tacker.context module¶
Context: context for security/db session.
- class tacker.context.Context(*args, **kwargs)¶
Bases:
ContextBaseWithSession
- property api_version¶
- property session¶
- class tacker.context.ContextBase(user_id=None, tenant_id=None, is_admin=None, timestamp=None, tenant_name=None, user_name=None, is_advsvc=None, **kwargs)¶
Bases:
RequestContext
Security context and request information.
Represents the user taking a given action within the system.
- can(action, target=None, fatal=True)¶
Verifies that the given action is valid on the target in this context.
- Parameters:
action – string representing the action to be checked.
target – dictionary representing the object of the action for object creation this should be a dictionary representing the location of the object e.g.
{'project_id': context.project_id}
. If None, then this default target will be considered: {‘project_id’: self.project_id, ‘user_id’: self.user_id}fatal – if False, will return False when an exception.Forbidden occurs.
- Raises:
tacker.exception.Forbidden – if verification fails and fatal is True.
- Returns:
returns a non-False value (not necessarily “True”) if authorized and False if not authorized and fatal is False.
- elevated()¶
Return a version of this context with admin flag set.
- classmethod from_dict(values)¶
Construct a context object from a provided dictionary.
- property tenant_id¶
- property tenant_name¶
- to_dict()¶
Return a dictionary of context attributes.
- to_policy_values()¶
A dictionary of context attributes to enforce policy with.
oslo.policy enforcement requires a dictionary of attributes representing the current logged in user on which it applies policy enforcement. This dictionary defines a standard list of attributes that should be available for enforcement across services.
It is expected that services will often have to override this method with either deprecated values or additional attributes used by that service specific policy.
- class tacker.context.ContextBaseWithSession(user_id=None, tenant_id=None, is_admin=None, timestamp=None, tenant_name=None, user_name=None, is_advsvc=None, **kwargs)¶
Bases:
ContextBase
- property connection¶
- property session¶
- property transaction¶
- property transaction_ctx¶
- tacker.context.generate_tacker_service_context()¶
- tacker.context.get_admin_context()¶
- tacker.context.get_admin_context_without_session()¶
- tacker.context.is_user_context(context)¶
Indicates if the request context is a normal user.