diff options
-rw-r--r-- | keystone-moon/keystone/contrib/moon/backends/sql.py | 187 | ||||
-rw-r--r-- | keystone-moon/keystone/contrib/moon/controllers.py | 192 | ||||
-rw-r--r-- | keystone-moon/keystone/contrib/moon/core.py | 344 |
3 files changed, 204 insertions, 519 deletions
diff --git a/keystone-moon/keystone/contrib/moon/backends/sql.py b/keystone-moon/keystone/contrib/moon/backends/sql.py index 272dc4ac..deacc420 100644 --- a/keystone-moon/keystone/contrib/moon/backends/sql.py +++ b/keystone-moon/keystone/contrib/moon/backends/sql.py @@ -226,11 +226,12 @@ class SubjectAssignment(sql.ModelBase, sql.DictBase): class ObjectAssignment(sql.ModelBase, sql.DictBase): __tablename__ = 'object_assignments' - attributes = ['id', 'object_assignment', 'intra_extension_id', 'object_id'] + attributes = ['id', 'object_assignment', 'intra_extension_id', 'object_id', 'object_category_id'] id = sql.Column(sql.String(64), primary_key=True) object_assignment = sql.Column(sql.JsonBlob(), nullable=True) intra_extension_id = sql.Column(sql.ForeignKey("intra_extensions.id"), nullable=False) object_id = sql.Column(sql.ForeignKey("objects.id"), nullable=False) + object_category_id = sql.Column(sql.ForeignKey("object_categories.id"), nullable=False) @classmethod def from_dict(cls, d): @@ -243,11 +244,12 @@ class ObjectAssignment(sql.ModelBase, sql.DictBase): class ActionAssignment(sql.ModelBase, sql.DictBase): __tablename__ = 'action_assignments' - attributes = ['id', 'action_assignment', 'intra_extension_id', 'action_id'] + attributes = ['id', 'action_assignment', 'intra_extension_id', 'action_id', 'action_category_id'] id = sql.Column(sql.String(64), primary_key=True) action_assignment = sql.Column(sql.JsonBlob(), nullable=True) intra_extension_id = sql.Column(sql.ForeignKey("intra_extensions.id"), nullable=False) action_id = sql.Column(sql.ForeignKey("actions.id"), nullable=False) + action_category_id = sql.Column(sql.ForeignKey("action_categories.id"), nullable=False) @classmethod def from_dict(cls, d): @@ -377,8 +379,8 @@ class IntraExtensionConnector(IntraExtensionDriver): def get_intra_extensions_dict(self): with sql.transaction() as session: query = session.query(IntraExtension.id) - intraextensions = query.all() - return {intraextension.id: IntraExtension.to_dict(intraextension) for intraextension in intraextensions} + ref_list = query.all() + return {_ref.id: _ref.intraextension for _ref in ref_list} # TODO (dthom): load_intra_extension(self): @@ -402,10 +404,7 @@ class IntraExtensionConnector(IntraExtensionDriver): ref = query.first() intra_extension_ref = ref.to_dict() intra_extension_ref.update(intra_extension_dict) - new_intra_extension = IntraExtension( - id=intra_extension_id, - intra_extension=intra_extension_ref - ) + new_intra_extension = IntraExtension(id=intra_extension_id, intra_extension=intra_extension_ref) for attr in Tenant.attributes: if attr != 'id': setattr(ref, attr, getattr(new_intra_extension, attr)) @@ -418,7 +417,7 @@ class IntraExtensionConnector(IntraExtensionDriver): query = session.query(SubjectCategory) query = query.filter_by(intra_extension_id=intra_extension_id) ref_list = query.all() - return {_ref.id: _ref.to_dict()['subject_category'] for _ref in ref_list} + return {_ref.id: _ref.subject_category for _ref in ref_list} def set_subject_category_dict(self, intra_extension_id, subject_category_id, subject_category_dict): with sql.transaction() as session: @@ -450,7 +449,7 @@ class IntraExtensionConnector(IntraExtensionDriver): # Getter and Setter for object_category - def get_object_category_dict(self, intra_extension_id): + def get_object_categories_dict(self, intra_extension_id): with sql.transaction() as session: query = session.query(ObjectCategory) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -459,8 +458,7 @@ class IntraExtensionConnector(IntraExtensionDriver): raise IntraExtensionUnknown() return ref.to_dict() - # TODO: to recheck - def set_object_category_dict(self, intra_extension_id, object_categories): + def set_object_category_dict(self, intra_extension_id, object_category_id, object_category_dict): with sql.transaction() as session: query = session.query(ObjectCategory) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -481,29 +479,6 @@ class IntraExtensionConnector(IntraExtensionDriver): setattr(ref, attr, getattr(new_ref, attr)) return ref.to_dict() - def add_object_category(self, intra_extension_id, object_category_id, object_category_name): - with sql.transaction() as session: - query = session.query(ObjectCategory) - query = query.filter_by(intra_extension_id=intra_extension_id) - ref = query.first() - if not ref: - raise IntraExtensionUnknown() - old_ref = ref.to_dict() - object_categories = dict(old_ref["object_categories"]) - # TODO: object_categories[object_category_id] is a dict - object_categories[object_category_id] = object_category_name - new_ref = ObjectCategory.from_dict( - { - "id": old_ref["id"], - 'object_categories': object_categories, - 'intra_extension_id': old_ref["intra_extension_id"] - } - ) - for attr in ObjectCategory.attributes: - if attr != 'id': - setattr(ref, attr, getattr(new_ref, attr)) - return ref.to_dict() - def del_object_category(self, intra_extension_id, object_category_id): with sql.transaction() as session: query = session.query(ObjectCategory) @@ -533,7 +508,7 @@ class IntraExtensionConnector(IntraExtensionDriver): # Getter and Setter for action_category - def get_action_category_dict(self, intra_extension_id): + def get_action_categories_dict(self, intra_extension_id): with sql.transaction() as session: query = session.query(ActionCategory) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -542,8 +517,7 @@ class IntraExtensionConnector(IntraExtensionDriver): raise IntraExtensionUnknown() return ref.to_dict() - # TODO: to recheck - def set_action_category_dict(self, intra_extension_id, action_categories): + def set_action_category_dict(self, intra_extension_id, action_category_id, action_category_dict): with sql.transaction() as session: query = session.query(ActionCategory) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -564,29 +538,6 @@ class IntraExtensionConnector(IntraExtensionDriver): setattr(ref, attr, getattr(new_ref, attr)) return ref.to_dict() - def add_action_category(self, intra_extension_id, action_category_id, action_category_name): - with sql.transaction() as session: - query = session.query(ActionCategory) - query = query.filter_by(intra_extension_id=intra_extension_id) - ref = query.first() - if not ref: - raise IntraExtensionUnknown() - old_ref = ref.to_dict() - action_categories = dict(old_ref["action_categories"]) - # TODO: action_categories[action_category_id] is a dict - action_categories[action_category_id] = action_category_name - new_ref = ActionCategory.from_dict( - { - "id": old_ref["id"], - 'action_categories': action_categories, - 'intra_extension_id': old_ref["intra_extension_id"] - } - ) - for attr in ActionCategory.attributes: - if attr != 'id': - setattr(ref, attr, getattr(new_ref, attr)) - return ref.to_dict() - def del_action_category(self, intra_extension_id, action_category_id): with sql.transaction() as session: query = session.query(ActionCategory) @@ -651,7 +602,7 @@ class IntraExtensionConnector(IntraExtensionDriver): ref = query.first() session.delete(ref) - def get_object_dict(self, intra_extension_id): + def get_objects_dict(self, intra_extension_id): with sql.transaction() as session: query = session.query(Object) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -660,8 +611,7 @@ class IntraExtensionConnector(IntraExtensionDriver): raise IntraExtensionUnknown() return ref.to_dict() - # TODO: to recheck - def set_object_dict(self, intraa_extension_id, object_id): + def set_object_dict(self, intra_extension_id, object_id, object_dict): with sql.transaction() as session: query = session.query(Object) query = query.filter_by(intra_extension_id=intraa_extension_id) @@ -682,29 +632,6 @@ class IntraExtensionConnector(IntraExtensionDriver): setattr(ref, attr, getattr(new_ref, attr)) return ref.to_dict() - def add_object(self, intra_extension_id, object_id, object_name): - with sql.transaction() as session: - query = session.query(Object) - query = query.filter_by(intra_extension_id=intra_extension_id) - ref = query.first() - if not ref: - raise IntraExtensionUnknown() - old_ref = ref.to_dict() - objects = dict(old_ref["objects"]) - # TODO: objects[object_id] is a dict - objects[object_id] = object_name - new_ref = Object.from_dict( - { - "id": old_ref["id"], - 'objects': objects, - 'intra_extension_id': old_ref["intra_extension_id"] - } - ) - for attr in Object.attributes: - if attr != 'id': - setattr(ref, attr, getattr(new_ref, attr)) - return ref.to_dict() - def del_object(self, intra_extension_id, object_id): with sql.transaction() as session: query = session.query(Object) @@ -731,7 +658,7 @@ class IntraExtensionConnector(IntraExtensionDriver): if attr != 'id': setattr(ref, attr, getattr(new_ref, attr)) - def get_action_dict(self, intra_extension_id): + def get_actions_dict(self, intra_extension_id): with sql.transaction() as session: query = session.query(Action) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -740,8 +667,7 @@ class IntraExtensionConnector(IntraExtensionDriver): raise IntraExtensionUnknown() return ref.to_dict() - # TODO: to recheck - def set_action_dict(self, intra_extension_id, action_id): + def set_action_dict(self, intra_extension_id, action_id, action_dict): with sql.transaction() as session: query = session.query(Action) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -762,29 +688,6 @@ class IntraExtensionConnector(IntraExtensionDriver): setattr(ref, attr, getattr(new_ref, attr)) return ref.to_dict() - def add_action(self, intra_extension_id, action_id, action_name): - with sql.transaction() as session: - query = session.query(Action) - query = query.filter_by(intra_extension_id=intra_extension_id) - ref = query.first() - if not ref: - raise IntraExtensionUnknown() - old_ref = ref.to_dict() - actions = dict(old_ref["actions"]) - # TODO: actions[action_id] is a dict - actions[action_id] = action_name - new_ref = Action.from_dict( - { - "id": old_ref["id"], - 'actions': actions, - 'intra_extension_id': old_ref["intra_extension_id"] - } - ) - for attr in Action.attributes: - if attr != 'id': - setattr(ref, attr, getattr(new_ref, attr)) - return ref.to_dict() - def del_action(self, intra_extension_id, action_id): with sql.transaction() as session: query = session.query(Action) @@ -853,7 +756,7 @@ class IntraExtensionConnector(IntraExtensionDriver): # Getter and Setter for object_category_scope - def get_object_scope_dict(self, intra_extension_id, object_category_id): + def get_object_scopes_dict(self, intra_extension_id, object_category_id): with sql.transaction() as session: query = session.query(ObjectScope) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -865,7 +768,7 @@ class IntraExtensionConnector(IntraExtensionDriver): raise ObjectScopeUnknown() return result - def set_object_scope_dict(self, intra_extension_id, object_category_id, object_scope_id): + def set_object_scope_dict(self, intra_extension_id, object_category_id, object_scope_id, object_scope_dict): with sql.transaction() as session: query = session.query(ObjectScope) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -887,20 +790,6 @@ class IntraExtensionConnector(IntraExtensionDriver): session.add(new_ref) return new_ref.to_dict() - def add_object_scope(self, intra_extension_id, object_category_id, object_scope_id, object_scope_name): - with sql.transaction() as session: - query = session.query(ObjectScope) - query = query.filter_by(intra_extension_id=intra_extension_id) - ref = query.first() - if not ref: - raise IntraExtensionUnknown() - old_ref = ref.to_dict() - scope = dict(old_ref["object_scope"]) - if object_category_id not in scope: - scope[object_category_id] = dict() - scope[object_category_id][object_scope_id] = object_scope_name - return self.set_object_scope_dict(intra_extension_id, object_category_id, scope[object_category_id]) - def del_object_scope(self, intra_extension_id, object_category_id, object_scope_id): with sql.transaction() as session: query = session.query(ObjectScope) @@ -930,7 +819,7 @@ class IntraExtensionConnector(IntraExtensionDriver): # Getter and Setter for action_scope - def get_action_scope_dict(self, intra_extension_id, action_category_id): + def get_action_scopes_dict(self, intra_extension_id, action_category_id): with sql.transaction() as session: query = session.query(ActionScope) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -942,7 +831,7 @@ class IntraExtensionConnector(IntraExtensionDriver): raise ActionScopeUnknown() return result - def set_action_scope_dict(self, intra_extension_id, action_category_id, action_scope_id): + def set_action_scope_dict(self, intra_extension_id, action_category_id, action_scope_id, action_scope_dict): with sql.transaction() as session: query = session.query(ActionScope) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -964,20 +853,6 @@ class IntraExtensionConnector(IntraExtensionDriver): session.add(new_ref) return new_ref.to_dict() - def add_action_scope(self, intra_extension_id, action_category_id, action_scope_id, action_scope_name): - with sql.transaction() as session: - query = session.query(ActionScope) - query = query.filter_by(intra_extension_id=intra_extension_id) - ref = query.first() - if not ref: - raise IntraExtensionUnknown() - old_ref = ref.to_dict() - scope = dict(old_ref["action_scope"]) - if action_category_id not in scope: - scope[action_category_id] = dict() - scope[action_category_id][action_scope_id] = action_scope_name - return self.set_action_scope_dict(intra_extension_id, action_category_id, scope[action_category_id]) - def del_action_scope(self, intra_extension_id, action_category_id, action_scope_id): with sql.transaction() as session: query = session.query(ActionScope) @@ -1049,7 +924,7 @@ class IntraExtensionConnector(IntraExtensionDriver): # Getter and Setter for object_category_assignment - def get_object_assignment_dict(self, intra_extension_id, object_id): + def get_object_assignment_list(self, intra_extension_id, object_id, object_category_id): """ From a object_uuid, return a dictionary of (category: scope for that object) :param intra_extension_id: intra extension UUID @@ -1072,7 +947,7 @@ class IntraExtensionConnector(IntraExtensionDriver): _ref["object_assignment"][object_id] = dict() return _ref - def set_object_assignment_dict(self, intra_extension_id, object_id=None, object_assignment_dict={}): + def set_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_assignment_list=[]): with sql.transaction() as session: query = session.query(ObjectAssignment) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -1099,7 +974,7 @@ class IntraExtensionConnector(IntraExtensionDriver): setattr(ref, attr, getattr(new_ref, attr)) return ref.to_dict() - def add_object_assignment(self, intra_extension_id, object_id, object_category_id, object_scope_id): + def add_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_scope_id): with sql.transaction() as session: query = session.query(ObjectAssignment) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -1113,7 +988,7 @@ class IntraExtensionConnector(IntraExtensionDriver): assignments[object_id][object_category_id] = list() if object_scope_id not in assignments[object_id][object_category_id]: assignments[object_id][object_category_id].append(object_scope_id) - return self.set_object_assignment_dict( + return self.set_object_assignment_list( intra_extension_id, object_id, assignments[object_id]) @@ -1133,14 +1008,14 @@ class IntraExtensionConnector(IntraExtensionDriver): old_ref["object_assignment"][object_id].pop(object_category_id) if not old_ref["object_assignment"][object_id]: old_ref["object_assignment"].pop(object_id) - self.set_object_assignment_dict( + self.set_object_assignment_list( intra_extension_id, object_id, old_ref["object_assignment"][object_id]) # Getter and Setter for action_category_assignment - def get_action_assignment_dict(self, intra_extension_id, action_id): + def get_action_assignment_list(self, intra_extension_id, action_id, action_category_id): """ From a action_id, return a dictionary of (category: scope for that action) :param intra_extension_id: intra extension UUID @@ -1163,7 +1038,7 @@ class IntraExtensionConnector(IntraExtensionDriver): _ref["action_assignment"][action_id] = dict() return _ref - def set_action_assignment_dict(self, intra_extension_id, action_id=None, action_assignment_dict={}): + def set_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_assignment_list=[]): with sql.transaction() as session: query = session.query(ActionAssignment) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -1190,7 +1065,7 @@ class IntraExtensionConnector(IntraExtensionDriver): setattr(ref, attr, getattr(new_ref, attr)) return ref.to_dict() - def add_action_assignment(self, intra_extension_id, action_id, action_category_id, action_scope_id): + def add_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_scope_id): with sql.transaction() as session: query = session.query(ActionAssignment) query = query.filter_by(intra_extension_id=intra_extension_id) @@ -1204,7 +1079,7 @@ class IntraExtensionConnector(IntraExtensionDriver): assignments[action_id][action_category_id] = list() if action_scope_id not in assignments[action_id][action_category_id]: assignments[action_id][action_category_id].append(action_scope_id) - return self.set_action_assignment_dict( + return self.set_action_assignment_list( intra_extension_id, action_id, assignments[action_id]) @@ -1224,7 +1099,7 @@ class IntraExtensionConnector(IntraExtensionDriver): old_ref["action_assignment"][action_id].pop(action_category_id) if not old_ref["action_assignment"][action_id]: old_ref["action_assignment"].pop(action_id) - self.set_action_assignment_dict( + self.set_action_assignment_list( intra_extension_id, action_id, old_ref["action_assignment"][action_id]) @@ -1324,7 +1199,7 @@ class IntraExtensionConnector(IntraExtensionDriver): setattr(ref, attr, getattr(new_ref, attr)) return self.get_rules_dict(intra_extension_id, sub_meta_rule_id)[rule_id] - def del_rule_dict(self, intra_extension_id, sub_meta_rule_id, rule_id): + def del_rule(self, intra_extension_id, sub_meta_rule_id, rule_id): with sql.transaction() as session: query = session.query(Rule) query = query.filter_by(rule_id=rule_id) diff --git a/keystone-moon/keystone/contrib/moon/controllers.py b/keystone-moon/keystone/contrib/moon/controllers.py index cf069a42..390c8363 100644 --- a/keystone-moon/keystone/contrib/moon/controllers.py +++ b/keystone-moon/keystone/contrib/moon/controllers.py @@ -242,7 +242,7 @@ class IntraExtensions(controller.V3Controller): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get('intra_extension_id', None) object_category_id = kw.get("object_category_id", None) - return self.admin_api.get_object_category_dict(user_id, ie_id, object_category_id) + return self.admin_api.get_object_categories_dict(user_id, ie_id, object_category_id) @controller.protected() def del_object_category(self, context, **kw): @@ -281,7 +281,7 @@ class IntraExtensions(controller.V3Controller): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get('intra_extension_id', None) action_category_id = kw.get("action_category_id", None) - return self.admin_api.get_action_category_dict(user_id, ie_id, action_category_id) + return self.admin_api.get_action_categories_dict(user_id, ie_id, action_category_id) @controller.protected() def del_action_category(self, context, **kw): @@ -352,14 +352,15 @@ class IntraExtensions(controller.V3Controller): ie_id = kw.get("intra_extension_id", None) object_dict = dict() object_dict['name'] = kw.get("object_name", None) - return self.admin_api.add_object(user_id, ie_id, object_dict) + object_dict['description'] = kw.get("object_description", None) + return self.admin_api.add_object_dict(user_id, ie_id, object_dict) @controller.protected() def get_object(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) object_id = kw.get("object_id", None) - return self.admin_api.get_object_dict(user_id, ie_id, object_id) + return self.admin_api.get_objects_dict(user_id, ie_id, object_id) @controller.protected() def del_object(self, context, **kw): @@ -390,14 +391,15 @@ class IntraExtensions(controller.V3Controller): ie_id = kw.get("intra_extension_id", None) action_dict = dict() action_dict['name'] = kw.get("action_name", None) - return self.admin_api.add_action(user_id, ie_id, action_dict) + action_dict['description'] = kw.get("action_description", None) + return self.admin_api.add_action_dict(user_id, ie_id, action_dict) @controller.protected() def get_action(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) action_id = kw.get("action_id", None) - return self.admin_api.get_action_dict(user_id, ie_id, action_id) + return self.admin_api.get_actions_dict(user_id, ie_id, action_id) @controller.protected() def del_action(self, context, **kw): @@ -465,79 +467,89 @@ class IntraExtensions(controller.V3Controller): def get_object_scopes(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - object_category_id = kw["object_category_id"] - return self.admin_api.get_object_scope_dict(user_id, ie_id, object_category_id) + object_category_id = kw.get("object_category_id", None) + return self.admin_api.get_object_scopes_dict(user_id, ie_id, object_category_id) @controller.protected() def add_object_scope(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - object_category_id = kw["object_category_id"] - object_scope_name = kw["object_scope_name"] - return self.admin_api.add_object_scope( - user_id, - ie_id, - object_category_id, - object_scope_name) + object_category_id = kw.get("object_category_id", None) + object_scope_dict = dict() + object_scope_dict['name'] = kw.get("object_scope_name", None) + object_scope_dict['description'] = kw.get("object_scope_description", None) + return self.admin_api.add_object_scope_dict(user_id, ie_id, object_category_id, object_scope_dict) @controller.protected() def get_object_scope(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - object_category_id = kw["object_category_id"] - object_scope_id = kw["object_scope_id"] - return self.admin_api.get_object_category_scope(user_id, ie_id, object_category_id, object_scope_id) + object_category_id = kw.get("object_category_id", None) + object_scope_id = kw.get("object_scope_id", None) + return self.admin_api.get_object_scopes_dict(user_id, ie_id, object_category_id, object_scope_id) @controller.protected() def del_object_scope(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - object_category_id = kw["object_category_id"] - object_scope_id = kw["object_scope_id"] - self.admin_api.del_object_scope( - user_id, - ie_id, - object_category_id, - object_scope_id) + object_category_id = kw.get("object_category_id", None) + object_scope_id = kw.get("object_scope_id", None) + self.admin_api.del_object_scope(user_id, ie_id, object_category_id, object_scope_id) + + @controller.protected() + def set_object_scope(self, context, **kw): + user_id = self._get_user_id_from_token(context.get('token_id')) + ie_id = kw.get("intra_extension_id", None) + object_category_id = kw.get("object_category_id", None) + object_scope_id = kw.get("object_scope_id", None) + object_scope_dict = dict() + object_scope_dict['name'] = kw.get("object_scope_name", None) + object_scope_dict['description'] = kw.get("object_scope_description", None) + return self.admin_api.set_object_scope_dict(user_id, ie_id, object_category_id, object_scope_id, object_scope_dict) @controller.protected() def get_action_scopes(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - action_category_id = kw["action_category_id"] - return self.admin_api.get_action_scope_dict(user_id, ie_id, action_category_id) + action_category_id = kw.get("action_category_id", None) + return self.admin_api.get_action_scopes_dict(user_id, ie_id, action_category_id) @controller.protected() def add_action_scope(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - action_category_id = kw["action_category_id"] - action_scope_name = kw["action_scope_name"] - return self.admin_api.add_action_scope( - user_id, - ie_id, - action_category_id, - action_scope_name) + action_category_id = kw.get("action_category_id", None) + action_scope_dict = dict() + action_scope_dict['name'] = kw.get("action_scope_name", None) + action_scope_dict['description'] = kw.get("action_scope_description", None) + return self.admin_api.add_action_scope_dict(user_id, ie_id, action_category_id, action_scope_dict) @controller.protected() def get_action_scope(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - action_category_id = kw["action_category_id"] - action_scope_id = kw["action_scope_id"] - return self.admin_api.get_action_scope_dict(user_id, ie_id, action_category_id)[action_scope_id] + action_category_id = kw.get("action_category_id", None) + action_scope_id = kw.get("action_scope_id", None) + return self.admin_api.get_action_scopes_dict(user_id, ie_id, action_category_id, action_scope_id) @controller.protected() def del_action_scope(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - action_category_id = kw["action_category_id"] - action_scope_id = kw["action_scope_id"] - self.admin_api.del_action_scope( - user_id, - ie_id, - action_category_id, - action_scope_id) + action_category_id = kw.get("action_category_id", None) + action_scope_id = kw.get("action_scope_id", None) + self.admin_api.del_action_scope(user_id, ie_id, action_category_id, action_scope_id) + + @controller.protected() + def set_action_scope(self, context, **kw): + user_id = self._get_user_id_from_token(context.get('token_id')) + ie_id = kw.get("intra_extension_id", None) + action_category_id = kw.get("action_category_id", None) + action_scope_id = kw.get("action_scope_id", None) + action_scope_dict = dict() + action_scope_dict['name'] = kw.get("action_scope_name", None) + action_scope_dict['description'] = kw.get("action_scope_description", None) + return self.admin_api.set_action_scope_dict(user_id, ie_id, action_category_id, action_scope_id, action_scope_dict) # Assignment functions @@ -548,12 +560,7 @@ class IntraExtensions(controller.V3Controller): subject_id = kw.get("subject_id", None) subject_category_id = kw.get("subject_category_id", None) subject_scope_id = kw.get("subject_scope_id", None) - return self.admin_api.add_subject_assignment_list( - user_id, - ie_id, - subject_id, - subject_category_id, - subject_scope_id) + return self.admin_api.add_subject_assignment_list(user_id, ie_id, subject_id, subject_category_id, subject_scope_id) @controller.protected() def get_subject_assignment(self, context, **kw): @@ -570,98 +577,59 @@ class IntraExtensions(controller.V3Controller): subject_id = kw.get("subject_id", None) subject_category_id = kw.get("subject_category_id", None) subject_scope_id = kw.get("subject_scope_id", None) - self.admin_api.del_subject_assignment( - user_id, - ie_id, - subject_id, - subject_category_id, - subject_scope_id) - - @controller.protected() - def get_object_assignments(self, context, **kw): - user_id = self._get_user_id_from_token(context.get('token_id')) - ie_id = kw.get("intra_extension_id", None) - object_id = kw["object_id"] - return self.admin_api.get_object_assignment_dict(user_id, ie_id, object_id) + self.admin_api.del_subject_assignment(user_id, ie_id, subject_id, subject_category_id, subject_scope_id) @controller.protected() def add_object_assignment(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - object_id = kw["object_id"] - object_category_id = kw["object_category_id"] - object_scope_id = kw["object_scope_id"] - return self.admin_api.add_objecty_assignment( - user_id, - ie_id, - object_id, - object_category_id, - object_scope_id) + object_id = kw.get("object_id", None) + object_category_id = kw.get("object_category_id", None) + object_scope_id = kw.get("object_scope_id", None) + return self.admin_api.add_objecty_assignment_list(user_id, ie_id, object_id, object_category_id, object_scope_id) @controller.protected() def get_object_assignment(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - object_id = kw["object_id"] - object_category_id = kw["object_category_id"] - return self.admin_api.get_object_assignment_dict(user_id, ie_id, object_id, object_category_id) + object_id = kw.get("object_id", None) + object_category_id = kw.get("object_category_id", None) + return self.admin_api.get_object_assignment_list(user_id, ie_id, object_id, object_category_id) @controller.protected() def del_object_assignment(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - object_id = kw["object_id"] - object_category_id = kw["object_category_id"] - object_scope_id = kw["object_scope_id"] - self.admin_api.del_object_assignment( - user_id, - ie_id, - object_id, - object_category_id, - object_scope_id) - - @controller.protected() - def get_action_assignments(self, context, **kw): - user_id = self._get_user_id_from_token(context.get('token_id')) - ie_id = kw.get("intra_extension_id", None) - action_id = kw["action_id"] - return self.admin_api.get_action_assignment_dict(user_id, ie_id, action_id) + object_id = kw.get("object_id", None) + object_category_id = kw.get("object_category_id", None) + object_scope_id = kw.get("object_scope_id", None) + self.admin_api.del_object_assignment(user_id, ie_id, object_id, object_category_id, object_scope_id) @controller.protected() def add_action_assignment(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - action_id = kw["action_id"] - action_category_id = kw["action_category_id"] - action_scope_id = kw["action_scope_id"] - return self.admin_api.add_action_assignment( - user_id, - ie_id, - action_id, - action_category_id, - action_scope_id) + action_id = kw.get("action_id", None) + action_category_id = kw.get("action_category_id", None) + action_scope_id = kw.get("action_scope_id", None) + return self.admin_api.add_action_assignment_list(user_id, ie_id, action_id, action_category_id, action_scope_id) @controller.protected() def get_action_assignment(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - action_id = kw["action_id"] - action_category_id = kw["action_category_id"] - return self.admin_api.get_action_assignment_dict(user_id, ie_id, action_id, action_category_id) + action_id = kw.get("action_id", None) + action_category_id = kw.get("action_category_id", None) + return self.admin_api.get_action_assignment_list(user_id, ie_id, action_id, action_category_id) @controller.protected() def del_action_assignment(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get("intra_extension_id", None) - action_id = kw["action_id"] - action_category_id = kw["action_category_id"] - action_scope_id = kw["action_scope_id"] - self.admin_api.del_action_assignment( - user_id, - ie_id, - action_id, - action_category_id, - action_scope_id) + action_id = kw.get("action_id", None) + action_category_id = kw.get("action_category_id", None) + action_scope_id = kw.get("action_scope_id", None) + self.admin_api.del_action_assignment(user_id, ie_id, action_id, action_category_id, action_scope_id) # Metarule functions @controller.protected() diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py index d5f08251..ee5e9e54 100644 --- a/keystone-moon/keystone/contrib/moon/core.py +++ b/keystone-moon/keystone/contrib/moon/core.py @@ -309,19 +309,19 @@ class IntraExtensionManager(manager.Manager): authz_buffer['action_id'] = action_id meta_data_dict = dict() meta_data_dict["subject_categories"] = self.driver.get_subject_categories_dict(intra_extension_id) - meta_data_dict["object_categories"] = self.driver.get_object_category_dict(intra_extension_id) - meta_data_dict["action_categories"] = self.driver.get_action_category_dict(intra_extension_id) + meta_data_dict["object_categories"] = self.driver.get_object_categories_dict(intra_extension_id) + meta_data_dict["action_categories"] = self.driver.get_action_categories_dict(intra_extension_id) subject_assignment_dict = dict() for category in meta_data_dict["subject_categories"]: subject_assignment_dict[category] = self.driver.get_subject_assignment_list( intra_extension_id, subject_id)[category] object_assignment_dict = dict() for category in meta_data_dict["object_categories"]: - object_assignment_dict[category] = self.driver.get_object_assignment_dict( + object_assignment_dict[category] = self.driver.get_object_assignment_list( intra_extension_id, object_id)[category] action_assignment_dict = dict() for category in meta_data_dict["action_categories"]: - action_assignment_dict[category] = self.driver.get_action_assignment_dict( + action_assignment_dict[category] = self.driver.get_action_assignment_list( intra_extension_id, action_id)[category] authz_buffer['subject_attributes'] = dict() authz_buffer['object_attributes'] = dict() @@ -528,9 +528,9 @@ class IntraExtensionManager(manager.Manager): ) # Note (dthom): object_category_assignment must be initialized because when there is no data in json # we will not go through the for loop - self.driver.set_object_assignment_dict(intra_extension_dict["id"]) + self.driver.set_object_assignment_list(intra_extension_dict["id"]) for object in object_assignments: - self.driver.set_object_assignment_dict(intra_extension_dict["id"], object, object_assignments[object]) + self.driver.set_object_assignment_list(intra_extension_dict["id"], object, object_assignments[object]) action_assignments = dict() for category_name, value in json_assignments["action_assignments"].iteritems(): @@ -549,9 +549,9 @@ class IntraExtensionManager(manager.Manager): ) # Note (dthom): action_category_assignment must be initialized because when there is no data in json # we will not go through the for loop - self.driver.set_action_assignment_dict(intra_extension_dict["id"]) + self.driver.set_action_assignment_list(intra_extension_dict["id"]) for action in action_assignments: - self.driver.set_action_assignment_dict(intra_extension_dict["id"], action, action_assignments[action]) + self.driver.set_action_assignment_list(intra_extension_dict["id"], action, action_assignments[action]) def __load_metarule_file(self, intra_extension_dict, policy_dir): @@ -746,13 +746,13 @@ class IntraExtensionManager(manager.Manager): :param intra_extension_id: :return: """ - return self.driver.get_object_category_dict(intra_extension_id) + return self.driver.get_object_categories_dict(intra_extension_id) @filter_args @enforce(("read", "write"), "object_categories") @enforce(("read", "write"), "object_scopes") def add_object_category(self, user_id, intra_extension_id, object_category_name): - object_category_dict = self.driver.get_object_category_dict(intra_extension_id) + object_category_dict = self.driver.get_object_categories_dict(intra_extension_id) for object_category_id in object_category_dict: if object_category_dict[object_category_id]["name"] is object_category_name: raise ObjectCategoryNameExisting() @@ -764,7 +764,7 @@ class IntraExtensionManager(manager.Manager): @filter_args @enforce("read", "object_categories") def get_object_category(self, user_id, intra_extension_id, object_category_id): - object_category_dict = self.driver.get_object_category_dict(intra_extension_id) + object_category_dict = self.driver.get_object_categories_dict(intra_extension_id) if object_category_id not in object_category_dict: raise ObjectCategoryUnknown() return object_category_dict[object_category_id] @@ -774,7 +774,7 @@ class IntraExtensionManager(manager.Manager): @enforce(("read", "write"), "object_scopes") @enforce(("read", "write"), "object_assignments") def del_object_category(self, user_id, intra_extension_id, object_category_id): - object_category_dict = self.driver.get_object_category_dict(intra_extension_id) + object_category_dict = self.driver.get_object_categories_dict(intra_extension_id) if object_category_id not in object_category_dict: raise ObjectCategoryUnknown() # TODO (dthom): destroy category in scope @@ -791,13 +791,13 @@ class IntraExtensionManager(manager.Manager): :param intra_extension_id: :return: """ - return self.driver.get_action_category_dict(intra_extension_id) + return self.driver.get_action_categories_dict(intra_extension_id) @filter_args @enforce(("read", "write"), "action_categories") @enforce(("read", "write"), "action_scopes") def add_action_category(self, user_id, intra_extension_id, action_category_name): - action_category_dict = self.driver.get_action_category_dict(intra_extension_id) + action_category_dict = self.driver.get_action_categories_dict(intra_extension_id) for action_category_id in action_category_dict: if action_category_dict[action_category_id]['name'] is action_category_name: raise ActionCategoryNameExisting() @@ -809,16 +809,16 @@ class IntraExtensionManager(manager.Manager): @filter_args @enforce("read", "action_categories") def get_action_category(self, user_id, intra_extension_id, action_category_id): - action_category_dict = self.driver.get_action_category_dict(intra_extension_id) + action_category_dict = self.driver.get_action_categories_dict(intra_extension_id) if action_category_id not in action_category_dict: raise ActionCategoryUnknown() - return self.driver.get_action_category_dict(intra_extension_id)[action_category_id] + return self.driver.get_action_categories_dict(intra_extension_id)[action_category_id] @filter_args @enforce(("read", "write"), "action_categories") @enforce(("read", "write"), "action_category_scopes") def del_action_category(self, user_id, intra_extension_id, action_category_id): - action_category_dict = self.driver.get_action_category_dict(intra_extension_id) + action_category_dict = self.driver.get_action_categories_dict(intra_extension_id) if action_category_id not in action_category_dict: raise ActionCategoryUnknown() # TODO (dthom): destroy category in scope @@ -875,12 +875,12 @@ class IntraExtensionManager(manager.Manager): @filter_args @enforce("read", "objects") def get_object_dict(self, user_id, intra_extension_id): - return self.driver.get_object_dict(intra_extension_id) + return self.driver.get_objects_dict(intra_extension_id) @filter_args @enforce(("read", "write"), "objects") def add_object(self, user_id, intra_extension_id, object_name): - object_dict = self.driver.get_object_dict(intra_extension_id) + object_dict = self.driver.get_objects_dict(intra_extension_id) for object_id in object_dict: if object_dict[object_id]["name"] is object_name: raise ObjectNameExisting() @@ -890,7 +890,7 @@ class IntraExtensionManager(manager.Manager): @filter_args @enforce("read", "objects") def get_object(self, user_id, intra_extension_id, object_id): - object_dict = self.driver.get_object_dict(intra_extension_id) + object_dict = self.driver.get_objects_dict(intra_extension_id) if object_id in object_dict: raise ObjectUnknown() return object_dict[object_id] @@ -898,7 +898,7 @@ class IntraExtensionManager(manager.Manager): @filter_args @enforce(("read", "write"), "objects") def del_object(self, user_id, intra_extension_id, object_id): - if object_id in self.driver.get_object_dict(intra_extension_id): + if object_id in self.driver.get_objects_dict(intra_extension_id): raise ObjectUnknown() # TODO (dthom): destroy item-related assignment return self.driver.del_object(intra_extension_id, object_id) @@ -906,12 +906,12 @@ class IntraExtensionManager(manager.Manager): @filter_args @enforce("read", "actions") def get_action_dict(self, user_id, intra_extension_id): - return self.driver.get_action_dict(intra_extension_id) + return self.driver.get_actions_dict(intra_extension_id) @filter_args @enforce(("read", "write"), "actions") def add_action(self, user_id, intra_extension_id, action_name): - action_dict = self.driver.get_action_dict(intra_extension_id) + action_dict = self.driver.get_actions_dict(intra_extension_id) for action_id in action_dict: if action_dict[action_id]["name"] is action_name: raise ActionNameExisting() @@ -921,7 +921,7 @@ class IntraExtensionManager(manager.Manager): @filter_args @enforce("read", "actions") def get_action(self, user_id, intra_extension_id, action_id): - action_dict = self.driver.get_action_dict(intra_extension_id) + action_dict = self.driver.get_actions_dict(intra_extension_id) if action_id in action_dict: raise ActionUnknown() return action_dict[action_id] @@ -929,7 +929,7 @@ class IntraExtensionManager(manager.Manager): @filter_args @enforce(("read", "write"), "actions") def del_action(self, user_id, intra_extension_id, action_id): - if action_id in self.driver.get_action_dict(intra_extension_id): + if action_id in self.driver.get_actions_dict(intra_extension_id): raise ActionUnknown() # TODO (dthom): destroy item-related assignment return self.driver.del_action(intra_extension_id, action_id) @@ -1009,17 +1009,17 @@ class IntraExtensionManager(manager.Manager): @enforce("read", "object_category_scopes") @enforce("read", "object_categories") def get_object_scope_dict(self, user_id, intra_extension_id, object_category_id): - if object_category_id not in self.driver.get_object_category_dict(intra_extension_id): + if object_category_id not in self.driver.get_object_categories_dict(intra_extension_id): raise ObjectCategoryUnknown() - return self.driver.get_object_scope_dict(intra_extension_id, object_category_id) + return self.driver.get_object_scopes_dict(intra_extension_id, object_category_id) @filter_args @enforce(("read", "write"), "object_scopes") @enforce("read", "object_categories") def add_object_scope(self, user_id, intra_extension_id, object_category_id, object_scope_name): - if object_category_id not in self.driver.get_object_category_dict(intra_extension_id): + if object_category_id not in self.driver.get_object_categories_dict(intra_extension_id): raise ObjectCategoryUnknown() - object_scope_dict = self.driver.get_object_scope_dict(intra_extension_id, object_category_id) + object_scope_dict = self.driver.get_object_scopes_dict(intra_extension_id, object_category_id) for _object_scope_id in object_scope_dict: if object_scope_name is object_scope_dict[_object_scope_id]['name']: raise ObjectScopeNameExisting() @@ -1034,9 +1034,9 @@ class IntraExtensionManager(manager.Manager): @enforce("read", "object_scopes") @enforce("read", "object_categories") def get_object_scope(self, user_id, intra_extension_id, object_category_id, object_scope_id): - if object_category_id not in self.driver.get_object_category_dict(intra_extension_id): + if object_category_id not in self.driver.get_object_categories_dict(intra_extension_id): raise ObjectCategoryUnknown() - object_scopte_dict = self.driver.get_object_scope_dict(intra_extension_id, object_category_id) + object_scopte_dict = self.driver.get_object_scopes_dict(intra_extension_id, object_category_id) if object_scope_id not in object_scopte_dict: raise ObjectScopeUnknown() return object_scopte_dict[object_scope_id] @@ -1045,9 +1045,9 @@ class IntraExtensionManager(manager.Manager): @enforce(("read", "write"), "object_scopes") @enforce("read", "object_categories") def del_object_scope(self, user_id, intra_extension_id, object_category_id, object_scope_id): - if object_category_id not in self.driver.get_object_category_dict(intra_extension_id): + if object_category_id not in self.driver.get_object_categories_dict(intra_extension_id): raise ObjectCategoryUnknown() - if object_scope_id not in self.driver.get_object_scope_dict(intra_extension_id, object_category_id): + if object_scope_id not in self.driver.get_object_scopes_dict(intra_extension_id, object_category_id): raise ObjectScopeUnknown() # TODO (dthom): destroy scope-related assignment # TODO (dthom): destroy scope-related rule @@ -1057,17 +1057,17 @@ class IntraExtensionManager(manager.Manager): @enforce("read", "action_category_scopes") @enforce("read", "action_categories") def get_action_scope_dict(self, user_id, intra_extension_id, action_category_id): - if action_category_id not in self.driver.get_object_category_dict(intra_extension_id): + if action_category_id not in self.driver.get_object_categories_dict(intra_extension_id): raise ActionCategoryUnknown() - return self.driver.get_action_scope_dict(intra_extension_id, action_category_id) + return self.driver.get_action_scopes_dict(intra_extension_id, action_category_id) @filter_args @enforce(("read", "write"), "action_scopes") @enforce("read", "action_categories") def add_action_scope(self, user_id, intra_extension_id, action_category_id, action_scope_name): - if action_category_id not in self.driver.get_action_category_dict(intra_extension_id): + if action_category_id not in self.driver.get_action_categories_dict(intra_extension_id): raise ActionCategoryUnknown() - action_scope_dict = self.driver.get_action_scope_dict(intra_extension_id, action_category_id) + action_scope_dict = self.driver.get_action_scopes_dict(intra_extension_id, action_category_id) for _action_scope_id in action_scope_dict: if action_scope_name is action_scope_dict[_action_scope_id]['name']: raise ActionScopeNameExisting() @@ -1082,9 +1082,9 @@ class IntraExtensionManager(manager.Manager): @enforce("read", "action_scopes") @enforce("read", "action_categories") def get_action_scope(self, user_id, intra_extension_id, action_category_id, action_scope_id): - if action_category_id not in self.driver.get_action_category_dict(intra_extension_id): + if action_category_id not in self.driver.get_action_categories_dict(intra_extension_id): raise ActionCategoryUnknown() - action_scopte_dict = self.driver.get_action_scope_dict(intra_extension_id, action_category_id) + action_scopte_dict = self.driver.get_action_scopes_dict(intra_extension_id, action_category_id) if action_scope_id not in action_scopte_dict: raise ActionScopeUnknown() return action_scopte_dict[action_scope_id] @@ -1093,9 +1093,9 @@ class IntraExtensionManager(manager.Manager): @enforce(("read", "write"), "action_scopes") @enforce("read", "action_categories") def del_action_scope(self, user_id, intra_extension_id, action_category_id, action_scope_id): - if action_category_id not in self.driver.get_action_category_dict(intra_extension_id): + if action_category_id not in self.driver.get_action_categories_dict(intra_extension_id): raise ActionCategoryUnknown() - if action_scope_id not in self.driver.get_action_scope_dict(intra_extension_id, action_category_id): + if action_scope_id not in self.driver.get_action_scopes_dict(intra_extension_id, action_category_id): raise ActionScopeUnknown() # TODO (dthom): destroy scope-related assignment # TODO (dthom): destroy scope-related rule @@ -1152,33 +1152,33 @@ class IntraExtensionManager(manager.Manager): def get_object_assignment_dict(self, user_id, intra_extension_id, object_id): if object_id not in self.get_object_dict(user_id, intra_extension_id): raise ObjectUnknown() - return self.driver.get_object_assignment_dict(intra_extension_id, object_id) + return self.driver.get_object_assignment_list(intra_extension_id, object_id) @filter_args @enforce(("read", "write"), "object_assignments") @enforce("read", "objects") @enforce("read", "object_categories") def add_object_assignment(self, user_id, intra_extension_id, object_id, object_category_id, object_scope_id): - if object_id not in self.driver.get_object_dict(intra_extension_id): + if object_id not in self.driver.get_objects_dict(intra_extension_id): raise ObjectUnknown() - elif object_category_id not in self.driver.get_object_category_dict(intra_extension_id): + elif object_category_id not in self.driver.get_object_categories_dict(intra_extension_id): raise ObjectCategoryUnknown() - elif object_scope_id not in self.driver.get_object_scope_dict(intra_extension_id, object_category_id): + elif object_scope_id not in self.driver.get_object_scopes_dict(intra_extension_id, object_category_id): raise ObjectScopeUnknown() - elif object_scope_id in self.driver.get_object_assignment_dict(intra_extension_id, object_id)[object_category_id]: + elif object_scope_id in self.driver.get_object_assignment_list(intra_extension_id, object_id)[object_category_id]: raise ObjectAssignmentExisting() - return self.driver.add_object_assignment(intra_extension_id, object_id, object_category_id, object_scope_id) + return self.driver.add_object_assignment_list(intra_extension_id, object_id, object_category_id, object_scope_id) @filter_args @enforce("read", "object_assignments") @enforce("read", "objects") @enforce("read", "object_categories") def get_object_assignment(self, user_id, intra_extension_id, object_id, object_category_id): - if object_id not in self.driver.get_object_dict(user_id, intra_extension_id): + if object_id not in self.driver.get_objects_dict(user_id, intra_extension_id): raise ObjectUnknown() - elif object_category_id not in self.driver.get_object_category_dict(intra_extension_id): + elif object_category_id not in self.driver.get_object_categories_dict(intra_extension_id): raise ObjectCategoryUnknown() - return self.driver.get_object_assignment_dict(intra_extension_id, object_id)[object_category_id] + return self.driver.get_object_assignment_list(intra_extension_id, object_id)[object_category_id] @filter_args @enforce(("read", "write"), "object_assignments") @@ -1186,11 +1186,11 @@ class IntraExtensionManager(manager.Manager): @enforce("read", "object_categories") @enforce("read", "object_scopes") def del_object_assignment(self, user_id, intra_extension_id, object_id, object_category_id, object_scope_id): - if object_id not in self.driver.get_object_dict(intra_extension_id): + if object_id not in self.driver.get_objects_dict(intra_extension_id): raise ObjectUnknown() - elif object_category_id not in self.driver.get_object_category_dict(intra_extension_id): + elif object_category_id not in self.driver.get_object_categories_dict(intra_extension_id): raise ObjectCategoryUnknown() - elif object_scope_id not in self.driver.get_object_scope_dict(intra_extension_id, object_category_id): + elif object_scope_id not in self.driver.get_object_scopes_dict(intra_extension_id, object_category_id): raise ObjectScopeUnknown() elif object_scope_id not in self.driver.get_subject_assignment_list(intra_extension_id, object_id)[object_category_id]: raise ObjectAssignmentUnknown() @@ -1202,33 +1202,33 @@ class IntraExtensionManager(manager.Manager): def get_action_assignment_dict(self, user_id, intra_extension_id, action_id): if action_id not in self.get_action_dict(user_id, intra_extension_id): raise ActionUnknown() - return self.driver.get_action_assignment_dict(intra_extension_id, action_id) + return self.driver.get_action_assignment_list(intra_extension_id, action_id) @filter_args @enforce(("read", "write"), "action_assignments") @enforce("read", "actions") @enforce("read", "action_categories") def add_action_assignment(self, user_id, intra_extension_id, action_id, action_category_id, action_scope_id): - if action_id not in self.driver.get_action_dict(intra_extension_id): + if action_id not in self.driver.get_actions_dict(intra_extension_id): raise ActionUnknown() - elif action_category_id not in self.driver.get_action_category_dict(intra_extension_id): + elif action_category_id not in self.driver.get_action_categories_dict(intra_extension_id): raise ActionCategoryUnknown() - elif action_scope_id not in self.driver.get_action_scope_dict(intra_extension_id, action_category_id): + elif action_scope_id not in self.driver.get_action_scopes_dict(intra_extension_id, action_category_id): raise ActionScopeUnknown() - elif action_scope_id in self.driver.get_action_assignment_dict(intra_extension_id, action_id)[action_category_id]: + elif action_scope_id in self.driver.get_action_assignment_list(intra_extension_id, action_id)[action_category_id]: raise ObjectAssignmentExisting() - return self.driver.add_action_assignment(intra_extension_id, action_id, action_category_id, action_scope_id) + return self.driver.add_action_assignment_list(intra_extension_id, action_id, action_category_id, action_scope_id) @filter_args @enforce("read", "action_assignments") @enforce("read", "actions") @enforce("read", "action_categories") def get_action_assignment(self, user_id, intra_extension_id, action_id, action_category_id): - if action_id not in self.driver.get_action_dict(user_id, intra_extension_id): + if action_id not in self.driver.get_actions_dict(user_id, intra_extension_id): raise ActionUnknown() - elif action_category_id not in self.driver.get_action_category_dict(intra_extension_id): + elif action_category_id not in self.driver.get_action_categories_dict(intra_extension_id): raise ActionCategoryUnknown() - return self.driver.get_action_assignment_dict(intra_extension_id, action_id)[action_category_id] + return self.driver.get_action_assignment_list(intra_extension_id, action_id)[action_category_id] @filter_args @enforce(("read", "write"), "action_assignments") @@ -1236,13 +1236,13 @@ class IntraExtensionManager(manager.Manager): @enforce("read", "action_categories") @enforce("read", "action_scopes") def del_action_assignment(self, user_id, intra_extension_id, action_id, action_category_id, action_scope_id): - if action_id not in self.driver.get_action_dict(intra_extension_id): + if action_id not in self.driver.get_actions_dict(intra_extension_id): raise ActionUnknown() - elif action_category_id not in self.driver.get_action_category_dict(intra_extension_id): + elif action_category_id not in self.driver.get_action_categories_dict(intra_extension_id): raise ActionCategoryUnknown() - elif action_scope_id not in self.driver.get_action_scope_dict(intra_extension_id, action_category_id): + elif action_scope_id not in self.driver.get_action_scopes_dict(intra_extension_id, action_category_id): raise ActionScopeUnknown() - elif action_scope_id not in self.driver.get_action_assignment_dict(intra_extension_id, action_id)[action_category_id]: + elif action_scope_id not in self.driver.get_action_assignment_list(intra_extension_id, action_id)[action_category_id]: raise ActionAssignmentUnknown() return self.driver.del_action_assignment(intra_extension_id, action_id, action_category_id, action_scope_id) @@ -1421,14 +1421,14 @@ class IntraExtensionAuthzManager(IntraExtensionManager): subject_id = _subject_id if not subject_id: raise SubjectUnknown() - objects_dict = self.driver.get_object_dict(intra_extension_id) + objects_dict = self.driver.get_objects_dict(intra_extension_id) object_id = None for _object_id in objects_dict: if objects_dict[_object_id]['name'] is object_name: object_id = _object_id if not object_id: raise ObjectUnknown() - actions_dict = self.driver.get_action_dict(intra_extension_id) + actions_dict = self.driver.get_actions_dict(intra_extension_id) action_id = None for _action_id in actions_dict: if actions_dict[_action_id] is action_name: @@ -1708,12 +1708,12 @@ class IntraExtensionDriver(object): (uuid and uuid not in data_values.keys()): raise SubjectUnknown() elif data_name == self.OBJECT: - data_values = self.get_object_dict(intra_extension_uuid)["objects"] + data_values = self.get_objects_dict(intra_extension_uuid)["objects"] if (name and name not in extract_name(data_values)) or \ (uuid and uuid not in data_values.keys()): raise ObjectUnknown() elif data_name == self.ACTION: - data_values = self.get_action_dict(intra_extension_uuid)["actions"] + data_values = self.get_actions_dict(intra_extension_uuid)["actions"] if (name and name not in extract_name(data_values)) or \ (uuid and uuid not in data_values.keys()): raise ActionUnknown() @@ -1723,12 +1723,12 @@ class IntraExtensionDriver(object): (uuid and uuid not in data_values.keys()): raise SubjectCategoryUnknown() elif data_name == self.OBJECT_CATEGORY: - data_values = self.get_object_category_dict(intra_extension_uuid)["object_categories"] + data_values = self.get_object_categories_dict(intra_extension_uuid)["object_categories"] if (name and name not in extract_name(data_values)) or \ (uuid and uuid not in data_values.keys()): raise ObjectCategoryUnknown() elif data_name == self.ACTION_CATEGORY: - data_values = self.get_action_category_dict(intra_extension_uuid)["action_categories"] + data_values = self.get_action_categories_dict(intra_extension_uuid)["action_categories"] if (name and name not in extract_name(data_values)) or \ (uuid and uuid not in data_values.keys()): raise ActionCategoryUnknown() @@ -1743,7 +1743,7 @@ class IntraExtensionDriver(object): elif data_name == self.OBJECT_SCOPE: if not category_uuid: category_uuid = self.get_uuid_from_name(intra_extension_uuid, category_name, self.OBJECT_CATEGORY) - data_values = self.get_object_scope_dict(intra_extension_uuid, + data_values = self.get_object_scopes_dict(intra_extension_uuid, category_uuid)["object_category_scope"] if (name and name not in extract_name(data_values)) or \ (uuid and uuid not in data_values.keys()): @@ -1751,7 +1751,7 @@ class IntraExtensionDriver(object): elif data_name == self.ACTION_SCOPE: if not category_uuid: category_uuid = self.get_uuid_from_name(intra_extension_uuid, category_name, self.ACTION_CATEGORY) - data_values = self.get_action_scope_dict(intra_extension_uuid, + data_values = self.get_action_scopes_dict(intra_extension_uuid, category_uuid)["action_category_scope"] if (name and name not in extract_name(data_values)) or \ (uuid and uuid not in data_values.keys()): @@ -1806,7 +1806,7 @@ class IntraExtensionDriver(object): def del_subject_category(self, intra_extension_id, subject_category_id): raise exception.NotImplemented() # pragma: no cover - def get_object_category_dict(self, intra_extension_id): + def get_object_categories_dict(self, intra_extension_id): """Get a list of all object categories :param intra_extension_id: IntraExtension UUID @@ -1815,94 +1815,24 @@ class IntraExtensionDriver(object): """ raise exception.NotImplemented() # pragma: no cover - def set_object_category_dict(self, intra_extension_id, object_category_dict): - """Set the list of all object categories - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param object_category_dict: dict of object categories {"uuid1": "name1", "uuid2": "name2"} - :type object_category_dict: dict - :return: a dictionary containing all object categories {"uuid1": "name1", "uuid2": "name2"} - """ - raise exception.NotImplemented() # pragma: no cover - - def add_object_category(self, intra_extension_id, object_category_id, object_category_name): - """Add a object category - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param object_category_id: the UUID of the object category - :type object_category_id: string - :param object_category_name: the name of the object category - :type object_category_name: string - :return: a dictionnary with the object catgory added {"uuid1": "name1"} - """ + def set_object_category_dict(self, intra_extension_id, object_category_id, object_category_dict): raise exception.NotImplemented() # pragma: no cover def del_object_category(self, intra_extension_id, object_category_id): - """Remove one object category - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param object_category_id: the UUID of object category to remove - :type object_category_id: string - :return: a dictionary containing all object categories {"uuid1": "name1", "uuid2": "name2"} - """ - raise exception.NotImplemented() # pragma: no cover - - def get_action_category_dict(self, intra_extension_id): - """Get a list of all action categories - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :return: a dictionary containing all action categories {"uuid1": "name1", "uuid2": "name2"} - """ raise exception.NotImplemented() # pragma: no cover - def set_action_category_dict(self, intra_extension_id, action_category_dict): - """Set the list of all action categories - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param action_category_dict: dict of action categories {"uuid1": "name1", "uuid2": "name2"} - :type action_category_dict: dict - :return: a dictionary containing all action categories {"uuid1": "name1", "uuid2": "name2"} - """ + def get_action_categories_dict(self, intra_extension_id): raise exception.NotImplemented() # pragma: no cover - def add_action_category(self, intra_extension_id, action_category_id, action_category_name): - """Add a action category - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param action_category_id: the UUID of the action category - :type action_category_id: string - :param action_category_name: the name of the action category - :type action_category_name: string - :return: a dictionnary with the action catgory added {"uuid1": "name1"} - """ + def set_action_category_dict(self, intra_extension_id, action_category_id, action_category_dict): raise exception.NotImplemented() # pragma: no cover def del_action_category(self, intra_extension_id, action_category_id): - """Remove one action category - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param action_category_id: the UUID of action category to remove - :type action_category_id: string - :return: a dictionary containing all action categories {"uuid1": "name1", "uuid2": "name2"} - """ raise exception.NotImplemented() # pragma: no cover # Perimeter functions def get_subjects_dict(self, intra_extension_id): - """Get the list of subject for that IntraExtension - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :return: a dictionary containing all subjects for that IntraExtension, eg. {"uuid1": "name1", "uuid2": "name2"} - """ raise exception.NotImplemented() # pragma: no cover def set_subject_dict(self, intra_extension_id, subject_id, subject_dict): @@ -1911,25 +1841,19 @@ class IntraExtensionDriver(object): def del_subject(self, intra_extension_id, subject_id): raise exception.NotImplemented() # pragma: no cover - def get_object_dict(self, intra_extension_id): - raise exception.NotImplemented() # pragma: no cover - - def set_object_dict(self, intra_extension_id, object_dict): + def get_objects_dict(self, intra_extension_id): raise exception.NotImplemented() # pragma: no cover - def add_object(self, intra_extension_id, object_id, object_name): + def set_object_dict(self, intra_extension_id, object_id, object_dict): raise exception.NotImplemented() # pragma: no cover def del_object(self, intra_extension_id, object_id): raise exception.NotImplemented() # pragma: no cover - def get_action_dict(self, intra_extension_id): + def get_actions_dict(self, intra_extension_id): raise exception.NotImplemented() # pragma: no cover - def set_action_dict(self, intra_extension_id, action_dict): - raise exception.NotImplemented() # pragma: no cover - - def add_action(self, intra_extension_id, action_id, action_name): + def set_action_dict(self, intra_extension_id, action_id, action_dict): raise exception.NotImplemented() # pragma: no cover def del_action(self, intra_extension_id, action_id): @@ -1946,104 +1870,22 @@ class IntraExtensionDriver(object): def del_subject_scope(self, intra_extension_id, subject_category_id, subject_scope_id): raise exception.NotImplemented() # pragma: no cover - def get_object_scope_dict(self, intra_extension_id, object_category_id): - """Get a list of all object category scope - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param object_category_id: the category UUID where the scope values are - :type object_category_id: string - :return: a dictionary containing all object category scope {"category1": {"scope_uuid1": "scope_name1}} - """ - raise exception.NotImplemented() # pragma: no cover - - def set_object_scope_dict(self, intra_extension_id, object_category_id, object_scope_dict): - """Set the list of all scope for that object category - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param object_category_id: the UUID of the object category where this scope will be set - :type object_category_id: string - :return: a dictionary containing all scope {"scope_uuid1": "scope_name1, "scope_uuid2": "scope_name2} - """ + def get_object_scopes_dict(self, intra_extension_id, object_category_id): raise exception.NotImplemented() # pragma: no cover - def add_object_scope(self, intra_extension_id, object_category_id, object_scope_id, object_scope_name): - """Add a object category - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param object_category_id: the object category UUID where the scope will be added - :type object_category_id: string - :param object_scope_id: the UUID of the object category - :type object_scope_id: string - :param object_scope_name: the name of the object category - :type object_scope_name: string - :return: a dictionary containing the object category scope added {"category1": {"scope_uuid1": "scope_name1}} - """ + def set_object_scope_dict(self, intra_extension_id, object_category_id, object_scope_id, object_scope_dict): raise exception.NotImplemented() # pragma: no cover def del_object_scope(self, intra_extension_id, object_category_id, object_scope_id): - """Remove one scope belonging to a object category - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param object_category_id: the UUID of object categorywhere we can find the scope to remove - :type object_category_id: string - :param object_scope_id: the UUID of the scope to remove - :type object_scope_id: string - :return: None - """ - raise exception.NotImplemented() # pragma: no cover - - def get_action_scope_dict(self, intra_extension_id, action_category_id): - """Get a list of all action category scope - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param action_category_id: the category UUID where the scope values are - :type action_category_id: string - :return: a dictionary containing all action category scope {"category1": {"scope_uuid1": "scope_name1}} - """ raise exception.NotImplemented() # pragma: no cover - def set_action_scope_dict(self, intra_extension_id, action_category_id, action_scope_id): - """Set the list of all scope for that action category - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param action_category_id: the UUID of the action category where this scope will be set - :type action_category_id: string - :return: a dictionary containing all scope {"scope_uuid1": "scope_name1, "scope_uuid2": "scope_name2} - """ + def get_action_scopes_dict(self, intra_extension_id, action_category_id): raise exception.NotImplemented() # pragma: no cover - def add_action_scope(self, intra_extension_id, action_category_id, action_scope_id, action_scope_name): - """Add a action category - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param action_category_id: the action category UUID where the scope will be added - :type action_category_id: string - :param action_scope_id: the UUID of the action category - :type action_scope_id: string - :param action_scope_name: the name of the action category - :type action_scope_name: string - :return: a dictionary containing the action category scope added {"category1": {"scope_uuid1": "scope_name1}} - """ + def set_action_scope_dict(self, intra_extension_id, action_category_id, action_scope_id, action_scope_dict): raise exception.NotImplemented() # pragma: no cover def del_action_scope(self, intra_extension_id, action_category_id, action_scope_id): - """Remove one scope belonging to a action category - - :param intra_extension_id: IntraExtension UUID - :type intra_extension_id: string - :param action_category_id: the UUID of action categorywhere we can find the scope to remove - :type action_category_id: string - :param action_scope_id: the UUID of the scope to remove - :type action_scope_id: string - :return: None - """ raise exception.NotImplemented() # pragma: no cover # Assignment functions @@ -2060,25 +1902,25 @@ class IntraExtensionDriver(object): def del_subject_assignment(self, intra_extension_id, subject_id, subject_category_id, subject_scope_id): raise exception.NotImplemented() # pragma: no cover - def get_object_assignment_dict(self, intra_extension_id, object_id): + def get_object_assignment_list(self, intra_extension_id, object_id, object_category_id): raise exception.NotImplemented() # pragma: no cover - def set_object_assignment_dict(self, intra_extension_id, object_id, object_assignment_dict): + def set_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_assignment_list): raise exception.NotImplemented() # pragma: no cover - def add_object_assignment(self, intra_extension_id, object_id, object_category_id, object_scope_id): + def add_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_scope_id): raise exception.NotImplemented() # pragma: no cover def del_object_assignment(self, intra_extension_id, object_id, object_category_id, object_scope_id): raise exception.NotImplemented() # pragma: no cover - def get_action_assignment_dict(self, intra_extension_id, action_id): + def get_action_assignment_list(self, intra_extension_id, action_id, action_category_id): raise exception.NotImplemented() # pragma: no cover - def set_action_assignment_dict(self, intra_extension_id, action_id, action_assignment_dict): + def set_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_assignment_list): raise exception.NotImplemented() # pragma: no cover - def add_action_assignment(self, intra_extension_id, action_id, action_category_id, action_scope_id): + def add_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_scope_id): raise exception.NotImplemented() # pragma: no cover def del_action_assignment(self, intra_extension_id, action_id, action_category_id, action_scope_id): @@ -2109,7 +1951,7 @@ class IntraExtensionDriver(object): def set_rule_dict(self, intra_extension_id, sub_meta_rule_id, rule_id, rule_list): raise exception.NotImplemented() # pragma: no cover - def del_rule_dict(self, intra_extension_id, sub_meta_rule_id, rule_id): + def del_rule(self, intra_extension_id, sub_meta_rule_id, rule_id): raise exception.NotImplemented() # pragma: no cover class LogDriver(object): |