Esempio n. 1
0
    def delete_credentials_for_user(self, user_id):
        session = db_session.get_session()

        with session.begin():
            query = session.query(CredentialModel)
            query = query.filter_by(user_id=user_id)
            query.delete()
Esempio n. 2
0
 def create_user(self, user_id, user):
     user = utils.hash_user_password(user)
     session = db_session.get_session()
     with session.begin():
         user_ref = User.from_dict(user)
         session.add(user_ref)
     return identity.filter_user(user_ref.to_dict())
Esempio n. 3
0
 def create_idp(self, idp_id, idp):
     session = db_session.get_session()
     with session.begin():
         idp['id'] = idp_id
         idp_ref = IdentityProviderModel.from_dict(idp)
         session.add(idp_ref)
     return idp_ref.to_dict()
Esempio n. 4
0
    def get_key(self, name, generation=None, group=None):
        session = db_session.get_session()

        query = session.query(models.Host, models.Key)
        query = query.filter(models.Host.id == models.Key.host_id)
        query = query.filter(models.Host.name == name)

        if group is not None:
            query = query.filter(models.Host.group == group)

        if generation is not None:
            query = query.filter(models.Key.generation == generation)
        else:
            query = query.filter(models.Host.latest_generation ==
                                 models.Key.generation)

        try:
            result = query.one()
        except exc.NoResultFound:
            return None

        return {'name': result.Host.name,
                'group': result.Host.group,
                'key': result.Key.enc_key,
                'signature': result.Key.signature,
                'generation': result.Key.generation,
                'expiration': result.Key.expiration}
Esempio n. 5
0
 def _get_metadata(self, user_id=None, tenant_id=None,
                   domain_id=None, group_id=None, session=None):
     # We aren't given a session when called by the manager directly.
     if session is None:
         session = db_session.get_session()
     if user_id:
         if tenant_id:
             q = session.query(UserProjectGrant)
             q = q.filter_by(project_id=tenant_id)
         elif domain_id:
             q = session.query(UserDomainGrant)
             q = q.filter_by(domain_id=domain_id)
         q = q.filter_by(user_id=user_id)
     elif group_id:
         if tenant_id:
             q = session.query(GroupProjectGrant)
             q = q.filter_by(project_id=tenant_id)
         elif domain_id:
             q = session.query(GroupDomainGrant)
             q = q.filter_by(domain_id=domain_id)
         q = q.filter_by(group_id=group_id)
     try:
         return q.one().data
     except sql.NotFound:
         raise exception.MetadataNotFound()
Esempio n. 6
0
    def set_key(self, name, key, signature, group, expiration=None):
        session = db_session.get_session()

        with session.begin():
            q = session.query(models.Host)
            q = q.filter(models.Host.name == name)

            try:
                host = q.one()
            except exc.NoResultFound:
                host = models.Host(name=name,
                                   latest_generation=0,
                                   group=group)
            else:
                if host.group != group:
                    raise exception.GroupStatusChanged(name=name)

            host.latest_generation += 1
            host.keys.append(models.Key(signature=signature,
                                        enc_key=key,
                                        generation=host.latest_generation,
                                        expiration=expiration))

            session.add(host)

        return host.latest_generation
Esempio n. 7
0
 def _get_metadata(self,
                   user_id=None,
                   tenant_id=None,
                   domain_id=None,
                   group_id=None,
                   session=None):
     # We aren't given a session when called by the manager directly.
     if session is None:
         session = db_session.get_session()
     if user_id:
         if tenant_id:
             q = session.query(UserProjectGrant)
             q = q.filter_by(project_id=tenant_id)
         elif domain_id:
             q = session.query(UserDomainGrant)
             q = q.filter_by(domain_id=domain_id)
         q = q.filter_by(user_id=user_id)
     elif group_id:
         if tenant_id:
             q = session.query(GroupProjectGrant)
             q = q.filter_by(project_id=tenant_id)
         elif domain_id:
             q = session.query(GroupDomainGrant)
             q = q.filter_by(domain_id=domain_id)
         q = q.filter_by(group_id=group_id)
     try:
         return q.one().data
     except sql.NotFound:
         raise exception.MetadataNotFound()
Esempio n. 8
0
    def delete_tokens(self, user_id, tenant_id=None, trust_id=None,
                      consumer_id=None):
        """Deletes all tokens in one session

        The user_id will be ignored if the trust_id is specified. user_id
        will always be specified.
        If using a trust, the token's user_id is set to the trustee's user ID
        or the trustor's user ID, so will use trust_id to query the tokens.

        """
        session = db_session.get_session()
        with session.begin():
            now = timeutils.utcnow()
            query = session.query(TokenModel)
            query = query.filter_by(valid=True)
            query = query.filter(TokenModel.expires > now)
            if trust_id:
                query = query.filter(TokenModel.trust_id == trust_id)
            else:
                query = query.filter(TokenModel.user_id == user_id)

            for token_ref in query.all():
                if tenant_id:
                    token_ref_dict = token_ref.to_dict()
                    if not self._tenant_matches(tenant_id, token_ref_dict):
                        continue
                if consumer_id:
                    token_ref_dict = token_ref.to_dict()
                    if not self._consumer_matches(consumer_id, token_ref_dict):
                        continue

                token_ref.valid = False
Esempio n. 9
0
    def create_request_token(self,
                             consumer_id,
                             project_id,
                             token_duration,
                             request_token_id=None,
                             request_token_secret=None):
        if request_token_id is None:
            request_token_id = uuid.uuid4().hex
        if request_token_secret is None:
            request_token_secret = uuid.uuid4().hex
        expiry_date = None
        if token_duration:
            now = timeutils.utcnow()
            future = now + datetime.timedelta(seconds=token_duration)
            expiry_date = timeutils.isotime(future, subsecond=True)

        ref = {}
        ref['id'] = request_token_id
        ref['request_secret'] = request_token_secret
        ref['verifier'] = None
        ref['authorizing_user_id'] = None
        ref['requested_project_id'] = project_id
        ref['role_ids'] = None
        ref['consumer_id'] = consumer_id
        ref['expires_at'] = expiry_date
        session = db_session.get_session()
        with session.begin():
            token_ref = RequestToken.from_dict(ref)
            session.add(token_ref)
        return token_ref.to_dict()
Esempio n. 10
0
    def _get_metadata(self,
                      user_id=None,
                      tenant_id=None,
                      domain_id=None,
                      group_id=None,
                      session=None):
        # TODO(henry-nash): This method represents the last vestiges of the old
        # metadata concept in this driver.  Although we no longer need it here,
        # since the Manager layer uses the metadata concept across all
        # assignment drivers, we need to remove it from all of them in order to
        # finally remove this method.

        # We aren't given a session when called by the manager directly.
        if session is None:
            session = db_session.get_session()

        q = session.query(RoleAssignment)
        q = q.filter_by(actor_id=user_id or group_id)
        q = q.filter_by(target_id=tenant_id or domain_id)
        refs = q.all()
        if not refs:
            raise exception.MetadataNotFound()

        metadata_ref = {}
        metadata_ref['roles'] = []
        for assignment in refs:
            role_ref = {}
            role_ref['id'] = assignment.role_id
            if assignment.inherited and (
                    assignment.type == AssignmentType.USER_DOMAIN
                    or assignment.type == AssignmentType.GROUP_DOMAIN):
                role_ref['inherited_to'] = 'projects'
            metadata_ref['roles'].append(role_ref)

        return metadata_ref
Esempio n. 11
0
 def create_user(self, user_id, user):
     user = utils.hash_user_password(user)
     session = db_session.get_session()
     with session.begin():
         user_ref = User.from_dict(user)
         session.add(user_ref)
     return identity.filter_user(user_ref.to_dict())
Esempio n. 12
0
    def get_catalog(self, user_id, tenant_id, metadata=None):
        d = dict(six.iteritems(CONF))
        d.update({'tenant_id': tenant_id,
                  'user_id': user_id})

        session = db_session.get_session()
        endpoints = (session.query(Endpoint).
                     options(sql.joinedload(Endpoint.service)).
                     all())

        catalog = {}

        for endpoint in endpoints:
            region = endpoint['region']
            service_type = endpoint.service['type']
            default_service = {
                'id': endpoint['id'],
                'name': endpoint.service['name'],
                'publicURL': ''
            }
            catalog.setdefault(region, {})
            catalog[region].setdefault(service_type, default_service)
            url = core.format_url(endpoint['url'], d)
            interface_url = '%sURL' % endpoint['interface']
            catalog[region][service_type][interface_url] = url

        return catalog
Esempio n. 13
0
 def delete_trust(self, trust_id):
     session = db_session.get_session()
     with session.begin():
         trust_ref = session.query(TrustModel).get(trust_id)
         if not trust_ref:
             raise exception.TrustNotFound(trust_id=trust_id)
         trust_ref.deleted_at = timeutils.utcnow()
Esempio n. 14
0
 def create_endpoint(self, endpoint_id, endpoint_ref):
     session = db_session.get_session()
     self.get_service(endpoint_ref['service_id'])
     new_endpoint = Endpoint.from_dict(endpoint_ref)
     with session.begin():
         session.add(new_endpoint)
     return new_endpoint.to_dict()
Esempio n. 15
0
    def delete_credentials_for_user(self, user_id):
        session = db_session.get_session()

        with session.begin():
            query = session.query(CredentialModel)
            query = query.filter_by(user_id=user_id)
            query.delete()
Esempio n. 16
0
 def create_endpoint(self, endpoint_id, endpoint_ref):
     session = db_session.get_session()
     self.get_service(endpoint_ref['service_id'])
     new_endpoint = Endpoint.from_dict(endpoint_ref)
     with session.begin():
         session.add(new_endpoint)
     return new_endpoint.to_dict()
Esempio n. 17
0
    def delete_tokens(self, user_id, tenant_id=None, trust_id=None,
                      consumer_id=None):
        """Deletes all tokens in one session

        The user_id will be ignored if the trust_id is specified. user_id
        will always be specified.
        If using a trust, the token's user_id is set to the trustee's user ID
        or the trustor's user ID, so will use trust_id to query the tokens.

        """
        session = db_session.get_session()
        with session.begin():
            now = timeutils.utcnow()
            query = session.query(TokenModel)
            query = query.filter_by(valid=True)
            query = query.filter(TokenModel.expires > now)
            if trust_id:
                query = query.filter(TokenModel.trust_id == trust_id)
            else:
                query = query.filter(TokenModel.user_id == user_id)

            for token_ref in query.all():
                if tenant_id:
                    token_ref_dict = token_ref.to_dict()
                    if not self._tenant_matches(tenant_id, token_ref_dict):
                        continue
                if consumer_id:
                    token_ref_dict = token_ref.to_dict()
                    if not self._consumer_matches(consumer_id, token_ref_dict):
                        continue

                token_ref.valid = False
Esempio n. 18
0
 def delete_token(self, token_id):
     session = db_session.get_session()
     with session.begin():
         token_ref = session.query(TokenModel).get(token_id)
         if not token_ref or not token_ref.valid:
             raise exception.TokenNotFound(token_id=token_id)
         token_ref.valid = False
Esempio n. 19
0
    def get_key(self, name, generation=None, group=None):
        session = db_session.get_session()

        query = session.query(models.Host, models.Key)
        query = query.filter(models.Host.id == models.Key.host_id)
        query = query.filter(models.Host.name == name)

        if group is not None:
            query = query.filter(models.Host.group == group)

        if generation is not None:
            query = query.filter(models.Key.generation == generation)
        else:
            query = query.filter(
                models.Host.latest_generation == models.Key.generation)

        try:
            result = query.one()
        except exc.NoResultFound:
            return None

        return {
            'name': result.Host.name,
            'group': result.Host.group,
            'key': result.Key.enc_key,
            'signature': result.Key.signature,
            'generation': result.Key.generation,
            'expiration': result.Key.expiration
        }
Esempio n. 20
0
    def _get_metadata(self, user_id=None, tenant_id=None,
                      domain_id=None, group_id=None, session=None):
        # TODO(henry-nash): This method represents the last vestiges of the old
        # metadata concept in this driver.  Although we no longer need it here,
        # since the Manager layer uses the metadata concept across all
        # assignment drivers, we need to remove it from all of them in order to
        # finally remove this method.

        # We aren't given a session when called by the manager directly.
        if session is None:
            session = db_session.get_session()

        q = session.query(RoleAssignment)
        q = q.filter_by(actor_id=user_id or group_id)
        q = q.filter_by(target_id=tenant_id or domain_id)
        refs = q.all()
        if not refs:
            raise exception.MetadataNotFound()

        metadata_ref = {}
        metadata_ref['roles'] = []
        for assignment in refs:
            role_ref = {}
            role_ref['id'] = assignment.role_id
            if assignment.inherited and (
                    assignment.type == AssignmentType.USER_DOMAIN or
                    assignment.type == AssignmentType.GROUP_DOMAIN):
                role_ref['inherited_to'] = 'projects'
            metadata_ref['roles'].append(role_ref)

        return metadata_ref
Esempio n. 21
0
    def set_key(self, name, key, signature, group, expiration=None):
        session = db_session.get_session()

        with session.begin():
            q = session.query(models.Host)
            q = q.filter(models.Host.name == name)

            try:
                host = q.one()
            except exc.NoResultFound:
                host = models.Host(name=name, latest_generation=0, group=group)
            else:
                if host.group != group:
                    raise exception.GroupStatusChanged(name=name)

            host.latest_generation += 1
            host.keys.append(
                models.Key(signature=signature,
                           enc_key=key,
                           generation=host.latest_generation,
                           expiration=expiration))

            session.add(host)

        return host.latest_generation
Esempio n. 22
0
 def create_idp(self, idp_id, idp):
     session = db_session.get_session()
     with session.begin():
         idp['id'] = idp_id
         idp_ref = IdentityProviderModel.from_dict(idp)
         session.add(idp_ref)
     return idp_ref.to_dict()
Esempio n. 23
0
 def get_mapping_from_idp_and_protocol(self, idp_id, protocol_id):
     session = db_session.get_session()
     with session.begin():
         protocol_ref = self._get_protocol(session, idp_id, protocol_id)
         mapping_id = protocol_ref.mapping_id
         mapping_ref = self._get_mapping(session, mapping_id)
     return mapping_ref.to_dict()
Esempio n. 24
0
 def delete_trust(self, trust_id):
     session = db_session.get_session()
     with session.begin():
         trust_ref = session.query(TrustModel).get(trust_id)
         if not trust_ref:
             raise exception.TrustNotFound(trust_id=trust_id)
         trust_ref.deleted_at = timeutils.utcnow()
Esempio n. 25
0
 def delete_token(self, token_id):
     session = db_session.get_session()
     with session.begin():
         token_ref = session.query(TokenModel).get(token_id)
         if not token_ref or not token_ref.valid:
             raise exception.TokenNotFound(token_id=token_id)
         token_ref.valid = False
Esempio n. 26
0
 def list_credentials(self, **filters):
     session = db_session.get_session()
     query = session.query(CredentialModel)
     if "user_id" in filters:
         query = query.filter_by(user_id=filters.get("user_id"))
     refs = query.all()
     return [ref.to_dict() for ref in refs]
Esempio n. 27
0
    def delete_credentials_for_project(self, project_id):
        session = db_session.get_session()

        with session.begin():
            query = session.query(CredentialModel)
            query = query.filter_by(project_id=project_id)
            query.delete()
Esempio n. 28
0
    def get_catalog(self, user_id, tenant_id, metadata=None):
        d = dict(six.iteritems(CONF))
        d.update({'tenant_id': tenant_id, 'user_id': user_id})

        session = db_session.get_session()
        endpoints = (session.query(Endpoint).options(
            sql.joinedload(Endpoint.service)).all())

        catalog = {}

        for endpoint in endpoints:
            region = endpoint['region']
            service_type = endpoint.service['type']
            default_service = {
                'id': endpoint['id'],
                'name': endpoint.service['name'],
                'publicURL': ''
            }
            catalog.setdefault(region, {})
            catalog[region].setdefault(service_type, default_service)
            url = core.format_url(endpoint['url'], d)
            interface_url = '%sURL' % endpoint['interface']
            catalog[region][service_type][interface_url] = url

        return catalog
Esempio n. 29
0
    def create_request_token(self, consumer_id, project_id, token_duration,
                             request_token_id=None, request_token_secret=None):
        if request_token_id is None:
            request_token_id = uuid.uuid4().hex
        if request_token_secret is None:
            request_token_secret = uuid.uuid4().hex
        expiry_date = None
        if token_duration:
            now = timeutils.utcnow()
            future = now + datetime.timedelta(seconds=token_duration)
            expiry_date = timeutils.isotime(future, subsecond=True)

        ref = {}
        ref['id'] = request_token_id
        ref['request_secret'] = request_token_secret
        ref['verifier'] = None
        ref['authorizing_user_id'] = None
        ref['requested_project_id'] = project_id
        ref['role_ids'] = None
        ref['consumer_id'] = consumer_id
        ref['expires_at'] = expiry_date
        session = db_session.get_session()
        with session.begin():
            token_ref = RequestToken.from_dict(ref)
            session.add(token_ref)
        return token_ref.to_dict()
Esempio n. 30
0
    def delete_credentials_for_project(self, project_id):
        session = db_session.get_session()

        with session.begin():
            query = session.query(CredentialModel)
            query = query.filter_by(project_id=project_id)
            query.delete()
Esempio n. 31
0
 def list_credentials(self, **filters):
     session = db_session.get_session()
     query = session.query(CredentialModel)
     if 'user_id' in filters:
         query = query.filter_by(user_id=filters.get('user_id'))
     refs = query.all()
     return [ref.to_dict() for ref in refs]
Esempio n. 32
0
 def get_token(self, token_id):
     if token_id is None:
         raise exception.TokenNotFound(token_id=token_id)
     session = db_session.get_session()
     token_ref = session.query(TokenModel).get(token_id)
     if not token_ref or not token_ref.valid:
         raise exception.TokenNotFound(token_id=token_id)
     return token_ref.to_dict()
Esempio n. 33
0
 def create_region(self, region_ref):
     session = db_session.get_session()
     with session.begin():
         self._check_parent_region(session, region_ref)
         region = Region.from_dict(region_ref)
         session.add(region)
         session.flush()
     return region.to_dict()
Esempio n. 34
0
 def create_region(self, region_id, region_ref):
     session = db_session.get_session()
     with session.begin():
         self._check_parent_region(session, region_ref)
         region = Region.from_dict(region_ref)
         session.add(region)
         session.flush()
     return region.to_dict()
Esempio n. 35
0
    def create_policy(self, policy_id, policy):
        session = db_session.get_session()

        with session.begin():
            ref = PolicyModel.from_dict(policy)
            session.add(ref)

        return ref.to_dict()
Esempio n. 36
0
 def test_token_revocation_list_uses_right_columns(self):
     # This query used to be heavy with too many columns. We want
     # to make sure it is only running with the minimum columns
     # necessary.
     fixture = self.useFixture(moxstubout.MoxStubout())
     self.mox = fixture.mox
     tok = token_sql.Token()
     session = db_session.get_session()
     q = session.query(token_sql.TokenModel.id,
                       token_sql.TokenModel.expires)
     self.mox.StubOutWithMock(session, 'query')
     session.query(token_sql.TokenModel.id,
                   token_sql.TokenModel.expires).AndReturn(q)
     self.mox.StubOutWithMock(db_session, 'get_session')
     db_session.get_session().AndReturn(session)
     self.mox.ReplayAll()
     tok.list_revoked_tokens()
Esempio n. 37
0
 def delete_region(self, region_id):
     session = db_session.get_session()
     with session.begin():
         ref = self._get_region(session, region_id)
         self._delete_child_regions(session, region_id)
         session.query(Region).filter_by(id=region_id).delete()
         session.delete(ref)
         session.flush()
Esempio n. 38
0
 def delete_region(self, region_id):
     session = db_session.get_session()
     with session.begin():
         ref = self._get_region(session, region_id)
         self._delete_child_regions(session, region_id)
         session.query(Region).filter_by(id=region_id).delete()
         session.delete(ref)
         session.flush()
Esempio n. 39
0
 def test_token_revocation_list_uses_right_columns(self):
     # This query used to be heavy with too many columns. We want
     # to make sure it is only running with the minimum columns
     # necessary.
     fixture = self.useFixture(moxstubout.MoxStubout())
     self.mox = fixture.mox
     tok = token_sql.Token()
     session = db_session.get_session()
     q = session.query(token_sql.TokenModel.id,
                       token_sql.TokenModel.expires)
     self.mox.StubOutWithMock(session, 'query')
     session.query(token_sql.TokenModel.id,
                   token_sql.TokenModel.expires).AndReturn(q)
     self.mox.StubOutWithMock(db_session, 'get_session')
     db_session.get_session().AndReturn(session)
     self.mox.ReplayAll()
     tok.list_revoked_tokens()
Esempio n. 40
0
 def delete_idp(self, idp_id):
     session = db_session.get_session()
     with session.begin():
         idp_ref = self._get_idp(session, idp_id)
         q = session.query(IdentityProviderModel)
         q = q.filter_by(id=idp_id)
         q.delete(synchronize_session=False)
         session.delete(idp_ref)
Esempio n. 41
0
 def delete_protocol(self, idp_id, protocol_id):
     session = db_session.get_session()
     with session.begin():
         key_ref = self._get_protocol(session, idp_id, protocol_id)
         q = session.query(FederationProtocolModel)
         q = q.filter_by(id=protocol_id, idp_id=idp_id)
         q.delete(synchronize_session=False)
         session.delete(key_ref)
Esempio n. 42
0
 def delete_protocol(self, idp_id, protocol_id):
     session = db_session.get_session()
     with session.begin():
         key_ref = self._get_protocol(session, idp_id, protocol_id)
         q = session.query(FederationProtocolModel)
         q = q.filter_by(id=protocol_id, idp_id=idp_id)
         q.delete(synchronize_session=False)
         session.delete(key_ref)
Esempio n. 43
0
 def delete_idp(self, idp_id):
     session = db_session.get_session()
     with session.begin():
         idp_ref = self._get_idp(session, idp_id)
         q = session.query(IdentityProviderModel)
         q = q.filter_by(id=idp_id)
         q.delete(synchronize_session=False)
         session.delete(idp_ref)
Esempio n. 44
0
 def get_token(self, token_id):
     if token_id is None:
         raise exception.TokenNotFound(token_id=token_id)
     session = db_session.get_session()
     token_ref = session.query(TokenModel).get(token_id)
     if not token_ref or not token_ref.valid:
         raise exception.TokenNotFound(token_id=token_id)
     return token_ref.to_dict()
Esempio n. 45
0
 def create_mapping(self, mapping_id, mapping):
     session = db_session.get_session()
     ref = {}
     ref['id'] = mapping_id
     ref['rules'] = jsonutils.dumps(mapping.get('rules'))
     with session.begin():
         mapping_ref = MappingModel.from_dict(ref)
         session.add(mapping_ref)
     return mapping_ref.to_dict()
Esempio n. 46
0
 def create_protocol(self, idp_id, protocol_id, protocol):
     session = db_session.get_session()
     with session.begin():
             self._get_idp(session, idp_id)
             protocol['id'] = protocol_id
             protocol['idp_id'] = idp_id
             protocol_ref = FederationProtocolModel.from_dict(protocol)
             session.add(protocol_ref)
     return protocol_ref.to_dict()
Esempio n. 47
0
 def check_user_in_group(self, user_id, group_id):
     session = db_session.get_session()
     self.get_group(group_id)
     self.get_user(user_id)
     query = session.query(UserGroupMembership)
     query = query.filter_by(user_id=user_id)
     query = query.filter_by(group_id=group_id)
     if not query.first():
         raise exception.NotFound(_('User not found in group'))
Esempio n. 48
0
 def check_user_in_group(self, user_id, group_id):
     session = db_session.get_session()
     self.get_group(group_id)
     self.get_user(user_id)
     query = session.query(UserGroupMembership)
     query = query.filter_by(user_id=user_id)
     query = query.filter_by(group_id=group_id)
     if not query.first():
         raise exception.NotFound(_('User not found in group'))
Esempio n. 49
0
 def create_consumer(self, consumer):
     consumer['secret'] = uuid.uuid4().hex
     if not consumer.get('description'):
         consumer['description'] = None
     session = db_session.get_session()
     with session.begin():
         consumer_ref = Consumer.from_dict(consumer)
         session.add(consumer_ref)
     return consumer_ref.to_dict()
Esempio n. 50
0
 def create_mapping(self, mapping_id, mapping):
     session = db_session.get_session()
     ref = {}
     ref['id'] = mapping_id
     ref['rules'] = jsonutils.dumps(mapping.get('rules'))
     with session.begin():
         mapping_ref = MappingModel.from_dict(ref)
         session.add(mapping_ref)
     return mapping_ref.to_dict()
Esempio n. 51
0
 def create_protocol(self, idp_id, protocol_id, protocol):
     session = db_session.get_session()
     with session.begin():
             self._get_idp(session, idp_id)
             protocol['id'] = protocol_id
             protocol['idp_id'] = idp_id
             protocol_ref = FederationProtocolModel.from_dict(protocol)
             session.add(protocol_ref)
     return protocol_ref.to_dict()
Esempio n. 52
0
 def create_consumer(self, consumer):
     consumer['secret'] = uuid.uuid4().hex
     if not consumer.get('description'):
         consumer['description'] = None
     session = db_session.get_session()
     with session.begin():
         consumer_ref = Consumer.from_dict(consumer)
         session.add(consumer_ref)
     return consumer_ref.to_dict()
Esempio n. 53
0
 def update_consumer(self, consumer_id, consumer):
     session = db_session.get_session()
     with session.begin():
         consumer_ref = self._get_consumer(session, consumer_id)
         old_consumer_dict = consumer_ref.to_dict()
         old_consumer_dict.update(consumer)
         new_consumer = Consumer.from_dict(old_consumer_dict)
         consumer_ref.description = new_consumer.description
         consumer_ref.extra = new_consumer.extra
     return core.filter_consumer(consumer_ref.to_dict())
Esempio n. 54
0
 def update_consumer(self, consumer_id, consumer):
     session = db_session.get_session()
     with session.begin():
         consumer_ref = self._get_consumer(session, consumer_id)
         old_consumer_dict = consumer_ref.to_dict()
         old_consumer_dict.update(consumer)
         new_consumer = Consumer.from_dict(old_consumer_dict)
         consumer_ref.description = new_consumer.description
         consumer_ref.extra = new_consumer.extra
     return core.filter_consumer(consumer_ref.to_dict())
Esempio n. 55
0
 def update_idp(self, idp_id, idp):
     session = db_session.get_session()
     with session.begin():
         idp_ref = self._get_idp(session, idp_id)
         old_idp = idp_ref.to_dict()
         old_idp.update(idp)
         new_idp = IdentityProviderModel.from_dict(old_idp)
         for attr in IdentityProviderModel.mutable_attributes:
             setattr(idp_ref, attr, getattr(new_idp, attr))
     return idp_ref.to_dict()
Esempio n. 56
0
 def update_protocol(self, idp_id, protocol_id, protocol):
     session = db_session.get_session()
     with session.begin():
         proto_ref = self._get_protocol(session, idp_id, protocol_id)
         old_proto = proto_ref.to_dict()
         old_proto.update(protocol)
         new_proto = FederationProtocolModel.from_dict(old_proto)
         for attr in FederationProtocolModel.mutable_attributes:
             setattr(proto_ref, attr, getattr(new_proto, attr))
     return proto_ref.to_dict()
Esempio n. 57
0
 def update_idp(self, idp_id, idp):
     session = db_session.get_session()
     with session.begin():
         idp_ref = self._get_idp(session, idp_id)
         old_idp = idp_ref.to_dict()
         old_idp.update(idp)
         new_idp = IdentityProviderModel.from_dict(old_idp)
         for attr in IdentityProviderModel.mutable_attributes:
             setattr(idp_ref, attr, getattr(new_idp, attr))
     return idp_ref.to_dict()
Esempio n. 58
0
 def update_protocol(self, idp_id, protocol_id, protocol):
     session = db_session.get_session()
     with session.begin():
         proto_ref = self._get_protocol(session, idp_id, protocol_id)
         old_proto = proto_ref.to_dict()
         old_proto.update(protocol)
         new_proto = FederationProtocolModel.from_dict(old_proto)
         for attr in FederationProtocolModel.mutable_attributes:
             setattr(proto_ref, attr, getattr(new_proto, attr))
     return proto_ref.to_dict()
Esempio n. 59
0
 def get_user_by_name(self, user_name, domain_id):
     session = db_session.get_session()
     query = session.query(User)
     query = query.filter_by(name=user_name)
     query = query.filter_by(domain_id=domain_id)
     try:
         user_ref = query.one()
     except sql.NotFound:
         raise exception.UserNotFound(user_id=user_name)
     return identity.filter_user(user_ref.to_dict())