From c4650365704d7827e53280ca16f9bdb70bf9fcbb Mon Sep 17 00:00:00 2001 From: Eduardo Sousa Date: Tue, 4 Jun 2019 13:24:22 +0100 Subject: [PATCH] Fix bug 731 Change-Id: Ic2c80be5236dbfaf3ffa031eedf561a385e936c5 Signed-off-by: Eduardo Sousa --- osm_nbi/admin_topics.py | 50 ++--- osm_nbi/auth.py | 18 +- osm_nbi/resources_to_operations.yml | 272 ++++++++++++++-------------- osm_nbi/roles_to_operations.yml | 42 ++--- 4 files changed, 181 insertions(+), 201 deletions(-) diff --git a/osm_nbi/admin_topics.py b/osm_nbi/admin_topics.py index 2bc3003..fd4d0e9 100644 --- a/osm_nbi/admin_topics.py +++ b/osm_nbi/admin_topics.py @@ -788,7 +788,7 @@ class RoleTopicAuth(BaseTopic): if self.schema_new: validate_input(input, self.schema_new) self.validate_role_definition(self.operations, input) - + return input def _validate_input_edit(self, input, force=False): @@ -802,7 +802,7 @@ class RoleTopicAuth(BaseTopic): if self.schema_edit: validate_input(input, self.schema_edit) self.validate_role_definition(self.operations, input) - + return input def check_conflict_on_new(self, session, indata): @@ -868,22 +868,14 @@ class RoleTopicAuth(BaseTopic): if not content["_admin"].get("created"): content["_admin"]["created"] = now content["_admin"]["modified"] = now - - if "." in content.keys(): - content["root"] = content["."] - del content["."] - + + if ":" in content.keys(): + content["root"] = content[":"] + del content[":"] + if "root" not in content.keys(): content["root"] = False - ignore_fields = ["_id", "_admin", "name"] - content_keys = content.keys() - for role_def in content_keys: - if role_def in ignore_fields: - continue - content[role_def.replace(".", ":")] = content[role_def] - del content[role_def] - @staticmethod def format_on_edit(final_content, edit_content): """ @@ -903,12 +895,12 @@ class RoleTopicAuth(BaseTopic): # Saving the role definition for role_def, value in edit_content.items(): - final_content[role_def.replace(".", ":")] = value - + final_content[role_def] = value + if ":" in final_content.keys(): final_content["root"] = final_content[":"] del final_content[":"] - + if "root" not in final_content.keys(): final_content["root"] = False @@ -921,15 +913,8 @@ class RoleTopicAuth(BaseTopic): :param definition: role definition to be processed """ - content_keys = list(content.keys()) - content["_id"] = str(content["_id"]) - for key in content_keys: - if ":" in key: - content[key.replace(":", ".")] = content[key] - del content[key] - def show(self, session, _id): """ Get complete information on an topic @@ -957,16 +942,13 @@ class RoleTopicAuth(BaseTopic): if not filter_q: filter_q = {} - if "root" in filter_q: - filter_q[":"] = filter_q["root"] - del filter_q["root"] - - if len(filter_q) > 0: - keys = [key for key in filter_q.keys() if "." in key] + if ":" in filter_q: + filter_q["root"] = filter_q[":"] - for key in keys: - filter_q[key.replace(".", ":")] = filter_q[key] - del filter_q[key] + for key in filter_q.keys(): + if key == "name": + continue + filter_q[key] = filter_q[key] in ["True", "true"] roles = self.db.get_list(self.topic, filter_q) new_roles = [] diff --git a/osm_nbi/auth.py b/osm_nbi/auth.py index bb65738..d916189 100644 --- a/osm_nbi/auth.py +++ b/osm_nbi/auth.py @@ -162,10 +162,9 @@ class Authenticator: resources_to_operations_yaml = yaml.load(stream) for resource, operation in resources_to_operations_yaml["resources_to_operations"].items(): - operation_key = operation.replace(".", ":") - if operation_key not in operations: - operations.append(operation_key) - self.resources_to_operations_mapping[resource] = operation_key + if operation not in operations: + operations.append(operation) + self.resources_to_operations_mapping[resource] = operation records = self.db.get_list("roles_operations") @@ -194,19 +193,18 @@ class Authenticator: if not isinstance(is_allowed, bool): continue - if operation == ".": + if operation == ":": root = is_allowed continue - if len(operation) != 1 and operation[-1] == ".": - self.logger.warning("Invalid operation {0} terminated in '.'. " + if len(operation) != 1 and operation[-1] == ":": + self.logger.warning("Invalid operation {0} terminated in ':'. " "Operation will be discarded" .format(operation)) continue - operation_key = operation.replace(".", ":") - if operation_key not in role_ops.keys(): - role_ops[operation_key] = is_allowed + if operation not in role_ops.keys(): + role_ops[operation] = is_allowed else: self.logger.info("In role {0}, the operation {1} with the value {2} was discarded due to " "repetition.".format(role_with_operations["role"], operation, is_allowed)) diff --git a/osm_nbi/resources_to_operations.yml b/osm_nbi/resources_to_operations.yml index ee8d386..3a94de2 100644 --- a/osm_nbi/resources_to_operations.yml +++ b/osm_nbi/resources_to_operations.yml @@ -43,314 +43,314 @@ resources_to_operations: ##################################### NSDs ##################################### ################################################################################ - "GET /nsd/v1/ns_descriptors_content": nsds.get - "GET /nsd/v1/ns_descriptors": nsds.get + "GET /nsd/v1/ns_descriptors_content": "nsds:get" + "GET /nsd/v1/ns_descriptors": "nsds:get" - "POST /nsd/v1/ns_descriptors_content": nsds.content.post + "POST /nsd/v1/ns_descriptors_content": "nsds:content:post" - "GET /nsd/v1/ns_descriptors_content/": nsds.id.get - "GET /nsd/v1/ns_descriptors/": nsds.id.get + "GET /nsd/v1/ns_descriptors_content/": "nsds:id:get" + "GET /nsd/v1/ns_descriptors/": "nsds:id:get" - "PUT /nsd/v1/ns_descriptors_content/": nsds.id.put + "PUT /nsd/v1/ns_descriptors_content/": "nsds:id:put" - "DELETE /nsd/v1/ns_descriptors_content/": nsds.id.delete - "DELETE /nsd/v1/ns_descriptors/": nsds.id.delete + "DELETE /nsd/v1/ns_descriptors_content/": "nsds:id:delete" + "DELETE /nsd/v1/ns_descriptors/": "nsds:id:delete" - "POST /nsd/v1/ns_descriptors": nsds.post + "POST /nsd/v1/ns_descriptors": "nsds:post" - "PATCH /nsd/v1/ns_descriptors/": nsds.id.patch + "PATCH /nsd/v1/ns_descriptors/": "nsds:id:patch" - "GET /nsd/v1/ns_descriptors//nsd_content": nsds.id.content.get + "GET /nsd/v1/ns_descriptors//nsd_content": "nsds:id:content:get" - "PUT /nsd/v1/ns_descriptors//nsd_content": nsds.id.content.put + "PUT /nsd/v1/ns_descriptors//nsd_content": "nsds:id:content:put" - "GET /nsd/v1/ns_descriptors//nsd": nsds.id.nsd.get + "GET /nsd/v1/ns_descriptors//nsd": "nsds:id:nsd:get" - "GET /nsd/v1/ns_descriptors//artifacts": nsds.id.nsd_artifact.get - "GET /nsd/v1/ns_descriptors//artifacts/": nsds.id.nsd_artifact.get + "GET /nsd/v1/ns_descriptors//artifacts": "nsds:id:nsd_artifact:get" + "GET /nsd/v1/ns_descriptors//artifacts/": "nsds:id:nsd_artifact:get" ################################################################################ ##################################### VNFDs #################################### ################################################################################ - "GET /vnfpkgm/v1/vnf_packages_content": vnfds.get - "GET /vnfpkgm/v1/vnf_packages": vnfds.get + "GET /vnfpkgm/v1/vnf_packages_content": "vnfds:get" + "GET /vnfpkgm/v1/vnf_packages": "vnfds:get" - "POST /vnfpkgm/v1/vnf_packages_content": vnfds.content.post + "POST /vnfpkgm/v1/vnf_packages_content": "vnfds:content:post" - "GET /vnfpkgm/v1/vnf_packages_content/": vnfds.id.get - "GET /vnfpkgm/v1/vnf_packages/": vnfds.id.get + "GET /vnfpkgm/v1/vnf_packages_content/": "vnfds:id:get" + "GET /vnfpkgm/v1/vnf_packages/": "vnfds:id:get" - "PUT /vnfpkgm/v1/vnf_packages_content/": vnfds.id.put + "PUT /vnfpkgm/v1/vnf_packages_content/": "vnfds:id:put" - "DELETE /vnfpkgm/v1/vnf_packages_content/": vnfds.id.delete - "DELETE /vnfpkgm/v1/vnf_packages/": vnfds.id.delete + "DELETE /vnfpkgm/v1/vnf_packages_content/": "vnfds:id:delete" + "DELETE /vnfpkgm/v1/vnf_packages/": "vnfds:id:delete" - "POST /vnfpkgm/v1/vnf_packages": vnfds.post + "POST /vnfpkgm/v1/vnf_packages": "vnfds:post" - "PATCH /vnfpkgm/v1/vnf_packages/": vnfds.id.patch + "PATCH /vnfpkgm/v1/vnf_packages/": "vnfds:id:patch" - "GET /vnfpkgm/v1/vnf_packages//package_content": vnfds.id.content.get + "GET /vnfpkgm/v1/vnf_packages//package_content": "vnfds:id:content:get" - "PUT /vnfpkgm/v1/vnf_packages//package_content": vnfds.id.content.put + "PUT /vnfpkgm/v1/vnf_packages//package_content": "vnfds:id:content:put" - "POST /vnfpkgm/v1/vnf_packages//package_content/upload_from_uri": vnfds.id.upload.post + "POST /vnfpkgm/v1/vnf_packages//package_content/upload_from_uri": "vnfds:id:upload:post" - "GET /vnfpkgm/v1/vnf_packages//vnfd": vnfds.id.vnfd.get + "GET /vnfpkgm/v1/vnf_packages//vnfd": "vnfds:id:vnfd:get" - "GET /vnfpkgm/v1/vnf_packages//artifacts": vnfds.id.vnfd_artifact.get - "GET /vnfpkgm/v1/vnf_packages//artifacts/": vnfds.id.vnfd_artifact.get + "GET /vnfpkgm/v1/vnf_packages//artifacts": "vnfds:id:vnfd_artifact:get" + "GET /vnfpkgm/v1/vnf_packages//artifacts/": "vnfds:id:vnfd_artifact:get" ################################################################################ ################################## NS Instances ################################ ################################################################################ - "GET /nslcm/v1/ns_instances_content": ns_instances.get - "GET /nslcm/v1/ns_instances": ns_instances.get + "GET /nslcm/v1/ns_instances_content": "ns_instances:get" + "GET /nslcm/v1/ns_instances": "ns_instances:get" - "POST /nslcm/v1/ns_instances_content": ns_instances.content.post + "POST /nslcm/v1/ns_instances_content": "ns_instances:content:post" - "GET /nslcm/v1/ns_instances_content/": ns_instances.id.get - "GET /nslcm/v1/ns_instances/": ns_instances.id.get + "GET /nslcm/v1/ns_instances_content/": "ns_instances:id:get" + "GET /nslcm/v1/ns_instances/": "ns_instances:id:get" - "DELETE /nslcm/v1/ns_instances_content/": ns_instances.id.delete - "DELETE /nslcm/v1/ns_instances/": ns_instances.id.delete + "DELETE /nslcm/v1/ns_instances_content/": "ns_instances:id:delete" + "DELETE /nslcm/v1/ns_instances/": "ns_instances:id:delete" - "POST /nslcm/v1/ns_instances": ns_instances.post + "POST /nslcm/v1/ns_instances": "ns_instances:post" - "POST /nslcm/v1/ns_instances//instantiate": ns_instances.id.instantiate.post + "POST /nslcm/v1/ns_instances//instantiate": "ns_instances:id:instantiate:post" - "POST /nslcm/v1/ns_instances//terminate": ns_instances.id.terminate.post + "POST /nslcm/v1/ns_instances//terminate": "ns_instances:id:terminate:post" - "POST /nslcm/v1/ns_instances//action": ns_instances.id.action.post + "POST /nslcm/v1/ns_instances//action": "ns_instances:id:action:post" - "POST /nslcm/v1/ns_instances//scale": ns_instances.id.scale.post + "POST /nslcm/v1/ns_instances//scale": "ns_instances:id:scale:post" - "GET /nslcm/v1/ns_instances//ns_lcm_op_occs": ns_instances.id.opps.get + "GET /nslcm/v1/ns_instances//ns_lcm_op_occs": "ns_instances:id:opps:get" - "GET /nslcm/v1/ns_instances//ns_lcm_op_occs/": ns_instances.id.opps.id.get + "GET /nslcm/v1/ns_instances//ns_lcm_op_occs/": "ns_instances:id:opps:id:get" ################################################################################ ################################# VNF Instances ################################ ################################################################################ - "GET /nslcm/v1/vnfrs": vnf_instances.get - "GET /nslcm/v1/vnf_instances": vnf_instances.get + "GET /nslcm/v1/vnfrs": "vnf_instances:get" + "GET /nslcm/v1/vnf_instances": "vnf_instances:get" - "GET /nslcm/v1/vnfrs/": vnf_instances.id.get - "GET /nslcm/v1/vnf_instances/": vnf_instances.id.get + "GET /nslcm/v1/vnfrs/": "vnf_instances:id:get" + "GET /nslcm/v1/vnf_instances/": "vnf_instances:id:get" ################################################################################ #################################### Tokens #################################### ################################################################################ - "GET /admin/v1/tokens": tokens.get + "GET /admin/v1/tokens": "tokens:get" - "POST /admin/v1/tokens": tokens.post + "POST /admin/v1/tokens": "tokens:post" - "DELETE /admin/v1/tokens": tokens.delete + "DELETE /admin/v1/tokens": "tokens:delete" - "GET /admin/v1/tokens/": tokens.id.get + "GET /admin/v1/tokens/": "tokens:id:get" - "DELETE /admin/v1/tokens/": tokens.id.delete + "DELETE /admin/v1/tokens/": "tokens:id:delete" ################################################################################ ##################################### Users #################################### ################################################################################ - "GET /admin/v1/users": users.get + "GET /admin/v1/users": "users:get" - "POST /admin/v1/users": users.post + "POST /admin/v1/users": "users:post" - "GET /admin/v1/users/": users.id.get + "GET /admin/v1/users/": "users:id:get" - "POST /admin/v1/users/": users.id.post + "POST /admin/v1/users/": "users:id:post" - "PUT /admin/v1/users/": users.id.put + "PUT /admin/v1/users/": "users:id:put" - "DELETE /admin/v1/users/": users.id.delete + "DELETE /admin/v1/users/": "users:id:delete" - "PATCH /admin/v1/users/": users.id.patch + "PATCH /admin/v1/users/": "users:id:patch" ################################################################################ #################################### Projects ################################## ################################################################################ - "GET /admin/v1/projects": projects.get + "GET /admin/v1/projects": "projects:get" - "POST /admin/v1/projects": projects.post + "POST /admin/v1/projects": "projects:post" - "GET /admin/v1/projects/": projects.id.get + "GET /admin/v1/projects/": "projects:id:get" - "DELETE /admin/v1/projects/": projects.id.delete + "DELETE /admin/v1/projects/": "projects:id:delete" ################################################################################ ##################################### VIMs ##################################### ################################################################################ - "GET /admin/v1/vims": vims.get + "GET /admin/v1/vims": "vims:get" - "POST /admin/v1/vims": vims.post + "POST /admin/v1/vims": "vims:post" - "GET /admin/v1/vims/": vims.id.get + "GET /admin/v1/vims/": "vims:id:get" - "PUT /admin/v1/vims/": vims.id.put + "PUT /admin/v1/vims/": "vims:id:put" - "DELETE /admin/v1/vims/": vims.id.delete + "DELETE /admin/v1/vims/": "vims:id:delete" - "PATCH /admin/v1/vims/": vims.id.patch + "PATCH /admin/v1/vims/": "vims:id:patch" ################################################################################ ################################## VIM Accounts ################################ ################################################################################ - "GET /admin/v1/vim_accounts": vim_accounts.get + "GET /admin/v1/vim_accounts": "vim_accounts:get" - "POST /admin/v1/vim_accounts": vim_accounts.post + "POST /admin/v1/vim_accounts": "vim_accounts:post" - "GET /admin/v1/vim_accounts/": vim_accounts.id.get + "GET /admin/v1/vim_accounts/": "vim_accounts:id:get" - "PUT /admin/v1/vim_accounts/": vim_accounts.id.put + "PUT /admin/v1/vim_accounts/": "vim_accounts:id:put" - "DELETE /admin/v1/vim_accounts/": vim_accounts.id.delete + "DELETE /admin/v1/vim_accounts/": "vim_accounts:id:delete" - "PATCH /admin/v1/vim_accounts/": vim_accounts.id.patch + "PATCH /admin/v1/vim_accounts/": "vim_accounts:id:patch" ################################################################################ ################################# SDN Controllers ############################## ################################################################################ - "GET /admin/v1/sdns": sdn_controllers.get + "GET /admin/v1/sdns": "sdn_controllers:get" - "POST /admin/v1/sdns": sdn_controllers.post + "POST /admin/v1/sdns": "sdn_controllers:post" - "GET /admin/v1/sdns/": sdn_controllers.id.get + "GET /admin/v1/sdns/": "sdn_controllers:id:get" - "PUT /admin/v1/sdns/": sdn_controllers.id.put + "PUT /admin/v1/sdns/": "sdn_controllers:id:put" - "DELETE /admin/v1/sdns/": sdn_controllers.id.delete + "DELETE /admin/v1/sdns/": "sdn_controllers:id:delete" - "PATCH /admin/v1/sdns/": sdn_controllers.id.patch + "PATCH /admin/v1/sdns/": "sdn_controllers:id:patch" ################################################################################ ##################################### WIMs ##################################### ################################################################################ - "GET /admin/v1/wims": wims.get + "GET /admin/v1/wims": "wims:get" - "POST /admin/v1/wims": wims.post + "POST /admin/v1/wims": "wims:post" - "GET /admin/v1/wims/": wims.id.get + "GET /admin/v1/wims/": "wims:id:get" - "PUT /admin/v1/wims/": wims.id.put + "PUT /admin/v1/wims/": "wims:id:put" - "DELETE /admin/v1/wims/": wims.id.delete + "DELETE /admin/v1/wims/": "wims:id:delete" - "PATCH /admin/v1/wims/": wims.id.patch + "PATCH /admin/v1/wims/": "wims:id:patch" ################################################################################ ################################## WIM Accounts ################################ ################################################################################ - "GET /admin/v1/wim_accounts": wim_accounts.get + "GET /admin/v1/wim_accounts": "wim_accounts:get" - "POST /admin/v1/wim_accounts": wim_accounts.post + "POST /admin/v1/wim_accounts": "wim_accounts:post" - "GET /admin/v1/wim_accounts/": wim_accounts.id.get + "GET /admin/v1/wim_accounts/": "wim_accounts:id:get" - "PUT /admin/v1/wim_accounts/": wim_accounts.id.put + "PUT /admin/v1/wim_accounts/": "wim_accounts:id:put" - "DELETE /admin/v1/wim_accounts/": wim_accounts.id.delete + "DELETE /admin/v1/wim_accounts/": "wim_accounts:id:delete" - "PATCH /admin/v1/wim_accounts/": wim_accounts.id.patch + "PATCH /admin/v1/wim_accounts/": "wim_accounts:id:patch" ################################################################################ ##################################### Roles #################################### ################################################################################ - "GET /admin/v1/roles": roles.get + "GET /admin/v1/roles": "roles:get" - "POST /admin/v1/roles": roles.post + "POST /admin/v1/roles": "roles:post" - "GET /admin/v1/roles/": roles.id.get + "GET /admin/v1/roles/": "roles:id:get" - "DELETE /admin/v1/roles/": roles.id.delete + "DELETE /admin/v1/roles/": "roles:id:delete" ################################################################################ ##################################### PDUDs #################################### ################################################################################ - "GET /pdu/v1/pdu_descriptors": pduds.get + "GET /pdu/v1/pdu_descriptors": "pduds:get" - "POST /pdu/v1/pdu_descriptors": pduds.post + "POST /pdu/v1/pdu_descriptors": "pduds:post" - "PUT /pdu/v1/pdu_descriptors": pduds.put + "PUT /pdu/v1/pdu_descriptors": "pduds:put" - "DELETE /pdu/v1/pdu_descriptors": pduds.delete + "DELETE /pdu/v1/pdu_descriptors": "pduds:delete" - "PATCH /pdu/v1/pdu_descriptors": pduds.patch + "PATCH /pdu/v1/pdu_descriptors": "pduds:patch" - "GET /pdu/v1/pdu_descriptors/": pduds.id.get + "GET /pdu/v1/pdu_descriptors/": "pduds:id:get" - "POST /pdu/v1/pdu_descriptors/": pduds.id.post + "POST /pdu/v1/pdu_descriptors/": "pduds:id:post" - "PUT /pdu/v1/pdu_descriptors/": pduds.id.put + "PUT /pdu/v1/pdu_descriptors/": "pduds:id:put" - "DELETE /pdu/v1/pdu_descriptors/": pduds.id.delete + "DELETE /pdu/v1/pdu_descriptors/": "pduds:id:delete" - "PATCH /pdu/v1/pdu_descriptors/": pduds.id.patch + "PATCH /pdu/v1/pdu_descriptors/": "pduds:id:patch" ################################################################################ ############################ Network Slice Templates ########################### ################################################################################ - "GET /nst/v1/netslice_templates_content": slice_templates.get - "GET /nst/v1/netslice_templates": slice_templates.get + "GET /nst/v1/netslice_templates_content": "slice_templates:get" + "GET /nst/v1/netslice_templates": "slice_templates:get" - "POST /nst/v1/netslice_templates_content": slice_templates.content.post + "POST /nst/v1/netslice_templates_content": "slice_templates:content:post" - "GET /nst/v1/netslice_templates_content/": slice_templates.id.get - "GET /nst/v1/netslice_templates/": slice_templates.id.get + "GET /nst/v1/netslice_templates_content/": "slice_templates:id:get" + "GET /nst/v1/netslice_templates/": "slice_templates:id:get" - "PUT /nst/v1/netslice_templates_content/": slice_templates.id.put + "PUT /nst/v1/netslice_templates_content/": "slice_templates:id:put" - "DELETE /nst/v1/netslice_templates_content/": slice_templates.id.delete - "DELETE /nst/v1/netslice_templates/": slice_templates.id.delete + "DELETE /nst/v1/netslice_templates_content/": "slice_templates:id:delete" + "DELETE /nst/v1/netslice_templates/": "slice_templates:id:delete" - "PATCH /nst/v1/netslice_templates/": slice_templates.id.patch + "PATCH /nst/v1/netslice_templates/": "slice_templates:id:patch" - "GET /nst/v1/netslice_templates//nst_content": slice_templates.content.get + "GET /nst/v1/netslice_templates//nst_content": "slice_templates:content:get" - "PUT /nst/v1/netslice_templates//nst_content": slice_templates.content.put + "PUT /nst/v1/netslice_templates//nst_content": "slice_templates:content:put" - "GET /nst/v1/netslice_templates//nst": slice_templates.id.nst.get + "GET /nst/v1/netslice_templates//nst": "slice_templates:id:nst:get" - "GET /nst/v1/netslice_templates//artifacts": slice_templates.id.nst_artifact.get - "GET /nst/v1/netslice_templates//artifacts/": slice_templates.id.nst_artifact.get + "GET /nst/v1/netslice_templates//artifacts": "slice_templates:id:nst_artifact:get" + "GET /nst/v1/netslice_templates//artifacts/": "slice_templates:id:nst_artifact:get" ################################################################################ ############################ Network Slice Instances ########################### ################################################################################ - "GET /nsilcm/v1/netslice_instances_content": slice_instances.get - "GET /nsilcm/v1/netslice_instances": slice_instances.get + "GET /nsilcm/v1/netslice_instances_content": "slice_instances:get" + "GET /nsilcm/v1/netslice_instances": "slice_instances:get" - "POST /nsilcm/v1/netslice_instances_content": slice_instances.content.get + "POST /nsilcm/v1/netslice_instances_content": "slice_instances:content:get" - "GET /nsilcm/v1/netslice_instances_content/": slice_instances.id.get - "GET /nsilcm/v1/netslice_instances/": slice_instances.id.get + "GET /nsilcm/v1/netslice_instances_content/": "slice_instances:id:get" + "GET /nsilcm/v1/netslice_instances/": "slice_instances:id:get" - "DELETE /nsilcm/v1/netslice_instances_content/": slice_instances.id.delete - "DELETE /nsilcm/v1/netslice_instances/": slice_instances.id.delete + "DELETE /nsilcm/v1/netslice_instances_content/": "slice_instances:id:delete" + "DELETE /nsilcm/v1/netslice_instances/": "slice_instances:id:delete" - "POST /nsilcm/v1/netslice_instances": slice_instances.post + "POST /nsilcm/v1/netslice_instances": "slice_instances:post" - "POST /nsilcm/v1/netslice_instances//instantiate": slice_instances.id.instantiate.post + "POST /nsilcm/v1/netslice_instances//instantiate": "slice_instances:id:instantiate:post" - "POST /nsilcm/v1/netslice_instances//terminate": slice_instances.id.terminate.post + "POST /nsilcm/v1/netslice_instances//terminate": "slice_instances:id:terminate:post" - "POST /nsilcm/v1/netslice_instances//action": slice_instances.id.action.post + "POST /nsilcm/v1/netslice_instances//action": "slice_instances:id:action:post" - "GET /nsilcm/v1/netslice_instances//nsi_lcm_op_occs": slice_instances.id.opps.get + "GET /nsilcm/v1/netslice_instances//nsi_lcm_op_occs": "slice_instances:id:opps:get" - "GET /nsilcm/v1/netslice_instances//nsi_lcm_op_occs/": slice_instances.id.opps.id.get + "GET /nsilcm/v1/netslice_instances//nsi_lcm_op_occs/": "slice_instances:id:opps:id:get" diff --git a/osm_nbi/roles_to_operations.yml b/osm_nbi/roles_to_operations.yml index 73d1a64..bfac28f 100644 --- a/osm_nbi/roles_to_operations.yml +++ b/osm_nbi/roles_to_operations.yml @@ -75,11 +75,11 @@ roles_to_operations: - role: "system_admin" operations: - ".": true + ":": true - role: "account_manager" operations: - ".": false + ":": false "tokens": true "users": true "projects": true @@ -87,11 +87,11 @@ roles_to_operations: - role: "project_admin" operations: - ".": true + ":": true # Users - "users.post": false - "users.id.post": false - "users.id.delete": false + "users:post": false + "users:id:post": false + "users:id:delete": false # Projects "projects": false # Roles @@ -99,39 +99,39 @@ roles_to_operations: - role: "project_user" operations: - ".": true + ":": true # NS Instances "ns_instances": false - "ns_instances.get": true + "ns_instances:get": true # VNF Instances "vnf_instances": false # Users "users": false - "users.id.get": true - "users.id.put": true - "users.id.patch": true + "users:id:get": true + "users:id:put": true + "users:id:patch": true # Projects "projects": false # VIMs "vims": false - "vims.get": true - "vims.id.get": true + "vims:get": true + "vims:id:get": true # VIM Accounts "vim_accounts": false - "vim_accounts.get": true - "vim_accounts.id.get": true + "vim_accounts:get": true + "vim_accounts:id:get": true # SDN Controllers "sdn_controllers": false - "sdn_controllers.get": true - "sdn_controllers.id.get": true + "sdn_controllers:get": true + "sdn_controllers:id:get": true # WIMs "wims": false - "wims.get": true - "wims.id.get": true + "wims:get": true + "wims:id:get": true # WIM Accounts "wim_accounts": false - "wim_accounts.get": true - "wim_accounts.id.get": true + "wim_accounts:get": true + "wim_accounts:id:get": true - role: "anonymous" operations: -- 2.25.1