def test_token_revocation_list_uses_right_columns(self):
     # This query used to be heavy with too many columns. We want
     # to make sure it is only running with the minimum columns
     # necessary.
     fixture = self.useFixture(moxstubout.MoxStubout())
     self.mox = fixture.mox
     tok = token_sql.Token()
     session = sql.get_session()
     q = session.query(token_sql.TokenModel.id, token_sql.TokenModel.expires)
     self.mox.StubOutWithMock(session, "query")
     session.query(token_sql.TokenModel.id, token_sql.TokenModel.expires).AndReturn(q)
     self.mox.StubOutWithMock(sql, "get_session")
     sql.get_session().AndReturn(session)
     self.mox.ReplayAll()
     tok.list_revoked_tokens()
Beispiel #2
0
    def get_v3_catalog(self, user_id, tenant_id, metadata=None):
        d = dict(six.iteritems(CONF))
        d.update({'tenant_id': tenant_id,
                  'user_id': user_id})

        session = sql.get_session()
        services = (session.query(Service).filter(Service.enabled == true()).
                    options(sql.joinedload(Service.endpoints)).
                    all())

        def make_v3_endpoints(endpoints):
            for endpoint in (ep.to_dict() for ep in endpoints if ep.enabled):
                del endpoint['service_id']
                del endpoint['legacy_endpoint_id']
                del endpoint['enabled']
                endpoint['region'] = endpoint['region_id']
                try:
                    endpoint['url'] = core.format_url(endpoint['url'], d)
                except exception.MalformedEndpoint:
                    continue  # this failure is already logged in format_url()

                yield endpoint

        def make_v3_service(svc):
            eps = list(make_v3_endpoints(svc.endpoints))
            service = {'endpoints': eps, 'id': svc.id, 'type': svc.type}
            service['name'] = svc.extra.get('name', '')
            return service

        return [make_v3_service(svc) for svc in services]
Beispiel #3
0
    def get_catalog(self, user_id, tenant_id, metadata=None):
        substitutions = dict(six.iteritems(CONF))
        substitutions.update({'tenant_id': tenant_id, 'user_id': user_id})

        session = sql.get_session()
        endpoints = (session.query(Endpoint).
                     options(sql.joinedload(Endpoint.service)).
                     filter(Endpoint.enabled == true()).all())

        catalog = {}

        for endpoint in endpoints:
            if not endpoint.service['enabled']:
                continue
            try:
                url = core.format_url(endpoint['url'], substitutions)
            except exception.MalformedEndpoint:
                continue  # this failure is already logged in format_url()

            region = endpoint['region_id']
            service_type = endpoint.service['type']
            default_service = {
                'id': endpoint['id'],
                'name': endpoint.service.extra.get('name', ''),
                'publicURL': ''
            }
            catalog.setdefault(region, {})
            catalog[region].setdefault(service_type, default_service)
            interface_url = '%sURL' % endpoint['interface']
            catalog[region][service_type][interface_url] = url

        return catalog
Beispiel #4
0
    def delete_credentials_for_user(self, user_id):
        session = sql.get_session()

        with session.begin():
            query = session.query(CredentialModel)
            query = query.filter_by(user_id=user_id)
            query.delete()
Beispiel #5
0
 def list_users_in_group(self, group_id, hints):
     session = sql.get_session()
     self.get_group(group_id)
     query = session.query(User).join(UserGroupMembership)
     query = query.filter(UserGroupMembership.group_id == group_id)
     query = sql.filter_limit_query(User, query, hints)
     return [identity.filter_user(u.to_dict()) for u in query]
Beispiel #6
0
 def list_credentials(self, **filters):
     session = sql.get_session()
     query = session.query(CredentialModel)
     if 'user_id' in filters:
         query = query.filter_by(user_id=filters.get('user_id'))
     refs = query.all()
     return [ref.to_dict() for ref in refs]
Beispiel #7
0
 def delete_token(self, token_id):
     session = sql.get_session()
     with session.begin():
         token_ref = session.query(TokenModel).get(token_id)
         if not token_ref or not token_ref.valid:
             raise exception.TokenNotFound(token_id=token_id)
         token_ref.valid = False
Beispiel #8
0
 def create_user(self, user_id, user):
     user = utils.hash_user_password(user)
     session = sql.get_session()
     with session.begin():
         user_ref = User.from_dict(user)
         session.add(user_ref)
     return identity.filter_user(user_ref.to_dict())
Beispiel #9
0
 def remove_endpoint_group_from_project(self, endpoint_group_id,
                                        project_id):
     session = sql.get_session()
     endpoint_group_project_ref = self._get_endpoint_group_in_project(
         session, endpoint_group_id, project_id)
     with session.begin():
         session.delete(endpoint_group_project_ref)
Beispiel #10
0
    def get_catalog(self, user_id, tenant_id, metadata=None):
        substitutions = dict(six.iteritems(CONF))
        substitutions.update({"tenant_id": tenant_id, "user_id": user_id})

        session = sql.get_session()
        t = True  # variable for singleton for PEP8, E712.
        endpoints = (
            session.query(Endpoint).options(sql.joinedload(Endpoint.service)).filter(Endpoint.enabled == t).all()
        )

        catalog = {}

        for endpoint in endpoints:
            if not endpoint.service["enabled"]:
                continue
            try:
                url = core.format_url(endpoint["url"], substitutions)
            except exception.MalformedEndpoint:
                continue  # this failure is already logged in format_url()

            region = endpoint["region"]
            service_type = endpoint.service["type"]
            default_service = {"id": endpoint["id"], "name": endpoint.service["name"], "publicURL": ""}
            catalog.setdefault(region, {})
            catalog[region].setdefault(service_type, default_service)
            interface_url = "%sURL" % endpoint["interface"]
            catalog[region][service_type][interface_url] = url

        return catalog
Beispiel #11
0
    def get_v3_catalog(self, user_id, tenant_id, metadata=None):
        d = dict(six.iteritems(CONF))
        d.update({"tenant_id": tenant_id, "user_id": user_id})

        session = sql.get_session()
        t = True  # variable for singleton for PEP8, E712.
        services = session.query(Service).filter(Service.enabled == t).options(sql.joinedload(Service.endpoints)).all()

        def make_v3_endpoints(endpoints):
            for endpoint in (ep.to_dict() for ep in endpoints if ep.enabled):
                del endpoint["service_id"]
                del endpoint["legacy_endpoint_id"]
                del endpoint["enabled"]
                try:
                    endpoint["url"] = core.format_url(endpoint["url"], d)
                except exception.MalformedEndpoint:
                    continue  # this failure is already logged in format_url()

                yield endpoint

        def make_v3_service(svc):
            eps = list(make_v3_endpoints(svc.endpoints))
            service = {"endpoints": eps, "id": svc.id, "type": svc.type}
            name = svc.extra.get("name")
            if name:
                service["name"] = name
            return service

        return [make_v3_service(svc) for svc in services]
Beispiel #12
0
 def create_region(self, region_ref):
     session = sql.get_session()
     with session.begin():
         self._check_parent_region(session, region_ref)
         region = Region.from_dict(region_ref)
         session.add(region)
     return region.to_dict()
Beispiel #13
0
 def create_endpoint(self, endpoint_id, endpoint_ref):
     session = sql.get_session()
     self.get_service(endpoint_ref["service_id"])
     new_endpoint = Endpoint.from_dict(endpoint_ref)
     with session.begin():
         session.add(new_endpoint)
     return new_endpoint.to_dict()
Beispiel #14
0
    def delete_tokens(self, user_id, tenant_id=None, trust_id=None, consumer_id=None):
        """Deletes all tokens in one session

        The user_id will be ignored if the trust_id is specified. user_id
        will always be specified.
        If using a trust, the token's user_id is set to the trustee's user ID
        or the trustor's user ID, so will use trust_id to query the tokens.

        """
        session = sql.get_session()
        token_list = []
        with session.begin():
            now = timeutils.utcnow()
            query = session.query(TokenModel)
            query = query.filter_by(valid=True)
            query = query.filter(TokenModel.expires > now)
            if trust_id:
                query = query.filter(TokenModel.trust_id == trust_id)
            else:
                query = query.filter(TokenModel.user_id == user_id)

            for token_ref in query.all():
                if tenant_id:
                    token_ref_dict = token_ref.to_dict()
                    if not self._tenant_matches(tenant_id, token_ref_dict):
                        continue
                if consumer_id:
                    token_ref_dict = token_ref.to_dict()
                    if not self._consumer_matches(consumer_id, token_ref_dict):
                        continue

                token_ref.valid = False
                token_list.append(token_ref.id)

        return token_list
 def remove_user(self, user_id):
     session = sql.get_session()
     LOG.info('removing user %s from spassword' % user_id)
     spassword_ref = session.query(SPasswordModel).get(user_id)
     if spassword_ref:
         with session.begin():
             session.delete(spassword_ref)
Beispiel #16
0
 def store_new_activation_key(self, profile_id, new_ref):
     session = sql.get_session()
     with session.begin():
         profile_ref = session.query(ActivationProfile).get(profile_id)
         profile_ref.activation_key = new_ref['activation_key']
         profile_ref.expires_at = new_ref['expires_at']
     return profile_ref.to_dict()
Beispiel #17
0
 def delete_user_profiles(self, user_id):
     session = sql.get_session()
     with session.begin():
         for profile_class in (ResetProfile, ActivationProfile):
             q = session.query(profile_class)
             q = q.filter_by(user_id=user_id)
             q.delete(False)
Beispiel #18
0
    def create_access_token(self, request_token_id, token_duration,
                            access_token_id=None, access_token_secret=None):
        if access_token_id is None:
            access_token_id = uuid.uuid4().hex
        if access_token_secret is None:
            access_token_secret = uuid.uuid4().hex
        session = sql.get_session()
        with session.begin():
            req_token_ref = self._get_request_token(session, request_token_id)
            token_dict = req_token_ref.to_dict()

            expiry_date = None
            if token_duration:
                now = timeutils.utcnow()
                future = now + datetime.timedelta(seconds=token_duration)
                expiry_date = timeutils.isotime(future, subsecond=True)

            # add Access Token
            ref = {}
            ref['id'] = access_token_id
            ref['access_secret'] = access_token_secret
            ref['authorizing_user_id'] = token_dict['authorizing_user_id']
            ref['project_id'] = token_dict['requested_project_id']
            ref['role_ids'] = token_dict['role_ids']
            ref['consumer_id'] = token_dict['consumer_id']
            ref['expires_at'] = expiry_date
            token_ref = AccessToken.from_dict(ref)
            session.add(token_ref)

            # remove request token, it's been used
            session.delete(req_token_ref)

        return token_ref.to_dict()
Beispiel #19
0
 def get_two_factor_info(self, user_id):
     session = sql.get_session()
     twofactor = session.query(TwoFactor).get(user_id)
     if twofactor is None:
         raise exception.NotFound(_('Two Factor Authentication is not enabled for user %s.' %user_id))
     else:
         return twofactor
Beispiel #20
0
 def list_groups_for_user(self, user_id, hints):
     session = sql.get_session()
     self.get_user(user_id)
     query = session.query(Group).join(UserGroupMembership)
     query = query.filter(UserGroupMembership.user_id == user_id)
     query = sql.filter_limit_query(Group, query, hints)
     return [g.to_dict() for g in query]
Beispiel #21
0
    def create_request_token(self, consumer_id, project_id, token_duration,
                             request_token_id=None, request_token_secret=None):
        if request_token_id is None:
            request_token_id = uuid.uuid4().hex
        if request_token_secret is None:
            request_token_secret = uuid.uuid4().hex
        expiry_date = None
        if token_duration:
            now = timeutils.utcnow()
            future = now + datetime.timedelta(seconds=token_duration)
            expiry_date = timeutils.isotime(future, subsecond=True)

        ref = {}
        ref['id'] = request_token_id
        ref['request_secret'] = request_token_secret
        ref['verifier'] = None
        ref['authorizing_user_id'] = None
        ref['requested_project_id'] = project_id
        ref['role_ids'] = None
        ref['consumer_id'] = consumer_id
        ref['expires_at'] = expiry_date
        session = sql.get_session()
        with session.begin():
            token_ref = RequestToken.from_dict(ref)
            session.add(token_ref)
        return token_ref.to_dict()
Beispiel #22
0
 def create_idp(self, idp_id, idp):
     session = sql.get_session()
     with session.begin():
         idp['id'] = idp_id
         idp_ref = IdentityProviderModel.from_dict(idp)
         session.add(idp_ref)
     return idp_ref.to_dict()
Beispiel #23
0
    def delete_all_devices(self, user_id):
        session = sql.get_session()
        devices = session.query(TwoFactorDevice).filter_by(user_id=user_id)

        for device in devices:
            with session.begin():
                session.delete(device)
Beispiel #24
0
    def get_v3_catalog(self, user_id, tenant_id, metadata=None):
        d = dict(six.iteritems(CONF))
        d.update({'tenant_id': tenant_id,
                  'user_id': user_id})

        session = sql.get_session()
        t = True  # variable for singleton for PEP8, E712.
        services = (session.query(Service).filter(Service.enabled == t).
                    options(sql.joinedload(Service.endpoints)).
                    all())

        def make_v3_endpoint(endpoint):
            endpoint = endpoint.to_dict()
            del endpoint['service_id']
            endpoint['url'] = core.format_url(endpoint['url'], d)
            return endpoint

        def make_v3_service(svc):
            eps = [make_v3_endpoint(ep) for ep in svc.endpoints if ep.enabled]
            service = {'endpoints': eps, 'id': svc.id, 'type': svc.type}
            name = svc.extra.get('name')
            if name:
                service['name'] = name
            return service

        return [make_v3_service(svc) for svc in services]
Beispiel #25
0
 def delete_region(self, region_id):
     session = sql.get_session()
     with session.begin():
         ref = self._get_region(session, region_id)
         self._delete_child_regions(session, region_id)
         session.query(Region).filter_by(id=region_id).delete()
         session.delete(ref)
Beispiel #26
0
    def get_catalog(self, user_id, tenant_id, metadata=None):
        d = dict(six.iteritems(CONF))
        d.update({'tenant_id': tenant_id,
                  'user_id': user_id})

        session = sql.get_session()
        t = True  # variable for singleton for PEP8, E712.
        endpoints = (session.query(Endpoint).
                     options(sql.joinedload(Endpoint.service)).
                     filter(Endpoint.enabled == t).all())

        catalog = {}

        for endpoint in endpoints:
            if not endpoint.service['enabled']:
                continue

            region = endpoint['region']
            service_type = endpoint.service['type']
            default_service = {
                'id': endpoint['id'],
                'name': endpoint.service['name'],
                'publicURL': ''
            }
            catalog.setdefault(region, {})
            catalog[region].setdefault(service_type, default_service)
            url = core.format_url(endpoint['url'], d)
            interface_url = '%sURL' % endpoint['interface']
            catalog[region][service_type][interface_url] = url

        return catalog
Beispiel #27
0
    def _get_metadata(self, user_id=None, tenant_id=None,
                      domain_id=None, group_id=None, session=None):
        # TODO(henry-nash): This method represents the last vestiges of the old
        # metadata concept in this driver.  Although we no longer need it here,
        # since the Manager layer uses the metadata concept across all
        # assignment drivers, we need to remove it from all of them in order to
        # finally remove this method.

        # We aren't given a session when called by the manager directly.
        if session is None:
            session = sql.get_session()

        q = session.query(RoleAssignment)
        q = q.filter_by(actor_id=user_id or group_id)
        q = q.filter_by(target_id=tenant_id or domain_id)
        refs = q.all()
        if not refs:
            raise exception.MetadataNotFound()

        metadata_ref = {}
        metadata_ref['roles'] = []
        for assignment in refs:
            role_ref = {}
            role_ref['id'] = assignment.role_id
            if assignment.inherited and (
                    assignment.type == AssignmentType.USER_DOMAIN or
                    assignment.type == AssignmentType.GROUP_DOMAIN):
                role_ref['inherited_to'] = 'projects'
            metadata_ref['roles'].append(role_ref)

        return metadata_ref
Beispiel #28
0
    def get_v3_catalog(self, user_id, tenant_id, metadata=None):
        d = dict(itertools.chain(six.iteritems(CONF), six.iteritems(CONF.eventlet_server)))
        d.update({"tenant_id": tenant_id, "user_id": user_id})

        session = sql.get_session()
        services = (
            session.query(Service).filter(Service.enabled == true()).options(sql.joinedload(Service.endpoints)).all()
        )

        def make_v3_endpoints(endpoints):
            for endpoint in (ep.to_dict() for ep in endpoints if ep.enabled):
                del endpoint["service_id"]
                del endpoint["legacy_endpoint_id"]
                del endpoint["enabled"]
                endpoint["region"] = endpoint["region_id"]
                try:
                    endpoint["url"] = core.format_url(endpoint["url"], d)
                except exception.MalformedEndpoint:
                    continue  # this failure is already logged in format_url()

                yield endpoint

        def make_v3_service(svc):
            eps = list(make_v3_endpoints(svc.endpoints))
            service = {"endpoints": eps, "id": svc.id, "type": svc.type}
            service["name"] = svc.extra.get("name", "")
            return service

        return [make_v3_service(svc) for svc in services]
Beispiel #29
0
 def get_mapping_from_idp_and_protocol(self, idp_id, protocol_id):
     session = sql.get_session()
     with session.begin():
         protocol_ref = self._get_protocol(session, idp_id, protocol_id)
         mapping_id = protocol_ref.mapping_id
         mapping_ref = self._get_mapping(session, mapping_id)
     return mapping_ref.to_dict()
Beispiel #30
0
    def delete_credentials_for_project(self, project_id):
        session = sql.get_session()

        with session.begin():
            query = session.query(CredentialModel)
            query = query.filter_by(project_id=project_id)
            query.delete()
Beispiel #31
0
 def get_endpoint_group_in_project(self, endpoint_group_id, project_id):
     session = sql.get_session()
     ref = self._get_endpoint_group_in_project(session, endpoint_group_id,
                                               project_id)
     return ref.to_dict()
Beispiel #32
0
    def delete_credential(self, credential_id):
        session = sql.get_session()

        with session.begin():
            ref = self._get_credential(session, credential_id)
            session.delete(ref)
Beispiel #33
0
 def delete_service(self, service_id):
     session = sql.get_session()
     with session.begin():
         ref = self._get_service(session, service_id)
         session.query(Endpoint).filter_by(service_id=service_id).delete()
         session.delete(ref)
Beispiel #34
0
 def list_endpoint_groups_for_project(self, project_id):
     session = sql.get_session()
     query = session.query(ProjectEndpointGroupMembership)
     query = query.filter_by(project_id=project_id)
     endpoint_group_refs = query.all()
     return [ref.to_dict() for ref in endpoint_group_refs]
 def test_password_hashed(self):
     session = sql.get_session()
     user_ref = self.identity_api._get_user(session, self.user_foo['id'])
     self.assertNotEqual(self.user_foo['password'], user_ref['password'])
Beispiel #36
0
 def list_trusts_for_trustor(self, trustor_user_id):
     session = sql.get_session()
     trusts = (session.query(TrustModel).filter_by(
         deleted_at=None).filter_by(trustor_user_id=trustor_user_id))
     return [trust_ref.to_dict() for trust_ref in trusts]
Beispiel #37
0
 def list_trusts(self):
     session = sql.get_session()
     trusts = session.query(TrustModel).filter_by(deleted_at=None)
     return [trust_ref.to_dict() for trust_ref in trusts]
Beispiel #38
0
 def list_regions(self, hints):
     session = sql.get_session()
     regions = session.query(Region)
     regions = sql.filter_limit_query(Region, regions, hints)
     return [s.to_dict() for s in list(regions)]
Beispiel #39
0
 def delete_endpoint_group_association_by_project(self, project_id):
     session = sql.get_session()
     with session.begin():
         query = session.query(ProjectEndpointGroupMembership)
         query = query.filter_by(project_id=project_id)
         query.delete()
Beispiel #40
0
 def list_projects_associated_with_endpoint_group(self, endpoint_group_id):
     session = sql.get_session()
     query = session.query(ProjectEndpointGroupMembership)
     query = query.filter_by(endpoint_group_id=endpoint_group_id)
     endpoint_group_refs = query.all()
     return [ref.to_dict() for ref in endpoint_group_refs]
Beispiel #41
0
 def create_endpoint_group(self, endpoint_group_id, endpoint_group):
     session = sql.get_session()
     with session.begin():
         endpoint_group_ref = EndpointGroup.from_dict(endpoint_group)
         session.add(endpoint_group_ref)
     return endpoint_group_ref.to_dict()
Beispiel #42
0
 def list_endpoint_groups(self):
     session = sql.get_session()
     query = session.query(EndpointGroup)
     endpoint_group_refs = query.all()
     return [e.to_dict() for e in endpoint_group_refs]
Beispiel #43
0
 def list_services(self, hints):
     session = sql.get_session()
     services = session.query(Service)
     services = sql.filter_limit_query(Service, services, hints)
     return [s.to_dict() for s in list(services)]
Beispiel #44
0
 def get_endpoint_group(self, endpoint_group_id):
     session = sql.get_session()
     endpoint_group_ref = self._get_endpoint_group(session,
                                                   endpoint_group_id)
     return endpoint_group_ref.to_dict()
Beispiel #45
0
 def list_projects_for_endpoint(self, endpoint_id):
     session = sql.get_session()
     query = session.query(ProjectEndpoint)
     query = query.filter_by(endpoint_id=endpoint_id)
     endpoint_filter_refs = query.all()
     return [ref.to_dict() for ref in endpoint_filter_refs]
Beispiel #46
0
 def delete_association_by_project(self, project_id):
     session = sql.get_session()
     with session.begin():
         query = session.query(ProjectEndpoint)
         query = query.filter_by(project_id=project_id)
         query.delete(synchronize_session=False)
Beispiel #47
0
 def check_endpoint_in_project(self, endpoint_id, project_id):
     session = sql.get_session()
     self._get_project_endpoint_ref(session, endpoint_id, project_id)
Beispiel #48
0
 def remove_endpoint_from_project(self, endpoint_id, project_id):
     session = sql.get_session()
     endpoint_filter_ref = self._get_project_endpoint_ref(
         session, endpoint_id, project_id)
     with session.begin():
         session.delete(endpoint_filter_ref)
Beispiel #49
0
    def get_v3_catalog(self, user_id, tenant_id):
        """Retrieve and format the current V3 service catalog.

        :param user_id: The id of the user who has been authenticated for
            creating service catalog.
        :param tenant_id: The id of the project. 'tenant_id' will be None in
            the case this being called to create a catalog to go in a domain
            scoped token. In this case, any endpoint that requires a
            tenant_id as part of their URL will be skipped.

        :returns: A list representing the service catalog or an empty list

        """
        d = dict(itertools.chain(CONF.items(), CONF.eventlet_server.items()))
        d.update({'user_id': user_id})
        silent_keyerror_failures = []
        if tenant_id:
            d.update({
                'tenant_id': tenant_id,
                'project_id': tenant_id,
            })
        else:
            silent_keyerror_failures = [
                'tenant_id',
                'project_id',
            ]

        session = sql.get_session()
        services = (session.query(Service).filter(
            Service.enabled == true()).options(
                sql.joinedload(Service.endpoints)).all())

        def make_v3_endpoints(endpoints):
            for endpoint in (ep.to_dict() for ep in endpoints if ep.enabled):
                del endpoint['service_id']
                del endpoint['legacy_endpoint_id']
                del endpoint['enabled']
                endpoint['region'] = endpoint['region_id']
                try:
                    formatted_url = core.format_url(
                        endpoint['url'],
                        d,
                        silent_keyerror_failures=silent_keyerror_failures)
                    if formatted_url:
                        endpoint['url'] = formatted_url
                    else:
                        continue
                except exception.MalformedEndpoint:
                    continue  # this failure is already logged in format_url()

                yield endpoint

        # TODO(davechen): If there is service with no endpoints, we should skip
        # the service instead of keeping it in the catalog, see bug #1436704.
        def make_v3_service(svc):
            eps = list(make_v3_endpoints(svc.endpoints))
            service = {'endpoints': eps, 'id': svc.id, 'type': svc.type}
            service['name'] = svc.extra.get('name', '')
            return service

        return [make_v3_service(svc) for svc in services]
Beispiel #50
0
 def add_endpoint_to_project(self, endpoint_id, project_id):
     session = sql.get_session()
     with session.begin():
         endpoint_filter_ref = ProjectEndpoint(endpoint_id=endpoint_id,
                                               project_id=project_id)
         session.add(endpoint_filter_ref)
Beispiel #51
0
 def list_endpoints(self, hints):
     session = sql.get_session()
     endpoints = session.query(Endpoint)
     endpoints = sql.filter_limit_query(Endpoint, endpoints, hints)
     return [e.to_dict() for e in list(endpoints)]
Beispiel #52
0
    def get_catalog(self, user_id, tenant_id):
        """Retrieve and format the V2 service catalog.

        :param user_id: The id of the user who has been authenticated for
            creating service catalog.
        :param tenant_id: The id of the project. 'tenant_id' will be None
            in the case this being called to create a catalog to go in a
            domain scoped token. In this case, any endpoint that requires
            a tenant_id as part of their URL will be skipped (as would a whole
            service if, as a consequence, it has no valid endpoints).

        :returns: A nested dict representing the service catalog or an
                  empty dict.

        """
        substitutions = dict(
            itertools.chain(CONF.items(), CONF.eventlet_server.items()))
        substitutions.update({'user_id': user_id})
        silent_keyerror_failures = []
        if tenant_id:
            substitutions.update({
                'tenant_id': tenant_id,
                'project_id': tenant_id
            })
        else:
            silent_keyerror_failures = [
                'tenant_id',
                'project_id',
            ]

        session = sql.get_session()
        endpoints = (session.query(Endpoint).options(
            sql.joinedload(
                Endpoint.service)).filter(Endpoint.enabled == true()).all())

        catalog = {}

        for endpoint in endpoints:
            if not endpoint.service['enabled']:
                continue
            try:
                formatted_url = core.format_url(
                    endpoint['url'],
                    substitutions,
                    silent_keyerror_failures=silent_keyerror_failures)
                if formatted_url is not None:
                    url = formatted_url
                else:
                    continue
            except exception.MalformedEndpoint:
                continue  # this failure is already logged in format_url()

            region = endpoint['region_id']
            service_type = endpoint.service['type']
            default_service = {
                'id': endpoint['id'],
                'name': endpoint.service.extra.get('name', ''),
                'publicURL': ''
            }
            catalog.setdefault(region, {})
            catalog[region].setdefault(service_type, default_service)
            interface_url = '%sURL' % endpoint['interface']
            catalog[region][service_type][interface_url] = url

        return catalog
Beispiel #53
0
 def delete_endpoint(self, endpoint_id):
     session = sql.get_session()
     with session.begin():
         ref = self._get_endpoint(session, endpoint_id)
         session.delete(ref)
Beispiel #54
0
 def get_endpoint(self, endpoint_id):
     session = sql.get_session()
     return self._get_endpoint(session, endpoint_id).to_dict()
Beispiel #55
0
 def list_credentials(self, hints):
     session = sql.get_session()
     credentials = session.query(CredentialModel)
     credentials = sql.filter_limit_query(CredentialModel, credentials,
                                          hints)
     return [s.to_dict() for s in credentials]
Beispiel #56
0
 def create_service(self, service_id, service_ref):
     session = sql.get_session()
     with session.begin():
         service = Service.from_dict(service_ref)
         session.add(service)
     return service.to_dict()
Beispiel #57
0
 def list_credentials_for_user(self, user_id):
     session = sql.get_session()
     query = session.query(CredentialModel)
     refs = query.filter_by(user_id=user_id).all()
     return [ref.to_dict() for ref in refs]
Beispiel #58
0
 def get_credential(self, credential_id):
     session = sql.get_session()
     return self._get_credential(session, credential_id).to_dict()
Beispiel #59
0
 def create_credential(self, credential_id, credential):
     session = sql.get_session()
     with session.begin():
         ref = CredentialModel.from_dict(credential)
         session.add(ref)
     return ref.to_dict()
Beispiel #60
0
 def get_service(self, service_id):
     session = sql.get_session()
     return self._get_service(session, service_id).to_dict()