diff options
Diffstat (limited to 'zuul/web/__init__.py')
-rwxr-xr-x | zuul/web/__init__.py | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/zuul/web/__init__.py b/zuul/web/__init__.py index e9cff38d1..1650b2f7d 100755 --- a/zuul/web/__init__.py +++ b/zuul/web/__init__.py @@ -804,6 +804,7 @@ class ZuulWebAPI(object): 'info': '/api/info', 'connections': '/api/connections', 'components': '/api/components', + 'authorizations': '/api/authorizations', 'tenants': '/api/tenants', 'tenant_info': '/api/tenant/{tenant}/info', 'status': '/api/tenant/{tenant}/status', @@ -897,7 +898,7 @@ class ZuulWebAPI(object): else: tenant_name = '*' admin_rules = [] - access_rules = self.zuulweb.api_root.access_rules + access_rules = self.zuulweb.abide.api_root.access_rules override = claims.get('zuul', {}).get('admin', []) if (override == '*' or (isinstance(override, list) and tenant_name in override)): @@ -955,6 +956,14 @@ class ZuulWebAPI(object): @cherrypy.expose @cherrypy.tools.json_out(content_type='application/json; charset=utf-8') @cherrypy.tools.handle_options() + @cherrypy.tools.check_root_auth(require_auth=True) + def root_authorizations(self, auth): + return {'zuul': {'admin': auth.admin, + 'scope': ['*']}, } + + @cherrypy.expose + @cherrypy.tools.json_out(content_type='application/json; charset=utf-8') + @cherrypy.tools.handle_options() @cherrypy.tools.check_tenant_auth(require_auth=True) def tenant_authorizations(self, tenant_name, tenant, auth): return {'zuul': {'admin': auth.admin, @@ -1950,6 +1959,10 @@ class ZuulWeb(object): '/api/tenant/{tenant_name}/authorizations', controller=api, action='tenant_authorizations') + route_map.connect('api', + '/api/authorizations', + controller=api, + action='root_authorizations') route_map.connect('api', '/api/tenant/{tenant_name}/promote', controller=api, action='promote') route_map.connect( |