resources_to_operations_yaml = yaml.load(stream)
for resource, operation in resources_to_operations_yaml["resources_to_operations"].items():
- operation_key = operation.replace(".", ":")
- if operation_key not in operations:
- operations.append(operation_key)
- self.resources_to_operations_mapping[resource] = operation_key
+ if operation not in operations:
+ operations.append(operation)
+ self.resources_to_operations_mapping[resource] = operation
records = self.db.get_list("roles_operations")
if not isinstance(is_allowed, bool):
continue
- if operation == ".":
+ if operation == ":":
root = is_allowed
continue
- if len(operation) != 1 and operation[-1] == ".":
- self.logger.warning("Invalid operation {0} terminated in '.'. "
+ if len(operation) != 1 and operation[-1] == ":":
+ self.logger.warning("Invalid operation {0} terminated in ':'. "
"Operation will be discarded"
.format(operation))
continue
- operation_key = operation.replace(".", ":")
- if operation_key not in role_ops.keys():
- role_ops[operation_key] = is_allowed
+ if operation not in role_ops.keys():
+ role_ops[operation] = is_allowed
else:
self.logger.info("In role {0}, the operation {1} with the value {2} was discarded due to "
"repetition.".format(role_with_operations["role"], operation, is_allowed))
if self.config["authentication"]["backend"] != "internal" and \
role_with_operations["role"] != "anonymous":
- keystone_id = self.backend.create_role(role_with_operations["role"])
+ keystone_id = [role for role in self.backend.get_role_list()
+ if role["name"] == role_with_operations["role"]]
+ if keystone_id:
+ keystone_id = keystone_id[0]
+ else:
+ keystone_id = self.backend.create_role(role_with_operations["role"])
operation_to_roles_item["_id"] = keystone_id["_id"]
self.db.create("roles_operations", operation_to_roles_item)