baha/skyline-apiserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8cb60f0833
skyline-apiserver/skyline_apiserver/policy/manager/placement.py
zhu.boxiang 8cb60f0833 chore: Move skyline_apiserver out of libs 
1. move skyline_apiserver out of libs
2. remove libs folder
3. remove old skyline folder
4. adjust zull, devstack and dockerfile

Change-Id: I27a4babd3df077d1dfc7555f67a6ea618d4b2966
2022-05-18 17:21:00 +08:00

291 lines
12 KiB
Python
Raw Blame History

# flake8: noqa
from . import base
list_rules = (
base.Rule(
name="admin_api",
check_str=("role:admin"),
description="Default rule for most placement APIs.",
),
base.APIRule(
name="placement:resource_providers:list",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="List resource providers.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/resource_providers"}],
),
base.APIRule(
name="placement:resource_providers:create",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Create resource provider.",
scope_types=["system"],
operations=[{"method": "POST", "path": "/resource_providers"}],
),
base.APIRule(
name="placement:resource_providers:show",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="Show resource provider.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/resource_providers/{uuid}"}],
),
base.APIRule(
name="placement:resource_providers:update",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Update resource provider.",
scope_types=["system"],
operations=[{"method": "PUT", "path": "/resource_providers/{uuid}"}],
),
base.APIRule(
name="placement:resource_providers:delete",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Delete resource provider.",
scope_types=["system"],
operations=[{"method": "DELETE", "path": "/resource_providers/{uuid}"}],
),
base.APIRule(
name="placement:resource_classes:list",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="List resource classes.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/resource_classes"}],
),
base.APIRule(
name="placement:resource_classes:create",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Create resource class.",
scope_types=["system"],
operations=[{"method": "POST", "path": "/resource_classes"}],
),
base.APIRule(
name="placement:resource_classes:show",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="Show resource class.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/resource_classes/{name}"}],
),
base.APIRule(
name="placement:resource_classes:update",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Update resource class.",
scope_types=["system"],
operations=[{"method": "PUT", "path": "/resource_classes/{name}"}],
),
base.APIRule(
name="placement:resource_classes:delete",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Delete resource class.",
scope_types=["system"],
operations=[{"method": "DELETE", "path": "/resource_classes/{name}"}],
),
base.APIRule(
name="placement:resource_providers:inventories:list",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="List resource provider inventories.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/resource_providers/{uuid}/inventories"}],
),
base.APIRule(
name="placement:resource_providers:inventories:create",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Create one resource provider inventory.",
scope_types=["system"],
operations=[{"method": "POST", "path": "/resource_providers/{uuid}/inventories"}],
),
base.APIRule(
name="placement:resource_providers:inventories:show",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="Show resource provider inventory.",
scope_types=["system"],
operations=[
{"method": "GET", "path": "/resource_providers/{uuid}/inventories/{resource_class}"},
],
),
base.APIRule(
name="placement:resource_providers:inventories:update",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Update resource provider inventory.",
scope_types=["system"],
operations=[
{"method": "PUT", "path": "/resource_providers/{uuid}/inventories"},
{"method": "PUT", "path": "/resource_providers/{uuid}/inventories/{resource_class}"},
],
),
base.APIRule(
name="placement:resource_providers:inventories:delete",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Delete resource provider inventory.",
scope_types=["system"],
operations=[
{"method": "DELETE", "path": "/resource_providers/{uuid}/inventories"},
{
"method": "DELETE",
"path": "/resource_providers/{uuid}/inventories/{resource_class}",
},
],
),
base.APIRule(
name="placement:resource_providers:aggregates:list",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="List resource provider aggregates.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/resource_providers/{uuid}/aggregates"}],
),
base.APIRule(
name="placement:resource_providers:aggregates:update",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Update resource provider aggregates.",
scope_types=["system"],
operations=[{"method": "PUT", "path": "/resource_providers/{uuid}/aggregates"}],
),
base.APIRule(
name="placement:resource_providers:usages",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="List resource provider usages.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/resource_providers/{uuid}/usages"}],
),
base.APIRule(
name="placement:usages",
check_str=(
"(role:reader and system_scope:all) or (role:reader and project_id:%(project_id)s)"
),
basic_check_str=("role:admin or role:reader"),
description="List total resource usages for a given project.",
scope_types=["system", "project"],
operations=[{"method": "GET", "path": "/usages"}],
),
base.APIRule(
name="placement:traits:list",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="List traits.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/traits"}],
),
base.APIRule(
name="placement:traits:show",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="Show trait.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/traits/{name}"}],
),
base.APIRule(
name="placement:traits:update",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Update trait.",
scope_types=["system"],
operations=[{"method": "PUT", "path": "/traits/{name}"}],
),
base.APIRule(
name="placement:traits:delete",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Delete trait.",
scope_types=["system"],
operations=[{"method": "DELETE", "path": "/traits/{name}"}],
),
base.APIRule(
name="placement:resource_providers:traits:list",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="List resource provider traits.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/resource_providers/{uuid}/traits"}],
),
base.APIRule(
name="placement:resource_providers:traits:update",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Update resource provider traits.",
scope_types=["system"],
operations=[{"method": "PUT", "path": "/resource_providers/{uuid}/traits"}],
),
base.APIRule(
name="placement:resource_providers:traits:delete",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Delete resource provider traits.",
scope_types=["system"],
operations=[{"method": "DELETE", "path": "/resource_providers/{uuid}/traits"}],
),
base.APIRule(
name="placement:allocations:manage",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Manage allocations.",
scope_types=["system"],
operations=[{"method": "POST", "path": "/allocations"}],
),
base.APIRule(
name="placement:allocations:list",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="List allocations.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/allocations/{consumer_uuid}"}],
),
base.APIRule(
name="placement:allocations:update",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Update allocations.",
scope_types=["system"],
operations=[{"method": "PUT", "path": "/allocations/{consumer_uuid}"}],
),
base.APIRule(
name="placement:allocations:delete",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Delete allocations.",
scope_types=["system"],
operations=[{"method": "DELETE", "path": "/allocations/{consumer_uuid}"}],
),
base.APIRule(
name="placement:resource_providers:allocations:list",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="List resource provider allocations.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/resource_providers/{uuid}/allocations"}],
),
base.APIRule(
name="placement:allocation_candidates:list",
check_str=("role:reader and system_scope:all"),
basic_check_str=("role:admin or role:reader"),
description="List allocation candidates.",
scope_types=["system"],
operations=[{"method": "GET", "path": "/allocation_candidates"}],
),
base.APIRule(
name="placement:reshaper:reshape",
check_str=("role:admin and system_scope:all"),
basic_check_str=("role:admin"),
description="Reshape Inventory and Allocations.",
scope_types=["system"],
operations=[{"method": "POST", "path": "/reshaper"}],
),
)
__all__ = ("list_rules",)
Reference in New Issue View Git Blame Copy Permalink