def _get_filters(self, req): """ Return a dictionary of query param filters from the request :param req: the Request object coming from the wsgi layer :retval a dict of key/value filters """ filters = {} properties = {} if req.context.is_admin: # Only admin gets to look for non-public images filters['is_public'] = self._get_is_public(req) else: filters['is_public'] = True for param in req.params: if param in SUPPORTED_FILTERS: filters[param] = req.params.get(param) if param.startswith('property-'): _param = param[9:] properties[_param] = req.params.get(param) if 'changes-since' in filters: isotime = filters['changes-since'] try: filters['changes-since'] = timeutils.parse_isotime(isotime) except ValueError: raise exc.HTTPBadRequest(_("Unrecognized changes-since value")) if 'protected' in filters: value = self._get_bool(filters['protected']) if value is None: raise exc.HTTPBadRequest( _("protected must be True, or " "False")) filters['protected'] = value # only allow admins to filter on 'deleted' if req.context.is_admin: deleted_filter = self._parse_deleted_filter(req) if deleted_filter is not None: filters['deleted'] = deleted_filter elif 'changes-since' not in filters: filters['deleted'] = False elif 'changes-since' not in filters: filters['deleted'] = False if len(properties) > 0: filters['properties'] = properties return filters
def _get_filters(self, req): """ Return a dictionary of query param filters from the request :param req: the Request object coming from the wsgi layer :retval a dict of key/value filters """ filters = {} properties = {} if req.context.is_admin: # Only admin gets to look for non-public images filters['is_public'] = self._get_is_public(req) else: filters['is_public'] = True for param in req.params: if param in SUPPORTED_FILTERS: filters[param] = req.params.get(param) if param.startswith('property-'): _param = param[9:] properties[_param] = req.params.get(param) if 'changes-since' in filters: isotime = filters['changes-since'] try: filters['changes-since'] = timeutils.parse_isotime(isotime) except ValueError: raise exc.HTTPBadRequest(_("Unrecognized changes-since value")) if 'protected' in filters: value = self._get_bool(filters['protected']) if value is None: raise exc.HTTPBadRequest( _("protected must be True, or " "False")) filters['protected'] = value # only allow admins to filter on 'deleted' if req.context.is_admin: deleted_filter = self._parse_deleted_filter(req) if deleted_filter is not None: filters['deleted'] = deleted_filter elif 'changes-since' not in filters: filters['deleted'] = False elif 'changes-since' not in filters: filters['deleted'] = False if len(properties) > 0: filters['properties'] = properties return filters
def _get_filters(self, req): """ Return a dictionary of query param filters from the request :param req: the Request object coming from the wsgi layer :retval a dict of key/value filters """ filters = {} properties = {} for param in req.params: if param in SUPPORTED_FILTERS: filters[param] = req.params.get(param) if param.startswith("property-"): _param = param[9:] properties[_param] = req.params.get(param) if "changes-since" in filters: isotime = filters["changes-since"] try: filters["changes-since"] = timeutils.parse_isotime(isotime) except ValueError: raise exc.HTTPBadRequest(_("Unrecognized changes-since value")) if "protected" in filters: value = self._get_bool(filters["protected"]) if value is None: raise exc.HTTPBadRequest(_("protected must be True, or " "False")) filters["protected"] = value # only allow admins to filter on 'deleted' if req.context.is_admin: deleted_filter = self._parse_deleted_filter(req) if deleted_filter is not None: filters["deleted"] = deleted_filter elif "changes-since" not in filters: filters["deleted"] = False elif "changes-since" not in filters: filters["deleted"] = False if properties: filters["properties"] = properties return filters
def _request_admin_token(self): """Retrieve new token as admin user from keystone. :return token id upon success :raises ServerError when unable to communicate with keystone Irrespective of the auth version we are going to use for the user token, for simplicity we always use a v2 admin token to validate the user token. """ params = { 'auth': { 'passwordCredentials': { 'username': self.admin_user, 'password': self.admin_password, }, 'tenantName': self.admin_tenant_name, } } response, data = self._json_request(self.keystone_auth_host, self.keystone_auth_port, 'POST', '/v2.0/tokens', body=params) try: token = data['access']['token']['id'] expiry = data['access']['token']['expires'] assert token assert expiry datetime_expiry = timeutils.parse_isotime(expiry) return (token, timeutils.normalize_time(datetime_expiry)) except (AssertionError, KeyError): self.LOG.warn( "Unexpected response from keystone service: %s", data) raise ServiceError('invalid json response') except (ValueError): self.LOG.warn( "Unable to parse expiration time from token: %s", data) raise ServiceError('invalid json response')