def user_create(request, name=None, email=None, password=None, project=None, enabled=None, domain=None): manager = keystoneclient(request, admin=True).users try: if VERSIONS.active < 3: user = manager.create(name, password, email, project, enabled) return VERSIONS.upgrade_v2_user(user) else: return manager.create(name, password=password, email=email, project=project, enabled=enabled, domain=domain) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def swift_delete_container(request, name): # It cannot be deleted if it's not empty. The batch remove of objects # be done in swiftclient instead of Horizon. objects, more = swift_get_objects(request, name) if objects: error_msg = unicode( _("The container cannot be deleted " "since it's not empty.")) exc = exceptions.Conflict(error_msg) exc._safe_message = error_msg raise exc swift_api(request).delete_container(name) return True
def identity_provider_update(request, idp_id, description=None, enabled=False, remote_ids=None): manager = keystoneclient(request, admin=True).federation.identity_providers try: return manager.update(idp_id, description=description, enabled=enabled, remote_ids=remote_ids) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def tenant_create(request, name, description=None, enabled=None, domain=None, **kwargs): manager = VERSIONS.get_project_manager(request, admin=True) try: return manager.create(name, domain, description=description, enabled=enabled, **kwargs) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def rule_create(self, parent_group_id, direction=None, ethertype=None, ip_protocol=None, from_port=None, to_port=None, cidr=None, group_id=None): # Nova Security Group API does not use direction and ethertype fields. try: sg = self.client.security_group_rules.create(parent_group_id, ip_protocol, from_port, to_port, cidr, group_id) except nova_exceptions.BadRequest: raise horizon_exceptions.Conflict( _('Security group rule already exists.')) return SecurityGroupRule(sg)
def delete(self, request, volume_id): if id == 'default': raise django.http.HttpResponseNotFound('default') # need check if there is volumes created from this snapshot volumes = api.cinder.volume_list(request) in_use = False for volume in volumes: if volume.snapshot_id == volume_id: in_use = True break if in_use: msg = _("Unable to delete in use volume snapshot.") raise exceptions.Conflict(msg) api.cinder.volume_snapshot_delete(request, volume_id)
def swift_delete_folder(request, container_name, object_name): objects, more = swift_get_objects(request, container_name, prefix=object_name) # In case the given object is pseudo folder, # it can be deleted only if it is empty. # swift_get_objects will return at least # one object (i.e container_name) even if the # given pseudo folder is empty. So if swift_get_objects # returns more than one object then only it will be # considered as non empty folder. if len(objects) > 1: error_msg = _("The pseudo folder cannot be deleted " "since it is not empty.") exc = exceptions.Conflict(error_msg) raise exc swift_api(request).delete_object(container_name, object_name) return True
def cluster_template_update(request, ct_id, name, plugin_name, hadoop_version, description=None, cluster_configs=None, node_groups=None, anti_affinity=None, net_id=None): try: template = client(request).cluster_templates.update( cluster_template_id=ct_id, name=name, plugin_name=plugin_name, hadoop_version=hadoop_version, description=description, cluster_configs=cluster_configs, node_groups=node_groups, anti_affinity=anti_affinity, net_id=net_id) except APIException as e: raise exceptions.Conflict(e) return template
def application_credential_create(request, name, secret=None, description=None, expires_at=None, roles=None, unrestricted=False): user = request.user.id manager = keystoneclient(request).application_credentials try: return manager.create(name=name, user=user, secret=secret, description=description, expires_at=expires_at, roles=roles, unrestricted=unrestricted) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def user_create(request, name=None, email=None, password=None, project=None, enabled=None, domain=None, description=None, **data): manager = keystoneclient(request, admin=True).users try: return manager.create(name, password=password, email=email, default_project=project, enabled=enabled, domain=domain, description=description, **data) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def tenant_create(request, name, description=None, enabled=None, domain=None, pool_type=None, **kwargs): manager = VERSIONS.get_project_manager(request, admin=True) LOG.info("pool_type ========================%s" % pool_type) try: if VERSIONS.active < 3: return manager.create(name, description, enabled, **kwargs) else: return manager.create(name, domain, pool_type=pool_type, description=description, enabled=enabled, **kwargs) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def test_handle_translated(self): translated_unicode = u'\u30b3\u30f3\u30c6\u30ca\u30fc\u304c' \ u'\u7a7a\u3067\u306f\u306a\u3044\u305f' \ u'\u3081\u3001\u524a\u9664\u3067\u304d' \ u'\u307e\u305b\u3093\u3002' # Japanese translation of: # 'Because the container is not empty, it can not be deleted.' expected = ['error', force_text(translated_unicode), ''] req = self.request req.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' try: raise exceptions.Conflict(translated_unicode) except exceptions.Conflict: exceptions.handle(req) # The real test here is to make sure the handle method doesn't throw a # UnicodeEncodeError, but making sure the message is correct could be # useful as well. self.assertItemsEqual(req.horizon['async_messages'], [expected])
def tenant_update(request, project, name=None, description=None, enabled=None, domain=None, **kwargs): manager = VERSIONS.get_project_manager(request, admin=True) try: if VERSIONS.active < 3: return manager.update(project, name, description, enabled, **kwargs) else: return manager.update(project, name=name, description=description, enabled=enabled, domain=domain, **kwargs) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def rule_create(self, parent_group_id, direction=None, ethertype=None, ip_protocol=None, from_port=None, to_port=None, cidr=None, group_id=None): if not cidr: cidr = None if from_port < 0: from_port = None if to_port < 0: to_port = None if isinstance(ip_protocol, int) and ip_protocol < 0: ip_protocol = None body = { 'security_group_rule': { 'security_group_id': parent_group_id, 'direction': direction, 'ethertype': ethertype, 'protocol': ip_protocol, 'port_range_min': from_port, 'port_range_max': to_port, 'remote_ip_prefix': cidr, 'remote_group_id': group_id } } try: rule = self.client.create_security_group_rule(body) except neutron_exc.Conflict: raise exceptions.Conflict(_('Security group rule already exists.')) rule = rule.get('security_group_rule') sg_dict = self._sg_name_dict(parent_group_id, [rule]) return SecurityGroupRule(rule, sg_dict)
def update_users_roles(self, request, orig_users, users): """Edit user(s) of the target. """ orig_users = set(self.UserWithRoles.users_from_dict(orig_users)) users = set(self.UserWithRoles.users_from_dict(users)) to_add_users = users - orig_users to_remove_users = orig_users - users to_edit_users = orig_users & users # NOTE(lzm): can't edit current user! # TODO(lzm): check if admin role must be in current user # when current user is in `to_edit_users` current_user = {'id': request.user.id, 'name': request.user.username} if self.UserWithRoles(current_user) in to_remove_users: msg = _("Can't edit current user %s") % current_user['name'] raise exceptions.Conflict(msg) for user in to_add_users: self.add_user_roles(request, user) for user in to_remove_users: self.remove_user_roles(request, user) for user in to_edit_users: orig_roles = set(self._filter_user(orig_users, user.id).roles) roles = set(self._filter_user(users, user.id).roles) to_add_roles = roles - orig_roles to_remove_roles = orig_roles - roles edit_user = user.clone() edit_user.roles = to_add_roles self.add_user_roles(request, edit_user) edit_user.roles = to_remove_roles self.remove_user_roles(request, edit_user)
def user_update(request, user, **data): manager = keystoneclient(request, admin=True).users error = None if not keystone_can_edit_user(): raise keystone_exceptions.ClientException( 405, _("Identity service does not allow editing user data.")) # The v2 API updates user model, password and default project separately if VERSIONS.active < 3: password = data.pop('password') project = data.pop('project') # Update user details try: user = manager.update(user, **data) except keystone_exceptions.Conflict: raise exceptions.Conflict() except Exception: error = exceptions.handle(request, ignore=True) # Update default tenant try: user_update_tenant(request, user, project) user.tenantId = project except Exception: error = exceptions.handle(request, ignore=True) # Check for existing roles # Show a warning if no role exists for the project user_roles = roles_for_user(request, user, project) if not user_roles: messages.warning(request, _('User %s has no role defined for ' 'that project.') % data.get('name', None)) # If present, update password # FIXME(gabriel): password change should be its own form + view if password: try: user_update_password(request, user, password) if user.id == request.user.id: return utils.logout_with_message( request, _("Password changed. Please log in again to " "continue."), redirect=False ) except Exception: error = exceptions.handle(request, ignore=True) if error is not None: raise error # v3 API is so much simpler... else: if not data['password']: data.pop('password') try: user = manager.update(user, **data) except keystone_exceptions.Conflict: raise exceptions.Conflict() if data.get('password') and user.id == request.user.id: return utils.logout_with_message( request, _("Password changed. Please log in again to continue."), redirect=False )
def protocol_create(request, protocol_id, identity_provider, mapping): manager = keystoneclient(request).federation.protocols try: return manager.create(protocol_id, identity_provider, mapping) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def user_update(request, user, **data): manager = keystoneclient(request, admin=True).users error = None if not keystone_can_edit_user(): raise keystone_exceptions.ClientException( 405, _("Identity service does not allow editing user data.")) # The v2 API updates user model and default project separately if VERSIONS.active < 3: # Update user details try: user = manager.update(user, **data) except keystone_exceptions.Conflict: raise exceptions.Conflict() except Exception: error = exceptions.handle(request, ignore=True) if "project" in data: project = data.pop('project') password = data.pop('password') # Update default tenant try: user_update_tenant(request, user, project) user.tenantId = project except Exception: error = exceptions.handle(request, ignore=True) # Check for existing roles # Show a warning if no role exists for the project user_roles = roles_for_user(request, user, project) if not user_roles: messages.warning( request, _('User %s has no role defined for ' 'that project.') % data.get('name', None)) if password: email = data.pop('email') LOG.info("v2 password:%s email:%s" % (password, email)) try: user_update_password(request, user, password) if user.id == request.user.id: return utils.logout_with_message( request, _("Password changed. Please log in again to continue." )) if email: LOG.info("v2 send email") send_mail(request, email, password) except Exception: error = exceptions.handle(request, ignore=True) if error is not None: raise error # v3 API is so much simpler... else: try: user = manager.update(user, **data) password = data.pop('password') if password: email = data.pop('email') LOG.info("v3 password:%s email:%s" % (password, email)) try: user_update_password(request, user, password) if user.id == request.user.id: return utils.logout_with_message( request, _("Password changed. Please log in again to continue." )) if email: LOG.info("v3 send email") send_mail(request, email, password) except Exception: error = exceptions.handle(request, ignore=True) if error is not None: raise error except keystone_exceptions.Conflict: raise exceptions.Conflict()
def mapping_create(request, mapping_id, rules): manager = keystoneclient(request, admin=True).federation.mappings try: return manager.create(mapping_id=mapping_id, rules=rules) except keystone_exceptions.Conflict: raise exceptions.Conflict()