def list_user_tenants_role(user_id, is_admin=True):
db = dbpools.get_keystone()
admin_tenant = yield get_admin_tenant_id()
try:
cur = yield db.execute(
"select actor_id as user ,target_id as tenant , role_id as role from assignment where target_id != %s and actor_id = %s ",
(
admin_tenant,
user_id,
))
user_tenants = cur.fetchall()
result = []
for item in user_tenants:
role = str(item['role'])
item['role'] = yield get_role_by_id(role)
if is_admin:
if role == get_role_by_name(
CONF.identify.internal_tenant_admin_role):
result.append(item)
else:
result.append(item)
except Exception:
LOG.error("list tenant role error user id is %s", user_id)
raise gen.Return(result)
def get_user_by_name(name):
try:
pool = dbpools.get_keystone()
sql = 'select id,`name`,extra from user where name = %s '
cur = yield pool.execute(sql, (name, ))
user = cur.fetchone()
if user:
extra = json.loads(user["extra"]) ##获取数据库中的字符串,解析成为字典
user.pop("extra")
user["displayname"] = extra.get("displayname")
except Exception, e:
LOG.error("get user by name %s error %s", name, e)
def update_tenant(self, tenant_id, body):
tenant = yield identify.get_tenant_by_id(tenant_id)
if not tenant:
raise TenantNotExist
db = dbpools.get_keystone()
cur = yield db.execute("select name from project where id = %s ",
(tenant_id, ))
old_tenant_name = cur.fetchone()
t = yield identify.update_tenant(tenant_id, **body)
optLog.write(self.request, Type.TENANT, old_tenant_name['name'],
Operator.UPDATE, t['name'])
self.response(Response(result=t))
def f():
db = dbpools.get_keystone()
try:
# cur = yield db.execute("select a.id,a.name,a.description,b.count from project as a ,"
# "(select target_id, count(*)-1 count from assignment where target_id = %s) as b "
# "where a.id = b.target_id", (tenant_id,))
cur = yield db.execute(
"select a.id,a.name,a.description,b.count "
"from (SELECT id,description,name from project WHERE id=%s) a "
"LEFT JOIN (select target_id, count(*)-1 count from assignment where target_id=%s) b "
"on a.id = b.target_id", (tenant_id, tenant_id))
tenant = cur.fetchone()
except openstack.OpenStackException, e:
LOG.error("get tenants failed: %s", (e.message, ))
raise TenantOperationFailed()
def __list_users_admin_role():
db = dbpools.get_keystone()
admin_tenant_id = yield openstack.get_admin_tenant_id()
try:
cur = yield db.execute(
"select actor_id as user ,target_id as tenant , role_id as role from assignment where target_id = %s ",
(admin_tenant_id, ))
user_tenant_role = cur.fetchall()
user_role = {}
for item in user_tenant_role:
user_role[item['user']] = yield openstack.get_role_by_id(
item['role'])
except Exception:
raise QueryUserTenantRoleFailed
raise gen.Return(user_role)
def get_user_role(user_id, tenant_id=None):
db = dbpools.get_keystone()
if not tenant_id:
tenant_id = yield openstack.get_admin_tenant_id()
try:
cur = yield db.execute(
"select role_id as role from assignment where actor_id = %s and target_id = %s ",
(
user_id,
tenant_id,
))
user_role = cur.fetchone()
role = {}
if user_role:
role['id'] = user_role.get("role")
role_name = yield openstack.get_role_by_id(user_role.get("role"))
role['name'] = role_name.get("name")
except Exception:
raise QueryUserTenantRoleFailed
raise gen.Return(role)
def del_expires_token():
yield dbpools.execute_commit(
dbpools.get_keystone(),
"delete from token where expires < utc_timestamp() limit 1000"
)