Add Rules endpoint and own abort implementation

StackStorm · Nov 30, 2016 · b8f2ca9 · b8f2ca9
1 parent 781b379
commit b8f2ca9
Show file tree

Hide file tree

Showing 5 changed files with 194 additions and 35 deletions.
diff --git a/st2api/st2api/controllers/openapi.yaml b/st2api/st2api/controllers/openapi.yaml
@@ -628,6 +628,161 @@ paths:
           description: Unexpected error
           schema:
             $ref: '#/definitions/Error'
+  /rules:
+    get:
+      operationId: st2api.controllers.v1.rules:rule_controller.get_all
+      x-permissions: rule_list
+      description: Returns a list of all rules.
+      parameters:
+        - name: exclude_attributes
+          in: query
+          description: List of attributes to exclude
+          type: array
+          items:
+            type: string
+          required: false
+        - name: limit
+          in: query
+          description: Number of entities to get
+          type: integer
+        - name: id
+          in: query
+          description: Entity id filter
+          type: array
+          items:
+            type: string
+        - name: name
+          in: query
+          description: Entity name filter
+          type: string
+        - name: pack
+          in: query
+          description: Entity pack name filter
+          type: string
+        - name: action
+          in: query
+          description: Action ref filter
+          type: string
+        - name: trigger
+          in: query
+          description: Trigger filter
+          type: string
+        - name: enabled
+          in: query
+          description: Enabled filter
+          type: string
+      responses:
+        '200':
+          description: List of rules
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/Rule'
+          examples:
+            application/json:
+              ref: 'core.webhook'
+              # and stuff
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    post:
+      operationId: st2api.controllers.v1.rules:rule_controller.post
+      x-permissions: rule_create
+      description: |
+        Create a new rule.
+      parameters:
+        - name: rule
+          in: body
+          description: Action content
+          schema:
+            $ref: '#/definitions/Rule'
+      responses:
+        '200':
+          description: Single action being created
+          schema:
+            $ref: '#/definitions/Rule'
+          examples:
+            application/json:
+              ref: 'core.webhook'
+              # and stuff
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /rules/{ref_or_id}:
+    get:
+      operationId: st2api.controllers.v1.rules:rule_controller.get_one
+      x-permissions: rule_view
+      description: |
+        Get one rule.
+      parameters:
+        - name: ref_or_id
+          in: path
+          description: Entity reference or id
+          type: string
+          required: true
+      responses:
+        '200':
+          description: Rule requested
+          schema:
+            $ref: '#/definitions/Rule'
+          examples:
+            application/json:
+              ref: 'core.webhook'
+              # and stuff
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+  /rules/{rule_ref_or_id}:
+    put:
+      operationId: st2api.controllers.v1.rules:rule_controller.put
+      x-permissions: rule_modify
+      description: |
+        Update a rule.
+      parameters:
+        - name: rule_ref_or_id
+          in: path
+          description: Entity reference or id
+          type: string
+          required: true
+        - name: rule
+          in: body
+          description: Rule content
+          schema:
+            $ref: '#/definitions/Rule'
+      responses:
+        '200':
+          description: Action updated
+          schema:
+            $ref: '#/definitions/Rule'
+          examples:
+            application/json:
+              ref: 'core.webhook'
+              # and stuff
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
+    delete:
+      operationId: st2api.controllers.v1.rules:rule_controller.delete
+      x-permissions: rule_delete
+      description: |
+        Delete a rule.
+      parameters:
+        - name: rule_ref_or_id
+          in: path
+          description: Entity reference or id
+          type: string
+          required: true
+      responses:
+        '204':
+          description: Rule deleted
+        default:
+          description: Unexpected error
+          schema:
+            $ref: '#/definitions/Error'
 
 definitions:
   Action:

diff --git a/st2api/st2api/controllers/v1/actionexecutions.py b/st2api/st2api/controllers/v1/actionexecutions.py
@@ -40,6 +40,7 @@
 from st2common.models.api.execution import ActionExecutionAPI
 from st2common.persistence.liveaction import LiveAction
 from st2common.persistence.execution import ActionExecution
+from st2common.router import abort
 from st2common.services import action as action_service
 from st2common.services import executions as execution_service
 from st2common.services import trace as trace_service
@@ -70,11 +71,6 @@
 MONITOR_THREAD_NO_WORKERS_SLEEP_TIME = 1
 
 
-def abort(status_code=http_client.INTERNAL_SERVER_ERROR,
-          message='Unhandled exception'):
-    raise exc.status_map[status_code](message)
-
-
 class ActionExecutionsControllerMixin(BaseRestControllerMixin):
     """
     Mixin class with shared methods.

diff --git a/st2api/st2api/controllers/v1/rules.py b/st2api/st2api/controllers/v1/rules.py
@@ -15,9 +15,10 @@
 
 import six
 import jsonschema
-import pecan
-from pecan import abort
+# import pecan
+# from pecan import abort
 from mongoengine import ValidationError
+from webob import Response, exc
 
 from st2common import log as logging
 from st2common.exceptions.apivalidation import ValueValidationException
@@ -33,7 +34,9 @@
 from st2common.rbac.decorators import request_user_has_resource_api_permission
 from st2common.rbac.decorators import request_user_has_resource_db_permission
 from st2common.rbac.utils import assert_request_user_has_rule_trigger_and_action_permission
+from st2common.router import abort
 from st2common.services.triggers import cleanup_trigger_db_for_rule, increment_trigger_ref_count
+from st2common.util.jsonify import json_encode
 
 http_client = six.moves.http_client
 
@@ -67,20 +70,20 @@ class RuleController(resource.ContentPackResourceController):
 
     include_reference = True
 
-    @request_user_has_permission(permission_type=PermissionType.RULE_LIST)
-    @jsexpose()
+    # @request_user_has_permission(permission_type=PermissionType.RULE_LIST)
+    # @jsexpose()
     def get_all(self, **kwargs):
         from_model_kwargs = {'ignore_missing_trigger': True}
         return super(RuleController, self)._get_all(from_model_kwargs=from_model_kwargs, **kwargs)
 
-    @request_user_has_resource_db_permission(permission_type=PermissionType.RULE_VIEW)
-    @jsexpose(arg_types=[str])
+    # @request_user_has_resource_db_permission(permission_type=PermissionType.RULE_VIEW)
+    # @jsexpose(arg_types=[str])
     def get_one(self, ref_or_id):
         from_model_kwargs = {'ignore_missing_trigger': True}
         return super(RuleController, self)._get_one(ref_or_id, from_model_kwargs=from_model_kwargs)
 
-    @jsexpose(body_cls=RuleAPI, status_code=http_client.CREATED)
-    @request_user_has_resource_api_permission(permission_type=PermissionType.RULE_CREATE)
+    # @jsexpose(body_cls=RuleAPI, status_code=http_client.CREATED)
+    # @request_user_has_resource_api_permission(permission_type=PermissionType.RULE_CREATE)
     def post(self, rule):
         """
             Create a new rule.
@@ -92,11 +95,11 @@ def post(self, rule):
             rule_db = RuleAPI.to_model(rule)
             LOG.debug('/rules/ POST verified RuleAPI and formulated RuleDB=%s', rule_db)
 
-            # Check referenced trigger and action permissions
-            # Note: This needs to happen after "to_model" call since to_model performs some
-            # validation (trigger exists, etc.)
-            assert_request_user_has_rule_trigger_and_action_permission(request=pecan.request,
-                                                                       rule_api=rule)
+            # # Check referenced trigger and action permissions
+            # # Note: This needs to happen after "to_model" call since to_model performs some
+            # # validation (trigger exists, etc.)
+            # assert_request_user_has_rule_trigger_and_action_permission(request=pecan.request,
+            #                                                            rule_api=rule)
 
             rule_db = Rule.add_or_update(rule_db)
             # After the rule has been added modify the ref_count. This way a failure to add
@@ -121,10 +124,13 @@ def post(self, rule):
         LOG.audit('Rule created. Rule.id=%s' % (rule_db.id), extra=extra)
         rule_api = RuleAPI.from_model(rule_db)
 
-        return rule_api
+        resp = Response(body=json_encode(rule_api), status=exc.HTTPCreated.code)
+        resp.headers['Content-Type'] = 'application/json'
+
+        return resp
 
-    @request_user_has_resource_db_permission(permission_type=PermissionType.RULE_MODIFY)
-    @jsexpose(arg_types=[str], body_cls=RuleAPI)
+    # @request_user_has_resource_db_permission(permission_type=PermissionType.RULE_MODIFY)
+    # @jsexpose(arg_types=[str], body_cls=RuleAPI)
     def put(self, rule, rule_ref_or_id):
         rule_db = self._get_by_ref_or_id(rule_ref_or_id)
         LOG.debug('PUT /rules/ lookup with id=%s found object: %s', rule_ref_or_id, rule_db)
@@ -136,11 +142,11 @@ def put(self, rule, rule_ref_or_id):
             old_rule_db = rule_db
             rule_db = RuleAPI.to_model(rule)
 
-            # Check referenced trigger and action permissions
-            # Note: This needs to happen after "to_model" call since to_model performs some
-            # validation (trigger exists, etc.)
-            assert_request_user_has_rule_trigger_and_action_permission(request=pecan.request,
-                                                                       rule_api=rule)
+            # # Check referenced trigger and action permissions
+            # # Note: This needs to happen after "to_model" call since to_model performs some
+            # # validation (trigger exists, etc.)
+            # assert_request_user_has_rule_trigger_and_action_permission(request=pecan.request,
+            #                                                            rule_api=rule)
 
             rule_db.id = rule_ref_or_id
             rule_db = Rule.add_or_update(rule_db)
@@ -161,8 +167,8 @@ def put(self, rule, rule_ref_or_id):
 
         return rule_api
 
-    @request_user_has_resource_db_permission(permission_type=PermissionType.RULE_DELETE)
-    @jsexpose(arg_types=[str], status_code=http_client.NO_CONTENT)
+    # @request_user_has_resource_db_permission(permission_type=PermissionType.RULE_DELETE)
+    # @jsexpose(arg_types=[str], status_code=http_client.NO_CONTENT)
     def delete(self, rule_ref_or_id):
         """
             Delete a rule.
@@ -185,3 +191,7 @@ def delete(self, rule_ref_or_id):
 
         extra = {'rule_db': rule_db}
         LOG.audit('Rule deleted. Rule.id=%s.' % (rule_db.id), extra=extra)
+
+        return Response(status=http_client.NO_CONTENT)
+
+rule_controller = RuleController()
diff --git a/st2auth/st2auth/handlers.py b/st2auth/st2auth/handlers.py
@@ -17,26 +17,20 @@
 from six.moves import http_client
 from oslo_config import cfg
 
-from webob import exc
-
 from st2common import log as logging
 from st2common.exceptions.auth import TTLTooLargeException, UserNotFoundError
 from st2common.exceptions.db import StackStormDBObjectNotFoundError
 from st2common.exceptions.auth import NoNicknameOriginProvidedError, AmbiguousUserError
 from st2common.exceptions.auth import NotServiceUserError
 from st2common.persistence.auth import User
+from st2common.router import abort as abort_request
 from st2common.services.access import create_token
 from st2common.models.api.auth import TokenAPI
 from st2auth.backends import get_backend_instance
 
 LOG = logging.getLogger(__name__)
 
 
-def abort_request(status_code=http_client.UNAUTHORIZED,
-                  message='Invalid or missing credentials'):
-    raise exc.status_map[status_code](message)
-
-
 class AuthHandlerBase(object):
     def handle_auth(self, request, headers=None, remote_addr=None,
                     remote_user=None, authorization=None, **kwargs):

diff --git a/st2common/st2common/router.py b/st2common/st2common/router.py
@@ -40,6 +40,10 @@ def op_resolver(op_id):
     return functools.reduce(getattr, func_name.split('.'), module)
 
 
+def abort(status_code=exc.HTTPInternalServerError.code, message='Unhandled exception'):
+    raise exc.status_map[status_code](message)
+
+
 def abort_unauthorized(msg=None):
     raise exc.HTTPUnauthorized('Unauthorized - %s' % msg if msg else 'Unauthorized')