From 48857b80be18bb0985aab643f5c8c899194d636b Mon Sep 17 00:00:00 2001 From: Thomas Duval Date: Fri, 5 Jan 2018 16:28:07 +0100 Subject: prevent the mapping N*PDP <=> 1*Keystone_project Change-Id: Ia43d7fb2a2c8054e9cf492395f2e3ef396d184cf --- moon_manager/moon_manager/api/pdp.py | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) (limited to 'moon_manager') diff --git a/moon_manager/moon_manager/api/pdp.py b/moon_manager/moon_manager/api/pdp.py index 4dc2c310..3ae55d33 100644 --- a/moon_manager/moon_manager/api/pdp.py +++ b/moon_manager/moon_manager/api/pdp.py @@ -14,9 +14,7 @@ import requests import time from python_moonutilities.security_functions import check_auth from python_moondb.core import PDPManager -from python_moondb.core import PolicyManager -from python_moondb.core import ModelManager -from python_moonutilities import configuration +from python_moonutilities import configuration, exceptions __version__ = "4.3.2" @@ -51,6 +49,14 @@ def add_pod(uuid, data): logger.info(req.text) +def check_keystone_pid(k_pid): + data = PDPManager.get_pdp(user_id="admin") + for pdp_key, pdp_value in data.items(): + logger.info("pdp={}".format(pdp_value)) + if pdp_value["keystone_project_id"] == k_pid: + return True + + class PDP(Resource): """ Endpoint for pdp requests @@ -113,6 +119,9 @@ class PDP(Resource): data = dict(request.json) if not data.get("keystone_project_id"): data["keystone_project_id"] = None + else: + if check_keystone_pid(data.get("keystone_project_id")): + raise exceptions.PdpKeystoneMappingConflict data = PDPManager.add_pdp( user_id=user_id, pdp_id=None, value=request.json) uuid = list(data.keys())[0] @@ -166,6 +175,9 @@ class PDP(Resource): _data = dict(request.json) if not _data.get("keystone_project_id"): _data["keystone_project_id"] = None + else: + if check_keystone_pid(_data.get("keystone_project_id")): + raise exceptions.PdpKeystoneMappingConflict data = PDPManager.update_pdp( user_id=user_id, pdp_id=uuid, value=_data) logger.debug("data={}".format(data)) -- cgit 1.2.3-korg