From 3630898da93dd11e03e631b7e4331153482af383 Mon Sep 17 00:00:00 2001 From: Felipe Monteiro Date: Tue, 18 Jul 2017 22:41:15 +0100 Subject: [PATCH] Added oslo_context-based context for oslo_db compatibility. --- context.py | 105 ++++++++++++++++++++++++++++++++++ deckhand/control/documents.py | 2 - deckhand/db/session.py | 20 +++++++ requirements.txt | 1 + 4 files changed, 126 insertions(+), 2 deletions(-) create mode 100644 context.py create mode 100644 deckhand/db/session.py diff --git a/context.py b/context.py new file mode 100644 index 00000000..e3d5814e --- /dev/null +++ b/context.py @@ -0,0 +1,105 @@ +# Copyright 2017 AT&T Intellectual Property. All other rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""RequestContext: context for requests that persist throughout Deckhand.""" + +import copy + +from oslo_context import context +from oslo_db.sqlalchemy import enginefacade +from oslo_utils import timeutils +import six + + +@enginefacade.transaction_context_provider +class RequestContext(context.RequestContext): + """Security context and request information. + + Represents the user taking a given action within the system. + + """ + + def __init__(self, user_id=None, is_admin=None, user_name=None, + timestamp=None, **kwargs): + if user_id: + kwargs['user'] = user_id + if project_id: + kwargs['tenant'] = project_id + + super(RequestContext, self).__init__(is_admin=is_admin, **kwargs) + + self.read_deleted = read_deleted + self.remote_address = remote_address + if not timestamp: + timestamp = timeutils.utcnow() + if isinstance(timestamp, six.string_types): + timestamp = timeutils.parse_strtime(timestamp) + self.timestamp = timestamp + + @property + def project_id(self): + return self.tenant + + @project_id.setter + def project_id(self, value): + self.tenant = value + + @property + def user_id(self): + return self.user + + @user_id.setter + def user_id(self, value): + self.user = value + + def to_dict(self): + values = super(RequestContext, self).to_dict() + values.update({ + 'user_id': getattr(self, 'user_id', None), + 'project_id': getattr(self, 'project_id', None), + 'is_admin': getattr(self, 'is_admin', None) + }) + return values + + @classmethod + def from_dict(cls, values): + return super(RequestContext, cls).from_dict( + values, + user_id=values.get('user_id'), + project_id=values.get('project_id') + ) + + def elevated(self, read_deleted=None): + """Return a version of this context with admin flag set.""" + context = copy.copy(self) + # context.roles must be deepcopied to leave original roles + # without changes + context.roles = copy.deepcopy(self.roles) + context.is_admin = True + + if 'admin' not in context.roles: + context.roles.append('admin') + + if read_deleted is not None: + context.read_deleted = read_deleted + + return context + + def to_policy_values(self): + policy = super(RequestContext, self).to_policy_values() + policy['is_admin'] = self.is_admin + return policy + + def __str__(self): + return "" % self.to_dict() diff --git a/deckhand/control/documents.py b/deckhand/control/documents.py index 2395e0e4..8c213698 100644 --- a/deckhand/control/documents.py +++ b/deckhand/control/documents.py @@ -56,8 +56,6 @@ class DocumentsResource(api_base.BaseResource): # Validate the document before doing anything with it. try: - LOG.debug(document) - LOG.debug('fopobar') doc_validation = document_validation.DocumentValidation(document) except deckhand_errors.InvalidFormat as e: return self.return_error(resp, falcon.HTTP_400, message=e) diff --git a/deckhand/db/session.py b/deckhand/db/session.py new file mode 100644 index 00000000..e24064b8 --- /dev/null +++ b/deckhand/db/session.py @@ -0,0 +1,20 @@ +# Copyright 2017 AT&T Intellectual Property. All other rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from sqlalchemy.orm import sessionmaker +from sqlalchemy import create_engine + + + engine = create_engine('sqlite:///:memory:', echo=True) + session = sessionmaker(bind=engine) diff --git a/requirements.txt b/requirements.txt index 33749168..b23e0288 100644 --- a/requirements.txt +++ b/requirements.txt @@ -9,6 +9,7 @@ jsonschema!=2.5.0,<3.0.0,>=2.0.0 # MIT keystoneauth1>=2.21.0 # Apache-2.0 oslo.config>=3.22.0 # Apache-2.0 oslo.context>=2.14.0 # Apache-2.0 +oslo.utils>=3.20.0 # Apache-2.0 oslo.db>=4.21.1 # Apache-2.0 oslo.log>=3.22.0 # Apache-2.0 oslo.serialization>=1.10.0 # Apache-2.0