summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--keystone-moon/doc/source/extensions/moon/moon_api.rst964
-rw-r--r--keystone-moon/keystone/common/config.py27
-rw-r--r--keystone-moon/keystone/contrib/moon/core.py106
-rw-r--r--keystone-moon/keystone/contrib/moon/routers.py816
-rw-r--r--keystone-moon/keystone/contrib/moon/service.py57
-rw-r--r--keystone-moon/keystone/contrib/moon/wsgi.py8
-rw-r--r--keystone-moon/setup.cfg3
-rw-r--r--keystonemiddleware-moon/keystonemiddleware/moon_agent.py16
-rw-r--r--keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py11
-rw-r--r--moonclient/moonclient/action_assignments.py10
-rw-r--r--moonclient/moonclient/action_categories.py6
-rw-r--r--moonclient/moonclient/action_scopes.py6
-rw-r--r--moonclient/moonclient/actions.py6
-rw-r--r--moonclient/moonclient/configuration.py6
-rw-r--r--moonclient/moonclient/intraextension.py12
-rw-r--r--moonclient/moonclient/logs.py4
-rw-r--r--moonclient/moonclient/metarules.py18
-rw-r--r--moonclient/moonclient/object_assignments.py10
-rw-r--r--moonclient/moonclient/object_categories.py6
-rw-r--r--moonclient/moonclient/object_scopes.py6
-rw-r--r--moonclient/moonclient/objects.py6
-rw-r--r--moonclient/moonclient/rules.py28
-rw-r--r--moonclient/moonclient/shell.py13
-rw-r--r--moonclient/moonclient/subject_assignments.py10
-rw-r--r--moonclient/moonclient/subject_categories.py6
-rw-r--r--moonclient/moonclient/subject_scopes.py6
-rw-r--r--moonclient/moonclient/subjects.py6
-rw-r--r--moonclient/moonclient/tenants.py10
-rw-r--r--moonclient/moonclient/tests.py12
29 files changed, 1230 insertions, 965 deletions
diff --git a/keystone-moon/doc/source/extensions/moon/moon_api.rst b/keystone-moon/doc/source/extensions/moon/moon_api.rst
index 1f7ad10b..f2546d4d 100644
--- a/keystone-moon/doc/source/extensions/moon/moon_api.rst
+++ b/keystone-moon/doc/source/extensions/moon/moon_api.rst
@@ -3,626 +3,842 @@ Moon API
Here are Moon API with some examples of posted data and returned data.
-Intra-Extension API
--------------------
+All requests must be prefexied by /v3/OS-MOON.
Authz
-~~~~~
+-----
-* ``GET /OS-MOON/authz/{tenant_id}/{subject_id}/{object_id}/{action_id}``
+**GET /authz/{tenant_id}/{subject_k_id}/{object_name}/{action_name}**
+ Authorization API.
.. code-block:: json
return = {
- "authz": "OK/KO/OutOfScope",
- "tenant_id": "tenant_id",
- "subject_id": "subject_id",
- "object_id": "object_id",
- "action_id": "action_id"
- }
+ "authz": "True or False"
+ }
-Intra_Extension
-~~~~~~~~~~~~~~~
-* ``GET /OS-MOON/authz_policies``
+Intra-Extension API
+-------------------
+
+Configuration
+~~~~~~~~~~~~~
+
+**GET /configuration/templates**
+
+ List all policy templates.
.. code-block:: json
return = {
- "authz_policies": ["policy_name1", "policy_name2"]
- }
+ "template_id": {
+ "name": "name of the template",
+ "description": "description of the template",
+ }
+ }
+
-* ``GET /OS-MOON/intra_extensions``
+**GET /configuration/aggregation_algorithms**
+
+ List all aggregation algorithms.
.. code-block:: json
return = {
- "intra_extensions": ["ie_uuid1", "ie_uuid2"]
- }
+ "algorithm_id": {
+ "name": "name of the algorithm",
+ "description": "description of the algorithm",
+ }
+ }
+
+
+**GET /configuration/sub_meta_rule_algorithms**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}``
+ List all sub meta rule algorithms.
.. code-block:: json
return = {
- "intra_extensions": {
- "id": "uuid1",
- "description": "",
- "tenant": "tenant_uuid",
- "model": "",
- "genre": "",
- "authz": {},
- "admin": {}
- }
- }
+ "algorithm_id": {
+ "name": "name of the algorithm",
+ "description": "description of the algorithm",
+ }
+ }
-* ``POST /OS-MOON/intra_extensions``
+
+Tenants
+~~~~~~~
+
+**GET /tenants**
+
+ List all tenants.
.. code-block:: json
- post = {
- "name" : "",
- "policymodel": "",
- "description": ""
- }
return = {
- "id": "uuid1",
- "description": "",
- "tenant": "tenant_uuid",
- "model": "",
- "genre": "",
- "authz": {},
- "admin": {}
- }
+ "tenant_id": {
+ "name": "name of the tenant",
+ "description": "description of the tenant",
+ "intra_authz_extension_id": "id of the intra extension authz",
+ "intra_admin_extension_id": "id of the intra extension authz"
+ }
+ }
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}``
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/tenant``
+**POST /tenants**
+
+ Add a tenant.
.. code-block:: json
+ post = {
+ "tenant_name": "name of the tenant",
+ "tenant_description": "description of the tenant",
+ "tenant_intra_authz_extension_id": "id of the intra extension authz",
+ "tenant_intra_admin_extension_id": "id of the intra extension admin"
+ }
return = {
- "tenant": "tenant_id"
- }
+ "tenant_id": {
+ "name": "name of the tenant",
+ "description": "description of the tenant",
+ "intra_authz_extension_id": "id of the intra extension authz",
+ "intra_admin_extension_id": "id of the intra extension authz"
+ }
+ }
+
+
+**POST /tenants/{tenant_id}**
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/tenant``
+ Show information of one tenant.
.. code-block:: json
- post = {
- "tenant_id": "tenant_id"
- }
return = {
- "tenant": "tenant_id"
- }
+ "tenant_id": {
+ "name": "name of the tenant",
+ "description": "description of the tenant",
+ "intra_authz_extension_id": "id of the intra extension authz",
+ "intra_admin_extension_id": "id of the intra extension authz"
+ }
+ }
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/tenant/{tenant_id}``
-Perimeter
-~~~~~~~~~
+**POST /tenants/{tenant_id}**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subjects``
+ Modify a tenant.
.. code-block:: json
+ post = {
+ "tenant_name": "name of the tenant",
+ "tenant_description": "description of the tenant",
+ "tenant_intra_authz_extension_id": "id of the intra extension authz",
+ "tenant_intra_admin_extension_id": "id of the intra extension admin"
+ }
return = {
- "subjects": ["sub_uuid1", "sub_uuid2"]
- }
+ "tenant_id": {
+ "name": "name of the tenant",
+ "description": "description of the tenant",
+ "intra_authz_extension_id": "id of the intra extension authz",
+ "intra_admin_extension_id": "id of the intra extension authz"
+ }
+ }
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subjects``
+
+**DELETE /tenants/{tenant_id}**
+
+ Delete a tenant.
.. code-block:: json
- post = {
- "subject_id" : ""
- }
- return = {
- "subjects": ["sub_uuid1", "sub_uuid2"]
- }
+ return = {}
+
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject/{subject_id}``
+Intra-Extension
+~~~~~~~~~~~~~~~
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/objects``
+**GET /intra_extensions/init**
+
+ Initialize the root Intra_Extension (if needed).
.. code-block:: json
- return = {
- "objects": ["obj_uuid1", "obj_uuid2"]
- }
+ return = {}
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/objects``
+
+**GET /intra_extensions**
+
+ List all Intra_Extensions.
.. code-block:: json
- post = {
- "object_id" : ""
- }
return = {
- "objects": ["obj_uuid1", "obj_uuid2"]
- }
+ "intra_extension_id": {
+ "name": "name of the intra extension",
+ "model": "model of the intra extension"
+ }
+ }
+
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object/{object_id}``
+**POST /intra_extensions**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/actions``
+ Create a new Intra_Extension.
.. code-block:: json
- return = {
- "actions": ["act_uuid1", "act_uuid2"]
- }
+ post = {
+ "intra_extension_name": "name of the intra extension",
+ "intra_extension_model": "model of the intra extension (taken from /configuration/templates)",
+ "intra_extension_description": "description of the intra extension",
+
+ }
+ return = {}
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/actions``
+
+**GET /intra_extensions/{intra_extension_id}/**
+
+ Show details about one Intra_Extension.
.. code-block:: json
- post = {
- "action_id" : ""
- }
return = {
- "actions": ["act_uuid1", "act_uuid2"]
- }
+ "id": "intra_extension_id",
+ "name": "name of the intra extension",
+ "model": "model of the intra extension",
+ "genre": "genre of the intra extension",
+ "description": "model of the intra extension"
+ }
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/actions/{action_id}``
-Assignment
-~~~~~~~~~~
+**DELETE /intra_extensions/{intra_extension_id}/**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subject_assignments``
+ Delete an Intra_Extension.
.. code-block:: json
- return = {
- "subject_assignments": {
- "subject_security_level":{
- "user1": ["low"],
- "user2": ["medium"],
- "user3": ["high"]
- }
- }
+ return = {}
+
+
+Intra-Extension Subjects
+~~~~~~~~~~~~~~~~~~~~~~~~
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subject_assignments``
+**GET /intra_extensions/{intra_extension_id}/subjects**
+
+ List all subjects.
.. code-block:: json
- post = {
- "subject_id" : "",
- "subject_category_id" : "",
- "subject_category_scope_id" : ""
- }
return = {
- "subject_assignments": {
- "subject_security_level":{
- "user1": ["low"],
- "user2": ["medium"],
- "user3": ["high"]
- }
- }
+ "subject_id": {
+ "name": "name of the subject",
+ "keystone_id": "keystone id of the subject"
+ }
+ }
+
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject_assignments/{subject_category}/{subject_id}/{subject_scope}``
+**POST /intra_extensions/{intra_extension_id}/subjects**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/object_assignments``
+ List all subjects.
.. code-block:: json
+ post = {
+ "subject_name": "name of the subject",
+ "subject_description": "description of the subject",
+ "subject_password": "password for the subject",
+ "subject_email": "email address of the subject"
+ }
return = {
- "object_assignments": {
- "object_security_level":{
- "vm1": ["low"],
- "vm2": ["medium"],
- "vm3": ["high"]
- }
- }
+ "subject_id": {
+ "name": "name of the subject",
+ "keystone_id": "keystone id of the subject"
+ }
+ }
+
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/object_assignments``
+**DELETE /intra_extensions/{intra_extension_id}/subjects/{subject_id}**
+
+ Delete a subject.
.. code-block:: json
- post = {
- "object_id" : "",
- "object_category_id" : "",
- "object_category_scope_id" : ""
- }
- return = {
- "object_assignments": {
- "object_security_level":{
- "vm1": ["low"],
- "vm2": ["medium"],
- "vm3": ["high"]
- }
- }
+ return = {}
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object_assignments/{object_category}/{object_id}/{object_scope}``
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/action_assignments``
+**GET /intra_extensions/{intra_extension_id}/subject_categories**
+
+ List all subject categories.
.. code-block:: json
return = {
- "action_assignments": {
- "computing_action":{
- "pause": ["vm_admin"],
- "unpause": ["vm_admin"],
- "start": ["vm_admin"],
- "stop": ["vm_admin"]
- }
- }
+ "subject_category_id": {
+ "name": "name of the category",
+ "description": "description of the category"
+ }
+ }
+
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/action_assignments``
+**POST /intra_extensions/{intra_extension_id}/subject_categories**
+
+ Add a new subject category.
.. code-block:: json
- post = {
- "action_id" : "",
- "action_category_id" : "",
- "action_category_scope_id" : ""
- }
+ post = {
+ "subject_category_name": "name of the category",
+ "subject_category_description": "description of the category"
+ }
return = {
- "action_assignments": {
- "computing_action":{
- "pause": ["vm_admin"],
- "unpause": ["vm_admin"],
- "start": ["vm_admin"],
- "stop": ["vm_admin"]
- }
- }
+ "subject_category_id": {
+ "name": "name of the category",
+ "description": "description of the category"
+ }
+ }
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/action_assignments/{action_category}/{action_id}/{action_scope}``
-Metadata
-~~~~~~~~
+**DELETE /intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subject_categories``
+ Delete a subject category.
.. code-block:: json
- return = {
- "subject_categories": [ "subject_security_level" ]
- }
+ return = {}
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subject_categories``
+
+**GET /intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}**
+
+ List all subject scopes for a specific subject category.
.. code-block:: json
- post = {
- "subject_category_id" : ""
- }
return = {
- "subject_categories": [ "subject_security_level" ]
- }
+ "subject_scope_id": {
+ "name": "name of the scope",
+ "description": "description of the scope"
+ }
+ }
+
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject_categories/{subject_category_id}``
+**POST /intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/object_categories``
+ Add a new subject scope for a specific subject category.
.. code-block:: json
+ post = {
+ "subject_scope_name": "name of the scope",
+ "subject_scope_description": "description of the scope"
+ }
return = {
- "object_categories": [ "object_security_level" ]
- }
+ "subject_scope_id": {
+ "name": "name of the scope",
+ "description": "description of the scope"
+ }
+ }
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/object_categories``
+
+**DELETE /intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}**
+
+ Delete a subject scope.
.. code-block:: json
- post = {
- "object_category_id" : ""
- }
- return = {
- "object_categories": [ "object_security_level" ]
- }
+ return = {}
+
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object_categories/{object_category_id}``
+**GET /intra_extensions/{intra_extension_id}/subject_assignments/{subject_id}/{subject_category_id}**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/action_categories``
+ List all subject assignments for a subject and for a subject category.
.. code-block:: json
- return = {
- "action_categories": [ "computing_action" ]
- }
+ return = [
+ "subject_assignment_id1", "subject_assignment_id2"
+ ]
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/action_categories``
+**POST /intra_extensions/{intra_extension_id}/subject_assignments**
+
+ Add an assignment.
.. code-block:: json
- post = {
- "action_category_id" : ""
- }
- return = {
- "action_categories": [ "computing_action" ]
- }
+ post = {
+ "subject_id": "id of the subject",
+ "subject_category_id": "id of the category",
+ "subject_scope_id": "id of the scope"
+ }
+ return = [
+ "subject_assignment_id1", "subject_assignment_id2"
+ ]
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/action_categories/{action_category_id}``
-Scope
-~~~~~
+**DELETE /intra_extensions/{intra_extension_id}/subject_assignments/{subject_id}/{subject_category_id}/{subject_scope_id}**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/subject_category_scope``
+ Delete a subject assignment.
.. code-block:: json
- return = {
- "subject_security_level": [ "high", "medium", "low" ]
- }
+ return = {}
+
+
+Intra-Extension Objects
+~~~~~~~~~~~~~~~~~~~~~~~
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/subject_category_scope``
+**GET /intra_extensions/{intra_extension_id}/objects**
+
+ List all objects.
.. code-block:: json
- post = {
- "subject_category_id" : "",
- "subject_category_scope_id" : ""
- }
return = {
- "subject_security_level": [ "high", "medium", "low" ]
- }
+ "object_id": {
+ "name": "name of the object",
+ "keystone_id": "keystone id of the object"
+ }
+ }
+
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/subject_category_scope/{subject_category}/{subject_scope}``
+**POST /intra_extensions/{intra_extension_id}/objects**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/object_category_scope``
+ List all objects.
.. code-block:: json
+ post = {
+ "object_name": "name of the object",
+ "object_description": "description of the object"
+ }
return = {
- "object_security_level": [ "high", "medium", "low" ]
- }
+ "object_id": {
+ "name": "name of the object",
+ "keystone_id": "keystone id of the object"
+ }
+ }
+
+
+**DELETE /intra_extensions/{intra_extension_id}/objects/{object_id}**
+
+ Delete a object.
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/object_category_scope``
+.. code-block:: json
+
+ return = {}
+
+
+**GET /intra_extensions/{intra_extension_id}/object_categories**
+
+ List all object categories.
.. code-block:: json
- post = {
- "object_category_id" : "",
- "object_category_scope_id" : ""
- }
return = {
- "object_security_level": [ "high", "medium", "low" ]
- }
+ "object_category_id": {
+ "name": "name of the category",
+ "description": "description of the category"
+ }
+ }
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/object_category_scope/{object_category}/{object_scope}``
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/action_category_scope``
+**POST /intra_extensions/{intra_extension_id}/object_categories**
+
+ Add a new object category.
.. code-block:: json
+ post = {
+ "object_category_name": "name of the category",
+ "object_category_description": "description of the category"
+ }
return = {
- "computing_action": [ "vm_admin", "vm_access" ]
- }
+ "object_category_id": {
+ "name": "name of the category",
+ "description": "description of the category"
+ }
+ }
+
+
+**DELETE /intra_extensions/{intra_extension_id}/object_categories/{object_category_id}**
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/action_category_scope``
+ Delete a object category.
+
+.. code-block:: json
+
+ return = {}
+
+
+**GET /intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}**
+
+ List all object scopes for a specific object category.
.. code-block:: json
- post = {
- "action_id" : "",
- "action_category_id" : "",
- "action_category_scope_id" : ""
- }
return = {
- "computing_action": [ "vm_admin", "vm_access" ]
- }
+ "object_scope_id": {
+ "name": "name of the scope",
+ "description": "description of the scope"
+ }
+ }
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/action_category_scope/{action_category}/{action_scope}``
-Metarule
-~~~~~~~~
+**POST /intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/aggregation_algorithms``
+ Add a new object scope for a specific object category.
.. code-block:: json
+ post = {
+ "object_scope_name": "name of the scope",
+ "object_scope_description": "description of the scope"
+ }
return = {
- "aggregation_algorithms": [ "and_true_aggregation", "..."]
- }
+ "object_scope_id": {
+ "name": "name of the scope",
+ "description": "description of the scope"
+ }
+ }
+
+
+**DELETE /intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}**
+
+ Delete a object scope.
+
+.. code-block:: json
+
+ return = {}
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/aggregation_algorithm``
+
+**GET /intra_extensions/{intra_extension_id}/object_assignments/{object_id}/{object_category_id}**
+
+ List all object assignments for a object and for a object category.
+
+.. code-block:: json
+
+ return = [
+ "object_assignment_id1", "object_assignment_id2"
+ ]
+
+
+**POST /intra_extensions/{intra_extension_id}/object_assignments**
+
+ Add an assignment.
+
+.. code-block:: json
+
+ post = {
+ "object_id": "id of the object",
+ "object_category_id": "id of the category",
+ "object_scope_id": "id of the scope"
+ }
+ return = [
+ "object_assignment_id1", "object_assignment_id2"
+ ]
+
+
+**DELETE /intra_extensions/{intra_extension_id}/object_assignments/{object_id}/{object_category_id}/{object_scope_id}**
+
+ Delete a object assignment.
+
+.. code-block:: json
+
+ return = {}
+
+
+Intra-Extension Actions
+~~~~~~~~~~~~~~~~~~~~~~~
+
+**GET /intra_extensions/{intra_extension_id}/actions**
+
+ List all actions.
.. code-block:: json
return = {
- "aggregation_algorithm": "and_true_aggregation"
- }
+ "action_id": {
+ "name": "name of the action",
+ "keystone_id": "keystone id of the action"
+ }
+ }
+
+
+**POST /intra_extensions/{intra_extension_id}/actions**
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/aggregation_algorithm``
+ List all actions.
.. code-block:: json
- post = {
- "aggregation": "and_true_aggregation"
- }
+ post = {
+ "action_name": "name of the action",
+ "action_description": "description of the action",
+ "action_password": "password for the action",
+ "action_email": "email address of the action"
+ }
return = {
- "aggregation_algorithm": "and_true_aggregation"
- }
+ "action_id": {
+ "name": "name of the action",
+ "keystone_id": "keystone id of the action"
+ }
+ }
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/sub_meta_rule``
+
+**DELETE /intra_extensions/{intra_extension_id}/actions/{action_id}**
+
+ Delete a action.
+
+.. code-block:: json
+
+ return = {}
+
+
+**GET /intra_extensions/{intra_extension_id}/action_categories**
+
+ List all action categories.
.. code-block:: json
return = {
- "sub_meta_rule": {
- "subject_categories": ["role"],
- "action_categories": ["ie_action"],
- "object_categories": ["id"],
- "relation": "relation_super"
- }
- }
+ "action_category_id": {
+ "name": "name of the category",
+ "description": "description of the category"
+ }
+ }
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/sub_meta_rule``
+
+**POST /intra_extensions/{intra_extension_id}/action_categories**
+
+ Add a new action category.
.. code-block:: json
- post = {
- "relation_super": {
- "subject_categories": ["role"],
- "action_categories": ["ie_action"],
- "object_categories": ["id"],
- }
- }
+ post = {
+ "action_category_name": "name of the category",
+ "action_category_description": "description of the category"
+ }
return = {
- "sub_meta_rule": {
- "subject_categories": ["role"],
- "action_categories": ["ie_action"],
- "object_categories": ["id"],
- "relation": "relation_super"
- }
- }
+ "action_category_id": {
+ "name": "name of the category",
+ "description": "description of the category"
+ }
+ }
+
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/sub_meta_rule_relations``
+**DELETE /intra_extensions/{intra_extension_id}/action_categories/{action_category_id}**
+
+ Delete a action category.
+
+.. code-block:: json
+
+ return = {}
+
+
+**GET /intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}**
+
+ List all action scopes for a specific action category.
.. code-block:: json
return = {
- "sub_meta_rule_relations": ["relation_super", ]
- }
+ "action_scope_id": {
+ "name": "name of the scope",
+ "description": "description of the scope"
+ }
+ }
+
-Rules
-~~~~~
+**POST /intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}**
-* ``GET /OS-MOON/intra_extensions/{intra_extensions_id}/sub_rules``
+ Add a new action scope for a specific action category.
.. code-block:: json
+ post = {
+ "action_scope_name": "name of the scope",
+ "action_scope_description": "description of the scope"
+ }
return = {
- "sub_rules": {
- "relation_super": [
- ["high", "vm_admin", "medium"],
- ["high", "vm_admin", "low"],
- ["medium", "vm_admin", "low"],
- ["high", "vm_access", "high"],
- ["high", "vm_access", "medium"],
- ["high", "vm_access", "low"],
- ["medium", "vm_access", "medium"],
- ["medium", "vm_access", "low"],
- ["low", "vm_access", "low"]
- ]
- }
- }
+ "action_scope_id": {
+ "name": "name of the scope",
+ "description": "description of the scope"
+ }
+ }
+
+
+**DELETE /intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}**
-* ``POST /OS-MOON/intra_extensions/{intra_extensions_id}/sub_rules``
+ Delete a action scope.
.. code-block:: json
- post = {
- "rules": ["admin", "vm_admin", "servers"],
- "relation": "relation_super"
- }
+ return = {}
+
+
+**GET /intra_extensions/{intra_extension_id}/action_assignments/{action_id}/{action_category_id}**
+
+ List all action assignments for a action and for a action category.
+
+.. code-block:: json
+
+ return = [
+ "action_assignment_id1", "action_assignment_id2"
+ ]
+
+
+**POST /intra_extensions/{intra_extension_id}/action_assignments**
+
+ Add an assignment.
+
+.. code-block:: json
-* ``DELETE /OS-MOON/intra_extensions/{intra_extensions_id}/sub_rules/{relation_name}/{rule}``
+ post = {
+ "action_id": "id of the action",
+ "action_category_id": "id of the category",
+ "action_scope_id": "id of the scope"
+ }
+ return = [
+ "action_assignment_id1", "action_assignment_id2"
+ ]
-Tenant mapping API
-------------------
+**DELETE /intra_extensions/{intra_extension_id}/action_assignments/{action_id}/{action_category_id}/{action_scope_id}**
-* ``GET /OS-MOON/tenants``
+ Delete a action assignment.
+
+.. code-block:: json
+
+ return = {}
+
+
+Intra-Extension Rules
+~~~~~~~~~~~~~~~~~~~~~
+
+**GET /intra_extensions/{intra_extension_id}/aggregation_algorithm**
+
+ List aggregation algorithm for an intra extension.
.. code-block:: json
return = {
- "tenant": {
- "uuid1": {
- "name": "tenant1",
- "authz": "intra_extension_uuid1",
- "admin": "intra_extension_uuid2"
- },
- "uuid2": {
- "name": "tenant2",
- "authz": "intra_extension_uuid1",
- "admin": "intra_extension_uuid2"
- }
- }
- }
+ "aggregation_algorithm_id": {
+ "name": "name of the aggregation algorithm",
+ "description": "description of the aggregation algorithm"
+ }
+ }
+
-* ``GET /OS-MOON/tenant/{tenant_uuid}``
+**POST /intra_extensions/{intra_extension_id}/aggregation_algorithm**
+
+ Set the current aggregation algorithm for an intra extension.
.. code-block:: json
+ post = {
+ "aggregation_algorithm_id": "id of the aggregation algorithm",
+ "aggregation_algorithm_description": "description of the aggregation algorithm"
+ }
return = {
- "tenant": {
- "uuid": {
- "name": "tenant1",
- "authz": "intra_extension_uuid1",
- "admin": "intra_extension_uuid2"
- }
- }
- }
+ "aggregation_algorithm_id": {
+ "name": "name of the aggregation algorithm",
+ "description": "description of the aggregation algorithm"
+ }
+ }
+
-* ``POST /OS-MOON/tenant``
+**GET /intra_extensions/{intra_extension_id}/sub_meta_rules**
+
+ Show the current sub meta rules.
.. code-block:: json
- post = {
- "id": "uuid",
- "name": "tenant1",
- "authz": "intra_extension_uuid1",
- "admin": "intra_extension_uuid2"
- }
return = {
- "tenant": {
- "uuid": {
- "name": "tenant1",
- "authz": "intra_extension_uuid1",
- "admin": "intra_extension_uuid2"
- }
- }
- }
+ "sub_meta_rule_id": {
+ "name": "name of the aggregation algorithm",
+ "algorithm": "algorithm of the aggregation algorithm",
+ "subject_categories": ["subject_category_id1", "subject_category_id2"],
+ "object_categories": ["object_category_id1", "object_category_id2"],
+ "action_categories": ["action_category_id1", "action_category_id2"]
+ }
+ }
-* ``DELETE /OS-MOON/tenant/{tenant_uuid}/{intra_extension_uuid}``
.. code-block:: json
return = {}
-Logs API
---------
-* ``GET /OS-MOON/logs``
+**GET /intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}**
+
+ Set the current sub meta rule.
+
+.. code-block:: json
+
+ post = {
+ "sub_meta_rule_name": "name of the sub meta rule",
+ "sub_meta_rule_algorithm": "name of the sub meta rule algorithm",
+ "sub_meta_rule_subject_categories": ["subject_category_id1", "subject_category_id2"],
+ "sub_meta_rule_object_categories": ["object_category_id1", "object_category_id2"],
+ "sub_meta_rule_action_categories": ["action_category_id1", "action_category_id2"]
+ }
+ return = {}
+
-InterExtension API
-------------------
+**GET /intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}**
-* ``GET /OS-MOON/inter_extensions``
+ List all rules.
.. code-block:: json
return = {
- "inter_extensions": ["ie_uuid1", "ie_uuid2"]
- }
+ "rule_id1": ["subject_scope_id1", "object_scope_id1", "action_scope_id1"],
+ "rule_id2": ["subject_scope_id2", "object_scope_id2", "action_scope_id2"]
+ }
+
+
+**POST /intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}**
-* ``GET /OS-MOON/inter_extensions/{inter_extensions_id}``
+ Add a new rule.
.. code-block:: json
- return = {
- "inter_extensions": {
- "id": "uuid1",
- "description": "",
- "requesting_intra_extension_uuid": "uuid1",
- "requested_intra_extension_uuid": "uuid2",
- "genre": "trust_OR_coordinate",
- "virtual_entity_uuid": "ve_uuid1"
- }
- }
+ post = {
+ "subject_categories": ["subject_scope_id1"],
+ "object_categories": ["object_scope_id1"],
+ "action_categories": ["action_scope_id1"],
+ "enabled": True
+ }
+ return = {}
+
-* ``POST /OS-MOON/inter_extensions``
+**DELETE /intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}**
+
+ Delete a rule.
.. code-block:: json
- post = {
- "description": "",
- "requesting_intra_extension_uuid": uuid1,
- "requested_intra_extension_uuid": uuid2,
- "genre": "trust_OR_coordinate",
- "virtual_entity_uuid": "ve_uuid1"
- }
- return = {
- "id": "uuid1",
- "description": "",
- "requesting_intra_extension_uuid": uuid1,
- "requested_intra_extension_uuid": uuid2,
- "genre": "trust_OR_coordinate",
- "virtual_entity_uuid": "ve_uuid1"
- }
+ return = {}
+
+
+Logs
+~~~~
+
+**GET /logs/{options}**
+
+ List all logs.
+ Options can be:
+
+ * ``filter=<filter_characters>``
+ * ``from=<show logs from this date>``
+ * ``to=<show logs to this date>``
+ * ``event_number=<get n logs>``
+
+ Time format is '%Y-%m-%d-%H:%M:%S' (eg. "2015-04-15-13:45:20")
+
+.. code-block:: json
-* ``DELETE /OS-MOON/inter_extensions/{inter_extensions_id}``
+ return = [
+ "2015-04-15-13:45:20 ...",
+ "2015-04-15-13:45:21 ...",
+ "2015-04-15-13:45:22 ...",
+ "2015-04-15-13:45:23 ..."
+ ]
diff --git a/keystone-moon/keystone/common/config.py b/keystone-moon/keystone/common/config.py
index 4ba740fe..b42b29d6 100644
--- a/keystone-moon/keystone/common/config.py
+++ b/keystone-moon/keystone/common/config.py
@@ -1173,34 +1173,7 @@ FILE_OPTIONS = {
deprecated_name='cert_required', deprecated_group='ssl',
deprecated_for_removal=True,
help='Require client certificate.'),
- ],
- 'moon': [
- cfg.StrOpt('configuration_driver',
- default='keystone.contrib.moon.backends.memory.ConfigurationConnector',
- help='Configuration backend driver.'),
- cfg.StrOpt('tenant_driver',
- default='keystone.contrib.moon.backends.sql.TenantConnector',
- help='Tenant backend driver.'),
- cfg.StrOpt('authz_driver',
- default='keystone.contrib.moon.backends.flat.SuperExtensionConnector',
- help='Authorisation backend driver.'),
- cfg.StrOpt('intraextension_driver',
- default='keystone.contrib.moon.backends.sql.IntraExtensionConnector',
- help='IntraExtension backend driver.'),
- cfg.StrOpt('interextension_driver',
- default='keystone.contrib.moon.backends.sql.InterExtensionConnector',
- help='InterExtension backend driver.'),
- cfg.StrOpt('log_driver',
- default='keystone.contrib.moon.backends.flat.LogConnector',
- help='Logs backend driver.'),
- cfg.StrOpt('policy_directory',
- default='/etc/keystone/policies',
- help='Local directory where all policies are stored.'),
- cfg.StrOpt('root_policy_directory',
- default='policy_root',
- help='Local directory where Root IntraExtension configuration is stored.'),
]
-
}
diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py
index 8e19ff81..ddc88fb8 100644
--- a/keystone-moon/keystone/contrib/moon/core.py
+++ b/keystone-moon/keystone/contrib/moon/core.py
@@ -27,20 +27,35 @@ from keystone.contrib.moon.algorithms import *
CONF = cfg.CONF
LOG = log.getLogger(__name__)
-EXTENSION_DATA = {
- 'name': 'OpenStack Moon APIs',
- 'namespace': 'http://docs.openstack.org/identity/api/ext/'
- 'OS-MOON',
- 'alias': 'OS-MOON',
- 'updated': '2015-09-02T12:00:0-00:00',
- 'description': 'OpenStack Authorization Providers Mechanism.',
- 'links': [{
- 'rel': 'describedby',
- 'type': 'text/html',
- 'href': 'https://git.opnfv.org/moon.git'
- }]}
-extension.register_admin_extension(EXTENSION_DATA['alias'], EXTENSION_DATA)
-extension.register_public_extension(EXTENSION_DATA['alias'], EXTENSION_DATA)
+OPTS = [
+ cfg.StrOpt('configuration_driver',
+ default='keystone.contrib.moon.backends.memory.ConfigurationConnector',
+ help='Configuration backend driver.'),
+ cfg.StrOpt('tenant_driver',
+ default='keystone.contrib.moon.backends.sql.TenantConnector',
+ help='Tenant backend driver.'),
+ cfg.StrOpt('authz_driver',
+ default='keystone.contrib.moon.backends.flat.SuperExtensionConnector',
+ help='Authorisation backend driver.'),
+ cfg.StrOpt('intraextension_driver',
+ default='keystone.contrib.moon.backends.sql.IntraExtensionConnector',
+ help='IntraExtension backend driver.'),
+ cfg.StrOpt('interextension_driver',
+ default='keystone.contrib.moon.backends.sql.InterExtensionConnector',
+ help='InterExtension backend driver.'),
+ cfg.StrOpt('log_driver',
+ default='keystone.contrib.moon.backends.flat.LogConnector',
+ help='Logs backend driver.'),
+ cfg.StrOpt('policy_directory',
+ default='/etc/keystone/policies',
+ help='Local directory where all policies are stored.'),
+ cfg.StrOpt('root_policy_directory',
+ default='policy_root',
+ help='Local directory where Root IntraExtension configuration is stored.'),
+]
+
+for option in OPTS:
+ CONF.register_opt(option, group="moon")
def filter_input(func_or_str):
@@ -150,7 +165,7 @@ def enforce(action_names, object_name, **extra):
else:
# id is not a known tenant ID, so we must check against the Root intra_extension
intra_extension_id = intra_root_extension_id
- LOG.warning("Cannot emanager because the intra-extension is unknown (fallback to the root intraextension)")
+ LOG.warning("Cannot manage because the intra-extension is unknown (fallback to the root intraextension)")
for _tenant_id in tenants_dict:
if tenants_dict[_tenant_id]['intra_authz_extension_id'] == intra_extension_id or \
tenants_dict[_tenant_id]['intra_admin_extension_id'] == intra_extension_id:
@@ -369,18 +384,6 @@ class TenantManager(manager.Manager):
self.moonlog_api.debug("add_tenant_dict {}".format(tenant_dict))
if 'intra_admin_extension_id' in tenant_dict and tenant_dict['intra_admin_extension_id']:
if 'intra_authz_extension_id' in tenant_dict and tenant_dict['intra_authz_extension_id']:
- # authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id'])
- # admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id'])
- # for _subject_id in authz_subjects_dict:
- # if _subject_id not in admin_subjects_dict:
- # self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id'], authz_subjects_dict[_subject_id])
- # for _subject_id in admin_subjects_dict:
- # if _subject_id not in authz_subjects_dict:
- # self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id'], admin_subjects_dict[_subject_id])
-
- # TODO (ateroide): check whether we can replace the below code by the above one
- # NOTE (ateroide): at a first glance: no, subject_id changes depending on which intra_extesion is used
- # we must use name which is constant.
authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.root_admin_id, tenant_dict['intra_authz_extension_id'])
authz_subject_names_list = [authz_subjects_dict[subject_id]["name"] for subject_id in authz_subjects_dict]
admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.root_admin_id, tenant_dict['intra_admin_extension_id'])
@@ -440,10 +443,8 @@ class IntraExtensionManager(manager.Manager):
def __init__(self):
super(IntraExtensionManager, self).__init__(CONF.moon.intraextension_driver)
- # self.root_admin_id = self.__compute_admin_id_for_root_extension()
self._root_admin_id = None
self._root_extension_id = None
- # self.__init_aggregation_algorithm()
def __init_root(self, root_extension_id=None):
LOG.debug("__init_root {}".format(root_extension_id))
@@ -490,12 +491,6 @@ class IntraExtensionManager(manager.Manager):
LOG.debug("self.driver.get_intra_extensions_dict()={}".format(self.driver.get_intra_extensions_dict()))
return {self.root_extension_id: self.driver.get_intra_extensions_dict()[self.root_extension_id]}
- # def __compute_admin_id_for_root_extension(self):
- # for subject_id, subject_dict in self.driver.get_subjects_dict(self.root_extension_id).iteritems():
- # if subject_dict["name"] == "admin":
- # return subject_id
- # raise RootExtensionNotInitialized()
-
def get_root_extension_id(self):
extensions = self.driver.get_intra_extensions_dict()
for extension_id, extension_dict in extensions.iteritems():
@@ -507,15 +502,6 @@ class IntraExtensionManager(manager.Manager):
raise IntraExtensionCreationError("The root extension is not created.")
return extension['id']
- # def __init_aggregation_algorithm(self):
- # try:
- # self._root_extension_id = self.get_root_extension_id()
- # self.aggregation_algorithm_dict = self.configuration_api.get_aggregation_algorithms_dict(self.root_extension_id)
- # except AttributeError as e:
- # LOG.warning("Error on init_aggregation_algorithm ({})".format(e))
- # self._root_extension_id = None
- # self.aggregation_algorithm_dict = {}
-
def __get_authz_buffer(self, intra_extension_id, subject_id, object_id, action_id):
"""
:param intra_extension_id:
@@ -602,8 +588,6 @@ class IntraExtensionManager(manager.Manager):
meta_rule_dict[sub_meta_rule_id],
self.driver.get_rules_dict(intra_extension_id, sub_meta_rule_id).values())
- # if not self.root_extension_id:
- # self.__init_aggregation_algorithm()
aggregation_algorithm_id = self.driver.get_aggregation_algorithm_id(intra_extension_id)['aggregation_algorithm']
if self.aggregation_algorithm_dict[aggregation_algorithm_id]['name'] == 'all_true':
decision = all_true(decision_buffer)
@@ -637,32 +621,15 @@ class IntraExtensionManager(manager.Manager):
f = open(metadata_path)
json_perimeter = json.load(f)
- # subject_categories_dict = dict()
for _cat in json_perimeter['subject_categories']:
self.driver.set_subject_category_dict(intra_extension_dict["id"], uuid4().hex,
{"name": _cat, "description": _cat})
- # Initialize scope categories
- # for _cat in subject_categories_dict.keys():
- # self.driver.set_subject_scope_dict(intra_extension_dict["id"], _cat, {})
- # intra_extension_dict['subject_categories'] = subject_categories_dict
-
- # object_categories_dict = dict()
for _cat in json_perimeter['object_categories']:
self.driver.set_object_category_dict(intra_extension_dict["id"], uuid4().hex,
{"name": _cat, "description": _cat})
- # Initialize scope categories
- # for _cat in object_categories_dict.keys():
- # self.driver.set_object_scope_dict(intra_extension_dict["id"], _cat, {})
- # intra_extension_dict['object_categories'] = object_categories_dict
-
- # action_categories_dict = dict()
for _cat in json_perimeter['action_categories']:
self.driver.set_action_category_dict(intra_extension_dict["id"], uuid4().hex,
{"name": _cat, "description": _cat})
- # Initialize scope categories
- # for _cat in action_categories_dict.keys():
- # self.driver.set_action_scope_dict(intra_extension_dict["id"], _cat, {})
- # intra_extension_dict['action_categories'] = action_categories_dict
def __load_perimeter_file(self, intra_extension_dict, policy_dir):
@@ -805,7 +772,6 @@ class IntraExtensionManager(manager.Manager):
metadata_path = os.path.join(policy_dir, 'metarule.json')
f = open(metadata_path)
json_metarule = json.load(f)
- # ie["meta_rules"] = copy.deepcopy(json_metarule)
metarule = dict()
categories = {
"subject_categories": self.driver.SUBJECT_CATEGORY,
@@ -847,13 +813,10 @@ class IntraExtensionManager(manager.Manager):
sub_rule_id = self.driver.get_uuid_from_name(intra_extension_dict["id"],
sub_rule_name,
self.driver.SUB_META_RULE)
- # if sub_rule_name not in self.get_sub_meta_rule_relations("admin", ie["id"])["sub_meta_rule_relations"]:
- # raise IntraExtensionException("Bad sub_rule_name name {} in rules".format(sub_rule_name))
rules[sub_rule_id] = list()
for rule in json_rules[sub_rule_name]:
subrule = list()
_rule = list(rule)
- # sub_rule_id = self.driver.get_uuid_from_name(intra_extension_dict["id"], sub_rule_name, self.driver.SUB_META_RULE)
for category_uuid in sub_meta_rules[sub_rule_id]["subject_categories"]:
scope_name = _rule.pop(0)
scope_uuid = self.driver.get_uuid_from_name(intra_extension_dict["id"],
@@ -881,7 +844,6 @@ class IntraExtensionManager(manager.Manager):
else:
# if value doesn't exist add a default value
subrule.append(True)
- # rules[sub_rule_id].append(subrule)
self.driver.set_rule_dict(intra_extension_dict["id"], sub_rule_id, uuid4().hex, subrule)
@enforce(("read", "write"), "intra_extensions")
@@ -914,11 +876,6 @@ class IntraExtensionManager(manager.Manager):
# Note (asteroide): Only one root Extension is authorized
# and this extension is created at the very beginning of the server
# so we don't need to use enforce here
- # if self.get_root_extension_id():
- # # for ext in self.driver.get_intra_extensions_dict():
- # # Note (asteroide): if there is at least one Intra Extension, it implies that
- # # the Root Intra Extension had already been created...
- # return
extensions = self.driver.get_intra_extensions_dict()
for extension_id, extension_dict in extensions.iteritems():
if extension_dict["name"] == CONF.moon.root_policy_directory:
@@ -930,10 +887,7 @@ class IntraExtensionManager(manager.Manager):
ie_dict["genre"] = "admin"
ie_dict["description"] = "policy_root"
ref = self.driver.set_intra_extension_dict(ie_dict['id'], ie_dict)
- # try:
self.moonlog_api.debug("Creation of root IE: {}".format(ref))
- # except AttributeError:
- # LOG.debug("Creation of root IE: {}".format(ref))
# read the template given by "model" and populate default variables
template_dir = os.path.join(CONF.moon.policy_directory, ie_dict["model"])
diff --git a/keystone-moon/keystone/contrib/moon/routers.py b/keystone-moon/keystone/contrib/moon/routers.py
index fd1c0adf..fd821a49 100644
--- a/keystone-moon/keystone/contrib/moon/routers.py
+++ b/keystone-moon/keystone/contrib/moon/routers.py
@@ -12,11 +12,14 @@ from oslo_log import log
LOG = log.getLogger(__name__)
-class Routers(wsgi.V3ExtensionRouter):
+class Routers(wsgi.ComposableRouter):
"""API Endpoints for the Moon extension.
"""
- PATH_PREFIX = '/OS-MOON'
+ PATH_PREFIX = ''
+
+ def __init__(self, description):
+ self.description = description
@staticmethod
def _get_rel(component):
@@ -34,419 +37,462 @@ class Routers(wsgi.V3ExtensionRouter):
tenants_controller = controllers.Tenants()
logs_controller = controllers.Logs()
inter_ext_controller = controllers.InterExtensions()
+
# Configuration route
- self._add_resource(
- mapper, configuration_controller,
- path=self.PATH_PREFIX+'/configuration/templates',
- get_action='get_policy_templates',
- rel=self._get_rel('templates'),
- path_vars={})
- self._add_resource(
- mapper, configuration_controller,
- path=self.PATH_PREFIX+'/configuration/aggregation_algorithms',
- get_action='get_aggregation_algorithms',
- rel=self._get_rel('aggregation_algorithms'),
- path_vars={})
- self._add_resource(
- mapper, configuration_controller,
- path=self.PATH_PREFIX+'/configuration/sub_meta_rule_algorithms',
- get_action='get_sub_meta_rule_algorithms',
- rel=self._get_rel('sub_meta_rule_algorithms'),
- path_vars={})
+ mapper.connect(
+ self.PATH_PREFIX+'/configuration/templates',
+ controller=configuration_controller,
+ action='get_policy_templates',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/configuration/aggregation_algorithms',
+ controller=configuration_controller,
+ action='get_aggregation_algorithms',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/configuration/sub_meta_rule_algorithms',
+ controller=configuration_controller,
+ action='get_sub_meta_rule_algorithms',
+ conditions=dict(method=['GET']))
# Tenants route
- self._add_resource(
- mapper, tenants_controller,
- path=self.PATH_PREFIX+'/tenants',
- get_action='get_tenants',
- post_action='add_tenant',
- rel=self._get_rel('tenants'),
- path_vars={})
- self._add_resource(
- mapper, tenants_controller,
- path=self.PATH_PREFIX+'/tenants/{tenant_id}',
- get_action='get_tenant',
- delete_action='del_tenant',
- post_action='set_tenant',
- rel=self._get_rel('tenants'),
- path_vars={
- 'tenant_id': self._get_path('tenants'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/tenants',
+ controller=tenants_controller,
+ action='get_tenants',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/tenants',
+ controller=tenants_controller,
+ action='add_tenant',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/tenants/{tenant_id}',
+ controller=tenants_controller,
+ action='get_tenant',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/tenants/{tenant_id}',
+ controller=tenants_controller,
+ action='del_tenant',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/tenants/{tenant_id}',
+ controller=tenants_controller,
+ action='set_tenant',
+ conditions=dict(method=['POST']))
# Authz route
- self._add_resource(
- mapper, authz_controller,
- path=self.PATH_PREFIX+'/authz/{tenant_id}/{subject_k_id}/{object_name}/{action_name}',
- get_action='get_authz',
- rel=self._get_rel('authz'),
- path_vars={
- 'tenant_id': self._get_path('tenants'),
- 'subject_k_id': self._get_path('subjects'),
- 'object_name': self._get_path('objects'),
- 'action_name': self._get_path('actions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/authz/{tenant_id}/{subject_k_id}/{object_name}/{action_name}',
+ controller=authz_controller,
+ action='get_authz',
+ conditions=dict(method=['GET']))
# IntraExtensions/Admin route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/init',
- get_action='load_root_intra_extension',
- rel=self._get_rel('intra_extensions'),
- path_vars={})
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions',
- get_action='get_intra_extensions',
- post_action='add_intra_extension',
- rel=self._get_rel('intra_extensions'),
- path_vars={})
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}',
- get_action='get_intra_extension',
- delete_action='del_intra_extension',
- post_action='set_intra_extension',
- rel=self._get_rel('intra_extensions'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/init',
+ controller=intra_ext_controller,
+ action='load_root_intra_extension',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions',
+ controller=intra_ext_controller,
+ action='get_intra_extensions',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions',
+ controller=intra_ext_controller,
+ action='add_intra_extension',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}',
+ controller=intra_ext_controller,
+ action='get_intra_extension',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}',
+ controller=intra_ext_controller,
+ action='set_intra_extension',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}',
+ controller=intra_ext_controller,
+ action='del_intra_extension',
+ conditions=dict(method=['DELETE']))
# Metadata route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories',
- get_action='get_subject_categories',
- post_action='add_subject_category',
- rel=self._get_rel('subject_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}',
- get_action='get_subject_category',
- delete_action='del_subject_category',
- post_action='set_subject_category',
- rel=self._get_rel('subject_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories',
- get_action='get_object_categories',
- post_action='add_object_category',
- rel=self._get_rel('object_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}',
- get_action='get_object_category',
- delete_action='del_object_category',
- post_action='set_object_category',
- rel=self._get_rel('object_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories',
- get_action='get_action_categories',
- post_action='add_action_category',
- rel=self._get_rel('action_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}',
- get_action='get_action_category',
- delete_action='del_action_category',
- post_action='set_action_category',
- rel=self._get_rel('action_categories'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories',
+ controller=intra_ext_controller,
+ action='get_subject_categories',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories',
+ controller=intra_ext_controller,
+ action='add_subject_category',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}',
+ controller=intra_ext_controller,
+ action='get_subject_category',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}',
+ controller=intra_ext_controller,
+ action='del_subject_category',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_categories/{subject_category_id}',
+ controller=intra_ext_controller,
+ action='set_subject_category',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories',
+ controller=intra_ext_controller,
+ action='get_object_categories',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories',
+ controller=intra_ext_controller,
+ action='add_object_category',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}',
+ controller=intra_ext_controller,
+ action='get_object_category',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}',
+ controller=intra_ext_controller,
+ action='del_object_category',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_categories/{object_category_id}',
+ controller=intra_ext_controller,
+ action='set_object_category',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories',
+ controller=intra_ext_controller,
+ action='get_action_categories',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories',
+ controller=intra_ext_controller,
+ action='add_action_category',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}',
+ controller=intra_ext_controller,
+ action='get_action_category',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}',
+ controller=intra_ext_controller,
+ action='del_action_category',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_categories/{action_category_id}',
+ controller=intra_ext_controller,
+ action='set_action_category',
+ conditions=dict(method=['POST']))
# Perimeter route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects',
- get_action='get_subjects',
- post_action='add_subject',
- rel=self._get_rel('subjects'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}',
- get_action='get_subject',
- delete_action='del_subject',
- post_action='set_subject',
- rel=self._get_rel('subjects'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects',
- get_action='get_objects',
- post_action='add_object',
- rel=self._get_rel('subjects'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}',
- get_action='get_object',
- delete_action='del_object',
- post_action='set_object',
- rel=self._get_rel('objects'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions',
- get_action='get_actions',
- post_action='add_action',
- rel=self._get_rel('actions'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}',
- get_action='get_action',
- delete_action='del_action',
- post_action='set_action',
- rel=self._get_rel('actions'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects',
+ controller=intra_ext_controller,
+ action='get_subjects',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects',
+ controller=intra_ext_controller,
+ action='add_subject',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}',
+ controller=intra_ext_controller,
+ action='get_subject',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}',
+ controller=intra_ext_controller,
+ action='del_subject',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subjects/{subject_id}',
+ controller=intra_ext_controller,
+ action='set_subject',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects',
+ controller=intra_ext_controller,
+ action='get_objects',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects',
+ controller=intra_ext_controller,
+ action='add_object',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}',
+ controller=intra_ext_controller,
+ action='get_object',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}',
+ controller=intra_ext_controller,
+ action='del_object',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/objects/{object_id}',
+ controller=intra_ext_controller,
+ action='set_object',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions',
+ controller=intra_ext_controller,
+ action='get_actions',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions',
+ controller=intra_ext_controller,
+ action='add_action',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}',
+ controller=intra_ext_controller,
+ action='get_action',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}',
+ controller=intra_ext_controller,
+ action='del_action',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/actions/{action_id}',
+ controller=intra_ext_controller,
+ action='set_action',
+ conditions=dict(method=['POST']))
# Scope route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}',
- get_action='get_subject_scopes',
- post_action='add_subject_scope',
- rel=self._get_rel('subject_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}',
- get_action='get_subject_scope',
- delete_action='del_subject_scope',
- post_action='set_subject_scope',
- rel=self._get_rel('subject_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}',
- get_action='get_object_scopes',
- post_action='add_object_scope',
- rel=self._get_rel('object_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}',
- get_action='get_object_scope',
- delete_action='del_object_scope',
- post_action='set_object_scope',
- rel=self._get_rel('object_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}',
- get_action='get_action_scopes',
- post_action='add_action_scope',
- rel=self._get_rel('action_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}',
- get_action='get_action_scope',
- delete_action='del_action_scope',
- post_action='set_action_scope',
- rel=self._get_rel('action_scope'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}',
+ controller=intra_ext_controller,
+ action='get_subject_scopes',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}',
+ controller=intra_ext_controller,
+ action='add_subject_scope',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}',
+ controller=intra_ext_controller,
+ action='get_subject_scope',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}',
+ controller=intra_ext_controller,
+ action='del_subject_scope',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_scopes/{subject_category_id}/{subject_scope_id}',
+ controller=intra_ext_controller,
+ action='set_subject_scope',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}',
+ controller=intra_ext_controller,
+ action='get_object_scopes',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}',
+ controller=intra_ext_controller,
+ action='add_object_scope',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}',
+ controller=intra_ext_controller,
+ action='get_object_scope',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}',
+ controller=intra_ext_controller,
+ action='del_object_scope',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_scopes/{object_category_id}/{object_scope_id}',
+ controller=intra_ext_controller,
+ action='set_object_scope',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}',
+ controller=intra_ext_controller,
+ action='get_action_scopes',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}',
+ controller=intra_ext_controller,
+ action='add_action_scope',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}',
+ controller=intra_ext_controller,
+ action='get_action_scope',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}',
+ controller=intra_ext_controller,
+ action='del_action_scope',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_scopes/{action_category_id}/{action_scope_id}',
+ controller=intra_ext_controller,
+ action='set_action_scope',
+ conditions=dict(method=['POST']))
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_assignments',
- post_action='add_subject_assignment',
- rel=self._get_rel('subject_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/subject_assignments',
+ controller=intra_ext_controller,
+ action='add_subject_assignment',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'subject_assignments/{subject_id}/{subject_category_id}',
- get_action='get_subject_assignment',
- rel=self._get_rel('subject_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ controller=intra_ext_controller,
+ action='get_subject_assignment',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'subject_assignments/{subject_id}/{subject_category_id}/{subject_scope_id}',
- delete_action='del_subject_assignment',
- rel=self._get_rel('subject_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_assignments',
- post_action='add_object_assignment',
- rel=self._get_rel('object_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ controller=intra_ext_controller,
+ action='del_subject_assignment',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/object_assignments',
+ controller=intra_ext_controller,
+ action='add_object_assignment',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'object_assignments/{object_id}/{object_category_id}',
- get_action='get_object_assignment',
- rel=self._get_rel('object_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ controller=intra_ext_controller,
+ action='get_object_assignment',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'object_assignments/{object_id}/{object_category_id}/{object_scope_id}',
- delete_action='del_object_assignment',
- rel=self._get_rel('object_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_assignments',
- post_action='add_action_assignment',
- rel=self._get_rel('action_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ controller=intra_ext_controller,
+ action='del_object_assignment',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/action_assignments',
+ controller=intra_ext_controller,
+ action='add_action_assignment',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'action_assignments/{action_id}/{action_category_id}',
- get_action='get_action_assignment',
- rel=self._get_rel('action_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
+ controller=intra_ext_controller,
+ action='get_action_assignment',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/'
'action_assignments/{action_id}/{action_category_id}/{action_scope_id}',
- delete_action='del_action_assignment',
- rel=self._get_rel('action_assignments'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ controller=intra_ext_controller,
+ action='del_action_assignment',
+ conditions=dict(method=['DELETE']))
# Metarule route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/aggregation_algorithm',
- post_action='set_aggregation_algorithm',
- get_action='get_aggregation_algorithm',
- rel=self._get_rel('aggregation_algorithms'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules',
- get_action='get_sub_meta_rules',
- post_action='add_sub_meta_rule',
- rel=self._get_rel('sub_meta_rules'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}',
- get_action='get_sub_meta_rule',
- delete_action='del_sub_meta_rule',
- post_action='set_sub_meta_rule',
- rel=self._get_rel('sub_meta_rules'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/aggregation_algorithm',
+ controller=intra_ext_controller,
+ action='get_aggregation_algorithm',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/aggregation_algorithm',
+ controller=intra_ext_controller,
+ action='set_aggregation_algorithm',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules',
+ controller=intra_ext_controller,
+ action='get_sub_meta_rules',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules',
+ controller=intra_ext_controller,
+ action='add_sub_meta_rule',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}',
+ controller=intra_ext_controller,
+ action='get_sub_meta_rule',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}',
+ controller=intra_ext_controller,
+ action='del_sub_meta_rule',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/sub_meta_rules/{sub_meta_rule_id}',
+ controller=intra_ext_controller,
+ action='set_sub_meta_rule',
+ conditions=dict(method=['POST']))
# Rules route
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}',
- get_action='get_rules',
- post_action='add_rule',
- rel=self._get_rel('rules'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
- self._add_resource(
- mapper, intra_ext_controller,
- path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}',
- get_action='get_rule',
- delete_action='del_rule',
- post_action='set_rule',
- rel=self._get_rel('rules'),
- path_vars={
- 'intra_extension_id': self._get_path('intra_extensions'),
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}',
+ controller=intra_ext_controller,
+ action='get_rules',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}',
+ controller=intra_ext_controller,
+ action='add_rule',
+ conditions=dict(method=['POST']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}',
+ controller=intra_ext_controller,
+ action='get_rule',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}',
+ controller=intra_ext_controller,
+ action='del_rule',
+ conditions=dict(method=['DELETE']))
+ mapper.connect(
+ self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}/rule/{sub_meta_rule_id}/{rule_id}',
+ controller=intra_ext_controller,
+ action='set_rule',
+ conditions=dict(method=['POST']))
# Logs route
- self._add_resource(
- mapper, logs_controller,
- path=self.PATH_PREFIX+'/logs',
- get_action='get_logs',
- rel=self._get_rel('logs'),
- path_vars={
- })
- self._add_resource(
- mapper, logs_controller,
- path=self.PATH_PREFIX+'/logs/{options}',
- get_action='get_logs',
- rel=self._get_rel('logs'),
- path_vars={
- })
+ mapper.connect(
+ self.PATH_PREFIX+'/logs',
+ controller=logs_controller,
+ action='get_logs',
+ conditions=dict(method=['GET']))
+ mapper.connect(
+ self.PATH_PREFIX+'/logs/{options}',
+ controller=logs_controller,
+ action='get_logs',
+ conditions=dict(method=['GET']))
# InterExtensions route
- # self._add_resource(
- # mapper, inter_ext_controller,
- # path=self.PATH_PREFIX+'/inter_extensions',
- # get_action='get_inter_extensions',
- # post_action='create_inter_extension',
+ # mapper.connect(
+ # controller=inter_ext_controller,
+ # self.PATH_PREFIX+'/inter_extensions',
+ # action='get_inter_extensions',
+ # action='create_inter_extension',
# rel=self._get_rel('inter_extensions'),
# path_vars={})
- # self._add_resource(
- # mapper, inter_ext_controller,
- # path=self.PATH_PREFIX+'/inter_extensions/{inter_extension_id}',
- # get_action='get_inter_extension',
- # delete_action='delete_inter_extension',
+ # mapper.connect(
+ # controller=inter_ext_controller,
+ # self.PATH_PREFIX+'/inter_extensions/{inter_extension_id}',
+ # action='get_inter_extension',
+ # action='delete_inter_extension',
# rel=self._get_rel('inter_extensions'),
# path_vars={
# 'inter_extension_id': self._get_path('inter_extensions'),
diff --git a/keystone-moon/keystone/contrib/moon/service.py b/keystone-moon/keystone/contrib/moon/service.py
new file mode 100644
index 00000000..cd68e98a
--- /dev/null
+++ b/keystone-moon/keystone/contrib/moon/service.py
@@ -0,0 +1,57 @@
+import functools
+import sys
+
+from oslo_config import cfg
+from oslo_log import log
+from paste import deploy
+import routes
+from keystone.contrib.moon.routers import Routers
+
+from keystone import assignment
+from keystone import auth
+from keystone import catalog
+from keystone.common import wsgi
+from keystone import controllers
+from keystone import credential
+from keystone import endpoint_policy
+from keystone import identity
+from keystone import policy
+from keystone import resource
+from keystone import routers
+from keystone import token
+from keystone import trust
+
+
+CONF = cfg.CONF
+LOG = log.getLogger(__name__)
+
+
+# def loadapp(conf, name):
+# # NOTE(blk-u): Save the application being loaded in the controllers module.
+# # This is similar to how public_app_factory() and v3_app_factory()
+# # register the version with the controllers module.
+# controllers.latest_app = deploy.loadapp(conf, name=name)
+# return controllers.latest_app
+
+
+def fail_gracefully(f):
+ """Logs exceptions and aborts."""
+ @functools.wraps(f)
+ def wrapper(*args, **kw):
+ try:
+ return f(*args, **kw)
+ except Exception as e:
+ LOG.debug(e, exc_info=True)
+
+ # exception message is printed to all logs
+ LOG.critical(e)
+ sys.exit(1)
+
+ return wrapper
+
+
+@fail_gracefully
+def moon_app_factory(global_conf, **local_conf):
+ return wsgi.ComposingRouter(routes.Mapper(),
+ [Routers('moon_service')])
+
diff --git a/keystone-moon/keystone/contrib/moon/wsgi.py b/keystone-moon/keystone/contrib/moon/wsgi.py
new file mode 100644
index 00000000..f2a99633
--- /dev/null
+++ b/keystone-moon/keystone/contrib/moon/wsgi.py
@@ -0,0 +1,8 @@
+from keystone.server import wsgi
+from oslo_log import log
+
+LOG = log.getLogger(__name__)
+
+
+def initialize_moon_application():
+ return wsgi.initialize_application('moon_service')
diff --git a/keystone-moon/setup.cfg b/keystone-moon/setup.cfg
index 2bb79c11..5290d40c 100644
--- a/keystone-moon/setup.cfg
+++ b/keystone-moon/setup.cfg
@@ -74,6 +74,7 @@ console_scripts =
wsgi_scripts =
keystone-wsgi-admin = keystone.server.wsgi:initialize_admin_application
keystone-wsgi-public = keystone.server.wsgi:initialize_public_application
+ keystone-wsgi-moon = keystone.contrib.moon.wsgi:initialize_moon_application
keystone.assignment =
ldap = keystone.assignment.backends.ldap:Assignment
@@ -205,7 +206,6 @@ paste.filter_factory =
token_auth = keystone.middleware:TokenAuthMiddleware.factory
url_normalize = keystone.middleware:NormalizingFilter.factory
user_crud_extension = keystone.contrib.user_crud:CrudExtension.factory
- moon_extension = keystone.contrib.moon.routers:Routers.factory
paste.app_factory =
admin_service = keystone.service:admin_app_factory
@@ -213,3 +213,4 @@ paste.app_factory =
public_service = keystone.service:public_app_factory
public_version_service = keystone.service:public_version_app_factory
service_v3 = keystone.service:v3_app_factory
+ moon_service = keystone.contrib.moon.service:moon_app_factory
diff --git a/keystonemiddleware-moon/keystonemiddleware/moon_agent.py b/keystonemiddleware-moon/keystonemiddleware/moon_agent.py
index de11e3e5..b21d9dbe 100644
--- a/keystonemiddleware-moon/keystonemiddleware/moon_agent.py
+++ b/keystonemiddleware-moon/keystonemiddleware/moon_agent.py
@@ -95,7 +95,7 @@ class MoonAgentKeystoneMiddleware(object):
self.auth_host = conf.get('auth_host', "127.0.0.1")
self.auth_port = int(conf.get('auth_port', 35357))
auth_protocol = conf.get('auth_protocol', 'http')
- self._request_uri = '%s://%s:%s' % (auth_protocol, self.auth_host, # TODO: ??? for auth or authz
+ self._conf["_request_uri"] = '%s://%s:%s' % (auth_protocol, self.auth_host, # TODO: ??? for auth or authz
self.auth_port)
# SSL
@@ -104,16 +104,18 @@ class MoonAgentKeystoneMiddleware(object):
key_file = conf.get('keyfile')
if insecure:
- self._verify = False
+ self._conf["_verify"] = False
elif cert_file and key_file:
- self._verify = (cert_file, key_file)
+ self._conf["_verify"] = (cert_file, key_file)
elif cert_file:
- self._verify = cert_file
+ self._conf["_verify"] = cert_file
else:
- self._verify = None
+ self._conf["_verify"] = None
# Moon registered mgrs
self.local_registered_mgr_dict = dict() # TODO: load from the sql backend
+ from keystonemiddleware.moon_mgrs.authz_mgr.authz_mgr import AuthzMgr
+ self.local_registered_mgr_dict["authz_mgr"] = AuthzMgr(self._conf)
def __set_token(self):
data = self.get_url("/v3/auth/tokens", post_data=self.post_data)
@@ -283,13 +285,13 @@ class MoonAgentKeystoneMiddleware(object):
self.__set_token()
for _mgr in self.local_registered_mgr_dict: # TODO: update from the sql backend
- self.local_registered_mgr_dict[_mgr]['response_content'] = \
+ self.local_registered_mgr_dict[_mgr].response_content = \
json.loads(self.local_registered_mgr_dict[_mgr].treat_request(self.x_subject_token, agent_data).content)
self.__unset_token()
aggregate_result = 1
for _mgr in self.local_registered_mgr_dict:
- if not self.local_registered_mgr_dict[_mgr]['response_content']:
+ if not self.local_registered_mgr_dict[_mgr].response_content:
aggregate_result = 0
if aggregate_result:
diff --git a/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py b/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py
index af519225..0d81a790 100644
--- a/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py
+++ b/keystonemiddleware-moon/keystonemiddleware/moon_mgrs/authz_mgr/authz_mgr.py
@@ -38,6 +38,8 @@ class AuthzMgr(object):
authz_mgr_fh = logging.FileHandler(CONF.moon_authz_mgr["authz_mgr_logfile"])
self._LOG.setLevel(logging.DEBUG)
self._LOG.addHandler(authz_mgr_fh)
+ self._conf = conf
+ self.response_content = ""
def _deny_request(self, code):
error_table = {
@@ -57,7 +59,6 @@ class AuthzMgr(object):
resp.body = error_msg
return resp
-
def treat_request(self, auth_token, agent_data):
if not agent_data['resource_id']:
agent_data['resource_id'] = "servers"
@@ -65,8 +66,8 @@ class AuthzMgr(object):
headers = {'X-Auth-Token': auth_token}
self._LOG.debug('X-Auth-Token={}'.format(auth_token))
try:
- _url ='{}/v3/OS-MOON/authz/{}/{}/{}/{}'.format(
- self._request_uri,
+ _url = '{}/moon/authz/{}/{}/{}/{}'.format(
+ self._conf["_request_uri"],
agent_data['tenant_id'],
agent_data['user_id'],
agent_data['resource_id'],
@@ -74,7 +75,7 @@ class AuthzMgr(object):
self._LOG.info(_url)
response = requests.get(_url,
headers=headers,
- verify=self._verify)
+ verify=self._conf["_verify"])
except requests.exceptions.RequestException as e:
self._LOG.error(_LI('HTTP connection exception: %s'), e)
resp = self._deny_request('InvalidURI')
@@ -93,7 +94,7 @@ class AuthzMgr(object):
elif response.status_code == 200:
answer = json.loads(response.content)
- self._LOG.debug("action_id={}/{}".format(agent_data['OS_component'] , agent_data['action_id']))
+ self._LOG.debug("action_id={}/{}".format(agent_data['OS_component'], agent_data['action_id']))
self._LOG.debug(answer)
if "authz" in answer and answer["authz"]:
return response
diff --git a/moonclient/moonclient/action_assignments.py b/moonclient/moonclient/action_assignments.py
index be2a66da..5625a2f2 100644
--- a/moonclient/moonclient/action_assignments.py
+++ b/moonclient/moonclient/action_assignments.py
@@ -34,7 +34,7 @@ class ActionAssignmentsList(Lister):
return parser
def __get_scope_from_id(self, intraextension_id, action_category_id, action_scope_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(
intraextension_id, action_category_id),
authtoken=True)
if action_scope_id in data:
@@ -43,7 +43,7 @@ class ActionAssignmentsList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_assignments/{}/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_assignments/{}/{}".format(
parsed_args.intraextension, parsed_args.action_id, parsed_args.action_category_id),
authtoken=True)
return (
@@ -84,7 +84,7 @@ class ActionAssignmentsAdd(Command):
return parser
def __get_scope_from_id(self, intraextension_id, action_category_id, action_scope_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(
intraextension_id, action_category_id),
authtoken=True)
if action_scope_id in data:
@@ -93,7 +93,7 @@ class ActionAssignmentsAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_assignments".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_assignments".format(parsed_args.intraextension),
post_data={
"action_id": parsed_args.action_id,
"action_category_id": parsed_args.action_category_id,
@@ -139,7 +139,7 @@ class ActionAssignmentsDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_assignments/{}/{}/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_assignments/{}/{}/{}".format(
parsed_args.intraextension,
parsed_args.action_id,
parsed_args.action_category_id,
diff --git a/moonclient/moonclient/action_categories.py b/moonclient/moonclient/action_categories.py
index f4400c79..bf7cb7e1 100644
--- a/moonclient/moonclient/action_categories.py
+++ b/moonclient/moonclient/action_categories.py
@@ -26,7 +26,7 @@ class ActionCategoriesList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_categories".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(parsed_args.intraextension),
authtoken=True)
return (
("id", "name", "description"),
@@ -61,7 +61,7 @@ class ActionCategoriesAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_categories".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(parsed_args.intraextension),
post_data={
"action_category_name": parsed_args.action_category_name,
"action_category_description": parsed_args.description},
@@ -94,7 +94,7 @@ class ActionCategoriesDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_categories/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories/{}".format(
parsed_args.intraextension,
parsed_args.action_category_id),
method="DELETE",
diff --git a/moonclient/moonclient/action_scopes.py b/moonclient/moonclient/action_scopes.py
index 53ed2604..9ddf8d4e 100644
--- a/moonclient/moonclient/action_scopes.py
+++ b/moonclient/moonclient/action_scopes.py
@@ -31,7 +31,7 @@ class ActionScopesList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(
parsed_args.intraextension, parsed_args.action_category_id),
authtoken=True)
self.log.debug(data)
@@ -73,7 +73,7 @@ class ActionScopesAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(
parsed_args.intraextension, parsed_args.action_category_id),
post_data={
"action_scope_name": parsed_args.action_scope_name,
@@ -113,7 +113,7 @@ class ActionScopesDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}/{}".format(
parsed_args.intraextension,
parsed_args.action_category_id,
parsed_args.action_scope_id
diff --git a/moonclient/moonclient/actions.py b/moonclient/moonclient/actions.py
index f2550579..9fbad13a 100644
--- a/moonclient/moonclient/actions.py
+++ b/moonclient/moonclient/actions.py
@@ -26,7 +26,7 @@ class ActionsList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/actions".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/actions".format(parsed_args.intraextension),
authtoken=True)
return (
("id", "name", "description"),
@@ -61,7 +61,7 @@ class ActionsAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/actions".format(parsed_args.intraextension), # TODO: check method POST?
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/actions".format(parsed_args.intraextension), # TODO: check method POST?
post_data={
"action_name": parsed_args.action_name,
"action_description": parsed_args.description},
@@ -94,7 +94,7 @@ class ActionsDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/actions/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/actions/{}".format(
parsed_args.intraextension,
parsed_args.action_id),
method="DELETE",
diff --git a/moonclient/moonclient/configuration.py b/moonclient/moonclient/configuration.py
index 3a77723c..a05d7151 100644
--- a/moonclient/moonclient/configuration.py
+++ b/moonclient/moonclient/configuration.py
@@ -18,7 +18,7 @@ class TemplatesList(Lister):
return parser
def take_action(self, parsed_args):
- templates = self.app.get_url("/v3/OS-MOON/configuration/templates", authtoken=True)
+ templates = self.app.get_url(self.app.url_prefix+"/configuration/templates", authtoken=True)
return (
("id", "name", "description"),
((template_id, templates[template_id]["name"], templates[template_id]["description"])
@@ -36,7 +36,7 @@ class AggregationAlgorithmsList(Lister):
return parser
def take_action(self, parsed_args):
- templates = self.app.get_url("/v3/OS-MOON/configuration/aggregation_algorithms", authtoken=True)
+ templates = self.app.get_url(self.app.url_prefix+"/configuration/aggregation_algorithms", authtoken=True)
return (
("id", "name", "description"),
((template_id, templates[template_id]["name"], templates[template_id]["description"])
@@ -54,7 +54,7 @@ class SubMetaRuleAlgorithmsList(Lister):
return parser
def take_action(self, parsed_args):
- templates = self.app.get_url("/v3/OS-MOON/configuration/sub_meta_rule_algorithms", authtoken=True)
+ templates = self.app.get_url(self.app.url_prefix+"/configuration/sub_meta_rule_algorithms", authtoken=True)
return (
("id", "name", "description"),
((template_id, templates[template_id]["name"], templates[template_id]["description"])
diff --git a/moonclient/moonclient/intraextension.py b/moonclient/moonclient/intraextension.py
index 24286dd9..f66aabbc 100644
--- a/moonclient/moonclient/intraextension.py
+++ b/moonclient/moonclient/intraextension.py
@@ -26,7 +26,7 @@ class IntraExtensionSelect(Command):
return parser
def take_action(self, parsed_args):
- ie = self.app.get_url("/v3/OS-MOON/intra_extensions", authtoken=True)
+ ie = self.app.get_url(self.app.url_prefix+"/intra_extensions", authtoken=True)
if parsed_args.id in ie.keys():
self.app.intraextension = parsed_args.id
self.app.stdout.write("Select {} IntraExtension.\n".format(self.app.intraextension))
@@ -66,7 +66,7 @@ class IntraExtensionCreate(Command):
"intra_extension_model": parsed_args.policy_model,
"intra_extension_description": parsed_args.description
}
- ie = self.app.get_url("/v3/OS-MOON/intra_extensions", post_data=post_data, authtoken=True)
+ ie = self.app.get_url(self.app.url_prefix+"/intra_extensions", post_data=post_data, authtoken=True)
if "id" not in ie:
raise Exception("Error in command {}".format(ie))
self.app.stdout.write("IntraExtension created: {}\n".format(ie["id"]))
@@ -83,7 +83,7 @@ class IntraExtensionList(Lister):
return parser
def take_action(self, parsed_args):
- ie = self.app.get_url("/v3/OS-MOON/intra_extensions", authtoken=True)
+ ie = self.app.get_url(self.app.url_prefix+"/intra_extensions", authtoken=True)
return (
("id", "name", "model"),
((_id, ie[_id]["name"], ie[_id]["model"]) for _id in ie.keys())
@@ -105,7 +105,7 @@ class IntraExtensionDelete(Command):
return parser
def take_action(self, parsed_args):
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}".format(parsed_args.uuid),
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}".format(parsed_args.uuid),
method="DELETE",
authtoken=True)
@@ -120,7 +120,7 @@ class IntraExtensionInit(Command):
return parser
def take_action(self, parsed_args):
- self.app.get_url("/v3/OS-MOON/intra_extensions/init",
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/init",
method="GET",
authtoken=True)
@@ -145,7 +145,7 @@ class IntraExtensionShow(ShowOne):
if parsed_args.uuid == "selected":
intra_extension_id = self.app.intraextension
self.log.debug("self.app.intraextension={}".format(intra_extension_id))
- ie = self.app.get_url("/v3/OS-MOON/intra_extensions/{}".format(intra_extension_id), authtoken=True)
+ ie = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}".format(intra_extension_id), authtoken=True)
self.log.debug("ie={}".format(ie))
if "id" not in ie:
self.log.error("Unknown intraextension {}".format(intra_extension_id))
diff --git a/moonclient/moonclient/logs.py b/moonclient/moonclient/logs.py
index 36437786..e65a530d 100644
--- a/moonclient/moonclient/logs.py
+++ b/moonclient/moonclient/logs.py
@@ -85,9 +85,9 @@ class LogsList(Lister):
if number:
options.append("event_number={}".format(number))
if len(options) > 0:
- url = "/v3/OS-MOON/logs/{}".format(",".join(options))
+ url = self.app.url_prefix+"/logs/{}".format(",".join(options))
else:
- url = "/v3/OS-MOON/logs"
+ url = self.app.url_prefix+"/logs"
data = self.app.get_url(url, authtoken=True)
return (
("Time", "Message",),
diff --git a/moonclient/moonclient/metarules.py b/moonclient/moonclient/metarules.py
index 8938f890..6727711e 100644
--- a/moonclient/moonclient/metarules.py
+++ b/moonclient/moonclient/metarules.py
@@ -16,7 +16,7 @@ class AggregationAlgorithmsList(Lister):
log = logging.getLogger(__name__)
def __get_aggregation_algorithm_from_id(self, algorithm_id):
- algorithms = self.app.get_url("/v3/OS-MOON/configuration/aggregation_algorithms", authtoken=True)
+ algorithms = self.app.get_url(self.app.url_prefix+"/configuration/aggregation_algorithms", authtoken=True)
if algorithm_id in algorithms:
return algorithms[algorithm_id]
return dict()
@@ -33,7 +33,7 @@ class AggregationAlgorithmsList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/aggregation_algorithm".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/aggregation_algorithm".format(
parsed_args.intraextension),
authtoken=True)
algorithm = self.__get_aggregation_algorithm_from_id(data['aggregation_algorithm'])
@@ -49,7 +49,7 @@ class AggregationAlgorithmSet(Command):
log = logging.getLogger(__name__)
def __get_aggregation_algorithm_from_id(self, algorithm_id):
- algorithms = self.app.get_url("/v3/OS-MOON/configuration/aggregation_algorithms", authtoken=True)
+ algorithms = self.app.get_url(self.app.url_prefix+"/configuration/aggregation_algorithms", authtoken=True)
if algorithm_id in algorithms:
return algorithms[algorithm_id]
return dict()
@@ -76,7 +76,7 @@ class AggregationAlgorithmSet(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/aggregation_algorithm".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/aggregation_algorithm".format(
parsed_args.intraextension),
post_data={
"aggregation_algorithm_id": parsed_args.aggregation_algorithm_id,
@@ -104,19 +104,19 @@ class SubMetaRuleShow(Lister):
return parser
def __get_subject_category_name(self, intraextension, subject_category_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_categories".format(intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(intraextension),
authtoken=True)
if subject_category_id in data:
return data[subject_category_id]["name"]
def __get_object_category_name(self, intraextension, object_category_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_categories".format(intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(intraextension),
authtoken=True)
if object_category_id in data:
return data[object_category_id]["name"]
def __get_action_category_name(self, intraextension, action_category_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_categories".format(intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(intraextension),
authtoken=True)
if action_category_id in data:
return data[action_category_id]["name"]
@@ -124,7 +124,7 @@ class SubMetaRuleShow(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/sub_meta_rules".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules".format(parsed_args.intraextension),
authtoken=True)
return (
("id", "name", "algorithm", "subject categories", "object categories", "action categories"),
@@ -205,7 +205,7 @@ class SubMetaRuleSet(Command):
post_data["sub_meta_rule_subject_categories"] = filter(lambda x: x, subject_category_id)
post_data["sub_meta_rule_object_categories"] = filter(lambda x: x, object_category_id)
post_data["sub_meta_rule_action_categories"] = filter(lambda x: x, action_category_id)
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/sub_meta_rules/{}".format(parsed_args.intraextension,
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules/{}".format(parsed_args.intraextension,
sub_meta_rule_id),
post_data=post_data,
method="POST",
diff --git a/moonclient/moonclient/object_assignments.py b/moonclient/moonclient/object_assignments.py
index b5f89002..0942aa6f 100644
--- a/moonclient/moonclient/object_assignments.py
+++ b/moonclient/moonclient/object_assignments.py
@@ -34,7 +34,7 @@ class ObjectAssignmentsList(Lister):
return parser
def __get_scope_from_id(self, intraextension_id, object_category_id, object_scope_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(
intraextension_id, object_category_id),
authtoken=True)
if object_scope_id in data:
@@ -43,7 +43,7 @@ class ObjectAssignmentsList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_assignments/{}/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_assignments/{}/{}".format(
parsed_args.intraextension, parsed_args.object_id, parsed_args.object_category_id),
authtoken=True)
return (
@@ -84,7 +84,7 @@ class ObjectAssignmentsAdd(Command):
return parser
def __get_scope_from_id(self, intraextension_id, object_category_id, object_scope_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(
intraextension_id, object_category_id),
authtoken=True)
if object_scope_id in data:
@@ -93,7 +93,7 @@ class ObjectAssignmentsAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_assignments".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_assignments".format(parsed_args.intraextension),
post_data={
"object_id": parsed_args.object_id,
"object_category_id": parsed_args.object_category_id,
@@ -139,7 +139,7 @@ class ObjectAssignmentsDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_assignments/{}/{}/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_assignments/{}/{}/{}".format(
parsed_args.intraextension,
parsed_args.object_id,
parsed_args.object_category_id,
diff --git a/moonclient/moonclient/object_categories.py b/moonclient/moonclient/object_categories.py
index c86586f3..5641f4bf 100644
--- a/moonclient/moonclient/object_categories.py
+++ b/moonclient/moonclient/object_categories.py
@@ -26,7 +26,7 @@ class ObjectCategoriesList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_categories".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(parsed_args.intraextension),
authtoken=True)
return (
("id", "name", "description"),
@@ -61,7 +61,7 @@ class ObjectCategoriesAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_categories".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(parsed_args.intraextension),
post_data={
"object_category_name": parsed_args.object_category_name,
"object_category_description": parsed_args.description},
@@ -94,7 +94,7 @@ class ObjectCategoriesDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_categories/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories/{}".format(
parsed_args.intraextension,
parsed_args.object_category_id),
method="DELETE",
diff --git a/moonclient/moonclient/object_scopes.py b/moonclient/moonclient/object_scopes.py
index 0fbd757d..41b9aef6 100644
--- a/moonclient/moonclient/object_scopes.py
+++ b/moonclient/moonclient/object_scopes.py
@@ -31,7 +31,7 @@ class ObjectScopesList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(
parsed_args.intraextension, parsed_args.object_category_id),
authtoken=True)
self.log.debug(data) # TODO: why log here?
@@ -73,7 +73,7 @@ class ObjectScopesAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(
parsed_args.intraextension, parsed_args.object_category_id),
post_data={
"object_scope_name": parsed_args.object_scope_name,
@@ -113,7 +113,7 @@ class ObjectScopesDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}/{}".format(
parsed_args.intraextension,
parsed_args.object_category_id,
parsed_args.object_scope_id
diff --git a/moonclient/moonclient/objects.py b/moonclient/moonclient/objects.py
index 0f6fef06..0fc04ab8 100644
--- a/moonclient/moonclient/objects.py
+++ b/moonclient/moonclient/objects.py
@@ -26,7 +26,7 @@ class ObjectsList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/objects".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/objects".format(parsed_args.intraextension),
authtoken=True)
return (
("id", "name", "description"),
@@ -61,7 +61,7 @@ class ObjectsAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/objects".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/objects".format(parsed_args.intraextension),
post_data={
"object_name": parsed_args.object_name,
"object_description": parsed_args.description},
@@ -94,7 +94,7 @@ class ObjectsDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/objects/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/objects/{}".format(
parsed_args.intraextension,
parsed_args.object_id),
method="DELETE",
diff --git a/moonclient/moonclient/rules.py b/moonclient/moonclient/rules.py
index 682c830d..207533a8 100644
--- a/moonclient/moonclient/rules.py
+++ b/moonclient/moonclient/rules.py
@@ -30,39 +30,39 @@ class RulesList(Lister):
return parser
def __get_subject_category_name(self, intraextension, category_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_categories".format(intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(intraextension),
authtoken=True)
if category_id in data:
return data[category_id]["name"]
def __get_object_category_name(self, intraextension, category_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_categories".format(intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_categories".format(intraextension),
authtoken=True)
if category_id in data:
return data[category_id]["name"]
def __get_action_category_name(self, intraextension, category_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_categories".format(intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_categories".format(intraextension),
authtoken=True)
if category_id in data:
return data[category_id]["name"]
def __get_subject_scope_name(self, intraextension, category_id, scope_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format(intraextension, category_id),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(intraextension, category_id),
authtoken=True)
if scope_id in data:
return data[scope_id]["name"]
return scope_id
def __get_object_scope_name(self, intraextension, category_id, scope_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format(intraextension, category_id),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(intraextension, category_id),
authtoken=True)
if scope_id in data:
return data[scope_id]["name"]
return scope_id
def __get_action_scope_name(self, intraextension, category_id, scope_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format(intraextension, category_id),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(intraextension, category_id),
authtoken=True)
if scope_id in data:
return data[scope_id]["name"]
@@ -72,7 +72,7 @@ class RulesList(Lister):
headers = list()
headers.append("")
headers.append("id")
- self.sub_meta_rules = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/sub_meta_rules".format(intraextension),
+ self.sub_meta_rules = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules".format(intraextension),
authtoken=True)
for cat in self.sub_meta_rules[submetarule_id]["subject_categories"]:
headers.append("s:" + self.__get_subject_category_name(intraextension, cat))
@@ -105,7 +105,7 @@ class RulesList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/rule/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/rule/{}".format(
parsed_args.intraextension,
parsed_args.submetarule_id,
),
@@ -144,7 +144,7 @@ class RuleAdd(Command):
return parser
def __get_subject_scope_id(self, intraextension, category_id, scope_name):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format(intraextension, category_id),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(intraextension, category_id),
authtoken=True)
self.log.debug("__get_subject_scope_id {}".format(data))
for scope_id in data:
@@ -153,7 +153,7 @@ class RuleAdd(Command):
return scope_name
def __get_object_scope_id(self, intraextension, category_id, scope_name):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/object_scopes/{}".format(intraextension, category_id),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/object_scopes/{}".format(intraextension, category_id),
authtoken=True)
self.log.debug("__get_action_scope_id {}".format(data))
for scope_id in data:
@@ -162,7 +162,7 @@ class RuleAdd(Command):
return scope_name
def __get_action_scope_id(self, intraextension, category_id, scope_name):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/action_scopes/{}".format(intraextension, category_id),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/action_scopes/{}".format(intraextension, category_id),
authtoken=True)
self.log.debug("__get_object_scope_id {}".format(data))
for scope_id in data:
@@ -173,7 +173,7 @@ class RuleAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.sub_meta_rules = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/sub_meta_rules".format(
+ self.sub_meta_rules = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/sub_meta_rules".format(
parsed_args.intraextension),
authtoken=True)
new_rule = map(lambda x: x.strip(), parsed_args.rule.split(","))
@@ -198,7 +198,7 @@ class RuleAdd(Command):
post["object_categories"].append(self.__get_object_scope_id(
parsed_args.intraextension, cat, new_rule.pop(0))
)
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/rule/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/rule/{}".format(
parsed_args.intraextension, parsed_args.submetarule_id),
post_data=post,
authtoken=True)
@@ -232,7 +232,7 @@ class RuleDelete(Command):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
self.app.get_url(
- "/v3/OS-MOON/intra_extensions/{intra_extensions_id}/rule/{submetarule_id}/{rule_id}".format(
+ self.app.url_prefix+"/intra_extensions/{intra_extensions_id}/rule/{submetarule_id}/{rule_id}".format(
intra_extensions_id=parsed_args.intraextension,
submetarule_id=parsed_args.submetarule_id,
rule_id=parsed_args.rule_id
diff --git a/moonclient/moonclient/shell.py b/moonclient/moonclient/shell.py
index 1be1a42a..ce2b0102 100644
--- a/moonclient/moonclient/shell.py
+++ b/moonclient/moonclient/shell.py
@@ -32,13 +32,14 @@ class MoonClient(App):
log = logging.getLogger(__name__)
x_subject_token = None
host = "localhost"
- port = "35357"
+ port = "35358"
tenant = None
_intraextension = None
_tenant_id = None
_tenant_name = None
secureprotocol = False
user_saving_file = ".moonclient"
+ url_prefix = "/moon"
post = {
"auth": {
"identity": {
@@ -112,7 +113,7 @@ class MoonClient(App):
def tenant_id(self):
if not self._tenant_id:
self._tenant_id = self.get_url("/v3/projects?name={}".format(self._tenant_name),
- authtoken=True)["projects"][0]["id"]
+ authtoken=True, port=5000)["projects"][0]["id"]
return self._tenant_id
@property
@@ -129,16 +130,18 @@ class MoonClient(App):
open(os.path.join(os.getenv('HOME'), self.user_saving_file), "w").write(value)
def get_tenant_uuid(self, tenant_name):
- return self.get_url("/v3/projects?name={}".format(tenant_name), authtoken=True)["projects"][0]["id"]
+ return self.get_url("/v3/projects?name={}".format(tenant_name), authtoken=True, port=5000)["projects"][0]["id"]
- def get_url(self, url, post_data=None, delete_data=None, method="GET", authtoken=None):
+ def get_url(self, url, post_data=None, delete_data=None, method="GET", authtoken=None, port=None):
if post_data:
method = "POST"
if delete_data:
method = "DELETE"
self.log.debug("\033[32m{} {}\033[m".format(method, url))
# TODO: we must manage authentication and requests with secure protocol (ie. HTTPS)
- conn = httplib.HTTPConnection(self.host, self.port)
+ if not port:
+ port = self.port
+ conn = httplib.HTTPConnection(self.host, port)
self.log.debug("Host: {}:{}".format(self.host, self.port))
headers = {
"Content-type": "application/x-www-form-urlencoded",
diff --git a/moonclient/moonclient/subject_assignments.py b/moonclient/moonclient/subject_assignments.py
index 5ca31291..ec5e9549 100644
--- a/moonclient/moonclient/subject_assignments.py
+++ b/moonclient/moonclient/subject_assignments.py
@@ -34,7 +34,7 @@ class SubjectAssignmentsList(Lister):
return parser
def __get_scope_from_id(self, intraextension_id, subject_category_id, subject_scope_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(
intraextension_id, subject_category_id),
authtoken=True)
if subject_scope_id in data:
@@ -43,7 +43,7 @@ class SubjectAssignmentsList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_assignments/{}/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_assignments/{}/{}".format(
parsed_args.intraextension, parsed_args.subject_id, parsed_args.subject_category_id),
authtoken=True)
return (
@@ -84,7 +84,7 @@ class SubjectAssignmentsAdd(Command):
return parser
def __get_scope_from_id(self, intraextension_id, subject_category_id, subject_scope_id):
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(
intraextension_id, subject_category_id),
authtoken=True)
if subject_scope_id in data:
@@ -93,7 +93,7 @@ class SubjectAssignmentsAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_assignments".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_assignments".format(parsed_args.intraextension),
post_data={
"subject_id": parsed_args.subject_id,
"subject_category_id": parsed_args.subject_category_id,
@@ -139,7 +139,7 @@ class SubjectAssignmentsDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_assignments/{}/{}/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_assignments/{}/{}/{}".format(
parsed_args.intraextension,
parsed_args.subject_id,
parsed_args.subject_category_id,
diff --git a/moonclient/moonclient/subject_categories.py b/moonclient/moonclient/subject_categories.py
index e7ecfe6a..810b0b5f 100644
--- a/moonclient/moonclient/subject_categories.py
+++ b/moonclient/moonclient/subject_categories.py
@@ -26,7 +26,7 @@ class SubjectCategoriesList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_categories".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(parsed_args.intraextension),
authtoken=True)
return (
("id", "name", "description"),
@@ -61,7 +61,7 @@ class SubjectCategoriesAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_categories".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories".format(parsed_args.intraextension),
post_data={
"subject_category_name": parsed_args.subject_category_name,
"subject_category_description": parsed_args.description},
@@ -94,7 +94,7 @@ class SubjectCategoriesDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_categories/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_categories/{}".format(
parsed_args.intraextension,
parsed_args.subject_category_id),
method="DELETE",
diff --git a/moonclient/moonclient/subject_scopes.py b/moonclient/moonclient/subject_scopes.py
index f960a1d0..90cc5dcc 100644
--- a/moonclient/moonclient/subject_scopes.py
+++ b/moonclient/moonclient/subject_scopes.py
@@ -31,7 +31,7 @@ class SubjectScopesList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(
parsed_args.intraextension,
parsed_args.subject_category_id),
authtoken=True)
@@ -73,7 +73,7 @@ class SubjectScopesAdd(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}".format(
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}".format(
parsed_args.intraextension, parsed_args.subject_category_id),
post_data={
"subject_scope_name": parsed_args.subject_scope_name,
@@ -113,7 +113,7 @@ class SubjectScopesDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subject_scopes/{}/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subject_scopes/{}/{}".format(
parsed_args.intraextension,
parsed_args.subject_category_id,
parsed_args.subject_scope_id
diff --git a/moonclient/moonclient/subjects.py b/moonclient/moonclient/subjects.py
index 29ce745d..8203cd92 100644
--- a/moonclient/moonclient/subjects.py
+++ b/moonclient/moonclient/subjects.py
@@ -27,7 +27,7 @@ class SubjectsList(Lister):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subjects".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subjects".format(parsed_args.intraextension),
authtoken=True)
return (
("id", "name", "Keystone ID"),
@@ -74,7 +74,7 @@ class SubjectsAdd(Command):
parsed_args.intraextension = self.app.intraextension
if not parsed_args.password:
parsed_args.password = getpass.getpass("Password for user {}:".format(parsed_args.subject_name))
- data = self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subjects".format(parsed_args.intraextension),
+ data = self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subjects".format(parsed_args.intraextension),
post_data={
"subject_name": parsed_args.subject_name,
"subject_description": parsed_args.description,
@@ -110,7 +110,7 @@ class SubjectsDelete(Command):
def take_action(self, parsed_args):
if not parsed_args.intraextension:
parsed_args.intraextension = self.app.intraextension
- self.app.get_url("/v3/OS-MOON/intra_extensions/{}/subjects/{}".format(
+ self.app.get_url(self.app.url_prefix+"/intra_extensions/{}/subjects/{}".format(
parsed_args.intraextension,
parsed_args.subject_id
),
diff --git a/moonclient/moonclient/tenants.py b/moonclient/moonclient/tenants.py
index b2e0aafa..99c6e501 100644
--- a/moonclient/moonclient/tenants.py
+++ b/moonclient/moonclient/tenants.py
@@ -19,7 +19,7 @@ class TenantList(Lister):
return parser
def take_action(self, parsed_args):
- tenants = self.app.get_url("/v3/OS-MOON/tenants", authtoken=True)
+ tenants = self.app.get_url(self.app.url_prefix+"/tenants", authtoken=True)
self.log.debug(tenants)
return (
("id", "name", "description", "intra_authz_extension_id", "intra_admin_extension_id"),
@@ -72,7 +72,7 @@ class TenantAdd(Command):
post_data["tenant_intra_admin_extension_id"] = parsed_args.admin
if parsed_args.desc:
post_data["tenant_description"] = parsed_args.desc
- tenants = self.app.get_url("/v3/OS-MOON/tenants",
+ tenants = self.app.get_url(self.app.url_prefix+"/tenants",
post_data=post_data,
authtoken=True)
return (
@@ -103,7 +103,7 @@ class TenantShow(Command):
return parser
def take_action(self, parsed_args):
- tenants = self.app.get_url("/v3/OS-MOON/tenants/{}".format(parsed_args.tenant_name),
+ tenants = self.app.get_url(self.app.url_prefix+"/tenants/{}".format(parsed_args.tenant_name),
authtoken=True)
return (
("id", "name", "description", "intra_authz_extension_id", "intra_admin_extension_id"),
@@ -164,7 +164,7 @@ class TenantSet(Command):
post_data["tenant_intra_admin_extension_id"] = parsed_args.admin
if parsed_args.desc is not None:
post_data["tenant_description"] = parsed_args.desc
- tenants = self.app.get_url("/v3/OS-MOON/tenants/{}".format(post_data["tenant_id"]),
+ tenants = self.app.get_url(self.app.url_prefix+"/tenants/{}".format(post_data["tenant_id"]),
post_data=post_data,
authtoken=True)
return (
@@ -195,6 +195,6 @@ class TenantDelete(Command):
return parser
def take_action(self, parsed_args):
- self.app.get_url("/v3/OS-MOON/tenants/{}".format(parsed_args.tenant_id),
+ self.app.get_url(self.app.url_prefix+"/tenants/{}".format(parsed_args.tenant_id),
method="DELETE",
authtoken=True)
diff --git a/moonclient/moonclient/tests.py b/moonclient/moonclient/tests.py
index 3bef6b9d..bace73af 100644
--- a/moonclient/moonclient/tests.py
+++ b/moonclient/moonclient/tests.py
@@ -81,20 +81,24 @@ class TestsLaunch(Lister):
result_ok = True
# self.log.info(result_id)
# self.log.info(result_values[1])
+ log_filename = ""
for value in result_values[1]:
if "False" in value[2]:
result_ok = False
- break
+ if "Overall results" in value[1]:
+ log_filename = value[3]
if result_ok:
- results.append((result_id, "\033[32mTrue\033[m"))
+ results.append((result_id, "\033[32mTrue\033[m", log_filename))
else:
- results.append((result_id, "\033[1m\033[31mFalse\033[m"))
+ results.append((result_id, "\033[1m\033[31mFalse\033[m", log_filename))
return (
- ("filename", "results"),
+ ("filename", "results", "log file"),
results
)
def test_file(self, testfile):
+ self.logfile_name = "/tmp/moonclient_test_{}.log".format(time.strftime("%Y%m%d-%H%M%S"))
+ self.logfile = open(self.logfile_name, "w")
stdout_back = self.app.stdout
tests_dict = json.load(open(testfile))
self.log.debug("tests_dict = {}".format(tests_dict))