def create_rbac_policy(self, context, rbac_policy): e = rbac_policy['rbac_policy'] try: registry.publish(resources.RBAC_POLICY, events.BEFORE_CREATE, self, payload=events.DBEventPayload( context, request_body=e, metadata={'object_type': e['object_type']})) except c_exc.CallbackFailure as e: raise n_exc.InvalidInput(error_message=e) rbac_class = ( rbac_obj.RBACBaseObject.get_type_class_map()[e['object_type']]) try: rbac_args = { 'project_id': e['project_id'], 'object_id': e['object_id'], 'action': e['action'], 'target_tenant': e['target_tenant'] } _rbac_obj = rbac_class(context, **rbac_args) _rbac_obj.create() except db_exc.DBDuplicateEntry: raise ext_rbac.DuplicateRbacPolicy() return self._make_rbac_policy_dict(_rbac_obj)
def create_rbac_policy(self, context, rbac_policy): e = rbac_policy['rbac_policy'] try: registry.notify(resources.RBAC_POLICY, events.BEFORE_CREATE, self, context=context, object_type=e['object_type'], policy=e) except c_exc.CallbackFailure as e: raise n_exc.InvalidInput(error_message=e) rbac_class = ( rbac_obj.RBACBaseObject.get_type_class_map()[e['object_type']]) try: rbac_args = { 'project_id': e['project_id'], 'object_id': e['object_id'], 'action': e['action'], 'target_tenant': e['target_tenant'] } _rbac_obj = rbac_class(context, **rbac_args) _rbac_obj.create() except o_exc.NeutronDbObjectDuplicateEntry: raise ext_rbac.DuplicateRbacPolicy() return self._make_rbac_policy_dict(_rbac_obj)
def create_rbac_policy(self, context, rbac_policy): e = rbac_policy['rbac_policy'] # NOTE(ralonsoh): remove this conversion when "bp/keystone-v3" is # widely implemented in all OpenStack projects. try: e['target_project'] = e.pop('target_tenant') except KeyError: pass try: registry.publish(resources.RBAC_POLICY, events.BEFORE_CREATE, self, payload=events.DBEventPayload( context, request_body=e, metadata={'object_type': e['object_type']})) except c_exc.CallbackFailure as e: raise n_exc.InvalidInput(error_message=e) rbac_class = ( rbac_obj.RBACBaseObject.get_type_class_map()[e['object_type']]) try: rbac_args = {'project_id': e['project_id'], 'object_id': e['object_id'], 'action': e['action'], 'target_project': e['target_project']} _rbac_obj = rbac_class(context, **rbac_args) _rbac_obj.create() except o_exc.NeutronDbObjectDuplicateEntry: raise ext_rbac.DuplicateRbacPolicy() return self._make_rbac_policy_dict(_rbac_obj)
def create_rbac_policy(self, context, rbac_policy): e = rbac_policy['rbac_policy'] try: registry.notify(resources.RBAC_POLICY, events.BEFORE_CREATE, self, context=context, object_type=e['object_type'], policy=e) except c_exc.CallbackFailure as e: raise n_exc.InvalidInput(error_message=e) dbmodel = models.get_type_model_map()[e['object_type']] try: with context.session.begin(subtransactions=True): db_entry = dbmodel(object_id=e['object_id'], target_tenant=e['target_tenant'], action=e['action'], tenant_id=e['tenant_id']) context.session.add(db_entry) except db_exc.DBDuplicateEntry: raise ext_rbac.DuplicateRbacPolicy() return self._make_rbac_policy_dict(db_entry)