def delete(self,
request,
provider_uuid,
identity_uuid,
group_name,
format=None):
"""
Unshare the identity.
"""
try:
identity = Identity.objects.get(uuid=identity_uuid)
except Identity.DoesNotExist:
return failure_response(status.HTTP_404_NOT_FOUND,
"Identity does not exist.")
if not identity.can_share(user):
logger.error("User %s cannot remove sharing from identity %s. "
"This incident will be reported" %
(user, identity_uuid))
return failure_response(
status.HTTP_401_UNAUTHORIZED,
"User %s cannot remove sharing from identity %s. "
"This incident will be reported" % (user, identity_uuid))
group = Group.objects.get(name=group_name)
id_member = identity.unshare(group)
serializer = IdentitySerializer(id_member.identity)
serialized_data = serializer.data
return Response(serialized_data)
def post(self, request, cloud_admin_uuid):
"""
Passes in:
Username (To apply the identity to)
Credentials (Nested, will be applied to new identity)
"""
user = request.user
data = request.data
try:
provider_uuid = data['provider']
provider = Provider.objects.get(
cloudadministrator__user=user, uuid=provider_uuid
)
except KeyError:
return Response(
"Missing 'provider' key, Expected UUID. Received no value.",
status=status.HTTP_409_conflict
)
except Exception:
return Response(
"Provider with UUID %s does not exist" % provider_uuid,
status=status.HTTP_409_conflict
)
driver = get_account_driver(provider)
missing_args = driver.clean_credentials(data)
if missing_args:
raise Exception(
"Cannot create account. Missing credentials: %s" % missing_args
)
identity = driver.create_account(**data)
serializer = IdentitySerializer(identity)
# TODO: Account creation SHOULD return IdentityMembership NOT identity.
return Response(serializer.data)
def get(self, request, provider_uuid, identity_uuid, format=None):
"""
Return the credential information for this identity
"""
# Sanity checks:
# User is authenticated
user = request.user
try:
# User is a member of a group ( TODO: loop through all instead)
group = user.group_set.get(name=user.username)
# NOTE: Provider_uuid no longer needed.
# Group has access to the identity on an active,
# currently-running provider
identity = group.identities.get(only_current_provider(),
provider__active=True,
uuid=identity_uuid)
# All other members of the identity are visible
id_members = CoreIdentityMembership.objects.filter(
identity__uuid=identity_uuid)
except ObjectDoesNotExist as odne:
return failure_response(
status.HTTP_404_NOT_FOUND,
'%s does not exist.' % odne.message.split()[0])
id_list = [id_member.identity for id_member in id_members[:1]]
serializer = IdentitySerializer(id_list, many=True)
serialized_data = serializer.data
return Response(serialized_data)
def get(self, request, provider_uuid, format=None):
"""
List of identities for the user on the selected provider.
"""
provider = get_provider(request.user, provider_uuid)
if not provider:
return invalid_provider(provider_uuid)
identities = get_identity_list(request.user, provider)
serialized_data = IdentitySerializer(identities, many=True).data
return Response(serialized_data)
def get(self, request, provider_uuid, identity_uuid, format=None):
"""
Authentication Required, Get details for a specific identity.
"""
provider = get_provider(request.user, provider_uuid)
identity = get_identity(request.user, identity_uuid)
if not provider or not identity:
return invalid_provider_identity(provider_uuid, identity_uuid)
serialized_data = IdentitySerializer(identity).data
logger.debug(type(serialized_data))
return Response(serialized_data)
def get(self, request, provider_uuid, identity_uuid, format=None):
"""
Return the identity membership matching this provider+identity
"""
try:
# All other members of the identity are visible
id_members = CoreIdentityMembership.objects.filter(
identity__uuid=identity_uuid)
except ObjectDoesNotExist as odne:
return failure_response(
status.HTTP_404_NOT_FOUND,
'%s does not exist.' % odne.message.split()[0])
id_list = [id_member.identity for id_member in id_members[:1]]
serializer = IdentitySerializer(id_list, many=True)
serialized_data = serializer.data
return Response(serialized_data)
def post(self, request, provider_uuid, identity_uuid, format=None):
"""
Create a new identity member (ADMINS & OWNERS GROUP LEADERS ONLY)
"""
user = request.user
data = request.data
try:
identity = Identity.objects.get(uuid=identity_uuid)
group_name = data['group']
group = Group.objects.get(name=group_name)
except ObjectDoesNotExist as odne:
return failure_response(
status.HTTP_404_NOT_FOUND,
'%s does not exist.' % odne.message.split()[0])
if not identity.can_share(user):
return failure_response(
status.HTTP_401_UNAUTHORIZED,
"User %s cannot remove sharing from identity %s. "
"This incident will be reported" % (user, identity_uuid))
id_member = identity.share(group)
serializer = IdentitySerializer(id_member.identity)
serialized_data = serializer.data
return Response(serialized_data)
