summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-06-15 12:15:01 +0000
committerGerrit Code Review <review@openstack.org>2017-06-15 12:15:01 +0000
commitfa52193c873c01e924216e3bbebcad6b0a27be7c (patch)
treed4553075e481f03334d5abced2806c7be6e4434a
parent08761f9b867723d0f5ae17aa92bd9f85a8630b2e (diff)
parent640f9260921a488271d969c767988c99d72ff323 (diff)
Merge "Policy in code for actions/static actions"
-rw-r--r--etc/murano/policy.json4
-rw-r--r--murano/common/policies/__init__.py2
-rw-r--r--murano/common/policies/action.py38
3 files changed, 41 insertions, 3 deletions
diff --git a/etc/murano/policy.json b/etc/murano/policy.json
index c151208..7ca710f 100644
--- a/etc/murano/policy.json
+++ b/etc/murano/policy.json
@@ -1,7 +1,5 @@
1{ 1{
2 "context_is_admin": "role:admin", 2 "context_is_admin": "role:admin",
3 "admin_api": "is_admin:True", 3 "admin_api": "is_admin:True",
4 "default": "", 4 "default": ""
5
6 "execute_action": "rule:default"
7} 5}
diff --git a/murano/common/policies/__init__.py b/murano/common/policies/__init__.py
index e592f47..6737550 100644
--- a/murano/common/policies/__init__.py
+++ b/murano/common/policies/__init__.py
@@ -15,6 +15,7 @@
15 15
16import itertools 16import itertools
17 17
18from murano.common.policies import action
18from murano.common.policies import category 19from murano.common.policies import category
19from murano.common.policies import deployment 20from murano.common.policies import deployment
20from murano.common.policies import env_template 21from murano.common.policies import env_template
@@ -24,6 +25,7 @@ from murano.common.policies import package
24 25
25def list_rules(): 26def list_rules():
26 return itertools.chain( 27 return itertools.chain(
28 action.list_rules(),
27 category.list_rules(), 29 category.list_rules(),
28 deployment.list_rules(), 30 deployment.list_rules(),
29 environment.list_rules(), 31 environment.list_rules(),
diff --git a/murano/common/policies/action.py b/murano/common/policies/action.py
new file mode 100644
index 0000000..5262204
--- /dev/null
+++ b/murano/common/policies/action.py
@@ -0,0 +1,38 @@
1# Copyright 2017 AT&T Corporation.
2# All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License"); you may
5# not use this file except in compliance with the License. You may obtain
6# a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13# License for the specific language governing permissions and limitations
14# under the License.
15
16from oslo_policy import policy
17
18from murano.common.policies import base
19
20action_policies = [
21 policy.DocumentedRuleDefault(
22 name='execute_action',
23 check_str=base.RULE_DEFAULT,
24 description="""Excute an available action on a deployed environment,
25retrieve the task status of an executed action, or retrieve the result of
26an executed static action.""",
27 operations=[
28 {'path': 'v1/environments/{environment_id}/actions/{action_id}',
29 'method': 'POST'},
30 {'path': 'v1/environments/{environment_id}/actions/{task_id}',
31 'method': 'GET'},
32 {'path': 'v1/actions',
33 'method': 'POST'}])
34]
35
36
37def list_rules():
38 return action_policies