tacker.context module

Context: context for security/db session.

class tacker.context.Context(*args, **kwargs)

Bases: ContextBaseWithSession

property api_version

property session

class tacker.context.ContextBase(user_id=None, tenant_id=None, is_admin=None, timestamp=None, tenant_name=None, user_name=None, is_advsvc=None, **kwargs)

Bases: RequestContext

Security context and request information.

Represents the user taking a given action within the system.

can(action, target=None, fatal=True)

Verifies that the given action is valid on the target in this context.

Parameters:

• action – string representing the action to be checked.

• target – dictionary representing the object of the action for object creation this should be a dictionary representing the location of the object e.g. {'project_id': context.project_id}. If None, then this default target will be considered: {‘project_id’: self.project_id, ‘user_id’: self.user_id}

• fatal – if False, will return False when an exception.Forbidden occurs.

Raises:

tacker.exception.Forbidden – if verification fails and fatal is True.

Returns:

returns a non-False value (not necessarily “True”) if authorized and False if not authorized and fatal is False.

elevated()

Return a version of this context with admin flag set.

classmethod from_dict(values)

Construct a context object from a provided dictionary.

property tenant_id

property tenant_name

to_dict()

Return a dictionary of context attributes.

to_policy_values()

A dictionary of context attributes to enforce policy with.

oslo.policy enforcement requires a dictionary of attributes representing the current logged in user on which it applies policy enforcement. This dictionary defines a standard list of attributes that should be available for enforcement across services.

It is expected that services will often have to override this method with either deprecated values or additional attributes used by that service specific policy.

class tacker.context.ContextBaseWithSession(user_id=None, tenant_id=None, is_admin=None, timestamp=None, tenant_name=None, user_name=None, is_advsvc=None, **kwargs)

Bases: ContextBase

property connection

property session

property transaction

property transaction_ctx

tacker.context.generate_tacker_service_context()

tacker.context.get_admin_context()

tacker.context.get_admin_context_without_session()

tacker.context.is_user_context(context)

Indicates if the request context is a normal user.