def take_action(self, parsed_args):
identity_client = self.app.client_manager.identity
# FIXME(gyee): there are two scenarios:
#
# 1. user update password for himself
# 2. admin update password on behalf of the user. This is an unlikely
# scenario because that will require admin knowing the user's
# original password which is forbidden under most security
# policies.
#
# Of the two scenarios above, user either authenticate using its
# original password or an authentication token. For scenario #1,
# if user is authenticating with its original password (i.e. passing
# --os-password argument), we can just make use of it instead of using
# --original-password or prompting. For scenario #2, admin will need
# to specify --original-password option or this won't work because
# --os-password is the admin's own password. In the future if we stop
# supporting scenario #2 then we can just do this.
#
# current_password = (parsed_args.original_password or
# self.app.cloud.password)
#
current_password = parsed_args.original_password
if current_password is None:
current_password = utils.get_password(
self.app.stdin, prompt="Current Password:"******"New Password:")
identity_client.users.update_password(current_password, password)
def take_action(self, parsed_args):
identity_client = self.app.client_manager.identity
# FIXME(gyee): there are two scenarios:
#
# 1. user update password for himself
# 2. admin update password on behalf of the user. This is an unlikely
# scenario because that will require admin knowing the user's
# original password which is forbidden under most security
# policies.
#
# Of the two scenarios above, user either authenticate using its
# original password or an authentication token. For scenario #1,
# if user is authenticating with its original password (i.e. passing
# --os-password argument), we can just make use of it instead of using
# --original-password or prompting. For scenario #2, admin will need
# to specify --original-password option or this won't work because
# --os-password is the admin's own password. In the future if we stop
# supporting scenario #2 then we can just do this.
#
# current_password = (parsed_args.original_password or
# self.app.cloud.password)
#
current_password = parsed_args.original_password
if current_password is None:
current_password = utils.get_password(self.app.stdin,
prompt="Current Password:"******"New Password:")
identity_client.users.update_password(current_password, password)
def take_action(self, parsed_args):
identity_client = self.app.client_manager.identity
current_password = utils.get_password(
self.app.stdin, prompt="Current Password:"******"New Password:")
identity_client.users.update_password(current_password, password)
def take_action(self, parsed_args):
identity_client = self.app.client_manager.identity
current_password = utils.get_password(self.app.stdin,
prompt="Current Password:"******"New Password:")
identity_client.users.update_password(current_password, password)
def test_get_password_bad_once(self):
answers = [PASSWORD, WASSPORD, DROWSSAP, DROWSSAP]
with mock.patch("getpass.getpass", side_effect=answers):
mock_stdin = mock.Mock()
mock_stdin.isatty = mock.Mock()
mock_stdin.isatty.return_value = True
self.assertEqual(utils.get_password(mock_stdin), DROWSSAP)
def take_action(self, parsed_args):
self.log.debug('take_action(%s)' % parsed_args)
identity_client = self.app.client_manager.identity
if parsed_args.project:
project_id = utils.find_resource(
identity_client.tenants,
parsed_args.project,
).id
else:
project_id = None
enabled = True
if parsed_args.disable:
enabled = False
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
user = identity_client.users.create(
parsed_args.name,
parsed_args.password,
parsed_args.email,
tenant_id=project_id,
enabled=enabled,
)
# NOTE(dtroyer): The users.create() method wants 'tenant_id' but
# the returned resource has 'tenantId'. Sigh.
# We're using project_id now inside OSC so there.
user._info.update(
{'project_id': user._info.pop('tenantId')}
)
info = {}
info.update(user._info)
return zip(*sorted(six.iteritems(info)))
def take_action(self, parsed_args):
self.log.debug("take_action(%s)" % parsed_args)
identity_client = self.app.client_manager.identity
if parsed_args.project:
project_id = utils.find_resource(identity_client.tenants, parsed_args.project).id
else:
project_id = None
enabled = True
if parsed_args.disable:
enabled = False
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
user = identity_client.users.create(
parsed_args.name, parsed_args.password, parsed_args.email, tenant_id=project_id, enabled=enabled
)
# NOTE(dtroyer): The users.create() method wants 'tenant_id' but
# the returned resource has 'tenantId'. Sigh.
# We're using project_id now inside OSC so there.
user._info.update({"project_id": user._info.pop("tenantId")})
info = {}
info.update(user._info)
return zip(*sorted(six.iteritems(info)))
def test_get_password_bad_once(self):
answers = [PASSWORD, WASSPORD, DROWSSAP, DROWSSAP]
with mock.patch("getpass.getpass", side_effect=answers):
mock_stdin = mock.Mock()
mock_stdin.isatty = mock.Mock()
mock_stdin.isatty.return_value = True
self.assertEqual(utils.get_password(mock_stdin), DROWSSAP)
def take_action(self, parsed_args):
self.log.debug('take_action(%s)', parsed_args)
identity_client = self.app.client_manager.identity
if parsed_args.project:
project_id = utils.find_resource(
identity_client.projects,
parsed_args.project,
).id
else:
project_id = None
if parsed_args.domain:
domain_id = common.find_domain(identity_client,
parsed_args.domain).id
else:
domain_id = None
enabled = True
if parsed_args.disable:
enabled = False
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
user = identity_client.users.create(
name=parsed_args.name,
domain=domain_id,
default_project=project_id,
password=parsed_args.password,
email=parsed_args.email,
description=parsed_args.description,
enabled=enabled)
user._info.pop('links')
return zip(*sorted(six.iteritems(user._info)))
def take_action(self, parsed_args):
self.log.debug("take_action(%s)" % parsed_args)
client = self.app.client_manager.data_processing
if parsed_args.json:
blob = osc_utils.read_blob_file_contents(parsed_args.json)
try:
template = jsonutils.loads(blob)
except ValueError as e:
raise exceptions.CommandError('An error occurred when reading '
'template from file %s: %s' %
(parsed_args.json, e))
data = client.job_binaries.create(**template).to_dict()
else:
if parsed_args.data:
data = open(parsed_args.data).read()
jbi_id = client.job_binary_internals.create(
parsed_args.name, data).id
parsed_args.url = 'internal-db://' + jbi_id
if parsed_args.password_prompt:
parsed_args.password = osc_utils.get_password(self.app.stdin,
confirm=False)
if parsed_args.password and not parsed_args.username:
raise exceptions.CommandError(
'Username via --username should be provided with password')
if parsed_args.username and not parsed_args.password:
raise exceptions.CommandError(
'Password should be provided via --password or entered '
'interactively with --password-prompt')
if parsed_args.password and parsed_args.username:
extra = {
'user': parsed_args.username,
'password': parsed_args.password
}
else:
extra = None
data = client.job_binaries.create(
name=parsed_args.name,
url=parsed_args.url,
description=parsed_args.description,
extra=extra,
is_public=parsed_args.public,
is_protected=parsed_args.protected).to_dict()
data = utils.prepare_data(data, JOB_BINARY_FIELDS)
return self.dict2columns(data)
def take_action(self, parsed_args):
self.log.debug("take_action(%s)" % parsed_args)
client = self.app.client_manager.data_processing
if parsed_args.json:
blob = osc_utils.read_blob_file_contents(parsed_args.json)
try:
template = jsonutils.loads(blob)
except ValueError as e:
raise exceptions.CommandError(
'An error occurred when reading '
'template from file %s: %s' % (parsed_args.json, e))
data = client.job_binaries.create(**template).to_dict()
else:
if parsed_args.data:
data = open(parsed_args.data).read()
jbi_id = client.job_binary_internals.create(
parsed_args.name, data).id
parsed_args.url = 'internal-db://' + jbi_id
if parsed_args.password_prompt:
parsed_args.password = osc_utils.get_password(
self.app.stdin, confirm=False)
if parsed_args.password and not parsed_args.username:
raise exceptions.CommandError(
'Username via --username should be provided with password')
if parsed_args.username and not parsed_args.password:
raise exceptions.CommandError(
'Password should be provided via --password or entered '
'interactively with --password-prompt')
if parsed_args.password and parsed_args.username:
extra = {
'user': parsed_args.username,
'password': parsed_args.password
}
else:
extra = None
data = client.job_binaries.create(
name=parsed_args.name, url=parsed_args.url,
description=parsed_args.description, extra=extra,
is_public=parsed_args.public,
is_protected=parsed_args.protected).to_dict()
data = utils.prepare_data(data, JOB_BINARY_FIELDS)
return self.dict2columns(data)
def take_action(self, parsed_args):
self.log.debug('take_action(%s)', parsed_args)
identity_client = self.app.client_manager.identity
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
if (not parsed_args.name
and not parsed_args.name
and not parsed_args.password
and not parsed_args.email
and not parsed_args.project
and not parsed_args.enable
and not parsed_args.disable):
return
user = utils.find_resource(
identity_client.users,
parsed_args.user,
)
if parsed_args.password:
identity_client.users.update_password(
user.id,
parsed_args.password,
)
if parsed_args.project:
project = utils.find_resource(
identity_client.tenants,
parsed_args.project,
)
identity_client.users.update_tenant(
user.id,
project.id,
)
kwargs = {}
if parsed_args.name:
kwargs['name'] = parsed_args.name
if parsed_args.email:
kwargs['email'] = parsed_args.email
kwargs['enabled'] = user.enabled
if parsed_args.enable:
kwargs['enabled'] = True
if parsed_args.disable:
kwargs['enabled'] = False
identity_client.users.update(user.id, **kwargs)
return
def take_action(self, parsed_args):
self.log.debug('take_action(%s)' % parsed_args)
identity_client = self.app.client_manager.identity
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
if (not parsed_args.name
and not parsed_args.name
and not parsed_args.password
and not parsed_args.email
and not parsed_args.project
and not parsed_args.enable
and not parsed_args.disable):
return
user = utils.find_resource(
identity_client.users,
parsed_args.user,
)
if parsed_args.password:
identity_client.users.update_password(
user.id,
parsed_args.password,
)
if parsed_args.project:
project = utils.find_resource(
identity_client.tenants,
parsed_args.project,
)
identity_client.users.update_tenant(
user.id,
project.id,
)
kwargs = {}
if parsed_args.name:
kwargs['name'] = parsed_args.name
if parsed_args.email:
kwargs['email'] = parsed_args.email
kwargs['enabled'] = user.enabled
if parsed_args.enable:
kwargs['enabled'] = True
if parsed_args.disable:
kwargs['enabled'] = False
identity_client.users.update(user.id, **kwargs)
return
def take_action(self, parsed_args):
self.log.debug('take_action(%s)', parsed_args)
identity_client = self.app.client_manager.identity
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
if (not parsed_args.name
and not parsed_args.name
and not parsed_args.password
and not parsed_args.email
and not parsed_args.domain
and not parsed_args.project
and not parsed_args.description
and not parsed_args.enable
and not parsed_args.disable):
return
user = utils.find_resource(
identity_client.users,
parsed_args.user,
)
kwargs = {}
if parsed_args.name:
kwargs['name'] = parsed_args.name
if parsed_args.email:
kwargs['email'] = parsed_args.email
if parsed_args.password:
kwargs['password'] = parsed_args.password
if parsed_args.description:
kwargs['description'] = parsed_args.description
if parsed_args.project:
project_id = utils.find_resource(
identity_client.projects, parsed_args.project).id
kwargs['projectId'] = project_id
if parsed_args.domain:
domain_id = utils.find_resource(
identity_client.domains, parsed_args.domain).id
kwargs['domainId'] = domain_id
kwargs['enabled'] = user.enabled
if parsed_args.enable:
kwargs['enabled'] = True
if parsed_args.disable:
kwargs['enabled'] = False
identity_client.users.update(user.id, **kwargs)
return
def take_action(self, parsed_args):
self.log.debug('take_action(%s)' % parsed_args)
identity_client = self.app.client_manager.identity
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
if (not parsed_args.name
and not parsed_args.name
and not parsed_args.password
and not parsed_args.email
and not parsed_args.domain
and not parsed_args.project
and not parsed_args.description
and not parsed_args.enable
and not parsed_args.disable):
return
user = utils.find_resource(
identity_client.users,
parsed_args.user,
)
kwargs = {}
if parsed_args.name:
kwargs['name'] = parsed_args.name
if parsed_args.email:
kwargs['email'] = parsed_args.email
if parsed_args.password:
kwargs['password'] = parsed_args.password
if parsed_args.description:
kwargs['description'] = parsed_args.description
if parsed_args.project:
project_id = utils.find_resource(
identity_client.projects, parsed_args.project).id
kwargs['projectId'] = project_id
if parsed_args.domain:
domain_id = utils.find_resource(
identity_client.domains, parsed_args.domain).id
kwargs['domainId'] = domain_id
kwargs['enabled'] = user.enabled
if parsed_args.enable:
kwargs['enabled'] = True
if parsed_args.disable:
kwargs['enabled'] = False
identity_client.users.update(user.id, **kwargs)
return
def take_action(self, parsed_args):
self.log.debug('take_action(%s)', parsed_args)
identity_client = self.app.client_manager.identity
if parsed_args.project:
project_id = utils.find_resource(
identity_client.tenants,
parsed_args.project,
).id
else:
project_id = None
enabled = True
if parsed_args.disable:
enabled = False
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
try:
user = identity_client.users.create(
parsed_args.name,
parsed_args.password,
parsed_args.email,
tenant_id=project_id,
enabled=enabled,
)
except ksc_exc.Conflict as e:
if parsed_args.or_show:
user = utils.find_resource(
identity_client.users,
parsed_args.name,
)
self.log.info('Returning existing user %s', user.name)
else:
raise e
# NOTE(dtroyer): The users.create() method wants 'tenant_id' but
# the returned resource has 'tenantId'. Sigh.
# We're using project_id now inside OSC so there.
if 'tenantId' in user._info:
user._info.update(
{'project_id': user._info.pop('tenantId')}
)
info = {}
info.update(user._info)
return zip(*sorted(six.iteritems(info)))
def take_action(self, parsed_args):
identity_client = self.app.client_manager.identity
if parsed_args.project:
project_id = utils.find_resource(
identity_client.tenants,
parsed_args.project,
).id
else:
project_id = None
enabled = True
if parsed_args.disable:
enabled = False
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
try:
user = identity_client.users.create(
parsed_args.name,
parsed_args.password,
parsed_args.email,
tenant_id=project_id,
enabled=enabled,
)
except ksc_exc.Conflict as e:
if parsed_args.or_show:
user = utils.find_resource(
identity_client.users,
parsed_args.name,
)
self.log.info('Returning existing user %s', user.name)
else:
raise e
# NOTE(dtroyer): The users.create() method wants 'tenant_id' but
# the returned resource has 'tenantId'. Sigh.
# We're using project_id now inside OSC so there.
if 'tenantId' in user._info:
user._info.update(
{'project_id': user._info.pop('tenantId')}
)
info = {}
info.update(user._info)
return zip(*sorted(six.iteritems(info)))
def take_action(self, parsed_args):
self.log.debug('take_action(%s)', parsed_args)
identity_client = self.app.client_manager.identity
if parsed_args.project:
project_id = utils.find_resource(
identity_client.projects,
parsed_args.project,
).id
else:
project_id = None
if parsed_args.domain:
domain_id = common.find_domain(identity_client,
parsed_args.domain).id
else:
domain_id = None
enabled = True
if parsed_args.disable:
enabled = False
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
try:
user = identity_client.users.create(
name=parsed_args.name,
domain=domain_id,
default_project=project_id,
password=parsed_args.password,
email=parsed_args.email,
description=parsed_args.description,
enabled=enabled
)
except ksc_exc.Conflict as e:
if parsed_args.or_show:
user = utils.find_resource(identity_client.users,
parsed_args.name,
domain_id=domain_id)
self.log.info('Returning existing user %s', user.name)
else:
raise e
user._info.pop('links')
return zip(*sorted(six.iteritems(user._info)))
def take_action(self, parsed_args):
identity_client = self.app.client_manager.identity
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
if (not parsed_args.name
and not parsed_args.name
and not parsed_args.password
and not parsed_args.email
and not parsed_args.project
and not parsed_args.description
and not parsed_args.enable
and not parsed_args.disable):
sys.stderr.write("Incorrect set of arguments "
"provided. See openstack --help for more "
"details\n")
return
user = utils.find_resource(
identity_client.users,
parsed_args.user,
)
kwargs = {}
if parsed_args.name:
kwargs['name'] = parsed_args.name
if parsed_args.email:
kwargs['email'] = parsed_args.email
if parsed_args.password:
kwargs['password'] = parsed_args.password
if parsed_args.description:
kwargs['description'] = parsed_args.description
if parsed_args.project:
project_id = common.find_project(identity_client,
parsed_args.project,
parsed_args.project_domain).id
kwargs['default_project'] = project_id
kwargs['enabled'] = user.enabled
if parsed_args.enable:
kwargs['enabled'] = True
if parsed_args.disable:
kwargs['enabled'] = False
identity_client.users.update(user.id, **kwargs)
def take_action(self, parsed_args):
self.log.debug('take_action(%s)', parsed_args)
identity_client = self.app.client_manager.identity
project_id = None
if parsed_args.project:
project_id = utils.find_resource(
identity_client.projects,
parsed_args.project,
).id
domain_id = None
if parsed_args.domain:
domain_id = common.find_domain(identity_client,
parsed_args.domain).id
enabled = True
if parsed_args.disable:
enabled = False
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
try:
user = identity_client.users.create(
name=parsed_args.name,
domain=domain_id,
default_project=project_id,
password=parsed_args.password,
email=parsed_args.email,
description=parsed_args.description,
enabled=enabled
)
except ksc_exc.Conflict as e:
if parsed_args.or_show:
user = utils.find_resource(identity_client.users,
parsed_args.name,
domain_id=domain_id)
self.log.info('Returning existing user %s', user.name)
else:
raise e
user._info.pop('links')
return zip(*sorted(six.iteritems(user._info)))
def take_action(self, parsed_args):
identity_client = self.app.client_manager.identity
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
if (not parsed_args.name
and not parsed_args.name
and not parsed_args.password
and not parsed_args.email
and not parsed_args.project
and not parsed_args.description
and not parsed_args.enable
and not parsed_args.disable):
sys.stderr.write(_("Incorrect set of arguments provided. "
"See openstack --help for more details\n"))
return
user = utils.find_resource(
identity_client.users,
parsed_args.user,
)
kwargs = {}
if parsed_args.name:
kwargs['name'] = parsed_args.name
if parsed_args.email:
kwargs['email'] = parsed_args.email
if parsed_args.password:
kwargs['password'] = parsed_args.password
if parsed_args.description:
kwargs['description'] = parsed_args.description
if parsed_args.project:
project_id = common.find_project(identity_client,
parsed_args.project,
parsed_args.project_domain).id
kwargs['default_project'] = project_id
kwargs['enabled'] = user.enabled
if parsed_args.enable:
kwargs['enabled'] = True
if parsed_args.disable:
kwargs['enabled'] = False
identity_client.users.update(user.id, **kwargs)
def take_action(self, parsed_args):
self.log.debug("take_action(%s)" % parsed_args)
client = self.app.client_manager.data_processing
jb_id = utils.get_resource_id(client.job_binaries,
parsed_args.job_binary)
if parsed_args.json:
blob = osc_utils.read_blob_file_contents(parsed_args.json)
try:
template = jsonutils.loads(blob)
except ValueError as e:
raise exceptions.CommandError('An error occurred when reading '
'template from file %s: %s' %
(parsed_args.json, e))
data = client.job_binaries.update(jb_id, template).to_dict()
else:
if parsed_args.password_prompt:
parsed_args.password = osc_utils.get_password(self.app.stdin,
confirm=False)
extra = {}
if parsed_args.password:
extra['password'] = parsed_args.password
if parsed_args.username:
extra['user'] = parsed_args.username
if not extra:
extra = None
update_fields = utils.create_dict_from_kwargs(
name=parsed_args.name,
url=parsed_args.url,
description=parsed_args.description,
extra=extra,
is_public=parsed_args.is_public,
is_protected=parsed_args.is_protected)
data = client.job_binaries.update(jb_id, update_fields).to_dict()
data = utils.prepare_data(data, JOB_BINARY_FIELDS)
return self.dict2columns(data)
def take_action(self, parsed_args):
self.log.debug("take_action(%s)" % parsed_args)
client = self.app.client_manager.data_processing
jb_id = utils.get_resource_id(
client.job_binaries, parsed_args.job_binary)
if parsed_args.json:
blob = osc_utils.read_blob_file_contents(parsed_args.json)
try:
template = jsonutils.loads(blob)
except ValueError as e:
raise exceptions.CommandError(
'An error occurred when reading '
'template from file %s: %s' % (parsed_args.json, e))
data = client.job_binaries.update(jb_id, template).to_dict()
else:
if parsed_args.password_prompt:
parsed_args.password = osc_utils.get_password(
self.app.stdin, confirm=False)
extra = {}
if parsed_args.password:
extra['password'] = parsed_args.password
if parsed_args.username:
extra['user'] = parsed_args.username
if not extra:
extra = None
update_fields = utils.create_dict_from_kwargs(
name=parsed_args.name, url=parsed_args.url,
description=parsed_args.description,
extra=extra, is_public=parsed_args.is_public,
is_protected=parsed_args.is_protected
)
data = client.job_binaries.update(
jb_id, update_fields).to_dict()
data = utils.prepare_data(data, JOB_BINARY_FIELDS)
return self.dict2columns(data)
def take_action(self, parsed_args):
self.log.debug('take_action(%s)' % parsed_args)
identity_client = self.app.client_manager.identity
if parsed_args.project:
project_id = utils.find_resource(
identity_client.projects,
parsed_args.project,
).id
else:
project_id = None
if parsed_args.domain:
domain_id = utils.find_resource(
identity_client.domains, parsed_args.domain).id
else:
domain_id = None
enabled = True
if parsed_args.disable:
enabled = False
if parsed_args.password_prompt:
parsed_args.password = utils.get_password(self.app.stdin)
user = identity_client.users.create(
parsed_args.name,
domain=domain_id,
default_project=project_id,
password=parsed_args.password,
email=parsed_args.email,
description=parsed_args.description,
enabled=enabled
)
info = {}
info.update(user._info)
return zip(*sorted(six.iteritems(info)))
def test_get_password_good(self):
with mock.patch("getpass.getpass", return_value=PASSWORD):
mock_stdin = mock.Mock()
mock_stdin.isatty = mock.Mock()
mock_stdin.isatty.return_value = True
self.assertEqual(utils.get_password(mock_stdin), PASSWORD)
def test_get_password_good(self):
with mock.patch("getpass.getpass", return_value=PASSWORD):
mock_stdin = mock.Mock()
mock_stdin.isatty = mock.Mock()
mock_stdin.isatty.return_value = True
self.assertEqual(utils.get_password(mock_stdin), PASSWORD)
