Python assert_admin_or_project_userの例

コード例 #1

ファイル: fw_rule_sets.py プロジェクト: altai/altai-api

def get_fw_rule_set(fw_rule_set_id):
    try:
        sg = g.client_set.compute.security_groups.get(fw_rule_set_id)
    except osc_exc.NotFound:
        abort(404)
    assert_admin_or_project_user(sg.tenant_id, eperm_status=404)
    return make_json_response(_sg_to_view(sg))

コード例 #2

ファイル: instances.py プロジェクト: altai/altai-api

def fetch_instance(instance_id):
    try:
        instance = admin_client_set().compute.servers.get(instance_id)
    except osc_exc.NotFound:
        abort(404)
    assert_admin_or_project_user(instance.tenant_id, eperm_status=404)
    return instance

コード例 #3

ファイル: fw_rule_sets.py プロジェクト: altai/altai-api

def get_fw_rule_set(fw_rule_set_id):
    try:
        sg = g.client_set.compute.security_groups.get(fw_rule_set_id)
    except osc_exc.NotFound:
        abort(404)
    assert_admin_or_project_user(sg.tenant_id, eperm_status=404)
    return make_json_response(_sg_to_view(sg))

コード例 #4

ファイル: project_users.py プロジェクト: altai/altai-api

def _project_users_list(project_id):
    assert_admin_or_project_user(project_id, eperm_status=404)
    if project_id == default_tenant_id():
        abort(404)
    try:
        return admin_client_set().identity_admin.tenants.list_users(project_id)
    except osc_exc.NotFound:
        abort(404)

コード例 #5

def _get_security_group(sg_id):
    try:
        sg = auth.admin_client_set().compute.security_groups.get(sg_id)
    except osc_exc.NotFound:
        abort(404)
    auth.assert_admin_or_project_user(sg.tenant_id, eperm_status=404)
    # TODO(imelnikov): do we need to check if group belongs to systenant?
    return sg

コード例 #6

def _project_users_list(project_id):
    assert_admin_or_project_user(project_id, eperm_status=404)
    if project_id == default_tenant_id():
        abort(404)
    try:
        return admin_client_set().identity_admin.tenants.list_users(project_id)
    except osc_exc.NotFound:
        abort(404)

コード例 #7

ファイル: fw_rules.py プロジェクト: altai/altai-api

def _get_security_group(sg_id):
    try:
        sg = auth.admin_client_set().compute.security_groups.get(sg_id)
    except osc_exc.NotFound:
        abort(404)
    auth.assert_admin_or_project_user(sg.tenant_id, eperm_status=404)
    # TODO(imelnikov): do we need to check if group belongs to systenant?
    return sg

コード例 #8

ファイル: fw_rule_sets.py プロジェクト: altai/altai-api

def delete_fw_rule_set(fw_rule_set_id):
    try:
        sg = admin_client_set().compute.security_groups.get(fw_rule_set_id)
        assert_admin_or_project_user(sg.tenant_id, eperm_status=404)
        sg.delete()
    except osc_exc.NotFound:
        abort(404)

    set_audit_resource_id(sg)
    return make_json_response(None, status_code=204)

コード例 #9

ファイル: fw_rule_sets.py プロジェクト: altai/altai-api

def delete_fw_rule_set(fw_rule_set_id):
    try:
        sg = admin_client_set().compute.security_groups.get(fw_rule_set_id)
        assert_admin_or_project_user(sg.tenant_id, eperm_status=404)
        sg.delete()
    except osc_exc.NotFound:
        abort(404)

    set_audit_resource_id(sg)
    return make_json_response(None, status_code=204)

コード例 #10

def _security_groups_for_server(instance_id):
    try:
        result = admin_client_set().compute.security_groups._list(
            '/servers/%s/os-security-groups' % instance_id, 'security_groups')
    except osc_exc.HttpException:
        fetch_instance(instance_id)  # check that server exists and is visible
        raise  # if server exists, re-raise: it was other error
    if not result:
        fetch_instance(instance_id)  # check that server exists and is visible
    else:
        assert_admin_or_project_user(result[0].tenant_id, eperm_status=404)
    return result

コード例 #11

ファイル: instance_fw_rule_sets.py プロジェクト: altai/altai-api

def _security_groups_for_server(instance_id):
    try:
        result = admin_client_set().compute.security_groups._list(
            '/servers/%s/os-security-groups' % instance_id,
            'security_groups')
    except osc_exc.HttpException:
        fetch_instance(instance_id)  # check that server exists and is visible
        raise  # if server exists, re-raise: it was other error
    if not result:
        fetch_instance(instance_id)  # check that server exists and is visible
    else:
        assert_admin_or_project_user(result[0].tenant_id, eperm_status=404)
    return result

コード例 #12

ファイル: images.py プロジェクト: altai/altai-api

def _fetch_image(image_id, to_modify):
    try:
        image = auth.admin_client_set().image.images.get(image_id)
    except osc_exc.NotFound:
        abort(404)
    # NOTE(imelnikov): yes, glance may return False as string
    if image.deleted and image.deleted != 'False':
        abort(404)
    if image.owner == auth.default_tenant_id():
        if to_modify:
            auth.assert_admin()
    else:
        auth.assert_admin_or_project_user(image.owner)
    return image

コード例 #13

ファイル: images.py プロジェクト: altai/altai-api

def _fetch_image(image_id, to_modify):
    try:
        image = auth.admin_client_set().image.images.get(image_id)
    except osc_exc.NotFound:
        abort(404)
    # NOTE(imelnikov): yes, glance may return False as string
    if image.deleted and image.deleted != 'False':
        abort(404)
    if image.owner == auth.default_tenant_id():
        if to_modify:
            auth.assert_admin()
    else:
        auth.assert_admin_or_project_user(image.owner)
    return image