diff --git a/src/spaceone/dashboard/manager/private_dashboard_manager.py b/src/spaceone/dashboard/manager/private_dashboard_manager.py index 6b0af04..24836e5 100644 --- a/src/spaceone/dashboard/manager/private_dashboard_manager.py +++ b/src/spaceone/dashboard/manager/private_dashboard_manager.py @@ -28,7 +28,7 @@ def _rollback(vo: PrivateDashboard) -> None: def update_private_dashboard(self, params: dict) -> PrivateDashboard: dashboard_vo: PrivateDashboard = self.get_private_dashboard( - params["private_dashboard_id"], params["domain_id"] + params["private_dashboard_id"], params["workspace_id"], params["domain_id"] ) return self.update_private_dashboard_by_vo(params, dashboard_vo) @@ -46,18 +46,20 @@ def _rollback(old_data: dict) -> None: return dashboard_vo.update(params) def delete_private_dashboard( - self, private_dashboard_id: str, domain_id: str + self, private_dashboard_id: str, workspace_id: str, domain_id: str ) -> None: dashboard_vo: PrivateDashboard = self.get_private_dashboard( - private_dashboard_id, domain_id + private_dashboard_id, workspace_id, domain_id ) dashboard_vo.delete() def get_private_dashboard( - self, private_dashboard_id: str, domain_id: str + self, private_dashboard_id: str, workspace_id: str, domain_id: str ) -> PrivateDashboard: return self.dashboard_model.get( - private_dashboard_id=private_dashboard_id, domain_id=domain_id + private_dashboard_id=private_dashboard_id, + workspace_id=workspace_id, + domain_id=domain_id, ) def list_private_dashboards(self, query: dict) -> dict: diff --git a/src/spaceone/dashboard/manager/private_dashboard_version_manager.py b/src/spaceone/dashboard/manager/private_dashboard_version_manager.py index f80be6a..4833799 100644 --- a/src/spaceone/dashboard/manager/private_dashboard_version_manager.py +++ b/src/spaceone/dashboard/manager/private_dashboard_version_manager.py @@ -65,9 +65,7 @@ def get_version(self, private_dashboard_id, version, domain_id): domain_id=domain_id, ) - def list_versions(self, query: dict = None) -> dict: - if query is None: - query = {} + def list_versions(self, query: dict) -> dict: return self.version_model.query(**query) def filter_versions(self, **conditions) -> dict: diff --git a/src/spaceone/dashboard/service/private_dashboard_service.py b/src/spaceone/dashboard/service/private_dashboard_service.py index aad9471..0ec69d2 100644 --- a/src/spaceone/dashboard/service/private_dashboard_service.py +++ b/src/spaceone/dashboard/service/private_dashboard_service.py @@ -30,8 +30,11 @@ def __init__(self, *args, **kwargs): ) self.identity_mgr: IdentityManager = self.locator.get_manager("IdentityManager") - @transaction(permission="dashboard:PrivateDashboard.write", role_types=["USER"]) - @check_required(["name", "domain_id", "user_id"]) + @transaction( + permission="dashboard:PrivateDashboard.write", + role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"], + ) + @check_required(["name", "workspace_id", "domain_id", "user_id"]) def create(self, params: dict) -> PrivateDashboard: """Register private_dashboard @@ -45,6 +48,7 @@ def create(self, params: dict) -> PrivateDashboard: 'labels': 'list', 'tags': 'dict', 'domain_id': 'str', # injected from auth (required) + 'workspace_id': 'str', # injected from auth (required) 'user_id': 'str' # injected from auth (required) } @@ -62,8 +66,11 @@ def create(self, params: dict) -> PrivateDashboard: return dashboard_vo - @transaction(permission="dashboard:PrivateDashboard.write", role_types=["USER"]) - @check_required(["private_dashboard_id", "domain_id", "user_id"]) + @transaction( + permission="dashboard:PrivateDashboard.write", + role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"], + ) + @check_required(["private_dashboard_id", "workspace_id", "domain_id", "user_id"]) def update(self, params): """Update private_dashboard @@ -77,7 +84,8 @@ def update(self, params): 'variables_schema': 'list', 'labels': 'list', 'tags': 'dict', - 'domain_id': 'str' # injected from auth (required) + 'domain_id': 'str', # injected from auth (required) + 'workspace_id': 'str', # injected from auth (required) 'user_id': 'str' # injected from auth (required) } @@ -86,10 +94,11 @@ def update(self, params): """ private_dashboard_id = params["private_dashboard_id"] + workspace_id = params["workspace_id"] domain_id = params["domain_id"] dashboard_vo: PrivateDashboard = self.dashboard_mgr.get_private_dashboard( - private_dashboard_id, domain_id + private_dashboard_id, workspace_id, domain_id ) if "name" not in params: @@ -109,15 +118,19 @@ def update(self, params): return self.dashboard_mgr.update_private_dashboard_by_vo(params, dashboard_vo) - @transaction(permission="dashboard:PrivateDashboard.write", role_types=["USER"]) - @check_required(["private_dashboard_id", "domain_id", "user_id"]) + @transaction( + permission="dashboard:PrivateDashboard.write", + role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"], + ) + @check_required(["private_dashboard_id", "workspace_id", "domain_id", "user_id"]) def delete(self, params): """Deregister private_dashboard Args: params (dict): { 'private_dashboard_id': 'str', # required - 'domain_id': 'str' # injected from auth (required) + 'domain_id': 'str', # injected from auth (required) + 'workspace_id': 'str', # injected from auth (required) 'user_id': 'str' # injected from auth (required) } @@ -125,10 +138,11 @@ def delete(self, params): None """ private_dashboard_id = params["private_dashboard_id"] + workspace_id = params["workspace_id"] domain_id = params["domain_id"] dashboard_vo: PrivateDashboard = self.dashboard_mgr.get_private_dashboard( - private_dashboard_id, domain_id + private_dashboard_id, workspace_id, domain_id ) if private_dashboard_version_vos := self.version_mgr.filter_versions( @@ -140,15 +154,19 @@ def delete(self, params): self.dashboard_mgr.delete_by_private_dashboard_vo(dashboard_vo) - @transaction(permission="dashboard:PrivateDashboard.read", role_types=["USER"]) - @check_required(["private_dashboard_id", "domain_id", "user_id"]) + @transaction( + permission="dashboard:PrivateDashboard.read", + role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"], + ) + @check_required(["private_dashboard_id", "workspace_id", "domain_id", "user_id"]) def get(self, params): """Get private_dashboard Args: params (dict): { 'private_dashboard_id': 'str', # required - 'domain_id': 'str' # injected from auth (required) + 'domain_id': 'str', # injected from auth (required) + 'workspace_id': 'str', # injected from auth (required) 'user_id': 'str' # injected from auth (required) } @@ -156,16 +174,22 @@ def get(self, params): private_dashboard_vo (object) """ private_dashboard_id = params["private_dashboard_id"] + workspace_id = params["workspace_id"] domain_id = params["domain_id"] dashboard_vo = self.dashboard_mgr.get_private_dashboard( - private_dashboard_id, domain_id + private_dashboard_id, workspace_id, domain_id ) return dashboard_vo - @transaction(permission="dashboard:PrivateDashboard.write", role_types=["USER"]) - @check_required(["private_dashboard_id", "version", "domain_id", "user_id"]) + @transaction( + permission="dashboard:PrivateDashboard.write", + role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"], + ) + @check_required( + ["private_dashboard_id", "version", "workspace_id", "domain_id", "user_id"] + ) def delete_version(self, params): """delete version of domain dashboard @@ -173,7 +197,8 @@ def delete_version(self, params): params (dict): { 'private_dashboard_id': 'str', # required 'version': 'int', # required - 'domain_id': 'str' # injected from auth (required) + 'domain_id': 'str', # injected from auth (required) + 'workspace_id': 'str', # injected from auth (required) 'user_id': 'str' # injected from auth (required) } @@ -183,10 +208,11 @@ def delete_version(self, params): private_dashboard_id = params["private_dashboard_id"] version = params["version"] + workspace_id = params["workspace_id"] domain_id = params["domain_id"] dashboard_vo = self.dashboard_mgr.get_private_dashboard( - private_dashboard_id, domain_id + private_dashboard_id, workspace_id, domain_id ) current_version = dashboard_vo.version @@ -195,8 +221,13 @@ def delete_version(self, params): self.version_mgr.delete_version(private_dashboard_id, version, domain_id) - @transaction(permission="dashboard:PrivateDashboard.write", role_types=["USER"]) - @check_required(["private_dashboard_id", "version", "domain_id", "user_id"]) + @transaction( + permission="dashboard:PrivateDashboard.write", + role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"], + ) + @check_required( + ["private_dashboard_id", "version", "workspace_id", "domain_id", "user_id"] + ) def revert_version(self, params): """Revert version of domain dashboard @@ -204,7 +235,9 @@ def revert_version(self, params): params (dict): { 'private_dashboard_id': 'str', # required 'version': 'int', # required - 'domain_id': 'str' # injected from auth (required) + 'domain_id': 'str', # injected from auth (required) + 'domain_id': 'str', # injected from auth (required) + 'workspace_id': 'str', # injected from auth (required) 'user_id': 'str' # injected from auth (required) } @@ -214,10 +247,11 @@ def revert_version(self, params): private_dashboard_id = params["private_dashboard_id"] version = params["version"] + workspace_id = params["workspace_id"] domain_id = params["domain_id"] dashboard_vo: PrivateDashboard = self.dashboard_mgr.get_private_dashboard( - private_dashboard_id, domain_id + private_dashboard_id, workspace_id, domain_id ) version_vo: PrivateDashboardVersion = self.version_mgr.get_version( @@ -233,8 +267,13 @@ def revert_version(self, params): return self.dashboard_mgr.update_private_dashboard_by_vo(params, dashboard_vo) - @transaction(permission="dashboard:PrivateDashboard.read", role_types=["USER"]) - @check_required(["private_dashboard_id", "version", "domain_id", "user_id"]) + @transaction( + permission="dashboard:PrivateDashboard.read", + role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"], + ) + @check_required( + ["private_dashboard_id", "version", "workspace_id", "domain_id", "user_id"] + ) def get_version(self, params): """Get version of domain dashboard @@ -242,7 +281,8 @@ def get_version(self, params): params (dict): { 'private_dashboard_id': 'str', # required 'version': 'int', # required - 'domain_id': 'str' # injected from auth (required) + 'domain_id': 'str', # injected from auth (required) + 'workspace_id': 'str', # injected from auth (required) 'user_id': 'str' # injected from auth (required) } @@ -256,9 +296,12 @@ def get_version(self, params): return self.version_mgr.get_version(private_dashboard_id, version, domain_id) - @transaction(permission="dashboard:PrivateDashboard.read", role_types=["USER"]) - @check_required(["private_dashboard_id", "domain_id", "user_id"]) - @append_query_filter(["private_dashboard_id", "version", "domain_id", "user_id"]) + @transaction( + permission="dashboard:PrivateDashboard.read", + role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"], + ) + @check_required(["private_dashboard_id", "workspace_id", "domain_id", "user_id"]) + @append_query_filter(["private_dashboard_id", "version", "domain_id"]) @append_keyword_filter(["private_dashboard_id", "version"]) def list_versions(self, params): """List versions of domain dashboard @@ -268,8 +311,9 @@ def list_versions(self, params): 'private_dashboard_id': 'str', # required 'query': 'dict (spaceone.api.core.v1.Query)' 'version': 'int', - 'domain_id': 'str' # injected from auth (required) - 'user_id': 'str' # injected from auth (required) + 'domain_id': 'str', # injected from auth (required) + 'workspace_id': 'str', # injected from auth (required) + 'user_id': 'str' # injected from auth (required) } Returns: @@ -277,6 +321,7 @@ def list_versions(self, params): total_count """ private_dashboard_id = params["private_dashboard_id"] + workspace_id = params["workspace_id"] domain_id = params["domain_id"] query = params.get("query", {}) @@ -284,14 +329,19 @@ def list_versions(self, params): query ) dashboard_vo = self.dashboard_mgr.get_private_dashboard( - private_dashboard_id, domain_id + private_dashboard_id, workspace_id, domain_id ) return private_dashboard_version_vos, total_count, dashboard_vo.version - @transaction(permission="dashboard:PrivateDashboard.read", role_types=["USER"]) - @check_required(["domain_id"]) - @append_query_filter(["private_dashboard_id", "name", "domain_id", "user_id"]) + @transaction( + permission="dashboard:PrivateDashboard.read", + role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"], + ) + @check_required(["workspace_id", "domain_id", "user_id"]) + @append_query_filter( + ["private_dashboard_id", "name", "domain_id", "workspace_id", "user_id"] + ) @append_keyword_filter(["private_dashboard_id", "name"]) def list(self, params): """List private_dashboards @@ -301,8 +351,9 @@ def list(self, params): 'query': 'dict (spaceone.api.core.v1.Query)' 'private_dashboard_id': 'str', 'name': 'str', - 'domain_id': 'str', # injected from auth (required) - 'user_id': 'str' # injected from auth (required) + 'domain_id': 'str', # injected from auth (required) + 'workspace_id': 'str', # injected from auth (required) + 'user_id': 'str' # injected from auth (required) } Returns: @@ -314,17 +365,21 @@ def list(self, params): return self.dashboard_mgr.list_private_dashboards(query) - @transaction(permission="dashboard:PrivateDashboard.read", role_types=["USER"]) - @check_required(["query", "domain_id"]) - @append_query_filter(["domain_id", "user_id"]) + @transaction( + permission="dashboard:PrivateDashboard.read", + role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"], + ) + @check_required(["query", "workspace_id", "domain_id"]) + @append_query_filter(["domain_id", "workspace_id", "user_id"]) @append_keyword_filter(["private_dashboard_id"]) def stat(self, params): """ Args: params (dict): { 'query': 'dict (spaceone.api.core.v1.StatisticsQuery)' - 'domain_id': 'str' # injected from auth (required) - 'user_id': 'str' # injected from auth (required) + 'domain_id': 'str', # injected from auth (required) + 'workspace_id': 'str', # injected from auth (required) + 'user_id': 'str' # injected from auth (required) } Returns: diff --git a/src/spaceone/dashboard/service/public_dashboard_service.py b/src/spaceone/dashboard/service/public_dashboard_service.py index e7408d1..d5e4f63 100644 --- a/src/spaceone/dashboard/service/public_dashboard_service.py +++ b/src/spaceone/dashboard/service/public_dashboard_service.py @@ -48,9 +48,9 @@ def create(self, params: dict) -> PublicDashboard: 'labels': 'list', 'tags': 'dict', 'resource_group': 'str', # required + 'workspace_id': 'str', 'project_id': 'str', 'domain_id': 'str' # injected from auth (required) - 'workspace_id': 'str', # injected from auth 'user_projects': 'list' # injected from auth } @@ -175,8 +175,6 @@ def delete(self, params): permission="dashboard:PublicDashboard.read", role_types=["DOMAIN_ADMIN", "WORKSPACE_OWNER", "WORKSPACE_MEMBER"], ) - @change_value_by_rule("APPEND", "workspace_id", "*") - @change_value_by_rule("APPEND", "user_projects", "*") @check_required(["public_dashboard_id", "domain_id"]) def get(self, params): """Get public_dashboard @@ -288,8 +286,6 @@ def revert_version(self, params): permission="dashboard:PublicDashboard.read", role_types=["DOMAIN_ADMIN", "WORKSPACE_OWNER", "WORKSPACE_MEMBER"], ) - @change_value_by_rule("APPEND", "workspace_id", "*") - @change_value_by_rule("APPEND", "user_projects", "*") @check_required(["public_dashboard_id", "version", "domain_id"]) def get_version(self, params): """Get version of domain dashboard @@ -317,8 +313,6 @@ def get_version(self, params): permission="dashboard:PublicDashboard.read", role_types=["DOMAIN_ADMIN", "WORKSPACE_OWNER", "WORKSPACE_MEMBER"], ) - @change_value_by_rule("APPEND", "workspace_id", "*") - @change_value_by_rule("APPEND", "user_projects", "*") @check_required(["public_dashboard_id", "domain_id"]) @append_query_filter(["public_dashboard_id", "version", "domain_id"]) @append_keyword_filter(["public_dashboard_id", "version"]) @@ -358,10 +352,10 @@ def list_versions(self, params): permission="dashboard:PublicDashboard.read", role_types=["DOMAIN_ADMIN", "WORKSPACE_OWNER", "WORKSPACE_MEMBER"], ) - @change_value_by_rule("APPEND", "workspace_id", "*") - @change_value_by_rule("APPEND", "user_projects", "*") @check_required(["domain_id"]) - @append_query_filter(["public_dashboard_id", "name", "domain_id"]) + @append_query_filter( + ["public_dashboard_id", "name", "domain_id", "workspace_id", "user_projects"] + ) @append_keyword_filter(["public_dashboard_id", "name"]) def list(self, params): """List public_dashboards @@ -390,10 +384,8 @@ def list(self, params): permission="dashboard:PublicDashboard.read", role_types=["DOMAIN_ADMIN", "WORKSPACE_OWNER", "WORKSPACE_MEMBER"], ) - @change_value_by_rule("APPEND", "workspace_id", "*") - @change_value_by_rule("APPEND", "user_projects", "*") @check_required(["query", "domain_id"]) - @append_query_filter(["domain_id"]) + @append_query_filter(["domain_id", "workspace_id", "user_projects"]) @append_keyword_filter(["public_dashboard_id", "name"]) def stat(self, params): """