Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(422)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: appengine/config_service/admin.py

Issue 2932473005: config_service: implement admin group (Closed)
Patch Set: self review Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « appengine/config_service/acl_test.py ('k') | appengine/config_service/api.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # Copyright 2015 The LUCI Authors. All rights reserved. 1 # Copyright 2015 The LUCI Authors. All rights reserved.
2 # Use of this source code is governed under the Apache License, Version 2.0 2 # Use of this source code is governed under the Apache License, Version 2.0
3 # that can be found in the LICENSE file. 3 # that can be found in the LICENSE file.
4 4
5 """Administration API accessible only by service admins. 5 """Administration API accessible only by service admins.
6 6
7 Defined as Endpoints API mostly to abuse API Explorer UI and not to write our 7 Defined as Endpoints API mostly to abuse API Explorer UI and not to write our
8 own admin UI. Note that all methods are publicly visible (though the source code 8 own admin UI. Note that all methods are publicly visible (though the source code
9 itself is also publicly visible, so not a big deal). 9 itself is also publicly visible, so not a big deal).
10 10
11 Callers have to be in 'administrators' group. 11 Callers have to be in 'administrators' group.
12 """ 12 """
13 13
14 import logging 14 import logging
15 15
16 from google.appengine.ext import ndb 16 from google.appengine.ext import ndb
17 from google.appengine.ext.ndb import msgprop 17 from google.appengine.ext.ndb import msgprop
18 from protorpc import messages 18 from protorpc import messages
19 from protorpc import remote 19 from protorpc import remote
20 20
21 from components import auth 21 from components import auth
22 from components.datastore_utils import config 22 from components.datastore_utils import config
23 23
24 import acl
25
24 26
25 # This is used by endpoints indirectly. 27 # This is used by endpoints indirectly.
26 package = 'luci-config' 28 package = 'luci-config'
27 29
28 30
29 class ServiceConfigStorageType(messages.Enum): 31 class ServiceConfigStorageType(messages.Enum):
30 """Type of repository where service configs are stored.""" 32 """Type of repository where service configs are stored."""
31 GITILES = 0 33 GITILES = 0
32 34
33 35
(...skipping 14 matching lines...) Expand all
48 services_config_storage_type = messages.EnumField(ServiceConfigStorageType, 1) 50 services_config_storage_type = messages.EnumField(ServiceConfigStorageType, 1)
49 services_config_location = messages.StringField(2) 51 services_config_location = messages.StringField(2)
50 52
51 53
52 @auth.endpoints_api(name='admin', version='v1', title='Administration API') 54 @auth.endpoints_api(name='admin', version='v1', title='Administration API')
53 class AdminApi(remote.Service): 55 class AdminApi(remote.Service):
54 """Administration API accessible only by the service admins.""" 56 """Administration API accessible only by the service admins."""
55 57
56 @auth.endpoints_method( 58 @auth.endpoints_method(
57 GlobalConfigMessage, GlobalConfigMessage, name='globalConfig') 59 GlobalConfigMessage, GlobalConfigMessage, name='globalConfig')
58 @auth.require(auth.is_admin) 60 @auth.require(acl.is_admin)
59 def global_config(self, request): 61 def global_config(self, request):
60 """Reads/writes global configuration.""" 62 """Reads/writes global configuration."""
61 conf = GlobalConfig.fetch() 63 conf = GlobalConfig.fetch()
62 if not conf: 64 if not conf:
63 conf = GlobalConfig() 65 conf = GlobalConfig()
64 66
65 changed = conf.modify( 67 changed = conf.modify(
66 updated_by=auth.get_current_identity().to_bytes(), 68 updated_by=auth.get_current_identity().to_bytes(),
67 services_config_storage_type=request.services_config_storage_type, 69 services_config_storage_type=request.services_config_storage_type,
68 services_config_location=request.services_config_location) 70 services_config_location=request.services_config_location)
69 71
70 if changed: 72 if changed:
71 logging.warning('Updated global configuration') 73 logging.warning('Updated global configuration')
72 74
73 return GlobalConfigMessage( 75 return GlobalConfigMessage(
74 services_config_location=conf.services_config_location, 76 services_config_location=conf.services_config_location,
75 services_config_storage_type=conf.services_config_storage_type) 77 services_config_storage_type=conf.services_config_storage_type)
OLDNEW
« no previous file with comments | « appengine/config_service/acl_test.py ('k') | appengine/config_service/api.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698