0 | |
# Copyright 2011-2012 OpenStack LLC.
|
1 | |
# All Rights Reserved.
|
2 | |
#
|
3 | |
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
4 | |
# not use this file except in compliance with the License. You may obtain
|
5 | |
# a copy of the License at
|
6 | |
#
|
7 | |
# http://www.apache.org/licenses/LICENSE-2.0
|
8 | |
#
|
9 | |
# Unless required by applicable law or agreed to in writing, software
|
10 | |
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
11 | |
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
12 | |
# License for the specific language governing permissions and limitations
|
13 | |
# under the License.
|
14 | |
|
15 | |
from oslo_config import cfg
|
16 | |
from oslo_policy import policy
|
17 | |
from oslo_utils import uuidutils
|
18 | |
|
19 | |
from castellan.openstack.common import local
|
20 | |
|
21 | |
|
22 | |
CONF = cfg.CONF
|
23 | |
|
24 | |
|
25 | |
class RequestContext(object):
|
26 | |
"""User security context object
|
27 | |
|
28 | |
Stores information about the security context under which the user
|
29 | |
accesses the system, as well as additional request information.
|
30 | |
"""
|
31 | |
|
32 | |
def __init__(self, auth_token=None, user=None, project=None, roles=None,
|
33 | |
is_admin=False, read_only=False, show_deleted=False,
|
34 | |
owner_is_project=True, service_catalog=None,
|
35 | |
policy_enforcer=None):
|
36 | |
self.auth_token = auth_token
|
37 | |
self.user = user
|
38 | |
self.project = project
|
39 | |
self.roles = roles or []
|
40 | |
self.read_only = read_only
|
41 | |
self.owner_is_project = owner_is_project
|
42 | |
self.request_id = uuidutils.generate_uuid()
|
43 | |
self.service_catalog = service_catalog
|
44 | |
self.policy_enforcer = policy_enforcer or policy.Enforcer(CONF)
|
45 | |
self.is_admin = is_admin
|
46 | |
|
47 | |
if not hasattr(local.store, 'context'):
|
48 | |
self.update_store()
|
49 | |
|
50 | |
def to_dict(self):
|
51 | |
return {
|
52 | |
'request_id': self.request_id,
|
53 | |
'user': self.user,
|
54 | |
'user_id': self.user,
|
55 | |
'project': self.project,
|
56 | |
'project_id': self.project,
|
57 | |
'roles': self.roles,
|
58 | |
'auth_token': self.auth_token,
|
59 | |
'service_catalog': self.service_catalog,
|
60 | |
}
|
61 | |
|
62 | |
@classmethod
|
63 | |
def from_dict(cls, values):
|
64 | |
return cls(**values)
|
65 | |
|
66 | |
def update_store(self):
|
67 | |
local.store.context = self
|
68 | |
|
69 | |
@property
|
70 | |
def owner(self):
|
71 | |
"""Return the owner to correlate with key."""
|
72 | |
if self.owner_is_project:
|
73 | |
return self.project
|
74 | |
return self.user
|