summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimo Sorce <simo@redhat.com>2013-08-13 11:49:45 -0400
committerSimo Sorce <simo@redhat.com>2013-08-20 11:54:39 -0400
commitf69088859f1a00ae39d848a6a51c9420be69a483 (patch)
tree6c2e83a535d3534e558d1b3177e3742683f28d2a
parent86cf469e4feed55f5b6dfc8ab0f139b39afb75b8 (diff)
downloadkeystone-f69088859f1a00ae39d848a6a51c9420be69a483.tar.gz
keystone-f69088859f1a00ae39d848a6a51c9420be69a483.tar.xz
keystone-f69088859f1a00ae39d848a6a51c9420be69a483.zip
Add support to delete keys and groupsshared-key-msg
Change-Id: I4bc853f436d6a906175830e0d7000847becadd92
-rw-r--r--keystone/contrib/kds/backends/sql.py10
-rw-r--r--keystone/contrib/kds/controllers.py8
-rw-r--r--keystone/contrib/kds/core.py14
-rw-r--r--keystone/contrib/kds/routers.py10
4 files changed, 42 insertions, 0 deletions
diff --git a/keystone/contrib/kds/backends/sql.py b/keystone/contrib/kds/backends/sql.py
index 36dec215..f19cffb3 100644
--- a/keystone/contrib/kds/backends/sql.py
+++ b/keystone/contrib/kds/backends/sql.py
@@ -175,3 +175,13 @@ class KDS(sql.Base):
return None
d = key_ref.to_dict()
return d['key']
+
+ def del_key(self, kds_id):
+ session = self.get_session()
+
+ # Remove group key
+ with session.begin():
+ id = self._id_from_name(kds_id)
+ key_ref = session.query(Keys).filter_by(id=id).first()
+ session.delete(key_ref)
+ session.flush()
diff --git a/keystone/contrib/kds/controllers.py b/keystone/contrib/kds/controllers.py
index 949dc35c..616f1391 100644
--- a/keystone/contrib/kds/controllers.py
+++ b/keystone/contrib/kds/controllers.py
@@ -36,3 +36,11 @@ class KDSController(wsgi.Application):
def create_group(self, context, name):
self.assert_admin(context)
return self.kds_api.create_group(name)
+
+ def del_key(self, context, name):
+ self.assert_admin(context)
+ return self.kds_api.delete_key(name)
+
+ def delete_group(self, context, name):
+ self.assert_admin(context)
+ return self.kds_api.delete_group(name)
diff --git a/keystone/contrib/kds/core.py b/keystone/contrib/kds/core.py
index 53941f80..9f1fa904 100644
--- a/keystone/contrib/kds/core.py
+++ b/keystone/contrib/kds/core.py
@@ -302,6 +302,16 @@ class Manager(manager.Manager):
def create_group(self, name):
self.driver.set_group_key(name)
+ def delete_key(self, name):
+ if '.' not in name:
+ raise exception.Unauthorized('Invalid Request')
+ self.driver.del_key(name)
+
+ def delete_group(self, name):
+ if '.' in name:
+ raise exception.Unauthorized('Invalid Request')
+ self.driver.del_key(name)
+
class Driver(object):
"""Interface description for a KDS driver."""
@@ -314,6 +324,10 @@ class Driver(object):
"""Set or Create group key object."""
raise exception.NotImplemented()
+ def del_group_key(self, kds_id):
+ """Delete group key object."""
+ raise exception.NotImplemented()
+
def get_shared_key(self, kds_id):
"""Get key related to kds_id.
diff --git a/keystone/contrib/kds/routers.py b/keystone/contrib/kds/routers.py
index a04b948a..0f057055 100644
--- a/keystone/contrib/kds/routers.py
+++ b/keystone/contrib/kds/routers.py
@@ -47,3 +47,13 @@ class KDSExtension(wsgi.ExtensionRouter):
controller=kds_controller,
action='create_group',
conditions=dict(method=['PUT']))
+
+ mapper.connect('/kds/key/{name}',
+ controller=kds_controller,
+ action='del_key',
+ conditions=dict(method=['DELETE']))
+
+ mapper.connect('/kds/group/{name}',
+ controller=kds_controller,
+ action='delete_group',
+ conditions=dict(method=['DELETE']))