def add_user_role(keystone_user, role, user_tenant_id): LOG.info("ddddddddd") datacenter = DataCenter.get_default() rc = create_rc_by_dc(datacenter) LOG.info("********* keystone_user is *********" + str(keystone_user)) LOG.info("********* role is *********" + str(role)) LOG.info("********* user_tenant_id is *********" + str(user_tenant_id)) # get user_id users = keystone.user_list(rc, project=user_tenant_id) LOG.info("******* users are ******" + str(users)) user_id = None for u in users: if u.username == keystone_user: user_id = u.id LOG.info("****** user_id is *********" + str(user_id)) role_id = None roles = keystone.role_list(rc) for r in roles: if r.name == role: role_id = r.id LOG.info("******** role_id is ********" + str(role_id)) try: keystone.add_tenant_user_role(rc, project=user_tenant_id, user=user_id, role=role_id) except: pass return False
def add_user_tenants(request, tenant_id, ID): datacenter = DataCenter.get_default() rc = create_rc_by_dc(datacenter) roles = keystone.role_list(rc) LOG.info("------------------roles are----------------" + str(roles)) #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0] # Grant basic role to user roles_id = [] for role in roles: if role.name in ['SwiftOperator', '_member_', 'heat_stack_owner']: roles_id.append(role) #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0] #LOG.info("------------------ member role is ----------------" + str(member_role.id)) #LOG.info("------------------ user id is ----------------" + str(u.id)) for role in roles_id: try: keystone.add_tenant_user_role(rc, project=tenant_id, user=ID, role=role.id) except: pass return True
def link_user_to_dc_task(user, datacenter, **kwargs): LOG.info("New user: Start action [%s]" % user.username) rc = create_rc_by_dc(datacenter) tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id) try: keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id, user.username.split('@')[0]) except: keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id) pwd = "cloud!@#%s" % random.randrange(100000, 999999) t = keystone.tenant_create(rc, name=tenant_name, description=user.username) LOG.info("New user: create tanant [%s][tid:%s]" % (user.username, t.id)) u = keystone.user_create(rc, name=keystone_user, email=user.email, password=pwd, project=t.id) LOG.info("New user: create user [%s][uid:%s]" % (user.username, u.id)) roles = keystone.role_list(rc) admin_role = filter(lambda r: r.name.lower() == "admin", roles)[0] keystone.add_tenant_user_role(rc, project=t.id, user=u.id, role=admin_role.id) LOG.info("New user: add role [%s][role:%s]" % (user.username, admin_role.id)) udc = UserDataCenter.objects.create( data_center = datacenter, user = user, tenant_name = tenant_name, tenant_uuid = t.id, keystone_user = keystone_user, keystone_password = pwd, ) LOG.info("New user: link to datacenter [%s][udc:%s]" % (user.username, udc.id)) try: edit_default_security_group(user, udc) except Exception as ex: LOG.exception(ex) try: Contract.objects.create( user = user, udc = udc, name = user.username, customer = user.username, start_date = datetime.datetime.now(), end_date = datetime.datetime.now(), deleted = False ) except Exception as ex: LOG.exception(ex) return u
def user_create(t): u = keystone.user_create(None, name="zhangh", email="*****@*****.**", password="******", project=t.id) roles = keystone.role_list(None) admin_role = filter(lambda r: r.name.lower() == "admin", roles)[0] keystone.add_tenant_user_role(None, project=t.id, user=u.id, role=admin_role.id) print u return u
def link_user_to_dc_task(user, datacenter): LOG.info("New user: Start action [%s]" % user.username) registered_udc = UserDataCenter.objects.filter(user=user, data_center=datacenter) if len(registered_udc) > 0: LOG.info("New user: has registere to datacenter [%s][%s]" % ( user.username, datacenter.name)) return True rc = create_rc_by_dc(datacenter) tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id) try: keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id, user.username.split('@')[0]) except: keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id) pwd = "cloud!@#%s" % random.randrange(100000, 999999) t = keystone.tenant_create(rc, name=tenant_name, description=user.username) LOG.info("New user: create tanant [%s][tid:%s]" % (user.username, t.id)) u = keystone.user_create(rc, name=keystone_user, email=user.email, password=pwd, project=t.id) LOG.info("New user: create user [%s][uid:%s]" % (user.username, u.id)) roles = keystone.role_list(rc) admin_role = filter(lambda r: r.name.lower() == "admin", roles)[0] keystone.add_tenant_user_role(rc, project=t.id, user=u.id, role=admin_role.id) LOG.info( "New user: add role [%s][role:%s]" % (user.username, admin_role.id)) udc = UserDataCenter.objects.create( data_center=datacenter, user=user, tenant_name=tenant_name, tenant_uuid=t.id, keystone_user=keystone_user, keystone_password=pwd, ) LOG.info( "New user: link to datacenter [%s][udc:%s]" % (user.username, udc.id)) try: edit_default_security_group(user, udc) except Exception as ex: LOG.exception(ex) try: Contract.objects.create( user=user, udc=udc, name=user.username, customer=user.username, start_date=datetime.datetime.now(), end_date=datetime.datetime.now(), deleted=False ) except Exception as ex: LOG.exception(ex) return u
def link_user_to_dc_task(user, datacenter): if UserDataCenter.objects.filter( user=user, data_center=datacenter).exists(): LOG.info("User[%s] has already registered to data center [%s]", user.username, datacenter.name) return True rc = create_rc_by_dc(datacenter) tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id) keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id, user.username) LOG.info("Begin to register user [%s] in data center [%s]", user.username, datacenter.name) t = keystone.tenant_create(rc, name=tenant_name, description=user.username) LOG.info("User[%s] is registered as tenant[id:%s][name:%s] in " "data center [%s]", user.username, t.id, tenant_name, datacenter.name) pwd = "cloud!@#%s" % random.randrange(100000, 999999) u = keystone.user_create(rc, name=keystone_user, email=user.email, password=pwd, project=t.id) LOG.info("User[%s] is registered as keystone user[uid:%s] in " "data center[%s]", user.username, u.id, datacenter.name) roles = keystone.role_list(rc) admin_role = filter(lambda r: r.name.lower() == "admin", roles)[0] keystone.add_tenant_user_role(rc, project=t.id, user=u.id, role=admin_role.id) LOG.info("Admin role[%s] in tenant[%s] is granted to user[%s]", admin_role.id, t.id, user.username) udc = UserDataCenter.objects.create( data_center=datacenter, user=user, tenant_name=tenant_name, tenant_uuid=t.id, keystone_user=keystone_user, keystone_password=pwd, ) LOG.info("Register user[%s] to datacenter [udc:%s] successfully", user.username, udc.id) try: edit_default_security_group(user, udc) except: LOG.exception("Failed to edit default security group for user[%s] in " "data center[%s]", user.username, datacenter.name) Contract.objects.create( user=user, udc=udc, name=user.username, customer=user.username, start_date=datetime.datetime.now(), end_date=datetime.datetime.now(), deleted=False ) return u
def link_user_to_dc_task(user, datacenter): LOG.info("start to execute link_user_to_dc_task") if UserDataCenter.objects.filter(user=user, data_center=datacenter).exists(): LOG.info("User[%s] has already registered to data center [%s]", user.username, datacenter.name) return True LOG.info("2") rc = create_rc_by_dc(datacenter) LOG.info("1") tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id) keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id, user.username) LOG.info("Begin to register user [%s] in data center [%s]", user.username, datacenter.name) t = keystone.tenant_create(rc, name=tenant_name, description=user.username) LOG.info( "User[%s] is registered as tenant[id:%s][name:%s] in " "data center [%s]", user.username, t.id, tenant_name, datacenter.name) pwd = "cloud!@#%s" % random.randrange(100000, 999999) u = keystone.user_create(rc, name=keystone_user, email=user.email, password=pwd, project=t.id) LOG.info( "User[%s] is registered as keystone user[uid:%s] in " "data center[%s]", user.username, u.id, datacenter.name) roles = keystone.role_list(rc) admin_role = filter(lambda r: r.name.lower() == "admin", roles)[0] keystone.add_tenant_user_role(rc, project=t.id, user=u.id, role=admin_role.id) LOG.info("Admin role[%s] in tenant[%s] is granted to user[%s]", admin_role.id, t.id, user.username) udc = UserDataCenter.objects.create( data_center=datacenter, user=user, tenant_name=tenant_name, tenant_uuid=t.id, keystone_user=keystone_user, keystone_password=pwd, ) LOG.info("Register user[%s] to datacenter [udc:%s] successfully", user.username, udc.id) try: edit_default_security_group(user, udc) except: LOG.exception( "Failed to edit default security group for user[%s] in " "data center[%s]", user.username, datacenter.name) Contract.objects.create(user=user, udc=udc, name=user.username, customer=user.username, start_date=datetime.datetime.now(), end_date=datetime.datetime.now(), deleted=False) return u
def link_user_to_dc_task(user, datacenter, tenant_id, password): LOG.info("---------start to execute link_user_to_dc_task-----------") LOG.info("----------username is-------------" + str(user.username)) if UserDataCenter.objects.filter( user=user, data_center=datacenter).exists(): LOG.info("User[%s] has already registered to data center [%s]", user.username, datacenter.name) return True LOG.info("-----------datacenter is-----------------" + str(datacenter)) #create rc for auth. rc = create_rc_by_dc(datacenter) LOG.info("---------------rc is------------" + str(rc)) #Now we do not let user to create a new tenant. """ tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id) keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id, user.username) LOG.info("Begin to register user [%s] in data center [%s]", user.username, datacenter.name) t = keystone.tenant_create(rc, name=tenant_name, description=user.username) LOG.info("User[%s] is registered as tenant[id:%s][name:%s] in " "data center [%s]", user.username, t.id, tenant_name, datacenter.name) """ tenant_ = keystone.tenant_get(rc, tenant_id) tenant_name = tenant_.name LOG.info("************ tenant_name is ************" + str(tenant_name)) #keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id, # user.username) keystone_user = user.username #pwd = "cloud!@#%s" % random.randrange(100000, 999999) pwd = password #hard coded tenant id and name for test. project_id = tenant_id u = keystone.user_create(rc, name=keystone_user, email=user.email, password=pwd, project=project_id) LOG.info("User[%s] is registered as keystone user[uid:%s] in " "data center[%s]", user.username, u.id, datacenter.name) roles = keystone.role_list(rc) LOG.info("------------------roles are----------------" + str(roles)) #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0] member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0] LOG.info("------------------ member role is ----------------" + str(member_role.id)) LOG.info("------------------ user id is ----------------" + str(u.id)) try: keystone.add_tenant_user_role(rc, project=project_id, user=u.id, role=member_role.id) except: pass udc = UserDataCenter.objects.create( data_center=datacenter, user=user, tenant_name=tenant_name, tenant_uuid=project_id, keystone_user=keystone_user, keystone_password=pwd, ) LOG.info("Register user[%s] to datacenter [udc:%s] successfully", user.username, udc.id) #Add default security group try: edit_default_security_group(user, udc) except: LOG.exception("Failed to edit default security group for user[%s] in " "data center[%s]", user.username, datacenter.name) Contract.objects.create( user=user, udc=udc, name=user.username, customer=user.username, start_date=datetime.datetime.now(), end_date=datetime.datetime.now(), deleted=False ) return u
def link_user_to_dc_task(user, datacenter, tenant_id, password): LOG.info("---------start to execute link_user_to_dc_task-----------") LOG.info("----------username is-------------" + str(user.username)) if UserDataCenter.objects.filter(user=user, data_center=datacenter).exists(): LOG.info("User[%s] has already registered to data center [%s]", user.username, datacenter.name) return True LOG.info("-----------datacenter is-----------------" + str(datacenter)) #create rc for auth. rc = create_rc_by_dc(datacenter) LOG.info("---------------rc is------------" + str(rc)) #Now we do not let user to create a new tenant. """ tenant_name = "%s-%04d" % (settings.OS_NAME_PREFIX, user.id) keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id, user.username) LOG.info("Begin to register user [%s] in data center [%s]", user.username, datacenter.name) t = keystone.tenant_create(rc, name=tenant_name, description=user.username) LOG.info("User[%s] is registered as tenant[id:%s][name:%s] in " "data center [%s]", user.username, t.id, tenant_name, datacenter.name) """ tenant_ = keystone.tenant_get(rc, tenant_id) tenant_name = tenant_.name LOG.info("************ tenant_name is ************" + str(tenant_name)) #keystone_user = "******" % (settings.OS_NAME_PREFIX, user.id, # user.username) keystone_user = user.username #pwd = "cloud!@#%s" % random.randrange(100000, 999999) pwd = password #hard coded tenant id and name for test. project_id = tenant_id u = keystone.user_create(rc, name=keystone_user, email=user.email, password=pwd, project=project_id) user_uuid = u.id LOG.info( "User[%s] is registered as keystone user[uid:%s] in " "data center[%s]", user.username, u.id, datacenter.name) roles = keystone.role_list(rc) LOG.info("------------------roles are----------------" + str(roles)) #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0] #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0] #LOG.info("------------------ member role is ----------------" + str(member_role.id)) #LOG.info("------------------ user id is ----------------" + str(u.id)) #try: # keystone.add_tenant_user_role(rc, project=project_id, user=u.id, # role=member_role.id) #except: # pass # Grant basic role to user roles_id = [] for role in roles: if role.name in ['SwiftOperator', '_member_', 'heat_stack_owner']: roles_id.append(role) #member_role = filter(lambda r: r.name.lower() == "_member_", roles)[0] #LOG.info("------------------ member role is ----------------" + str(member_role.id)) #LOG.info("------------------ user id is ----------------" + str(u.id)) for role in roles_id: try: keystone.add_tenant_user_role(rc, project=project_id, user=u.id, role=role.id) except: pass udc = UserDataCenter.objects.create(data_center=datacenter, user=user, tenant_name=tenant_name, tenant_uuid=project_id, keystone_user=keystone_user, keystone_password=pwd, keystone_user_id=user_uuid) LOG.info("Register user[%s] to datacenter [udc:%s] successfully", user.username, udc.id) #Add default security group try: edit_default_security_group(user, udc) except: LOG.exception( "Failed to edit default security group for user[%s] in " "data center[%s]", user.username, datacenter.name) Contract.objects.create(user=user, udc=udc, name=user.username, customer=user.username, start_date=datetime.datetime.now(), end_date=datetime.datetime.now(), deleted=False) return u