def process(*args): """ Usage: keystone-manage [options] type command [id [attributes]] type : role, tenant, user, token, endpoint, endpointTemplates command : add, list, disable, delete, grant, revoke id : name or id attributes : depending on type... users : password, tenant tokens : user, tenant, expiration role list [tenant] will list roles granted on that tenant options -c | --config-file : config file to use -d | --debug : debug mode Example: keystone-manage user add Admin P@ssw0rd """ # Check arguments if len(args) == 0: raise optparse.OptParseError( 'No obj type specified for first argument') object_type = args[0] if object_type not in ['user', 'tenant', 'role', 'service', 'endpointTemplates', 'token', 'endpoint', 'credentials']: raise optparse.OptParseError( '%s is not a supported obj type' % object_type) if len(args) == 1: raise optparse.OptParseError( 'No command specified for second argument') command = args[1] if command not in ['add', 'list', 'disable', 'delete', 'grant', 'revoke']: raise optparse.OptParseError('add, disable, delete, and list are the ' 'only supported commands (right now)') if len(args) == 2: if command != 'list': raise optparse.OptParseError('No id specified for third argument') if len(args) > 2: object_id = args[2] # Helper functions def require_args(args, min, msg): """Ensure there are at least `min` arguments""" if len(args) < min: raise optparse.OptParseError(msg) optional_arg = (lambda args, x: len(args) > x and args[x] or None) def print_table(header_row, rows): """Prints a lists of lists as table in a human readable format""" print "\t".join(header_row) print '-' * 79 rows = [[str(col) for col in row] for row in rows] print "\n".join(["\t".join(row) for row in rows]) # Execute command if (object_type, command) == ('user', 'add'): require_args(args, 4, 'No password specified for fourth argument') if api.add_user(name=object_id, password=args[3], tenant=optional_arg(args, 4)): print "SUCCESS: User %s created." % object_id elif (object_type, command) == ('user', 'disable'): if api.disable_user(name=object_id): print "SUCCESS: User %s disabled." % object_id elif (object_type, command) == ('user', 'list'): print_table(('id', 'name', 'enabled', 'tenant'), api.list_users()) elif (object_type, command) == ('tenant', 'add'): if api.add_tenant(name=object_id): print "SUCCESS: Tenant %s created." % object_id elif (object_type, command) == ('tenant', 'list'): print_table(('id', 'name', 'enabled'), api.list_tenants()) elif (object_type, command) == ('tenant', 'disable'): if api.disable_tenant(name=object_id): print "SUCCESS: Tenant %s disabled." % object_id elif (object_type, command) == ('role', 'add'): if api.add_role(name=object_id): print "SUCCESS: Role %s created successfully." % object_id elif (object_type, command) == ('role', 'list'): tenant = optional_arg(args, 2) if tenant: # print with users print 'Role assignments for tenant %s' % tenant print_table(('User', 'Role'), api.list_roles(tenant=tenant)) else: # print without tenants print_table(('id', 'name'), api.list_roles()) elif (object_type, command) == ('role', 'grant'): require_args(args, 4, "Missing arguments: role grant 'role' 'user' " "'tenant (optional)'") tenant = optional_arg(args, 4) if api.grant_role(object_id, args[3], tenant): print("SUCCESS: Granted %s the %s role on %s." % (object_id, args[3], tenant)) elif (object_type, command) == ('endpointTemplates', 'add'): require_args(args, 9, "Missing arguments: endpointTemplates add " "'region' 'service' 'publicURL' 'adminURL' 'internalURL' " "'enabled' 'global'") if api.add_endpoint_template(region=args[2], service=args[3], public_url=args[4], admin_url=args[5], internal_url=args[6], enabled=args[7], is_global=args[8]): print("SUCCESS: Created EndpointTemplates for %s pointing to %s." % (args[3], args[4])) elif (object_type, command) == ('endpointTemplates', 'list'): tenant = optional_arg(args, 2) if tenant: print 'Endpoints for tenant %s' % tenant print_table(('service', 'region', 'Public URL'), api.list_tenant_endpoints()) else: print 'All EndpointTemplates' print_table(('service', 'region', 'Public URL'), api.list_endpoint_templates()) elif (object_type, command) == ('endpoint', 'add'): require_args(args, 4, "Missing arguments: endPoint add tenant " "endPointTemplate") if api.add_endpoint(tenant=args[2], endpoint_template=args[3]): print("SUCCESS: Endpoint %s added to tenant %s." % (args[3], args[2])) elif (object_type, command) == ('token', 'add'): require_args(args, 6, 'Creating a token requires a token id, user, ' 'tenant, and expiration') if api.add_token(token=object_id, user=args[3], tenant=args[4], expires=args[5]): print "SUCCESS: Token %s created." % (object_id,) elif (object_type, command) == ('token', 'list'): print_table(('token', 'user', 'expiration', 'tenant'), api.list_tokens()) elif (object_type, command) == ('token', 'delete'): if api.delete_token(token=object_id): print 'SUCCESS: Token %s deleted.' % (object_id,) elif (object_type, command) == ('service', 'add'): require_args(args, 4, "Missing arguments: service add name " "type") type = optional_arg(args, 3) desc = optional_arg(args, 4) if api.add_service(name=object_id, type=type, desc=desc): print "SUCCESS: Service %s created successfully." % (object_id,) elif (object_type, command) == ('service', 'list'): print_table(('id', 'name', 'type'), api.list_services()) elif (object_type, command) == ('credentials', 'add'): require_args(args, 6, 'Creating a credentials requires a type, key, ' 'secret, and tenant_id (id is user_id)') if api.add_credentials(user=object_id, type=args[3], key=args[4], secrete=args[5], tenant=optional_arg(args, 6)): print "SUCCESS: Credentials %s created." % object_id else: # Command not handled print ("ERROR: unrecognized command %s %s" % (object_type, command))
def process(*args): # Check arguments if len(args) == 0: raise optparse.OptParseError(OBJECT_NOT_SPECIFIED) else: object_type = args[0] if object_type not in OBJECTS: raise optparse.OptParseError(SUPPORTED_OBJECTS) if len(args) == 1: raise optparse.OptParseError(ACTION_NOT_SPECIFIED) else: action = args[1] if action not in ACTIONS: raise optparse.OptParseError(SUPPORTED_ACTIONS) if action not in ['list', 'sync', 'version_control', 'version']: if len(args) == 2: raise optparse.OptParseError(ID_NOT_SPECIFIED) else: object_id = args[2] # Helper functions def require_args(args, min, msg): """Ensure there are at least `min` arguments""" if len(args) < min: raise optparse.OptParseError(msg) optional_arg = (lambda args, x: len(args) > x and str(args[x]).strip() or None) if object_type == 'database': options = get_options(args) # Execute command if (object_type, action) == ('user', 'add'): require_args(args, 4, 'No password specified for fourth argument') if api.add_user(name=object_id, password=args[3], tenant=optional_arg(args, 4)): print ("SUCCESS: User %s created." % object_id) elif (object_type, action) == ('user', 'list'): print (Table('Users', ['id', 'name', 'enabled', 'tenant'], api.list_users())) elif (object_type, action) == ('user', 'disable'): if api.disable_user(name=object_id): print ("SUCCESS: User %s disabled." % object_id) elif object_type == 'user': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('users')) elif (object_type, action) == ('tenant', 'add'): if api.add_tenant(name=object_id): print ("SUCCESS: Tenant %s created." % object_id) elif (object_type, action) == ('tenant', 'list'): print Table('Tenants', ['id', 'name', 'enabled'], api.list_tenants()) elif (object_type, action) == ('tenant', 'disable'): if api.disable_tenant(name=object_id): print ("SUCCESS: Tenant %s disabled." % object_id) elif object_type == 'tenant': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tenants')) elif (object_type, action) == ('role', 'add'): if api.add_role(name=object_id, service_name=optional_arg(args, 3)): print ("SUCCESS: Role %s created successfully." % object_id) elif (object_type, action) == ('role', 'list'): tenant = optional_arg(args, 2) if tenant: # print with users print (Table('Role assignments for tenant %s' % tenant, ['User', 'Role'], api.list_roles(tenant=tenant))) else: # print without tenants print (Table('Roles', ['id', 'name', 'service_id', 'description'], api.list_roles())) elif (object_type, action) == ('role', 'grant'): require_args(args, 4, "Missing arguments: role grant 'role' 'user' " "'tenant (optional)'") tenant = optional_arg(args, 4) if api.grant_role(object_id, args[3], tenant): print ("SUCCESS: Granted %s the %s role on %s." % (args[3], object_id, tenant)) elif object_type == 'role': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('roles')) elif (object_type, action) == ('endpointTemplates', 'add'): require_args(args, 9, "Missing arguments: endpointTemplates add " "'region' 'service_name' 'publicURL' 'adminURL' 'internalURL' " "'enabled' 'global'") version_id = optional_arg(args, 9) version_list = optional_arg(args, 10) version_info = optional_arg(args, 11) if api.add_endpoint_template(region=args[2], service=args[3], public_url=args[4], admin_url=args[5], internal_url=args[6], enabled=args[7], is_global=args[8], version_id=version_id, version_list=version_list, version_info=version_info): print ("SUCCESS: Created EndpointTemplates for %s " "pointing to %s." % (args[3], args[4])) elif (object_type, action) == ('endpointTemplates', 'list'): tenant = optional_arg(args, 2) if tenant: print Table('Endpoints for tenant %s' % tenant, ['id', 'service', 'region', 'Public URL'], api.list_tenant_endpoints(tenant)) else: print Table('All EndpointTemplates', ['id', 'service', 'type', 'region', 'enabled', 'is_global', 'Public URL', 'Admin URL'], api.list_endpoint_templates()) elif (object_type, action) == ('endpoint', 'add'): require_args(args, 4, "Missing arguments: endPoint add tenant " "endPointTemplate") if api.add_endpoint(tenant=args[2], endpoint_template=args[3]): print ("SUCCESS: Endpoint %s added to tenant %s." % (args[3], args[2])) elif object_type == 'endpoint': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('endpoints')) elif (object_type, action) == ('token', 'add'): require_args(args, 6, 'Creating a token requires a token id, user, ' 'tenant, and expiration') if api.add_token(token=object_id, user=args[3], tenant=args[4], expires=args[5]): print ("SUCCESS: Token %s created." % object_id) elif (object_type, action) == ('token', 'list'): print Table('Tokens', ('token', 'user', 'expiration', 'tenant'), api.list_tokens()) elif (object_type, action) == ('token', 'delete'): if api.delete_token(token=object_id): print ('SUCCESS: Token %s deleted.' % (object_id,)) elif object_type == 'token': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tokens')) elif (object_type, action) == ('service', 'add'): require_args(args, 4, "Missing arguments: service add <name> " \ "[type] [desc] [owner_id]" "type") type = optional_arg(args, 3) desc = optional_arg(args, 4) owner_id = optional_arg(args, 5) if api.add_service(name=object_id, type=type, desc=desc, owner_id=owner_id): print ("SUCCESS: Service %s created successfully." % (object_id,)) elif (object_type, action) == ('service', 'list'): print (Table('Services', ('id', 'name', 'type', 'owner_id', 'description'), api.list_services())) elif object_type == 'service': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('services')) elif (object_type, action) == ('credentials', 'add'): require_args(args, 6, 'Creating a credentials requires a type, key, ' 'secret, and tenant_id (id is user_id)') if api.add_credentials(user=object_id, type=args[3], key=args[4], secrete=args[5], tenant=optional_arg(args, 6)): print ("SUCCESS: Credentials %s created." % (object_id,)) elif object_type == 'credentials': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('credentials')) elif (object_type, action) == ('database', 'sync'): require_args(args, 1, 'Syncing database requires a version #') backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_sync(options['keystone.backends.sqlalchemy'], args) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') elif (object_type, action) == ('database', 'upgrade'): require_args(args, 1, 'Upgrading database requires a version #') backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_upgrade(options['keystone.backends.sqlalchemy'], args) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') elif (object_type, action) == ('database', 'downgrade'): require_args(args, 1, 'Downgrading database requires a version #') backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_downgrade(options['keystone.backends.sqlalchemy'], args) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') elif (object_type, action) == ('database', 'version_control'): backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_version_control(options['keystone.backends.sqlalchemy']) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') elif (object_type, action) == ('database', 'version'): backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_version(options['keystone.backends.sqlalchemy']) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') elif (object_type, action) == ('database', 'goto'): require_args(args, 1, 'Jumping database versions requires a ' 'version #') backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_goto_version(options['keystone.backends.sqlalchemy'], version=args[2]) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') else: # Command recognized but not handled: should never reach this raise NotImplementedError()
def process(*args): # Check arguments if len(args) == 0: raise optparse.OptParseError(OBJECT_NOT_SPECIFIED) else: object_type = args[0] if object_type not in OBJECTS: raise optparse.OptParseError(SUPPORTED_OBJECTS) if len(args) == 1: raise optparse.OptParseError(ACTION_NOT_SPECIFIED) else: action = args[1] if action not in ACTIONS: raise optparse.OptParseError(SUPPORTED_ACTIONS) if len(args) == 2 and action not in ['list']: raise optparse.OptParseError(ID_NOT_SPECIFIED) else: object_id = args[2] # Helper functions def require_args(args, min, msg): """Ensure there are at least `min` arguments""" if len(args) < min: raise optparse.OptParseError(msg) optional_arg = (lambda args, x: len(args) > x and args[x] or None) def print_table(header_row, rows): """Prints a lists of lists as table in a human readable format""" print "\t".join(header_row) print '-' * 79 rows = [[str(col) for col in row] for row in rows] print "\n".join(["\t".join(row) for row in rows]) # Execute command if (object_type, action) == ('user', 'add'): require_args(args, 4, 'No password specified for fourth argument') if api.add_user(name=object_id, password=args[3], tenant=optional_arg(args, 4)): print "SUCCESS: User %s created." % object_id elif (object_type, action) == ('user', 'list'): print_table(('id', 'name', 'enabled', 'tenant'), api.list_users()) elif (object_type, action) == ('user', 'disable'): if api.disable_user(name=object_id): print "SUCCESS: User %s disabled." % object_id elif object_type == 'user': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('users')) elif (object_type, action) == ('tenant', 'add'): if api.add_tenant(name=object_id): print "SUCCESS: Tenant %s created." % object_id elif (object_type, action) == ('tenant', 'list'): print_table(('id', 'name', 'enabled'), api.list_tenants()) elif (object_type, action) == ('tenant', 'disable'): if api.disable_tenant(name=object_id): print "SUCCESS: Tenant %s disabled." % object_id elif object_type == 'tenant': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tenants')) elif (object_type, action) == ('role', 'add'): if api.add_role(name=object_id): print "SUCCESS: Role %s created successfully." % object_id elif (object_type, action) == ('role', 'list'): tenant = optional_arg(args, 2) if tenant: # print with users print 'Role assignments for tenant %s' % tenant print_table(('User', 'Role'), api.list_roles(tenant=tenant)) else: # print without tenants print_table(('id', 'name'), api.list_roles()) elif (object_type, action) == ('role', 'grant'): require_args(args, 4, "Missing arguments: role grant 'role' 'user' " "'tenant (optional)'") tenant = optional_arg(args, 4) if api.grant_role(object_id, args[3], tenant): print("SUCCESS: Granted %s the %s role on %s." % (object_id, args[3], tenant)) elif object_type == 'role': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('roles')) elif (object_type, action) == ('endpointTemplates', 'add'): require_args(args, 9, "Missing arguments: endpointTemplates add " "'region' 'service' 'publicURL' 'adminURL' 'internalURL' " "'enabled' 'global'") if api.add_endpoint_template(region=args[2], service=args[3], public_url=args[4], admin_url=args[5], internal_url=args[6], enabled=args[7], is_global=args[8]): print("SUCCESS: Created EndpointTemplates for %s pointing to %s." % (args[3], args[4])) elif (object_type, action) == ('endpointTemplates', 'list'): tenant = optional_arg(args, 2) if tenant: print 'Endpoints for tenant %s' % tenant print_table(('service', 'region', 'Public URL'), api.list_tenant_endpoints()) else: print 'All EndpointTemplates' print_table(('service', 'region', 'Public URL'), api.list_endpoint_templates()) elif object_type == 'endpointTemplates': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ( 'endpointTemplates')) elif (object_type, action) == ('endpoint', 'add'): require_args(args, 4, "Missing arguments: endPoint add tenant " "endPointTemplate") if api.add_endpoint(tenant=args[2], endpoint_template=args[3]): print("SUCCESS: Endpoint %s added to tenant %s." % (args[3], args[2])) elif object_type == 'endpoint': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('endpoints')) elif (object_type, action) == ('token', 'add'): require_args(args, 6, 'Creating a token requires a token id, user, ' 'tenant, and expiration') if api.add_token(token=object_id, user=args[3], tenant=args[4], expires=args[5]): print "SUCCESS: Token %s created." % (object_id,) elif (object_type, action) == ('token', 'list'): print_table(('token', 'user', 'expiration', 'tenant'), api.list_tokens()) elif (object_type, action) == ('token', 'delete'): if api.delete_token(token=object_id): print 'SUCCESS: Token %s deleted.' % (object_id,) elif object_type == 'token': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tokens')) elif (object_type, action) == ('service', 'add'): require_args(args, 4, "Missing arguments: service add name " "type") type = optional_arg(args, 3) desc = optional_arg(args, 4) if api.add_service(name=object_id, type=type, desc=desc): print "SUCCESS: Service %s created successfully." % (object_id,) elif (object_type, action) == ('service', 'list'): print_table(('id', 'name', 'type'), api.list_services()) elif object_type == 'service': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('services')) elif (object_type, action) == ('credentials', 'add'): require_args(args, 6, 'Creating a credentials requires a type, key, ' 'secret, and tenant_id (id is user_id)') if api.add_credentials(user=object_id, type=args[3], key=args[4], secrete=args[5], tenant=optional_arg(args, 6)): print "SUCCESS: Credentials %s created." % object_id elif object_type == 'credentials': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('credentials')) else: # Command recognized but not handled: should never reach this raise NotImplementedError()
def process(*args): # Check arguments if len(args) == 0: raise optparse.OptParseError(OBJECT_NOT_SPECIFIED) else: object_type = args[0] if object_type not in OBJECTS: raise optparse.OptParseError(SUPPORTED_OBJECTS) if len(args) == 1: raise optparse.OptParseError(ACTION_NOT_SPECIFIED) else: action = args[1] if action not in ACTIONS: raise optparse.OptParseError(SUPPORTED_ACTIONS) if action not in ["list"]: if len(args) == 2: raise optparse.OptParseError(ID_NOT_SPECIFIED) else: object_id = args[2] # Helper functions def require_args(args, min, msg): """Ensure there are at least `min` arguments""" if len(args) < min: raise optparse.OptParseError(msg) optional_arg = lambda args, x: len(args) > x and str(args[x]).strip() or None def print_table(header_row, rows): """Prints a lists of lists as table in a human readable format""" print "\t".join(header_row) print "-" * 79 rows = [[str(col) for col in row] for row in rows] print "\n".join(["\t".join(row) for row in rows]) # Execute command if (object_type, action) == ("user", "add"): require_args(args, 4, "No password specified for fourth argument") if api.add_user(name=object_id, password=args[3], tenant=optional_arg(args, 4)): print "SUCCESS: User %s created." % object_id elif (object_type, action) == ("user", "list"): print_table(("id", "name", "enabled", "tenant"), api.list_users()) elif (object_type, action) == ("user", "disable"): if api.disable_user(name=object_id): print "SUCCESS: User %s disabled." % object_id elif object_type == "user": raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("users")) elif (object_type, action) == ("tenant", "add"): if api.add_tenant(name=object_id): print "SUCCESS: Tenant %s created." % object_id elif (object_type, action) == ("tenant", "list"): print_table(("id", "name", "enabled"), api.list_tenants()) elif (object_type, action) == ("tenant", "disable"): if api.disable_tenant(name=object_id): print "SUCCESS: Tenant %s disabled." % object_id elif object_type == "tenant": raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("tenants")) elif (object_type, action) == ("role", "add"): if api.add_role(name=object_id): print "SUCCESS: Role %s created successfully." % object_id elif (object_type, action) == ("role", "list"): tenant = optional_arg(args, 2) if tenant: # print with users print "Role assignments for tenant %s" % tenant print_table(("User", "Role"), api.list_roles(tenant=tenant)) else: # print without tenants print_table(("id", "name", "service_id", "description"), api.list_roles()) elif (object_type, action) == ("role", "grant"): require_args(args, 4, "Missing arguments: role grant 'role' 'user' " "'tenant (optional)'") tenant = optional_arg(args, 4) if api.grant_role(object_id, args[3], tenant): print ("SUCCESS: Granted %s the %s role on %s." % (args[3], object_id, tenant)) elif object_type == "role": raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("roles")) elif (object_type, action) == ("endpointTemplates", "add"): require_args( args, 9, "Missing arguments: endpointTemplates add " "'region' 'service_name' 'publicURL' 'adminURL' 'internalURL' " "'enabled' 'global'", ) version_id = optional_arg(args, 9) version_list = optional_arg(args, 10) version_info = optional_arg(args, 11) if api.add_endpoint_template( region=args[2], service=args[3], public_url=args[4], admin_url=args[5], internal_url=args[6], enabled=args[7], is_global=args[8], version_id=version_id, version_list=version_list, version_info=version_info, ): print ("SUCCESS: Created EndpointTemplates for %s pointing to %s." % (args[3], args[4])) elif (object_type, action) == ("endpointTemplates", "list"): tenant = optional_arg(args, 2) if tenant: print "Endpoints for tenant %s" % tenant print_table(("service", "region", "Public URL"), api.list_tenant_endpoints(tenant)) else: print "All EndpointTemplates" print_table( ("id", "service", "type", "region", "enabled", "is_global", "Public URL", "Admin URL"), api.list_endpoint_templates(), ) elif (object_type, action) == ("endpoint", "add"): require_args(args, 4, "Missing arguments: endPoint add tenant " "endPointTemplate") if api.add_endpoint(tenant=args[2], endpoint_template=args[3]): print ("SUCCESS: Endpoint %s added to tenant %s." % (args[3], args[2])) elif object_type == "endpoint": raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("endpoints")) elif (object_type, action) == ("token", "add"): require_args(args, 6, "Creating a token requires a token id, user, " "tenant, and expiration") if api.add_token(token=object_id, user=args[3], tenant=args[4], expires=args[5]): print "SUCCESS: Token %s created." % (object_id,) elif (object_type, action) == ("token", "list"): print_table(("token", "user", "expiration", "tenant"), api.list_tokens()) elif (object_type, action) == ("token", "delete"): if api.delete_token(token=object_id): print "SUCCESS: Token %s deleted." % (object_id,) elif object_type == "token": raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("tokens")) elif (object_type, action) == ("service", "add"): require_args(args, 4, "Missing arguments: service add <name> " "[type] [desc] [owner_id]" "type") type = optional_arg(args, 3) desc = optional_arg(args, 4) owner_id = optional_arg(args, 5) if api.add_service(name=object_id, type=type, desc=desc, owner_id=owner_id): print "SUCCESS: Service %s created successfully." % (object_id,) elif (object_type, action) == ("service", "list"): print_table(("id", "name", "type", "owner_id", "description"), api.list_services()) elif object_type == "service": raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("services")) elif (object_type, action) == ("credentials", "add"): require_args(args, 6, "Creating a credentials requires a type, key, " "secret, and tenant_id (id is user_id)") if api.add_credentials( user=object_id, type=args[3], key=args[4], secrete=args[5], tenant=optional_arg(args, 6) ): print "SUCCESS: Credentials %s created." % object_id elif object_type == "credentials": raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("credentials")) else: # Command recognized but not handled: should never reach this raise NotImplementedError()
def process(*args): # Check arguments if len(args) == 0: raise optparse.OptParseError(OBJECT_NOT_SPECIFIED) else: object_type = args[0] if object_type not in OBJECTS: raise optparse.OptParseError(SUPPORTED_OBJECTS) if len(args) == 1: raise optparse.OptParseError(ACTION_NOT_SPECIFIED) else: action = args[1] if action not in ACTIONS: raise optparse.OptParseError(SUPPORTED_ACTIONS) if action not in ['list', 'sync', 'version_control', 'version']: if len(args) == 2: raise optparse.OptParseError(ID_NOT_SPECIFIED) else: object_id = args[2] # Helper functions def require_args(args, min, msg): """Ensure there are at least `min` arguments""" if len(args) < min: raise optparse.OptParseError(msg) optional_arg = (lambda args, x: len(args) > x and str(args[x]).strip() or None) if object_type == 'database': options = get_options(args) # Execute command if (object_type, action) == ('user', 'add'): require_args(args, 4, 'No password specified for fourth argument') if api.add_user(name=object_id, password=args[3], tenant=optional_arg(args, 4)): print "SUCCESS: User %s created." % object_id elif (object_type, action) == ('user', 'list'): print Table('Users', ['id', 'name', 'enabled', 'tenant'], api.list_users()) elif (object_type, action) == ('user', 'disable'): if api.disable_user(name=object_id): print "SUCCESS: User %s disabled." % object_id elif object_type == 'user': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('users')) elif (object_type, action) == ('tenant', 'add'): if api.add_tenant(name=object_id): print "SUCCESS: Tenant %s created." % object_id elif (object_type, action) == ('tenant', 'list'): print Table('Tenants', ['id', 'name', 'enabled'], api.list_tenants()) elif (object_type, action) == ('tenant', 'disable'): if api.disable_tenant(name=object_id): print "SUCCESS: Tenant %s disabled." % object_id elif object_type == 'tenant': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tenants')) elif (object_type, action) == ('role', 'add'): if api.add_role(name=object_id, service_name=optional_arg(args, 3)): print "SUCCESS: Role %s created successfully." % object_id elif (object_type, action) == ('role', 'list'): tenant = optional_arg(args, 2) if tenant: # print with users print Table('Role assignments for tenant %s' % tenant, ['User', 'Role'], api.list_roles(tenant=tenant)) else: # print without tenants print Table('Roles', ['id', 'name', 'service_id', 'description'], api.list_roles()) elif (object_type, action) == ('role', 'grant'): require_args(args, 4, "Missing arguments: role grant 'role' 'user' " "'tenant (optional)'") tenant = optional_arg(args, 4) if api.grant_role(object_id, args[3], tenant): print("SUCCESS: Granted %s the %s role on %s." % (args[3], object_id, tenant)) elif object_type == 'role': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('roles')) elif (object_type, action) == ('endpointTemplates', 'add'): require_args(args, 9, "Missing arguments: endpointTemplates add " "'region' 'service_name' 'publicURL' 'adminURL' 'internalURL' " "'enabled' 'global'") version_id = optional_arg(args, 9) version_list = optional_arg(args, 10) version_info = optional_arg(args, 11) if api.add_endpoint_template(region=args[2], service=args[3], public_url=args[4], admin_url=args[5], internal_url=args[6], enabled=args[7], is_global=args[8], version_id=version_id, version_list=version_list, version_info=version_info): print("SUCCESS: Created EndpointTemplates for %s pointing to %s." % (args[3], args[4])) elif (object_type, action) == ('endpointTemplates', 'list'): tenant = optional_arg(args, 2) if tenant: print Table('Endpoints for tenant %s' % tenant, ['id', 'service', 'region', 'Public URL'], api.list_tenant_endpoints(tenant)) else: print Table('All EndpointTemplates', ['id', 'service', 'type', 'region', 'enabled', 'is_global', 'Public URL', 'Admin URL'], api.list_endpoint_templates()) elif (object_type, action) == ('endpoint', 'add'): require_args(args, 4, "Missing arguments: endPoint add tenant " "endPointTemplate") if api.add_endpoint(tenant=args[2], endpoint_template=args[3]): print("SUCCESS: Endpoint %s added to tenant %s." % (args[3], args[2])) elif object_type == 'endpoint': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('endpoints')) elif (object_type, action) == ('token', 'add'): require_args(args, 6, 'Creating a token requires a token id, user, ' 'tenant, and expiration') if api.add_token(token=object_id, user=args[3], tenant=args[4], expires=args[5]): print "SUCCESS: Token %s created." % (object_id,) elif (object_type, action) == ('token', 'list'): print Table('Tokens', ('token', 'user', 'expiration', 'tenant'), api.list_tokens()) elif (object_type, action) == ('token', 'delete'): if api.delete_token(token=object_id): print 'SUCCESS: Token %s deleted.' % (object_id,) elif object_type == 'token': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tokens')) elif (object_type, action) == ('service', 'add'): require_args(args, 4, "Missing arguments: service add <name> " \ "[type] [desc] [owner_id]" "type") type = optional_arg(args, 3) desc = optional_arg(args, 4) owner_id = optional_arg(args, 5) if api.add_service(name=object_id, type=type, desc=desc, owner_id=owner_id): print "SUCCESS: Service %s created successfully." % (object_id,) elif (object_type, action) == ('service', 'list'): print Table('Services', ('id', 'name', 'type', 'owner_id', 'description'), api.list_services()) elif object_type == 'service': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('services')) elif (object_type, action) == ('credentials', 'add'): require_args(args, 6, 'Creating a credentials requires a type, key, ' 'secret, and tenant_id (id is user_id)') if api.add_credentials(user=object_id, type=args[3], key=args[4], secrete=args[5], tenant=optional_arg(args, 6)): print "SUCCESS: Credentials %s created." % object_id elif object_type == 'credentials': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('credentials')) elif (object_type, action) == ('database', 'sync'): require_args(args, 1, 'Syncing database requires a version #') backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_sync(options['keystone.backends.sqlalchemy'], args) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') elif (object_type, action) == ('database', 'upgrade'): require_args(args, 1, 'Upgrading database requires a version #') backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_upgrade(options['keystone.backends.sqlalchemy'], args) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') elif (object_type, action) == ('database', 'downgrade'): require_args(args, 1, 'Downgrading database requires a version #') backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_downgrade(options['keystone.backends.sqlalchemy'], args) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') elif (object_type, action) == ('database', 'version_control'): backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_version_control(options['keystone.backends.sqlalchemy']) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') elif (object_type, action) == ('database', 'version'): backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_version(options['keystone.backends.sqlalchemy']) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') elif (object_type, action) == ('database', 'goto'): require_args(args, 1, 'Jumping database versions requires a ' 'version #') backend_names = options.get('backends', None) if backend_names: if 'keystone.backends.sqlalchemy' in backend_names.split(','): do_db_goto_version(options['keystone.backends.sqlalchemy'], version=args[2]) else: raise optparse.OptParseError( 'SQL alchemy backend not specified in config') else: # Command recognized but not handled: should never reach this raise NotImplementedError()
def setUp(self): self.clear_all_data() manage_api.add_tenant('Test tenant') self.user = manage_api.add_user('Test user', 'Test password', 'Test tenant')
def process(*args): # Check arguments if len(args) == 0: raise optparse.OptParseError(OBJECT_NOT_SPECIFIED) else: object_type = args[0] if object_type not in OBJECTS: raise optparse.OptParseError(SUPPORTED_OBJECTS) if len(args) == 1: raise optparse.OptParseError(ACTION_NOT_SPECIFIED) else: action = args[1] if action not in ACTIONS: raise optparse.OptParseError(SUPPORTED_ACTIONS) if len(args) == 2 and action not in ['list']: raise optparse.OptParseError(ID_NOT_SPECIFIED) else: object_id = args[2] # Helper functions def require_args(args, min, msg): """Ensure there are at least `min` arguments""" if len(args) < min: raise optparse.OptParseError(msg) optional_arg = (lambda args, x: len(args) > x and args[x] or None) def print_table(header_row, rows): """Prints a lists of lists as table in a human readable format""" print "\t".join(header_row) print '-' * 79 rows = [[str(col) for col in row] for row in rows] print "\n".join(["\t".join(row) for row in rows]) # Execute command if (object_type, action) == ('user', 'add'): require_args(args, 4, 'No password specified for fourth argument') if api.add_user(name=object_id, password=args[3], tenant=optional_arg(args, 4)): print "SUCCESS: User %s created." % object_id elif (object_type, action) == ('user', 'list'): print_table(('id', 'name', 'enabled', 'tenant'), api.list_users()) elif (object_type, action) == ('user', 'disable'): if api.disable_user(name=object_id): print "SUCCESS: User %s disabled." % object_id elif object_type == 'user': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('users')) elif (object_type, action) == ('tenant', 'add'): if api.add_tenant(name=object_id): print "SUCCESS: Tenant %s created." % object_id elif (object_type, action) == ('tenant', 'list'): print_table(('id', 'name', 'enabled'), api.list_tenants()) elif (object_type, action) == ('tenant', 'disable'): if api.disable_tenant(name=object_id): print "SUCCESS: Tenant %s disabled." % object_id elif object_type == 'tenant': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tenants')) elif (object_type, action) == ('role', 'add'): if api.add_role(name=object_id): print "SUCCESS: Role %s created successfully." % object_id elif (object_type, action) == ('role', 'list'): tenant = optional_arg(args, 2) if tenant: # print with users print 'Role assignments for tenant %s' % tenant print_table(('User', 'Role'), api.list_roles(tenant=tenant)) else: # print without tenants print_table(('id', 'name'), api.list_roles()) elif (object_type, action) == ('role', 'grant'): require_args( args, 4, "Missing arguments: role grant 'role' 'user' " "'tenant (optional)'") tenant = optional_arg(args, 4) if api.grant_role(object_id, args[3], tenant): print("SUCCESS: Granted %s the %s role on %s." % (object_id, args[3], tenant)) elif object_type == 'role': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('roles')) elif (object_type, action) == ('endpointTemplates', 'add'): require_args( args, 9, "Missing arguments: endpointTemplates add " "'region' 'service' 'publicURL' 'adminURL' 'internalURL' " "'enabled' 'global'") if api.add_endpoint_template(region=args[2], service=args[3], public_url=args[4], admin_url=args[5], internal_url=args[6], enabled=args[7], is_global=args[8]): print("SUCCESS: Created EndpointTemplates for %s pointing to %s." % (args[3], args[4])) elif (object_type, action) == ('endpointTemplates', 'list'): tenant = optional_arg(args, 2) if tenant: print 'Endpoints for tenant %s' % tenant print_table(('service', 'region', 'Public URL'), api.list_tenant_endpoints()) else: print 'All EndpointTemplates' print_table(('service', 'region', 'Public URL'), api.list_endpoint_templates()) elif object_type == 'endpointTemplates': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('endpointTemplates')) elif (object_type, action) == ('endpoint', 'add'): require_args( args, 4, "Missing arguments: endPoint add tenant " "endPointTemplate") if api.add_endpoint(tenant=args[2], endpoint_template=args[3]): print("SUCCESS: Endpoint %s added to tenant %s." % (args[3], args[2])) elif object_type == 'endpoint': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('endpoints')) elif (object_type, action) == ('token', 'add'): require_args( args, 6, 'Creating a token requires a token id, user, ' 'tenant, and expiration') if api.add_token(token=object_id, user=args[3], tenant=args[4], expires=args[5]): print "SUCCESS: Token %s created." % (object_id, ) elif (object_type, action) == ('token', 'list'): print_table(('token', 'user', 'expiration', 'tenant'), api.list_tokens()) elif (object_type, action) == ('token', 'delete'): if api.delete_token(token=object_id): print 'SUCCESS: Token %s deleted.' % (object_id, ) elif object_type == 'token': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tokens')) elif (object_type, action) == ('service', 'add'): require_args(args, 4, "Missing arguments: service add name " "type") type = optional_arg(args, 3) desc = optional_arg(args, 4) if api.add_service(name=object_id, type=type, desc=desc): print "SUCCESS: Service %s created successfully." % (object_id, ) elif (object_type, action) == ('service', 'list'): print_table(('id', 'name', 'type'), api.list_services()) elif object_type == 'service': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('services')) elif (object_type, action) == ('credentials', 'add'): require_args( args, 6, 'Creating a credentials requires a type, key, ' 'secret, and tenant_id (id is user_id)') if api.add_credentials(user=object_id, type=args[3], key=args[4], secrete=args[5], tenant=optional_arg(args, 6)): print "SUCCESS: Credentials %s created." % object_id elif object_type == 'credentials': raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('credentials')) else: # Command recognized but not handled: should never reach this raise NotImplementedError()
def process(*args): """ Usage: keystone-manage [options] type command [id [attributes]] type : role, tenant, user, token, endpoint, endpointTemplates command : add, list, disable, delete, grant, revoke id : name or id attributes : depending on type... users : password, tenant tokens : user, tenant, expiration role list [tenant] will list roles granted on that tenant options -c | --config-file : config file to use -d | --debug : debug mode Example: keystone-manage user add Admin P@ssw0rd """ # Check arguments if len(args) == 0: raise optparse.OptParseError( 'No obj type specified for first argument') object_type = args[0] if object_type not in [ 'user', 'tenant', 'role', 'service', 'endpointTemplates', 'token', 'endpoint', 'credentials' ]: raise optparse.OptParseError('%s is not a supported obj type' % object_type) if len(args) == 1: raise optparse.OptParseError( 'No command specified for second argument') command = args[1] if command not in ['add', 'list', 'disable', 'delete', 'grant', 'revoke']: raise optparse.OptParseError('add, disable, delete, and list are the ' 'only supported commands (right now)') if len(args) == 2: if command != 'list': raise optparse.OptParseError('No id specified for third argument') if len(args) > 2: object_id = args[2] # Helper functions def require_args(args, min, msg): """Ensure there are at least `min` arguments""" if len(args) < min: raise optparse.OptParseError(msg) optional_arg = (lambda args, x: len(args) > x and args[x] or None) def print_table(header_row, rows): """Prints a lists of lists as table in a human readable format""" print "\t".join(header_row) print '-' * 79 rows = [[str(col) for col in row] for row in rows] print "\n".join(["\t".join(row) for row in rows]) # Execute command if (object_type, command) == ('user', 'add'): require_args(args, 4, 'No password specified for fourth argument') if api.add_user(name=object_id, password=args[3], tenant=optional_arg(args, 4)): print "SUCCESS: User %s created." % object_id elif (object_type, command) == ('user', 'disable'): if api.disable_user(name=object_id): print "SUCCESS: User %s disabled." % object_id elif (object_type, command) == ('user', 'list'): print_table(('id', 'enabled', 'tenant'), api.list_users()) elif (object_type, command) == ('tenant', 'add'): if api.add_tenant(name=object_id): print "SUCCESS: Tenant %s created." % object_id elif (object_type, command) == ('tenant', 'list'): print_table(('id', 'name', 'enabled'), api.list_tenants()) elif (object_type, command) == ('tenant', 'disable'): if api.disable_tenant(name=object_id): print "SUCCESS: Tenant %s disabled." % object_id elif (object_type, command) == ('role', 'add'): if api.add_role(name=object_id): print "SUCCESS: Role %s created successfully." % object_id elif (object_type, command) == ('role', 'list'): tenant = optional_arg(args, 2) if tenant: # print with users print 'Role assignments for tenant %s' % tenant print_table(('User', 'Role'), api.list_roles(tenant=tenant)) else: # print without tenants print_table(('id', 'name'), api.list_roles()) elif (object_type, command) == ('role', 'grant'): require_args( args, 4, "Missing arguments: role grant 'role' 'user' " "'tenant (optional)'") tenant = optional_arg(args, 4) if api.grant_role(object_id, args[3], tenant): print("SUCCESS: Granted %s the %s role on %s." % (object_id, args[3], tenant)) elif (object_type, command) == ('endpointTemplates', 'add'): require_args( args, 9, "Missing arguments: endpointTemplates add " "'region' 'service' 'publicURL' 'adminURL' 'internalURL' " "'enabled' 'global'") if api.add_endpoint_template(region=args[2], service=args[3], public_url=args[4], admin_url=args[5], internal_url=args[6], enabled=args[7], is_global=args[8]): print("SUCCESS: Created EndpointTemplates for %s pointing to %s." % (args[3], args[4])) elif (object_type, command) == ('endpointTemplates', 'list'): tenant = optional_arg(args, 2) if tenant: print 'Endpoints for tenant %s' % tenant print_table(('service', 'region', 'Public URL'), api.list_tenant_endpoints()) else: print 'All EndpointTemplates' print_table(('service', 'region', 'Public URL'), api.list_endpoint_templates()) elif (object_type, command) == ('endpoint', 'add'): require_args( args, 4, "Missing arguments: endPoint add tenant " "endPointTemplate") if api.add_endpoint(tenant=args[2], endpoint_template=args[3]): print("SUCCESS: Endpoint %s added to tenant %s." % (args[3], args[2])) elif (object_type, command) == ('token', 'add'): require_args( args, 6, 'Creating a token requires a token id, user, ' 'tenant, and expiration') if api.add_token(token=object_id, user=args[3], tenant=args[4], expires=args[5]): print "SUCCESS: Token %s created." % (object_id, ) elif (object_type, command) == ('token', 'list'): print_table(('token', 'user', 'expiration', 'tenant'), api.list_tokens()) elif (object_type, command) == ('token', 'delete'): if api.delete_token(token=object_id): print 'SUCCESS: Token %s deleted.' % (object_id, ) elif (object_type, command) == ('service', 'add'): require_args(args, 4, "Missing arguments: service add name " "type") type = optional_arg(args, 3) desc = optional_arg(args, 4) if api.add_service(name=object_id, type=type, desc=desc): print "SUCCESS: Service %s created successfully." % (object_id, ) elif (object_type, command) == ('service', 'list'): print_table(('id', 'name', 'type'), api.list_services()) elif (object_type, command) == ('credentials', 'add'): require_args( args, 6, 'Creating a credentials requires a type, key, ' 'secret, and tenant_id (id is user_id)') if api.add_credentials(user=object_id, type=args[3], key=args[4], secrete=args[5], tenant=optional_arg(args, 6)): print "SUCCESS: Credentials %s created." % object_id else: # Command not handled print("ERROR: unrecognized command %s %s" % (object_type, command))