def add_role():
form = request.form
try:
utils.create_role(form['rolename'])
flash(messages.ROLE_CREATED, 'success')
except Exception, e:
flash('{0} {1}'.format(messages.NEW_ROLE_ERROR, e), 'error')
def add_role():
form = request.form
try:
utils.create_role(form['rolename'])
flash(messages.ROLE_CREATED, 'success')
except Exception, e:
flash('{0} {1}'.format(messages.NEW_ROLE_ERROR, e), 'error')
def create_user():
try:
redis = get_redis_connection()
username = raw_input('Username: '******'Password: '******' (confirm): ')
if password_confirm == password:
break
else:
print('Passwords do not match... Try again...')
role = raw_input('Role: ').strip()
# create role if needed
if not redis.get(schema.ROLES.format(role)):
utils.create_role(role)
utils.create_user(username=username, password=password, role=role, active=True)
print('User created/updated successfully...')
except KeyboardInterrupt:
pass
def create_user():
db = get_db_connection()
try:
username = raw_input('Username: '******'Email: ').strip()
while True:
password = getpass('Password: '******' (confirm): ')
if password_confirm == password:
break
else:
print('Passwords do not match... Try again...')
role = raw_input('Role: ').strip()
# create role if needed
if not db.roles.find_one(schema.role(role)):
utils.create_role(role)
utils.create_user(username=username, email=email, password=password, \
role=role, enabled=True)
print('User created/updated successfully...')
except KeyboardInterrupt:
pass
def create_user():
db = get_db_connection()
try:
username = raw_input('Username: '******'Email: ').strip()
while True:
password = getpass('Password: '******' (confirm): ')
if password_confirm == password:
break
else:
print('Passwords do not match... Try again...')
role = raw_input('Role: ').strip()
# create role if needed
if not db.get(schema.ROLE_KEY.format(role)):
utils.create_role(role)
utils.create_user(username=username, email=email, password=password, \
role=role, enabled=True)
print('User created/updated successfully...')
except KeyboardInterrupt:
pass
def _create_roles(self):
self.admin_role = utils.create_role(self.admin_client, 'admin')
self.member_role = utils.create_role(self.admin_client, 'Member')
self.cloud_admin_role = \
utils.create_role(self.admin_client, 'cloud_admin')
self.domain_admin_role = \
utils.create_role(self.admin_client, 'domain_admin')
self.project_admin_role = \
utils.create_role(self.admin_client, 'project_admin')
self.project_member_role = \
utils.create_role(self.admin_client, 'project_member')
def test_role_ops(self):
test_role = get_random_string()
assert utils.create_role(test_role)
assert utils.get_role(test_role) != None
assert utils.delete_role(test_role)
assert utils.get_role(test_role) == None
and domain_id:cloud_admin_domain_id",
"""
# Regular admin login
admin_client = utils.create_client('admin', 'admin', 'admin', 'Default',
'Default', 'http://*****:*****@example.com', admin_project.id,
admin_domain.id)
# Create cloud_admin role (admin in this case)
admin_role = utils.create_role(admin_client, 'admin')
# Grant roles at cloud_admin_domain and cloud_admin_project
utils.grant_project_role(admin_client, admin_role.id, cloud_admin.id,
admin_project.id)
utils.grant_domain_role(admin_client, admin_role.id, cloud_admin.id,
admin_domain.id)
# Print cloud_admin_domain id to be used at domain_id rule
print admin_domain.id
'Default',
'Default',
'http://*****:*****@example.com',
admin_project.id,
admin_domain.id)
# Create cloud_admin role (admin in this case)
admin_role = utils.create_role(admin_client, 'admin')
# Grant roles at cloud_admin_domain and cloud_admin_project
utils.grant_project_role(admin_client, admin_role.id,
cloud_admin.id, admin_project.id)
utils.grant_domain_role(admin_client, admin_role.id,
cloud_admin.id, admin_domain.id)
# Print cloud_admin_domain id to be used at domain_id rule
print admin_domain.id
def test_create_role(self):
assert utils.create_role(self._test_user_role)
assert utils.delete_role(self._test_user_role)
"""
In the case of using cloud_admin rule using
a specific domain:
"admin_required": "(role:admin or is_admin:1)
and domain_id:cloud_admin_domain_id",
"""
# Regular admin login
admin_client = utils.create_client("admin", "admin", "admin", "Default", "Default", "http://10.1.0.22:5000/v3")
# Create cloud_admin_domain
admin_domain = utils.create_domain(admin_client, "cloud_admin_domain")
# Create cloud_admin_project
admin_project = utils.create_project(admin_client, "cloud_admin_project", admin_domain)
# Craete cloud_admin user
cloud_admin = utils.create_user(
admin_client, "cloud_admin", "cloud_admin", "*****@*****.**", admin_project.id, admin_domain.id
)
# Create cloud_admin role (admin in this case)
admin_role = utils.create_role(admin_client, "admin")
# Grant roles at cloud_admin_domain and cloud_admin_project
utils.grant_project_role(admin_client, admin_role.id, cloud_admin.id, admin_project.id)
utils.grant_domain_role(admin_client, admin_role.id, cloud_admin.id, admin_domain.id)
# Print cloud_admin_domain id to be used at domain_id rule
print admin_domain.id
def _create_test_role(self, name):
return utils.create_role(self.admin_client, name)
'admin',
'Default',
'Default',
'http://*****:*****@example.com',
admin_project.id,
admin_domain.id)
# CREATE ROLE CLOUD ADMIN
cloud_admin_role = utils.create_role(admin_client, 'cloud_admin')
# GRANT ADMIN ROLE AT DOMAIN
utils.grant_domain_role(admin_client, cloud_admin_role.id,
cloud_admin.id, admin_domain.id)
print cloud_admin
print admin_domain
print admin_project
def _create_roles(self):
self.admin_role = utils.create_role(self.admin_client, 'admin')
self.member_role = utils.create_role(self.admin_client, '_member_')
