-
Committer:
Tarmac
-
Author(s):
Devin Carlen
-
Date:
2010-10-01 15:08:19 UTC
-
mfrom:
(306.2.15 contextual-authorization)
-
Revision ID:
hudson@openstack.org-20101001150819-l0z698ahfd1srmcf
Refactor sqlalchemy api to perform contextual authorization.
All database calls now examine the context object for information about what kind of user is accessing the data. If an administrator is accessing, full privileges are granted. If a normal user is accessing, then checks are made to ensure that the user does indeed have the rights to the data.
Also refactored NovaBase and removed several methods since they would have to be changed when we move away from sqlalchemy models and begin using sqlalchemy table definitions.