summaryrefslogtreecommitdiffstats
path: root/src/pybind/mgr/dashboard/security.py
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 18:24:20 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 18:24:20 +0000
commit483eb2f56657e8e7f419ab1a4fab8dce9ade8609 (patch)
treee5d88d25d870d5dedacb6bbdbe2a966086a0a5cf /src/pybind/mgr/dashboard/security.py
parentInitial commit. (diff)
downloadceph-483eb2f56657e8e7f419ab1a4fab8dce9ade8609.tar.xz
ceph-483eb2f56657e8e7f419ab1a4fab8dce9ade8609.zip
Adding upstream version 14.2.21.upstream/14.2.21upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/pybind/mgr/dashboard/security.py')
-rw-r--r--src/pybind/mgr/dashboard/security.py61
1 files changed, 61 insertions, 0 deletions
diff --git a/src/pybind/mgr/dashboard/security.py b/src/pybind/mgr/dashboard/security.py
new file mode 100644
index 00000000..cbeda6da
--- /dev/null
+++ b/src/pybind/mgr/dashboard/security.py
@@ -0,0 +1,61 @@
+# -*- coding: utf-8 -*-
+from __future__ import absolute_import
+
+import inspect
+
+
+class Scope(object):
+ """
+ List of Dashboard Security Scopes.
+ If you need another security scope, please add it here.
+ """
+
+ HOSTS = "hosts"
+ CONFIG_OPT = "config-opt"
+ POOL = "pool"
+ OSD = "osd"
+ MONITOR = "monitor"
+ RBD_IMAGE = "rbd-image"
+ ISCSI = "iscsi"
+ RBD_MIRRORING = "rbd-mirroring"
+ RGW = "rgw"
+ CEPHFS = "cephfs"
+ MANAGER = "manager"
+ LOG = "log"
+ GRAFANA = "grafana"
+ PROMETHEUS = "prometheus"
+ USER = "user"
+ DASHBOARD_SETTINGS = "dashboard-settings"
+ NFS_GANESHA = "nfs-ganesha"
+
+ @classmethod
+ def all_scopes(cls):
+ return [val for scope, val in
+ inspect.getmembers(cls,
+ lambda memb: not inspect.isroutine(memb))
+ if not scope.startswith('_')]
+
+ @classmethod
+ def valid_scope(cls, scope_name):
+ return scope_name in cls.all_scopes()
+
+
+class Permission(object):
+ """
+ Scope permissions types
+ """
+ READ = "read"
+ CREATE = "create"
+ UPDATE = "update"
+ DELETE = "delete"
+
+ @classmethod
+ def all_permissions(cls):
+ return [val for perm, val in
+ inspect.getmembers(cls,
+ lambda memb: not inspect.isroutine(memb))
+ if not perm.startswith('_')]
+
+ @classmethod
+ def valid_permission(cls, perm_name):
+ return perm_name in cls.all_permissions()