def update_actions(self, old_alarm=None): trustor_user_id = pecan.request.headers.get('X-User-Id') trustor_project_id = pecan.request.headers.get('X-Project-Id') roles = pecan.request.headers.get('X-Roles', '') if roles: roles = roles.split(',') else: roles = [] auth_plugin = pecan.request.environ.get('keystone.token_auth') if old_alarm: prev_trust_ids = set(old_alarm._get_existing_trust_ids()) else: prev_trust_ids = set() trust_id = prev_trust_ids.pop() if prev_trust_ids else None trust_id_used = False for actions in (self.ok_actions, self.alarm_actions, self.insufficient_data_actions): if actions is not None: for index, action in enumerate(actions[:]): url = netutils.urlsplit(action) if self._is_trust_url(url): if '@' in url.netloc: errmsg = _("trust URL cannot contain a trust ID.") raise base.ClientSideError(errmsg) if trust_id is None: # We have a trust action without a trust ID, # create it trust_id = keystone_client.create_trust_id( pecan.request.cfg, trustor_user_id, trustor_project_id, roles, auth_plugin) if trust_id_used: pw = '' else: pw = ':delete' trust_id_used = True netloc = '%s%s@%s' % (trust_id, pw, url.netloc) url = urlparse.SplitResult(url.scheme, netloc, url.path, url.query, url.fragment) actions[index] = url.geturl() if trust_id is not None and not trust_id_used: prev_trust_ids.add(trust_id) for old_trust_id in prev_trust_ids: keystone_client.delete_trust_id(pecan.request.cfg, old_trust_id, auth_plugin)
def delete_trust(self, action): auth_plugin = pecan.request.environ.get('keystone.token_auth') url = netutils.urlsplit(action) if self._is_trust_url(url) and url.password: keystone_client.delete_trust_id(url.username, auth_plugin)
def delete_actions(self): auth_plugin = pecan.request.environ.get('keystone.token_auth') for trust_id in self._get_existing_trust_ids(): keystone_client.delete_trust_id(trust_id, auth_plugin)
def delete_trust(self, action): auth_plugin = pecan.request.environ.get('keystone.token_auth') url = netutils.urlsplit(action) if self._is_trust_url(url) and url.password: keystone_client.delete_trust_id(pecan.request.cfg, url.username, auth_plugin)