Commit bcd6d5e4 authored by Giorgos Korfiatis's avatar Giorgos Korfiatis Committed by Christos Stavrakakis
Browse files

astakos: Restrict resource access in API

Make available in the API only resources with api_visible=True.
parent 66d07d8c
......@@ -95,6 +95,8 @@ def _application_details(application, all_grants):
grants = all_grants.get(application.id, [])
resources = {}
for grant in grants:
if not grant.resource.api_visible:
continue
resources[grant.resource.name] = {
"member_capacity": grant.member_capacity,
"project_capacity": grant.project_capacity,
......
......@@ -39,7 +39,7 @@ from django.db import transaction
from snf_django.lib import api
from snf_django.lib.api.faults import BadRequest, ItemNotFound
from astakos.im.register import get_resources
from astakos.im import register
from astakos.im.quotas import get_user_quotas, service_get_quotas
import astakos.quotaholder_app.exception as qh_exception
......@@ -52,7 +52,9 @@ from .util import (json_response, is_integer, are_integer,
@api.api_method(http_method='GET', token_required=True, user_required=False)
@user_from_token
def quotas(request):
result = get_user_quotas(request.user)
visible_resources = register.get_api_visible_resources()
resource_names = [r.name for r in visible_resources]
result = get_user_quotas(request.user, resources=resource_names)
return json_response(result)
......@@ -71,7 +73,8 @@ def service_quotas(request):
@api.api_method(http_method='GET', token_required=False, user_required=False)
def resources(request):
result = get_resources()
resources = register.get_api_visible_resources()
result = register.resources_to_dict(resources)
return json_response(result)
......
......@@ -738,7 +738,8 @@ def validate_resource_policies(policies):
raise ProjectBadRequest("Malformed resource policies")
resource_names = policies.keys()
resources = Resource.objects.filter(name__in=resource_names)
resources = Resource.objects.filter(name__in=resource_names,
api_visible=True)
resource_d = {}
for resource in resources:
resource_d[resource.name] = resource
......
......@@ -40,7 +40,7 @@ from django.core.management import CommandError
from synnefo.util import units
from astakos.im.models import AstakosUser
from astakos.im.register import get_resources
from astakos.im import register
import sys
......@@ -163,7 +163,8 @@ class ResourceDict(object):
@classmethod
def get(cls):
if cls._object is None:
cls._object = get_resources()
rs = register.get_resources()
cls._object = register.resources_to_dict(rs)
return cls._object
......
......@@ -123,6 +123,13 @@ def update_resources(updates):
% (resource.name, uplimit))
def resources_to_dict(resources):
resource_dict = {}
for r in resources:
resource_dict[r.name] = r.get_info()
return resource_dict
def get_resources(resources=None, services=None):
if resources is None:
rs = Resource.objects.all()
......@@ -132,11 +139,12 @@ def get_resources(resources=None, services=None):
if services is not None:
rs = rs.filter(service__in=services)
resource_dict = {}
for r in rs:
resource_dict[r.full_name()] = r.get_info()
return rs
return resource_dict
def get_api_visible_resources(resources=None, services=None):
rs = get_resources(resources, services)
return rs.filter(api_visible=True)
def add_endpoint(component, service, endpoint_dict, out=None):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment