def create_rbac_policy(self, context, rbac_policy):
e = rbac_policy['rbac_policy']
try:
registry.publish(resources.RBAC_POLICY,
events.BEFORE_CREATE,
self,
payload=events.DBEventPayload(
context,
request_body=e,
metadata={'object_type': e['object_type']}))
except c_exc.CallbackFailure as e:
raise n_exc.InvalidInput(error_message=e)
rbac_class = (
rbac_obj.RBACBaseObject.get_type_class_map()[e['object_type']])
try:
rbac_args = {
'project_id': e['project_id'],
'object_id': e['object_id'],
'action': e['action'],
'target_tenant': e['target_tenant']
}
_rbac_obj = rbac_class(context, **rbac_args)
_rbac_obj.create()
except db_exc.DBDuplicateEntry:
raise ext_rbac.DuplicateRbacPolicy()
return self._make_rbac_policy_dict(_rbac_obj)
def create_rbac_policy(self, context, rbac_policy):
e = rbac_policy['rbac_policy']
try:
registry.notify(resources.RBAC_POLICY,
events.BEFORE_CREATE,
self,
context=context,
object_type=e['object_type'],
policy=e)
except c_exc.CallbackFailure as e:
raise n_exc.InvalidInput(error_message=e)
rbac_class = (
rbac_obj.RBACBaseObject.get_type_class_map()[e['object_type']])
try:
rbac_args = {
'project_id': e['project_id'],
'object_id': e['object_id'],
'action': e['action'],
'target_tenant': e['target_tenant']
}
_rbac_obj = rbac_class(context, **rbac_args)
_rbac_obj.create()
except o_exc.NeutronDbObjectDuplicateEntry:
raise ext_rbac.DuplicateRbacPolicy()
return self._make_rbac_policy_dict(_rbac_obj)
def create_rbac_policy(self, context, rbac_policy):
e = rbac_policy['rbac_policy']
# NOTE(ralonsoh): remove this conversion when "bp/keystone-v3" is
# widely implemented in all OpenStack projects.
try:
e['target_project'] = e.pop('target_tenant')
except KeyError:
pass
try:
registry.publish(resources.RBAC_POLICY, events.BEFORE_CREATE, self,
payload=events.DBEventPayload(
context, request_body=e,
metadata={'object_type': e['object_type']}))
except c_exc.CallbackFailure as e:
raise n_exc.InvalidInput(error_message=e)
rbac_class = (
rbac_obj.RBACBaseObject.get_type_class_map()[e['object_type']])
try:
rbac_args = {'project_id': e['project_id'],
'object_id': e['object_id'],
'action': e['action'],
'target_project': e['target_project']}
_rbac_obj = rbac_class(context, **rbac_args)
_rbac_obj.create()
except o_exc.NeutronDbObjectDuplicateEntry:
raise ext_rbac.DuplicateRbacPolicy()
return self._make_rbac_policy_dict(_rbac_obj)
def create_rbac_policy(self, context, rbac_policy):
e = rbac_policy['rbac_policy']
try:
registry.notify(resources.RBAC_POLICY,
events.BEFORE_CREATE,
self,
context=context,
object_type=e['object_type'],
policy=e)
except c_exc.CallbackFailure as e:
raise n_exc.InvalidInput(error_message=e)
dbmodel = models.get_type_model_map()[e['object_type']]
try:
with context.session.begin(subtransactions=True):
db_entry = dbmodel(object_id=e['object_id'],
target_tenant=e['target_tenant'],
action=e['action'],
tenant_id=e['tenant_id'])
context.session.add(db_entry)
except db_exc.DBDuplicateEntry:
raise ext_rbac.DuplicateRbacPolicy()
return self._make_rbac_policy_dict(db_entry)
