Barbican V1: Allow multiple ACL types in one request

[kayrus]

Current implementation supports one call per type. Even though it is not yet supported in Barbican to have an ACL type other than "read", for the future it would be nice to handle multiple ACL types at one call and avoid complex logic in dependent applications. I expect gophercloud to construct json request like:

{
  "read": {
    "project-access": false,
    "users": [
      "GG27dVwR9gBMnsOaRoJ1DFJmZfdVjIdW"
    ]
  },
  "write": {
    "project-access": true,
    "users": [
      "35t0SzHNIpfiCWppFNpcyDmPQCsESiB1"
    ]
  }
}`

I propose the following modification to

gophercloud/openstack/keymanager/v1/acls/requests.go

Line 26 in 6ad562a

type SetOpts struct {

// SetOpts represents options to set an ACL on a resource.
type SetOpts []SetOpt

// ToACLSetMap formats a SetOpts into a set request.
func (opts SetOpts) ToACLSetMap() (map[string]interface{}, error) {
        b := make(map[string]interface{})
        for _, v := range opts {
                m, err := gophercloud.BuildRequestBody(v, v.Type)
                if err != nil {
                        return nil, err
                }
                b[v.Type] = m[v.Type]
        }
        return b, nil
}

https://github.com/openstack/barbican/blob/c40ef6f7d865858a26b934be52e193ab2fb3fd26/barbican/common/validators.py#L45

[kayrus]

@jtopjian do you have objections on my proposal?

[jtopjian]

@kayrus Sorry, I had a hard time understanding it and meant to revisit it.

Is this kind of bulk operation supported by Barbican?

[kayrus]

@jtopjian batch update is not yet supported, but according to the barbican api references, it will be: https://github.com/openstack/barbican/blob/c40ef6f7d865858a26b934be52e193ab2fb3fd26/barbican/api/controllers/acls.py#L85..L99

[jtopjian]

So is this something that the API currently supports but since there is only an ACL of "read" it's not possible to use this API?

In that case, I suppose we can implement it.