Merge "Adds extension for retrieving certificates"

author: Jenkins <jenkins@review.openstack.org> 2012-01-25 06:56:48 +0000
committer: Gerrit Code Review <review@openstack.org> 2012-01-25 06:56:48 +0000
commit: 99daaea663ade3839142f538427faa85d0e64c8f (patch)
tree: c80b695288e07604b56634d4695136c51831ee19 /nova/api
parent: 2594e480b2d90490a92865afbeecda35b29320d6 (diff)
parent: 4fb1e8d34feafafe423e012c7031835024d85dcd (diff)
download: nova-99daaea663ade3839142f538427faa85d0e64c8f.tar.gz
nova-99daaea663ade3839142f538427faa85d0e64c8f.tar.xz
nova-99daaea663ade3839142f538427faa85d0e64c8f.zip
1 files changed, 112 insertions, 0 deletions
diff --git a/nova/api/openstack/compute/contrib/certificates.py b/nova/api/openstack/compute/contrib/certificates.py
new file mode 100644
index 000000000..6805daec6
--- /dev/null
+++ b/nova/api/openstack/compute/contrib/certificates.py
@@ -0,0 +1,112 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright (c) 2012 OpenStack, LLC.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License
+
+import webob.exc
+
+from nova.api.openstack import wsgi
+from nova.api.openstack import xmlutil
+from nova.api.openstack import extensions
+from nova import flags
+from nova import log as logging
+from nova import network
+from nova import rpc
+
+
+LOG = logging.getLogger('nova.api.openstack.compute.contrib.certificates')
+FLAGS = flags.FLAGS
+authorize = extensions.extension_authorizer('compute', 'certificates')
+
+
+def make_certificate(elem):
+    elem.set('data')
+    elem.set('private_key')
+
+
+class CertificateTemplate(xmlutil.TemplateBuilder):
+    def construct(self):
+        root = xmlutil.TemplateElement('certificate',
+                                       selector='certificate')
+        make_certificate(root)
+        return xmlutil.MasterTemplate(root, 1)
+
+
+class CertificatesTemplate(xmlutil.TemplateBuilder):
+    def construct(self):
+        root = xmlutil.TemplateElement('certificates')
+        elem = xmlutil.SubTemplateElement(root, 'certificate',
+                                          selector='certificates')
+        make_certificate(elem)
+        return xmlutil.MasterTemplate(root, 1)
+
+
+def _translate_certificate_view(certificate, private_key=None):
+    return {
+        'data': certificate,
+        'private_key': private_key,
+    }
+
+
+class CertificatesController(object):
+    """The x509 Certificates API controller for the OpenStack API."""
+
+    def __init__(self):
+        self.network_api = network.API()
+        super(CertificatesController, self).__init__()
+
+    @wsgi.serializers(xml=CertificateTemplate)
+    def show(self, req, id):
+        """Return a list of certificates."""
+        context = req.environ['nova.context']
+        authorize(context)
+        if id != 'root':
+            msg = _("Only root certificate can be retrieved.")
+            raise webob.exc.HTTPNotImplemented(explanation=msg)
+        cert = rpc.call(context, FLAGS.cert_topic,
+                        {"method": "fetch_ca",
+                         "args": {"project_id": context.project_id}})
+        return {'certificate': _translate_certificate_view(cert)}
+
+    @wsgi.serializers(xml=CertificateTemplate)
+    def create(self, req, body=None):
+        """Return a list of certificates."""
+        context = req.environ['nova.context']
+        authorize(context)
+        pk, cert = rpc.call(context, FLAGS.cert_topic,
+                            {"method": "generate_x509_cert",
+                             "args": {"user_id": context.user_id,
+                                      "project_id": context.project_id}})
+        context = req.environ['nova.context']
+        return {'certificate': _translate_certificate_view(cert, pk)}
+
+
+class Certificates(extensions.ExtensionDescriptor):
+    """Certificates support"""
+
+    name = "Certificates"
+    alias = "os-certificates"
+    namespace = \
+        "http://docs.openstack.org/compute/ext/certificates/api/v1.1"
+    updated = "2012-01-19T00:00:00+00:00"
+
+    def get_resources(self):
+        resources = []
+
+        res = extensions.ResourceExtension('os-certificates',
+                         CertificatesController(),
+                         member_actions={})
+        resources.append(res)
+
+        return resources
author	Jenkins <jenkins@review.openstack.org>	2012-01-25 06:56:48 +0000
committer	Gerrit Code Review <review@openstack.org>	2012-01-25 06:56:48 +0000
commit	99daaea663ade3839142f538427faa85d0e64c8f (patch)
tree	c80b695288e07604b56634d4695136c51831ee19 /nova/api
parent	2594e480b2d90490a92865afbeecda35b29320d6 (diff)
parent	4fb1e8d34feafafe423e012c7031835024d85dcd (diff)
download	nova-99daaea663ade3839142f538427faa85d0e64c8f.tar.gz nova-99daaea663ade3839142f538427faa85d0e64c8f.tar.xz nova-99daaea663ade3839142f538427faa85d0e64c8f.zip