def remove_policy(self, group_uuid, policy_uuid): nb_deleted = self._dao.group.remove_policy(group_uuid, policy_uuid) if nb_deleted: return if not self._dao.group.exists(group_uuid): raise exceptions.UnknownGroupException(group_uuid) if not self._dao.policy.exists(policy_uuid): raise exceptions.UnknownPolicyException(policy_uuid)
def _assert_in_tenant_subtree(self, policy_uuid, scoping_tenant_uuid): if not scoping_tenant_uuid: return visible_tenant_uuids = self._tenant_tree.list_nodes( scoping_tenant_uuid) matching_policies = self._dao.policy.get( uuid=policy_uuid, tenant_uuids=visible_tenant_uuids) if not matching_policies: raise exceptions.UnknownPolicyException(policy_uuid)
def remove_policy(self, user_uuid, policy_uuid): nb_deleted = self._dao.user.remove_policy(user_uuid, policy_uuid) if nb_deleted: return if not self._dao.user.exists(user_uuid): raise exceptions.UnknownUserException(user_uuid) if not self._dao.policy.exists(policy_uuid): raise exceptions.UnknownPolicyException(policy_uuid)
def get(self, policy_uuid, scoping_tenant_uuid): args = { 'uuid': policy_uuid, 'tenant_uuids': self._tenant_tree.list_nodes(scoping_tenant_uuid), } matching_policies = self._dao.policy.get(**args) for policy in matching_policies: return policy raise exceptions.UnknownPolicyException(policy_uuid)
def delete_acl_template(self, policy_uuid, acl_template, scoping_tenant_uuid): self._assert_in_tenant_subtree(policy_uuid, scoping_tenant_uuid) nb_deleted = self._dao.policy.dissociate_policy_template( policy_uuid, acl_template) if nb_deleted: return if not self._dao.policy.exists(policy_uuid): raise exceptions.UnknownPolicyException(policy_uuid)
def assert_policy_in_subtenant(self, scoping_tenant_uuid, uuid): tenant_uuids = self._tenant_tree.list_nodes(scoping_tenant_uuid) exists = self._dao.policy.exists(uuid, tenant_uuids=tenant_uuids) if not exists: raise exceptions.UnknownPolicyException(uuid)