aboutsummaryrefslogtreecommitdiffstats
path: root/moon_interface/moon_interface/api/authz.py
diff options
context:
space:
mode:
Diffstat (limited to 'moon_interface/moon_interface/api/authz.py')
-rw-r--r--moon_interface/moon_interface/api/authz.py26
1 files changed, 11 insertions, 15 deletions
diff --git a/moon_interface/moon_interface/api/authz.py b/moon_interface/moon_interface/api/authz.py
index bd60d3f6..b82a14f1 100644
--- a/moon_interface/moon_interface/api/authz.py
+++ b/moon_interface/moon_interface/api/authz.py
@@ -12,6 +12,7 @@ import logging
import pickle
import time
from uuid import uuid4
+from python_moonutilities import exceptions
from moon_interface.authz_requests import AuthzRequest
@@ -29,18 +30,13 @@ def get_pdp_from_cache(cache, uuid):
"""
if uuid in cache.pdp:
return cache.pdp.get(uuid)
- return None
+ cache.update()
-def get_pdp_from_manager(cache, uuid):
- """Check if a PDP exist with this ID in the Manager component
+ if uuid in cache.pdp:
+ return cache.pdp.get(uuid)
- :param cache: Cache to use
- :param uuid: Keystone Project ID
- :return: True or False
- """
- cache.update()
- return get_pdp_from_cache(cache, uuid)
+ raise exceptions.PdpUnknown
def create_authz_request(cache, interface_name, manager_url, pdp_id, subject_name, object_name, action_name):
@@ -92,7 +88,7 @@ class Authz(Resource):
self.MANAGER_URL = kwargs.get("manager_url", "http://manager:8080")
self.TIMEOUT = 5
- def get(self, pdp_id=None, subject_name=None, object_name=None, action_name=None):
+ def get(self, pdp_id, subject_name=None, object_name=None, action_name=None):
"""Get a response on an authorization request
:param pdp_id: uuid of a tenant or an intra_extension
@@ -119,13 +115,13 @@ class Authz(Resource):
}
:internal_api: authz
"""
- pdp_value = get_pdp_from_cache(self.CACHE, pdp_id)
- if not pdp_id:
- pdp_value = get_pdp_from_manager(self.CACHE, pdp_id)
- if not pdp_id:
- return {
+ try:
+ get_pdp_from_cache(self.CACHE, pdp_id)
+ except exceptions.PdpUnknown:
+ return {
"result": False,
"message": "Unknown PDP ID."}, 403
+
authz_request = create_authz_request(
cache=self.CACHE,
pdp_id=pdp_id,