Merge "Support admin to get all events" into stable/pike

panko/api/controllers/v2/events.py

@@ -21,6 +21,7 @@
 import datetime
 
 from oslo_log import log
+from oslo_utils import strutils
 import pecan
 from pecan import rest
 import six
@@ -65,7 +66,10 @@ class EventQuery(base.Query):
     field = wsme.wsattr(wtypes.text)
     '''
     Name of the field to filter on. Can be either a trait name or field of an
-    event. Use start_timestamp/end_timestamp to filter on `generated` field
+    event.
+    1) Use start_timestamp/end_timestamp to filter on `generated` field.
+    2) Specify the 'all_tenants=True' query parameter to get all events for all
+    projects, this is only allowed by admin users.
     '''
 
     def __repr__(self):
@@ -217,6 +221,10 @@ def _event_query_to_event_filter(q):
                          {'operator': i.op, 'field': i.field})
                 raise base.ClientSideError(error)
             evt_model_filter[i.field] = i.value
+        elif i.field == 'all_tenants' and admin_proj:
+            all_tenants = strutils.bool_from_string(i.value)
+            if all_tenants:
+                admin_proj = None
         else:
             trait_type = i.type or 'string'
             traits_filter.append({"key": i.field,

panko/tests/functional/api/v2/test_event_scenarios.py

@@ -638,6 +638,20 @@ class AclRestrictedEventTestBase(v2.FunctionalTest):
         data = self.get_json('/events/2', headers=a_headers)
         self.assertEqual('admin_ev', data['event_type'])
 
+    @tests_db.run_with('sqlite', 'mysql', 'pgsql', 'mongodb', 'es')
+    def test_admin_access_all(self):
+        a_headers = {"X-Roles": "admin",
+                     "X-User-Id": self.admin_user_id,
+                     "X-Project-Id": self.admin_proj_id}
+        data = self.get_json('/events', headers=a_headers,
+                             q=[{'field': 'all_tenants',
+                                 'value': 'True',
+                                 'type': 'string',
+                                 'op': 'eq'}])
+        self.assertEqual(3, len(data))
+        self.assertEqual(set(['empty_ev', 'admin_ev', 'user_ev']),
+                         set(ev['event_type'] for ev in data))
+
     @tests_db.run_with('sqlite', 'mysql', 'pgsql', 'mongodb', 'es')
     def test_admin_access_trait_filter_no_access(self):
         a_headers = {"X-Roles": "admin",

releasenotes/notes/support-admin-get-all-events-ffa33e4156647bb9.yaml

@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Specify the 'all_tenants=True' query parameter to get all events for all
+    projects, this is only allowed by admin users.