def update(self, req, image_id, id, body=None):
"""
Adds a membership to the image, or updates an existing one.
If a body is present, it is a dict with the following format::
{"member": {
"can_share": [True|False]
}}
If "can_share" is provided, the member's ability to share is
set accordingly. If it is not provided, existing memberships
remain unchanged and new memberships default to False.
"""
if req.context.read_only:
raise webob.exc.HTTPForbidden()
elif req.context.owner is None:
raise webob.exc.HTTPUnauthorized(_("No authenticated user"))
# Make sure the image exists
try:
image = db_api.image_get(req.context, image_id)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({
'user': req.context.user,
'id': image_id
})
logger.info(msg)
raise webob.exc.HTTPNotFound()
# Can they manipulate the membership?
if not req.context.is_image_sharable(image):
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Determine the applicable can_share value
can_share = None
if body:
try:
can_share = bool(body['member']['can_share'])
except Exception, e:
# Malformed entity...
msg = _("Invalid membership association: %s") % e
raise webob.exc.HTTPBadRequest(explanation=msg)
def show(self, req, id):
"""Return data about the given image id."""
try:
image = db_api.image_get(req.context, id)
except exception.NotFound:
raise exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({'user': req.context.user,
'id': id})
logger.info(msg)
raise exc.HTTPNotFound()
return dict(image=make_image_dict(image))
def update(self, req, image_id, id, body=None):
"""
Adds a membership to the image, or updates an existing one.
If a body is present, it is a dict with the following format::
{"member": {
"can_share": [True|False]
}}
If "can_share" is provided, the member's ability to share is
set accordingly. If it is not provided, existing memberships
remain unchanged and new memberships default to False.
"""
if req.context.read_only:
raise webob.exc.HTTPForbidden()
elif req.context.owner is None:
raise webob.exc.HTTPUnauthorized(_("No authenticated user"))
# Make sure the image exists
try:
image = db_api.image_get(req.context, image_id)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({'user': req.context.user,
'id': image_id})
logger.info(msg)
raise webob.exc.HTTPNotFound()
# Can they manipulate the membership?
if not req.context.is_image_sharable(image):
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Determine the applicable can_share value
can_share = None
if body:
try:
can_share = bool(body['member']['can_share'])
except Exception, e:
# Malformed entity...
msg = _("Invalid membership association: %s") % e
raise webob.exc.HTTPBadRequest(explanation=msg)
def delete(self, req, image_id, id):
"""
Removes a membership from the image.
"""
if req.context.read_only:
raise webob.exc.HTTPForbidden()
elif req.context.owner is None:
raise webob.exc.HTTPUnauthorized(_("No authenticated user"))
# Make sure the image exists
try:
image = db_api.image_get(req.context, image_id)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({
'user': req.context.user,
'id': image_id
})
logger.info(msg)
raise webob.exc.HTTPNotFound()
# Can they manipulate the membership?
if not req.context.is_image_sharable(image):
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Look up an existing membership
try:
session = db_api.get_session()
member_ref = db_api.image_member_find(req.context,
image_id,
id,
session=session)
db_api.image_member_delete(req.context,
member_ref,
session=session)
except exception.NotFound:
pass
# Make an appropriate result
return webob.exc.HTTPNoContent()
def show(self, req, id):
"""Return data about the given image id."""
try:
image = db_api.image_get(req.context, id)
except exception.NotFound:
raise exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({
'user': req.context.user,
'id': id
})
logger.info(msg)
raise exc.HTTPNotFound()
return dict(image=make_image_dict(image))
def update_all(self, req, image_id, body):
"""
Replaces the members of the image with those specified in the
body. The body is a dict with the following format::
{"memberships": [
{"member_id": <MEMBER_ID>,
["can_share": [True|False]]}, ...
]}
"""
if req.context.read_only:
raise webob.exc.HTTPForbidden()
elif req.context.owner is None:
raise webob.exc.HTTPUnauthorized(_("No authenticated user"))
# Make sure the image exists
session = db_api.get_session()
try:
image = db_api.image_get(req.context, image_id, session=session)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({
'user': req.context.user,
'id': image_id
})
logger.info(msg)
raise webob.exc.HTTPNotFound()
# Can they manipulate the membership?
if not req.context.is_image_sharable(image):
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Get the membership list
try:
memb_list = body['memberships']
except Exception, e:
# Malformed entity...
msg = _("Invalid membership association: %s") % e
raise webob.exc.HTTPBadRequest(explanation=msg)
def delete(self, req, image_id, id):
"""
Removes a membership from the image.
"""
if req.context.read_only:
raise webob.exc.HTTPForbidden()
elif req.context.owner is None:
raise webob.exc.HTTPUnauthorized(_("No authenticated user"))
# Make sure the image exists
try:
image = db_api.image_get(req.context, image_id)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({'user': req.context.user,
'id': image_id})
logger.info(msg)
raise webob.exc.HTTPNotFound()
# Can they manipulate the membership?
if not req.context.is_image_sharable(image):
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Look up an existing membership
try:
session = db_api.get_session()
member_ref = db_api.image_member_find(req.context,
image_id,
id,
session=session)
db_api.image_member_delete(req.context,
member_ref,
session=session)
except exception.NotFound:
pass
# Make an appropriate result
return webob.exc.HTTPNoContent()
def update_all(self, req, image_id, body):
"""
Replaces the members of the image with those specified in the
body. The body is a dict with the following format::
{"memberships": [
{"member_id": <MEMBER_ID>,
["can_share": [True|False]]}, ...
]}
"""
if req.context.read_only:
raise webob.exc.HTTPForbidden()
elif req.context.owner is None:
raise webob.exc.HTTPUnauthorized(_("No authenticated user"))
# Make sure the image exists
session = db_api.get_session()
try:
image = db_api.image_get(req.context, image_id, session=session)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({'user': req.context.user,
'id': image_id})
logger.info(msg)
raise webob.exc.HTTPNotFound()
# Can they manipulate the membership?
if not req.context.is_image_sharable(image):
msg = _("No permission to share that image")
raise webob.exc.HTTPForbidden(msg)
# Get the membership list
try:
memb_list = body['memberships']
except Exception, e:
# Malformed entity...
msg = _("Invalid membership association: %s") % e
raise webob.exc.HTTPBadRequest(explanation=msg)
def index(self, req, image_id):
"""
Get the members of an image.
"""
try:
image = db_api.image_get(req.context, image_id)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({'user': req.context.user,
'id': image_id})
logger.info(msg)
raise webob.exc.HTTPNotFound()
return dict(members=make_member_list(image['members'],
member_id='member',
can_share='can_share'))
def index(self, req, image_id):
"""
Get the members of an image.
"""
try:
image = db_api.image_get(req.context, image_id)
except exception.NotFound:
raise webob.exc.HTTPNotFound()
except exception.NotAuthorized:
# If it's private and doesn't belong to them, don't let on
# that it exists
msg = _("Access by %(user)s to image %(id)s "
"denied") % ({
'user': req.context.user,
'id': image_id
})
logger.info(msg)
raise webob.exc.HTTPNotFound()
return dict(members=make_member_list(
image['members'], member_id='member', can_share='can_share'))
def test_image_get_force_allow_deleted(self):
db_api.image_destroy(self.adm_context, UUID1)
image = db_api.image_get(self.context, UUID1, force_show_deleted=True)
self.assertEquals(image['id'], FIXTURES[0]['id'])
def test_image_get(self):
image = db_api.image_get(self.context, UUID1)
self.assertEquals(image['id'], FIXTURES[0]['id'])
def test_image_get_force_allow_deleted(self):
db_api.image_destroy(self.adm_context, UUID1)
image = db_api.image_get(self.context, UUID1, force_show_deleted=True)
self.assertEquals(image['id'], FIXTURES[0]['id'])
def test_image_get(self):
image = db_api.image_get(self.context, UUID1)
self.assertEquals(image['id'], FIXTURES[0]['id'])
