Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
@auth_required(UPDATE)
def PUT(self, role_id):
# Pull all the role update data
role_data = self.params()
delta = role_data.get('delta', None)
manager = managers.role_manager()
role = manager.update_role(role_id, delta)
role.update(serialization.link.current_link_obj())
return self.ok(role)
class RoleUsers(JSONController):
# Scope: Sub-collection
# GET: List Users belonging to a role
# POST: Add user to a role
@auth_required(READ)
def GET(self, role_id):
user_query_manager = managers.user_query_manager()
role_users = user_query_manager.find_users_belonging_to_role(role_id)
return self.ok(role_users)
@auth_required(UPDATE)
def POST(self, role_id):
# Params (validation will occur in the manager)
if distributor_id is not None:
tags.append(resource_tag(dispatch_constants.RESOURCE_REPOSITORY_GROUP_DISTRIBUTOR_TYPE, distributor_id))
call_request = CallRequest(distributor_manager.add_distributor,
[repo_group_id, distributor_type_id, distributor_config, distributor_id],
weight=weight,
tags=tags)
call_request.updates_resource(dispatch_constants.RESOURCE_REPOSITORY_GROUP_TYPE, repo_group_id)
created = execution.execute(call_request)
href = serialization.link.child_link_obj(created['id'])
created.update(href)
return self.created(href['_href'], created)
class RepoGroupDistributor(JSONController):
# Scope: Exclusive Sub-resource
# GET: Get Distributor
# DELETE: Remove Distributor
# PUT: Update Distributor Config
@auth_required(authorization.READ)
def GET(self, repo_group_id, distributor_id):
distributor_manager = managers_factory.repo_group_distributor_manager()
dist = distributor_manager.get_distributor(repo_group_id, distributor_id)
href = serialization.link.current_link_obj()
dist.update(href)
return self.ok(dist)
if resource is None:
permissions = managers.permission_query_manager().find_all()
else:
permission = managers.permission_query_manager().find_by_resource(resource)
if permission is not None:
permissions = [permission]
for permission in permissions:
users = permission['users']
for user, ops in users.items():
users[user] = [operation_to_name(o) for o in ops]
return self.ok(permissions)
class GrantToUser(JSONController):
# Scope: Action
# POST: Grant permission to user
@auth_required(EXECUTE)
def POST(self):
# Params
params = self.params()
login = params.get('login', None)
resource = params.get('resource', None)
operation_names = params.get('operations', None)
_check_invalid_params({'login':login,
'resource':resource,
'operation_names':operation_names})
"""
Searches based on a Criteria object. Requires a posted parameter
'criteria' which has a data structure that can be turned into a
Criteria instance.
"""
items = self._get_query_results_from_post()
RepoCollection._process_repos(
items,
self.params().get('importers', False),
self.params().get('distributors', False)
)
return self.ok(items)
class RepoUnitAdvancedSearch(JSONController):
# Scope: Search
# POST: Advanced search for repo unit associations
@auth_required(READ)
def POST(self, repo_id):
# Params
params = self.params()
query = params.get('criteria', None)
repo_query_manager = manager_factory.repo_query_manager()
repo = repo_query_manager.find_by_id(repo_id)
if repo is None:
raise exceptions.MissingResource(repo_id=repo_id)
if query is None:
# There is NO WARRANTY for this software, express or implied,
# including the implied warranties of MERCHANTABILITY,
# NON-INFRINGEMENT, or FITNESS FOR A PARTICULAR PURPOSE. You should
# have received a copy of GPLv2 along with this software; if not, see
# http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
import web
from pulp.server.auth.authorization import READ
from pulp.server.db.model.criteria import Criteria
import pulp.server.exceptions as exceptions
from pulp.server.webservices.controllers.base import JSONController
from pulp.server.webservices.controllers.decorators import auth_required
class SearchController(JSONController):
def __init__(self, query_method):
"""
@param query_method: method that will be used for the search
@type query_method: any method that takes one argument of type
Criteria
"""
super(SearchController, self).__init__()
self.query_method = query_method
@auth_required(READ)
def GET(self):
"""
Searches based on a Criteria object. Pass in each Criteria field as a
query parameter. For the 'fields' parameter, pass multiple fields as
separate key-value pairs as is normal with query parameters in URLs. For
example, '/v2/sometype/search/?field=id&field=display_name' will
errataids = consumer_api.listerrata(id, [types])
return self.ok(errataids)
@error_handler
@auth_required(READ)
def GET(self, id, field_name):
"""
Deferred field dispatcher.
"""
field = getattr(self, field_name, None)
if field is None:
return self.internal_server_error('No implementation for %s found' % field_name)
return field(id)
class ConsumerActions(JSONController):
# See pulp.webservices.repositories.RepositoryActions for design
# NOTE the intersection of exposed_actions and exposed_fields must be empty
exposed_actions = (
'bind',
'unbind',
'add_key_value_pair',
'delete_key_value_pair',
'update_key_value_pair',
'installpackages',
'updatepackages',
'uninstallpackages',
'installpackagegroups',
'uninstallpackagegroups',
'installpackagegroupcategories',
new_schedule = data.get('schedule')
new_options = data.get('options')
scheduled_sync.update_repo_schedule(repo, new_schedule, new_options)
updated_repo = api.repository(repo_id, ['id', 'sync_schedule', 'sync_options'])
data = {
'id': repo_id,
'href': serialization.repo.v1_href(repo),
'schedule': updated_repo['sync_schedule'],
'options': updated_repo['sync_options'],
}
return self.ok(data)
POST = PUT
class RepositoryDeferredFields(JSONController):
# NOTE the intersection of exposed_fields and exposed_actions must be empty
exposed_fields = (
'packages',
'packagegroups',
'packagegroupcategories',
'errata',
'distribution',
'files',
'keys',
'comps',
)
def packages(self, id):
"""
[[wiki]]
def PUT(self):
log.debug('deprecated Consumers.PUT method called')
return self.POST()
@error_handler
@auth_required(DELETE)
def DELETE(self):
"""
Delete all consumers.
@return: True on successful deletion of all consumers
"""
consumer_api.clean()
return self.ok(True)
class Bulk(JSONController):
# XXX this class breaks the restful practices.... (need a better solution)
@error_handler
@auth_required(CREATE)
def POST(self):
consumer_api.bulkcreate(self.params())
return self.ok(True)
class Consumer(JSONController):
@error_handler
@auth_required(READ)
def GET(self, id):
"""
Get a consumer's meta data.
@param id: consumer id
from pulp.server.exceptions import MissingResource
# globals ---------------------------------------------------------------------
consumer_api = ConsumerApi()
history_api = ConsumerHistoryApi()
repo_api = RepoApi()
user_api = UserApi()
log = logging.getLogger('pulp')
# default fields for consumers being sent to a client
default_fields = ['id', 'description', 'capabilities', 'key_value_pairs',]
# controllers -----------------------------------------------------------------
class Consumers(JSONController):
@error_handler
@auth_required(READ)
def GET(self):
"""
List all available consumers.
@return: a list of all consumers
"""
valid_filters = ('id', 'package_name')
filters = self.filters(valid_filters)
package_names = filters.pop('package_name', None)
if package_names is not None:
result = consumer_api.consumers_with_package_names(package_names, default_fields)
consumers = self.filter_results(result, filters)
else:
spec = mongo.filters_to_re_spec(filters)
from pulp.server.webservices import execution
from pulp.server.dispatch import constants as dispatch_constants
from pulp.server.dispatch.call import CallRequest
from pulp.server.webservices.controllers.base import JSONController
from pulp.server.webservices.controllers.decorators import auth_required
from pulp.server.webservices import serialization
import pulp.server.exceptions as exceptions
# -- constants ----------------------------------------------------------------
_LOG = logging.getLogger(__name__)
# -- controllers --------------------------------------------------------------
class PermissionCollection(JSONController):
# Scope: Resource
# GET: Get permissions for a particular resource
@auth_required(READ)
def GET(self):
query_params = web.input()
resource = query_params.get('resource', None)
permissions = []
if resource is None:
permissions = managers.permission_query_manager().find_all()
else:
permission = managers.permission_query_manager().find_by_resource(resource)
if permission is not None:
permissions = [permission]