From 817fb52219bda10335a2e0a90b32b5c12e8c9544 Mon Sep 17 00:00:00 2001 From: Jongmin Kim Date: Mon, 27 Dec 2021 00:26:46 +0900 Subject: [PATCH] refactor: add USER scope for authorization Signed-off-by: Jongmin Kim --- .../config/info/domain_config_info.py | 1 - .../config/model/domain_config_model.py | 4 +-- .../config/model/user_config_model.py | 7 +++- .../config/service/domain_config_service.py | 2 -- .../config/service/user_config_service.py | 32 +++++++++++++------ 5 files changed, 29 insertions(+), 17 deletions(-) diff --git a/src/spaceone/config/info/domain_config_info.py b/src/spaceone/config/info/domain_config_info.py index 4a2091d..2111a76 100644 --- a/src/spaceone/config/info/domain_config_info.py +++ b/src/spaceone/config/info/domain_config_info.py @@ -16,7 +16,6 @@ def DomainConfigInfo(domain_config_vo: DomainConfig, minimal=False): info.update({ 'data': change_struct_type(domain_config_vo.data), 'tags': change_struct_type(utils.tags_to_dict(domain_config_vo.tags)), - 'schema': domain_config_vo.schema, 'domain_id': domain_config_vo.domain_id, 'created_at': utils.datetime_to_iso8601(domain_config_vo.created_at) }) diff --git a/src/spaceone/config/model/domain_config_model.py b/src/spaceone/config/model/domain_config_model.py index 2359e37..a23539c 100644 --- a/src/spaceone/config/model/domain_config_model.py +++ b/src/spaceone/config/model/domain_config_model.py @@ -11,16 +11,14 @@ class DomainConfigTag(EmbeddedDocument): class DomainConfig(MongoModel): name = StringField(max_length=255, unique_with='domain_id') data = DictField() - schema = StringField(max_length=64) tags = ListField(EmbeddedDocumentField(DomainConfigTag)) - domain_id = StringField(max_length=255) + domain_id = StringField(max_length=40) created_at = DateTimeField(auto_now_add=True) meta = { 'updatable_fields': [ 'name', 'data', - 'schema', 'tags' ], 'minimal_fields': [ diff --git a/src/spaceone/config/model/user_config_model.py b/src/spaceone/config/model/user_config_model.py index 16fffad..4667efe 100644 --- a/src/spaceone/config/model/user_config_model.py +++ b/src/spaceone/config/model/user_config_model.py @@ -12,7 +12,8 @@ class UserConfig(MongoModel): name = StringField(max_length=255, unique_with='domain_id') data = DictField() tags = ListField(EmbeddedDocumentField(UserConfigTag)) - domain_id = StringField(max_length=255) + user_id = StringField(max_length=40, default=None, null=True) + domain_id = StringField(max_length=40) created_at = DateTimeField(auto_now_add=True) meta = { @@ -24,11 +25,15 @@ class UserConfig(MongoModel): 'minimal_fields': [ 'name' ], + 'change_query_keys': { + 'user_self': 'user_id' + }, 'ordering': [ 'name' ], 'indexes': [ 'name', + 'user_id', 'domain_id', ('tags.key', 'tags.value') ] diff --git a/src/spaceone/config/service/domain_config_service.py b/src/spaceone/config/service/domain_config_service.py index 52851fc..9cfb485 100644 --- a/src/spaceone/config/service/domain_config_service.py +++ b/src/spaceone/config/service/domain_config_service.py @@ -26,7 +26,6 @@ def create(self, params): params (dict): { 'name': 'str', 'data': 'dict', - 'schema': 'str', 'tags': 'dict', 'domain_id': 'str' } @@ -49,7 +48,6 @@ def update(self, params): params (dict): { 'name': 'str', 'data': 'dict', - 'schema': 'str', 'tags': 'dict', 'domain_id': 'str' } diff --git a/src/spaceone/config/service/user_config_service.py b/src/spaceone/config/service/user_config_service.py index fe35e14..06fb0f7 100644 --- a/src/spaceone/config/service/user_config_service.py +++ b/src/spaceone/config/service/user_config_service.py @@ -17,7 +17,7 @@ def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) self.user_config_mgr: UserConfigManager = self.locator.get_manager('UserConfigManager') - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) + @transaction(append_meta={'authorization.scope': 'USER'}) @check_required(['name', 'data', 'domain_id']) def create(self, params): """Create config map @@ -34,12 +34,16 @@ def create(self, params): user_config_vo (object) """ + user_type = self.transaction.get_meta('authorization.user_type') + if user_type != 'DOMAIN_OWNER': + params['user_id'] = self.transaction.get_meta('user_id') + if 'tags' in params: params['tags'] = utils.dict_to_tags(params['tags']) return self.user_config_mgr.create_user_config(params) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) + @transaction(append_meta={'authorization.scope': 'USER'}) @check_required(['name', 'domain_id']) def update(self, params): """Update config map @@ -61,7 +65,7 @@ def update(self, params): return self.user_config_mgr.update_user_config(params) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) + @transaction(append_meta={'authorization.scope': 'USER'}) @check_required(['name', 'domain_id']) def delete(self, params): """Delete config map @@ -78,7 +82,7 @@ def delete(self, params): self.user_config_mgr.delete_user_config(params['name'], params['domain_id']) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) + @transaction(append_meta={'authorization.scope': 'USER'}) @check_required(['name', 'domain_id']) def get(self, params): """Get config map @@ -96,9 +100,12 @@ def get(self, params): return self.user_config_mgr.get_user_config(params['name'], params['domain_id'], params.get('only')) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) + @transaction(append_meta={ + 'authorization.scope': 'USER', + 'mutation.append_parameter': {'user_self': {'meta': 'user_id', 'data': [None]}} + }) @check_required(['domain_id']) - @append_query_filter(['name', 'domain_id']) + @append_query_filter(['name', 'user_id', 'domain_id', 'user_self']) @change_tag_filter('tags') @append_keyword_filter(['name']) def list(self, params): @@ -108,7 +115,8 @@ def list(self, params): params (dict): { 'name': 'str', 'domain_id': 'str', - 'query': 'dict (spaceone.api.core.v1.Query)' + 'query': 'dict (spaceone.api.core.v1.Query)', + 'user_self': 'list', // from meta } Returns: @@ -119,9 +127,12 @@ def list(self, params): query = params.get('query', {}) return self.user_config_mgr.list_user_configs(query) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) + @transaction(append_meta={ + 'authorization.scope': 'USER', + 'mutation.append_parameter': {'user_self': {'meta': 'user_id', 'data': [None]}} + }) @check_required(['query', 'domain_id']) - @append_query_filter(['domain_id']) + @append_query_filter(['domain_id', 'user_self']) @change_tag_filter('tags') @append_keyword_filter(['name']) def stat(self, params): @@ -129,7 +140,8 @@ def stat(self, params): Args: params (dict): { 'domain_id': 'str', - 'query': 'dict (spaceone.api.core.v1.StatisticsQuery)' + 'query': 'dict (spaceone.api.core.v1.StatisticsQuery)', + 'user_self': 'list', // from meta } Returns: