diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 18:24:20 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 18:24:20 +0000 |
commit | 483eb2f56657e8e7f419ab1a4fab8dce9ade8609 (patch) | |
tree | e5d88d25d870d5dedacb6bbdbe2a966086a0a5cf /src/pybind/mgr/dashboard/security.py | |
parent | Initial commit. (diff) | |
download | ceph-483eb2f56657e8e7f419ab1a4fab8dce9ade8609.tar.xz ceph-483eb2f56657e8e7f419ab1a4fab8dce9ade8609.zip |
Adding upstream version 14.2.21.upstream/14.2.21upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/pybind/mgr/dashboard/security.py')
-rw-r--r-- | src/pybind/mgr/dashboard/security.py | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/src/pybind/mgr/dashboard/security.py b/src/pybind/mgr/dashboard/security.py new file mode 100644 index 00000000..cbeda6da --- /dev/null +++ b/src/pybind/mgr/dashboard/security.py @@ -0,0 +1,61 @@ +# -*- coding: utf-8 -*- +from __future__ import absolute_import + +import inspect + + +class Scope(object): + """ + List of Dashboard Security Scopes. + If you need another security scope, please add it here. + """ + + HOSTS = "hosts" + CONFIG_OPT = "config-opt" + POOL = "pool" + OSD = "osd" + MONITOR = "monitor" + RBD_IMAGE = "rbd-image" + ISCSI = "iscsi" + RBD_MIRRORING = "rbd-mirroring" + RGW = "rgw" + CEPHFS = "cephfs" + MANAGER = "manager" + LOG = "log" + GRAFANA = "grafana" + PROMETHEUS = "prometheus" + USER = "user" + DASHBOARD_SETTINGS = "dashboard-settings" + NFS_GANESHA = "nfs-ganesha" + + @classmethod + def all_scopes(cls): + return [val for scope, val in + inspect.getmembers(cls, + lambda memb: not inspect.isroutine(memb)) + if not scope.startswith('_')] + + @classmethod + def valid_scope(cls, scope_name): + return scope_name in cls.all_scopes() + + +class Permission(object): + """ + Scope permissions types + """ + READ = "read" + CREATE = "create" + UPDATE = "update" + DELETE = "delete" + + @classmethod + def all_permissions(cls): + return [val for perm, val in + inspect.getmembers(cls, + lambda memb: not inspect.isroutine(memb)) + if not perm.startswith('_')] + + @classmethod + def valid_permission(cls, perm_name): + return perm_name in cls.all_permissions() |