def test_extension_authorizer(self, action, valid):
self.mock_object(policy, 'enforce')
target = 'fake'
extensions.extension_authorizer('api', 'fake')({}, target, action)
policy.enforce.assert_called_once_with(mock.ANY, valid, target)
def test_extension_authorizer(self, action, valid):
self.mock_object(policy, 'enforce')
target = 'fake'
extensions.extension_authorizer('api', 'fake')(
{}, target, action)
policy.enforce.assert_called_once_with(mock.ANY, valid, target)
def test_extension_authorizer_empty_target(self):
self.mock_object(policy, 'enforce')
target = None
context = mock.Mock()
context.project_id = 'fake'
context.user_id = 'fake'
extensions.extension_authorizer('api', 'fake')(
context, target, 'fake')
policy.enforce.assert_called_once_with(
mock.ANY, mock.ANY, {'project_id': 'fake', 'user_id': 'fake'})
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from manila.api import extensions
from manila.api.openstack import wsgi
from manila import db
authorize = extensions.extension_authorizer('share', 'availability_zones')
class Controller(wsgi.Controller):
def index(self, req):
"""Describe all known availability zones."""
context = req.environ['manila.context']
authorize(context)
azs = db.availability_zone_get_all(context)
return {'availability_zones': azs}
class Availability_zones(extensions.ExtensionDescriptor):
"""Describe Availability Zones."""
name = 'AvailabilityZones'
from manila.api import extensions
from manila.api.openstack import wsgi
from manila.api import xmlutil
from manila import db
from manila.db.sqlalchemy import api as sqlalchemy_api
from manila import exception
from manila.openstack.common import log as logging
from manila.openstack.common import strutils
from manila import quota
QUOTAS = quota.QUOTAS
LOG = logging.getLogger(__name__)
NON_QUOTA_KEYS = ['tenant_id', 'id', 'force']
authorize_update = extensions.extension_authorizer('compute', 'quotas:update')
authorize_show = extensions.extension_authorizer('compute', 'quotas:show')
authorize_delete = extensions.extension_authorizer('compute', 'quotas:delete')
class QuotaTemplate(xmlutil.TemplateBuilder):
def construct(self):
root = xmlutil.TemplateElement('quota_set', selector='quota_set')
root.set('id')
for resource in QUOTAS.resources:
elem = xmlutil.SubTemplateElement(root, resource)
elem.text = resource
return xmlutil.MasterTemplate(root, 1)
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from manila.api import extensions
from manila.api.openstack import wsgi
from manila import quota
QUOTAS = quota.QUOTAS
authorize = extensions.extension_authorizer('limits', 'used_limits')
class UsedLimitsController(wsgi.Controller):
@wsgi.extends
def index(self, req, resp_obj):
context = req.environ['manila.context']
authorize(context)
quotas = QUOTAS.get_project_quotas(context,
context.project_id,
usages=True)
quota_map = {
'totalSharesUsed': 'shares',
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import re
import six
import webob
from manila.api import extensions
from manila.api.openstack import wsgi
from manila.api import xmlutil
from manila import exception
from manila import share
authorize = extensions.extension_authorizer('share', 'services')
class ShareAccessTemplate(xmlutil.TemplateBuilder):
"""XML Template for share access management methods."""
def construct(self):
root = xmlutil.TemplateElement('access', selector='access')
root.set("share_id")
root.set("deleted")
root.set("created_at")
root.set("updated_at")
root.set("access_type")
root.set("access_to")
root.set("state")
root.set("deleted_at")
root.set("id")
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob
from manila.api import extensions
from manila import db
from manila import exception
from manila import quota
QUOTAS = quota.QUOTAS
authorize = extensions.extension_authorizer('share', 'quota_classes')
class QuotaClassSetsController(object):
def _format_quota_set(self, quota_class, quota_set):
"""Convert the quota object to a result dict."""
result = dict(id=str(quota_class))
for resource in QUOTAS.resources:
result[resource] = quota_set[resource]
return dict(quota_class_set=result)
def show(self, req, id):
def authorize(self, context, action_name):
action = '%s_admin_actions:%s' % (self.resource_name, action_name)
extensions.extension_authorizer('share', action)(context)
from manila.api import xmlutil
from manila import db
from manila.db.sqlalchemy import api as sqlalchemy_api
from manila import exception
from manila.openstack.common.gettextutils import _
from manila.openstack.common import log as logging
from manila.openstack.common import strutils
from manila import quota
QUOTAS = quota.QUOTAS
LOG = logging.getLogger(__name__)
NON_QUOTA_KEYS = ['tenant_id', 'id', 'force']
authorize_update = extensions.extension_authorizer('compute', 'quotas:update')
authorize_show = extensions.extension_authorizer('compute', 'quotas:show')
authorize_delete = extensions.extension_authorizer('compute', 'quotas:delete')
class QuotaTemplate(xmlutil.TemplateBuilder):
def construct(self):
root = xmlutil.TemplateElement('quota_set', selector='quota_set')
root.set('id')
for resource in QUOTAS.resources:
elem = xmlutil.SubTemplateElement(root, resource)
elem.text = resource
return xmlutil.MasterTemplate(root, 1)
# under the License.
"""The volume types extra specs extension"""
import six
import webob
from manila.api import common
from manila.api import extensions
from manila.api.openstack import wsgi
from manila import db
from manila import exception
from manila.i18n import _
from manila import rpc
from manila.share import volume_types
authorize = extensions.extension_authorizer('share', 'types_extra_specs')
class VolumeTypeExtraSpecsController(wsgi.Controller):
"""The volume type extra specs API controller for the OpenStack API."""
def _get_extra_specs(self, context, type_id):
extra_specs = db.volume_type_extra_specs_get(context, type_id)
specs_dict = {}
for key, value in six.iteritems(extra_specs):
specs_dict[key] = value
return dict(extra_specs=specs_dict)
def _check_type(self, context, type_id):
try:
volume_types.get_volume_type(context, type_id)
except exception.NotFound as ex:
def get_all(self,
context,
search_opts=None,
sort_key='created_at',
sort_dir='desc'):
policy.check_policy(context, 'share', 'get_all')
if search_opts is None:
search_opts = {}
LOG.debug("Searching for shares by: %s", six.text_type(search_opts))
# Prepare filters
filters = {}
if 'metadata' in search_opts:
filters['metadata'] = search_opts.pop('metadata')
if not isinstance(filters['metadata'], dict):
msg = _("Wrong metadata filter provided: "
"%s.") % six.text_type(filters['metadata'])
raise exception.InvalidInput(reason=msg)
if 'extra_specs' in search_opts:
# Verify policy for extra-specs access
extensions.extension_authorizer('share',
'types_extra_specs')(context)
filters['extra_specs'] = search_opts.pop('extra_specs')
if not isinstance(filters['extra_specs'], dict):
msg = _("Wrong extra specs filter provided: "
"%s.") % six.text_type(filters['extra_specs'])
raise exception.InvalidInput(reason=msg)
if not (isinstance(sort_key, six.string_types) and sort_key):
msg = _("Wrong sort_key filter provided: "
"'%s'.") % six.text_type(sort_key)
raise exception.InvalidInput(reason=msg)
if not (isinstance(sort_dir, six.string_types) and sort_dir):
msg = _("Wrong sort_dir filter provided: "
"'%s'.") % six.text_type(sort_dir)
raise exception.InvalidInput(reason=msg)
is_public = search_opts.pop('is_public', False)
is_public = strutils.bool_from_string(is_public, strict=True)
# Get filtered list of shares
if 'share_server_id' in search_opts:
# NOTE(vponomaryov): this is project_id independent
policy.check_policy(context, 'share', 'list_by_share_server_id')
shares = self.db.share_get_all_by_share_server(
context,
search_opts.pop('share_server_id'),
filters=filters,
sort_key=sort_key,
sort_dir=sort_dir)
elif (context.is_admin and 'all_tenants' in search_opts):
shares = self.db.share_get_all(context,
filters=filters,
sort_key=sort_key,
sort_dir=sort_dir)
else:
shares = self.db.share_get_all_by_project(
context,
project_id=context.project_id,
user_id=context.user_id,
filters=filters,
is_public=is_public,
sort_key=sort_key,
sort_dir=sort_dir)
# NOTE(vponomaryov): we do not need 'all_tenants' opt anymore
search_opts.pop('all_tenants', None)
if search_opts:
results = []
for s in shares:
# values in search_opts can be only strings
if all(s.get(k, None) == v for k, v in search_opts.items()):
results.append(s)
shares = results
return shares
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import six
from manila.api import extensions
from manila.api.openstack import wsgi
from manila import quota
QUOTAS = quota.QUOTAS
authorize = extensions.extension_authorizer('limits', 'used_limits')
class UsedLimitsController(wsgi.Controller):
@wsgi.extends
def index(self, req, resp_obj):
context = req.environ['manila.context']
authorize(context)
quotas = QUOTAS.get_project_quotas(context,
context.project_id,
usages=True)
quota_map = {
'totalSharesUsed': 'shares',
'totalShareSnapshotsUsed': 'snapshots',
import webob.exc
from manila.api import extensions
from manila.api.openstack import wsgi
from manila.api import xmlutil
from manila import db
from manila import exception
from manila.openstack.common import log as logging
from manila.openstack.common import timeutils
from manila import utils
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer("share", "services")
class ServicesIndexTemplate(xmlutil.TemplateBuilder):
def construct(self):
root = xmlutil.TemplateElement("services")
elem = xmlutil.SubTemplateElement(root, "service", selector="services")
elem.set("binary")
elem.set("host")
elem.set("zone")
elem.set("status")
elem.set("state")
elem.set("update_at")
return xmlutil.MasterTemplate(root, 1)
# under the License.
"""The volume types manage extension."""
import six
import webob
from manila.api import extensions
from manila.api.openstack import wsgi
from manila.api.views import types as views_types
from manila import exception
from manila import rpc
from manila.share import volume_types
authorize = extensions.extension_authorizer('share', 'types_manage')
class VolumeTypesManageController(wsgi.Controller):
"""The volume types API controller for the OpenStack API."""
_view_builder_class = views_types.ViewBuilder
def _notify_volume_type_error(self, context, method, payload):
rpc.get_notifier('volumeType').error(context, method, payload)
@wsgi.action("create")
def _create(self, req, body):
"""Creates a new volume type."""
context = req.environ['manila.context']
authorize(context)
def authorize(self, context, action_name):
action = "%s_admin_actions:%s" % (self.resource_name, action_name)
extensions.extension_authorizer("share", action)(context)
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""The volume types manage extension."""
import six
import webob
from manila.api import extensions
from manila.api.openstack import wsgi
from manila.api.views import types as views_types
from manila import exception
from manila import rpc
from manila.share import volume_types
authorize = extensions.extension_authorizer('share', 'types_manage')
class VolumeTypesManageController(wsgi.Controller):
"""The volume types API controller for the OpenStack API."""
_view_builder_class = views_types.ViewBuilder
def _notify_volume_type_error(self, context, method, payload):
rpc.get_notifier('volumeType').error(context, method, payload)
@wsgi.action("create")
def _create(self, req, body):
"""Creates a new volume type."""
context = req.environ['manila.context']
authorize(context)
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob
from manila.api import extensions
from manila.api.openstack import wsgi
from manila.api import xmlutil
from manila import db
from manila import exception
from manila import quota
QUOTAS = quota.QUOTAS
authorize = extensions.extension_authorizer('share', 'quota_classes')
class QuotaClassTemplate(xmlutil.TemplateBuilder):
def construct(self):
root = xmlutil.TemplateElement('quota_class_set',
selector='quota_class_set')
root.set('id')
for resource in QUOTAS.resources:
elem = xmlutil.SubTemplateElement(root, resource)
elem.text = resource
return xmlutil.MasterTemplate(root, 1)
# License for the specific language governing permissions and limitations
# under the License.
import re
import six
import webob
from manila.api import extensions
from manila.api.openstack import wsgi
from manila.api import xmlutil
from manila import exception
from manila import share
authorize = extensions.extension_authorizer('share', 'services')
class ShareAccessTemplate(xmlutil.TemplateBuilder):
"""XML Template for share access management methods."""
def construct(self):
root = xmlutil.TemplateElement('access',
selector='access')
root.set("share_id")
root.set("deleted")
root.set("created_at")
root.set("updated_at")
root.set("access_type")
root.set("access_to")
root.set("state")
"""The share types extra specs extension"""
import six
import webob
from manila.api import common
from manila.api import extensions
from manila.api.openstack import wsgi
from manila import db
from manila import exception
from manila.i18n import _
from manila import rpc
from manila.share import share_types
authorize = extensions.extension_authorizer('share', 'types_extra_specs')
class ShareTypeExtraSpecsController(wsgi.Controller):
"""The share type extra specs API controller for the OpenStack API."""
def _get_extra_specs(self, context, type_id):
extra_specs = db.share_type_extra_specs_get(context, type_id)
specs_dict = {}
for key, value in six.iteritems(extra_specs):
specs_dict[key] = value
return dict(extra_specs=specs_dict)
def _check_type(self, context, type_id):
try:
share_types.get_share_type(context, type_id)
def get_all(self, context, search_opts=None, sort_key='created_at',
sort_dir='desc'):
policy.check_policy(context, 'share', 'get_all')
if search_opts is None:
search_opts = {}
LOG.debug("Searching for shares by: %s", six.text_type(search_opts))
# Prepare filters
filters = {}
if 'metadata' in search_opts:
filters['metadata'] = search_opts.pop('metadata')
if not isinstance(filters['metadata'], dict):
msg = _("Wrong metadata filter provided: "
"%s.") % six.text_type(filters['metadata'])
raise exception.InvalidInput(reason=msg)
if 'extra_specs' in search_opts:
# Verify policy for extra-specs access
extensions.extension_authorizer(
'share', 'types_extra_specs')(context)
filters['extra_specs'] = search_opts.pop('extra_specs')
if not isinstance(filters['extra_specs'], dict):
msg = _("Wrong extra specs filter provided: "
"%s.") % six.text_type(filters['extra_specs'])
raise exception.InvalidInput(reason=msg)
if not (isinstance(sort_key, six.string_types) and sort_key):
msg = _("Wrong sort_key filter provided: "
"'%s'.") % six.text_type(sort_key)
raise exception.InvalidInput(reason=msg)
if not (isinstance(sort_dir, six.string_types) and sort_dir):
msg = _("Wrong sort_dir filter provided: "
"'%s'.") % six.text_type(sort_dir)
raise exception.InvalidInput(reason=msg)
is_public = search_opts.pop('is_public', False)
is_public = strutils.bool_from_string(is_public, strict=True)
# Get filtered list of shares
if 'share_server_id' in search_opts:
# NOTE(vponomaryov): this is project_id independent
policy.check_policy(context, 'share', 'list_by_share_server_id')
shares = self.db.share_get_all_by_share_server(
context, search_opts.pop('share_server_id'), filters=filters,
sort_key=sort_key, sort_dir=sort_dir)
elif (context.is_admin and 'all_tenants' in search_opts):
shares = self.db.share_get_all(
context, filters=filters, sort_key=sort_key, sort_dir=sort_dir)
else:
shares = self.db.share_get_all_by_project(
context, project_id=context.project_id, filters=filters,
is_public=is_public, sort_key=sort_key, sort_dir=sort_dir)
# NOTE(vponomaryov): we do not need 'all_tenants' opt anymore
search_opts.pop('all_tenants', None)
if search_opts:
results = []
for s in shares:
# values in search_opts can be only strings
if all(s.get(k, None) == v for k, v in search_opts.items()):
results.append(s)
shares = results
return shares
# under the License.
import webob
from manila.api import extensions
from manila.api.openstack import wsgi
from manila.api import xmlutil
from manila import db
from manila import exception
from manila import quota
QUOTAS = quota.QUOTAS
authorize = extensions.extension_authorizer("share", "quota_classes")
class QuotaClassTemplate(xmlutil.TemplateBuilder):
def construct(self):
root = xmlutil.TemplateElement("quota_class_set", selector="quota_class_set")
root.set("id")
for resource in QUOTAS.resources:
elem = xmlutil.SubTemplateElement(root, resource)
elem.text = resource
return xmlutil.MasterTemplate(root, 1)
class QuotaClassSetsController(object):
# under the License.
from oslo_log import log
import six
import webob
from webob import exc
from manila.api import extensions
from manila.api.openstack import wsgi
from manila.common import constants
from manila import exception
from manila.i18n import _
from manila.i18n import _LI
from manila import share
authorize = extensions.extension_authorizer('share', 'unmanage')
LOG = log.getLogger(__name__)
class ShareUnmanageController(wsgi.Controller):
def __init__(self, *args, **kwargs):
super(ShareUnmanageController, self).__init__(*args, **kwargs)
self.share_api = share.API()
@wsgi.action('create')
def unmanage(self, req, id):
"""Unmanage a share."""
context = req.environ['manila.context']
authorize(context)
from oslo_utils import uuidutils
import six
import webob
from manila.api import extensions
from manila.api.openstack import wsgi
from manila import exception
from manila.i18n import _
from manila.share import share_types
soft_authorize = extensions.soft_extension_authorizer('share',
'share_type_access')
authorize = extensions.extension_authorizer('share', 'share_type_access')
def _marshall_share_type_access(share_type):
rval = []
for project_id in share_type['projects']:
rval.append({'share_type_id': share_type['id'],
'project_id': project_id})
return {'share_type_access': rval}
class ShareTypeAccessController(object):
"""The share type access API controller for the OpenStack API."""
def index(self, req, type_id):
