"Fossies" - the Fresh Open Source Software Archive

Member "keystone-17.0.0/keystone/api/limits.py" (13 May 2020, 5623 Bytes) of package /linux/misc/openstack/keystone-17.0.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Python source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. For more information about "limits.py" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 16.0.1_vs_17.0.0.

    1 #    Licensed under the Apache License, Version 2.0 (the "License"); you may
    2 #    not use this file except in compliance with the License. You may obtain
    3 #    a copy of the License at
    4 #
    5 #         http://www.apache.org/licenses/LICENSE-2.0
    6 #
    7 #    Unless required by applicable law or agreed to in writing, software
    8 #    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
    9 #    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
   10 #    License for the specific language governing permissions and limitations
   11 #    under the License.
   12 
   13 # This file handles all flask-restful resources for /v3/limits
   14 
   15 import flask
   16 import flask_restful
   17 import http.client
   18 
   19 from keystone.common import json_home
   20 from keystone.common import provider_api
   21 from keystone.common import rbac_enforcer
   22 from keystone.common import validation
   23 from keystone import exception
   24 from keystone.limit import schema
   25 from keystone.server import flask as ks_flask
   26 
   27 
   28 PROVIDERS = provider_api.ProviderAPIs
   29 ENFORCER = rbac_enforcer.RBACEnforcer
   30 
   31 
   32 def _build_limit_enforcement_target():
   33     target = {}
   34     try:
   35         limit = PROVIDERS.unified_limit_api.get_limit(
   36             flask.request.view_args.get('limit_id')
   37         )
   38         target['limit'] = limit
   39         if limit.get('project_id'):
   40             project = PROVIDERS.resource_api.get_project(limit['project_id'])
   41             target['limit']['project'] = project
   42         elif limit.get('domain_id'):
   43             domain = PROVIDERS.resource_api.get_domain(limit['domain_id'])
   44             target['limit']['domain'] = domain
   45     except exception.NotFound:  # nosec
   46         # Defer the existence check in the event the limit doesn't exist, this
   47         # is checked later anyway.
   48         pass
   49 
   50     return target
   51 
   52 
   53 class LimitsResource(ks_flask.ResourceBase):
   54     collection_key = 'limits'
   55     member_key = 'limit'
   56     json_home_resource_status = json_home.Status.EXPERIMENTAL
   57     get_member_from_driver = PROVIDERS.deferred_provider_lookup(
   58         api='unified_limit_api', method='get_limit')
   59 
   60     def _list_limits(self):
   61         filters = ['service_id', 'region_id', 'resource_name', 'project_id',
   62                    'domain_id']
   63 
   64         ENFORCER.enforce_call(action='identity:list_limits', filters=filters)
   65 
   66         hints = self.build_driver_hints(filters)
   67 
   68         filtered_refs = []
   69         if self.oslo_context.system_scope:
   70             refs = PROVIDERS.unified_limit_api.list_limits(hints)
   71             filtered_refs = refs
   72         elif self.oslo_context.domain_id:
   73             refs = PROVIDERS.unified_limit_api.list_limits(hints)
   74             projects = PROVIDERS.resource_api.list_projects_in_domain(
   75                 self.oslo_context.domain_id
   76             )
   77             project_ids = [project['id'] for project in projects]
   78             for limit in refs:
   79                 if limit.get('project_id'):
   80                     if limit['project_id'] in project_ids:
   81                         filtered_refs.append(limit)
   82                 elif limit.get('domain_id'):
   83                     if limit['domain_id'] == self.oslo_context.domain_id:
   84                         filtered_refs.append(limit)
   85         elif self.oslo_context.project_id:
   86             hints.add_filter('project_id', self.oslo_context.project_id)
   87             refs = PROVIDERS.unified_limit_api.list_limits(hints)
   88             filtered_refs = refs
   89 
   90         return self.wrap_collection(filtered_refs, hints=hints)
   91 
   92     def _get_limit(self, limit_id):
   93         ENFORCER.enforce_call(action='identity:get_limit',
   94                               build_target=_build_limit_enforcement_target)
   95         ref = PROVIDERS.unified_limit_api.get_limit(limit_id)
   96         return self.wrap_member(ref)
   97 
   98     def get(self, limit_id=None):
   99         if limit_id is not None:
  100             return self._get_limit(limit_id)
  101         return self._list_limits()
  102 
  103     def post(self):
  104         ENFORCER.enforce_call(action='identity:create_limits')
  105         limits_b = (flask.request.get_json(silent=True, force=True) or {}).get(
  106             'limits', {})
  107         validation.lazy_validate(schema.limit_create, limits_b)
  108         limits = [self._assign_unique_id(self._normalize_dict(limit))
  109                   for limit in limits_b]
  110         refs = PROVIDERS.unified_limit_api.create_limits(limits)
  111         refs = self.wrap_collection(refs)
  112         refs.pop('links')
  113         return refs, http.client.CREATED
  114 
  115     def patch(self, limit_id):
  116         ENFORCER.enforce_call(action='identity:update_limit')
  117         limit = (flask.request.get_json(silent=True, force=True) or {}).get(
  118             'limit', {})
  119         validation.lazy_validate(schema.limit_update, limit)
  120         self._require_matching_id(limit)
  121         ref = PROVIDERS.unified_limit_api.update_limit(limit_id, limit)
  122         return self.wrap_member(ref)
  123 
  124     def delete(self, limit_id):
  125         ENFORCER.enforce_call(action='identity:delete_limit')
  126         return (PROVIDERS.unified_limit_api.delete_limit(limit_id),
  127                 http.client.NO_CONTENT)
  128 
  129 
  130 class LimitModelResource(flask_restful.Resource):
  131     def get(self):
  132         ENFORCER.enforce_call(action='identity:get_limit_model')
  133         model = PROVIDERS.unified_limit_api.get_model()
  134         return {'model': model}
  135 
  136 
  137 class LimitsAPI(ks_flask.APIBase):
  138     _name = 'limits'
  139     _import_name = __name__
  140     resources = [LimitsResource]
  141     resource_mapping = [
  142         ks_flask.construct_resource_map(
  143             resource=LimitModelResource,
  144             resource_kwargs={},
  145             url='/limits/model',
  146             rel='limit_model',
  147             status=json_home.Status.EXPERIMENTAL
  148         )
  149     ]
  150 
  151 
  152 APIs = (LimitsAPI,)