def get(self, group_uuid): tenant_uuids = get_tenant_uuids(recurse=True) self.group_service.assert_group_in_subtenant(tenant_uuids, group_uuid) try: list_params = schemas.GroupPolicyListSchema().load(request.args) except marshmallow.ValidationError as e: raise exceptions.InvalidListParamException(e.messages) policies = self.group_service.list_policies( group_uuid, tenant_uuids=tenant_uuids, **list_params, ) total = self.group_service.count_policies( group_uuid, filtered=False, **list_params, ) filtered = self.group_service.count_policies( group_uuid, filtered=True, **list_params, ) return ( { 'items': policy_full_schema.dump(policies, many=True), 'total': total, 'filtered': filtered, }, 200, )
def _delete(self, group_uuid, policy_uuid, tenant_uuids): tenant_uuids = get_tenant_uuids(recurse=True) self.group_service.assert_group_in_subtenant(tenant_uuids, group_uuid) # FIXME(fblackburn): Dissociation should be done on the same tenant # self.policy_service.assert_policy_in_subtenant(tenant_uuids, policy_uuid) self.group_service.remove_policy(group_uuid, policy_uuid) return '', 204
def delete(self, group_uuid, user_uuid): tenant_uuids = get_tenant_uuids(recurse=True) self.group_service.assert_group_in_subtenant(tenant_uuids, group_uuid) logger.debug('disassociating group %s user %s', group_uuid, user_uuid) self.group_service.remove_user(group_uuid, user_uuid) return '', 204
def put(self, group_uuid): tenant_uuids = get_tenant_uuids(recurse=True) self.group_service.assert_group_in_subtenant(tenant_uuids, group_uuid) try: body = schemas.GroupRequestSchema().load(request.get_json()) except marshmallow.ValidationError as e: raise exceptions.GroupParamException.from_errors(e.messages) body['tenant_uuids'] = tenant_uuids group = self.group_service.update(group_uuid, **body) return group, 200
def put(self, group_uuid, user_uuid): scoping_tenant = Tenant.autodetect() tenant_uuids = get_tenant_uuids(recurse=True) self.user_service.assert_user_in_subtenant(scoping_tenant.uuid, user_uuid) self.group_service.assert_group_in_subtenant(tenant_uuids, group_uuid) logger.debug('associating group %s user %s', group_uuid, user_uuid) self.group_service.add_user(group_uuid, user_uuid) return '', 204
def get(self): try: list_params = schemas.PolicyListSchema().load(request.args) except marshmallow.ValidationError as e: raise exceptions.InvalidListParamException(e.messages) recurse = list_params.pop('recurse') tenant_uuids = get_tenant_uuids(recurse=recurse) policies = self.policy_service.list(tenant_uuids=tenant_uuids, **list_params) total = self.policy_service.count(tenant_uuids=tenant_uuids, **list_params) items = policy_full_schema.dump(policies, many=True) return {'items': items, 'total': total}, 200
def _put(self, group_uuid, policy_uuid, tenant_uuids): tenant_uuids = get_tenant_uuids(recurse=True) self.group_service.assert_group_in_subtenant(tenant_uuids, group_uuid) # FIXME(fblackburn): Association should be done on the same tenant # self.policy_service.assert_policy_in_subtenant(tenant_uuids, policy_uuid) token = Token.from_headers() access_check = AccessCheck(token.auth_id, token.session_uuid, token.acl) policy = self.policy_service.get(policy_uuid, tenant_uuids) for access in policy.acl: if not access_check.matches_required_access(access): raise Unauthorized(token.token, required_access=access) self.group_service.add_policy(group_uuid, policy_uuid) return '', 204
def get(self): try: list_params = schemas.GroupListSchema().load(request.args) except marshmallow.ValidationError as e: raise exceptions.InvalidListParamException(e.messages) recurse = list_params.pop('recurse') tenant_uuids = get_tenant_uuids(recurse=recurse) groups = self.group_service.list_(tenant_uuids=tenant_uuids, **list_params) total = self.group_service.count( tenant_uuids=tenant_uuids, filtered=False, **list_params, ) filtered = self.group_service.count( tenant_uuids=tenant_uuids, filtered=True, **list_params, ) response = {'filtered': filtered, 'total': total, 'items': groups} return response, 200
def delete(self, user_uuid, policy_uuid): tenant_uuids = get_tenant_uuids(recurse=True) return super()._delete(user_uuid, policy_uuid, tenant_uuids)
def get(self, group_uuid): tenant_uuids = get_tenant_uuids(recurse=True) return self.group_service.get(group_uuid, tenant_uuids)
def delete(self, group_uuid): tenant_uuids = get_tenant_uuids(recurse=True) self.group_service.delete(group_uuid, tenant_uuids) return '', 204
def get(self, policy_uuid): tenant_uuids = get_tenant_uuids(recurse=True) return super()._get(policy_uuid, tenant_uuids)
def put(self, policy_uuid, access): tenant_uuids = get_tenant_uuids(recurse=True) return super()._put(policy_uuid, access, tenant_uuids)
def delete(self, policy_uuid, access): tenant_uuids = get_tenant_uuids(recurse=True) return super()._delete(policy_uuid, access, tenant_uuids)
def put(self, user_uuid, policy_uuid): tenant_uuids = get_tenant_uuids(recurse=True) return super()._put(user_uuid, policy_uuid, tenant_uuids)
def put(self, user_uuid, policy_slug): tenant_uuids = get_tenant_uuids(recurse=False) policy = self.policy_service.get_by_slug(policy_slug, tenant_uuids) return super()._put(user_uuid, policy.uuid, tenant_uuids)
def delete(self, group_uuid, policy_slug): tenant_uuids = get_tenant_uuids(recurse=False) policy = self.policy_service.get_by_slug(policy_slug, tenant_uuids) return super()._delete(group_uuid, policy.uuid, tenant_uuids)