keystone  18.0.0
About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Victoria" series (maintained release).
  Fossies Dox: keystone-18.0.0.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

endpoints.py
Go to the documentation of this file.
1 # Licensed under the Apache License, Version 2.0 (the "License"); you may
2 # not use this file except in compliance with the License. You may obtain
3 # a copy of the License at
4 #
5 # http://www.apache.org/licenses/LICENSE-2.0
6 #
7 # Unless required by applicable law or agreed to in writing, software
8 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
9 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
10 # License for the specific language governing permissions and limitations
11 # under the License.
12 
13 # This file handles all flask-restful resources for /v3/services
14 
15 import flask_restful
16 import http.client
17 
18 from keystone.api._shared import json_home_relations
19 from keystone.catalog import schema
20 from keystone.common import json_home
21 from keystone.common import provider_api
22 from keystone.common import rbac_enforcer
23 from keystone.common import utils
24 from keystone.common import validation
25 from keystone import exception
26 from keystone import notifications
27 from keystone.server import flask as ks_flask
28 
29 
30 ENFORCER = rbac_enforcer.RBACEnforcer
31 PROVIDERS = provider_api.ProviderAPIs
32 
33 _resource_rel_func = json_home_relations.os_endpoint_policy_resource_rel_func
34 
35 
37  ref.pop('legacy_endpoint_id', None)
38  ref['region'] = ref['region_id']
39  return ref
40 
41 
42 class EndpointResource(ks_flask.ResourceBase):
43  collection_key = 'endpoints'
44  member_key = 'endpoint'
45  get_member_from_driver = PROVIDERS.deferred_provider_lookup(
46  api='catalog_api', method='get_endpoint')
47 
48  @staticmethod
50  """Ensure the region for the endpoint exists.
51 
52  If 'region_id' is used to specify the region, then we will let the
53  manager/driver take care of this. If, however, 'region' is used,
54  then for backward compatibility, we will auto-create the region.
55 
56  """
57  if (endpoint.get('region_id') is None and
58  endpoint.get('region') is not None):
59  # To maintain backward compatibility with clients that are
60  # using the v3 API in the same way as they used the v2 API,
61  # create the endpoint region, if that region does not exist
62  # in keystone.
63  endpoint['region_id'] = endpoint.pop('region')
64  try:
65  PROVIDERS.catalog_api.get_region(endpoint['region_id'])
67  region = dict(id=endpoint['region_id'])
68  PROVIDERS.catalog_api.create_region(
69  region, initiator=notifications.build_audit_initiator())
70  return endpoint
71 
72  def _get_endpoint(self, endpoint_id):
73  ENFORCER.enforce_call(action='identity:get_endpoint')
74  return self.wrap_member(_filter_endpoint(
75  PROVIDERS.catalog_api.get_endpoint(endpoint_id)))
76 
77  def _list_endpoints(self):
78  filters = ['interface', 'service_id', 'region_id']
79  ENFORCER.enforce_call(action='identity:list_endpoints',
80  filters=filters)
81  hints = self.build_driver_hints(filters)
82  refs = PROVIDERS.catalog_api.list_endpoints(hints=hints)
83  return self.wrap_collection([_filter_endpoint(r) for r in refs],
84  hints=hints)
85 
86  def get(self, endpoint_id=None):
87  if endpoint_id is not None:
88  return self._get_endpoint(endpoint_id)
89  return self._list_endpoints()
90 
91  def post(self):
92  ENFORCER.enforce_call(action='identity:create_endpoint')
93  endpoint = self.request_body_json.get('endpoint')
94  validation.lazy_validate(schema.endpoint_create, endpoint)
95  utils.check_endpoint_url(endpoint['url'])
96  endpoint = self._assign_unique_id(self._normalize_dict(endpoint))
97  endpoint = self._validate_endpoint_region(endpoint)
98  ref = PROVIDERS.catalog_api.create_endpoint(
99  endpoint['id'], endpoint, initiator=self.audit_initiator)
100  return self.wrap_member(_filter_endpoint(ref)), http.client.CREATED
101 
102  def patch(self, endpoint_id):
103  ENFORCER.enforce_call(action='identity:update_endpoint')
104  endpoint = self.request_body_json.get('endpoint')
105  validation.lazy_validate(schema.endpoint_update, endpoint)
106  self._require_matching_id(endpoint)
107  endpoint = self._validate_endpoint_region(endpoint)
108  ref = PROVIDERS.catalog_api.update_endpoint(
109  endpoint_id, endpoint, initiator=self.audit_initiator)
110  return self.wrap_member(_filter_endpoint(ref))
111 
112  def delete(self, endpoint_id):
113  ENFORCER.enforce_call(action='identity:delete_endpoint')
114  PROVIDERS.catalog_api.delete_endpoint(endpoint_id,
115  initiator=self.audit_initiator)
116  return None, http.client.NO_CONTENT
117 
118 
119 class EndpointPolicyEndpointResource(flask_restful.Resource):
120  def get(self, endpoint_id):
121  ENFORCER.enforce_call(action='identity:get_policy_for_endpoint')
122  PROVIDERS.catalog_api.get_endpoint(endpoint_id)
123  ref = PROVIDERS.endpoint_policy_api.get_policy_for_endpoint(
124  endpoint_id)
125  return ks_flask.ResourceBase.wrap_member(
126  ref, collection_name='endpoints', member_name='policy')
127 
128 
129 class EndpointAPI(ks_flask.APIBase):
130  _name = 'endpoints'
131  _import_name = __name__
132  resources = [EndpointResource]
133  resource_mapping = [
134  ks_flask.construct_resource_map(
135  resource=EndpointPolicyEndpointResource,
136  url='/endpoints/<string:endpoint_id>/OS-ENDPOINT-POLICY/policy',
137  resource_kwargs={},
138  rel='endpoint_policy',
139  resource_relation_func=_resource_rel_func,
140  path_vars={'endpoint_id': json_home.Parameters.ENDPOINT_ID})
141  ]
142 
143 
144 APIs = (EndpointAPI,)
keystone.exception.RegionNotFound
Definition: exception.py:445
keystone.api.endpoints.EndpointResource.get
def get(self, endpoint_id=None)
Definition: endpoints.py:86
keystone.api.endpoints.EndpointResource._get_endpoint
def _get_endpoint(self, endpoint_id)
Definition: endpoints.py:72
keystone.api.endpoints._filter_endpoint
def _filter_endpoint(ref)
Definition: endpoints.py:36
keystone.catalog
Definition: __init__.py:1
keystone.api.endpoints.EndpointResource.patch
def patch(self, endpoint_id)
Definition: endpoints.py:102
keystone.api.endpoints.EndpointResource.delete
def delete(self, endpoint_id)
Definition: endpoints.py:112
keystone.api.endpoints.EndpointAPI
Definition: endpoints.py:129
keystone.api.endpoints.EndpointResource.post
def post(self)
Definition: endpoints.py:91
keystone.server
Definition: __init__.py:1
keystone.api.endpoints.EndpointResource
Definition: endpoints.py:42
keystone.api.endpoints.EndpointResource._list_endpoints
def _list_endpoints(self)
Definition: endpoints.py:77
keystone.api.endpoints.EndpointResource._validate_endpoint_region
def _validate_endpoint_region(endpoint)
Definition: endpoints.py:49
keystone.common
Definition: __init__.py:1
keystone.api._shared
Definition: __init__.py:1
keystone.api.endpoints.EndpointPolicyEndpointResource.get
def get(self, endpoint_id)
Definition: endpoints.py:120
keystone.api.endpoints.EndpointPolicyEndpointResource
Definition: endpoints.py:119