aboutsummaryrefslogtreecommitdiffstats
path: root/keystone-moon
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon')
-rw-r--r--keystone-moon/keystone/contrib/moon/backends/sql.py187
-rw-r--r--keystone-moon/keystone/contrib/moon/controllers.py192
-rw-r--r--keystone-moon/keystone/contrib/moon/core.py344
3 files changed, 204 insertions, 519 deletions
diff --git a/keystone-moon/keystone/contrib/moon/backends/sql.py b/keystone-moon/keystone/contrib/moon/backends/sql.py
index 272dc4ac..deacc420 100644
--- a/keystone-moon/keystone/contrib/moon/backends/sql.py
+++ b/keystone-moon/keystone/contrib/moon/backends/sql.py
@@ -226,11 +226,12 @@ class SubjectAssignment(sql.ModelBase, sql.DictBase):
class ObjectAssignment(sql.ModelBase, sql.DictBase):
__tablename__ = 'object_assignments'
- attributes = ['id', 'object_assignment', 'intra_extension_id', 'object_id']
+ attributes = ['id', 'object_assignment', 'intra_extension_id', 'object_id', 'object_category_id']
id = sql.Column(sql.String(64), primary_key=True)
object_assignment = sql.Column(sql.JsonBlob(), nullable=True)
intra_extension_id = sql.Column(sql.ForeignKey("intra_extensions.id"), nullable=False)
object_id = sql.Column(sql.ForeignKey("objects.id"), nullable=False)
+ object_category_id = sql.Column(sql.ForeignKey("object_categories.id"), nullable=False)
@classmethod
def from_dict(cls, d):
@@ -243,11 +244,12 @@ class ObjectAssignment(sql.ModelBase, sql.DictBase):
class ActionAssignment(sql.ModelBase, sql.DictBase):
__tablename__ = 'action_assignments'
- attributes = ['id', 'action_assignment', 'intra_extension_id', 'action_id']
+ attributes = ['id', 'action_assignment', 'intra_extension_id', 'action_id', 'action_category_id']
id = sql.Column(sql.String(64), primary_key=True)
action_assignment = sql.Column(sql.JsonBlob(), nullable=True)
intra_extension_id = sql.Column(sql.ForeignKey("intra_extensions.id"), nullable=False)
action_id = sql.Column(sql.ForeignKey("actions.id"), nullable=False)
+ action_category_id = sql.Column(sql.ForeignKey("action_categories.id"), nullable=False)
@classmethod
def from_dict(cls, d):
@@ -377,8 +379,8 @@ class IntraExtensionConnector(IntraExtensionDriver):
def get_intra_extensions_dict(self):
with sql.transaction() as session:
query = session.query(IntraExtension.id)
- intraextensions = query.all()
- return {intraextension.id: IntraExtension.to_dict(intraextension) for intraextension in intraextensions}
+ ref_list = query.all()
+ return {_ref.id: _ref.intraextension for _ref in ref_list}
# TODO (dthom): load_intra_extension(self):
@@ -402,10 +404,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
ref = query.first()
intra_extension_ref = ref.to_dict()
intra_extension_ref.update(intra_extension_dict)
- new_intra_extension = IntraExtension(
- id=intra_extension_id,
- intra_extension=intra_extension_ref
- )
+ new_intra_extension = IntraExtension(id=intra_extension_id, intra_extension=intra_extension_ref)
for attr in Tenant.attributes:
if attr != 'id':
setattr(ref, attr, getattr(new_intra_extension, attr))
@@ -418,7 +417,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
query = session.query(SubjectCategory)
query = query.filter_by(intra_extension_id=intra_extension_id)
ref_list = query.all()
- return {_ref.id: _ref.to_dict()['subject_category'] for _ref in ref_list}
+ return {_ref.id: _ref.subject_category for _ref in ref_list}
def set_subject_category_dict(self, intra_extension_id, subject_category_id, subject_category_dict):
with sql.transaction() as session:
@@ -450,7 +449,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
# Getter and Setter for object_category
- def get_object_category_dict(self, intra_extension_id):
+ def get_object_categories_dict(self, intra_extension_id):
with sql.transaction() as session:
query = session.query(ObjectCategory)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -459,8 +458,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
raise IntraExtensionUnknown()
return ref.to_dict()
- # TODO: to recheck
- def set_object_category_dict(self, intra_extension_id, object_categories):
+ def set_object_category_dict(self, intra_extension_id, object_category_id, object_category_dict):
with sql.transaction() as session:
query = session.query(ObjectCategory)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -481,29 +479,6 @@ class IntraExtensionConnector(IntraExtensionDriver):
setattr(ref, attr, getattr(new_ref, attr))
return ref.to_dict()
- def add_object_category(self, intra_extension_id, object_category_id, object_category_name):
- with sql.transaction() as session:
- query = session.query(ObjectCategory)
- query = query.filter_by(intra_extension_id=intra_extension_id)
- ref = query.first()
- if not ref:
- raise IntraExtensionUnknown()
- old_ref = ref.to_dict()
- object_categories = dict(old_ref["object_categories"])
- # TODO: object_categories[object_category_id] is a dict
- object_categories[object_category_id] = object_category_name
- new_ref = ObjectCategory.from_dict(
- {
- "id": old_ref["id"],
- 'object_categories': object_categories,
- 'intra_extension_id': old_ref["intra_extension_id"]
- }
- )
- for attr in ObjectCategory.attributes:
- if attr != 'id':
- setattr(ref, attr, getattr(new_ref, attr))
- return ref.to_dict()
-
def del_object_category(self, intra_extension_id, object_category_id):
with sql.transaction() as session:
query = session.query(ObjectCategory)
@@ -533,7 +508,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
# Getter and Setter for action_category
- def get_action_category_dict(self, intra_extension_id):
+ def get_action_categories_dict(self, intra_extension_id):
with sql.transaction() as session:
query = session.query(ActionCategory)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -542,8 +517,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
raise IntraExtensionUnknown()
return ref.to_dict()
- # TODO: to recheck
- def set_action_category_dict(self, intra_extension_id, action_categories):
+ def set_action_category_dict(self, intra_extension_id, action_category_id, action_category_dict):
with sql.transaction() as session:
query = session.query(ActionCategory)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -564,29 +538,6 @@ class IntraExtensionConnector(IntraExtensionDriver):
setattr(ref, attr, getattr(new_ref, attr))
return ref.to_dict()
- def add_action_category(self, intra_extension_id, action_category_id, action_category_name):
- with sql.transaction() as session:
- query = session.query(ActionCategory)
- query = query.filter_by(intra_extension_id=intra_extension_id)
- ref = query.first()
- if not ref:
- raise IntraExtensionUnknown()
- old_ref = ref.to_dict()
- action_categories = dict(old_ref["action_categories"])
- # TODO: action_categories[action_category_id] is a dict
- action_categories[action_category_id] = action_category_name
- new_ref = ActionCategory.from_dict(
- {
- "id": old_ref["id"],
- 'action_categories': action_categories,
- 'intra_extension_id': old_ref["intra_extension_id"]
- }
- )
- for attr in ActionCategory.attributes:
- if attr != 'id':
- setattr(ref, attr, getattr(new_ref, attr))
- return ref.to_dict()
-
def del_action_category(self, intra_extension_id, action_category_id):
with sql.transaction() as session:
query = session.query(ActionCategory)
@@ -651,7 +602,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
ref = query.first()
session.delete(ref)
- def get_object_dict(self, intra_extension_id):
+ def get_objects_dict(self, intra_extension_id):
with sql.transaction() as session:
query = session.query(Object)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -660,8 +611,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
raise IntraExtensionUnknown()
return ref.to_dict()
- # TODO: to recheck
- def set_object_dict(self, intraa_extension_id, object_id):
+ def set_object_dict(self, intra_extension_id, object_id, object_dict):
with sql.transaction() as session:
query = session.query(Object)
query = query.filter_by(intra_extension_id=intraa_extension_id)
@@ -682,29 +632,6 @@ class IntraExtensionConnector(IntraExtensionDriver):
setattr(ref, attr, getattr(new_ref, attr))
return ref.to_dict()
- def add_object(self, intra_extension_id, object_id, object_name):
- with sql.transaction() as session:
- query = session.query(Object)
- query = query.filter_by(intra_extension_id=intra_extension_id)
- ref = query.first()
- if not ref:
- raise IntraExtensionUnknown()
- old_ref = ref.to_dict()
- objects = dict(old_ref["objects"])
- # TODO: objects[object_id] is a dict
- objects[object_id] = object_name
- new_ref = Object.from_dict(
- {
- "id": old_ref["id"],
- 'objects': objects,
- 'intra_extension_id': old_ref["intra_extension_id"]
- }
- )
- for attr in Object.attributes:
- if attr != 'id':
- setattr(ref, attr, getattr(new_ref, attr))
- return ref.to_dict()
-
def del_object(self, intra_extension_id, object_id):
with sql.transaction() as session:
query = session.query(Object)
@@ -731,7 +658,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
if attr != 'id':
setattr(ref, attr, getattr(new_ref, attr))
- def get_action_dict(self, intra_extension_id):
+ def get_actions_dict(self, intra_extension_id):
with sql.transaction() as session:
query = session.query(Action)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -740,8 +667,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
raise IntraExtensionUnknown()
return ref.to_dict()
- # TODO: to recheck
- def set_action_dict(self, intra_extension_id, action_id):
+ def set_action_dict(self, intra_extension_id, action_id, action_dict):
with sql.transaction() as session:
query = session.query(Action)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -762,29 +688,6 @@ class IntraExtensionConnector(IntraExtensionDriver):
setattr(ref, attr, getattr(new_ref, attr))
return ref.to_dict()
- def add_action(self, intra_extension_id, action_id, action_name):
- with sql.transaction() as session:
- query = session.query(Action)
- query = query.filter_by(intra_extension_id=intra_extension_id)
- ref = query.first()
- if not ref:
- raise IntraExtensionUnknown()
- old_ref = ref.to_dict()
- actions = dict(old_ref["actions"])
- # TODO: actions[action_id] is a dict
- actions[action_id] = action_name
- new_ref = Action.from_dict(
- {
- "id": old_ref["id"],
- 'actions': actions,
- 'intra_extension_id': old_ref["intra_extension_id"]
- }
- )
- for attr in Action.attributes:
- if attr != 'id':
- setattr(ref, attr, getattr(new_ref, attr))
- return ref.to_dict()
-
def del_action(self, intra_extension_id, action_id):
with sql.transaction() as session:
query = session.query(Action)
@@ -853,7 +756,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
# Getter and Setter for object_category_scope
- def get_object_scope_dict(self, intra_extension_id, object_category_id):
+ def get_object_scopes_dict(self, intra_extension_id, object_category_id):
with sql.transaction() as session:
query = session.query(ObjectScope)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -865,7 +768,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
raise ObjectScopeUnknown()
return result
- def set_object_scope_dict(self, intra_extension_id, object_category_id, object_scope_id):
+ def set_object_scope_dict(self, intra_extension_id, object_category_id, object_scope_id, object_scope_dict):
with sql.transaction() as session:
query = session.query(ObjectScope)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -887,20 +790,6 @@ class IntraExtensionConnector(IntraExtensionDriver):
session.add(new_ref)
return new_ref.to_dict()
- def add_object_scope(self, intra_extension_id, object_category_id, object_scope_id, object_scope_name):
- with sql.transaction() as session:
- query = session.query(ObjectScope)
- query = query.filter_by(intra_extension_id=intra_extension_id)
- ref = query.first()
- if not ref:
- raise IntraExtensionUnknown()
- old_ref = ref.to_dict()
- scope = dict(old_ref["object_scope"])
- if object_category_id not in scope:
- scope[object_category_id] = dict()
- scope[object_category_id][object_scope_id] = object_scope_name
- return self.set_object_scope_dict(intra_extension_id, object_category_id, scope[object_category_id])
-
def del_object_scope(self, intra_extension_id, object_category_id, object_scope_id):
with sql.transaction() as session:
query = session.query(ObjectScope)
@@ -930,7 +819,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
# Getter and Setter for action_scope
- def get_action_scope_dict(self, intra_extension_id, action_category_id):
+ def get_action_scopes_dict(self, intra_extension_id, action_category_id):
with sql.transaction() as session:
query = session.query(ActionScope)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -942,7 +831,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
raise ActionScopeUnknown()
return result
- def set_action_scope_dict(self, intra_extension_id, action_category_id, action_scope_id):
+ def set_action_scope_dict(self, intra_extension_id, action_category_id, action_scope_id, action_scope_dict):
with sql.transaction() as session:
query = session.query(ActionScope)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -964,20 +853,6 @@ class IntraExtensionConnector(IntraExtensionDriver):
session.add(new_ref)
return new_ref.to_dict()
- def add_action_scope(self, intra_extension_id, action_category_id, action_scope_id, action_scope_name):
- with sql.transaction() as session:
- query = session.query(ActionScope)
- query = query.filter_by(intra_extension_id=intra_extension_id)
- ref = query.first()
- if not ref:
- raise IntraExtensionUnknown()
- old_ref = ref.to_dict()
- scope = dict(old_ref["action_scope"])
- if action_category_id not in scope:
- scope[action_category_id] = dict()
- scope[action_category_id][action_scope_id] = action_scope_name
- return self.set_action_scope_dict(intra_extension_id, action_category_id, scope[action_category_id])
-
def del_action_scope(self, intra_extension_id, action_category_id, action_scope_id):
with sql.transaction() as session:
query = session.query(ActionScope)
@@ -1049,7 +924,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
# Getter and Setter for object_category_assignment
- def get_object_assignment_dict(self, intra_extension_id, object_id):
+ def get_object_assignment_list(self, intra_extension_id, object_id, object_category_id):
""" From a object_uuid, return a dictionary of (category: scope for that object)
:param intra_extension_id: intra extension UUID
@@ -1072,7 +947,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
_ref["object_assignment"][object_id] = dict()
return _ref
- def set_object_assignment_dict(self, intra_extension_id, object_id=None, object_assignment_dict={}):
+ def set_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_assignment_list=[]):
with sql.transaction() as session:
query = session.query(ObjectAssignment)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -1099,7 +974,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
setattr(ref, attr, getattr(new_ref, attr))
return ref.to_dict()
- def add_object_assignment(self, intra_extension_id, object_id, object_category_id, object_scope_id):
+ def add_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_scope_id):
with sql.transaction() as session:
query = session.query(ObjectAssignment)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -1113,7 +988,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
assignments[object_id][object_category_id] = list()
if object_scope_id not in assignments[object_id][object_category_id]:
assignments[object_id][object_category_id].append(object_scope_id)
- return self.set_object_assignment_dict(
+ return self.set_object_assignment_list(
intra_extension_id,
object_id,
assignments[object_id])
@@ -1133,14 +1008,14 @@ class IntraExtensionConnector(IntraExtensionDriver):
old_ref["object_assignment"][object_id].pop(object_category_id)
if not old_ref["object_assignment"][object_id]:
old_ref["object_assignment"].pop(object_id)
- self.set_object_assignment_dict(
+ self.set_object_assignment_list(
intra_extension_id,
object_id,
old_ref["object_assignment"][object_id])
# Getter and Setter for action_category_assignment
- def get_action_assignment_dict(self, intra_extension_id, action_id):
+ def get_action_assignment_list(self, intra_extension_id, action_id, action_category_id):
""" From a action_id, return a dictionary of (category: scope for that action)
:param intra_extension_id: intra extension UUID
@@ -1163,7 +1038,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
_ref["action_assignment"][action_id] = dict()
return _ref
- def set_action_assignment_dict(self, intra_extension_id, action_id=None, action_assignment_dict={}):
+ def set_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_assignment_list=[]):
with sql.transaction() as session:
query = session.query(ActionAssignment)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -1190,7 +1065,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
setattr(ref, attr, getattr(new_ref, attr))
return ref.to_dict()
- def add_action_assignment(self, intra_extension_id, action_id, action_category_id, action_scope_id):
+ def add_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_scope_id):
with sql.transaction() as session:
query = session.query(ActionAssignment)
query = query.filter_by(intra_extension_id=intra_extension_id)
@@ -1204,7 +1079,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
assignments[action_id][action_category_id] = list()
if action_scope_id not in assignments[action_id][action_category_id]:
assignments[action_id][action_category_id].append(action_scope_id)
- return self.set_action_assignment_dict(
+ return self.set_action_assignment_list(
intra_extension_id,
action_id,
assignments[action_id])
@@ -1224,7 +1099,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
old_ref["action_assignment"][action_id].pop(action_category_id)
if not old_ref["action_assignment"][action_id]:
old_ref["action_assignment"].pop(action_id)
- self.set_action_assignment_dict(
+ self.set_action_assignment_list(
intra_extension_id,
action_id,
old_ref["action_assignment"][action_id])
@@ -1324,7 +1199,7 @@ class IntraExtensionConnector(IntraExtensionDriver):
setattr(ref, attr, getattr(new_ref, attr))
return self.get_rules_dict(intra_extension_id, sub_meta_rule_id)[rule_id]
- def del_rule_dict(self, intra_extension_id, sub_meta_rule_id, rule_id):
+ def del_rule(self, intra_extension_id, sub_meta_rule_id, rule_id):
with sql.transaction() as session:
query = session.query(Rule)
query = query.filter_by(rule_id=rule_id)
diff --git a/keystone-moon/keystone/contrib/moon/controllers.py b/keystone-moon/keystone/contrib/moon/controllers.py
index cf069a42..390c8363 100644
--- a/keystone-moon/keystone/contrib/moon/controllers.py
+++ b/keystone-moon/keystone/contrib/moon/controllers.py
@@ -242,7 +242,7 @@ class IntraExtensions(controller.V3Controller):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get('intra_extension_id', None)
object_category_id = kw.get("object_category_id", None)
- return self.admin_api.get_object_category_dict(user_id, ie_id, object_category_id)
+ return self.admin_api.get_object_categories_dict(user_id, ie_id, object_category_id)
@controller.protected()
def del_object_category(self, context, **kw):
@@ -281,7 +281,7 @@ class IntraExtensions(controller.V3Controller):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get('intra_extension_id', None)
action_category_id = kw.get("action_category_id", None)
- return self.admin_api.get_action_category_dict(user_id, ie_id, action_category_id)
+ return self.admin_api.get_action_categories_dict(user_id, ie_id, action_category_id)
@controller.protected()
def del_action_category(self, context, **kw):
@@ -352,14 +352,15 @@ class IntraExtensions(controller.V3Controller):
ie_id = kw.get("intra_extension_id", None)
object_dict = dict()
object_dict['name'] = kw.get("object_name", None)
- return self.admin_api.add_object(user_id, ie_id, object_dict)
+ object_dict['description'] = kw.get("object_description", None)
+ return self.admin_api.add_object_dict(user_id, ie_id, object_dict)
@controller.protected()
def get_object(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
object_id = kw.get("object_id", None)
- return self.admin_api.get_object_dict(user_id, ie_id, object_id)
+ return self.admin_api.get_objects_dict(user_id, ie_id, object_id)
@controller.protected()
def del_object(self, context, **kw):
@@ -390,14 +391,15 @@ class IntraExtensions(controller.V3Controller):
ie_id = kw.get("intra_extension_id", None)
action_dict = dict()
action_dict['name'] = kw.get("action_name", None)
- return self.admin_api.add_action(user_id, ie_id, action_dict)
+ action_dict['description'] = kw.get("action_description", None)
+ return self.admin_api.add_action_dict(user_id, ie_id, action_dict)
@controller.protected()
def get_action(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
action_id = kw.get("action_id", None)
- return self.admin_api.get_action_dict(user_id, ie_id, action_id)
+ return self.admin_api.get_actions_dict(user_id, ie_id, action_id)
@controller.protected()
def del_action(self, context, **kw):
@@ -465,79 +467,89 @@ class IntraExtensions(controller.V3Controller):
def get_object_scopes(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- object_category_id = kw["object_category_id"]
- return self.admin_api.get_object_scope_dict(user_id, ie_id, object_category_id)
+ object_category_id = kw.get("object_category_id", None)
+ return self.admin_api.get_object_scopes_dict(user_id, ie_id, object_category_id)
@controller.protected()
def add_object_scope(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- object_category_id = kw["object_category_id"]
- object_scope_name = kw["object_scope_name"]
- return self.admin_api.add_object_scope(
- user_id,
- ie_id,
- object_category_id,
- object_scope_name)
+ object_category_id = kw.get("object_category_id", None)
+ object_scope_dict = dict()
+ object_scope_dict['name'] = kw.get("object_scope_name", None)
+ object_scope_dict['description'] = kw.get("object_scope_description", None)
+ return self.admin_api.add_object_scope_dict(user_id, ie_id, object_category_id, object_scope_dict)
@controller.protected()
def get_object_scope(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- object_category_id = kw["object_category_id"]
- object_scope_id = kw["object_scope_id"]
- return self.admin_api.get_object_category_scope(user_id, ie_id, object_category_id, object_scope_id)
+ object_category_id = kw.get("object_category_id", None)
+ object_scope_id = kw.get("object_scope_id", None)
+ return self.admin_api.get_object_scopes_dict(user_id, ie_id, object_category_id, object_scope_id)
@controller.protected()
def del_object_scope(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- object_category_id = kw["object_category_id"]
- object_scope_id = kw["object_scope_id"]
- self.admin_api.del_object_scope(
- user_id,
- ie_id,
- object_category_id,
- object_scope_id)
+ object_category_id = kw.get("object_category_id", None)
+ object_scope_id = kw.get("object_scope_id", None)
+ self.admin_api.del_object_scope(user_id, ie_id, object_category_id, object_scope_id)
+
+ @controller.protected()
+ def set_object_scope(self, context, **kw):
+ user_id = self._get_user_id_from_token(context.get('token_id'))
+ ie_id = kw.get("intra_extension_id", None)
+ object_category_id = kw.get("object_category_id", None)
+ object_scope_id = kw.get("object_scope_id", None)
+ object_scope_dict = dict()
+ object_scope_dict['name'] = kw.get("object_scope_name", None)
+ object_scope_dict['description'] = kw.get("object_scope_description", None)
+ return self.admin_api.set_object_scope_dict(user_id, ie_id, object_category_id, object_scope_id, object_scope_dict)
@controller.protected()
def get_action_scopes(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- action_category_id = kw["action_category_id"]
- return self.admin_api.get_action_scope_dict(user_id, ie_id, action_category_id)
+ action_category_id = kw.get("action_category_id", None)
+ return self.admin_api.get_action_scopes_dict(user_id, ie_id, action_category_id)
@controller.protected()
def add_action_scope(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- action_category_id = kw["action_category_id"]
- action_scope_name = kw["action_scope_name"]
- return self.admin_api.add_action_scope(
- user_id,
- ie_id,
- action_category_id,
- action_scope_name)
+ action_category_id = kw.get("action_category_id", None)
+ action_scope_dict = dict()
+ action_scope_dict['name'] = kw.get("action_scope_name", None)
+ action_scope_dict['description'] = kw.get("action_scope_description", None)
+ return self.admin_api.add_action_scope_dict(user_id, ie_id, action_category_id, action_scope_dict)
@controller.protected()
def get_action_scope(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- action_category_id = kw["action_category_id"]
- action_scope_id = kw["action_scope_id"]
- return self.admin_api.get_action_scope_dict(user_id, ie_id, action_category_id)[action_scope_id]
+ action_category_id = kw.get("action_category_id", None)
+ action_scope_id = kw.get("action_scope_id", None)
+ return self.admin_api.get_action_scopes_dict(user_id, ie_id, action_category_id, action_scope_id)
@controller.protected()
def del_action_scope(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- action_category_id = kw["action_category_id"]
- action_scope_id = kw["action_scope_id"]
- self.admin_api.del_action_scope(
- user_id,
- ie_id,
- action_category_id,
- action_scope_id)
+ action_category_id = kw.get("action_category_id", None)
+ action_scope_id = kw.get("action_scope_id", None)
+ self.admin_api.del_action_scope(user_id, ie_id, action_category_id, action_scope_id)
+
+ @controller.protected()
+ def set_action_scope(self, context, **kw):
+ user_id = self._get_user_id_from_token(context.get('token_id'))
+ ie_id = kw.get("intra_extension_id", None)
+ action_category_id = kw.get("action_category_id", None)
+ action_scope_id = kw.get("action_scope_id", None)
+ action_scope_dict = dict()
+ action_scope_dict['name'] = kw.get("action_scope_name", None)
+ action_scope_dict['description'] = kw.get("action_scope_description", None)
+ return self.admin_api.set_action_scope_dict(user_id, ie_id, action_category_id, action_scope_id, action_scope_dict)
# Assignment functions
@@ -548,12 +560,7 @@ class IntraExtensions(controller.V3Controller):
subject_id = kw.get("subject_id", None)
subject_category_id = kw.get("subject_category_id", None)
subject_scope_id = kw.get("subject_scope_id", None)
- return self.admin_api.add_subject_assignment_list(
- user_id,
- ie_id,
- subject_id,
- subject_category_id,
- subject_scope_id)
+ return self.admin_api.add_subject_assignment_list(user_id, ie_id, subject_id, subject_category_id, subject_scope_id)
@controller.protected()
def get_subject_assignment(self, context, **kw):
@@ -570,98 +577,59 @@ class IntraExtensions(controller.V3Controller):
subject_id = kw.get("subject_id", None)
subject_category_id = kw.get("subject_category_id", None)
subject_scope_id = kw.get("subject_scope_id", None)
- self.admin_api.del_subject_assignment(
- user_id,
- ie_id,
- subject_id,
- subject_category_id,
- subject_scope_id)
-
- @controller.protected()
- def get_object_assignments(self, context, **kw):
- user_id = self._get_user_id_from_token(context.get('token_id'))
- ie_id = kw.get("intra_extension_id", None)
- object_id = kw["object_id"]
- return self.admin_api.get_object_assignment_dict(user_id, ie_id, object_id)
+ self.admin_api.del_subject_assignment(user_id, ie_id, subject_id, subject_category_id, subject_scope_id)
@controller.protected()
def add_object_assignment(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- object_id = kw["object_id"]
- object_category_id = kw["object_category_id"]
- object_scope_id = kw["object_scope_id"]
- return self.admin_api.add_objecty_assignment(
- user_id,
- ie_id,
- object_id,
- object_category_id,
- object_scope_id)
+ object_id = kw.get("object_id", None)
+ object_category_id = kw.get("object_category_id", None)
+ object_scope_id = kw.get("object_scope_id", None)
+ return self.admin_api.add_objecty_assignment_list(user_id, ie_id, object_id, object_category_id, object_scope_id)
@controller.protected()
def get_object_assignment(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- object_id = kw["object_id"]
- object_category_id = kw["object_category_id"]
- return self.admin_api.get_object_assignment_dict(user_id, ie_id, object_id, object_category_id)
+ object_id = kw.get("object_id", None)
+ object_category_id = kw.get("object_category_id", None)
+ return self.admin_api.get_object_assignment_list(user_id, ie_id, object_id, object_category_id)
@controller.protected()
def del_object_assignment(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- object_id = kw["object_id"]
- object_category_id = kw["object_category_id"]
- object_scope_id = kw["object_scope_id"]
- self.admin_api.del_object_assignment(
- user_id,
- ie_id,
- object_id,
- object_category_id,
- object_scope_id)
-
- @controller.protected()
- def get_action_assignments(self, context, **kw):
- user_id = self._get_user_id_from_token(context.get('token_id'))
- ie_id = kw.get("intra_extension_id", None)
- action_id = kw["action_id"]
- return self.admin_api.get_action_assignment_dict(user_id, ie_id, action_id)
+ object_id = kw.get("object_id", None)
+ object_category_id = kw.get("object_category_id", None)
+ object_scope_id = kw.get("object_scope_id", None)
+ self.admin_api.del_object_assignment(user_id, ie_id, object_id, object_category_id, object_scope_id)
@controller.protected()
def add_action_assignment(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- action_id = kw["action_id"]
- action_category_id = kw["action_category_id"]
- action_scope_id = kw["action_scope_id"]
- return self.admin_api.add_action_assignment(
- user_id,
- ie_id,
- action_id,
- action_category_id,
- action_scope_id)
+ action_id = kw.get("action_id", None)
+ action_category_id = kw.get("action_category_id", None)
+ action_scope_id = kw.get("action_scope_id", None)
+ return self.admin_api.add_action_assignment_list(user_id, ie_id, action_id, action_category_id, action_scope_id)
@controller.protected()
def get_action_assignment(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- action_id = kw["action_id"]
- action_category_id = kw["action_category_id"]
- return self.admin_api.get_action_assignment_dict(user_id, ie_id, action_id, action_category_id)
+ action_id = kw.get("action_id", None)
+ action_category_id = kw.get("action_category_id", None)
+ return self.admin_api.get_action_assignment_list(user_id, ie_id, action_id, action_category_id)
@controller.protected()
def del_action_assignment(self, context, **kw):
user_id = self._get_user_id_from_token(context.get('token_id'))
ie_id = kw.get("intra_extension_id", None)
- action_id = kw["action_id"]
- action_category_id = kw["action_category_id"]
- action_scope_id = kw["action_scope_id"]
- self.admin_api.del_action_assignment(
- user_id,
- ie_id,
- action_id,
- action_category_id,
- action_scope_id)
+ action_id = kw.get("action_id", None)
+ action_category_id = kw.get("action_category_id", None)
+ action_scope_id = kw.get("action_scope_id", None)
+ self.admin_api.del_action_assignment(user_id, ie_id, action_id, action_category_id, action_scope_id)
# Metarule functions
@controller.protected()
diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py
index d5f08251..ee5e9e54 100644
--- a/keystone-moon/keystone/contrib/moon/core.py
+++ b/keystone-moon/keystone/contrib/moon/core.py
@@ -309,19 +309,19 @@ class IntraExtensionManager(manager.Manager):
authz_buffer['action_id'] = action_id
meta_data_dict = dict()
meta_data_dict["subject_categories"] = self.driver.get_subject_categories_dict(intra_extension_id)
- meta_data_dict["object_categories"] = self.driver.get_object_category_dict(intra_extension_id)
- meta_data_dict["action_categories"] = self.driver.get_action_category_dict(intra_extension_id)
+ meta_data_dict["object_categories"] = self.driver.get_object_categories_dict(intra_extension_id)
+ meta_data_dict["action_categories"] = self.driver.get_action_categories_dict(intra_extension_id)
subject_assignment_dict = dict()
for category in meta_data_dict["subject_categories"]:
subject_assignment_dict[category] = self.driver.get_subject_assignment_list(
intra_extension_id, subject_id)[category]
object_assignment_dict = dict()
for category in meta_data_dict["object_categories"]:
- object_assignment_dict[category] = self.driver.get_object_assignment_dict(
+ object_assignment_dict[category] = self.driver.get_object_assignment_list(
intra_extension_id, object_id)[category]
action_assignment_dict = dict()
for category in meta_data_dict["action_categories"]:
- action_assignment_dict[category] = self.driver.get_action_assignment_dict(
+ action_assignment_dict[category] = self.driver.get_action_assignment_list(
intra_extension_id, action_id)[category]
authz_buffer['subject_attributes'] = dict()
authz_buffer['object_attributes'] = dict()
@@ -528,9 +528,9 @@ class IntraExtensionManager(manager.Manager):
)
# Note (dthom): object_category_assignment must be initialized because when there is no data in json
# we will not go through the for loop
- self.driver.set_object_assignment_dict(intra_extension_dict["id"])
+ self.driver.set_object_assignment_list(intra_extension_dict["id"])
for object in object_assignments:
- self.driver.set_object_assignment_dict(intra_extension_dict["id"], object, object_assignments[object])
+ self.driver.set_object_assignment_list(intra_extension_dict["id"], object, object_assignments[object])
action_assignments = dict()
for category_name, value in json_assignments["action_assignments"].iteritems():
@@ -549,9 +549,9 @@ class IntraExtensionManager(manager.Manager):
)
# Note (dthom): action_category_assignment must be initialized because when there is no data in json
# we will not go through the for loop
- self.driver.set_action_assignment_dict(intra_extension_dict["id"])
+ self.driver.set_action_assignment_list(intra_extension_dict["id"])
for action in action_assignments:
- self.driver.set_action_assignment_dict(intra_extension_dict["id"], action, action_assignments[action])
+ self.driver.set_action_assignment_list(intra_extension_dict["id"], action, action_assignments[action])
def __load_metarule_file(self, intra_extension_dict, policy_dir):
@@ -746,13 +746,13 @@ class IntraExtensionManager(manager.Manager):
:param intra_extension_id:
:return:
"""
- return self.driver.get_object_category_dict(intra_extension_id)
+ return self.driver.get_object_categories_dict(intra_extension_id)
@filter_args
@enforce(("read", "write"), "object_categories")
@enforce(("read", "write"), "object_scopes")
def add_object_category(self, user_id, intra_extension_id, object_category_name):
- object_category_dict = self.driver.get_object_category_dict(intra_extension_id)
+ object_category_dict = self.driver.get_object_categories_dict(intra_extension_id)
for object_category_id in object_category_dict:
if object_category_dict[object_category_id]["name"] is object_category_name:
raise ObjectCategoryNameExisting()
@@ -764,7 +764,7 @@ class IntraExtensionManager(manager.Manager):
@filter_args
@enforce("read", "object_categories")
def get_object_category(self, user_id, intra_extension_id, object_category_id):
- object_category_dict = self.driver.get_object_category_dict(intra_extension_id)
+ object_category_dict = self.driver.get_object_categories_dict(intra_extension_id)
if object_category_id not in object_category_dict:
raise ObjectCategoryUnknown()
return object_category_dict[object_category_id]
@@ -774,7 +774,7 @@ class IntraExtensionManager(manager.Manager):
@enforce(("read", "write"), "object_scopes")
@enforce(("read", "write"), "object_assignments")
def del_object_category(self, user_id, intra_extension_id, object_category_id):
- object_category_dict = self.driver.get_object_category_dict(intra_extension_id)
+ object_category_dict = self.driver.get_object_categories_dict(intra_extension_id)
if object_category_id not in object_category_dict:
raise ObjectCategoryUnknown()
# TODO (dthom): destroy category in scope
@@ -791,13 +791,13 @@ class IntraExtensionManager(manager.Manager):
:param intra_extension_id:
:return:
"""
- return self.driver.get_action_category_dict(intra_extension_id)
+ return self.driver.get_action_categories_dict(intra_extension_id)
@filter_args
@enforce(("read", "write"), "action_categories")
@enforce(("read", "write"), "action_scopes")
def add_action_category(self, user_id, intra_extension_id, action_category_name):
- action_category_dict = self.driver.get_action_category_dict(intra_extension_id)
+ action_category_dict = self.driver.get_action_categories_dict(intra_extension_id)
for action_category_id in action_category_dict:
if action_category_dict[action_category_id]['name'] is action_category_name:
raise ActionCategoryNameExisting()
@@ -809,16 +809,16 @@ class IntraExtensionManager(manager.Manager):
@filter_args
@enforce("read", "action_categories")
def get_action_category(self, user_id, intra_extension_id, action_category_id):
- action_category_dict = self.driver.get_action_category_dict(intra_extension_id)
+ action_category_dict = self.driver.get_action_categories_dict(intra_extension_id)
if action_category_id not in action_category_dict:
raise ActionCategoryUnknown()
- return self.driver.get_action_category_dict(intra_extension_id)[action_category_id]
+ return self.driver.get_action_categories_dict(intra_extension_id)[action_category_id]
@filter_args
@enforce(("read", "write"), "action_categories")
@enforce(("read", "write"), "action_category_scopes")
def del_action_category(self, user_id, intra_extension_id, action_category_id):
- action_category_dict = self.driver.get_action_category_dict(intra_extension_id)
+ action_category_dict = self.driver.get_action_categories_dict(intra_extension_id)
if action_category_id not in action_category_dict:
raise ActionCategoryUnknown()
# TODO (dthom): destroy category in scope
@@ -875,12 +875,12 @@ class IntraExtensionManager(manager.Manager):
@filter_args
@enforce("read", "objects")
def get_object_dict(self, user_id, intra_extension_id):
- return self.driver.get_object_dict(intra_extension_id)
+ return self.driver.get_objects_dict(intra_extension_id)
@filter_args
@enforce(("read", "write"), "objects")
def add_object(self, user_id, intra_extension_id, object_name):
- object_dict = self.driver.get_object_dict(intra_extension_id)
+ object_dict = self.driver.get_objects_dict(intra_extension_id)
for object_id in object_dict:
if object_dict[object_id]["name"] is object_name:
raise ObjectNameExisting()
@@ -890,7 +890,7 @@ class IntraExtensionManager(manager.Manager):
@filter_args
@enforce("read", "objects")
def get_object(self, user_id, intra_extension_id, object_id):
- object_dict = self.driver.get_object_dict(intra_extension_id)
+ object_dict = self.driver.get_objects_dict(intra_extension_id)
if object_id in object_dict:
raise ObjectUnknown()
return object_dict[object_id]
@@ -898,7 +898,7 @@ class IntraExtensionManager(manager.Manager):
@filter_args
@enforce(("read", "write"), "objects")
def del_object(self, user_id, intra_extension_id, object_id):
- if object_id in self.driver.get_object_dict(intra_extension_id):
+ if object_id in self.driver.get_objects_dict(intra_extension_id):
raise ObjectUnknown()
# TODO (dthom): destroy item-related assignment
return self.driver.del_object(intra_extension_id, object_id)
@@ -906,12 +906,12 @@ class IntraExtensionManager(manager.Manager):
@filter_args
@enforce("read", "actions")
def get_action_dict(self, user_id, intra_extension_id):
- return self.driver.get_action_dict(intra_extension_id)
+ return self.driver.get_actions_dict(intra_extension_id)
@filter_args
@enforce(("read", "write"), "actions")
def add_action(self, user_id, intra_extension_id, action_name):
- action_dict = self.driver.get_action_dict(intra_extension_id)
+ action_dict = self.driver.get_actions_dict(intra_extension_id)
for action_id in action_dict:
if action_dict[action_id]["name"] is action_name:
raise ActionNameExisting()
@@ -921,7 +921,7 @@ class IntraExtensionManager(manager.Manager):
@filter_args
@enforce("read", "actions")
def get_action(self, user_id, intra_extension_id, action_id):
- action_dict = self.driver.get_action_dict(intra_extension_id)
+ action_dict = self.driver.get_actions_dict(intra_extension_id)
if action_id in action_dict:
raise ActionUnknown()
return action_dict[action_id]
@@ -929,7 +929,7 @@ class IntraExtensionManager(manager.Manager):
@filter_args
@enforce(("read", "write"), "actions")
def del_action(self, user_id, intra_extension_id, action_id):
- if action_id in self.driver.get_action_dict(intra_extension_id):
+ if action_id in self.driver.get_actions_dict(intra_extension_id):
raise ActionUnknown()
# TODO (dthom): destroy item-related assignment
return self.driver.del_action(intra_extension_id, action_id)
@@ -1009,17 +1009,17 @@ class IntraExtensionManager(manager.Manager):
@enforce("read", "object_category_scopes")
@enforce("read", "object_categories")
def get_object_scope_dict(self, user_id, intra_extension_id, object_category_id):
- if object_category_id not in self.driver.get_object_category_dict(intra_extension_id):
+ if object_category_id not in self.driver.get_object_categories_dict(intra_extension_id):
raise ObjectCategoryUnknown()
- return self.driver.get_object_scope_dict(intra_extension_id, object_category_id)
+ return self.driver.get_object_scopes_dict(intra_extension_id, object_category_id)
@filter_args
@enforce(("read", "write"), "object_scopes")
@enforce("read", "object_categories")
def add_object_scope(self, user_id, intra_extension_id, object_category_id, object_scope_name):
- if object_category_id not in self.driver.get_object_category_dict(intra_extension_id):
+ if object_category_id not in self.driver.get_object_categories_dict(intra_extension_id):
raise ObjectCategoryUnknown()
- object_scope_dict = self.driver.get_object_scope_dict(intra_extension_id, object_category_id)
+ object_scope_dict = self.driver.get_object_scopes_dict(intra_extension_id, object_category_id)
for _object_scope_id in object_scope_dict:
if object_scope_name is object_scope_dict[_object_scope_id]['name']:
raise ObjectScopeNameExisting()
@@ -1034,9 +1034,9 @@ class IntraExtensionManager(manager.Manager):
@enforce("read", "object_scopes")
@enforce("read", "object_categories")
def get_object_scope(self, user_id, intra_extension_id, object_category_id, object_scope_id):
- if object_category_id not in self.driver.get_object_category_dict(intra_extension_id):
+ if object_category_id not in self.driver.get_object_categories_dict(intra_extension_id):
raise ObjectCategoryUnknown()
- object_scopte_dict = self.driver.get_object_scope_dict(intra_extension_id, object_category_id)
+ object_scopte_dict = self.driver.get_object_scopes_dict(intra_extension_id, object_category_id)
if object_scope_id not in object_scopte_dict:
raise ObjectScopeUnknown()
return object_scopte_dict[object_scope_id]
@@ -1045,9 +1045,9 @@ class IntraExtensionManager(manager.Manager):
@enforce(("read", "write"), "object_scopes")
@enforce("read", "object_categories")
def del_object_scope(self, user_id, intra_extension_id, object_category_id, object_scope_id):
- if object_category_id not in self.driver.get_object_category_dict(intra_extension_id):
+ if object_category_id not in self.driver.get_object_categories_dict(intra_extension_id):
raise ObjectCategoryUnknown()
- if object_scope_id not in self.driver.get_object_scope_dict(intra_extension_id, object_category_id):
+ if object_scope_id not in self.driver.get_object_scopes_dict(intra_extension_id, object_category_id):
raise ObjectScopeUnknown()
# TODO (dthom): destroy scope-related assignment
# TODO (dthom): destroy scope-related rule
@@ -1057,17 +1057,17 @@ class IntraExtensionManager(manager.Manager):
@enforce("read", "action_category_scopes")
@enforce("read", "action_categories")
def get_action_scope_dict(self, user_id, intra_extension_id, action_category_id):
- if action_category_id not in self.driver.get_object_category_dict(intra_extension_id):
+ if action_category_id not in self.driver.get_object_categories_dict(intra_extension_id):
raise ActionCategoryUnknown()
- return self.driver.get_action_scope_dict(intra_extension_id, action_category_id)
+ return self.driver.get_action_scopes_dict(intra_extension_id, action_category_id)
@filter_args
@enforce(("read", "write"), "action_scopes")
@enforce("read", "action_categories")
def add_action_scope(self, user_id, intra_extension_id, action_category_id, action_scope_name):
- if action_category_id not in self.driver.get_action_category_dict(intra_extension_id):
+ if action_category_id not in self.driver.get_action_categories_dict(intra_extension_id):
raise ActionCategoryUnknown()
- action_scope_dict = self.driver.get_action_scope_dict(intra_extension_id, action_category_id)
+ action_scope_dict = self.driver.get_action_scopes_dict(intra_extension_id, action_category_id)
for _action_scope_id in action_scope_dict:
if action_scope_name is action_scope_dict[_action_scope_id]['name']:
raise ActionScopeNameExisting()
@@ -1082,9 +1082,9 @@ class IntraExtensionManager(manager.Manager):
@enforce("read", "action_scopes")
@enforce("read", "action_categories")
def get_action_scope(self, user_id, intra_extension_id, action_category_id, action_scope_id):
- if action_category_id not in self.driver.get_action_category_dict(intra_extension_id):
+ if action_category_id not in self.driver.get_action_categories_dict(intra_extension_id):
raise ActionCategoryUnknown()
- action_scopte_dict = self.driver.get_action_scope_dict(intra_extension_id, action_category_id)
+ action_scopte_dict = self.driver.get_action_scopes_dict(intra_extension_id, action_category_id)
if action_scope_id not in action_scopte_dict:
raise ActionScopeUnknown()
return action_scopte_dict[action_scope_id]
@@ -1093,9 +1093,9 @@ class IntraExtensionManager(manager.Manager):
@enforce(("read", "write"), "action_scopes")
@enforce("read", "action_categories")
def del_action_scope(self, user_id, intra_extension_id, action_category_id, action_scope_id):
- if action_category_id not in self.driver.get_action_category_dict(intra_extension_id):
+ if action_category_id not in self.driver.get_action_categories_dict(intra_extension_id):
raise ActionCategoryUnknown()
- if action_scope_id not in self.driver.get_action_scope_dict(intra_extension_id, action_category_id):
+ if action_scope_id not in self.driver.get_action_scopes_dict(intra_extension_id, action_category_id):
raise ActionScopeUnknown()
# TODO (dthom): destroy scope-related assignment
# TODO (dthom): destroy scope-related rule
@@ -1152,33 +1152,33 @@ class IntraExtensionManager(manager.Manager):
def get_object_assignment_dict(self, user_id, intra_extension_id, object_id):
if object_id not in self.get_object_dict(user_id, intra_extension_id):
raise ObjectUnknown()
- return self.driver.get_object_assignment_dict(intra_extension_id, object_id)
+ return self.driver.get_object_assignment_list(intra_extension_id, object_id)
@filter_args
@enforce(("read", "write"), "object_assignments")
@enforce("read", "objects")
@enforce("read", "object_categories")
def add_object_assignment(self, user_id, intra_extension_id, object_id, object_category_id, object_scope_id):
- if object_id not in self.driver.get_object_dict(intra_extension_id):
+ if object_id not in self.driver.get_objects_dict(intra_extension_id):
raise ObjectUnknown()
- elif object_category_id not in self.driver.get_object_category_dict(intra_extension_id):
+ elif object_category_id not in self.driver.get_object_categories_dict(intra_extension_id):
raise ObjectCategoryUnknown()
- elif object_scope_id not in self.driver.get_object_scope_dict(intra_extension_id, object_category_id):
+ elif object_scope_id not in self.driver.get_object_scopes_dict(intra_extension_id, object_category_id):
raise ObjectScopeUnknown()
- elif object_scope_id in self.driver.get_object_assignment_dict(intra_extension_id, object_id)[object_category_id]:
+ elif object_scope_id in self.driver.get_object_assignment_list(intra_extension_id, object_id)[object_category_id]:
raise ObjectAssignmentExisting()
- return self.driver.add_object_assignment(intra_extension_id, object_id, object_category_id, object_scope_id)
+ return self.driver.add_object_assignment_list(intra_extension_id, object_id, object_category_id, object_scope_id)
@filter_args
@enforce("read", "object_assignments")
@enforce("read", "objects")
@enforce("read", "object_categories")
def get_object_assignment(self, user_id, intra_extension_id, object_id, object_category_id):
- if object_id not in self.driver.get_object_dict(user_id, intra_extension_id):
+ if object_id not in self.driver.get_objects_dict(user_id, intra_extension_id):
raise ObjectUnknown()
- elif object_category_id not in self.driver.get_object_category_dict(intra_extension_id):
+ elif object_category_id not in self.driver.get_object_categories_dict(intra_extension_id):
raise ObjectCategoryUnknown()
- return self.driver.get_object_assignment_dict(intra_extension_id, object_id)[object_category_id]
+ return self.driver.get_object_assignment_list(intra_extension_id, object_id)[object_category_id]
@filter_args
@enforce(("read", "write"), "object_assignments")
@@ -1186,11 +1186,11 @@ class IntraExtensionManager(manager.Manager):
@enforce("read", "object_categories")
@enforce("read", "object_scopes")
def del_object_assignment(self, user_id, intra_extension_id, object_id, object_category_id, object_scope_id):
- if object_id not in self.driver.get_object_dict(intra_extension_id):
+ if object_id not in self.driver.get_objects_dict(intra_extension_id):
raise ObjectUnknown()
- elif object_category_id not in self.driver.get_object_category_dict(intra_extension_id):
+ elif object_category_id not in self.driver.get_object_categories_dict(intra_extension_id):
raise ObjectCategoryUnknown()
- elif object_scope_id not in self.driver.get_object_scope_dict(intra_extension_id, object_category_id):
+ elif object_scope_id not in self.driver.get_object_scopes_dict(intra_extension_id, object_category_id):
raise ObjectScopeUnknown()
elif object_scope_id not in self.driver.get_subject_assignment_list(intra_extension_id, object_id)[object_category_id]:
raise ObjectAssignmentUnknown()
@@ -1202,33 +1202,33 @@ class IntraExtensionManager(manager.Manager):
def get_action_assignment_dict(self, user_id, intra_extension_id, action_id):
if action_id not in self.get_action_dict(user_id, intra_extension_id):
raise ActionUnknown()
- return self.driver.get_action_assignment_dict(intra_extension_id, action_id)
+ return self.driver.get_action_assignment_list(intra_extension_id, action_id)
@filter_args
@enforce(("read", "write"), "action_assignments")
@enforce("read", "actions")
@enforce("read", "action_categories")
def add_action_assignment(self, user_id, intra_extension_id, action_id, action_category_id, action_scope_id):
- if action_id not in self.driver.get_action_dict(intra_extension_id):
+ if action_id not in self.driver.get_actions_dict(intra_extension_id):
raise ActionUnknown()
- elif action_category_id not in self.driver.get_action_category_dict(intra_extension_id):
+ elif action_category_id not in self.driver.get_action_categories_dict(intra_extension_id):
raise ActionCategoryUnknown()
- elif action_scope_id not in self.driver.get_action_scope_dict(intra_extension_id, action_category_id):
+ elif action_scope_id not in self.driver.get_action_scopes_dict(intra_extension_id, action_category_id):
raise ActionScopeUnknown()
- elif action_scope_id in self.driver.get_action_assignment_dict(intra_extension_id, action_id)[action_category_id]:
+ elif action_scope_id in self.driver.get_action_assignment_list(intra_extension_id, action_id)[action_category_id]:
raise ObjectAssignmentExisting()
- return self.driver.add_action_assignment(intra_extension_id, action_id, action_category_id, action_scope_id)
+ return self.driver.add_action_assignment_list(intra_extension_id, action_id, action_category_id, action_scope_id)
@filter_args
@enforce("read", "action_assignments")
@enforce("read", "actions")
@enforce("read", "action_categories")
def get_action_assignment(self, user_id, intra_extension_id, action_id, action_category_id):
- if action_id not in self.driver.get_action_dict(user_id, intra_extension_id):
+ if action_id not in self.driver.get_actions_dict(user_id, intra_extension_id):
raise ActionUnknown()
- elif action_category_id not in self.driver.get_action_category_dict(intra_extension_id):
+ elif action_category_id not in self.driver.get_action_categories_dict(intra_extension_id):
raise ActionCategoryUnknown()
- return self.driver.get_action_assignment_dict(intra_extension_id, action_id)[action_category_id]
+ return self.driver.get_action_assignment_list(intra_extension_id, action_id)[action_category_id]
@filter_args
@enforce(("read", "write"), "action_assignments")
@@ -1236,13 +1236,13 @@ class IntraExtensionManager(manager.Manager):
@enforce("read", "action_categories")
@enforce("read", "action_scopes")
def del_action_assignment(self, user_id, intra_extension_id, action_id, action_category_id, action_scope_id):
- if action_id not in self.driver.get_action_dict(intra_extension_id):
+ if action_id not in self.driver.get_actions_dict(intra_extension_id):
raise ActionUnknown()
- elif action_category_id not in self.driver.get_action_category_dict(intra_extension_id):
+ elif action_category_id not in self.driver.get_action_categories_dict(intra_extension_id):
raise ActionCategoryUnknown()
- elif action_scope_id not in self.driver.get_action_scope_dict(intra_extension_id, action_category_id):
+ elif action_scope_id not in self.driver.get_action_scopes_dict(intra_extension_id, action_category_id):
raise ActionScopeUnknown()
- elif action_scope_id not in self.driver.get_action_assignment_dict(intra_extension_id, action_id)[action_category_id]:
+ elif action_scope_id not in self.driver.get_action_assignment_list(intra_extension_id, action_id)[action_category_id]:
raise ActionAssignmentUnknown()
return self.driver.del_action_assignment(intra_extension_id, action_id, action_category_id, action_scope_id)
@@ -1421,14 +1421,14 @@ class IntraExtensionAuthzManager(IntraExtensionManager):
subject_id = _subject_id
if not subject_id:
raise SubjectUnknown()
- objects_dict = self.driver.get_object_dict(intra_extension_id)
+ objects_dict = self.driver.get_objects_dict(intra_extension_id)
object_id = None
for _object_id in objects_dict:
if objects_dict[_object_id]['name'] is object_name:
object_id = _object_id
if not object_id:
raise ObjectUnknown()
- actions_dict = self.driver.get_action_dict(intra_extension_id)
+ actions_dict = self.driver.get_actions_dict(intra_extension_id)
action_id = None
for _action_id in actions_dict:
if actions_dict[_action_id] is action_name:
@@ -1708,12 +1708,12 @@ class IntraExtensionDriver(object):
(uuid and uuid not in data_values.keys()):
raise SubjectUnknown()
elif data_name == self.OBJECT:
- data_values = self.get_object_dict(intra_extension_uuid)["objects"]
+ data_values = self.get_objects_dict(intra_extension_uuid)["objects"]
if (name and name not in extract_name(data_values)) or \
(uuid and uuid not in data_values.keys()):
raise ObjectUnknown()
elif data_name == self.ACTION:
- data_values = self.get_action_dict(intra_extension_uuid)["actions"]
+ data_values = self.get_actions_dict(intra_extension_uuid)["actions"]
if (name and name not in extract_name(data_values)) or \
(uuid and uuid not in data_values.keys()):
raise ActionUnknown()
@@ -1723,12 +1723,12 @@ class IntraExtensionDriver(object):
(uuid and uuid not in data_values.keys()):
raise SubjectCategoryUnknown()
elif data_name == self.OBJECT_CATEGORY:
- data_values = self.get_object_category_dict(intra_extension_uuid)["object_categories"]
+ data_values = self.get_object_categories_dict(intra_extension_uuid)["object_categories"]
if (name and name not in extract_name(data_values)) or \
(uuid and uuid not in data_values.keys()):
raise ObjectCategoryUnknown()
elif data_name == self.ACTION_CATEGORY:
- data_values = self.get_action_category_dict(intra_extension_uuid)["action_categories"]
+ data_values = self.get_action_categories_dict(intra_extension_uuid)["action_categories"]
if (name and name not in extract_name(data_values)) or \
(uuid and uuid not in data_values.keys()):
raise ActionCategoryUnknown()
@@ -1743,7 +1743,7 @@ class IntraExtensionDriver(object):
elif data_name == self.OBJECT_SCOPE:
if not category_uuid:
category_uuid = self.get_uuid_from_name(intra_extension_uuid, category_name, self.OBJECT_CATEGORY)
- data_values = self.get_object_scope_dict(intra_extension_uuid,
+ data_values = self.get_object_scopes_dict(intra_extension_uuid,
category_uuid)["object_category_scope"]
if (name and name not in extract_name(data_values)) or \
(uuid and uuid not in data_values.keys()):
@@ -1751,7 +1751,7 @@ class IntraExtensionDriver(object):
elif data_name == self.ACTION_SCOPE:
if not category_uuid:
category_uuid = self.get_uuid_from_name(intra_extension_uuid, category_name, self.ACTION_CATEGORY)
- data_values = self.get_action_scope_dict(intra_extension_uuid,
+ data_values = self.get_action_scopes_dict(intra_extension_uuid,
category_uuid)["action_category_scope"]
if (name and name not in extract_name(data_values)) or \
(uuid and uuid not in data_values.keys()):
@@ -1806,7 +1806,7 @@ class IntraExtensionDriver(object):
def del_subject_category(self, intra_extension_id, subject_category_id):
raise exception.NotImplemented() # pragma: no cover
- def get_object_category_dict(self, intra_extension_id):
+ def get_object_categories_dict(self, intra_extension_id):
"""Get a list of all object categories
:param intra_extension_id: IntraExtension UUID
@@ -1815,94 +1815,24 @@ class IntraExtensionDriver(object):
"""
raise exception.NotImplemented() # pragma: no cover
- def set_object_category_dict(self, intra_extension_id, object_category_dict):
- """Set the list of all object categories
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param object_category_dict: dict of object categories {"uuid1": "name1", "uuid2": "name2"}
- :type object_category_dict: dict
- :return: a dictionary containing all object categories {"uuid1": "name1", "uuid2": "name2"}
- """
- raise exception.NotImplemented() # pragma: no cover
-
- def add_object_category(self, intra_extension_id, object_category_id, object_category_name):
- """Add a object category
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param object_category_id: the UUID of the object category
- :type object_category_id: string
- :param object_category_name: the name of the object category
- :type object_category_name: string
- :return: a dictionnary with the object catgory added {"uuid1": "name1"}
- """
+ def set_object_category_dict(self, intra_extension_id, object_category_id, object_category_dict):
raise exception.NotImplemented() # pragma: no cover
def del_object_category(self, intra_extension_id, object_category_id):
- """Remove one object category
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param object_category_id: the UUID of object category to remove
- :type object_category_id: string
- :return: a dictionary containing all object categories {"uuid1": "name1", "uuid2": "name2"}
- """
- raise exception.NotImplemented() # pragma: no cover
-
- def get_action_category_dict(self, intra_extension_id):
- """Get a list of all action categories
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :return: a dictionary containing all action categories {"uuid1": "name1", "uuid2": "name2"}
- """
raise exception.NotImplemented() # pragma: no cover
- def set_action_category_dict(self, intra_extension_id, action_category_dict):
- """Set the list of all action categories
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param action_category_dict: dict of action categories {"uuid1": "name1", "uuid2": "name2"}
- :type action_category_dict: dict
- :return: a dictionary containing all action categories {"uuid1": "name1", "uuid2": "name2"}
- """
+ def get_action_categories_dict(self, intra_extension_id):
raise exception.NotImplemented() # pragma: no cover
- def add_action_category(self, intra_extension_id, action_category_id, action_category_name):
- """Add a action category
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param action_category_id: the UUID of the action category
- :type action_category_id: string
- :param action_category_name: the name of the action category
- :type action_category_name: string
- :return: a dictionnary with the action catgory added {"uuid1": "name1"}
- """
+ def set_action_category_dict(self, intra_extension_id, action_category_id, action_category_dict):
raise exception.NotImplemented() # pragma: no cover
def del_action_category(self, intra_extension_id, action_category_id):
- """Remove one action category
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param action_category_id: the UUID of action category to remove
- :type action_category_id: string
- :return: a dictionary containing all action categories {"uuid1": "name1", "uuid2": "name2"}
- """
raise exception.NotImplemented() # pragma: no cover
# Perimeter functions
def get_subjects_dict(self, intra_extension_id):
- """Get the list of subject for that IntraExtension
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :return: a dictionary containing all subjects for that IntraExtension, eg. {"uuid1": "name1", "uuid2": "name2"}
- """
raise exception.NotImplemented() # pragma: no cover
def set_subject_dict(self, intra_extension_id, subject_id, subject_dict):
@@ -1911,25 +1841,19 @@ class IntraExtensionDriver(object):
def del_subject(self, intra_extension_id, subject_id):
raise exception.NotImplemented() # pragma: no cover
- def get_object_dict(self, intra_extension_id):
- raise exception.NotImplemented() # pragma: no cover
-
- def set_object_dict(self, intra_extension_id, object_dict):
+ def get_objects_dict(self, intra_extension_id):
raise exception.NotImplemented() # pragma: no cover
- def add_object(self, intra_extension_id, object_id, object_name):
+ def set_object_dict(self, intra_extension_id, object_id, object_dict):
raise exception.NotImplemented() # pragma: no cover
def del_object(self, intra_extension_id, object_id):
raise exception.NotImplemented() # pragma: no cover
- def get_action_dict(self, intra_extension_id):
+ def get_actions_dict(self, intra_extension_id):
raise exception.NotImplemented() # pragma: no cover
- def set_action_dict(self, intra_extension_id, action_dict):
- raise exception.NotImplemented() # pragma: no cover
-
- def add_action(self, intra_extension_id, action_id, action_name):
+ def set_action_dict(self, intra_extension_id, action_id, action_dict):
raise exception.NotImplemented() # pragma: no cover
def del_action(self, intra_extension_id, action_id):
@@ -1946,104 +1870,22 @@ class IntraExtensionDriver(object):
def del_subject_scope(self, intra_extension_id, subject_category_id, subject_scope_id):
raise exception.NotImplemented() # pragma: no cover
- def get_object_scope_dict(self, intra_extension_id, object_category_id):
- """Get a list of all object category scope
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param object_category_id: the category UUID where the scope values are
- :type object_category_id: string
- :return: a dictionary containing all object category scope {"category1": {"scope_uuid1": "scope_name1}}
- """
- raise exception.NotImplemented() # pragma: no cover
-
- def set_object_scope_dict(self, intra_extension_id, object_category_id, object_scope_dict):
- """Set the list of all scope for that object category
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param object_category_id: the UUID of the object category where this scope will be set
- :type object_category_id: string
- :return: a dictionary containing all scope {"scope_uuid1": "scope_name1, "scope_uuid2": "scope_name2}
- """
+ def get_object_scopes_dict(self, intra_extension_id, object_category_id):
raise exception.NotImplemented() # pragma: no cover
- def add_object_scope(self, intra_extension_id, object_category_id, object_scope_id, object_scope_name):
- """Add a object category
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param object_category_id: the object category UUID where the scope will be added
- :type object_category_id: string
- :param object_scope_id: the UUID of the object category
- :type object_scope_id: string
- :param object_scope_name: the name of the object category
- :type object_scope_name: string
- :return: a dictionary containing the object category scope added {"category1": {"scope_uuid1": "scope_name1}}
- """
+ def set_object_scope_dict(self, intra_extension_id, object_category_id, object_scope_id, object_scope_dict):
raise exception.NotImplemented() # pragma: no cover
def del_object_scope(self, intra_extension_id, object_category_id, object_scope_id):
- """Remove one scope belonging to a object category
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param object_category_id: the UUID of object categorywhere we can find the scope to remove
- :type object_category_id: string
- :param object_scope_id: the UUID of the scope to remove
- :type object_scope_id: string
- :return: None
- """
- raise exception.NotImplemented() # pragma: no cover
-
- def get_action_scope_dict(self, intra_extension_id, action_category_id):
- """Get a list of all action category scope
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param action_category_id: the category UUID where the scope values are
- :type action_category_id: string
- :return: a dictionary containing all action category scope {"category1": {"scope_uuid1": "scope_name1}}
- """
raise exception.NotImplemented() # pragma: no cover
- def set_action_scope_dict(self, intra_extension_id, action_category_id, action_scope_id):
- """Set the list of all scope for that action category
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param action_category_id: the UUID of the action category where this scope will be set
- :type action_category_id: string
- :return: a dictionary containing all scope {"scope_uuid1": "scope_name1, "scope_uuid2": "scope_name2}
- """
+ def get_action_scopes_dict(self, intra_extension_id, action_category_id):
raise exception.NotImplemented() # pragma: no cover
- def add_action_scope(self, intra_extension_id, action_category_id, action_scope_id, action_scope_name):
- """Add a action category
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param action_category_id: the action category UUID where the scope will be added
- :type action_category_id: string
- :param action_scope_id: the UUID of the action category
- :type action_scope_id: string
- :param action_scope_name: the name of the action category
- :type action_scope_name: string
- :return: a dictionary containing the action category scope added {"category1": {"scope_uuid1": "scope_name1}}
- """
+ def set_action_scope_dict(self, intra_extension_id, action_category_id, action_scope_id, action_scope_dict):
raise exception.NotImplemented() # pragma: no cover
def del_action_scope(self, intra_extension_id, action_category_id, action_scope_id):
- """Remove one scope belonging to a action category
-
- :param intra_extension_id: IntraExtension UUID
- :type intra_extension_id: string
- :param action_category_id: the UUID of action categorywhere we can find the scope to remove
- :type action_category_id: string
- :param action_scope_id: the UUID of the scope to remove
- :type action_scope_id: string
- :return: None
- """
raise exception.NotImplemented() # pragma: no cover
# Assignment functions
@@ -2060,25 +1902,25 @@ class IntraExtensionDriver(object):
def del_subject_assignment(self, intra_extension_id, subject_id, subject_category_id, subject_scope_id):
raise exception.NotImplemented() # pragma: no cover
- def get_object_assignment_dict(self, intra_extension_id, object_id):
+ def get_object_assignment_list(self, intra_extension_id, object_id, object_category_id):
raise exception.NotImplemented() # pragma: no cover
- def set_object_assignment_dict(self, intra_extension_id, object_id, object_assignment_dict):
+ def set_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_assignment_list):
raise exception.NotImplemented() # pragma: no cover
- def add_object_assignment(self, intra_extension_id, object_id, object_category_id, object_scope_id):
+ def add_object_assignment_list(self, intra_extension_id, object_id, object_category_id, object_scope_id):
raise exception.NotImplemented() # pragma: no cover
def del_object_assignment(self, intra_extension_id, object_id, object_category_id, object_scope_id):
raise exception.NotImplemented() # pragma: no cover
- def get_action_assignment_dict(self, intra_extension_id, action_id):
+ def get_action_assignment_list(self, intra_extension_id, action_id, action_category_id):
raise exception.NotImplemented() # pragma: no cover
- def set_action_assignment_dict(self, intra_extension_id, action_id, action_assignment_dict):
+ def set_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_assignment_list):
raise exception.NotImplemented() # pragma: no cover
- def add_action_assignment(self, intra_extension_id, action_id, action_category_id, action_scope_id):
+ def add_action_assignment_list(self, intra_extension_id, action_id, action_category_id, action_scope_id):
raise exception.NotImplemented() # pragma: no cover
def del_action_assignment(self, intra_extension_id, action_id, action_category_id, action_scope_id):
@@ -2109,7 +1951,7 @@ class IntraExtensionDriver(object):
def set_rule_dict(self, intra_extension_id, sub_meta_rule_id, rule_id, rule_list):
raise exception.NotImplemented() # pragma: no cover
- def del_rule_dict(self, intra_extension_id, sub_meta_rule_id, rule_id):
+ def del_rule(self, intra_extension_id, sub_meta_rule_id, rule_id):
raise exception.NotImplemented() # pragma: no cover
class LogDriver(object):