def create_identity(self, username, key, secret):
"""
Create a new AWS identity (key/secret required) for User:<username>
"""
(user, group) = self.create_usergroup(username)
try:
id_member = IdentityMembership.objects.filter(
identity__provider=self.aws_prov,
member__name=username,
identity__credential__value__in=[
access_key, secret_key]).distinct()[0]
return id_member.identity
except (IndexError, IdentityMembership.DoesNotExist):
#Remove the user line when quota model is fixed
default_quota = Quota().defaults()
quota = Quota.objects.filter(cpu=default_quota['cpu'],
memory=default_quota['memory'],
storage=default_quota['storage'])[0]
#Create the Identity
identity = Identity.objects.get_or_create(
created_by=user, provider=self.aws_prov)[0]
Credential.objects.get_or_create(
identity=identity, key='key', value=access_key)[0]
Credential.objects.get_or_create(
identity=identity, key='secret', value=secret_key)[0]
#Link it to the usergroup
id_member = IdentityMembership.objects.get_or_create(
identity=identity, member=group, quota=quota)[0]
#Return the identity
return id_member.identity
def build_account(
cls,
account_user,
group_name,
username,
provider_location,
quota=None,
allocation=None,
is_leader=False,
max_quota=False,
account_admin=False,
**kwarg_creds
):
"""
DEPRECATED: POST to v2/identities API to create an identity.
"""
# Do not move up. ImportError.
from core.models import Group, Quota, Provider, AccountProvider
provider = Provider.objects.get(location__iexact=provider_location)
credentials = cls._kwargs_to_credentials(kwarg_creds)
if not quota:
quota = Quota.default_quota()
#DEV NOTE: 'New' identities are expected to have a router name directly assigned
# upon creation. If the value is not passed in, we can ask the provider to select
# the router with the least 'usage' to ensure an "eventually consistent" distribution
# of users->routers.
topologyClsName = provider.get_config(
'network', 'topology', raise_exc=False
)
if topologyClsName == 'External Router Topology' and 'router_name' not in credentials:
credentials['router_name'] = provider.select_router()
(user,
group) = Group.create_usergroup(account_user, group_name, is_leader)
identity = cls._get_identity(user, group, provider, quota, credentials)
# NOTE: This specific query will need to be modified if we want
# 2+ Identities on a single provider
id_membership = identity.share(group, allocation=allocation)
# ID_Membership exists.
# 3. Assign admin account, if requested
if account_admin:
AccountProvider.objects.get_or_create(
provider=id_membership.identity.provider,
identity=id_membership.identity
)[0]
# 4. Save the user to activate profile on first-time use
# FIXME: only call .save() if 'no profile' test is True.
# TODO: write a 'no profile' test f()
user.save()
# Return the identity
return identity
def build_account(cls,
account_user,
group_name,
username,
provider_location,
quota=None,
allocation=None,
is_leader=False,
max_quota=False,
account_admin=False,
**kwarg_creds):
"""
DEPRECATED: POST to v2/identities API to create an identity.
"""
# Do not move up. ImportError.
from core.models import Group, Quota,\
Provider, AccountProvider, Allocation,\
IdentityMembership
provider = Provider.objects.get(location__iexact=provider_location)
credentials = cls._kwargs_to_credentials(kwarg_creds)
if not quota:
quota = Quota.default_quota()
#DEV NOTE: 'New' identities are expected to have a router name directly assigned
# upon creation. If the value is not passed in, we can ask the provider to select
# the router with the least 'usage' to ensure an "eventually consistent" distribution
# of users->routers.
topologyClsName = provider.get_config('network',
'topology',
raise_exc=False)
if topologyClsName == 'External Router Topology' and 'router_name' not in credentials:
credentials['router_name'] = provider.select_router()
(user, group) = Group.create_usergroup(account_user, group_name,
is_leader)
identity = cls._get_identity(user, group, provider, quota, credentials)
# NOTE: This specific query will need to be modified if we want
# 2+ Identities on a single provider
id_membership = identity.share(group, allocation=allocation)
# ID_Membership exists.
# 3. Assign admin account, if requested
if account_admin:
AccountProvider.objects.get_or_create(
provider=id_membership.identity.provider,
identity=id_membership.identity)[0]
# 4. Save the user to activate profile on first-time use
# FIXME: only call .save() if 'no profile' test is True.
# TODO: write a 'no profile' test f()
user.save()
# Return the identity
return identity
def _create_identity(cls, user, group, provider, quota, credentials):
# FIXME: we shouldn't have to create the uuid.. default should do this?
new_uuid = uuid4()
if not quota:
quota = Quota.default_quota()
identity = Identity.objects.create(
created_by=user, provider=provider, quota=quota, uuid=str(new_uuid)
)
for (c_key, c_value) in credentials.items():
Identity.update_credential(identity, c_key, c_value)
return identity
def _create_identity(cls, user, group, provider, quota, credentials):
# FIXME: we shouldn't have to create the uuid.. default should do this?
new_uuid = uuid4()
if not quota:
quota = Quota.default_quota()
identity = Identity.objects.create(created_by=user,
provider=provider,
quota=quota,
uuid=str(new_uuid))
for (c_key, c_value) in credentials.items():
Identity.update_credential(identity, c_key, c_value)
return identity