diff options
author | Dolph Mathews <dolph.mathews@gmail.com> | 2012-06-03 11:00:54 -0500 |
---|---|---|
committer | Dolph Mathews <dolph.mathews@gmail.com> | 2012-06-03 12:08:44 -0500 |
commit | 1d146f5c32e58a73a677d308370f147a3271c2cb (patch) | |
tree | 25c6e7879e95aa4b3478e966cd51bb58eb6e3697 /keystone/catalog | |
parent | 4bfa203ac433da1537d8da963bd7554d36f2add7 (diff) | |
download | keystone-1d146f5c32e58a73a677d308370f147a3271c2cb.tar.gz keystone-1d146f5c32e58a73a677d308370f147a3271c2cb.tar.xz keystone-1d146f5c32e58a73a677d308370f147a3271c2cb.zip |
Require authz for service CRUD (bug 1006822)
Change-Id: Ia90f0aa2b856b9a9874d4865fb92ee913e8125c5
Diffstat (limited to 'keystone/catalog')
-rw-r--r-- | keystone/catalog/core.py | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/keystone/catalog/core.py b/keystone/catalog/core.py index 68bcae24..afff7cf8 100644 --- a/keystone/catalog/core.py +++ b/keystone/catalog/core.py @@ -116,29 +116,36 @@ class Driver(object): class ServiceController(wsgi.Application): def __init__(self): self.catalog_api = Manager() + self.identity_api = identity.Manager() + self.policy_api = policy.Manager() + self.token_api = token.Manager() super(ServiceController, self).__init__() # CRUD extensions # NOTE(termie): this OS-KSADM stuff is not very consistent def get_services(self, context): + self.assert_admin(context) service_list = self.catalog_api.list_services(context) service_refs = [self.catalog_api.get_service(context, x) for x in service_list] return {'OS-KSADM:services': service_refs} def get_service(self, context, service_id): + self.assert_admin(context) service_ref = self.catalog_api.get_service(context, service_id) if not service_ref: raise exception.ServiceNotFound(service_id=service_id) return {'OS-KSADM:service': service_ref} def delete_service(self, context, service_id): + self.assert_admin(context) service_ref = self.catalog_api.get_service(context, service_id) if not service_ref: raise exception.ServiceNotFound(service_id=service_id) self.catalog_api.delete_service(context, service_id) def create_service(self, context, OS_KSADM_service): + self.assert_admin(context) service_id = uuid.uuid4().hex service_ref = OS_KSADM_service.copy() service_ref['id'] = service_id |