Skip to content

Commit

Permalink
Merge pull request #37 from stat-kwon/master
Browse files Browse the repository at this point in the history 
fix: change PrivateDashboard permissions
  • Loading branch information
@stat-kwon
stat-kwon authored Dec 20, 2023
2 parents 5430293 + ea46a7a commit 68c18ae
Show file tree
Hide file tree
Showing 4 changed files with 109 additions and 62 deletions.
12 changes: 7 additions & 5 deletions src/spaceone/dashboard/manager/private_dashboard_manager.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ def _rollback(vo: PrivateDashboard) -> None:

def update_private_dashboard(self, params: dict) -> PrivateDashboard:
dashboard_vo: PrivateDashboard = self.get_private_dashboard(
params["private_dashboard_id"], params["domain_id"]
params["private_dashboard_id"], params["workspace_id"], params["domain_id"]
)
return self.update_private_dashboard_by_vo(params, dashboard_vo)

Expand All @@ -46,18 +46,20 @@ def _rollback(old_data: dict) -> None:
return dashboard_vo.update(params)

def delete_private_dashboard(
self, private_dashboard_id: str, domain_id: str
self, private_dashboard_id: str, workspace_id: str, domain_id: str
) -> None:
dashboard_vo: PrivateDashboard = self.get_private_dashboard(
private_dashboard_id, domain_id
private_dashboard_id, workspace_id, domain_id
)
dashboard_vo.delete()

def get_private_dashboard(
self, private_dashboard_id: str, domain_id: str
self, private_dashboard_id: str, workspace_id: str, domain_id: str
) -> PrivateDashboard:
return self.dashboard_model.get(
private_dashboard_id=private_dashboard_id, domain_id=domain_id
private_dashboard_id=private_dashboard_id,
workspace_id=workspace_id,
domain_id=domain_id,
)

def list_private_dashboards(self, query: dict) -> dict:
Expand Down
4 changes: 1 addition & 3 deletions src/spaceone/dashboard/manager/private_dashboard_version_manager.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,9 +65,7 @@ def get_version(self, private_dashboard_id, version, domain_id):
domain_id=domain_id,
)

def list_versions(self, query: dict = None) -> dict:
if query is None:
query = {}
def list_versions(self, query: dict) -> dict:
return self.version_model.query(**query)

def filter_versions(self, **conditions) -> dict:
Expand Down
137 changes: 96 additions & 41 deletions src/spaceone/dashboard/service/private_dashboard_service.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,11 @@ def __init__(self, *args, **kwargs):
)
self.identity_mgr: IdentityManager = self.locator.get_manager("IdentityManager")

@transaction(permission="dashboard:PrivateDashboard.write", role_types=["USER"])
@check_required(["name", "domain_id", "user_id"])
@transaction(
permission="dashboard:PrivateDashboard.write",
role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"],
)
@check_required(["name", "workspace_id", "domain_id", "user_id"])
def create(self, params: dict) -> PrivateDashboard:
"""Register private_dashboard
Expand All @@ -45,6 +48,7 @@ def create(self, params: dict) -> PrivateDashboard:
'labels': 'list',
'tags': 'dict',
'domain_id': 'str', # injected from auth (required)
'workspace_id': 'str', # injected from auth (required)
'user_id': 'str' # injected from auth (required)
}
Expand All @@ -62,8 +66,11 @@ def create(self, params: dict) -> PrivateDashboard:

return dashboard_vo

@transaction(permission="dashboard:PrivateDashboard.write", role_types=["USER"])
@check_required(["private_dashboard_id", "domain_id", "user_id"])
@transaction(
permission="dashboard:PrivateDashboard.write",
role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"],
)
@check_required(["private_dashboard_id", "workspace_id", "domain_id", "user_id"])
def update(self, params):
"""Update private_dashboard
Expand All @@ -77,7 +84,8 @@ def update(self, params):
'variables_schema': 'list',
'labels': 'list',
'tags': 'dict',
'domain_id': 'str' # injected from auth (required)
'domain_id': 'str', # injected from auth (required)
'workspace_id': 'str', # injected from auth (required)
'user_id': 'str' # injected from auth (required)
}
Expand All @@ -86,10 +94,11 @@ def update(self, params):
"""

private_dashboard_id = params["private_dashboard_id"]
workspace_id = params["workspace_id"]
domain_id = params["domain_id"]

dashboard_vo: PrivateDashboard = self.dashboard_mgr.get_private_dashboard(
private_dashboard_id, domain_id
private_dashboard_id, workspace_id, domain_id
)

if "name" not in params:
Expand All @@ -109,26 +118,31 @@ def update(self, params):

return self.dashboard_mgr.update_private_dashboard_by_vo(params, dashboard_vo)

@transaction(permission="dashboard:PrivateDashboard.write", role_types=["USER"])
@check_required(["private_dashboard_id", "domain_id", "user_id"])
@transaction(
permission="dashboard:PrivateDashboard.write",
role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"],
)
@check_required(["private_dashboard_id", "workspace_id", "domain_id", "user_id"])
def delete(self, params):
"""Deregister private_dashboard
Args:
params (dict): {
'private_dashboard_id': 'str', # required
'domain_id': 'str' # injected from auth (required)
'domain_id': 'str', # injected from auth (required)
'workspace_id': 'str', # injected from auth (required)
'user_id': 'str' # injected from auth (required)
}
Returns:
None
"""
private_dashboard_id = params["private_dashboard_id"]
workspace_id = params["workspace_id"]
domain_id = params["domain_id"]

dashboard_vo: PrivateDashboard = self.dashboard_mgr.get_private_dashboard(
private_dashboard_id, domain_id
private_dashboard_id, workspace_id, domain_id
)

if private_dashboard_version_vos := self.version_mgr.filter_versions(
Expand All @@ -140,40 +154,51 @@ def delete(self, params):

self.dashboard_mgr.delete_by_private_dashboard_vo(dashboard_vo)

@transaction(permission="dashboard:PrivateDashboard.read", role_types=["USER"])
@check_required(["private_dashboard_id", "domain_id", "user_id"])
@transaction(
permission="dashboard:PrivateDashboard.read",
role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"],
)
@check_required(["private_dashboard_id", "workspace_id", "domain_id", "user_id"])
def get(self, params):
"""Get private_dashboard
Args:
params (dict): {
'private_dashboard_id': 'str', # required
'domain_id': 'str' # injected from auth (required)
'domain_id': 'str', # injected from auth (required)
'workspace_id': 'str', # injected from auth (required)
'user_id': 'str' # injected from auth (required)
}
Returns:
private_dashboard_vo (object)
"""
private_dashboard_id = params["private_dashboard_id"]
workspace_id = params["workspace_id"]
domain_id = params["domain_id"]

dashboard_vo = self.dashboard_mgr.get_private_dashboard(
private_dashboard_id, domain_id
private_dashboard_id, workspace_id, domain_id
)

return dashboard_vo

@transaction(permission="dashboard:PrivateDashboard.write", role_types=["USER"])
@check_required(["private_dashboard_id", "version", "domain_id", "user_id"])
@transaction(
permission="dashboard:PrivateDashboard.write",
role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"],
)
@check_required(
["private_dashboard_id", "version", "workspace_id", "domain_id", "user_id"]
)
def delete_version(self, params):
"""delete version of domain dashboard
Args:
params (dict): {
'private_dashboard_id': 'str', # required
'version': 'int', # required
'domain_id': 'str' # injected from auth (required)
'domain_id': 'str', # injected from auth (required)
'workspace_id': 'str', # injected from auth (required)
'user_id': 'str' # injected from auth (required)
}
Expand All @@ -183,10 +208,11 @@ def delete_version(self, params):

private_dashboard_id = params["private_dashboard_id"]
version = params["version"]
workspace_id = params["workspace_id"]
domain_id = params["domain_id"]

dashboard_vo = self.dashboard_mgr.get_private_dashboard(
private_dashboard_id, domain_id
private_dashboard_id, workspace_id, domain_id
)

current_version = dashboard_vo.version
Expand All @@ -195,16 +221,23 @@ def delete_version(self, params):

self.version_mgr.delete_version(private_dashboard_id, version, domain_id)

@transaction(permission="dashboard:PrivateDashboard.write", role_types=["USER"])
@check_required(["private_dashboard_id", "version", "domain_id", "user_id"])
@transaction(
permission="dashboard:PrivateDashboard.write",
role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"],
)
@check_required(
["private_dashboard_id", "version", "workspace_id", "domain_id", "user_id"]
)
def revert_version(self, params):
"""Revert version of domain dashboard
Args:
params (dict): {
'private_dashboard_id': 'str', # required
'version': 'int', # required
'domain_id': 'str' # injected from auth (required)
'domain_id': 'str', # injected from auth (required)
'domain_id': 'str', # injected from auth (required)
'workspace_id': 'str', # injected from auth (required)
'user_id': 'str' # injected from auth (required)
}
Expand All @@ -214,10 +247,11 @@ def revert_version(self, params):

private_dashboard_id = params["private_dashboard_id"]
version = params["version"]
workspace_id = params["workspace_id"]
domain_id = params["domain_id"]

dashboard_vo: PrivateDashboard = self.dashboard_mgr.get_private_dashboard(
private_dashboard_id, domain_id
private_dashboard_id, workspace_id, domain_id
)

version_vo: PrivateDashboardVersion = self.version_mgr.get_version(
Expand All @@ -233,16 +267,22 @@ def revert_version(self, params):

return self.dashboard_mgr.update_private_dashboard_by_vo(params, dashboard_vo)

@transaction(permission="dashboard:PrivateDashboard.read", role_types=["USER"])
@check_required(["private_dashboard_id", "version", "domain_id", "user_id"])
@transaction(
permission="dashboard:PrivateDashboard.read",
role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"],
)
@check_required(
["private_dashboard_id", "version", "workspace_id", "domain_id", "user_id"]
)
def get_version(self, params):
"""Get version of domain dashboard
Args:
params (dict): {
'private_dashboard_id': 'str', # required
'version': 'int', # required
'domain_id': 'str' # injected from auth (required)
'domain_id': 'str', # injected from auth (required)
'workspace_id': 'str', # injected from auth (required)
'user_id': 'str' # injected from auth (required)
}
Expand All @@ -256,9 +296,12 @@ def get_version(self, params):

return self.version_mgr.get_version(private_dashboard_id, version, domain_id)

@transaction(permission="dashboard:PrivateDashboard.read", role_types=["USER"])
@check_required(["private_dashboard_id", "domain_id", "user_id"])
@append_query_filter(["private_dashboard_id", "version", "domain_id", "user_id"])
@transaction(
permission="dashboard:PrivateDashboard.read",
role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"],
)
@check_required(["private_dashboard_id", "workspace_id", "domain_id", "user_id"])
@append_query_filter(["private_dashboard_id", "version", "domain_id"])
@append_keyword_filter(["private_dashboard_id", "version"])
def list_versions(self, params):
"""List versions of domain dashboard
Expand All @@ -268,30 +311,37 @@ def list_versions(self, params):
'private_dashboard_id': 'str', # required
'query': 'dict (spaceone.api.core.v1.Query)'
'version': 'int',
'domain_id': 'str' # injected from auth (required)
'user_id': 'str' # injected from auth (required)
'domain_id': 'str', # injected from auth (required)
'workspace_id': 'str', # injected from auth (required)
'user_id': 'str' # injected from auth (required)
}
Returns:
private_dashboard_version_vos (object)
total_count
"""
private_dashboard_id = params["private_dashboard_id"]
workspace_id = params["workspace_id"]
domain_id = params["domain_id"]

query = params.get("query", {})
private_dashboard_version_vos, total_count = self.version_mgr.list_versions(
query
)
dashboard_vo = self.dashboard_mgr.get_private_dashboard(
private_dashboard_id, domain_id
private_dashboard_id, workspace_id, domain_id
)

return private_dashboard_version_vos, total_count, dashboard_vo.version

@transaction(permission="dashboard:PrivateDashboard.read", role_types=["USER"])
@check_required(["domain_id"])
@append_query_filter(["private_dashboard_id", "name", "domain_id", "user_id"])
@transaction(
permission="dashboard:PrivateDashboard.read",
role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"],
)
@check_required(["workspace_id", "domain_id", "user_id"])
@append_query_filter(
["private_dashboard_id", "name", "domain_id", "workspace_id", "user_id"]
)
@append_keyword_filter(["private_dashboard_id", "name"])
def list(self, params):
"""List private_dashboards
Expand All @@ -301,8 +351,9 @@ def list(self, params):
'query': 'dict (spaceone.api.core.v1.Query)'
'private_dashboard_id': 'str',
'name': 'str',
'domain_id': 'str', # injected from auth (required)
'user_id': 'str' # injected from auth (required)
'domain_id': 'str', # injected from auth (required)
'workspace_id': 'str', # injected from auth (required)
'user_id': 'str' # injected from auth (required)
}
Returns:
Expand All @@ -314,17 +365,21 @@ def list(self, params):

return self.dashboard_mgr.list_private_dashboards(query)

@transaction(permission="dashboard:PrivateDashboard.read", role_types=["USER"])
@check_required(["query", "domain_id"])
@append_query_filter(["domain_id", "user_id"])
@transaction(
permission="dashboard:PrivateDashboard.read",
role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"],
)
@check_required(["query", "workspace_id", "domain_id"])
@append_query_filter(["domain_id", "workspace_id", "user_id"])
@append_keyword_filter(["private_dashboard_id"])
def stat(self, params):
"""
Args:
params (dict): {
'query': 'dict (spaceone.api.core.v1.StatisticsQuery)'
'domain_id': 'str' # injected from auth (required)
'user_id': 'str' # injected from auth (required)
'domain_id': 'str', # injected from auth (required)
'workspace_id': 'str', # injected from auth (required)
'user_id': 'str' # injected from auth (required)
}
Returns:
Expand Down
Loading

0 comments on commit 68c18ae

Please sign in to comment.