def delete(image_id): image = clients.admin_clients().glance.images.get(image_id) owner = getattr(image, 'owner') if owner == clients.get_systenant_id(): principal.Permission(('role', 'admin')).test() else: principal.Permission(('role', 'member', owner)).test() form = forms.DeleteForm() if form.validate_on_submit(): image.delete() flask.flash('Image successfully deleted', 'success') else: flask.flash('Invalid form', 'error') return flask.redirect(flask.url_for('.index'))
def setup_tenant(): if flask.request.endpoint not in BARE_ENDPOINTS: visible_ids = [x.id for x in utils.get_visible_tenants()] if flask.g.tenant_id not in visible_ids: flask.abort(404) principal.Permission(('role', 'member', flask.g.tenant_id)).test() flask.g.tenant = clients.admin_clients().keystone.tenants.get( flask.g.tenant_id)
def dashboard(): """Present brief info and useful links. Global admins see numbers summary and links to administrative section. Members of projects see links to their respective projects. """ context = {} if principal.Permission(('role', 'admin')).can(): projects = utils.get_visible_tenants() project_ids = [x.id for x in projects] users = clients.admin_clients().keystone.users.list() servers = filter( lambda x: x.tenant_id in project_ids, clients.admin_clients().nova.servers.list( search_opts={'all_tenants': 1})) context.update( dict(title='Altai private cloud', subtitle='%s users in %s projects use %s VMs' % (len(users), len(projects), len(servers)))) return context
def authorize(): """Check user is authorized. Only admins are allowed here. """ principal.Permission(('role', 'admin')).test()
def allowed(*needs): return principal.Permission(*needs).can()
def prepare(): principal.Permission(('role', 'admin')).test() flask.g.store = orm.get_store('INVITATIONS')
def authorize(): principal.Permission(('role', 'admin')).test()