ext_controller, + action='get_rules', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}', + controller=intra_ext_controller, + action='add_rule', + conditions=dict(method=['POST'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}', + controller=intra_ext_controller, + action='get_rule', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}', + controller=intra_ext_controller, + action='del_rule', + conditions=dict(method=['DELETE'])) + mapper.connect( + self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}', + controller=intra_ext_controller, + action='set_rule', + conditions=dict(method=['POST'])) # Logs route - self._add_resource( - mapper, logs_controller, - path=self.PATH_PREFIX+'/logs', - get_action='get_logs', - rel=self._get_rel('logs'), - path_vars={ - }) - self._add_resource( - mapper, logs_controller, - path=self.PATH_PREFIX+'/logs/{options}', - get_action='get_logs', - rel=self._get_rel('logs'), - path_vars={ - }) + mapper.connect( + self.PATH_PREFIX+'/logs', + controller=logs_controller, + action='get_logs', + conditions=dict(method=['GET'])) + mapper.connect( + self.PATH_PREFIX+'/logs/{options}', + controller=logs_controller, + action='get_logs', + conditions=dict(method=['GET'])) # InterExtensions route - # self._add_resource( - # mapper, inter_ext_controller, - # path=self.PATH_PREFIX+'/inter_extensions', - # get_action='get_inter_extensions', - # post_action='create_inter_extension', + # mapper.connect( + # controller=inter_ext_controller, + # self.PATH_PREFIX+'/inter_extensions', + # action='get_inter_extensions', + # action='create_inter_extension', # rel=self._get_rel('inter_extensions'), # path_vars={}) - # self._add_resource( - # mapper, inter_ext_controller, - # path=self.PATH_PREFIX+'/inter_extensions/{inter_extension_id}', - # get_action='get_inter_extension', - # delete_action='delete_inter_extension', + # mapper.connect( + # controller=inter_ext_controller, + # self.PATH_PREFIX+'/inter_extensions/{inter_extension_id}', + # action='get_inter_extension', + # action='delete_inter_extension', # rel=self._get_rel('inter_extensions'), # path_vars={ # 'inter_extension_id': self._get_path('inter_extensions'), diff --git a/keystone-moon/keystone/contrib/moon/service.py b/keystone-moon/keystone/contrib/moon/service.py new file mode 100644 index 00000000..cd68e98a --- /dev/null +++ b/keystone-moon/keystone/contrib/moon/service.py @@ -0,0 +1,57 @@ +import functools +import sys + +from oslo_config import cfg +from oslo_log import log +from paste import deploy +import routes +from keystone.contrib.moon.routers import Routers + +from keystone import assignment +from keystone import auth +from keystone import catalog +from keystone.common import wsgi +from keystone import controllers +from keystone import credential +from keystone import endpoint_policy +from keystone import identity +from keystone import policy +from keystone import resource +from keystone import routers +from keystone import token +from keystone import trust + + +CONF = cfg.CONF +LOG = log.getLogger(__name__) + + +# def loadapp(conf, name): +# # NOTE(blk-u): Save the application being loaded in the controllers module. +# # This is similar to how public_app_factory() and v3_app_factory() +# # register the version with the controllers module. +# controllers.latest_app = deploy.loadapp(conf, name=name) +# return controllers.latest_app + + +def fail_gracefully(f): + """Logs exceptions and aborts.""" + @functools.wraps(f) + def wrapper(*args, **kw): + try: + return f(*args, **kw) + except Exception as e: + LOG.debug(e, exc_info=True) + + # exception message is printed to all logs + LOG.critical(e) + sys.exit(1) + + return wrapper + + +@fail_gracefully +def moon_app_factory(global_conf, **local_conf): + return wsgi.ComposingRouter(routes.Mapper(), + [Routers('moon_service')]) + diff --git a/keystone-moon/keystone/contrib/moon/wsgi.py b/keystone-moon/keystone/contrib/moon/wsgi.py new file mode 100644 index 00000000..f2a99633 --- /dev/null +++ b/keystone-moon/keystone/contrib/moon/wsgi.py @@ -0,0 +1,8 @@ +from keystone.server import wsgi +from oslo_log import log + +LOG = log.getLogger(__name__) + + +def initialize_moon_application(): + return wsgi.initialize_application('moon_service') diff --git a/keystone-moon/setup.cfg b/keystone-moon/setup.cfg index 2bb79c11..5290d40c 100644 --- a/keystone-moon/setup.cfg +++ b/keystone-moon/setup.cfg @@ -74,6 +74,7 @@ console_scripts = wsgi_scripts = keystone-wsgi-admin = keystone.server.wsgi:initialize_admin_application keystone-wsgi-public = keystone.server.wsgi:initialize_public_application + keystone-wsgi-moon = keystone.contrib.moon.wsgi:initialize_moon_application keystone.assignment = ldap = keystone.assignment.backends.ldap:Assignment @@ -205,7 +206,6 @@ paste.filter_factory = token_auth = keystone.middleware:TokenAuthMiddleware.factory url_normalize = keystone.middleware:NormalizingFilter.factory user_crud_extension = keystone.contrib.user_crud:CrudExtension.factory - moon_extension = keystone.contrib.moon.routers:Routers.factory paste.app_factory = admin_service = keystone.service:admin_app_factory @@ -213,3 +213,4 @@ paste.app_factory = public_service = keystone.service:public_app_factory public_version_service = keystone.service:public_version_app_factory service_v3 = keystone.service:v3_app_factory + moon_service = keystone.contrib.moon.service:moon_app_factory diff --git a/keystonemiddleware-moon/keystonemiddleware/moon_agent.py b/keystonemiddleware-moon/keystonemiddleware/moon_agent.py index de11e3e5..b21d9dbe 100644 --- a/keystonemiddleware-moon/keystonemiddleware/moon_agent.py +++ b/keystonemiddleware-moon/keystonemiddleware/moon_agent.py @@ -95,7 +95,7 @@ class MoonAgentKeystoneMiddleware(object): self.auth_host = conf.get('auth_host', "127.0.0.1") self.auth_port = int(conf.get('auth_port', 35357)) auth_protocol = conf.get('auth_protocol', 'http') - self._request_uri = '%s://%s:%s' % (auth_protocol, self.auth_host, # TODO: ??? for auth or authz + self._conf["_request_uri"] = '%s://%s:%s' % (auth_protocol, self.auth_host, # TODO: ??? for auth or authz self.auth_port) # SSL @@ -104,16 +104,18 @@ class MoonAgentKeystoneMiddleware(object): key_file = conf.get('keyfile') if insecure: - self._verify = False + self._conf["_verify"] = False elif cert_file and key_file: - self._verify = (cert_file, key_file) + self._conf["_verify"] = (cert_file, key_file) elif cert_file: - self._verify = cert_file + self._conf["_verify"] = cert_file else: - self._verify = None + self._conf["_verify"] = None # Moon registered mgrs self.local_registered_mgr_dict = dict() # TODO: load from the sql backend + from keystonemiddleware.moon_mgrs.authz_mgr.authz_mgr import AuthzMgr + self.local_registered_mgr_dict["authz_mgr"] = AuthzMgr(self._conf) def __set_token(self): data = self.get_url("/v3/auth/tokens", post_data=self.post_data) @@ -283,13 +285,13 @@ class MoonAgentKeystoneMiddleware(object): self.__set_token() for _mgr in self.local_registered_mgr_dict: # TODO: update from the sql backend - self.local_registered_mgr_dict[_mgr]['response_content'] = \ + self.local_registered_mgr_dict[_mgr].response_content = \ json.loads(self.local_registered_mgr_dict[_mgr].treat_request(self.x_subject_token, agent_data).content) self.__unset_token() aggregate_result = 1 for _mgr in self.local_registered_mgr_dict: - if not self.local_registered_mgr_dict[_mgr]['response_content']: + if not self.local_registered_mgr_dict[_mgr].response_content: aggregate_result = 0 if aggregate_result: diff --git a/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py b/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py index af519225..0d81a790 100644 --- a/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py +++ b/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py @@ -38,6 +38,8 @@ class AuthzMgr(object): authz_mgr_fh = logging.FileHandler(CONF.moon_authz_mgr["authz_mgr_logfile"]) self._LOG.setLevel(logging.DEBUG) self._LOG.addHandler(authz_mgr_fh) + self._conf = conf + self.response_content = "" def _deny_request(self, code): error_table = { @@ -57,7 +59,6 @@ class AuthzMgr(object): resp.body = error_msg return resp - def treat_request(self, auth_token, agent_data): if not agent_data['resource_id']: agent_data['resource_id'] = "servers" @@ -65,8 +66,8 @@ class AuthzMgr(object): headers = {'X-Auth-Token': auth_token} self._LOG.debug('X-Auth-Token={}'.format(auth_token)) try: - _url ='{}/v3/OS-MOON/authz/{}/{}/{}/{}'.format( - self._request_uri, + _url = '{}/moon/authz/{}/{}/{}/{}'.format( + self._conf["_request_uri"], agent_data['tenant_id'], agent_data['user_id'], agent_data['resource_id'], @@ -74,7 +75,7 @@ class AuthzMgr(object): self._LOG.info(_url) response = requests.get(_url, headers=headers, - verify=self._verify) + verify=self._conf["_verify"]) except requests.exceptions.RequestException as e: self._LOG.error(_LI('HTTP connection exception: %s'), e) resp = self._deny_request('InvalidURI') @@ -93,7 +94,7 @@ class AuthzMgr(object): elif response.status_code == 200: answer = json.loads(response.content) - self._LOG.debug("action_id={}/{}".format(agent_data['OS_component'] , agent_data['action_id'])) + self._LOG.debug("action_id={}/{}".format(agent_data['OS_component'], agent_data['action_id'])) self._LOG.debug(answer) if "authz" in answer and answer["authz"]: return response diff --git a/moonclient/moonclient/action_assignments.py b/moonclient/moonclient/action_assignments.py index be2a66da..5625a2f2 100644 --- a/moonclient/moonclient/action_assignments.py +++ b/moonclient/moonclient/action_assignments.py @@ -34,7 +34,7 @@ class ActionAssignmentsList(Lister): return parser def __get_scope_from_id(self, intraextension_id, action_category_id, action_scope_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format( intraextension_id, action_category_id), authtoken=True) if action_scope_id in data: @@ -43,7 +43,7 @@ class ActionAssignmentsList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_assignments/{}/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_assignments/{}/{}".format( parsed_args.intraextension, parsed_args.action_id, parsed_args.action_category_id), authtoken=True) return ( @@ -84,7 +84,7 @@ class ActionAssignmentsAdd(Command): return parser def __get_scope_from_id(self, intraextension_id, action_category_id, action_scope_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format( intraextension_id, action_category_id), authtoken=True) if action_scope_id in data: @@ -93,7 +93,7 @@ class ActionAssignmentsAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_assignments".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_assignments".format(parsed_args.intraextension), post_data={ "action_id": parsed_args.action_id, "action_category_id": parsed_args.action_category_id, @@ -139,7 +139,7 @@ class ActionAssignmentsDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_assignments/{}/{}/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_assignments/{}/{}/{}".format( parsed_args.intraextension, parsed_args.action_id, parsed_args.action_category_id, diff --git a/moonclient/moonclient/action_categories.py b/moonclient/moonclient/action_categories.py index f4400c79..bf7cb7e1 100644 --- a/moonclient/moonclient/action_categories.py +++ b/moonclient/moonclient/action_categories.py @@ -26,7 +26,7 @@ class ActionCategoriesList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_categories".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(parsed_args.intraextension), authtoken=True) return ( ("id", "name", "description"), @@ -61,7 +61,7 @@ class ActionCategoriesAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_categories".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(parsed_args.intraextension), post_data={ "action_category_name": parsed_args.action_category_name, "action_category_description": parsed_args.description}, @@ -94,7 +94,7 @@ class ActionCategoriesDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_categories/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories/{}".format( parsed_args.intraextension, parsed_args.action_category_id), method="DELETE", diff --git a/moonclient/moonclient/action_scopes.py b/moonclient/moonclient/action_scopes.py index 53ed2604..9ddf8d4e 100644 --- a/moonclient/moonclient/action_scopes.py +++ b/moonclient/moonclient/action_scopes.py @@ -31,7 +31,7 @@ class ActionScopesList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format( parsed_args.intraextension, parsed_args.action_category_id), authtoken=True) self.log.debug(data) @@ -73,7 +73,7 @@ class ActionScopesAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format( parsed_args.intraextension, parsed_args.action_category_id), post_data={ "action_scope_name": parsed_args.action_scope_name, @@ -113,7 +113,7 @@ class ActionScopesDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}/{}".format( parsed_args.intraextension, parsed_args.action_category_id, parsed_args.action_scope_id diff --git a/moonclient/moonclient/actions.py b/moonclient/moonclient/actions.py index f2550579..9fbad13a 100644 --- a/moonclient/moonclient/actions.py +++ b/moonclient/moonclient/actions.py @@ -26,7 +26,7 @@ class ActionsList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/actions".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/actions".format(parsed_args.intraextension), authtoken=True) return ( ("id", "name", "description"), @@ -61,7 +61,7 @@ class ActionsAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/actions".format(parsed_args.intraextension), # TODO: check method POST? + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/actions".format(parsed_args.intraextension), # TODO: check method POST? post_data={ "action_name": parsed_args.action_name, "action_description": parsed_args.description}, @@ -94,7 +94,7 @@ class ActionsDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/actions/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/actions/{}".format( parsed_args.intraextension, parsed_args.action_id), method="DELETE", diff --git a/moonclient/moonclient/configuration.py b/moonclient/moonclient/configuration.py index 3a77723c..a05d7151 100644 --- a/moonclient/moonclient/configuration.py +++ b/moonclient/moonclient/configuration.py @@ -18,7 +18,7 @@ class TemplatesList(Lister): return parser def take_action(self, parsed_args): - templates = self.app.get_url("/v3/OS-MOON/configuration/templates", authtoken=True) + templates = self.app.get_url(self.app.url_prefix+"/configuration/templates", authtoken=True) return ( ("id", "name", "description"), ((template_id, templates[template_id]["name"], templates[template_id]["description"]) @@ -36,7 +36,7 @@ class AggregationAlgorithmsList(Lister): return parser def take_action(self, parsed_args): - templates = self.app.get_url("/v3/OS-MOON/configuration/aggregation_algorithms", authtoken=True) + templates = self.app.get_url(self.app.url_prefix+"/configuration/aggregation_algorithms", authtoken=True) return ( ("id", "name", "description"), ((template_id, templates[template_id]["name"], templates[template_id]["description"]) @@ -54,7 +54,7 @@ class SubMetaRuleAlgorithmsList(Lister): return parser def take_action(self, parsed_args): - templates = self.app.get_url("/v3/OS-MOON/configuration/sub_meta_rule_algorithms", authtoken=True) + templates = self.app.get_url(self.app.url_prefix+"/configuration/sub_meta_rule_algorithms", authtoken=True) return ( ("id", "name", "description"), ((template_id, templates[template_id]["name"], templates[template_id]["description"]) diff --git a/moonclient/moonclient/intraextension.py b/moonclient/moonclient/intraextension.py index 24286dd9..f66aabbc 100644 --- a/moonclient/moonclient/intraextension.py +++ b/moonclient/moonclient/intraextension.py @@ -26,7 +26,7 @@ class IntraExtensionSelect(Command): return parser def take_action(self, parsed_args): - ie = self.app.get_url("/v3/OS-MOON/intra_extensions", authtoken=True) + ie = self.app.get_url(self.app.url_prefix+"/intra_extensions", authtoken=True) if parsed_args.id in ie.keys(): self.app.intraextension = parsed_args.id self.app.stdout.write("Select {} IntraExtension.\n".format(self.app.intraextension)) @@ -66,7 +66,7 @@ class IntraExtensionCreate(Command): "intra_extension_model": parsed_args.policy_model, "intra_extension_description": parsed_args.description } - ie = self.app.get_url("/v3/OS-MOON/intra_extensions", post_data=post_data, authtoken=True) + ie = self.app.get_url(self.app.url_prefix+"/intra_extensions", post_data=post_data, authtoken=True) if "id" not in ie: raise Exception("Error in command {}".format(ie)) self.app.stdout.write("IntraExtension created: {}\n".format(ie["id"])) @@ -83,7 +83,7 @@ class IntraExtensionList(Lister): return parser def take_action(self, parsed_args): - ie = self.app.get_url("/v3/OS-MOON/intra_extensions", authtoken=True) + ie = self.app.get_url(self.app.url_prefix+"/intra_extensions", authtoken=True) return ( ("id", "name", "model"), ((_id, ie[_id]["name"], ie[_id]["model"]) for _id in ie.keys()) @@ -105,7 +105,7 @@ class IntraExtensionDelete(Command): return parser def take_action(self, parsed_args): - self.app.get_url("/v3/OS-MOON/intra_extensions/{}".format(parsed_args.uuid), + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}".format(parsed_args.uuid), method="DELETE", authtoken=True) @@ -120,7 +120,7 @@ class IntraExtensionInit(Command): return parser def take_action(self, parsed_args): - self.app.get_url("/v3/OS-MOON/intra_extensions/init", + self.app.get_url(self.app.url_prefix+"/intra_extensions/init", method="GET", authtoken=True) @@ -145,7 +145,7 @@ class IntraExtensionShow(ShowOne): if parsed_args.uuid == "selected": intra_extension_id = self.app.intraextension self.log.debug("self.app.intraextension={}".format(intra_extension_id)) - ie = self.app.get_url("/v3/OS-MOON/intra_extensions/{}".format(intra_extension_id), authtoken=True) + ie = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}".format(intra_extension_id), authtoken=True) self.log.debug("ie={}".format(ie)) if "id" not in ie: self.log.error("Unknown intraextension {}".format(intra_extension_id)) diff --git a/moonclient/moonclient/logs.py b/moonclient/moonclient/logs.py index 36437786..e65a530d 100644 --- a/moonclient/moonclient/logs.py +++ b/moonclient/moonclient/logs.py @@ -85,9 +85,9 @@ class LogsList(Lister): if number: options.append("event_number={}".format(number)) if len(options) > 0: - url = "/v3/OS-MOON/logs/{}".format(",".join(options)) + url = self.app.url_prefix+"/logs/{}".format(",".join(options)) else: - url = "/v3/OS-MOON/logs" + url = self.app.url_prefix+"/logs" data = self.app.get_url(url, authtoken=True) return ( ("Time", "Message",), diff --git a/moonclient/moonclient/metarules.py b/moonclient/moonclient/metarules.py index 8938f890..6727711e 100644 --- a/moonclient/moonclient/metarules.py +++ b/moonclient/moonclient/metarules.py @@ -16,7 +16,7 @@ class AggregationAlgorithmsList(Lister): log = logging.getLogger(__name__) def __get_aggregation_algorithm_from_id(self, algorithm_id): - algorithms = self.app.get_url("/v3/OS-MOON/configuration/aggregation_algorithms", authtoken=True) + algorithms = self.app.get_url(self.app.url_prefix+"/configuration/aggregation_algorithms", authtoken=True) if algorithm_id in algorithms: return algorithms[algorithm_id] return dict() @@ -33,7 +33,7 @@ class AggregationAlgorithmsList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/aggregation_algorithm".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/aggregation_algorithm".format( parsed_args.intraextension), authtoken=True) algorithm = self.__get_aggregation_algorithm_from_id(data['aggregation_algorithm']) @@ -49,7 +49,7 @@ class AggregationAlgorithmSet(Command): log = logging.getLogger(__name__) def __get_aggregation_algorithm_from_id(self, algorithm_id): - algorithms = self.app.get_url("/v3/OS-MOON/configuration/aggregation_algorithms", authtoken=True) + algorithms = self.app.get_url(self.app.url_prefix+"/configuration/aggregation_algorithms", authtoken=True) if algorithm_id in algorithms: return algorithms[algorithm_id] return dict() @@ -76,7 +76,7 @@ class AggregationAlgorithmSet(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/aggregation_algorithm".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/aggregation_algorithm".format( parsed_args.intraextension), post_data={ "aggregation_algorithm_id": parsed_args.aggregation_algorithm_id, @@ -104,19 +104,19 @@ class SubMetaRuleShow(Lister): return parser def __get_subject_category_name(self, intraextension, subject_category_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_categories".format(intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(intraextension), authtoken=True) if subject_category_id in data: return data[subject_category_id]["name"] def __get_object_category_name(self, intraextension, object_category_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_categories".format(intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(intraextension), authtoken=True) if object_category_id in data: return data[object_category_id]["name"] def __get_action_category_name(self, intraextension, action_category_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_categories".format(intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(intraextension), authtoken=True) if action_category_id in data: return data[action_category_id]["name"] @@ -124,7 +124,7 @@ class SubMetaRuleShow(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/sub_meta_rules".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules".format(parsed_args.intraextension), authtoken=True) return ( ("id", "name", "algorithm", "subject categories", "object categories", "action categories"), @@ -205,7 +205,7 @@ class SubMetaRuleSet(Command): post_data["sub_meta_rule_subject_categories"] = filter(lambda x: x, subject_category_id) post_data["sub_meta_rule_object_categories"] = filter(lambda x: x, object_category_id) post_data["sub_meta_rule_action_categories"] = filter(lambda x: x, action_category_id) - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/sub_meta_rules/{}".format(parsed_args.intraextension, + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules/{}".format(parsed_args.intraextension, sub_meta_rule_id), post_data=post_data, method="POST", diff --git a/moonclient/moonclient/object_assignments.py b/moonclient/moonclient/object_assignments.py index b5f89002..0942aa6f 100644 --- a/moonclient/moonclient/object_assignments.py +++ b/moonclient/moonclient/object_assignments.py @@ -34,7 +34,7 @@ class ObjectAssignmentsList(Lister): return parser def __get_scope_from_id(self, intraextension_id, object_category_id, object_scope_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format( intraextension_id, object_category_id), authtoken=True) if object_scope_id in data: @@ -43,7 +43,7 @@ class ObjectAssignmentsList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_assignments/{}/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_assignments/{}/{}".format( parsed_args.intraextension, parsed_args.object_id, parsed_args.object_category_id), authtoken=True) return ( @@ -84,7 +84,7 @@ class ObjectAssignmentsAdd(Command): return parser def __get_scope_from_id(self, intraextension_id, object_category_id, object_scope_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format( intraextension_id, object_category_id), authtoken=True) if object_scope_id in data: @@ -93,7 +93,7 @@ class ObjectAssignmentsAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_assignments".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_assignments".format(parsed_args.intraextension), post_data={ "object_id": parsed_args.object_id, "object_category_id": parsed_args.object_category_id, @@ -139,7 +139,7 @@ class ObjectAssignmentsDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_assignments/{}/{}/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_assignments/{}/{}/{}".format( parsed_args.intraextension, parsed_args.object_id, parsed_args.object_category_id, diff --git a/moonclient/moonclient/object_categories.py b/moonclient/moonclient/object_categories.py index c86586f3..5641f4bf 100644 --- a/moonclient/moonclient/object_categories.py +++ b/moonclient/moonclient/object_categories.py @@ -26,7 +26,7 @@ class ObjectCategoriesList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_categories".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(parsed_args.intraextension), authtoken=True) return ( ("id", "name", "description"), @@ -61,7 +61,7 @@ class ObjectCategoriesAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_categories".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(parsed_args.intraextension), post_data={ "object_category_name": parsed_args.object_category_name, "object_category_description": parsed_args.description}, @@ -94,7 +94,7 @@ class ObjectCategoriesDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_categories/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories/{}".format( parsed_args.intraextension, parsed_args.object_category_id), method="DELETE", diff --git a/moonclient/moonclient/object_scopes.py b/moonclient/moonclient/object_scopes.py index 0fbd757d..41b9aef6 100644 --- a/moonclient/moonclient/object_scopes.py +++ b/moonclient/moonclient/object_scopes.py @@ -31,7 +31,7 @@ class ObjectScopesList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format( parsed_args.intraextension, parsed_args.object_category_id), authtoken=True) self.log.debug(data) # TODO: why log here? @@ -73,7 +73,7 @@ class ObjectScopesAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format( parsed_args.intraextension, parsed_args.object_category_id), post_data={ "object_scope_name": parsed_args.object_scope_name, @@ -113,7 +113,7 @@ class ObjectScopesDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}/{}".format( parsed_args.intraextension, parsed_args.object_category_id, parsed_args.object_scope_id diff --git a/moonclient/moonclient/objects.py b/moonclient/moonclient/objects.py index 0f6fef06..0fc04ab8 100644 --- a/moonclient/moonclient/objects.py +++ b/moonclient/moonclient/objects.py @@ -26,7 +26,7 @@ class ObjectsList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/objects".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/objects".format(parsed_args.intraextension), authtoken=True) return ( ("id", "name", "description"), @@ -61,7 +61,7 @@ class ObjectsAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/objects".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/objects".format(parsed_args.intraextension), post_data={ "object_name": parsed_args.object_name, "object_description": parsed_args.description}, @@ -94,7 +94,7 @@ class ObjectsDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/objects/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/objects/{}".format( parsed_args.intraextension, parsed_args.object_id), method="DELETE", diff --git a/moonclient/moonclient/rules.py b/moonclient/moonclient/rules.py index 682c830d..207533a8 100644 --- a/moonclient/moonclient/rules.py +++ b/moonclient/moonclient/rules.py @@ -30,39 +30,39 @@ class RulesList(Lister): return parser def __get_subject_category_name(self, intraextension, category_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_categories".format(intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(intraextension), authtoken=True) if category_id in data: return data[category_id]["name"] def __get_object_category_name(self, intraextension, category_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_categories".format(intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(intraextension), authtoken=True) if category_id in data: return data[category_id]["name"] def __get_action_category_name(self, intraextension, category_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_categories".format(intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(intraextension), authtoken=True) if category_id in data: return data[category_id]["name"] def __get_subject_scope_name(self, intraextension, category_id, scope_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format(intraextension, category_id), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(intraextension, category_id), authtoken=True) if scope_id in data: return data[scope_id]["name"] return scope_id def __get_object_scope_name(self, intraextension, category_id, scope_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format(intraextension, category_id), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(intraextension, category_id), authtoken=True) if scope_id in data: return data[scope_id]["name"] return scope_id def __get_action_scope_name(self, intraextension, category_id, scope_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format(intraextension, category_id), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(intraextension, category_id), authtoken=True) if scope_id in data: return data[scope_id]["name"] @@ -72,7 +72,7 @@ class RulesList(Lister): headers = list() headers.append("") headers.append("id") - self.sub_meta_rules = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/sub_meta_rules".format(intraextension), + self.sub_meta_rules = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules".format(intraextension), authtoken=True) for cat in self.sub_meta_rules[submetarule_id]["subject_categories"]: headers.append("s:" + self.__get_subject_category_name(intraextension, cat)) @@ -105,7 +105,7 @@ class RulesList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/rule/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/rule/{}".format( parsed_args.intraextension, parsed_args.submetarule_id, ), @@ -144,7 +144,7 @@ class RuleAdd(Command): return parser def __get_subject_scope_id(self, intraextension, category_id, scope_name): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format(intraextension, category_id), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(intraextension, category_id), authtoken=True) self.log.debug("__get_subject_scope_id {}".format(data)) for scope_id in data: @@ -153,7 +153,7 @@ class RuleAdd(Command): return scope_name def __get_object_scope_id(self, intraextension, category_id, scope_name): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format(intraextension, category_id), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(intraextension, category_id), authtoken=True) self.log.debug("__get_action_scope_id {}".format(data)) for scope_id in data: @@ -162,7 +162,7 @@ class RuleAdd(Command): return scope_name def __get_action_scope_id(self, intraextension, category_id, scope_name): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format(intraextension, category_id), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(intraextension, category_id), authtoken=True) self.log.debug("__get_object_scope_id {}".format(data)) for scope_id in data: @@ -173,7 +173,7 @@ class RuleAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.sub_meta_rules = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/sub_meta_rules".format( + self.sub_meta_rules = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules".format( parsed_args.intraextension), authtoken=True) new_rule = map(lambda x: x.strip(), parsed_args.rule.split(",")) @@ -198,7 +198,7 @@ class RuleAdd(Command): post["object_categories"].append(self.__get_object_scope_id( parsed_args.intraextension, cat, new_rule.pop(0)) ) - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/rule/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/rule/{}".format( parsed_args.intraextension, parsed_args.submetarule_id), post_data=post, authtoken=True) @@ -232,7 +232,7 @@ class RuleDelete(Command): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension self.app.get_url( - "/v3/OS-MOON/intra_extensions/{intra_extensions_id}/rule/{submetarule_id}/{rule_id}".format( + self.app.url_prefix+"/intra_extensions/{intra_extensions_id}/rule/{submetarule_id}/{rule_id}".format( intra_extensions_id=parsed_args.intraextension, submetarule_id=parsed_args.submetarule_id, rule_id=parsed_args.rule_id diff --git a/moonclient/moonclient/shell.py b/moonclient/moonclient/shell.py index 1be1a42a..ce2b0102 100644 --- a/moonclient/moonclient/shell.py +++ b/moonclient/moonclient/shell.py @@ -32,13 +32,14 @@ class MoonClient(App): log = logging.getLogger(__name__) x_subject_token = None host = "localhost" - port = "35357" + port = "35358" tenant = None _intraextension = None _tenant_id = None _tenant_name = None secureprotocol = False user_saving_file = ".moonclient" + url_prefix = "/moon" post = { "auth": { "identity": { @@ -112,7 +113,7 @@ class MoonClient(App): def tenant_id(self): if not self._tenant_id: self._tenant_id = self.get_url("/v3/projects?name={}".format(self._tenant_name), - authtoken=True)["projects"][0]["id"] + authtoken=True, port=5000)["projects"][0]["id"] return self._tenant_id @property @@ -129,16 +130,18 @@ class MoonClient(App): open(os.path.join(os.getenv('HOME'), self.user_saving_file), "w").write(value) def get_tenant_uuid(self, tenant_name): - return self.get_url("/v3/projects?name={}".format(tenant_name), authtoken=True)["projects"][0]["id"] + return self.get_url("/v3/projects?name={}".format(tenant_name), authtoken=True, port=5000)["projects"][0]["id"] - def get_url(self, url, post_data=None, delete_data=None, method="GET", authtoken=None): + def get_url(self, url, post_data=None, delete_data=None, method="GET", authtoken=None, port=None): if post_data: method = "POST" if delete_data: method = "DELETE" self.log.debug("\033[32m{} {}\033[m".format(method, url)) # TODO: we must manage authentication and requests with secure protocol (ie. HTTPS) - conn = httplib.HTTPConnection(self.host, self.port) + if not port: + port = self.port + conn = httplib.HTTPConnection(self.host, port) self.log.debug("Host: {}:{}".format(self.host, self.port)) headers = { "Content-type": "application/x-www-form-urlencoded", diff --git a/moonclient/moonclient/subject_assignments.py b/moonclient/moonclient/subject_assignments.py index 5ca31291..ec5e9549 100644 --- a/moonclient/moonclient/subject_assignments.py +++ b/moonclient/moonclient/subject_assignments.py @@ -34,7 +34,7 @@ class SubjectAssignmentsList(Lister): return parser def __get_scope_from_id(self, intraextension_id, subject_category_id, subject_scope_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format( intraextension_id, subject_category_id), authtoken=True) if subject_scope_id in data: @@ -43,7 +43,7 @@ class SubjectAssignmentsList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_assignments/{}/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_assignments/{}/{}".format( parsed_args.intraextension, parsed_args.subject_id, parsed_args.subject_category_id), authtoken=True) return ( @@ -84,7 +84,7 @@ class SubjectAssignmentsAdd(Command): return parser def __get_scope_from_id(self, intraextension_id, subject_category_id, subject_scope_id): - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format( intraextension_id, subject_category_id), authtoken=True) if subject_scope_id in data: @@ -93,7 +93,7 @@ class SubjectAssignmentsAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_assignments".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_assignments".format(parsed_args.intraextension), post_data={ "subject_id": parsed_args.subject_id, "subject_category_id": parsed_args.subject_category_id, @@ -139,7 +139,7 @@ class SubjectAssignmentsDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_assignments/{}/{}/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_assignments/{}/{}/{}".format( parsed_args.intraextension, parsed_args.subject_id, parsed_args.subject_category_id, diff --git a/moonclient/moonclient/subject_categories.py b/moonclient/moonclient/subject_categories.py index e7ecfe6a..810b0b5f 100644 --- a/moonclient/moonclient/subject_categories.py +++ b/moonclient/moonclient/subject_categories.py @@ -26,7 +26,7 @@ class SubjectCategoriesList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_categories".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(parsed_args.intraextension), authtoken=True) return ( ("id", "name", "description"), @@ -61,7 +61,7 @@ class SubjectCategoriesAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_categories".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(parsed_args.intraextension), post_data={ "subject_category_name": parsed_args.subject_category_name, "subject_category_description": parsed_args.description}, @@ -94,7 +94,7 @@ class SubjectCategoriesDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_categories/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories/{}".format( parsed_args.intraextension, parsed_args.subject_category_id), method="DELETE", diff --git a/moonclient/moonclient/subject_scopes.py b/moonclient/moonclient/subject_scopes.py index f960a1d0..90cc5dcc 100644 --- a/moonclient/moonclient/subject_scopes.py +++ b/moonclient/moonclient/subject_scopes.py @@ -31,7 +31,7 @@ class SubjectScopesList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format( parsed_args.intraextension, parsed_args.subject_category_id), authtoken=True) @@ -73,7 +73,7 @@ class SubjectScopesAdd(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format( + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format( parsed_args.intraextension, parsed_args.subject_category_id), post_data={ "subject_scope_name": parsed_args.subject_scope_name, @@ -113,7 +113,7 @@ class SubjectScopesDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}/{}".format( parsed_args.intraextension, parsed_args.subject_category_id, parsed_args.subject_scope_id diff --git a/moonclient/moonclient/subjects.py b/moonclient/moonclient/subjects.py index 29ce745d..8203cd92 100644 --- a/moonclient/moonclient/subjects.py +++ b/moonclient/moonclient/subjects.py @@ -27,7 +27,7 @@ class SubjectsList(Lister): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subjects".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subjects".format(parsed_args.intraextension), authtoken=True) return ( ("id", "name", "Keystone ID"), @@ -74,7 +74,7 @@ class SubjectsAdd(Command): parsed_args.intraextension = self.app.intraextension if not parsed_args.password: parsed_args.password = getpass.getpass("Password for user {}:".format(parsed_args.subject_name)) - data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subjects".format(parsed_args.intraextension), + data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subjects".format(parsed_args.intraextension), post_data={ "subject_name": parsed_args.subject_name, "subject_description": parsed_args.description, @@ -110,7 +110,7 @@ class SubjectsDelete(Command): def take_action(self, parsed_args): if not parsed_args.intraextension: parsed_args.intraextension = self.app.intraextension - self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subjects/{}".format( + self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subjects/{}".format( parsed_args.intraextension, parsed_args.subject_id ), diff --git a/moonclient/moonclient/tenants.py b/moonclient/moonclient/tenants.py index b2e0aafa..99c6e501 100644 --- a/moonclient/moonclient/tenants.py +++ b/moonclient/moonclient/tenants.py @@ -19,7 +19,7 @@ class TenantList(Lister): return parser def take_action(self, parsed_args): - tenants = self.app.get_url("/v3/OS-MOON/tenants", authtoken=True) + tenants = self.app.get_url(self.app.url_prefix+"/tenants", authtoken=True) self.log.debug(tenants) return ( ("id", "name", "description", "intra_authz_extension_id", "intra_admin_extension_id"), @@ -72,7 +72,7 @@ class TenantAdd(Command): post_data["tenant_intra_admin_extension_id"] = parsed_args.admin if parsed_args.desc: post_data["tenant_description"] = parsed_args.desc - tenants = self.app.get_url("/v3/OS-MOON/tenants", + tenants = self.app.get_url(self.app.url_prefix+"/tenants", post_data=post_data, authtoken=True) return ( @@ -103,7 +103,7 @@ class TenantShow(Command): return parser def take_action(self, parsed_args): - tenants = self.app.get_url("/v3/OS-MOON/tenants/{}".format(parsed_args.tenant_name), + tenants = self.app.get_url(self.app.url_prefix+"/tenants/{}".format(parsed_args.tenant_name), authtoken=True) return ( ("id", "name", "description", "intra_authz_extension_id", "intra_admin_extension_id"), @@ -164,7 +164,7 @@ class TenantSet(Command): post_data["tenant_intra_admin_extension_id"] = parsed_args.admin if parsed_args.desc is not None: post_data["tenant_description"] = parsed_args.desc - tenants = self.app.get_url("/v3/OS-MOON/tenants/{}".format(post_data["tenant_id"]), + tenants = self.app.get_url(self.app.url_prefix+"/tenants/{}".format(post_data["tenant_id"]), post_data=post_data, authtoken=True) return ( @@ -195,6 +195,6 @@ class TenantDelete(Command): return parser def take_action(self, parsed_args): - self.app.get_url("/v3/OS-MOON/tenants/{}".format(parsed_args.tenant_id), + self.app.get_url(self.app.url_prefix+"/tenants/{}".format(parsed_args.tenant_id), method="DELETE", authtoken=True) diff --git a/moonclient/moonclient/tests.py b/moonclient/moonclient/tests.py index 3bef6b9d..bace73af 100644 --- a/moonclient/moonclient/tests.py +++ b/moonclient/moonclient/tests.py @@ -81,20 +81,24 @@ class TestsLaunch(Lister): result_ok = True # self.log.info(result_id) # self.log.info(result_values[1]) + log_filename = "" for value in result_values[1]: if "False" in value[2]: result_ok = False - break + if "Overall results" in value[1]: + log_filename = value[3] if result_ok: - results.append((result_id, "\033[32mTrue\033[m")) + results.append((result_id, "\033[32mTrue\033[m", log_filename)) else: - results.append((result_id, "\033[1m\033[31mFalse\033[m")) + results.append((result_id, "\033[1m\033[31mFalse\033[m", log_filename)) return ( - ("filename", "results"), + ("filename", "results", "log file"), results ) def test_file(self, testfile): + self.logfile_name = "/tmp/moonclient_test_{}.log".format(time.strftime("%Y%m%d-%H%M%S")) + self.logfile = open(self.logfile_name, "w") stdout_back = self.app.stdout tests_dict = json.load(open(testfile)) self.log.debug("tests_dict = {}".format(tests_dict)) |