Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

# vim: tabstop=4 shiftwidth=4 softtabstop=4 

 

# Copyright 2012 OpenStack LLC 

# 

# Licensed under the Apache License, Version 2.0 (the "License"); you may 

# not use this file except in compliance with the License. You may obtain 

# a copy of the License at 

# 

#      http://www.apache.org/licenses/LICENSE-2.0 

# 

# Unless required by applicable law or agreed to in writing, software 

# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 

# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 

# License for the specific language governing permissions and limitations 

# under the License. 

 

from keystone.common import sql 

from keystone.common.sql import migration 

from keystone import exception 

from keystone.policy.backends import rules 

 

 

class PolicyModel(sql.ModelBase, sql.DictBase): 

    __tablename__ = 'policy' 

    attributes = ['id', 'blob', 'type'] 

    id = sql.Column(sql.String(64), primary_key=True) 

    blob = sql.Column(sql.JsonBlob(), nullable=False) 

    type = sql.Column(sql.String(255), nullable=False) 

    extra = sql.Column(sql.JsonBlob()) 

 

 

class Policy(sql.Base, rules.Policy): 

    # Internal interface to manage the database 

    def db_sync(self, version=None): 

        migration.db_sync(version=version) 

 

    @sql.handle_conflicts(type='policy') 

    def create_policy(self, policy_id, policy): 

        session = self.get_session() 

 

        with session.begin(): 

            ref = PolicyModel.from_dict(policy) 

            session.add(ref) 

            session.flush() 

 

        return ref.to_dict() 

 

    def list_policies(self): 

        session = self.get_session() 

 

        refs = session.query(PolicyModel).all() 

        return [ref.to_dict() for ref in refs] 

 

    def _get_policy(self, session, policy_id): 

        """Private method to get a policy model object (NOT a dictionary).""" 

        ref = session.query(PolicyModel).get(policy_id) 

        if not ref: 

            raise exception.PolicyNotFound(policy_id=policy_id) 

        return ref 

 

    def get_policy(self, policy_id): 

        session = self.get_session() 

 

        return self._get_policy(session, policy_id).to_dict() 

 

    @sql.handle_conflicts(type='policy') 

    def update_policy(self, policy_id, policy): 

        session = self.get_session() 

 

        with session.begin(): 

            ref = self._get_policy(session, policy_id) 

            old_dict = ref.to_dict() 

            old_dict.update(policy) 

            new_policy = PolicyModel.from_dict(old_dict) 

            ref.blob = new_policy.blob 

            ref.type = new_policy.type 

            ref.extra = new_policy.extra 

            session.flush() 

 

        return ref.to_dict() 

 

    def delete_policy(self, policy_id): 

        session = self.get_session() 

 

        with session.begin(): 

            ref = self._get_policy(session, policy_id) 

            session.delete(ref) 

            session.flush()