def __init__(self, id=None, token=None, user=None, tenant_id=None,
                 service_catalog=None, tenant_name=None, roles=None,
                 authorized_tenants=None, endpoint=None, enabled=False,
                 services_region=None, user_domain_id=None,
                 user_domain_name=None, domain_id=None, domain_name=None,
                 project_id=None, project_name=None,
                 is_federated=False, unscoped_token=None):
        self.id = id
        self.pk = id
        self.token = token
        self.username = user
        self.user_domain_id = user_domain_id
        self.user_domain_name = user_domain_name
        self.domain_id = domain_id
        self.domain_name = domain_name
        self.project_id = project_id or tenant_id
        self.project_name = project_name or tenant_name
        self.service_catalog = service_catalog
        self._services_region = (
            services_region
            or utils.default_services_region(service_catalog)
        )
        self.roles = roles or []
        self.endpoint = endpoint
        self.enabled = enabled
        self._authorized_tenants = authorized_tenants
        self.is_federated = is_federated

        # Unscoped token is used for listing user's project that works
        # for both federated and keystone user.
        self.unscoped_token = unscoped_token

        # List of variables to be deprecated.
        self.tenant_id = self.project_id
        self.tenant_name = self.project_name
def create_user_from_token(request, token, endpoint, services_region=None):
    # if the region is provided, use that, otherwise use the preferred region
    svc_region = services_region or \
        utils.default_services_region(token.serviceCatalog, request)
    return User(
        id=token.user['id'],
        token=token,
        user=token.user['name'],
        password_expires_at=token.user['password_expires_at'],
        user_domain_id=token.user_domain_id,
        # We need to consider already logged-in users with an old
        # version of Token without user_domain_name.
        user_domain_name=getattr(token, 'user_domain_name', None),
        project_id=token.project['id'],
        project_name=token.project['name'],
        domain_id=token.domain['id'],
        domain_name=token.domain['name'],
        enabled=True,
        service_catalog=token.serviceCatalog,
        roles=token.roles,
        endpoint=endpoint,
        services_region=svc_region,
        is_federated=getattr(token, 'is_federated', False),
        unscoped_token=getattr(token, 'unscoped_token',
                               request.session.get('unscoped_token')))
Beispiel #3
0
def create_user_from_token(request, token, endpoint, services_region=None):
    # if the region is provided, use that, otherwise use the preferred region
    default_service_regions = getattr(settings, 'DEFAULT_SERVICE_REGIONS', {})
    default_service_region = default_service_regions.get(endpoint)
    svc_region = services_region or \
        utils.default_services_region(token.serviceCatalog, request,
                                      selected_region=default_service_region)
    return User(id=token.user['id'],
                token=token,
                user=token.user['name'],
                password_expires_at=token.user['password_expires_at'],
                user_domain_id=token.user_domain_id,
                # We need to consider already logged-in users with an old
                # version of Token without user_domain_name.
                user_domain_name=getattr(token, 'user_domain_name', None),
                project_id=token.project['id'],
                project_name=token.project['name'],
                domain_id=token.domain['id'],
                domain_name=token.domain['name'],
                enabled=True,
                service_catalog=token.serviceCatalog,
                roles=token.roles,
                endpoint=endpoint,
                services_region=svc_region,
                is_federated=getattr(token, 'is_federated', False),
                unscoped_token=getattr(token, 'unscoped_token',
                                       request.session.get('unscoped_token')))
Beispiel #4
0
    def __init__(self,
                 id=None,
                 token=None,
                 user=None,
                 tenant_id=None,
                 service_catalog=None,
                 tenant_name=None,
                 roles=None,
                 authorized_tenants=None,
                 endpoint=None,
                 enabled=False,
                 services_region=None,
                 user_domain_id=None,
                 user_domain_name=None,
                 domain_id=None,
                 domain_name=None,
                 project_id=None,
                 project_name=None,
                 is_federated=False,
                 unscoped_token=None,
                 password=None,
                 password_expires_at=None,
                 system_scoped=False):
        self.id = id
        self.pk = id
        self.token = token
        self.keystone_user_id = id
        self.username = user
        self.user_domain_id = user_domain_id
        self.user_domain_name = user_domain_name
        self.domain_id = domain_id
        self.domain_name = domain_name
        self.project_id = project_id or tenant_id
        self.project_name = project_name or tenant_name
        self.system_scoped = system_scoped
        self.service_catalog = service_catalog
        self._services_region = (
            services_region or utils.default_services_region(service_catalog))
        self.roles = roles or []
        self.endpoint = endpoint
        self.enabled = enabled
        self._authorized_tenants = authorized_tenants
        self.is_federated = is_federated
        self.password_expires_at = password_expires_at
        self._is_system_user = None

        # Unscoped token is used for listing user's project that works
        # for both federated and keystone user.
        self.unscoped_token = unscoped_token

        # List of variables to be deprecated.
        self.tenant_id = self.project_id
        self.tenant_name = self.project_name

        # Required by AbstractBaseUser
        self.password = None
    def test_default_services_region_precedence(self):
        request = client.RequestFactory().get('fake')

        # Cookie is valid, so should be region source
        request.COOKIES['services_region'] = "RegionTwo"
        default_region = utils.default_services_region(
            FAKE_CATALOG, request=request, ks_endpoint='http://example.com')
        self.assertEqual("RegionTwo", default_region)

        # Cookie is invalid, so ks_endpoint is source
        request.COOKIES['services_region'] = "Not_valid_region"
        default_region = utils.default_services_region(
            FAKE_CATALOG, request=request, ks_endpoint='http://example.com')
        self.assertEqual("RegionThree", default_region)

        # endpoint and cookie are invalid, so source is "*" key
        default_region = utils.default_services_region(
            FAKE_CATALOG, request=request, ks_endpoint='not_a_match')
        self.assertEqual("RegionFour", default_region)
def create_user_from_token(request, token, endpoint, services_region=None):
    # if the region is provided, use that, otherwise use the preferred region
    svc_region = services_region or \
        utils.default_services_region(token.serviceCatalog, request)
    return User(id=token.user['id'],
                token=token,
                user=token.user['name'],
                user_domain_id=token.user_domain_id,
                # We need to consider already logged-in users with an old
                # version of Token without user_domain_name.
                user_domain_name=getattr(token, 'user_domain_name', None),
                project_id=token.project['id'],
                project_name=token.project['name'],
                domain_id=token.domain['id'],
                domain_name=token.domain['name'],
                enabled=True,
                service_catalog=token.serviceCatalog,
                roles=token.roles,
                endpoint=endpoint,
                services_region=svc_region)
Beispiel #7
0
def create_user_from_token(request, token, endpoint, services_region=None):
    # if the region is provided, use that, otherwise use the preferred region
    svc_region = services_region or utils.default_services_region(token.serviceCatalog, request)
    return User(
        id=token.user["id"],
        token=token,
        user=token.user["name"],
        user_domain_id=token.user_domain_id,
        # We need to consider already logged-in users with an old
        # version of Token without user_domain_name.
        user_domain_name=getattr(token, "user_domain_name", None),
        project_id=token.project["id"],
        project_name=token.project["name"],
        domain_id=token.domain["id"],
        domain_name=token.domain["name"],
        enabled=True,
        service_catalog=token.serviceCatalog,
        roles=token.roles,
        endpoint=endpoint,
        services_region=svc_region,
        is_federated=getattr(token, "is_federated", False),
        unscoped_token=getattr(token, "unscoped_token", request.session.get("unscoped_token")),
    )
 def test_default_services_region_fallback(self):
     # Test that first region found in catalog is returned
     default_region = utils.default_services_region(FAKE_CATALOG)
     self.assertEqual("RegionOne", default_region)