def test_12_remove_rights_from_org(self):
org_in_use = self.config['vcd']['org_in_use']
org = Org(self.client,
href=self.client.get_org_by_name(org_in_use).get('href'))
right_name = self.config['vcd']['right_name']
right_record_list = org.list_rights_of_org()
no_of_rights_before = len(right_record_list)
org.remove_rights([right_name])
org.reload()
right_record_list = org.list_rights_of_org()
no_of_rights_after = len(right_record_list)
assert no_of_rights_before > no_of_rights_after
def _register_right(client,
right_name,
description,
category,
bundle_key,
msg_update_callback=utils.NullPrinter()):
"""Register a right for CSE.
:param pyvcloud.vcd.client.Client client:
:param str right_name: the name of the new right to be registered.
:param str description: brief description about the new right.
:param str category: add the right in existing categories in
vCD Roles and Rights or specify a new category name.
:param str bundle_key: is used to identify the right name and change
its value to different languages using localization bundle.
:param utils.ConsoleMessagePrinter msg_update_callback: Callback object.
:raises BadRequestException: if a right with given name already
exists in vCD.
"""
ext = APIExtension(client)
# Since the client is a sys admin, org will hold a reference to System org
system_org = Org(client, resource=client.get_org())
try:
right_name_in_vcd = f"{{{server_constants.CSE_SERVICE_NAME}}}:{right_name}" # noqa: E501
# TODO(): When org.get_right_record() is moved outside the org scope in
# pyvcloud, update the code below to adhere to the new method names.
system_org.get_right_record(right_name_in_vcd)
msg = f"Right: {right_name} already exists in vCD"
msg_update_callback.general(msg)
INSTALL_LOGGER.info(msg)
# Presence of the right in vCD is not a guarantee that the right will
# be assigned to system org too.
rights_in_system = system_org.list_rights_of_org()
for dikt in rights_in_system:
# TODO(): When localization support comes in, this check should be
# ditched for a better one.
if dikt['name'] == right_name_in_vcd:
msg = f"Right: {right_name} already assigned to System " \
f"organization."
msg_update_callback.general(msg)
INSTALL_LOGGER.info(msg)
return
# Since the right is not assigned to system org, we need to add it.
msg = f"Assigning Right: {right_name} to System organization."
msg_update_callback.general(msg)
INSTALL_LOGGER.info(msg)
system_org.add_rights([right_name_in_vcd])
except EntityNotFoundException:
# Registering a right via api extension end point, auto assigns it to
# System org.
msg = f"Registering Right: {right_name} in vCD"
msg_update_callback.general(msg)
INSTALL_LOGGER.info(msg)
ext.add_service_right(right_name, server_constants.CSE_SERVICE_NAME,
server_constants.CSE_SERVICE_NAMESPACE,
description, category, bundle_key)
def list_rights(self):
org_name = self.params.get('org_name')
response = dict()
response['changed'] = False
resource = self.client.get_org_by_name(org_name)
org = Org(self.client, resource=resource)
response['msg'] = org.list_rights_of_org()
return response
def list_rights(ctx, org_name, all):
try:
client = ctx.obj['client']
if org_name is not None:
org_href = client.get_org_by_name(org_name).get('href')
else:
org_href = ctx.obj['profiles'].get('org_href')
org = Org(client, href=org_href)
if all:
right_records = org.list_rights_available_in_system()
else:
right_records = org.list_rights_of_org()
for right in right_records:
del right['href']
stdout(right_records, ctx)
except Exception as e:
stderr(e, ctx)
def list_rights(ctx, org_name, all):
try:
restore_session(ctx)
client = ctx.obj['client']
if org_name is not None:
org_href = client.get_org_by_name(org_name).get('href')
else:
org_href = ctx.obj['profiles'].get('org_href')
org = Org(client, href=org_href)
if all:
right_records = org.list_rights_available_in_vcd()
else:
right_records = org.list_rights_of_org()
for right in right_records:
del right['href']
stdout(right_records, ctx)
except Exception as e:
stderr(e, ctx)
class Roles(VcdAnsibleModule):
def __init__(self, **kwargs):
super(Roles, self).__init__(**kwargs)
self.org = Org(self.client, resource=self.client.get_org())
def manage_states(self):
state = self.params.get('state')
if state == 'present':
return self.create()
if state == 'absent':
return self.delete()
if state == 'update':
return self.update()
def manage_operations(self):
operation = self.params.get('operation')
if operation == "list_rights":
return self.list_rights()
if operation == "list_roles":
return self.list_roles()
def create(self):
role_name = self.params.get('role_name')
role_description = self.params.get('role_description')
role_rights = self.params.get('role_rights')
response = dict()
response['changed'] = False
try:
self.org.get_role_record(role_name)
except EntityNotFoundException:
self.org.create_role(role_name, role_description, role_rights)
response['msg'] = 'Role {} has been created.'.format(role_name)
response['changed'] = True
else:
response['warnings'] = 'Role {} is already present.'.format(
role_name)
return response
def update(self):
role_name = self.params.get('role_name')
role_description = self.params.get('role_description')
role_rights = self.params.get('role_rights')
response = dict()
response['changed'] = False
role = self.org.get_role_record(role_name)
role_resource = self.org.get_role_resource(role_name)
role_resource.Description = E.Description(role_description)
role_rights = tuple() if role_rights is None else role_rights
for role_right in tuple(role_rights):
role_right_record = self.org.get_right_record(role_right)
role_resource.RightReferences.append(
E.RightReference(name=role_right_record.get('name'),
href=role_right_record.get('href'),
type=EntityType.RIGHT.value))
self.client.put_resource(role.get('href'), role_resource,
EntityType.ROLE.value)
response['msg'] = 'Role {} has been updated.'.format(role_name)
response['changed'] = True
return response
def delete(self):
role_name = self.params.get('role_name')
response = dict()
response['changed'] = False
try:
self.org.get_role_record(role_name)
self.org.delete_role(role_name)
response['msg'] = 'Role {} has been deleted.'.format(role_name)
response['changed'] = True
except EntityNotFoundException:
response['warnings'] = 'Role {} is not present.'.format(role_name)
return response
def list_rights(self):
response = dict()
response['changed'] = False
response['msg'] = self.org.list_rights_of_org()
return response
def list_roles(self):
response = dict()
response['changed'] = False
response['msg'] = self.org.list_roles()
return response
