diff options
Diffstat (limited to 'keystone-moon/keystone/contrib')
-rw-r--r-- | keystone-moon/keystone/contrib/moon/backends/__init__.py | 5 | ||||
-rw-r--r-- | keystone-moon/keystone/contrib/moon/backends/memory.py | 29 | ||||
-rw-r--r-- | keystone-moon/keystone/contrib/moon/backends/sql.py | 73 | ||||
-rw-r--r-- | keystone-moon/keystone/contrib/moon/controllers.py | 63 | ||||
-rw-r--r-- | keystone-moon/keystone/contrib/moon/core.py | 104 | ||||
-rw-r--r-- | keystone-moon/keystone/contrib/moon/exception.py | 7 | ||||
-rw-r--r-- | keystone-moon/keystone/contrib/moon/routers.py | 22 |
7 files changed, 138 insertions, 165 deletions
diff --git a/keystone-moon/keystone/contrib/moon/backends/__init__.py b/keystone-moon/keystone/contrib/moon/backends/__init__.py index b86dae19..f880dbb6 100644 --- a/keystone-moon/keystone/contrib/moon/backends/__init__.py +++ b/keystone-moon/keystone/contrib/moon/backends/__init__.py @@ -43,10 +43,10 @@ subject_scopes = { subject_category_id1: { subject_scope_id1: { name: xxx, - des: aaa}, + description: aaa}, subject_scope_id2: { name: yyy, - des: bbb}, + description: bbb}, ...}, subject_category_id2: {...}, ... @@ -65,6 +65,7 @@ subject_assignments = { }, ... } + aggregation_algorithm = aggregation_algorithm_id sub_meta_rules = { diff --git a/keystone-moon/keystone/contrib/moon/backends/memory.py b/keystone-moon/keystone/contrib/moon/backends/memory.py index 727ac21e..95152386 100644 --- a/keystone-moon/keystone/contrib/moon/backends/memory.py +++ b/keystone-moon/keystone/contrib/moon/backends/memory.py @@ -4,6 +4,8 @@ # or at 'http://www.apache.org/licenses/LICENSE-2.0'. from uuid import uuid4 +from glob import glob +import os from keystone import config from keystone.contrib.moon.core import ConfigurationDriver from keystone.contrib.moon.core import TenantDriver @@ -19,14 +21,17 @@ class ConfigurationConnector(ConfigurationDriver): def __init__(self): super(ConfigurationConnector, self).__init__() self.aggregation_algorithm_dict = dict() - self.aggregation_algorithm_dict[uuid4()] = "all_true" + self.aggregation_algorithm_dict[uuid4().hex] = "all_true" self.sub_meta_rule_algorithm_dict = dict() - self.sub_meta_rule_algorithm_dict[uuid4()] = "inclusion" - self.sub_meta_rule_algorithm_dict[uuid4()] = "comparison" + self.sub_meta_rule_algorithm_dict[uuid4().hex] = "inclusion" + self.sub_meta_rule_algorithm_dict[uuid4().hex] = "comparison" - def get_policy_templete_dict(self): - # TODO (dthom) - pass + def get_policy_template_dict(self): + nodes = glob(os.path.join(CONF.moon.policy_directory, "*")) + return { + "authz_templates": + [os.path.basename(n) for n in nodes if os.path.isdir(n)] + } def get_aggregation_algorithm_dict(self): return self.aggregation_algorithm_dict @@ -34,18 +39,6 @@ class ConfigurationConnector(ConfigurationDriver): def get_sub_meta_rule_algorithm_dict(self): return self.sub_meta_rule_algorithm_dict - -class TenantConnector(TenantDriver): - - def get_tenant_dict(self): - # TODO (dthom) - pass - - def set_tenant(self, tenant_id, tenant_name, intra_authz_ext_id, intra_admin_ext_id): - # TODO (dthom) - pass - - # class SuperExtensionConnector(SuperExtensionDriver): # # def __init__(self): diff --git a/keystone-moon/keystone/contrib/moon/backends/sql.py b/keystone-moon/keystone/contrib/moon/backends/sql.py index ac459d4c..d62cf162 100644 --- a/keystone-moon/keystone/contrib/moon/backends/sql.py +++ b/keystone-moon/keystone/contrib/moon/backends/sql.py @@ -23,11 +23,9 @@ LOG = log.getLogger(__name__) class IntraExtension(sql.ModelBase, sql.DictBase): __tablename__ = 'intra_extensions' - attributes = ['id', 'name', 'model', 'description'] + attributes = ['id', 'intra_extension'] id = sql.Column(sql.String(64), primary_key=True) - name = sql.Column(sql.String(64), nullable=False) - model = sql.Column(sql.String(64), nullable=True) - description = sql.Column(sql.Text()) + intra_extension = sql.Column(sql.JsonBlob(), nullable=True) @classmethod def from_dict(cls, d): @@ -40,15 +38,9 @@ class IntraExtension(sql.ModelBase, sql.DictBase): class Tenant(sql.ModelBase, sql.DictBase): __tablename__ = 'tenants' - # attributes = ['id', 'tenant', 'intra_authz_extension_id', 'intra_adminextension_id'] attributes = ['id', 'tenant'] id = sql.Column(sql.String(64), primary_key=True, nullable=False) tenant = sql.Column(sql.JsonBlob(), nullable=True) - # intra_authz_extension_id = sql.Column(sql.ForeignKey("intra_extensions.id"), nullable=False) - # intra_admin_extension_id = sql.Column(sql.ForeignKey("intra_extensions.id"), nullable=False) - # name = sql.Column(sql.String(128), nullable=True) - # authz = sql.Column(sql.String(64), nullable=True) - # admin = sql.Column(sql.String(64), nullable=True) @classmethod def from_dict(cls, d): @@ -336,50 +328,45 @@ __all_objects__ = ( class TenantConnector(TenantDriver): - def get_tenant_dict(self): + def get_tenants_dict(self): with sql.transaction() as session: query = session.query(Tenant) - # query = query.filter_by(uuid=tenant_uuid) - # ref = query.first().to_dict() tenants = query.all() return {tenant.id: Tenant.to_dict(tenant) for tenant in tenants} - def add_tenant(self, tenant_id, tenant_name, intra_authz_ext_id, intra_admin_ext_id): - pass + def add_tenant_dict(self, tenant_id, tenant_dict): + with sql.transaction() as session: + new_ref = Tenant.from_dict( + { + "id": tenant_id, + 'tenant': tenant_dict + } + ) + session.add(new_ref) + return new_ref.to_dict() def del_tenant(self, tenant_id): - pass + with sql.transaction() as session: + query = session.query(Tenant) + query = query.filter_by(id=tenant_id) + tenant = query.first() + session.delete(tenant) - # TODO: def set_tenant(self, tenant_id, tenant_name, intra_authz_ext_id, intra_admin_ext_id) - def set_tenant_dict(self, tenant): + def set_tenant_dict(self, tenant_id, tenant_dict): with sql.transaction() as session: - uuid = tenant.keys()[0] query = session.query(Tenant) - query = query.filter_by(id=uuid) + query = query.filter_by(id=tenant_id) ref = query.first() - if not ref: - # if not result, create the database line - ref = Tenant.from_dict(tenant) - session.add(ref) - return Tenant.to_dict(ref) - elif not tenant[uuid]["authz"] and not tenant[uuid]["admin"]: - # if admin and authz extensions are not set, delete the mapping - session.delete(ref) - return - elif tenant[uuid]["authz"] or tenant[uuid]["admin"]: - tenant_ref = ref.to_dict() - tenant_ref.update(tenant[uuid]) - new_tenant = Tenant( - id=uuid, - name=tenant[uuid]["name"], - authz=tenant[uuid]["intra_authz_extension_id"], - admin=tenant[uuid]["intra_admin_extension_id"], - ) - for attr in Tenant.attributes: - if attr != 'id': - setattr(ref, attr, getattr(new_tenant, attr)) - return Tenant.to_dict(ref) - raise TenantException() + tenant_ref = ref.to_dict() + tenant_ref.update(tenant_dict) + new_tenant = Tenant( + id=tenant_id, + tenant=tenant_ref + ) + for attr in Tenant.attributes: + if attr != 'id': + setattr(ref, attr, getattr(new_tenant, attr)) + return Tenant.to_dict(ref) class IntraExtensionConnector(IntraExtensionDriver): diff --git a/keystone-moon/keystone/contrib/moon/controllers.py b/keystone-moon/keystone/contrib/moon/controllers.py index e4551825..817dd880 100644 --- a/keystone-moon/keystone/contrib/moon/controllers.py +++ b/keystone-moon/keystone/contrib/moon/controllers.py @@ -30,15 +30,9 @@ class Configuration(controller.V3Controller): return token_ref.get('user') @controller.protected() - def get_policy_templetes(self, context, **kw): + def get_policy_templates(self, context, **kw): user_id = self._get_user_uuid_from_token(context.get("token_id")) - # TODO: belowing code should be move to core.py - # TODO: return self.configuration_api_get_policy_templete_dict(user_id) - nodes = glob.glob(os.path.join(CONF.moon.policy_directory, "*")) - return { - "authz_templetes": - [os.path.basename(n) for n in nodes if os.path.isdir(n)] - } + return self.configuration_api_get_policy_templete_dict(user_id) @controller.protected() def get_aggregation_algorithms(self, context, **kw): @@ -75,22 +69,24 @@ class Tenants(controller.V3Controller): @controller.protected() def get_tenants(self, context, **kw): user_id = self._get_user_id_from_token(context.get("token_id")) - return self.tenant_api.get_tenant_dict(user_id) + return self.tenant_api.get_tenants_dict(user_id) @controller.protected() def add_tenant(self, context, **kw): user_id = self._get_user_id_from_token(context.get("token_id")) # TODO: get tenant name from keystone - tenant_name = kw.get("tenant_name") - intra_authz_ext_id = kw.get("intra_authz_ext_id") - intra_admin_ext_id = kw.get("intra_admin_ext_id") - return self.tenant_api.add_tenant(user_id, tenant_name, intra_authz_ext_id, intra_admin_ext_id) + tenant_dict = dict() + tenant_dict['name'] = kw.get("name") + tenant_dict['description'] = kw.get("description") + tenant_dict['intra_authz_ext_id'] = kw.get("intra_authz_ext_id") + tenant_dict['intra_admin_ext_id'] = kw.get("intra_admin_ext_id") + return self.tenant_api.add_tenant_dict(user_id, tenant_dict) @controller.protected() def get_tenant(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) tenant_id = kw.get("tenant_id") - return self.tenant_api.get_tenant(user_id, tenant_id) + return self.tenant_api.get_tenants_dict(user_id, tenant_id) @controller.protected() def del_tenant(self, context, **kw): @@ -98,19 +94,15 @@ class Tenants(controller.V3Controller): tenant_id = kw.get("tenant_id") return self.tenant_api.del_tenant(user_id, tenant_id) - """def load_tenant(self, context, **kw): + def set_tenant(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) - tenant_id = kw["tenant_id"] - tenant_name = self.resource_api.get_project(tenant_id)["name"] - intra_authz_ext_id = kw.get("intra_authz_ext_id") - intra_admin_ext_id = kw.get("intra_admin_ext_id") - self.tenant_api.add_tenant_dict( - user_id, - tenant_id, - tenant_name, - intra_authz_ext_id, - intra_admin_ext_id) - """ + tenant_id = kw["id"] + tenant_dict = dict() + tenant_dict['name'] = kw.get("name") + tenant_dict['description'] = kw.get("description") + tenant_dict['intra_authz_ext_id'] = kw.get("intra_authz_ext_id") + tenant_dict['intra_admin_ext_id'] = kw.get("intra_admin_ext_id") + self.tenant_api.set_tenant_dict(user_id, tenant_id, tenant_dict) @dependency.requires('authz_api') @@ -123,8 +115,6 @@ class Authz_v3(controller.V3Controller): def get_authz(self, context, tenant_name, subject_name, object_name, action_name): try: return self.authz_api.authz(tenant_name, subject_name, object_name, action_name) - except TenantUnknown: - return True except: return False @@ -146,13 +136,12 @@ class IntraExtensions(controller.V3Controller): @controller.protected() def get_intra_extensions(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) - return self.admin_api.get_intra_extension_dict(user_id) + return self.admin_api.get_intra_extensions_dict(user_id) @controller.protected() def add_intra_extension(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) intra_extension_dict = dict() - # TODO: replace kw by a tangible dict with known variables intra_extension_dict["intra_extension_name"] = kw.get("intra_extension_name", dict()) intra_extension_dict["subject_categories"] = kw.get("subject_categories", dict()) intra_extension_dict["object_categories"] = kw.get("object_categories", dict()) @@ -172,10 +161,10 @@ class IntraExtensions(controller.V3Controller): return self.admin_api.load_intra_extension_dict(user_id, intra_extension_dict) @controller.protected() - def get_intra_extension(self, context, **kw): + def get_intra_extension_dict(self, context, **kw): user_id = self._get_user_id_from_token(context.get('token_id')) ie_id = kw.get('intra_extension_id', None) - return self.admin_api.get_intra_extension_dict(user_id)[ie_id] + return self.admin_api.get_intra_extensions_dict(user_id)[ie_id] @controller.protected() def del_intra_extension(self, context, **kw): @@ -183,7 +172,15 @@ class IntraExtensions(controller.V3Controller): if "ie_id" not in kw: raise IntraExtensionUnknown ie_id = kw.get('intra_extension_id', None) - return self.admin_api.del_intra_extension(user_id, ie_id) + self.admin_api.del_intra_extension(user_id, ie_id) + + @controller.protected() + def set_intra_extension(self, context, **kw): + user_id = self._get_user_id_from_token(context.get('token_id')) + if "ie_id" not in kw: + raise IntraExtensionUnknown + ie_id = kw.get('intra_extension_id', None) + self.admin_api.set_intra_extension(user_id, ie_id) # Metadata functions @controller.protected() diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py index 524cc420..b65a613d 100644 --- a/keystone-moon/keystone/contrib/moon/core.py +++ b/keystone-moon/keystone/contrib/moon/core.py @@ -24,7 +24,7 @@ from keystone.contrib.moon.algorithms import * CONF = config.CONF LOG = log.getLogger(__name__) -DEFAULT_USER = uuid4().hex() # default user_id for internal invocation +DEFAULT_USER = uuid4().hex # default user_id for internal invocation _OPTS = [ @@ -119,7 +119,7 @@ def filter_input(data): @dependency.provider('configuration_api') -@dependency.requires('moonlog_api') # TODO: log should be totally removed to exception.py +@dependency.requires('moonlog_api') class ConfigurationManager(manager.Manager): def __init__(self): @@ -175,13 +175,13 @@ class ConfigurationManager(manager.Manager): @dependency.provider('tenant_api') -@dependency.requires('moonlog_api') # TODO: log should be totally removed to exception.py +@dependency.requires('moonlog_api') class TenantManager(manager.Manager): def __init__(self): super(TenantManager, self).__init__(CONF.moon.tenant_driver) - def get_tenant_dict(self, user_id): + def get_tenants_dict(self, user_id): """ Return a dictionary with all tenants :return: { @@ -196,48 +196,45 @@ class TenantManager(manager.Manager): } """ # TODO: check user right with user_id in SuperExtension - tenant_dict = self.driver.get_tenant_dict() - # TODO: check whether we need this exception - if not tenant_dict: - raise TenantDictEmpty() - return tenant_dict + return self.driver.get_tenants_dict() - def add_tenant(self, user_id, tenant_name, intra_authz_ext_id, intra_admin_ext_id): + def add_tenant_dict(self, user_id, tenant_dict): # TODO: check user right with user_id in SuperExtension - tenant_dict = self.driver.get_tenant_dict() - for tenant_id in tenant_dict: - if tenant_dict[tenant_id]['name'] is tenant_name: + tenants_dict = self.driver.get_tenants_dict() + for tenant_id in tenants_dict: + if tenants_dict[tenant_id]['name'] is tenant_dict['name']: raise TenantAddedNameExisting() - return self.driver.add_tenant(uuid4().hex(), tenant_name, intra_authz_ext_id, intra_admin_ext_id) + return self.driver.add_tenant_dict(uuid4().hex, tenant_dict) - def get_tenant(self, user_id, tenant_id): + def get_tenant_dict(self, user_id, tenant_id): # TODO: check user right with user_id in SuperExtension - tenant_dict = self.driver.get_tenant_dict() - if tenant_id not in tenant_dict: + tenants_dict = self.driver.get_tenants_dict() + if tenant_id not in tenants_dict: raise TenantUnknown() - return tenant_dict[tenant_id] + return tenants_dict[tenant_id] def del_tenant(self, user_id, tenant_id): # TODO: check user right with user_id in SuperExtension - if tenant_id not in self.driver.get_tenant_dict(): + if tenant_id not in self.driver.get_tenants_dict(): raise TenantUnknown() - return self.driver.del_tenant(tenant_id) + self.driver.del_tenant(tenant_id) - # def set_tenant_dict(self, user_id, tenant_id, tenant_name, intra_authz_ext_id, intra_admin_ext_id): - # # TODO: check user right with user_id in SuperExtension - # # TODO (dthom): Tenant must be checked against Keystone database. - # return self.driver.set_tenant(tenant_id, tenant_name, intra_authz_ext_id, intra_admin_ext_id) + def set_tenant_dict(self, user_id, tenant_id, tenant_dict): + # TODO: check user right with user_id in SuperExtension + if tenant_id not in self.driver.get_tenants_dict(): + raise TenantUnknown() + return self.driver.set_tenant_dict(tenant_id, tenant_dict) def get_tenant_name_from_id(self, user_id, tenant_id): # TODO: check user right with user_id in SuperExtension - tenant_dict = self.driver.get_tenant_dict() + tenant_dict = self.driver.get_tenants_dict() if tenant_id not in tenant_dict: raise TenantUnknown() return tenant_dict[tenant_id]["name"] def set_tenant_name(self, user_id, tenant_id, tenant_name): # TODO: check user right with user_id in SuperExtension - tenant_dict = self.driver.get_tenant_dict() + tenant_dict = self.driver.get_tenants_dict() if tenant_id not in tenant_dict: raise TenantUnknown() return self.driver.set_tenant( @@ -249,9 +246,9 @@ class TenantManager(manager.Manager): def get_tenant_id_from_name(self, user_id, tenant_name): # TODO: check user right with user_id in SuperExtension - tenant_dict = self.driver.get_tenant_dict() - for tenant_id in tenant_dict: - if tenant_dict[tenant_id]["name"] is tenant_name: + tenants_dict = self.driver.get_tenants_dict() + for tenant_id in tenants_dict: + if tenants_dict[tenant_id]["name"] is tenant_name: return tenant_id return None @@ -264,7 +261,7 @@ class TenantManager(manager.Manager): """ # 1 tenant only with 1 authz extension and 1 admin extension # TODO: check user right with user_id in SuperExtension - tenant_dict = self.driver.get_tenant_dict() + tenant_dict = self.driver.get_tenants_dict() if tenant_id not in tenant_dict: raise TenantUnknown() elif not tenant_dict[tenant_id][genre]: @@ -273,14 +270,14 @@ class TenantManager(manager.Manager): # TODO: check if we need the func def get_tenant_uuid(self, extension_uuid): - for _tenant_uuid, _tenant_value in six.iteritems(self.get_tenant_dict()): + for _tenant_uuid, _tenant_value in six.iteritems(self.get_tenants_dict()): if extension_uuid == _tenant_value["authz"] or extension_uuid == _tenant_value["admin"]: return _tenant_uuid raise TenantIDNotFound() # TODO: check if we need the func def get_admin_extension_uuid(self, authz_extension_uuid): - _tenants = self.get_tenant_dict() + _tenants = self.get_tenants_dict() for _tenant_uuid in _tenants: if authz_extension_uuid == _tenants[_tenant_uuid]['authz'] and _tenants[_tenant_uuid]['admin']: return _tenants[_tenant_uuid]['admin'] @@ -292,7 +289,7 @@ class TenantManager(manager.Manager): # TODO: check if we need the func def delete(self, authz_extension_uuid): - _tenants = self.get_tenant_dict() + _tenants = self.get_tenants_dict() for _tenant_uuid in _tenants: if authz_extension_uuid == _tenants[_tenant_uuid]['authz']: return self.set_tenant_dict(_tenant_uuid, "", "", "") @@ -399,7 +396,7 @@ class IntraExtensionManager(manager.Manager): return False - def get_intra_extension_dict(self, user_id): + def get_intra_extensions_dict(self, user_id): """ :param user_id: :return: { @@ -412,7 +409,7 @@ class IntraExtensionManager(manager.Manager): ...} """ # TODO: check will be done through super_extension later - return self.driver.get_intra_extension_dict() + return self.driver.get_intra_extensions_dict() # load policy from policy directory # TODO (dthom) re-check these funcs @@ -694,13 +691,13 @@ class IntraExtensionManager(manager.Manager): :return: {intra_extension_id: intra_extension_name, ...} """ # TODO: check will be done through super_extension later - if intra_extension_id not in self.driver.get_intra_extension_dict(): + if intra_extension_id not in self.driver.get_intra_extensions_dict(): raise IntraExtensionUnknown() - return self.driver.get_intra_extension_dict()[intra_extension_id] + return self.driver.get_intra_extensions_dict()[intra_extension_id] def del_intra_extension(self, user_id, intra_extension_id): # TODO: check will be done through super_extension later - if intra_extension_id not in self.driver.get_intra_extension_dict(): + if intra_extension_id not in self.driver.get_intra_extensions_dict(): raise IntraExtensionUnknown() return self.driver.del_intra_extension(intra_extension_id) @@ -1429,24 +1426,24 @@ class IntraExtensionAuthzManager(IntraExtensionManager): """ tenant_id = self.tenant_api.get_tenant_id_from_name(DEFAULT_USER, tenant_name) intra_extension_id = self.tenant_api.get_tenant_intra_extension_id(DEFAULT_USER, tenant_id, self.__genre__) - subject_dict = self.driver.get_subject_dict(intra_extension_id) + subjects_dict = self.driver.get_subject_dict(intra_extension_id) subject_id = None - for _subject_id in subject_dict: - if subject_dict[_subject_id]['name'] is subject_name: + for _subject_id in subjects_dict: + if subjects_dict[_subject_id]['name'] is subject_name: subject_id = _subject_id if not subject_id: raise SubjectUnknown() - object_dict = self.driver.get_object_dict(intra_extension_id) + objects_dict = self.driver.get_object_dict(intra_extension_id) object_id = None - for _object_id in object_dict: - if object_dict[_object_id]['name'] is object_name: + for _object_id in objects_dict: + if objects_dict[_object_id]['name'] is object_name: object_id = _object_id if not object_id: raise ObjectUnknown() - action_dict = self.driver.get_action_dict(intra_extension_id) + actions_dict = self.driver.get_action_dict(intra_extension_id) action_id = None - for _action_id in action_dict: - if action_dict[_action_id] is action_name: + for _action_id in actions_dict: + if actions_dict[_action_id] is action_name: action_id = _action_id if not action_id: raise ActionUnknown() @@ -1672,13 +1669,16 @@ class ConfigurationDriver(object): class TenantDriver(object): - def get_tenant_dict(self): - # TODO: should implement TenantListEmpty exception + def get_tenants_dict(self): + raise exception.NotImplemented() # pragma: no cover + + def add_tenant_dict(self, tenant_id, tenant_dict): + raise exception.NotImplemented() # pragma: no cover + + def del_tenant_dict(self, tenant_id): raise exception.NotImplemented() # pragma: no cover - def set_tenant(self, tenant_id, tenant_name, intra_authz_ext_id, intra_admin_ext_id): - # if tenant_id exists, then modify; if the tenant_id not exists, then add the tenant - # TODO: should implement AddedTenantNameExist exception + def set_tenant_dict(self, tenant_id, tenant_dict): raise exception.NotImplemented() # pragma: no cover diff --git a/keystone-moon/keystone/contrib/moon/exception.py b/keystone-moon/keystone/contrib/moon/exception.py index f18e4a47..1bf36abd 100644 --- a/keystone-moon/keystone/contrib/moon/exception.py +++ b/keystone-moon/keystone/contrib/moon/exception.py @@ -48,13 +48,6 @@ class TenantException(MoonError): logger = "ERROR" -class TenantDictEmpty(TenantException): - message_format = _("The tenant dict mapping is empty, you must set the mapping first.") - code = 400 - title = 'Tenant Dict Empty' - logger = "WARNING" - - class TenantUnknown(TenantException): message_format = _("The tenant is unknown.") code = 400 diff --git a/keystone-moon/keystone/contrib/moon/routers.py b/keystone-moon/keystone/contrib/moon/routers.py index 0aa71ff8..aedb9ec6 100644 --- a/keystone-moon/keystone/contrib/moon/routers.py +++ b/keystone-moon/keystone/contrib/moon/routers.py @@ -35,9 +35,9 @@ class Routers(wsgi.RoutersBase): # Configuration route self._add_resource( mapper, configuration_controller, - path=self.PATH_PREFIX+'/configuration/templetes', - get_action='get_templetes', - rel=self._get_rel('templetes'), + path=self.PATH_PREFIX+'/configuration/templates', + get_action='get_templates', + rel=self._get_rel('templates'), path_vars={}) self._add_resource( mapper, configuration_controller, @@ -62,25 +62,26 @@ class Routers(wsgi.RoutersBase): path_vars={}) self._add_resource( mapper, tenants_controller, - path=self.PATH_PREFIX+'/tenant/{tenant_uuid}', + path=self.PATH_PREFIX+'/tenants/{tenant_id}', get_action='get_tenant', delete_action='del_tenant', + post_action='set_tenant', rel=self._get_rel('tenants'), path_vars={ - 'tenant_uuid': self._get_path('tenants'), + 'tenant_id': self._get_path('tenants'), }) # Authz route self._add_resource( mapper, authz_controller, - path=self.PATH_PREFIX+'/authz/{tenant_id}/{subject_id}/{object_id}/{action_id}', + path=self.PATH_PREFIX+'/authz/{tenant_name}/{subject_name}/{object_name}/{action_name}', get_action='get_authz', rel=self._get_rel('authz'), path_vars={ - 'tenant_id': self._get_path('tenants'), - 'subject_id': self._get_path('subjects'), - 'object_id': self._get_path('objects'), - 'action_id': self._get_path('actions'), + 'tenant_name': self._get_path('tenants'), + 'subject_name': self._get_path('subjects'), + 'object_name': self._get_path('objects'), + 'action_name': self._get_path('actions'), }) # IntraExtensions/Admin route @@ -96,6 +97,7 @@ class Routers(wsgi.RoutersBase): path=self.PATH_PREFIX+'/intra_extensions/{intra_extension_id}', get_action='get_intra_extension', delete_action='del_intra_extension', + post_action='set_intra_extension', rel=self._get_rel('intra_extensions'), path_vars={ 'intra_extension_id': self._get_path('intra_extensions'), |