work.
On 08/14/14 04:38 PM, Pendergrass, Eric wrote:
Sure, Doug. We want the ability to selectively apply policies to
certain Ceilometer API methods based on user/tenant roles.
For example, we want to restrict the ability to execute Alarm deletes
to admins and user/tenants who have
To anyone who's interested, we're working on a proposal and implementation
of a fine-grained v3 compatible RBAC scheme for the API.
The WIP spec change is here:
https://review.openstack.org/#/c/112137/
I realize this will need to move from Juno to Kilo because it won't make
Juno.
And the code
`, we'd probably need to add a feature to pecan.
On 08/12/14 06:38 PM, Pendergrass, Eric wrote:
Sure, here's the decorated method from v2.py:
class MetersController(rest.RestController):
Works on meters.
@pecan.expose()
def _lookup(self, meter_name
Hi, I'm trying to use the built in secure decorator in Pecan for access
control, and I'ld like to get the name of the method that is wrapped from
within the decorator.
For instance, if I'm wrapping MetersController.get_all with an @secure
decorator, is there a way for the decorator code to
import state
state.controller
On 08/12/14 04:08 PM, Pendergrass, Eric wrote:
Hi, I'm trying to use the built in secure decorator in Pecan for access
control, and I'ld like to get the name of the method that is wrapped from
within the decorator.
For instance, if I'm wrapping
by, is there a way for the
decorator code to know it was called by MetersController.get_all
On 08/12/14 04:46 PM, Pendergrass, Eric wrote:
Thanks Ryan, but for some reason the controller attribute is None:
(Pdb) from pecan.core import state
(Pdb) state.__dict__
{'hooks
Hi,
We have been struggling to get a decorator working for proposed new RBAC
functionality in ceilometer-api. We're hitting a problem where GET request
query parameters are mucked up by our decorator. Here's an example call:
curl -H X-Auth-Token:$TOKEN
Sorry, wrong BP review link below. Here is the correct one:
https://review.openstack.org/#/c/112127/3. Please disregard the wiki link.
From: Pendergrass, Eric
Sent: Friday, August 08, 2014 6:50 AM
To: openstack-dev@lists.openstack.org
Cc: Giannetti, Fabio
Subject: [Ceilometer] Question
Wrong link again, this is embarrassing :(
https://review.openstack.org/#/c/112137/3
From: Pendergrass, Eric
Sent: Friday, August 08, 2014 7:15 AM
To: openstack-dev@lists.openstack.org
Subject: RE: [Ceilometer] Question on decorators in Ceilometer pecan framework
Sorry, wrong BP review link
In an effort to test ceilometer roles I removed the admin role from the
admin tenant and user. Now I can't add it back since I don't have a
user/tenant combo with the admin role:
keystone user-role-add --role e4252b63c308470b8cb7f77c37d27632 --user
8c678720fb5b4e3bb18dee222d7d7933 --tenant
Hi, I've read much of the documentation around Openstack tests, tox, and
testr. All I've found indicates debugging can be done, but only by running
the entire test suite.
I'd like the ability to run a single test module with pdb.set_trace()
breakpoints inserted, then step through the test.
Hi, I pulled devstack yesterday and have been trying to get any test to run
successfully.
My process is this:
Install tox =1.6,1.7
Install libmysqlclient-dev
Install mongodb-server
Source .tox/py27/bin/activate
Install test-requuirements packages in venv
Install pytidylib 0.2.1 from
I need to add an additional layer of authorization between auth_token and
the reporting API.
I know it's as simple as creating a WSGI element and adding it to the
pipeline. Examining the code I haven't figured out where to begin doing
this.
I'm not using Apache and mod_wsgi, just the
Hi, I've been out for nearly 3 weeks and noticed Compute meter names are now
prefaced by instance:
http://docs.openstack.org/developer/ceilometer/measurements.html
Not sure when this happened but I was wondering if the change applies across
all OpenStack. Will Nova use the change for
I'm implementing a role based access control system where I'll use a list of
projects to determine which projects a user can query. This project list
will come from an upstream filter based on roles associated with the user's
auth token.
In the current v2/meters/meter_id (Sample) code, the
Does anyone know how to disable keystone authorization in ceilometer-api?
Is there a ceilometer.conf option for this?
Thank you
smime.p7s
Description: S/MIME cryptographic signature
___
OpenStack-dev mailing list
OpenStack-dev@lists.openstack.org
Our group would like to have resource_metadata available on the Meter object
(currently it's not there). The reason is so we may supply additional
customized attributes associated with a Meter. Examples include other
timestamp values, a project owner, and processing status.
Currently, to get
17 matches
Mail list logo