diff options
Diffstat (limited to 'barbicanclient/v1')
-rw-r--r-- | barbicanclient/v1/acls.py | 35 | ||||
-rw-r--r-- | barbicanclient/v1/cas.py | 5 | ||||
-rw-r--r-- | barbicanclient/v1/containers.py | 34 | ||||
-rw-r--r-- | barbicanclient/v1/orders.py | 14 | ||||
-rw-r--r-- | barbicanclient/v1/secrets.py | 29 |
5 files changed, 79 insertions, 38 deletions
diff --git a/barbicanclient/v1/acls.py b/barbicanclient/v1/acls.py index 3968ce0..7724048 100644 --- a/barbicanclient/v1/acls.py +++ b/barbicanclient/v1/acls.py @@ -86,10 +86,18 @@ class _PerOperationACL(ACLFormatter): return ACL.get_acl_ref_from_entity_ref(self.entity_ref) @property + def acl_ref_relative(self): + return self._parent_acl.acl_ref_relative + + @property def entity_ref(self): return self._entity_ref @property + def entity_uuid(self): + return self._parent_acl.entity_uuid + + @property def project_access(self): """Flag indicating project access behavior is enabled or not""" return self._project_access @@ -204,6 +212,12 @@ class ACL(object): return self._entity_ref @property + def entity_uuid(self): + """Entity UUID""" + return str(base.validate_ref_and_return_uuid( + self._entity_ref, self._acl_type)) + + @property def operation_acls(self): """List of operation specific ACL settings.""" return self._operation_acls @@ -212,6 +226,11 @@ class ACL(object): def acl_ref(self): return ACL.get_acl_ref_from_entity_ref(self.entity_ref) + @property + def acl_ref_relative(self): + return ACL.get_acl_ref_from_entity_ref_relative( + self.entity_uuid, self._parent_entity_path) + def add_operation_acl(self, users=None, project_access=None, operation_type=None, created=None, updated=None,): @@ -301,7 +320,7 @@ class ACL(object): acl_data['users'] = per_op_acl.users acl_dict[op_type] = acl_data - response = self._api.put(self.acl_ref, json=acl_dict) + response = self._api.put(self.acl_ref_relative, json=acl_dict) return response.json().get('acl_ref') @@ -314,7 +333,7 @@ class ACL(object): self.validate_input_ref() LOG.debug('Removing ACL for {0} for href: {1}' .format(self.acl_type, self.entity_ref)) - self._api.delete(self.acl_ref) + self._api.delete(self.acl_ref_relative) def load_acls_data(self): """Loads ACL entity from Barbican server using its acl_ref @@ -328,7 +347,7 @@ class ACL(object): :raises barbicanclient.exceptions.HTTPServerError: 5xx Responses """ - response = self._api.get(self.acl_ref) + response = self._api.get(self.acl_ref_relative) del self.operation_acls[:] # clearing list for all of its references for op_type in response: @@ -354,7 +373,7 @@ class ACL(object): else: raise ValueError('{0} URI is not specified.'.format(res_title)) - base.validate_ref(self.entity_ref, ref_type) + base.validate_ref_and_return_uuid(self.entity_ref, ref_type) return ref_type @staticmethod @@ -365,6 +384,14 @@ class ACL(object): return '{0}/{1}'.format(entity_ref, ACL._resource_name) @staticmethod + def get_acl_ref_from_entity_ref_relative(entity_ref, entity_type): + # Utility for converting entity ref to acl ref + if entity_ref: + entity_ref = entity_ref.rstrip('/') + return '{0}/{1}/{2}'.format(entity_type, entity_ref, + ACL._resource_name) + + @staticmethod def identify_ref_type(entity_ref): # Utility for identifying ACL type from given entity URI. if not entity_ref: diff --git a/barbicanclient/v1/cas.py b/barbicanclient/v1/cas.py index d076e4b..6a8f541 100644 --- a/barbicanclient/v1/cas.py +++ b/barbicanclient/v1/cas.py @@ -171,7 +171,8 @@ class CA(CAFormatter): def _fill_lazy_properties(self): if self._ca_ref and not self._plugin_name: - result = self._api.get(self._ca_ref) + uuid_ref = base.calculate_uuid_ref(self._ca_ref, self._entity) + result = self._api.get(uuid_ref) self._fill_from_data( meta=result.get('meta'), expiration=result.get('expiration'), @@ -205,7 +206,7 @@ class CAManager(base.BaseEntityManager): :raises barbicanclient.exceptions.HTTPServerError: 5xx Responses """ LOG.debug("Getting ca - CA href: {0}".format(ca_ref)) - base.validate_ref(ca_ref, 'CA') + base.validate_ref_and_return_uuid(ca_ref, 'CA') return CA( api=self._api, ca_ref=ca_ref diff --git a/barbicanclient/v1/containers.py b/barbicanclient/v1/containers.py index 45cdf48..4c362ab 100644 --- a/barbicanclient/v1/containers.py +++ b/barbicanclient/v1/containers.py @@ -211,7 +211,9 @@ class Container(ContainerFormatter): def delete(self): """Delete container from Barbican""" if self._container_ref: - self._api.delete(self._container_ref) + uuid_ref = base.calculate_uuid_ref(self._container_ref, + self._entity) + self._api.delete(uuid_ref) self._container_ref = None self._status = None self._created = None @@ -235,9 +237,10 @@ class Container(ContainerFormatter): raise AttributeError("container_ref not set, cannot reload data.") LOG.debug('Getting container - Container href: {0}' .format(self._container_ref)) - base.validate_ref(self._container_ref, 'Container') + uuid_ref = base.calculate_uuid_ref(self._container_ref, + self._entity) try: - response = self._api.get(self._container_ref) + response = self._api.get(uuid_ref) except AttributeError: raise LookupError('Container {0} could not be found.' .format(self._container_ref)) @@ -530,14 +533,14 @@ class ContainerManager(base.BaseEntityManager): def get(self, container_ref): """Retrieve an existing Container from Barbican - :param str container_ref: Full HATEOAS reference to a Container + :param container_ref: Full HATEOAS reference to a Container, or a UUID :returns: Container object or a subclass of the appropriate type """ LOG.debug('Getting container - Container href: {0}' .format(container_ref)) - base.validate_ref(container_ref, 'Container') + uuid_ref = base.calculate_uuid_ref(container_ref, self._entity) try: - response = self._api.get(container_ref) + response = self._api.get(uuid_ref) except AttributeError: raise LookupError('Container {0} could not be found.' .format(container_ref)) @@ -688,14 +691,15 @@ class ContainerManager(base.BaseEntityManager): def delete(self, container_ref): """Delete a Container from Barbican - :param container_ref: Full HATEOAS reference to a Container + :param container_ref: Full HATEOAS reference to a Container, or a UUID :raises barbicanclient.exceptions.HTTPAuthError: 401 Responses :raises barbicanclient.exceptions.HTTPClientError: 4xx Responses :raises barbicanclient.exceptions.HTTPServerError: 5xx Responses """ if not container_ref: raise ValueError('container_ref is required.') - self._api.delete(container_ref) + uuid_ref = base.calculate_uuid_ref(container_ref, self._entity) + self._api.delete(uuid_ref) def list(self, limit=10, offset=0, name=None, type=None): """List containers for the project. @@ -728,7 +732,7 @@ class ContainerManager(base.BaseEntityManager): def register_consumer(self, container_ref, name, url): """Add a consumer to the container - :param container_ref: Full HATEOAS reference to a Container + :param container_ref: Full HATEOAS reference to a Container, or a UUID :param name: Name of the consuming service :param url: URL of the consuming resource :returns: A container object per the get() method @@ -738,8 +742,9 @@ class ContainerManager(base.BaseEntityManager): """ LOG.debug('Creating consumer registration for container ' '{0} as {1}: {2}'.format(container_ref, name, url)) - href = '{0}/{1}/consumers'.format(self._entity, - container_ref.split('/')[-1]) + container_uuid = base.validate_ref_and_return_uuid( + container_ref, 'Container') + href = '{0}/{1}/consumers'.format(self._entity, container_uuid) consumer_dict = dict() consumer_dict['name'] = name consumer_dict['URL'] = url @@ -750,7 +755,7 @@ class ContainerManager(base.BaseEntityManager): def remove_consumer(self, container_ref, name, url): """Remove a consumer from the container - :param container_ref: Full HATEOAS reference to a Container + :param container_ref: Full HATEOAS reference to a Container, or a UUID :param name: Name of the previously consuming service :param url: URL of the previously consuming resource :raises barbicanclient.exceptions.HTTPAuthError: 401 Responses @@ -759,8 +764,9 @@ class ContainerManager(base.BaseEntityManager): """ LOG.debug('Deleting consumer registration for container ' '{0} as {1}: {2}'.format(container_ref, name, url)) - href = '{0}/{1}/consumers'.format(self._entity, - container_ref.split('/')[-1]) + container_uuid = base.validate_ref_and_return_uuid( + container_ref, 'Container') + href = '{0}/{1}/consumers'.format(self._entity, container_uuid) consumer_dict = { 'name': name, 'URL': url diff --git a/barbicanclient/v1/orders.py b/barbicanclient/v1/orders.py index 3b62f97..15eca81 100644 --- a/barbicanclient/v1/orders.py +++ b/barbicanclient/v1/orders.py @@ -241,7 +241,8 @@ class Order(object): def delete(self): """Deletes the Order from Barbican""" if self._order_ref: - self._api.delete(self._order_ref) + uuid_ref = base.calculate_uuid_ref(self._order_ref, self._entity) + self._api.delete(uuid_ref) self._order_ref = None else: raise LookupError("Order is not yet stored.") @@ -388,16 +389,16 @@ class OrderManager(base.BaseEntityManager): def get(self, order_ref): """Retrieve an existing Order from Barbican - :param order_ref: Full HATEOAS reference to an Order + :param order_ref: Full HATEOAS reference to an Order, or a UUID :returns: An instance of the appropriate subtype of Order :raises barbicanclient.exceptions.HTTPAuthError: 401 Responses :raises barbicanclient.exceptions.HTTPClientError: 4xx Responses :raises barbicanclient.exceptions.HTTPServerError: 5xx Responses """ LOG.debug("Getting order - Order href: {0}".format(order_ref)) - base.validate_ref(order_ref, 'Order') + uuid_ref = base.calculate_uuid_ref(order_ref, self._entity) try: - response = self._api.get(order_ref) + response = self._api.get(uuid_ref) except AttributeError: raise LookupError( 'Order {0} could not be found.'.format(order_ref) @@ -518,11 +519,12 @@ class OrderManager(base.BaseEntityManager): def delete(self, order_ref): """Delete an Order from Barbican - :param order_ref: The href for the order + :param order_ref: Full HATEOAS reference to an Order, or a UUID """ if not order_ref: raise ValueError('order_ref is required.') - self._api.delete(order_ref) + uuid_ref = base.calculate_uuid_ref(order_ref, self._entity) + self._api.delete(uuid_ref) def list(self, limit=10, offset=0): """List Orders for the project diff --git a/barbicanclient/v1/secrets.py b/barbicanclient/v1/secrets.py index c2577d0..5b0c4a1 100644 --- a/barbicanclient/v1/secrets.py +++ b/barbicanclient/v1/secrets.py @@ -357,14 +357,16 @@ class Secret(SecretFormatter): else: raise exceptions.PayloadException("Invalid Payload Type") - self._api.put(self._secret_ref, + uuid_ref = base.calculate_uuid_ref(self._secret_ref, self._entity) + self._api.put(uuid_ref, headers=headers, data=self.payload) def delete(self): """Deletes the Secret from Barbican""" if self._secret_ref: - self._api.delete(self._secret_ref) + uuid_ref = base.calculate_uuid_ref(self._secret_ref, self._entity) + self._api.delete(uuid_ref) self._secret_ref = None else: raise LookupError("Secret is not yet stored.") @@ -411,7 +413,8 @@ class Secret(SecretFormatter): def _fill_lazy_properties(self): if self._secret_ref and not self._name: - result = self._api.get(self._secret_ref) + uuid_ref = base.calculate_uuid_ref(self._secret_ref, self._entity) + result = self._api.get(uuid_ref) self._fill_from_data( name=result.get('name'), expiration=result.get('expiration'), @@ -444,7 +447,7 @@ class SecretManager(base.BaseEntityManager): def get(self, secret_ref, payload_content_type=None): """Retrieve an existing Secret from Barbican - :param str secret_ref: Full HATEOAS reference to a Secret + :param str secret_ref: Full HATEOAS reference to a Secret, or a UUID :param str payload_content_type: DEPRECATED: Content type to use for payload decryption. Setting this can lead to unexpected results. See Launchpad Bug #1419166. @@ -455,7 +458,7 @@ class SecretManager(base.BaseEntityManager): :raises barbicanclient.exceptions.HTTPServerError: 5xx Responses """ LOG.debug("Getting secret - Secret href: {0}".format(secret_ref)) - base.validate_ref(secret_ref, 'Secret') + base.validate_ref_and_return_uuid(secret_ref, 'Secret') return Secret( api=self._api, payload_content_type=payload_content_type, @@ -463,16 +466,16 @@ class SecretManager(base.BaseEntityManager): ) def update(self, secret_ref, payload=None): - """Update an existing Secret from Barbican + """Update an existing Secret in Barbican - :param str secret_ref: Full HATEOAS reference to a Secret + :param str secret_ref: Full HATEOAS reference to a Secret, or a UUID :param str payload: New payload to add to secret :raises barbicanclient.exceptions.HTTPAuthError: 401 Responses :raises barbicanclient.exceptions.HTTPClientError: 4xx Responses :raises barbicanclient.exceptions.HTTPServerError: 5xx Responses """ - base.validate_ref(secret_ref, 'Secret') + base.validate_ref_and_return_uuid(secret_ref, 'Secret') if not secret_ref: raise ValueError('secret_ref is required.') @@ -483,7 +486,8 @@ class SecretManager(base.BaseEntityManager): else: raise exceptions.PayloadException("Invalid Payload Type") - self._api.put(secret_ref, + uuid_ref = base.calculate_uuid_ref(secret_ref, self._entity) + self._api.put(uuid_ref, headers=headers, data=payload) @@ -524,15 +528,16 @@ class SecretManager(base.BaseEntityManager): def delete(self, secret_ref): """Delete a Secret from Barbican - :param secret_ref: The href for the secret to be deleted + :param secret_ref: Full HATEOAS reference to a Secret, or a UUID :raises barbicanclient.exceptions.HTTPAuthError: 401 Responses :raises barbicanclient.exceptions.HTTPClientError: 4xx Responses :raises barbicanclient.exceptions.HTTPServerError: 5xx Responses """ - base.validate_ref(secret_ref, 'Secret') + base.validate_ref_and_return_uuid(secret_ref, 'Secret') if not secret_ref: raise ValueError('secret_ref is required.') - self._api.delete(secret_ref) + uuid_ref = base.calculate_uuid_ref(secret_ref, self._entity) + self._api.delete(uuid_ref) def list(self, limit=10, offset=0, name=None, algorithm=None, mode=None, bits=0, secret_type=None, created=None, updated=None, |