X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FNBI.git;a=blobdiff_plain;f=osm_nbi%2Fadmin_topics.py;h=6e9f078ccdbf8d0f10f291392c435afb672ba212;hp=6342ba2bf4a9dc7d7de8cdcf4222debb02525ae2;hb=97639b4032606caf5909e20dc6da20a9b18a137d;hpb=6b02b05e51fb2837731027ae063ecbdb2c71135d diff --git a/osm_nbi/admin_topics.py b/osm_nbi/admin_topics.py index 6342ba2..6e9f078 100644 --- a/osm_nbi/admin_topics.py +++ b/osm_nbi/admin_topics.py @@ -325,14 +325,14 @@ class CommonVimWimSdn(BaseTopic): # do not remove reference, but order via kafka to delete it if session["project_id"] and session["project_id"]: other_projects_referencing = next((p for p in db_content["_admin"]["projects_read"] - if p not in session["project_id"]), None) + if p not in session["project_id"] and p != "ANY"), None) # check if there are projects referencing it (apart from ANY, that means, public).... if other_projects_referencing: # remove references but not delete - update_dict_pull = {"_admin.projects_read.{}".format(p): None for p in session["project_id"]} - update_dict_pull.update({"_admin.projects_write.{}".format(p): None for p in session["project_id"]}) - self.db.set_one(self.topic, filter_q, update_dict=None, pull=update_dict_pull) + update_dict_pull = {"_admin.projects_read": session["project_id"], + "_admin.projects_write": session["project_id"]} + self.db.set_one(self.topic, filter_q, update_dict=None, pull_list=update_dict_pull) return None else: can_write = next((p for p in db_content["_admin"]["projects_write"] if p == "ANY" or @@ -420,8 +420,8 @@ class SdnTopic(CommonVimWimSdn): input = super()._validate_input_new(input, force) return self._obtain_url(input, True) - def _validate_input_edit(self, input, force=False): - input = super()._validate_input_edit(input, force) + def _validate_input_edit(self, input, content, force=False): + input = super()._validate_input_edit(input, content, force) return self._obtain_url(input, False) @@ -715,10 +715,9 @@ class UserTopicAuth(UserTopic): if kwargs: BaseTopic._update_input_with_kwargs(indata, kwargs) try: - indata = self._validate_input_edit(indata, force=session["force"]) - if not content: content = self.show(session, _id) + indata = self._validate_input_edit(indata, content, force=session["force"]) self.check_conflict_on_edit(session, content, indata, _id=_id) # self.format_on_edit(content, indata) @@ -1035,10 +1034,9 @@ class ProjectTopicAuth(ProjectTopic): if kwargs: BaseTopic._update_input_with_kwargs(indata, kwargs) try: - indata = self._validate_input_edit(indata, force=session["force"]) - if not content: content = self.show(session, _id) + indata = self._validate_input_edit(indata, content, force=session["force"]) self.check_conflict_on_edit(session, content, indata, _id=_id) self.format_on_edit(content, indata) @@ -1080,9 +1078,9 @@ class RoleTopicAuth(BaseTopic): if role_def[-1] == ":": raise ValidationError("Operation cannot end with ':'") - role_def_matches = [op for op in operations if op.startswith(role_def)] + match = next((op for op in operations if op == role_def or op.startswith(role_def + ":")), None) - if len(role_def_matches) == 0: + if not match: raise ValidationError("Invalid permission '{}'".format(role_def)) def _validate_input_new(self, input, force=False): @@ -1099,7 +1097,7 @@ class RoleTopicAuth(BaseTopic): return input - def _validate_input_edit(self, input, force=False): + def _validate_input_edit(self, input, content, force=False): """ Validates input user content for updating an entry. @@ -1335,9 +1333,9 @@ class RoleTopicAuth(BaseTopic): if kwargs: self._update_input_with_kwargs(indata, kwargs) try: - indata = self._validate_input_edit(indata, force=session["force"]) if not content: content = self.show(session, _id) + indata = self._validate_input_edit(indata, content, force=session["force"]) deep_update_rfc7396(content, indata) self.check_conflict_on_edit(session, content, indata, _id=_id) self.format_on_edit(content, indata)