ceph/src/pybind/mgr/dashboard/security.py

   1 # -*- coding: utf-8 -*-
   2 from __future__ import absolute_import
   3
   4 import inspect
   5
   6
   7 class Scope(object):
   8     """
   9     List of Dashboard Security Scopes.
  10     If you need another security scope, please add it here.
  11     """
  12
  13     HOSTS = "hosts"
  14     CONFIG_OPT = "config-opt"
  15     POOL = "pool"
  16     OSD = "osd"
  17     MONITOR = "monitor"
  18     RBD_IMAGE = "rbd-image"
  19     ISCSI = "iscsi"
  20     RBD_MIRRORING = "rbd-mirroring"
  21     RGW = "rgw"
  22     CEPHFS = "cephfs"
  23     MANAGER = "manager"
  24     LOG = "log"
  25     GRAFANA = "grafana"
  26     PROMETHEUS = "prometheus"
  27     USER = "user"
  28     DASHBOARD_SETTINGS = "dashboard-settings"
  29     NFS_GANESHA = "nfs-ganesha"
  30
  31     @classmethod
  32     def all_scopes(cls):
  33         return [val for scope, val in
  34                 inspect.getmembers(cls,
  35                                    lambda memb: not inspect.isroutine(memb))
  36                 if not scope.startswith('_')]
  37
  38     @classmethod
  39     def valid_scope(cls, scope_name):
  40         return scope_name in cls.all_scopes()
  41
  42
  43 class Permission(object):
  44     """
  45     Scope permissions types
  46     """
  47     READ = "read"
  48     CREATE = "create"
  49     UPDATE = "update"
  50     DELETE = "delete"
  51
  52     @classmethod
  53     def all_permissions(cls):
  54         return [val for perm, val in
  55                 inspect.getmembers(cls,
  56                                    lambda memb: not inspect.isroutine(memb))
  57                 if not perm.startswith('_')]
  58
  59     @classmethod
  60     def valid_permission(cls, perm_name):
  61         return perm_name in cls.all_permissions()