def authorize_project_context(context, project_id): """Ensures a request has permission to access the given project.""" if is_user_context(context): if not context.project_id: raise exception.Forbidden() elif context.project_id != project_id: raise exception.Forbidden()
def authorize_user_context(context, user_id): """Ensures a request has permission to access the given user.""" if is_user_context(context): if not context.user_id: raise exception.Forbidden() elif context.user_id != user_id: raise exception.Forbidden()
def wrapper(self, ctx, *args, **kwargs): try: res = method(self, ctx, *args, **kwargs) except (request_exceptions.Timeout, nova_exception.CommandError, keystone_exception.ConnectionError) as exc: err_msg = encodeutils.exception_to_unicode(exc) _reraise(exception.MasakariException(reason=err_msg)) except (keystone_exception.BadRequest, nova_exception.BadRequest) as exc: err_msg = encodeutils.exception_to_unicode(exc) _reraise(exception.InvalidInput(reason=err_msg)) except (keystone_exception.Forbidden, nova_exception.Forbidden) as exc: err_msg = encodeutils.exception_to_unicode(exc) _reraise(exception.Forbidden(err_msg)) except (nova_exception.NotFound) as exc: err_msg = encodeutils.exception_to_unicode(exc) _reraise(exception.NotFound(reason=err_msg)) except nova_exception.Conflict as exc: err_msg = encodeutils.exception_to_unicode(exc) _reraise(exception.Conflict(reason=err_msg)) return res
def index(self, req): raise exception.Forbidden()
def require_context(ctxt): """Raise exception.Forbidden() if context is not a user or an admin context. """ if not ctxt.is_admin and not is_user_context(ctxt): raise exception.Forbidden()