def assign_role_to_user(self, user, project, role):
"""
Assigning a role to a user in a project.
:param user: username.
:param project: project name.
:param role: role name.
:raises AuthconnOperationException: if role assignment failed.
"""
try:
user_obj = list(
filter(lambda x: x.name == user,
self.keystone.users.list()))[0]
project_obj = list(
filter(lambda x: x.name == project,
self.keystone.projects.list()))[0]
role_obj = list(
filter(lambda x: x.name == role,
self.keystone.roles.list()))[0]
self.keystone.roles.grant(role_obj,
user=user_obj,
project=project_obj)
except ClientException:
self.logger.exception(
"Error during user role assignment using keystone")
raise AuthconnOperationException(
"Error during user role assignment using Keystone")
def remove_role_from_user(self, user, project, role):
"""
Remove a role from a user in a project.
:param user: username.
:param project: project name.
:param role: role name.
:raises AuthconnOperationException: if role assignment revocation failed.
"""
try:
user_obj = list(
filter(lambda x: x.name == user,
self.keystone.users.list()))[0]
project_obj = list(
filter(lambda x: x.name == project,
self.keystone.projects.list()))[0]
role_obj = list(
filter(lambda x: x.name == role,
self.keystone.roles.list()))[0]
self.keystone.roles.revoke(role_obj,
user=user_obj,
project=project_obj)
except ClientException:
self.logger.exception(
"Error during user role revocation using keystone")
raise AuthconnOperationException(
"Error during user role revocation using Keystone")
def create_project(self, project):
"""
Create a project.
:param project: project name.
:raises AuthconnOperationException: if project creation failed.
"""
try:
self.keystone.project.create(project, self.project_domain_name)
except ClientException:
self.logger.exception(
"Error during project creation using keystone")
raise AuthconnOperationException(
"Error during project creation using Keystone")
def create_role(self, role):
"""
Create a role.
:param role: role name.
:raises AuthconnOperationException: if role creation failed.
"""
try:
self.keystone.roles.create(role)
except Conflict as ex:
self.logger.info("Duplicate entry: %s", str(ex))
except ClientException:
self.logger.exception("Error during role creation using keystone")
raise AuthconnOperationException(
"Error during role creation using Keystone")
def delete_role(self, role):
"""
Delete a role.
:param role: role name.
:raises AuthconnOperationException: if role deletion failed.
"""
try:
result = self.keystone.roles.delete(role)
if not result:
raise ClientException()
except ClientException:
self.logger.exception("Error during role deletion using keystone")
raise AuthconnOperationException(
"Error during role deletion using Keystone")
def delete_user(self, user):
"""
Delete user.
:param user: username.
:raises AuthconnOperationException: if user deletion failed.
"""
try:
result = self.keystone.users.delete(user)
if not result:
raise ClientException()
except ClientException:
self.logger.exception("Error during user deletion using keystone")
raise AuthconnOperationException(
"Error during user deletion using Keystone")
def delete_role(self, role):
"""
Delete a role.
:param role: role name.
:raises AuthconnOperationException: if role deletion failed.
"""
try:
role_obj = list(
filter(lambda x: x.name == role,
self.keystone.roles.list()))[0]
self.keystone.roles.delete(role_obj)
except ClientException:
self.logger.exception("Error during role deletion using keystone")
raise AuthconnOperationException(
"Error during role deletion using Keystone")
def delete_user(self, user):
"""
Delete user.
:param user: username.
:raises AuthconnOperationException: if user deletion failed.
"""
try:
user_obj = list(
filter(lambda x: x.name == user,
self.keystone.users.list()))[0]
self.keystone.users.delete(user_obj)
except ClientException:
self.logger.exception("Error during user deletion using keystone")
raise AuthconnOperationException(
"Error during user deletion using Keystone")
def create_user(self, user, password):
"""
Create a user.
:param user: username.
:param password: password.
:raises AuthconnOperationException: if user creation failed.
"""
try:
self.keystone.users.create(user,
password=password,
domain=self.user_domain_name)
except ClientException:
self.logger.exception("Error during user creation using keystone")
raise AuthconnOperationException(
"Error during user creation using Keystone")
def delete_project(self, project):
"""
Delete a project.
:param project: project name.
:raises AuthconnOperationException: if project deletion failed.
"""
try:
result = self.keystone.project.delete(project)
if not result:
raise ClientException()
except ClientException:
self.logger.exception(
"Error during project deletion using keystone")
raise AuthconnOperationException(
"Error during project deletion using Keystone")
def create_role(self, role):
"""
Create a role.
:param role: role name.
:raises AuthconnOperationException: if role creation failed.
"""
try:
result = self.keystone.roles.create(role,
domain=self.user_domain_name)
if not result:
raise ClientException()
except ClientException:
self.logger.exception("Error during role creation using keystone")
raise AuthconnOperationException(
"Error during role creation using Keystone")
def delete_project(self, project):
"""
Delete a project.
:param project: project name.
:raises AuthconnOperationException: if project deletion failed.
"""
try:
project_obj = list(
filter(lambda x: x.name == project,
self.keystone.projects.list()))[0]
self.keystone.project.delete(project_obj)
except ClientException:
self.logger.exception(
"Error during project deletion using keystone")
raise AuthconnOperationException(
"Error during project deletion using Keystone")
def change_password(self, user, new_password):
"""
Change the user password.
:param user: username.
:param new_password: new password.
:raises AuthconnOperationException: if user password change failed.
"""
try:
result = self.keystone.users.update(user, password=new_password)
if not result:
raise ClientException()
except ClientException:
self.logger.exception(
"Error during user password update using keystone")
raise AuthconnOperationException(
"Error during user password update using Keystone")
def change_password(self, user, new_password):
"""
Change the user password.
:param user: username.
:param new_password: new password.
:raises AuthconnOperationException: if user password change failed.
"""
try:
user_obj = list(
filter(lambda x: x.name == user,
self.keystone.users.list()))[0]
self.keystone.users.update(user_obj, password=new_password)
except ClientException:
self.logger.exception(
"Error during user password update using keystone")
raise AuthconnOperationException(
"Error during user password update using Keystone")
def remove_role_from_user(self, user, project, role):
"""
Remove a role from a user in a project.
:param user: username.
:param project: project name.
:param role: role name.
:raises AuthconnOperationException: if role assignment revocation failed.
"""
try:
result = self.keystone.roles.revoke(role,
user=user,
project=project)
if not result:
raise ClientException()
except ClientException:
self.logger.exception(
"Error during user role revocation using keystone")
raise AuthconnOperationException(
"Error during user role revocation using Keystone")
def assign_role_to_user(self, user, project, role):
"""
Assigning a role to a user in a project.
:param user: username.
:param project: project name.
:param role: role name.
:raises AuthconnOperationException: if role assignment failed.
"""
try:
result = self.keystone.roles.grant(role,
user=user,
project=project)
if not result:
raise ClientException()
except ClientException:
self.logger.exception(
"Error during user role assignment using keystone")
raise AuthconnOperationException(
"Error during user role assignment using Keystone")