def create_project(self, tenant_id, tenant): tenant = tenant.copy() tenant.setdefault('enabled', True) tenant['enabled'] = clean.project_enabled(tenant['enabled']) tenant.setdefault('description', '') tenant.setdefault('parent_id', None) if tenant.get('parent_id') is not None: parent_ref = self.get_project(tenant.get('parent_id')) parents_list = self.list_project_parents(parent_ref['id']) parents_list.append(parent_ref) for ref in parents_list: if ref.get('domain_id') != tenant.get('domain_id'): raise exception.ForbiddenAction( action=_('cannot create a project within a different ' 'domain than its parents.')) if not ref.get('enabled', True): raise exception.ForbiddenAction( action=_('cannot create a project in a ' 'branch containing a disabled ' 'project: %s') % ref['id']) self._assert_max_hierarchy_depth(tenant.get('parent_id'), parents_list) ret = self.driver.create_project(tenant_id, tenant) if SHOULD_CACHE(ret): self.get_project.set(ret, self, tenant_id) self.get_project_by_name.set(ret, self, ret['name'], ret['domain_id']) return ret
def update_project(self, project_id, project, initiator=None): original_project = self.driver.get_project(project_id) project = project.copy() parent_id = original_project.get('parent_id') if 'parent_id' in project and project.get('parent_id') != parent_id: raise exception.ForbiddenAction( action=_('Update of `parent_id` is not allowed.')) if 'enabled' in project: project['enabled'] = clean.project_enabled(project['enabled']) # NOTE(rodrigods): for the current implementation we only allow to # disable a project if all projects below it in the hierarchy are # already disabled. This also means that we can not enable a # project that has disabled parents. original_project_enabled = original_project.get('enabled', True) project_enabled = project.get('enabled', True) if not original_project_enabled and project_enabled: self._assert_all_parents_are_enabled(project_id) if original_project_enabled and not project_enabled: self._assert_whole_subtree_is_disabled(project_id) self._disable_project(project_id) ret = self.driver.update_project(project_id, project) notifications.Audit.updated(self._PROJECT, project_id, initiator) self.get_project.invalidate(self, project_id) self.get_project_by_name.invalidate(self, original_project['name'], original_project['domain_id']) return ret
def create_project(self, tenant_id, tenant): tenant = tenant.copy() tenant.setdefault('enabled', True) tenant['enabled'] = clean.project_enabled(tenant['enabled']) tenant.setdefault('description', '') tenant.setdefault('parent_id', None) if tenant.get('parent_id') is not None: parent_ref = self.get_project(tenant.get('parent_id')) parents_list = self.list_project_parents(parent_ref['id']) parents_list.append(parent_ref) for ref in parents_list: if ref.get('domain_id') != tenant.get('domain_id'): raise exception.ForbiddenAction( action=_('cannot create a project within a different ' 'domain than its parents.')) if not ref.get('enabled', True): raise exception.ForbiddenAction( action=_('cannot create a project in a ' 'branch containing a disabled ' 'project: %s') % ref['id']) self._assert_max_hierarchy_depth(tenant.get('parent_id'), parents_list) ret = self.driver.create_project(tenant_id, tenant) if SHOULD_CACHE(ret): self.get_project.set(ret, self, tenant_id) self.get_project_by_name.set(ret, self, ret['name'], ret['domain_id']) return ret
def update_project(self, tenant_id, tenant): original_tenant = self.driver.get_project(tenant_id) tenant = tenant.copy() parent_id = original_tenant.get('parent_id') if 'parent_id' in tenant and tenant.get('parent_id') != parent_id: raise exception.ForbiddenAction( action=_('Update of `parent_id` is not allowed.')) if 'enabled' in tenant: tenant['enabled'] = clean.project_enabled(tenant['enabled']) # NOTE(rodrigods): for the current implementation we only allow to # disable a project if all projects below it in the hierarchy are # already disabled. This also means that we can not enable a # project that has disabled parents. original_tenant_enabled = original_tenant.get('enabled', True) tenant_enabled = tenant.get('enabled', True) if not original_tenant_enabled and tenant_enabled: self._assert_all_parents_are_enabled(tenant_id) if original_tenant_enabled and not tenant_enabled: self._assert_whole_subtree_is_disabled(tenant_id) self._disable_project(tenant_id) ret = self.driver.update_project(tenant_id, tenant) self.get_project.invalidate(self, tenant_id) self.get_project_by_name.invalidate(self, original_tenant['name'], original_tenant['domain_id']) return ret
def create_project(self, project_id, project, initiator=None): project = project.copy() project.setdefault('enabled', True) project['enabled'] = clean.project_enabled(project['enabled']) project.setdefault('description', '') project.setdefault('parent_id', None) if project.get('parent_id') is not None: parent_ref = self.get_project(project.get('parent_id')) parents_list = self.list_project_parents(parent_ref['id']) parents_list.append(parent_ref) for ref in parents_list: if ref.get('domain_id') != project.get('domain_id'): raise exception.ForbiddenAction( action=_('cannot create a project within a different ' 'domain than its parents.')) if not ref.get('enabled', True): raise exception.ForbiddenAction( action=_('cannot create a project in a ' 'branch containing a disabled ' 'project: %s') % ref['id']) self._assert_max_hierarchy_depth(project.get('parent_id'), parents_list) ret = self.driver.create_project(project_id, project) notifications.Audit.created(self._PROJECT, project_id, initiator) if MEMOIZE.should_cache(ret): self.get_project.set(ret, self, project_id) self.get_project_by_name.set(ret, self, ret['name'], ret['domain_id']) return ret
def update_project(self, tenant_id, tenant_ref): tenant = tenant_ref.copy() if "enabled" in tenant: tenant["enabled"] = clean.project_enabled(tenant["enabled"]) ret = self.driver.update_project(tenant_id, tenant_ref) self.get_project.invalidate(self, tenant_id) self.get_project_by_name.invalidate(self, ret["name"], ret["domain_id"]) return ret
def update_project(self, tenant_id, tenant_ref): tenant = tenant_ref.copy() if 'enabled' in tenant: tenant['enabled'] = clean.project_enabled(tenant['enabled']) ret = self.driver.update_project(tenant_id, tenant_ref) self.get_project.invalidate(self, tenant_id) self.get_project_by_name.invalidate(self, ret['name'], ret['domain_id']) return ret
def update_project(self, tenant_id, tenant_ref): tenant = tenant_ref.copy() if 'enabled' in tenant: tenant['enabled'] = clean.project_enabled(tenant['enabled']) ret = self.driver.update_project(tenant_id, tenant_ref) self.get_project.invalidate(self, tenant_id) self.get_project_by_name.invalidate(self, ret['name'], ret['domain_id']) return ret
def create_project(self, tenant_id, tenant_ref): tenant = tenant_ref.copy() tenant.setdefault("enabled", True) tenant["enabled"] = clean.project_enabled(tenant["enabled"]) tenant.setdefault("description", "") ret = self.driver.create_project(tenant_id, tenant_ref) if SHOULD_CACHE(ret): self.get_project.set(ret, self, tenant_id) self.get_project_by_name.set(ret, self, ret["name"], ret["domain_id"]) return ret
def update_project(self, tenant_id, tenant): tenant = tenant.copy() if "enabled" in tenant: tenant["enabled"] = clean.project_enabled(tenant["enabled"]) if not tenant.get("enabled", True): self._disable_project(tenant_id) ret = self.driver.update_project(tenant_id, tenant) self.get_project.invalidate(self, tenant_id) self.get_project_by_name.invalidate(self, ret["name"], ret["domain_id"]) return ret
def create_project(self, tenant_id, tenant): tenant = tenant.copy() tenant.setdefault('enabled', True) tenant['enabled'] = clean.project_enabled(tenant['enabled']) tenant.setdefault('description', '') ret = self.driver.create_project(tenant_id, tenant) if SHOULD_CACHE(ret): self.get_project.set(ret, self, tenant_id) self.get_project_by_name.set(ret, self, ret['name'], ret['domain_id']) return ret
def create_project(self, tenant_id, tenant): tenant = tenant.copy() tenant.setdefault('enabled', True) tenant['enabled'] = clean.project_enabled(tenant['enabled']) tenant.setdefault('description', '') ret = self.driver.create_project(tenant_id, tenant) if SHOULD_CACHE(ret): self.get_project.set(ret, self, tenant_id) self.get_project_by_name.set(ret, self, ret['name'], ret['domain_id']) return ret
def update_project(self, tenant_id, tenant): tenant = tenant.copy() if 'enabled' in tenant: tenant['enabled'] = clean.project_enabled(tenant['enabled']) if not tenant.get('enabled', True): self._disable_project(tenant_id) ret = self.driver.update_project(tenant_id, tenant) self.get_project.invalidate(self, tenant_id) self.get_project_by_name.invalidate(self, ret['name'], ret['domain_id']) return ret
def update_project(self, tenant_id, tenant): tenant = tenant.copy() if 'enabled' in tenant: tenant['enabled'] = clean.project_enabled(tenant['enabled']) if not tenant.get('enabled', True): self._disable_project(tenant_id) ret = self.driver.update_project(tenant_id, tenant) self.get_project.invalidate(self, tenant_id) self.get_project_by_name.invalidate(self, ret['name'], ret['domain_id']) return ret
def update_project(self, tenant_id, tenant): tenant = tenant.copy() if 'enabled' in tenant: tenant['enabled'] = clean.project_enabled(tenant['enabled']) if not tenant.get('enabled', True): self.token_api.delete_tokens_for_users( self.list_user_ids_for_project(tenant_id), project_id=tenant_id) ret = self.driver.update_project(tenant_id, tenant) self.get_project.invalidate(self, tenant_id) self.get_project_by_name.invalidate(self, ret['name'], ret['domain_id']) return ret
def update_project(self, tenant_id, tenant): tenant = tenant.copy() if 'enabled' in tenant: tenant['enabled'] = clean.project_enabled(tenant['enabled']) if not tenant.get('enabled', True): self.token_api.delete_tokens_for_users( self.list_user_ids_for_project(tenant_id), project_id=tenant_id) ret = self.driver.update_project(tenant_id, tenant) self.get_project.invalidate(self, tenant_id) self.get_project_by_name.invalidate(self, ret['name'], ret['domain_id']) return ret
def update_project(self, tenant_id, tenant): original_tenant = self.driver.get_project(tenant_id) tenant = tenant.copy() parent_id = original_tenant['parent_id'] if ('parent_id' in tenant and tenant['parent_id'] != parent_id): raise exception.ForbiddenAction( action=_('Update of `parent_id` is not allowed.')) if 'enabled' in tenant: tenant['enabled'] = clean.project_enabled(tenant['enabled']) if (original_tenant.get('enabled', True) and not tenant.get('enabled', True)): self._disable_project(tenant_id) ret = self.driver.update_project(tenant_id, tenant) self.get_project.invalidate(self, tenant_id) self.get_project_by_name.invalidate(self, original_tenant['name'], original_tenant['domain_id']) return ret
def update_project(self, tenant_id, tenant): original_tenant = self.driver.get_project(tenant_id) tenant = tenant.copy() parent_id = original_tenant['parent_id'] if ('parent_id' in tenant and tenant['parent_id'] != parent_id): raise exception.ForbiddenAction( action=_('Update of `parent_id` is not allowed.')) if 'enabled' in tenant: tenant['enabled'] = clean.project_enabled(tenant['enabled']) if (original_tenant.get('enabled', True) and not tenant.get('enabled', True)): self._disable_project(tenant_id) ret = self.driver.update_project(tenant_id, tenant) self.get_project.invalidate(self, tenant_id) self.get_project_by_name.invalidate(self, original_tenant['name'], original_tenant['domain_id']) return ret
def create_project(self, tenant_id, tenant): tenant = tenant.copy() tenant.setdefault('enabled', True) tenant['enabled'] = clean.project_enabled(tenant['enabled']) tenant.setdefault('description', '') tenant.setdefault('parent_id', None) if ('parent_id' in tenant and tenant['parent_id'] is not None): parent = self.driver.get_project(tenant['parent_id']) if parent['domain_id'] != tenant['domain_id']: raise exception.ForbiddenAction( action=_('cannot create a project with a different ' 'domain than its parent.')) self._check_hierarchy_depth(tenant['parent_id']) ret = self.driver.create_project(tenant_id, tenant) if SHOULD_CACHE(ret): self.get_project.set(ret, self, tenant_id) self.get_project_by_name.set(ret, self, ret['name'], ret['domain_id']) return ret
def create_project(self, tenant_id, tenant): tenant = tenant.copy() tenant.setdefault('enabled', True) tenant['enabled'] = clean.project_enabled(tenant['enabled']) tenant.setdefault('description', '') tenant.setdefault('parent_id', None) if ('parent_id' in tenant and tenant['parent_id'] is not None): parent = self.driver.get_project(tenant['parent_id']) if parent['domain_id'] != tenant['domain_id']: raise exception.ForbiddenAction( action=_('cannot create a project with a different ' 'domain than its parent.')) self._check_hierarchy_depth(tenant['parent_id']) ret = self.driver.create_project(tenant_id, tenant) if SHOULD_CACHE(ret): self.get_project.set(ret, self, tenant_id) self.get_project_by_name.set(ret, self, ret['name'], ret['domain_id']) return ret
def create_project(self, context, tenant_id, tenant_ref): tenant = tenant_ref.copy() tenant.setdefault('enabled', True) tenant['enabled'] = clean.project_enabled(tenant['enabled']) tenant.setdefault('description', '') return self.driver.create_project(tenant_id, tenant)
def update_project(self, context, tenant_id, tenant_ref): tenant = tenant_ref.copy() if 'enabled' in tenant: tenant['enabled'] = clean.project_enabled(tenant['enabled']) return self.driver.update_project(tenant_id, tenant)
def update_project(self, tenant_id, tenant_ref): tenant = tenant_ref.copy() if 'enabled' in tenant: tenant['enabled'] = clean.project_enabled(tenant['enabled']) return self.assignment_api.update_project(tenant_id, tenant)
def create_project(self, tenant_id, tenant_ref): tenant = tenant_ref.copy() tenant.setdefault('enabled', True) tenant['enabled'] = clean.project_enabled(tenant['enabled']) tenant.setdefault('description', '') return self.assignment_api.create_project(tenant_id, tenant)