def get_data(self):
try:
# Add data to the context here...
if "Tenant Admin" not in self.request.session["user_roles"]:
refresh_session_policies(self.request, self.request.user)
obj = roledetail.objects(tenantid=self.request.user.tenantid.id)
roles = []
for role in obj:
action = []
access = ""
if role.policy == [] and role.access == []:
role_obj = RoleObj(id=role.id, name=role.name, roletype=role.roletype)
elif role.policy == [] and role.access:
for k in role.access:
access = access + "" + k + "," + "\n"
role_obj = RoleObj(
id=role.id, name=role.name, roletype=role.roletype, access=access[:-2].title()
)
else:
for i in role.policy:
cloud = tenantclouds.objects(id=i.cloudid.id).first()
action.append(cloud.name)
action = set(action)
action = list(action)
for k in role.access:
access = access + "" + k + "," + "\n"
role_obj = RoleObj(
role.id, role.name, role.roletype, ",\n".join(action).title(), access[:-2].title()
)
roles.append(role_obj)
except Exception, e:
messages.error(self.request, _(e.message))
LOG.error(e.message)
roles = []
def get_data(self):
# Add data to the context here...
if "Tenant Admin" not in self.request.session['user_roles']:
refresh_session_policies(self.request, self.request.user)
obj = User.objects(tenantid=self.request.user.tenantid.id)
users = []
for user in obj:
role_name = ""
for a in user.roles:
role = roledetail.objects(id=a.id).first()
role_name = role_name + role.name+","
tet_obj = UserObj(user.id,user.username,role_name[:-1])
users.append(tet_obj)
return users
def get_data(self):
try:
# Add data to the context here...
if "Tenant Admin" not in self.request.session['user_roles']:
refresh_session_policies(self.request, self.request.user)
obj = roledetail.objects(tenantid=self.request.user.tenantid.id)
roles = []
for role in obj:
action = []
access = ""
if role.policy == [] and role.access == []:
role_obj = RoleObj(id=role.id,
name=role.name,
roletype=role.roletype)
elif role.policy == [] and role.access:
for k in role.access:
access = access + "" + k + "," + "\n"
role_obj = RoleObj(id=role.id,
name=role.name,
roletype=role.roletype,
access=access[:-2].title())
else:
for i in role.policy:
cloud = tenantclouds.objects(id=i.cloudid.id).first()
action.append(cloud.name)
action = set(action)
action = list(action)
for k in role.access:
access = access + "" + k + "," + "\n"
role_obj = RoleObj(role.id,role.name,role.roletype,\
",\n".join(action).title(),access[:-2].title())
roles.append(role_obj)
except Exception, e:
messages.error(self.request, _(e.message))
LOG.error(e.message)
roles = []
def handle(self, request, context):
cloud_id = context.get('cloud_id', None)
username = context.get('publickey', None)
cloudname = context.get('cloudname', None)
platform = context.get('platform', None)
password = context.get('secretkey', None)
endpoint = context.get('endpoint', None)
cloud_type = context.get('cloud_type', None)
if (username == '') & (password == ''):
username = context.get('publickey', None)
password = context.get('secretkey', None)
get_user_document().objects(username=request.user.username).first()
user = get_user_document().objects(
username=request.user.username).first()
try:
if platform == "Cnext":
httpInst = httplib2.Http()
httpInst.add_credentials(name = username, \
password = password)
url = endpoint + "/api/instance?resourceType=vm"
resp, body = httpInst.request(url)
if resp.status == 200:
cloud = tenantclouds(name=cloudname,
cloud_type=cloud_type,
platform=platform,
cloud_meta={
"publickey":
username,
"privatekey":
encode_decode(password, "encode"),
"endpoint":
endpoint
},
tenantid=request.user.tenantid.id,
cloudid=cloud_id)
cloud.save()
roles = roledetail.objects(
tenantid=request.user.tenantid.id)
allowed_action = actions.objects.first().allowed
for role in roles:
if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
i = {
"cloudid": cloud.id,
"provider": "ALL",
"region": "ALL",
"allowed": allowed_action
}
roledetail.objects(id=role.id).update(
push__policy=i)
else:
pass
if user.cnextname == "" or user.cnextname is None:
user.cnextpublickey = username
user.cnextprivatekey = encode_decode(
password, "encode")
user.cnextendpoint = endpoint
user.cnextname = cloudname
user.save()
refresh_session_policies(request, request.user)
return True
else:
return False
elif platform == "Openstack":
openstack_user = openstack_authenticate.authenticate(
user_domain_name=None,
username=username,
password=password,
auth_url=endpoint)
utoken = openstack_user.token
if utoken:
cloud = tenantclouds(name=cloudname,
cloud_type=cloud_type,
platform=platform,
cloud_meta={
"publickey":
username,
"privatekey":
encode_decode(password, "encode"),
"endpoint":
endpoint
},
tenantid=request.user.tenantid.id,
cloudid=cloud_id)
cloud.save()
allowed_action = actions.objects.first().allowed
roles = roledetail.objects(
tenantid=request.user.tenantid.id)
for role in roles:
if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
i = {
"cloudid": cloud.id,
"provider": "",
"region": "",
"allowed": allowed_action
}
roledetail.objects(id=role.id).update(
push__policy=i)
if user.openstackname == "" or user.openstackname is None:
otoken = trail.DocToken(
user=utoken.user,
user_domain_id=utoken.user_domain_id,
id=utoken.id,
project=utoken.project,
tenant=utoken.project,
domain=utoken.domain,
roles=utoken.roles,
serviceCatalog=utoken.serviceCatalog)
user.token = otoken
user.authorized_tenants = [
remove_tenants(d.__dict__)
for d in openstack_user.authorized_tenants
]
user.service_catalog = openstack_user.service_catalog
user.services_region = openstack_user.services_region
user.project_name = openstack_user.project_name
user.tenant_name = openstack_user.tenant_name
user.tenant_id = openstack_user.tenant_id
user.project_id = openstack_user.project_id
user.endpoint = endpoint + ""
user.openstackname = cloudname
msg = _("Successfully user token created in "
"Mongodb.")
user.save()
LOG.debug(msg)
else:
delete_token(endpoint, utoken.id)
refresh_session_policies(request, request.user)
return True
else:
return False
elif platform == "Hpcloud":
openstack_user = openstack_authenticate.authenticate(
user_domain_name=None,
username=username,
password=password,
auth_url=endpoint)
utoken = openstack_user.token
if utoken:
cloud = tenantclouds(name=cloudname,
cloud_type=cloud_type,
platform=platform,
cloud_meta={
"publickey":
username,
"privatekey":
encode_decode(password, "encode"),
"endpoint":
endpoint
},
tenantid=request.user.tenantid.id,
cloudid=cloud_id)
cloud.save()
allowed_action = actions.objects.first().allowed
roles = roledetail.objects(
tenantid=request.user.tenantid.id)
for role in roles:
if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
i = {
"cloudid": cloud.id,
"provider": "",
"region": "",
"allowed": allowed_action
}
roledetail.objects(id=role.id).update(
push__policy=i)
otoken = trail.DocToken(
user=utoken.user,
user_domain_id=utoken.user_domain_id,
id=utoken.id,
project=utoken.project,
tenant=utoken.project,
domain=utoken.domain,
roles=utoken.roles,
serviceCatalog=utoken.serviceCatalog)
hp = trail.Hpclouddata(token = otoken,\
authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants],\
service_catalog = openstack_user.service_catalog,\
services_region = openstack_user.services_region,\
project_name = openstack_user.project_name,\
tenant_name = openstack_user.tenant_name,\
tenant_id = openstack_user.tenant_id,\
project_id = openstack_user.project_id,\
endpoint = endpoint + "",\
hpcloudid = cloud.id
)
hp.save()
if user.hp_attr == "" or user.hp_attr is None:
user.hp_attr = hp
user.hpname = cloudname
user.save()
msg = _("Successfully user token created in " "Mongodb.")
LOG.debug(msg)
refresh_session_policies(request, request.user)
return True
else:
return False
elif platform == "Amazon":
status = test(endpoint, username, password)
if status == True:
cloud = tenantclouds(name=cloudname,
cloud_type=cloud_type,
platform=platform,
cloud_meta={
"publickey":
username,
"privatekey":
encode_decode(password, "encode"),
"endpoint":
endpoint
},
tenantid=request.user.tenantid.id,
cloudid=cloud_id)
cloud.save()
roles = roledetail.objects(
tenantid=request.user.tenantid.id)
allowed_action = actions.objects.first().allowed
for role in roles:
if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
i = {
"cloudid": cloud.id,
"provider": "ALL",
"region": "ALL",
"allowed": allowed_action
}
roledetail.objects(id=role.id).update(
push__policy=i)
else:
pass
if user.awsname == "" or user.awsname is None:
user.awspublickey = username
user.awsprivatekey = encode_decode(password, "encode")
user.awsendpoint = endpoint
user.awsname = cloudname
user.save()
refresh_session_policies(request, request.user)
return True
else:
return False
else:
cloud = tenantclouds(name=cloudname,
cloud_type=cloud_type,
platform=platform,
cloud_meta={
"publickey":
username,
"privatekey":
encode_decode(password, "encode"),
"endpoint":
endpoint
},
tenantid=request.user.tenantid.id)
cloud.save()
roles = roledetail.objects(tenantid=request.user.tenantid.id)
for role in roles:
if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
i = {
"cloudid":
cloud.id,
"provider": [],
"region": [],
"allowed": [
"Create Instance", "Delete Instance",
"Create KP and SG", "Delete KP and SG",
"Start Instance", "Stop Instance",
"Create Volume", "Delete Volume",
"Attach and Dettach Volume"
]
}
roledetail.objects(id=role.id).update(push__policy=i)
return True
except Exception, e:
messages.error(request, _(e.message))
LOG.error(e.message)
def handle(self, request, context):
cloud_id = context.get('cloud_id', None)
username = context.get('publickey', None)
cloudname = context.get('cloudname', None)
platform = context.get('platform', None)
password = context.get('secretkey', None)
endpoint = context.get('endpoint', None)
cloud_type = context.get('cloud_type', None)
if (username == '') & (password == ''):
username = context.get('publickey', None)
password = context.get('secretkey', None)
get_user_document().objects(username=request.user.username).first()
user = get_user_document().objects(username=request.user.username).first()
try:
if platform == "Cnext":
httpInst = httplib2.Http()
httpInst.add_credentials(name = username, \
password = password)
url = endpoint + "/api/instance?resourceType=vm"
resp, body = httpInst.request(url)
if resp.status == 200 :
cloud = tenantclouds(name = cloudname,cloud_type = cloud_type,
platform = platform,cloud_meta ={"publickey":username,"privatekey":encode_decode(password,"encode"),"endpoint":endpoint},
tenantid=request.user.tenantid.id,
cloudid=cloud_id)
cloud.save()
roles = roledetail.objects(tenantid = request.user.tenantid.id)
allowed_action = actions.objects.first().allowed
for role in roles:
if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
i = {"cloudid":cloud.id,"provider":"ALL","region":"ALL","allowed": allowed_action}
roledetail.objects(id = role.id).update(push__policy=i)
else:
pass
if user.cnextname == "" or user.cnextname is None:
user.cnextpublickey = username
user.cnextprivatekey = encode_decode(password,"encode")
user.cnextendpoint = endpoint
user.cnextname = cloudname
user.save()
refresh_session_policies(request, request.user)
return True
else:
return False
elif platform == "Openstack":
openstack_user = openstack_authenticate.authenticate(user_domain_name=None,username=username,
password=password,
auth_url= endpoint)
utoken = openstack_user.token
if utoken:
cloud = tenantclouds(name = cloudname,cloud_type = cloud_type,
platform = platform,cloud_meta ={"publickey":username,"privatekey":encode_decode(password,"encode"),"endpoint":endpoint},
tenantid=request.user.tenantid.id,
cloudid=cloud_id)
cloud.save()
allowed_action = actions.objects.first().allowed
roles = roledetail.objects(tenantid = request.user.tenantid.id)
for role in roles:
if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
i = {"cloudid":cloud.id,"provider":"","region":"","allowed":allowed_action}
roledetail.objects(id = role.id).update(push__policy=i)
if user.openstackname == "" or user.openstackname is None:
otoken = trail.DocToken(user=utoken.user,
user_domain_id=utoken.user_domain_id,
id=utoken.id,
project=utoken.project,
tenant=utoken.project,
domain=utoken.domain,
roles=utoken.roles,
serviceCatalog=utoken.serviceCatalog
)
user.token = otoken
user.authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants]
user.service_catalog = openstack_user.service_catalog
user.services_region = openstack_user.services_region
user.project_name = openstack_user.project_name
user.tenant_name = openstack_user.tenant_name
user.tenant_id = openstack_user.tenant_id
user.project_id = openstack_user.project_id
user.endpoint = endpoint + ""
user.openstackname = cloudname
msg = _("Successfully user token created in "
"Mongodb.")
user.save()
LOG.debug(msg)
else:
delete_token(endpoint,utoken.id)
refresh_session_policies(request, request.user)
return True
else:
return False
elif platform == "Hpcloud":
openstack_user = openstack_authenticate.authenticate(user_domain_name=None,username=username,
password=password,
auth_url= endpoint)
utoken = openstack_user.token
if utoken:
cloud = tenantclouds(name = cloudname,cloud_type = cloud_type,
platform = platform,cloud_meta ={"publickey":username,"privatekey":encode_decode(password,"encode"),"endpoint":endpoint},
tenantid=request.user.tenantid.id,
cloudid=cloud_id)
cloud.save()
allowed_action = actions.objects.first().allowed
roles = roledetail.objects(tenantid = request.user.tenantid.id)
for role in roles:
if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
i = {"cloudid":cloud.id,"provider":"","region":"","allowed":allowed_action}
roledetail.objects(id = role.id).update(push__policy=i)
otoken = trail.DocToken(user=utoken.user,
user_domain_id=utoken.user_domain_id,
id=utoken.id,
project=utoken.project,
tenant=utoken.project,
domain=utoken.domain,
roles=utoken.roles,
serviceCatalog=utoken.serviceCatalog
)
hp = trail.Hpclouddata(token = otoken,\
authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants],\
service_catalog = openstack_user.service_catalog,\
services_region = openstack_user.services_region,\
project_name = openstack_user.project_name,\
tenant_name = openstack_user.tenant_name,\
tenant_id = openstack_user.tenant_id,\
project_id = openstack_user.project_id,\
endpoint = endpoint + "",\
hpcloudid = cloud.id
)
hp.save()
if user.hp_attr == "" or user.hp_attr is None:
user.hp_attr = hp
user.hpname = cloudname
user.save()
msg = _("Successfully user token created in "
"Mongodb.")
LOG.debug(msg)
refresh_session_policies(request, request.user)
return True
else:
return False
elif platform == "Amazon":
status = test(endpoint,username,password)
if status == True:
cloud = tenantclouds(name = cloudname,cloud_type = cloud_type,
platform = platform,cloud_meta ={"publickey":username,"privatekey":encode_decode(password,"encode"),"endpoint":endpoint},
tenantid=request.user.tenantid.id,
cloudid=cloud_id)
cloud.save()
roles = roledetail.objects(tenantid = request.user.tenantid.id)
allowed_action = actions.objects.first().allowed
for role in roles:
if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
i = {"cloudid":cloud.id,"provider":"ALL","region":"ALL","allowed": allowed_action}
roledetail.objects(id = role.id).update(push__policy=i)
else:
pass
if user.awsname == "" or user.awsname is None:
user.awspublickey = username
user.awsprivatekey = encode_decode(password,"encode")
user.awsendpoint = endpoint
user.awsname = cloudname
user.save()
refresh_session_policies(request, request.user)
return True
else:
return False
else:
cloud = tenantclouds(name = cloudname,cloud_type = cloud_type,
platform = platform,cloud_meta ={"publickey":username,"privatekey":encode_decode(password,"encode"),"endpoint":endpoint},
tenantid=request.user.tenantid.id)
cloud.save()
roles = roledetail.objects(tenantid = request.user.tenantid.id)
for role in roles:
if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
i = {"cloudid":cloud.id,"provider":[],"region":[],"allowed":[ "Create Instance" , "Delete Instance" , "Create KP and SG" , "Delete KP and SG" , "Start Instance" , "Stop Instance" , "Create Volume" , "Delete Volume" , "Attach and Dettach Volume"]}
roledetail.objects(id = role.id).update(push__policy=i)
return True
except Exception,e:
messages.error(request,_(e.message))
LOG.error(e.message)
def handle(self, request, context):
id = context.get('id', None)
username = context.get('username', None)
cloudname = context.get('cloudname', None)
password = context.get('password', None)
endpoint = context.get('endpoint', None)
if (username == '') & (password == ''):
username = context.get('publickey', None)
password = context.get('secretkey', None)
try:
user = get_user_document().objects(username=request.user.username).first()
cloud = tenantclouds.objects(id = id).first()
if cloud.platform =="Amazon":
status = test(endpoint,username,password)
if status == True:
if user.awsname == cloud.name:
user.awspublickey = username
user.awsprivatekey = trail.encode_decode(password,"encode")
user.awsendpoint = endpoint
user.awsname = cloudname
else:
return False
if cloud.platform =="Cnext":
httpInst = httplib2.Http()
httpInst.add_credentials(name = username, \
password = password)
url = endpoint + ":8130/apiv2/instance"
resp, body = httpInst.request(url)
if resp.status == 200 :
if user.cnextname == cloud.name:
user.cnextpublickey = username
user.cnextprivatekey = trail.encode_decode(password,"encode")
user.cnextendpoint = endpoint
user.cnextname = cloudname
else:
return False
if cloud.platform =="Hpcloud":
openstack_user = openstack_authenticate.authenticate(user_domain_name=None,username=username,
password=password,
auth_url= endpoint)
utoken = openstack_user.token
if utoken:
hp = Hpclouddata.objects(id = request.user.hp_attr.id).first()
hpcloud = tenantclouds.objects(id = hp.hpcloudid.id).first()
if hpcloud.name == cloud.name:
otoken = trail.DocToken(user=utoken.user,
user_domain_id=utoken.user_domain_id,
id=utoken.id,
project=utoken.project,
tenant=utoken.project,
domain=utoken.domain,
roles=utoken.roles,
serviceCatalog=utoken.serviceCatalog
)
hp.token = otoken
hp.authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants]
hp.service_catalog = openstack_user.service_catalog
hp.services_region = openstack_user.services_region
hp.project_name = openstack_user.project_name
hp.tenant_name = openstack_user.tenant_name
hp.tenant_id = openstack_user.tenant_id
hp.project_id = openstack_user.project_id
hp.endpoint = endpoint
hp.save()
user.hpname = cloudname
else:
return False
if cloud.platform =="Openstack":
openstack_user = openstack_authenticate.authenticate(user_domain_name=None,username=username,
password=password,
auth_url= endpoint)
utoken = openstack_user.token
if utoken:
if user.openstackname == cloud.name:
delete_token(user.endpoint,user.token.id)
otoken = trail.DocToken(user=utoken.user,
user_domain_id=utoken.user_domain_id,
id=utoken.id,
project=utoken.project,
tenant=utoken.project,
domain=utoken.domain,
roles=utoken.roles,
serviceCatalog=utoken.serviceCatalog
)
user.token = otoken
user.authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants]
user.service_catalog = openstack_user.service_catalog
user.services_region = openstack_user.services_region
user.project_name = openstack_user.project_name
user.tenant_name = openstack_user.tenant_name
user.tenant_id = openstack_user.tenant_id
user.project_id = openstack_user.project_id
user.endpoint = endpoint + ""
user.openstackname = cloudname
else:
delete_token(endpoint,utoken.id)
else:
return False
clouds = tenantclouds.objects(id = id).update(set__name = cloudname,set__cloud_meta ={"publickey":username,"privatekey":trail.encode_decode(password,"encode"),"endpoint":endpoint})
user.save()
refresh_session_policies(request, request.user)
return True
except Exception,e:
messages.error(request,_(e.message))
LOG.error(e.message)
