def resume(request): userid = request.COOKIES['pivot'] attributes = get_manager(request) response = None if attributes: try: with transaction.atomic(): extId = attributes.username registr = Registration.objects.filter(userid=userid)[0] u_map = UserMapping(globaluser=extId, registration=registr) u_map.save(force_insert=True) LOG.debug('Calling resume with %s/idmanager' % attributes.root_url) response = shortcuts.redirect(attributes.root_url + '/idmanager') except IntegrityError: LOG.error("Duplicate map for %s in %s" % (userid, extId)) response = shortcuts.redirect(reverse('logout')) response.set_cookie('logout_reason', _("An account already uses the selected identity")) except: LOG.error("Cannot map userid %s" % userid, exc_info=True) response = shortcuts.redirect(reverse('logout')) err_msg = "A failure occurs authenticating user\nPlease, contact the cloud managers" response.set_cookie('logout_reason', err_msg) else: response = shortcuts.redirect('/dashboard') response.delete_cookie('pivot') return response
def handle(self, request, data): if not data['username']: messages.error(request, _("Cannot process request: missing username")) return False try: tenantadmin_roleid, default_roleid = check_and_get_roleids(request) with transaction.atomic(): registration = Registration.objects.get(regid=int(data['regid'])) reg_request = RegRequest.objects.filter( registration=registration, flowstatus=RSTATUS_PENDING )[0] prjReqList = PrjRequest.objects.filter(registration=registration) password = reg_request.password if not password: password = generate_pwd() user_email = reg_request.email # # Mapping of external accounts # is_local = True if reg_request.externalid: mapping = UserMapping(globaluser=reg_request.externalid, registration=reg_request.registration) mapping.save() is_local = False LOG.info("Registered external account %s" % reg_request.externalid) # # Forward request to project administrators # q_args = { 'project__projectid__isnull' : False, 'flowstatus' : PSTATUS_REG } prjReqList.filter(**q_args).update(flowstatus=PSTATUS_PENDING) # # Creation of new tenants # self.preprocess_prj(registration, data) new_prj_list = list() p_reqs = prjReqList.filter( project__projectid__isnull = True, flowstatus = PSTATUS_REG ) if len(p_reqs): newreq_prj = p_reqs[0].project kprj = keystone_api.tenant_create(request, newreq_prj.projectname, newreq_prj.description, True) newreq_prj.projectid = kprj.id newreq_prj.save() new_prj_list.append(newreq_prj) setup_new_project(request, kprj.id, newreq_prj.projectname, data) LOG.info("Created tenant %s" % newreq_prj.projectname) # # User creation # if not registration.userid: kuser = keystone_api.user_create(request, name=registration.username, password=password, email=user_email, enabled=True) if is_local: registration.username = data['username'] registration.expdate = self.expiration registration.userid = kuser.id registration.save() LOG.info("Created user %s" % registration.username) mail_obj = EMail() mail_obj.registration = registration mail_obj.email = user_email mail_obj.save() # # The new user is the project manager of its tenant # register the expiration date per tenant # for prj_item in new_prj_list: expiration = Expiration() expiration.registration = registration expiration.project = prj_item expiration.expdate = self.expiration expiration.save() prjRole = PrjRole() prjRole.registration = registration prjRole.project = prj_item prjRole.roleid = tenantadmin_roleid prjRole.save() keystone_api.add_tenant_user_role(request, prj_item.projectid, registration.userid, tenantadmin_roleid) # # Send notifications to project administrators and users # for p_item in prjReqList.filter(flowstatus=PSTATUS_PENDING): m_userids = get_prjman_ids(request, p_item.project.projectid) tmpres = EMail.objects.filter(registration__userid__in=m_userids) m_emails = [ x.email for x in tmpres ] noti_params = { 'username' : data['username'], 'project' : p_item.project.projectname } notifyProject(request=self.request, rcpt=m_emails, action=SUBSCR_WAIT_TYPE, context=noti_params, dst_project_id=p_item.project.projectid) n2_params = { 'username' : p_item.registration.username, 'project' : p_item.project.projectname, 'prjadmins' : m_emails } notifyUser(request=self.request, rcpt=user_email, action=SUBSCR_ONGOING, context=n2_params, dst_project_id=p_item.project.projectid, dst_user_id=registration.userid) newprj_reqs = prjReqList.filter(flowstatus=PSTATUS_REG) for p_item in newprj_reqs: noti_params = { 'username' : p_item.registration.username, 'project' : p_item.project.projectname } notifyUser(request=self.request, rcpt=user_email, action=FIRST_REG_OK_TYPE, context=noti_params, dst_project_id=p_item.project.projectid, dst_user_id=p_item.registration.userid) # # cache cleanup # newprj_reqs.delete() reg_request.delete() self.post_reminder(registration, user_email) except: LOG.error("Error pre-checking request", exc_info=True) messages.error(request, _("Cannot pre-check request")) return False return True
def handle(self, request, data): if not data['username']: messages.error(request, _("Cannot process request: missing username")) return False try: tenantadmin_roleid, default_roleid = check_and_get_roleids(request) with transaction.atomic(): registration = Registration.objects.get( regid=int(data['regid'])) reg_request = RegRequest.objects.filter( registration=registration, flowstatus=RSTATUS_PENDING)[0] prjReqList = PrjRequest.objects.filter( registration=registration) password = reg_request.password if not password: password = generate_pwd() user_email = reg_request.email # # Mapping of external accounts # is_local = True if reg_request.externalid: mapping = UserMapping( globaluser=reg_request.externalid, registration=reg_request.registration) mapping.save() is_local = False LOG.info("Registered external account %s" % reg_request.externalid) # # Forward request to project administrators # q_args = { 'project__projectid__isnull': False, 'flowstatus': PSTATUS_REG } prjReqList.filter(**q_args).update(flowstatus=PSTATUS_PENDING) # # Creation of new tenants # self.preprocess_prj(registration, data) new_prj_list = list() p_reqs = prjReqList.filter(project__projectid__isnull=True, flowstatus=PSTATUS_REG) if len(p_reqs): newreq_prj = p_reqs[0].project kprj = keystone_api.tenant_create(request, newreq_prj.projectname, newreq_prj.description, True) newreq_prj.projectid = kprj.id newreq_prj.save() new_prj_list.append(newreq_prj) setup_new_project(request, kprj.id, newreq_prj.projectname, data) LOG.info("Created tenant %s" % newreq_prj.projectname) # # User creation # if not registration.userid: if is_local: registration.username = data['username'] kuser = keystone_api.user_create( request, name=registration.username, password=password, email=user_email, enabled=True) registration.expdate = self.expiration registration.userid = kuser.id registration.save() LOG.info("Created user %s" % registration.username) mail_obj = EMail() mail_obj.registration = registration mail_obj.email = user_email mail_obj.save() # # The new user is the project manager of its tenant # register the expiration date per tenant # for prj_item in new_prj_list: expiration = Expiration() expiration.registration = registration expiration.project = prj_item expiration.expdate = self.expiration expiration.save() prjRole = PrjRole() prjRole.registration = registration prjRole.project = prj_item prjRole.roleid = tenantadmin_roleid prjRole.save() keystone_api.add_tenant_user_role(request, prj_item.projectid, registration.userid, tenantadmin_roleid) # # Send notifications to project administrators and users # for p_item in prjReqList.filter(flowstatus=PSTATUS_PENDING): m_userids = get_prjman_ids(request, p_item.project.projectid) tmpres = EMail.objects.filter( registration__userid__in=m_userids) m_emails = [x.email for x in tmpres] noti_params = { 'username': data['username'], 'project': p_item.project.projectname } notifyProject(request=self.request, rcpt=m_emails, action=SUBSCR_WAIT_TYPE, context=noti_params, dst_project_id=p_item.project.projectid) n2_params = { 'username': p_item.registration.username, 'project': p_item.project.projectname, 'prjadmins': m_emails } notifyUser(request=self.request, rcpt=user_email, action=SUBSCR_ONGOING, context=n2_params, dst_project_id=p_item.project.projectid, dst_user_id=registration.userid) newprj_reqs = prjReqList.filter(flowstatus=PSTATUS_REG) for p_item in newprj_reqs: noti_params = { 'username': p_item.registration.username, 'project': p_item.project.projectname } notifyUser(request=self.request, rcpt=user_email, action=FIRST_REG_OK_TYPE, context=noti_params, dst_project_id=p_item.project.projectid, dst_user_id=p_item.registration.userid) # # cache cleanup # newprj_reqs.delete() reg_request.delete() self.post_reminder(registration, user_email) except: LOG.error("Error pre-checking request", exc_info=True) messages.error(request, _("Cannot pre-check request")) return False return True
def handle(self, request, data): try: tenantadmin_roleid, default_roleid = check_and_get_roleids(request) with transaction.atomic(): registration = Registration.objects.get(regid=int(data['regid'])) reg_request = RegRequest.objects.filter(registration=registration)[0] q_args = { 'registration' : registration, 'project__status' : PRJ_GUEST } prj_reqs = PrjRequest.objects.filter(**q_args) project_id = prj_reqs[0].project.projectid project_name = prj_reqs[0].project.projectname password = reg_request.password if not password: password = generate_pwd() user_email = reg_request.email # # Mapping of external accounts # if reg_request.externalid: mapping = UserMapping(globaluser=reg_request.externalid, registration=reg_request.registration) mapping.save() LOG.info("Registered external account %s" % reg_request.externalid) # # Insert expiration date per tenant # expiration = Expiration() expiration.registration = prj_reqs[0].registration expiration.project = prj_reqs[0].project expiration.expdate = data['expiration'] expiration.save() # # clear requests # prj_reqs.delete() reg_request.delete() # # User creation # kuser = keystone_api.user_create(request, name=registration.username, password=password, email=user_email, enabled=True) registration.username = data['username'] registration.expdate = data['expiration'] registration.userid = kuser.id registration.save() LOG.info("Created guest user %s" % registration.username) keystone_api.add_tenant_user_role(request, project_id, registration.userid, default_roleid) # # Send notification to the user # noti_params = { 'username' : registration.username, 'project' : project_name, 'guestmode' : True } noti_sbj, noti_body = notification_render(FIRST_REG_OK_TYPE, noti_params) notifyUsers(user_email, noti_sbj, noti_body) except: LOG.error("Error pre-checking project", exc_info=True) messages.error(request, _("Cannot pre-check project")) return False return True
def handle(self, request, data): if not data['username']: messages.error(request, _("Cannot process request: missing username")) return False try: tenantadmin_roleid, default_roleid = check_and_get_roleids(request) with transaction.atomic(): registration = Registration.objects.get(regid=int(data['regid'])) reg_request = RegRequest.objects.filter(registration=registration)[0] prjReqList = PrjRequest.objects.filter(registration=registration) password = reg_request.password if not password: password = generate_pwd() user_email = reg_request.email # # Mapping of external accounts # if reg_request.externalid: mapping = UserMapping(globaluser=reg_request.externalid, registration=reg_request.registration) mapping.save() LOG.info("Registered external account %s" % reg_request.externalid) # # Forward request to project administrators # q_args = { 'project__projectid__isnull' : False, 'flowstatus' : PSTATUS_REG } prjReqList.filter(**q_args).update(flowstatus=PSTATUS_PENDING) # # Creation of new tenants # new_prj_list = list() q_args = { 'project__projectid__isnull' : True, 'flowstatus' : PSTATUS_REG } for p_reqs in prjReqList.filter(**q_args): kprj = keystone_api.tenant_create(request, p_reqs.project.projectname, p_reqs.project.description, True) p_reqs.project.projectid = kprj.id p_reqs.project.save() new_prj_list.append(p_reqs.project) LOG.info("Created tenant %s" % p_reqs.project.projectname) # # User creation # if not registration.userid: kuser = keystone_api.user_create(request, name=registration.username, password=password, email=user_email, enabled=True) registration.username = data['username'] registration.expdate = self.expiration registration.userid = kuser.id registration.save() LOG.info("Created user %s" % registration.username) # # The new user is the project manager of its tenant # register the expiration date per tenant # for prj_item in new_prj_list: expiration = Expiration() expiration.registration = registration expiration.project = prj_item expiration.expdate = self.expiration expiration.save() keystone_api.add_tenant_user_role(request, prj_item.projectid, registration.userid, tenantadmin_roleid) # # Send notifications to project administrators and users # for p_item in prjReqList.filter(flowstatus=PSTATUS_PENDING): m_users = get_project_managers(request, p_item.project.projectid) m_emails = [ usr.email for usr in m_users ] noti_params = { 'username' : data['username'], 'project' : p_item.project.projectname } noti_sbj, noti_body = notification_render(SUBSCR_WAIT_TYPE, noti_params) notifyUsers(m_emails, noti_sbj, noti_body) n2_params = { 'project' : p_item.project.projectname, 'prjadmins' : m_emails } noti_sbj, noti_body = notification_render(SUBSCR_ONGOING, n2_params) notifyUsers(user_email, noti_sbj, noti_body) newprj_reqs = prjReqList.filter(flowstatus=PSTATUS_REG) for p_item in newprj_reqs: noti_params = { 'username' : p_item.registration.username, 'project' : p_item.project.projectname, 'guestmode' : False } noti_sbj, noti_body = notification_render(FIRST_REG_OK_TYPE, noti_params) notifyUsers(user_email, noti_sbj, noti_body) # # cache cleanup # newprj_reqs.delete() reg_request.delete() except: LOG.error("Error pre-checking request", exc_info=True) messages.error(request, _("Cannot pre-check request")) return False return True