def create_cse_service_role(client, msg_update_callback=utils.NullPrinter(), logger_debug=SERVER_CLI_LOGGER): """Create Service Role for CSE operations. The method can only be called by System Administrator user :param client: pyvcloud.vcd.client to interact with VCD HOST :param utils.ConsoleMessagePrinter msg_update_callback: Callback object. :raises pyvcloud.vcd.exceptions.BadRequestException when Role already exist :raises pyvcloud.vcd.exceptions.EntityNotFoundException when Right doesn't exist """ # We can't check if the user is Sysadmin or some other user in system org, # as the values will need to be hardcoded. # For now just check if its system org or not. vcd_utils.raise_error_if_user_not_from_system_org(client) system_org = Org(client, resource=client.get_org()) system_org.create_role(server_constants.CSE_SERVICE_ROLE_NAME, server_constants.CSE_SERVICE_ROLE_DESC, server_constants.CSE_SERVICE_ROLE_RIGHTS) msg = f"Successfully created {server_constants.CSE_SERVICE_ROLE_NAME}" msg_update_callback.general(msg) logger_debug.info(msg) return
def test_create_role(self): logged_in_org = self.client.get_org() org = Org(self.client, resource=logged_in_org) role_name = self.config['vcd']['role_name'] org.create_role(role_name, 'test description', ('Disk: View Properties',)) role_record = org.get_role(role_name) assert self.config['vcd']['role_name'] == role_record.get('name')
def create(ctx, role_name, description, rights, org_name): try: client = ctx.obj['client'] if org_name is not None: org_href = client.get_org_by_name(org_name).get('href') else: org_href = ctx.obj['profiles'].get('org_href') org = Org(client, org_href) role = org.create_role(role_name, description, rights) stdout(to_dict(role, exclude=['Link', 'RightReferences']), ctx) except Exception as e: stderr(e, ctx)
def create(ctx, role_name, description, rights, org_name): try: restore_session(ctx) client = ctx.obj['client'] if org_name is not None: org_href = client.get_org_by_name(org_name).get('href') else: org_href = ctx.obj['profiles'].get('org_href') org = Org(client, href=org_href) role = org.create_role(role_name, description, rights) stdout(to_dict(role, exclude=['Link', 'RightReferences']), ctx) except Exception as e: stderr(e, ctx)
def clone(ctx, original_role_name, new_role_name, org_name, description): try: restore_session(ctx) client = ctx.obj['client'] if org_name is not None: org_href = client.get_org_by_name(org_name).get('href') else: org_href = ctx.obj['profiles'].get('org_href') org = Org(client, href=org_href) role_resource = org.get_role_resource(original_role_name) # get original role description if description is None: description = to_dict(role_resource)['Description'] # get original role rights role = Role(client, resource=role_resource) raw_rights = role.list_rights() # list of dicts: {'name': 'right'} rights = [right_dict['name'] for right_dict in raw_rights] role = org.create_role(new_role_name, description, rights) stdout(to_dict(role, exclude=['Link', 'RightReferences']), ctx) except Exception as e: stderr(e, ctx)
class Roles(VcdAnsibleModule): def __init__(self, **kwargs): super(Roles, self).__init__(**kwargs) self.org = Org(self.client, resource=self.client.get_org()) def manage_states(self): state = self.params.get('state') if state == 'present': return self.create() if state == 'absent': return self.delete() if state == 'update': return self.update() def manage_operations(self): operation = self.params.get('operation') if operation == "list_rights": return self.list_rights() if operation == "list_roles": return self.list_roles() def create(self): role_name = self.params.get('role_name') role_description = self.params.get('role_description') role_rights = self.params.get('role_rights') response = dict() response['changed'] = False try: self.org.get_role_record(role_name) except EntityNotFoundException: self.org.create_role(role_name, role_description, role_rights) response['msg'] = 'Role {} has been created.'.format(role_name) response['changed'] = True else: response['warnings'] = 'Role {} is already present.'.format( role_name) return response def update(self): role_name = self.params.get('role_name') role_description = self.params.get('role_description') role_rights = self.params.get('role_rights') response = dict() response['changed'] = False role = self.org.get_role_record(role_name) role_resource = self.org.get_role_resource(role_name) role_resource.Description = E.Description(role_description) role_rights = tuple() if role_rights is None else role_rights for role_right in tuple(role_rights): role_right_record = self.org.get_right_record(role_right) role_resource.RightReferences.append( E.RightReference(name=role_right_record.get('name'), href=role_right_record.get('href'), type=EntityType.RIGHT.value)) self.client.put_resource(role.get('href'), role_resource, EntityType.ROLE.value) response['msg'] = 'Role {} has been updated.'.format(role_name) response['changed'] = True return response def delete(self): role_name = self.params.get('role_name') response = dict() response['changed'] = False try: self.org.get_role_record(role_name) self.org.delete_role(role_name) response['msg'] = 'Role {} has been deleted.'.format(role_name) response['changed'] = True except EntityNotFoundException: response['warnings'] = 'Role {} is not present.'.format(role_name) return response def list_rights(self): response = dict() response['changed'] = False response['msg'] = self.org.list_rights_of_org() return response def list_roles(self): response = dict() response['changed'] = False response['msg'] = self.org.list_roles() return response