def add_user_global_group(self, admin_token, group, user):
self.__validate_token(admin_token)
gtenant = self.__check_create_global_tenant()
if db_api.tenant_get(gtenant.id) == None:
raise fault.ItemNotFoundFault("The Global Tenant not found")
if db_api.group_get(group) == None:
raise fault.ItemNotFoundFault("The Group not found")
duser = db_api.user_get(user)
if duser == None:
raise fault.ItemNotFoundFault("The User not found")
if db_api.tenant_group_get(group, gtenant.id) == None:
raise fault.ItemNotFoundFault("A global tenant group with"
" that id not found")
if db_api.get_user_by_group(user, group) != None:
raise fault.UserGroupConflictFault(
"A user with that id already exists in group")
dusergroup = db_models.UserGroupAssociation()
dusergroup.user_id = user
dusergroup.group_id = group
db_api.user_tenant_group(dusergroup)
return tenants.User(duser.id, duser.email, duser.enabled,
group_id=group)
def create_tenant_group(self, admin_token, tenant, group):
self.__validate_token(admin_token)
if not isinstance(group, tenants.Group):
raise fault.BadRequestFault("Expecting a Group")
if tenant == None:
raise fault.BadRequestFault("Expecting a Tenant Id")
dtenant = db_api.tenant_get(tenant)
if dtenant == None:
raise fault.ItemNotFoundFault("The tenant not found")
if group.group_id == None:
raise fault.BadRequestFault("Expecting a Group Id")
if db_api.group_get(group.group_id) != None:
raise fault.TenantGroupConflictFault(
"A tenant group with that id already exists")
dtenant = db_models.Group()
dtenant.id = group.group_id
dtenant.desc = group.description
dtenant.tenant_id = tenant
db_api.tenant_group_create(dtenant)
return tenants.Group(dtenant.id, dtenant.desc, dtenant.tenant_id)
def main():
usage = "usage: %prog group_id"
parser = optparse.OptionParser(usage)
options, args = parser.parse_args()
if len(args) != 1:
parser.error("Incorrect number of arguments")
else:
index = args[0]
try:
o = db_api.group_get(index)
if o == None:
raise IndexError("Group %s not found", index)
print o.id, o.desc
except Exception, e:
print 'Error getting group', index, str(e)
def main():
usage = "usage: %prog group_id group_desc"
parser = optparse.OptionParser(usage)
options, args = parser.parse_args()
if len(args) != 2:
parser.error("Incorrect number of arguments")
else:
group = args[0]
desc = args[1]
try:
g = db_api.group_get(group)
if g == None:
raise IndexError("Group not found")
else:
values = {'desc': desc}
db_api.group_update(group, values)
print 'Group', g.id, 'updated.'
except Exception, e:
print 'Error updating user', group, ':', str(e)
def create_global_group(self, admin_token, group):
self.__validate_token(admin_token)
if not isinstance(group, tenants.GlobalGroup):
raise fault.BadRequestFault("Expecting a Group")
if group.group_id == None:
raise fault.BadRequestFault("Expecting a Group Id")
if db_api.group_get(group.group_id) != None:
raise fault.TenantGroupConflictFault(
"A tenant group with that id already exists")
gtenant = self.__check_create_global_tenant()
dtenant = db_models.Group()
dtenant.id = group.group_id
dtenant.desc = group.description
dtenant.tenant_id = gtenant.id
db_api.tenant_group_create(dtenant)
return tenants.GlobalGroup(dtenant.id, dtenant.desc, None)
def __get_auth_data(self, dtoken, duser):
"""return AuthData object for a token/user pair"""
token = auth.Token(dtoken.expires, dtoken.token_id)
gs = []
for ug in duser.groups:
dgroup = db_api.group_get(ug.group_id)
gs.append(auth.Group(dgroup.id, dgroup.tenant_id))
groups = auth.Groups(gs, [])
if len(duser.tenants) == 0:
raise fault.IDMFault("Strange: user %s is not associated "
"with a tenant!" % duser.id)
if not dtoken.tenant_id and \
db_api.user_get_by_tenant(duser.id, dtoken.tenant_id):
raise fault.IDMFault("Error: user %s is not associated "
"with a tenant! %s" % (duser.id,
dtoken.tenant_id))
user = auth.User(duser.id, dtoken.tenant_id, groups)
return auth.AuthData(token, user)
def delete_user_tenant_group(self, admin_token, tenant, group, user):
self.__validate_token(admin_token)
if db_api.tenant_get(tenant) == None:
raise fault.ItemNotFoundFault("The Tenant not found")
if db_api.group_get(group) == None:
raise fault.ItemNotFoundFault("The Group not found")
duser = db_api.user_get(user)
if duser == None:
raise fault.ItemNotFoundFault("The User not found")
if db_api.tenant_group_get(group, tenant) == None:
raise fault.ItemNotFoundFault("A tenant group with"
" that id not found")
if db_api.get_user_by_group(user, group) == None:
raise fault.ItemNotFoundFault("A user with that id "
"in a group not found")
db_api.user_tenant_group_delete(user, group)
return None
def delete_user_global_group(self, admin_token, group, user):
self.__validate_token(admin_token)
gtenant = self.__check_create_global_tenant()
if db_api.tenant_get(gtenant.id) == None:
raise fault.ItemNotFoundFault("The Global Tenant not found")
if db_api.group_get(group) == None:
raise fault.ItemNotFoundFault("The Group not found")
duser = db_api.user_get(user)
if duser == None:
raise fault.ItemNotFoundFault("The User not found")
if db_api.tenant_group_get(group, gtenant.id) == None:
raise fault.ItemNotFoundFault("A global tenant group with "
"that id not found")
if db_api.get_user_by_group(user, group) == None:
raise fault.ItemNotFoundFault("A user with that id in a "
"group not found")
db_api.user_tenant_group_delete(user, group)
return None
