Merge "Add policy rule for get quotas"
This commit is contained in:
commit
b70ef40c14
@ -48,10 +48,9 @@ class QuotasController(rest.RestController):
|
||||
"""
|
||||
request_project = pecan.request.headers.get('X-Project-Id')
|
||||
project_id = project_id if project_id else request_project
|
||||
is_admin = rbac.is_admin(pecan.request, pecan.request.enforcer)
|
||||
|
||||
if project_id != request_project and not is_admin:
|
||||
raise base.ProjectNotAuthorized(project_id)
|
||||
rbac.enforce(
|
||||
'get_quotas', pecan.request,
|
||||
pecan.request.enforcer, {'project_id': project_id})
|
||||
|
||||
LOG.debug('Getting resource quotas for project %s', project_id)
|
||||
|
||||
@ -68,12 +67,12 @@ class QuotasController(rest.RestController):
|
||||
@wsme_pecan.wsexpose(Quotas, body=Quotas, status_code=201)
|
||||
def post(self, body):
|
||||
"""Create or update quota."""
|
||||
rbac.enforce('update_quotas', pecan.request,
|
||||
pecan.request.enforcer, {})
|
||||
|
||||
params = body.to_dict()
|
||||
project_id = params['project_id']
|
||||
|
||||
rbac.enforce('update_quotas', pecan.request,
|
||||
pecan.request.enforcer, {'project_id': project_id})
|
||||
|
||||
input_quotas = []
|
||||
for i in params.get('quotas', []):
|
||||
input_quotas.append(i.to_dict())
|
||||
@ -87,5 +86,5 @@ class QuotasController(rest.RestController):
|
||||
def delete(self, project_id):
|
||||
"""Delete quotas for the given project."""
|
||||
rbac.enforce('delete_quotas', pecan.request,
|
||||
pecan.request.enforcer, {})
|
||||
pecan.request.enforcer, {'project_id': project_id})
|
||||
pecan.request.storage.delete_quotas(project_id)
|
||||
|
@ -96,6 +96,12 @@ deprecated_query_alarm_history = policy.DeprecatedRule(
|
||||
deprecated_reason=DEPRECATED_REASON,
|
||||
deprecated_since=versionutils.deprecated.WALLABY
|
||||
)
|
||||
deprecated_get_quotas = policy.DeprecatedRule(
|
||||
name="telemetry:get_quotas",
|
||||
check_str=RULE_ADMIN_OR_OWNER,
|
||||
deprecated_reason=DEPRECATED_REASON,
|
||||
deprecated_since='Epoxy'
|
||||
)
|
||||
deprecated_update_quotas = policy.DeprecatedRule(
|
||||
name="telemetry:update_quotas",
|
||||
check_str=RULE_CONTEXT_IS_ADMIN,
|
||||
@ -281,6 +287,23 @@ rules = [
|
||||
],
|
||||
deprecated_rule=deprecated_query_alarm_history
|
||||
),
|
||||
policy.DocumentedRuleDefault(
|
||||
name="telemetry:get_quotas",
|
||||
check_str=PROJECT_READER,
|
||||
scope_types=['project'],
|
||||
description='Get resources quotas for project.',
|
||||
operations=[
|
||||
{
|
||||
'path': '/v2/quotas',
|
||||
'method': 'Get'
|
||||
},
|
||||
{
|
||||
'path': '/v2/quotas/{project_id}',
|
||||
'method': 'Get'
|
||||
}
|
||||
],
|
||||
deprecated_rule=deprecated_get_quotas
|
||||
),
|
||||
policy.DocumentedRuleDefault(
|
||||
name="telemetry:update_quotas",
|
||||
check_str=PROJECT_ADMIN,
|
||||
|
@ -0,0 +1,4 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
The new ``telemetry::get_quotas`` policy has been added.
|
Loading…
Reference in New Issue
Block a user