Ejemplo n.º 1
0
def add_user_role(keystone_user, role, user_tenant_id):

    LOG.info("ddddddddd")
    datacenter = DataCenter.get_default()
    rc = create_rc_by_dc(datacenter)
    LOG.info("********* keystone_user is *********" + str(keystone_user))
    LOG.info("********* role is *********" + str(role))
    LOG.info("********* user_tenant_id is *********" + str(user_tenant_id))
    # get user_id
    users = keystone.user_list(rc, project=user_tenant_id)
    LOG.info("******* users are ******" + str(users))
    user_id = None
    for u in users:
        if u.username == keystone_user:
            user_id = u.id
    LOG.info("****** user_id is *********" + str(user_id))

    role_id = None
    roles = keystone.role_list(rc)
    for r in roles:
        if r.name == role:
            role_id = r.id
    LOG.info("******** role_id is ********" + str(role_id))
    try:
        keystone.add_tenant_user_role(rc,
                                      project=user_tenant_id,
                                      user=user_id,
                                      role=role_id)
    except:
        pass
    return False
Ejemplo n.º 2
0
def add_user_role(keystone_user, role, user_tenant_id):

    LOG.info("ddddddddd")
    datacenter = DataCenter.get_default()
    rc = create_rc_by_dc(datacenter)
    LOG.info("********* keystone_user is *********" + str(keystone_user))
    LOG.info("********* role is *********" + str(role))
    LOG.info("********* user_tenant_id is *********" + str(user_tenant_id))
    # get user_id
    users = keystone.user_list(rc, project=user_tenant_id)
    LOG.info("******* users are ******" + str(users))
    user_id = None
    for u in users:
        if u.username == keystone_user:
            user_id = u.id
    LOG.info("****** user_id is *********" + str(user_id))

    role_id = None
    roles = keystone.role_list(rc)
    for r in roles:
        if r.name == role:
            role_id = r.id
    LOG.info("******** role_id is ********" + str(role_id))
    try:
        keystone.add_tenant_user_role(rc, project=user_tenant_id, user=user_id,
                                      role=role_id)
    except:
        pass
    return False
Ejemplo n.º 3
0
def add_user_tenants(request, tenant_id, ID):

    datacenter = DataCenter.get_default()
    rc = create_rc_by_dc(datacenter)
    roles = keystone.role_list(rc)
    LOG.info("------------------roles are----------------" + str(roles))
    #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0]

    # Grant basic role to user
    roles_id = []
    for role in roles:
        if role.name in ['SwiftOperator', '_member_', 'heat_stack_owner']:
            roles_id.append(role)

    #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0]
    #LOG.info("------------------ member role is ----------------" + str(member_role.id))
    #LOG.info("------------------ user id is ----------------" + str(u.id))

    for role in roles_id:

        try:
            keystone.add_tenant_user_role(rc,
                                          project=tenant_id,
                                          user=ID,
                                          role=role.id)
        except:
            pass
    return True
Ejemplo n.º 4
0
def link_user_to_dc_task(user, datacenter, **kwargs):
    LOG.info("New user: Start action [%s]" % user.username)
    rc = create_rc_by_dc(datacenter)
    tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id)
    try:
        keystone_user = "******" % (settings.OS_NAME_PREFIX,
                                    user.id, user.username.split('@')[0])
    except:
        keystone_user = "******" % (settings.OS_NAME_PREFIX,
                                        user.id)
    pwd = "cloud!@#%s" % random.randrange(100000, 999999)
    t = keystone.tenant_create(rc,
                               name=tenant_name,
                               description=user.username)
    LOG.info("New user: create tanant [%s][tid:%s]" % (user.username, t.id))
    u = keystone.user_create(rc,
                            name=keystone_user,
                            email=user.email,
                            password=pwd,
                            project=t.id)

    LOG.info("New user: create user [%s][uid:%s]" % (user.username, u.id))
    roles = keystone.role_list(rc)
    admin_role = filter(lambda r: r.name.lower() == "admin", roles)[0]
    keystone.add_tenant_user_role(rc, project=t.id, user=u.id, role=admin_role.id)
    LOG.info("New user: add role [%s][role:%s]" % (user.username, admin_role.id))
   
    udc = UserDataCenter.objects.create(
        data_center = datacenter,
        user = user,
        tenant_name = tenant_name,
        tenant_uuid = t.id,
        keystone_user = keystone_user,
        keystone_password = pwd,
    )  
    LOG.info("New user: link to datacenter [%s][udc:%s]" % (user.username, udc.id))
    
    try:
        edit_default_security_group(user, udc)
    except Exception as ex:
        LOG.exception(ex)

    try:
        Contract.objects.create(
            user = user,
            udc = udc,
            name = user.username,
            customer = user.username,
            start_date = datetime.datetime.now(),
            end_date = datetime.datetime.now(),
            deleted = False
        )
    except Exception as ex:
        LOG.exception(ex)
    return u
Ejemplo n.º 5
0
def user_create(t):
    u = keystone.user_create(None, name="zhangh",
                            email="*****@*****.**",
                            password="******",
                            project=t.id)

    roles = keystone.role_list(None)
    admin_role = filter(lambda r: r.name.lower() == "admin", roles)[0]
    keystone.add_tenant_user_role(None, project=t.id, user=u.id, role=admin_role.id)
    print u
    return u
Ejemplo n.º 6
0
def user_create(t):
    u = keystone.user_create(None, name="zhangh",
                            email="*****@*****.**",
                            password="******",
                            project=t.id)

    roles = keystone.role_list(None)
    admin_role = filter(lambda r: r.name.lower() == "admin", roles)[0]
    keystone.add_tenant_user_role(None, project=t.id, user=u.id, role=admin_role.id)
    print u
    return u
Ejemplo n.º 7
0
def role_delete(request, role_name):


    LOG.info("************* start to create a new role in keystone ***************")
    rc = create_rc_by_dc(DataCenter.objects.all()[0])
    LOG.info("************* rc is ***************" + str(rc))

    roles = keystone.role_list(rc)
    role_id = None
    for role_ in roles:
        if role_name == role_.name:
            role_id = role_.id
    try:
        role = keystone.role_delete(rc, role_id)
    except:
        return False
    return True
Ejemplo n.º 8
0
def role_delete(request, role_name):

    LOG.info(
        "************* start to create a new role in keystone ***************")
    rc = create_rc_by_dc(DataCenter.objects.all()[0])
    LOG.info("************* rc is ***************" + str(rc))

    roles = keystone.role_list(rc)
    role_id = None
    for role_ in roles:
        if role_name == role_.name:
            role_id = role_.id
    try:
        role = keystone.role_delete(rc, role_id)
    except:
        return False
    return True
Ejemplo n.º 9
0
def role_list():
    roles = keystone.role_list(None)
    print roles
Ejemplo n.º 10
0
def link_user_to_dc_task(user, datacenter):
    LOG.info("New user: Start action [%s]" % user.username)
    registered_udc = UserDataCenter.objects.filter(user=user,
                                data_center=datacenter)
    if len(registered_udc) > 0:
        LOG.info("New user: has registere to datacenter [%s][%s]" % (
                                user.username, datacenter.name))
        return True

    rc = create_rc_by_dc(datacenter)
    tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id)
    try:
        keystone_user = "******" % (settings.OS_NAME_PREFIX,
                                        user.id, user.username.split('@')[0])
    except:
        keystone_user = "******" % (settings.OS_NAME_PREFIX,
                                          user.id)
    pwd = "cloud!@#%s" % random.randrange(100000, 999999)
    t = keystone.tenant_create(rc,
                               name=tenant_name,
                               description=user.username)
    LOG.info("New user: create tanant [%s][tid:%s]" % (user.username, t.id))
    u = keystone.user_create(rc,
                             name=keystone_user,
                             email=user.email,
                             password=pwd,
                             project=t.id)

    LOG.info("New user: create user [%s][uid:%s]" % (user.username, u.id))
    roles = keystone.role_list(rc)
    admin_role = filter(lambda r: r.name.lower() == "admin", roles)[0]
    keystone.add_tenant_user_role(rc, project=t.id, user=u.id,
                                  role=admin_role.id)
    LOG.info(
        "New user: add role [%s][role:%s]" % (user.username, admin_role.id))

    udc = UserDataCenter.objects.create(
        data_center=datacenter,
        user=user,
        tenant_name=tenant_name,
        tenant_uuid=t.id,
        keystone_user=keystone_user,
        keystone_password=pwd,
    )
    LOG.info(
        "New user: link to datacenter [%s][udc:%s]" % (user.username, udc.id))

    try:
        edit_default_security_group(user, udc)
    except Exception as ex:
        LOG.exception(ex)

    try:
        Contract.objects.create(
            user=user,
            udc=udc,
            name=user.username,
            customer=user.username,
            start_date=datetime.datetime.now(),
            end_date=datetime.datetime.now(),
            deleted=False
        )
    except Exception as ex:
        LOG.exception(ex)
    return u
Ejemplo n.º 11
0
def link_user_to_dc_task(user, datacenter):

    if UserDataCenter.objects.filter(
            user=user, data_center=datacenter).exists():
        LOG.info("User[%s] has already registered to data center [%s]",
                 user.username, datacenter.name)
        return True

    rc = create_rc_by_dc(datacenter)
    tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id)

    keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id,
                                    user.username)

    LOG.info("Begin to register user [%s] in data center [%s]",
             user.username, datacenter.name)

    t = keystone.tenant_create(rc, name=tenant_name,
                               description=user.username)
    LOG.info("User[%s] is registered as tenant[id:%s][name:%s] in "
             "data center [%s]", user.username, t.id, tenant_name,
             datacenter.name)

    pwd = "cloud!@#%s" % random.randrange(100000, 999999)
    u = keystone.user_create(rc, name=keystone_user, email=user.email,
                             password=pwd, project=t.id)

    LOG.info("User[%s] is registered as keystone user[uid:%s] in "
             "data center[%s]", user.username, u.id, datacenter.name)

    roles = keystone.role_list(rc)
    admin_role = filter(lambda r: r.name.lower() == "admin", roles)[0]
    keystone.add_tenant_user_role(rc, project=t.id, user=u.id,
                                  role=admin_role.id)
    LOG.info("Admin role[%s] in tenant[%s] is granted to user[%s]",
             admin_role.id, t.id, user.username)

    udc = UserDataCenter.objects.create(
        data_center=datacenter,
        user=user,
        tenant_name=tenant_name,
        tenant_uuid=t.id,
        keystone_user=keystone_user,
        keystone_password=pwd,
    )

    LOG.info("Register user[%s] to datacenter [udc:%s] successfully",
             user.username, udc.id)
    try:
        edit_default_security_group(user, udc)
    except:
        LOG.exception("Failed to edit default security group for user[%s] in "
                      "data center[%s]", user.username, datacenter.name)

    Contract.objects.create(
        user=user,
        udc=udc,
        name=user.username,
        customer=user.username,
        start_date=datetime.datetime.now(),
        end_date=datetime.datetime.now(),
        deleted=False
    )

    return u
Ejemplo n.º 12
0
def link_user_to_dc_task(user, datacenter):

    LOG.info("start to execute link_user_to_dc_task")

    if UserDataCenter.objects.filter(user=user,
                                     data_center=datacenter).exists():
        LOG.info("User[%s] has already registered to data center [%s]",
                 user.username, datacenter.name)
        return True

    LOG.info("2")
    rc = create_rc_by_dc(datacenter)
    LOG.info("1")
    tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id)

    keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id,
                                    user.username)

    LOG.info("Begin to register user [%s] in data center [%s]", user.username,
             datacenter.name)

    t = keystone.tenant_create(rc, name=tenant_name, description=user.username)
    LOG.info(
        "User[%s] is registered as tenant[id:%s][name:%s] in "
        "data center [%s]", user.username, t.id, tenant_name, datacenter.name)

    pwd = "cloud!@#%s" % random.randrange(100000, 999999)
    u = keystone.user_create(rc,
                             name=keystone_user,
                             email=user.email,
                             password=pwd,
                             project=t.id)

    LOG.info(
        "User[%s] is registered as keystone user[uid:%s] in "
        "data center[%s]", user.username, u.id, datacenter.name)

    roles = keystone.role_list(rc)
    admin_role = filter(lambda r: r.name.lower() == "admin", roles)[0]
    keystone.add_tenant_user_role(rc,
                                  project=t.id,
                                  user=u.id,
                                  role=admin_role.id)
    LOG.info("Admin role[%s] in tenant[%s] is granted to user[%s]",
             admin_role.id, t.id, user.username)

    udc = UserDataCenter.objects.create(
        data_center=datacenter,
        user=user,
        tenant_name=tenant_name,
        tenant_uuid=t.id,
        keystone_user=keystone_user,
        keystone_password=pwd,
    )

    LOG.info("Register user[%s] to datacenter [udc:%s] successfully",
             user.username, udc.id)
    try:
        edit_default_security_group(user, udc)
    except:
        LOG.exception(
            "Failed to edit default security group for user[%s] in "
            "data center[%s]", user.username, datacenter.name)

    Contract.objects.create(user=user,
                            udc=udc,
                            name=user.username,
                            customer=user.username,
                            start_date=datetime.datetime.now(),
                            end_date=datetime.datetime.now(),
                            deleted=False)

    return u
Ejemplo n.º 13
0
def link_user_to_dc_task(user, datacenter, tenant_id, password):

    LOG.info("---------start to execute link_user_to_dc_task-----------")

    LOG.info("----------username is-------------" + str(user.username))


    if UserDataCenter.objects.filter(
            user=user, data_center=datacenter).exists():
        LOG.info("User[%s] has already registered to data center [%s]",
                 user.username, datacenter.name)
        return True

    LOG.info("-----------datacenter is-----------------" + str(datacenter))

    #create rc for auth.
    rc = create_rc_by_dc(datacenter)
    LOG.info("---------------rc is------------" + str(rc))

    #Now we do not let user to create a new tenant.
    """
    tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id)

    keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id,
                                    user.username)

    LOG.info("Begin to register user [%s] in data center [%s]",
             user.username, datacenter.name)

    t = keystone.tenant_create(rc, name=tenant_name,
                               description=user.username)
    LOG.info("User[%s] is registered as tenant[id:%s][name:%s] in "
             "data center [%s]", user.username, t.id, tenant_name,
             datacenter.name)
    """
    tenant_ = keystone.tenant_get(rc, tenant_id)
    tenant_name = tenant_.name 
    LOG.info("************ tenant_name is ************" + str(tenant_name))
    #keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id,
    #                                user.username)

    keystone_user = user.username 
    #pwd = "cloud!@#%s" % random.randrange(100000, 999999)
    pwd = password
    
    #hard coded tenant id and name for test.
    project_id = tenant_id 

    u = keystone.user_create(rc, name=keystone_user, email=user.email,
                             password=pwd, project=project_id)

    LOG.info("User[%s] is registered as keystone user[uid:%s] in "
             "data center[%s]", user.username, u.id, datacenter.name)

    roles = keystone.role_list(rc)
    LOG.info("------------------roles are----------------" + str(roles))
    #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0]

    member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0]
    LOG.info("------------------ member role is ----------------" + str(member_role.id))
    LOG.info("------------------ user id is ----------------" + str(u.id))


    try:
        keystone.add_tenant_user_role(rc, project=project_id, user=u.id,
                                      role=member_role.id)
    except:
        pass

    udc = UserDataCenter.objects.create(
        data_center=datacenter,
        user=user,
        tenant_name=tenant_name,
        tenant_uuid=project_id,
        keystone_user=keystone_user,
        keystone_password=pwd,
    )

    LOG.info("Register user[%s] to datacenter [udc:%s] successfully",
             user.username, udc.id)


    #Add default security group
    try:
        edit_default_security_group(user, udc)
    except:
        LOG.exception("Failed to edit default security group for user[%s] in "
                      "data center[%s]", user.username, datacenter.name)

    Contract.objects.create(
        user=user,
        udc=udc,
        name=user.username,
        customer=user.username,
        start_date=datetime.datetime.now(),
        end_date=datetime.datetime.now(),
        deleted=False
    )

    return u
Ejemplo n.º 14
0
def link_user_to_dc_task(user, datacenter, tenant_id, password):

    LOG.info("---------start to execute link_user_to_dc_task-----------")

    LOG.info("----------username is-------------" + str(user.username))

    if UserDataCenter.objects.filter(user=user,
                                     data_center=datacenter).exists():
        LOG.info("User[%s] has already registered to data center [%s]",
                 user.username, datacenter.name)
        return True

    LOG.info("-----------datacenter is-----------------" + str(datacenter))

    #create rc for auth.
    rc = create_rc_by_dc(datacenter)
    LOG.info("---------------rc is------------" + str(rc))

    #Now we do not let user to create a new tenant.
    """
    tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id)

    keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id,
                                    user.username)

    LOG.info("Begin to register user [%s] in data center [%s]",
             user.username, datacenter.name)

    t = keystone.tenant_create(rc, name=tenant_name,
                               description=user.username)
    LOG.info("User[%s] is registered as tenant[id:%s][name:%s] in "
             "data center [%s]", user.username, t.id, tenant_name,
             datacenter.name)
    """
    tenant_ = keystone.tenant_get(rc, tenant_id)
    tenant_name = tenant_.name
    LOG.info("************ tenant_name is ************" + str(tenant_name))
    #keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id,
    #                                user.username)

    keystone_user = user.username
    #pwd = "cloud!@#%s" % random.randrange(100000, 999999)
    pwd = password

    #hard coded tenant id and name for test.
    project_id = tenant_id

    u = keystone.user_create(rc,
                             name=keystone_user,
                             email=user.email,
                             password=pwd,
                             project=project_id)

    user_uuid = u.id
    LOG.info(
        "User[%s] is registered as keystone user[uid:%s] in "
        "data center[%s]", user.username, u.id, datacenter.name)

    roles = keystone.role_list(rc)
    LOG.info("------------------roles are----------------" + str(roles))
    #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0]

    #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0]
    #LOG.info("------------------ member role is ----------------" + str(member_role.id))
    #LOG.info("------------------ user id is ----------------" + str(u.id))

    #try:
    #    keystone.add_tenant_user_role(rc, project=project_id, user=u.id,
    #                                  role=member_role.id)
    #except:
    #    pass

    # Grant basic role to user
    roles_id = []
    for role in roles:
        if role.name in ['SwiftOperator', '_member_', 'heat_stack_owner']:
            roles_id.append(role)

    #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0]
    #LOG.info("------------------ member role is ----------------" + str(member_role.id))
    #LOG.info("------------------ user id is ----------------" + str(u.id))

    for role in roles_id:

        try:
            keystone.add_tenant_user_role(rc,
                                          project=project_id,
                                          user=u.id,
                                          role=role.id)
        except:
            pass

    udc = UserDataCenter.objects.create(data_center=datacenter,
                                        user=user,
                                        tenant_name=tenant_name,
                                        tenant_uuid=project_id,
                                        keystone_user=keystone_user,
                                        keystone_password=pwd,
                                        keystone_user_id=user_uuid)

    LOG.info("Register user[%s] to datacenter [udc:%s] successfully",
             user.username, udc.id)

    #Add default security group
    try:
        edit_default_security_group(user, udc)
    except:
        LOG.exception(
            "Failed to edit default security group for user[%s] in "
            "data center[%s]", user.username, datacenter.name)

    Contract.objects.create(user=user,
                            udc=udc,
                            name=user.username,
                            customer=user.username,
                            start_date=datetime.datetime.now(),
                            end_date=datetime.datetime.now(),
                            deleted=False)

    return u
Ejemplo n.º 15
0
def role_list():
    roles = keystone.role_list(None)
    print roles