[Kimchi-devel] [PATCH 4/9] authorization: Update control files to set role_key and admin_methods

alinefm at linux.vnet.ibm.com alinefm at linux.vnet.ibm.com
Wed Jul 23 20:39:15 UTC 2014


From: Aline Manera <alinefm at linux.vnet.ibm.com>

Each resource or collection must specify the role_key and admin_methods
values if it wants to be protected.

Signed-off-by: Aline Manera <alinefm at linux.vnet.ibm.com>
---
 src/kimchi/control/debugreports.py   |  6 ++++++
 src/kimchi/control/host.py           | 22 ++++++++++++++++++++++
 src/kimchi/control/interfaces.py     |  4 ++++
 src/kimchi/control/networks.py       |  4 ++++
 src/kimchi/control/storagepools.py   |  4 ++++
 src/kimchi/control/storageservers.py |  6 ++++++
 src/kimchi/control/templates.py      |  4 ++++
 src/kimchi/control/vms.py            |  4 ++++
 8 files changed, 54 insertions(+)

diff --git a/src/kimchi/control/debugreports.py b/src/kimchi/control/debugreports.py
index f0d5dcf..a561b99 100644
--- a/src/kimchi/control/debugreports.py
+++ b/src/kimchi/control/debugreports.py
@@ -27,6 +27,8 @@ class DebugReports(AsyncCollection):
     def __init__(self, model):
         super(DebugReports, self).__init__(model)
         self.resource = DebugReport
+        self.role_key = 'host'
+        self.admin_methods = ['GET', 'POST']
 
     def _get_resources(self, filter_params):
         res_list = super(DebugReports, self)._get_resources(filter_params)
@@ -36,6 +38,8 @@ def _get_resources(self, filter_params):
 class DebugReport(Resource):
     def __init__(self, model, ident):
         super(DebugReport, self).__init__(model, ident)
+        self.role_key = 'host'
+        self.admin_methods = ['GET', 'PUT', 'POST']
         self.update_params = ["name"]
         self.uri_fmt = '/debugreports/%s'
         self.content = DebugReportContent(model, ident)
@@ -50,6 +54,8 @@ def data(self):
 class DebugReportContent(Resource):
     def __init__(self, model, ident):
         super(DebugReportContent, self).__init__(model, ident)
+        self.role_key = 'host'
+        self.admin_methods = ['GET']
 
     def get(self):
         self.lookup()
diff --git a/src/kimchi/control/host.py b/src/kimchi/control/host.py
index c962472..1b55a29 100644
--- a/src/kimchi/control/host.py
+++ b/src/kimchi/control/host.py
@@ -29,6 +29,8 @@
 class Host(Resource):
     def __init__(self, model, id=None):
         super(Host, self).__init__(model, id)
+        self.role_key = 'host'
+        self.admin_methods = ['GET', 'POST']
         self.uri_fmt = '/host/%s'
         self.reboot = self.generate_action_handler('reboot')
         self.shutdown = self.generate_action_handler('shutdown')
@@ -58,6 +60,8 @@ def data(self):
 class HostStats(Resource):
     def __init__(self, model, id=None):
         super(HostStats, self).__init__(model, id)
+        self.role_key = 'host'
+        self.admin_methods = ['GET']
         self.history = HostStatsHistory(self.model)
 
     @property
@@ -74,6 +78,8 @@ def data(self):
 class Partitions(Collection):
     def __init__(self, model):
         super(Partitions, self).__init__(model)
+        self.role_key = 'storage'
+        self.admin_methods = ['GET']
         self.resource = Partition
 
     # Defining get_resources in order to return list of partitions in UI
@@ -87,6 +93,8 @@ def _get_resources(self, flag_filter):
 
 class Partition(Resource):
     def __init__(self, model, id):
+        self.role_key = 'storage'
+        self.admin_methods = ['GET']
         super(Partition, self).__init__(model, id)
 
     @property
@@ -100,11 +108,15 @@ def data(self):
 class Devices(Collection):
     def __init__(self, model):
         super(Devices, self).__init__(model)
+        self.role_key = 'storage'
+        self.admin_methods = ['GET']
         self.resource = Device
 
 
 class Device(Resource):
     def __init__(self, model, id):
+        self.role_key = 'storage'
+        self.admin_methods = ['GET']
         super(Device, self).__init__(model, id)
 
     @property
@@ -115,12 +127,16 @@ def data(self):
 class PackagesUpdate(Collection):
     def __init__(self, model):
         super(PackagesUpdate, self).__init__(model)
+        self.role_key = 'host'
+        self.admin_methods = ['GET']
         self.resource = PackageUpdate
 
 
 class PackageUpdate(Resource):
     def __init__(self, model, id=None):
         super(PackageUpdate, self).__init__(model, id)
+        self.role_key = 'host'
+        self.admin_methods = ['GET']
 
     @property
     def data(self):
@@ -130,12 +146,16 @@ def data(self):
 class Repositories(Collection):
     def __init__(self, model):
         super(Repositories, self).__init__(model)
+        self.role_key = 'host'
+        self.admin_methods = ['GET', 'POST']
         self.resource = Repository
 
 
 class Repository(Resource):
     def __init__(self, model, id):
         super(Repository, self).__init__(model, id)
+        self.role_key = 'host'
+        self.admin_methods = ['GET', 'PUT', 'POST', 'DELETE']
         self.update_params = ["config", "baseurl"]
         self.uri_fmt = "/host/repositories/%s"
         self.enable = self.generate_action_handler('enable')
@@ -149,8 +169,10 @@ def data(self):
 class Users(SimpleCollection):
     def __init__(self, model):
         super(Users, self).__init__(model)
+        self.role_key = 'guests'
 
 
 class Groups(SimpleCollection):
     def __init__(self, model):
         super(Groups, self).__init__(model)
+        self.role_key = 'guests'
diff --git a/src/kimchi/control/interfaces.py b/src/kimchi/control/interfaces.py
index 4aa77b6..944cae6 100644
--- a/src/kimchi/control/interfaces.py
+++ b/src/kimchi/control/interfaces.py
@@ -25,12 +25,16 @@
 class Interfaces(Collection):
     def __init__(self, model):
         super(Interfaces, self).__init__(model)
+        self.role_key = 'network'
+        self.admin_methods = ['GET']
         self.resource = Interface
 
 
 class Interface(Resource):
     def __init__(self, model, ident):
         super(Interface, self).__init__(model, ident)
+        self.role_key = 'network'
+        self.admin_methods = ['GET']
         self.uri_fmt = "/interfaces/%s"
 
     @property
diff --git a/src/kimchi/control/networks.py b/src/kimchi/control/networks.py
index 6bcc871..f7696e7 100644
--- a/src/kimchi/control/networks.py
+++ b/src/kimchi/control/networks.py
@@ -25,12 +25,16 @@
 class Networks(Collection):
     def __init__(self, model):
         super(Networks, self).__init__(model)
+        self.role_key = 'network'
+        self.admin_methods = ['POST']
         self.resource = Network
 
 
 class Network(Resource):
     def __init__(self, model, ident):
         super(Network, self).__init__(model, ident)
+        self.role_key = 'network'
+        self.admin_methods = ['PUT', 'POST', 'DELETE']
         self.uri_fmt = "/networks/%s"
         self.activate = self.generate_action_handler('activate')
         self.deactivate = self.generate_action_handler('deactivate')
diff --git a/src/kimchi/control/storagepools.py b/src/kimchi/control/storagepools.py
index 8c8b522..9e57992 100644
--- a/src/kimchi/control/storagepools.py
+++ b/src/kimchi/control/storagepools.py
@@ -32,6 +32,8 @@
 class StoragePools(Collection):
     def __init__(self, model):
         super(StoragePools, self).__init__(model)
+        self.role_key = 'storage'
+        self.admin_methods = ['POST']
         self.resource = StoragePool
         isos = IsoPool(model)
         setattr(self, ISO_POOL_NAME, isos)
@@ -73,6 +75,8 @@ def _get_resources(self, filter_params):
 class StoragePool(Resource):
     def __init__(self, model, ident):
         super(StoragePool, self).__init__(model, ident)
+        self.role_key = 'storage'
+        self.admin_methods = ['PUT', 'POST', 'DELETE']
         self.update_params = ["autostart", "disks"]
         self.uri_fmt = "/storagepools/%s"
         self.activate = self.generate_action_handler('activate')
diff --git a/src/kimchi/control/storageservers.py b/src/kimchi/control/storageservers.py
index 9c7bebc..e86f920 100644
--- a/src/kimchi/control/storageservers.py
+++ b/src/kimchi/control/storageservers.py
@@ -26,12 +26,16 @@
 class StorageServers(Collection):
     def __init__(self, model):
         super(StorageServers, self).__init__(model)
+        self.role_key = 'storage'
+        self.admin_methods = ['GET']
         self.resource = StorageServer
 
 
 class StorageServer(Resource):
     def __init__(self, model, ident):
         super(StorageServer, self).__init__(model, ident)
+        self.role_key = 'storage'
+        self.admin_methods = ['GET']
         self.storagetargets = StorageTargets(self.model,
                                              self.ident.decode("utf-8"))
 
@@ -43,6 +47,8 @@ def data(self):
 class StorageTargets(Collection):
     def __init__(self, model, server):
         super(StorageTargets, self).__init__(model)
+        self.role_key = 'storage'
+        self.admin_methods = ['GET']
         self.server = server
         self.resource_args = [self.server, ]
         self.model_args = [self.server, ]
diff --git a/src/kimchi/control/templates.py b/src/kimchi/control/templates.py
index 907929f..167e19e 100644
--- a/src/kimchi/control/templates.py
+++ b/src/kimchi/control/templates.py
@@ -25,12 +25,16 @@
 class Templates(Collection):
     def __init__(self, model):
         super(Templates, self).__init__(model)
+        self.role_key = 'templates'
+        self.admin_methods = ['GET', 'POST']
         self.resource = Template
 
 
 class Template(Resource):
     def __init__(self, model, ident):
         super(Template, self).__init__(model, ident)
+        self.role_key = 'templates'
+        self.admin_methods = ['PUT', 'POST', 'DELETE']
         self.update_params = ["name", "folder", "icon", "os_distro",
                               "storagepool", "os_version", "cpus",
                               "memory", "cdrom", "disks", "networks",
diff --git a/src/kimchi/control/vms.py b/src/kimchi/control/vms.py
index cf427fa..c36d72a 100644
--- a/src/kimchi/control/vms.py
+++ b/src/kimchi/control/vms.py
@@ -27,11 +27,14 @@ class VMs(Collection):
     def __init__(self, model):
         super(VMs, self).__init__(model)
         self.resource = VM
+        self.role_key = 'guests'
+        self.admin_methods = ['POST']
 
 
 class VM(Resource):
     def __init__(self, model, ident):
         super(VM, self).__init__(model, ident)
+        self.role_key = 'guests'
         self.update_params = ["name", "users", "groups", "cpus", "memory"]
         self.screenshot = VMScreenShot(model, ident)
         self.uri_fmt = '/vms/%s'
@@ -51,6 +54,7 @@ def data(self):
 class VMScreenShot(Resource):
     def __init__(self, model, ident):
         super(VMScreenShot, self).__init__(model, ident)
+        self.role_key = 'guests'
 
     def get(self):
         self.lookup()
-- 
1.9.3




More information about the Kimchi-devel mailing list