diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-21 11:54:28 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-21 11:54:28 +0000 |
commit | e6918187568dbd01842d8d1d2c808ce16a894239 (patch) | |
tree | 64f88b554b444a49f656b6c656111a145cbbaa28 /src/pybind/mgr/dashboard/security.py | |
parent | Initial commit. (diff) | |
download | ceph-e6918187568dbd01842d8d1d2c808ce16a894239.tar.xz ceph-e6918187568dbd01842d8d1d2c808ce16a894239.zip |
Adding upstream version 18.2.2.upstream/18.2.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/pybind/mgr/dashboard/security.py')
-rw-r--r-- | src/pybind/mgr/dashboard/security.py | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/src/pybind/mgr/dashboard/security.py b/src/pybind/mgr/dashboard/security.py new file mode 100644 index 000000000..4c6e5c564 --- /dev/null +++ b/src/pybind/mgr/dashboard/security.py @@ -0,0 +1,60 @@ +# -*- coding: utf-8 -*- + +import inspect + + +class Scope(object): + """ + List of Dashboard Security Scopes. + If you need another security scope, please add it here. + """ + + HOSTS = "hosts" + CONFIG_OPT = "config-opt" + POOL = "pool" + OSD = "osd" + MONITOR = "monitor" + RBD_IMAGE = "rbd-image" + ISCSI = "iscsi" + RBD_MIRRORING = "rbd-mirroring" + RGW = "rgw" + CEPHFS = "cephfs" + MANAGER = "manager" + LOG = "log" + GRAFANA = "grafana" + PROMETHEUS = "prometheus" + USER = "user" + DASHBOARD_SETTINGS = "dashboard-settings" + NFS_GANESHA = "nfs-ganesha" + + @classmethod + def all_scopes(cls): + return [val for scope, val in + inspect.getmembers(cls, + lambda memb: not inspect.isroutine(memb)) + if not scope.startswith('_')] + + @classmethod + def valid_scope(cls, scope_name): + return scope_name in cls.all_scopes() + + +class Permission(object): + """ + Scope permissions types + """ + READ = "read" + CREATE = "create" + UPDATE = "update" + DELETE = "delete" + + @classmethod + def all_permissions(cls): + return [val for perm, val in + inspect.getmembers(cls, + lambda memb: not inspect.isroutine(memb)) + if not perm.startswith('_')] + + @classmethod + def valid_permission(cls, perm_name): + return perm_name in cls.all_permissions() |