summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-07-26 05:59:36 +0000
committerGerrit Code Review <review@openstack.org>2017-07-26 05:59:36 +0000
commit3dfa413f00753006b7baff7e924701f4e54efc3a (patch)
treee127652490da9114c371304b249a22f6d07cea41
parent212d254da1d9c08379be4454bd63c909cb3b6d6a (diff)
parentd69cea4975c1541688375daf6f514381480eee7c (diff)
Merge "Remove unused methods"
-rw-r--r--masakari/context.py44
-rw-r--r--masakari/db/sqlalchemy/api.py17
2 files changed, 1 insertions, 60 deletions
diff --git a/masakari/context.py b/masakari/context.py
index 4fc7fc7..ed35bee 100644
--- a/masakari/context.py
+++ b/masakari/context.py
@@ -27,7 +27,6 @@ from oslo_log import log as logging
27from oslo_utils import timeutils 27from oslo_utils import timeutils
28import six 28import six
29 29
30from masakari import exception
31from masakari.i18n import _ 30from masakari.i18n import _
32from masakari import policy 31from masakari import policy
33from masakari import utils 32from masakari import utils
@@ -212,46 +211,3 @@ def get_admin_context(read_deleted="no"):
212 is_admin=True, 211 is_admin=True,
213 read_deleted=read_deleted, 212 read_deleted=read_deleted,
214 overwrite=False) 213 overwrite=False)
215
216
217def is_user_context(context):
218 """Indicates if the request context is a normal user."""
219 if not context:
220 return False
221 if context.is_admin:
222 return False
223 if not context.user_id or not context.project_id:
224 return False
225 return True
226
227
228def require_admin_context(ctxt):
229 """Raise exception.AdminRequired() if context is not an admin context."""
230 if not ctxt.is_admin:
231 raise exception.AdminRequired()
232
233
234def require_context(ctxt):
235 """Raise exception.Forbidden() if context is not a user or an
236 admin context.
237 """
238 if not ctxt.is_admin and not is_user_context(ctxt):
239 raise exception.Forbidden()
240
241
242def authorize_project_context(context, project_id):
243 """Ensures a request has permission to access the given project."""
244 if is_user_context(context):
245 if not context.project_id:
246 raise exception.Forbidden()
247 elif context.project_id != project_id:
248 raise exception.Forbidden()
249
250
251def authorize_user_context(context, user_id):
252 """Ensures a request has permission to access the given user."""
253 if is_user_context(context):
254 if not context.user_id:
255 raise exception.Forbidden()
256 elif context.user_id != user_id:
257 raise exception.Forbidden()
diff --git a/masakari/db/sqlalchemy/api.py b/masakari/db/sqlalchemy/api.py
index 3f9f9df..5bde2a2 100644
--- a/masakari/db/sqlalchemy/api.py
+++ b/masakari/db/sqlalchemy/api.py
@@ -21,10 +21,8 @@ from oslo_db import exception as db_exc
21from oslo_db.sqlalchemy import enginefacade 21from oslo_db.sqlalchemy import enginefacade
22from oslo_db.sqlalchemy import utils as sqlalchemyutils 22from oslo_db.sqlalchemy import utils as sqlalchemyutils
23from oslo_utils import timeutils 23from oslo_utils import timeutils
24from sqlalchemy import or_
25from sqlalchemy.orm import joinedload 24from sqlalchemy.orm import joinedload
26from sqlalchemy.sql import func 25from sqlalchemy.sql import func
27from sqlalchemy.sql import null
28 26
29import masakari.conf 27import masakari.conf
30from masakari.db.sqlalchemy import models 28from masakari.db.sqlalchemy import models
@@ -93,10 +91,7 @@ def create_context_manager(connection=None):
93 return ctxt_mgr 91 return ctxt_mgr
94 92
95 93
96def model_query(context, model, 94def model_query(context, model, args=None, read_deleted=None):
97 args=None,
98 read_deleted=None,
99 project_only=False):
100 """Query helper that accounts for context's `read_deleted` field. 95 """Query helper that accounts for context's `read_deleted` field.
101 :param context: MasakariContext of the query. 96 :param context: MasakariContext of the query.
102 :param model: Model to query. Must be a subclass of ModelBase. 97 :param model: Model to query. Must be a subclass of ModelBase.
@@ -106,9 +101,6 @@ def model_query(context, model,
106 deleted values; 'only', which only returns deleted 101 deleted values; 'only', which only returns deleted
107 values; and 'yes', which does not filter deleted 102 values; and 'yes', which does not filter deleted
108 values. 103 values.
109 :param project_only: If set and context is user-type, then restrict
110 query to match the context's project_id. If set to
111 'allow_none', restriction includes project_id = None.
112 """ 104 """
113 105
114 if read_deleted is None: 106 if read_deleted is None:
@@ -128,13 +120,6 @@ def model_query(context, model,
128 query = sqlalchemyutils.model_query( 120 query = sqlalchemyutils.model_query(
129 model, context.session, args, **query_kwargs) 121 model, context.session, args, **query_kwargs)
130 122
131 if masakari.context.is_user_context(context) and project_only:
132 if project_only == 'allow_none':
133 query = query.filter(or_(model.project_id == context.project_id,
134 model.project_id == null()))
135 else:
136 query = query.filter_by(project_id=context.project_id)
137
138 return query 123 return query
139 124
140 125