def group_list(request, domain=None, project=None, user=None, filters=None):
manager = keystoneclient(request, admin=True).groups
groups = []
kwargs = {
"domain": domain,
"user": user,
"name": None
}
if filters is not None:
kwargs.update(filters)
if 'id' in kwargs:
try:
groups = [manager.get(kwargs['id'])]
except keystone_exceptions.NotFound:
raise exceptions.NotFound()
else:
groups = manager.list(**kwargs)
if project:
project_groups = []
for group in groups:
roles = roles_for_group(request, group=group.id, project=project)
if roles:
project_groups.append(group)
groups = project_groups
return groups
def get_context_data(self, **kwargs):
context = super(BannerView, self).get_context_data(**kwargs)
if not self.request.is_ajax():
raise exceptions.NotFound()
if (not self.request.user.is_authenticated
or not self.request.user.is_superuser):
context["alarmbanner"] = False
elif 'dc_admin' in self.request.META.get('HTTP_REFERER'):
summaries = self.get_subcloud_data()
central_summary = self.get_data()
summaries.append(central_summary)
context["dc_admin"] = True
context["alarmbanner"] = True
context["OK"] = len([s for s in summaries if s.status == 'OK'])
context["degraded"] = len(
[s for s in summaries if s.status == 'degraded'])
context["critical"] = len(
[s for s in summaries if s.status == 'critical'])
context["disabled"] = len(
[s for s in summaries if s.status == 'disabled'])
elif is_service_enabled(self.request, 'platform'):
context["summary"] = self.get_data()
context["alarmbanner"] = True
return context
def __init__(self, request, *args, **kwargs):
super(UpdateProjectMembersAction,
self).__init__(request, *args, **kwargs)
err_msg = _('Unable to retrieve user list. Please try again later.')
project_id = ''
if 'project_id' in args[0]:
project_id = args[0]['project_id']
# Get the default role
try:
default_role = api.keystone.get_default_role(self.request)
# Default role is necessary to add members to a project
if default_role is None:
default = getattr(settings, "OPENSTACK_KEYSTONE_DEFAULT_ROLE",
None)
msg = _('Could not find default role "%s" in Keystone') % \
default
raise exceptions.NotFound(msg)
except:
exceptions.handle(self.request,
err_msg,
redirect=reverse(INDEX_URL))
self.fields['default_role'].initial = default_role.id
# Get list of available users
all_users = []
domain_context = request.session.get('domain_context', None)
try:
all_users = api.keystone.user_list(request, domain=domain_context)
except:
exceptions.handle(request, err_msg)
users_list = [(user.id, user.name) for user in all_users]
# Get list of roles
role_list = []
try:
role_list = api.keystone.role_list(request)
except:
exceptions.handle(request, err_msg, redirect=reverse(INDEX_URL))
for role in role_list:
field_name = "role_" + role.id
label = _(role.name)
self.fields[field_name] = forms.MultipleChoiceField(required=False,
label=label)
self.fields[field_name].choices = users_list
self.fields[field_name].initial = []
# Figure out users & roles
if project_id:
for user in all_users:
try:
roles = api.keystone.roles_for_user(
self.request, user.id, project_id)
except:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
for role in roles:
self.fields["role_" + role.id].initial.append(user.id)
def get_initial(self):
share = self.get_object()
if not share or isinstance(share, Exception):
raise exceptions.NotFound()
return {
'share_id': self.kwargs["share_id"],
'name': share.name or share.id,
}
def get_context_data(self, **kwargs):
context = super(ResetPasswordView, self).get_context_data(**kwargs)
user_id = self.request.REQUEST.get('uid')
email = self.request.REQUEST.get('email')
key = self.request.REQUEST.get('tid')
if any((not user_id, not email, not key)):
raise exceptions.NotFound()
params = self.request.session.get(key, None)
LOG.error("Params from session: %s", str(params))
if params is None or params['uid'] != user_id or \
params['email'] != email:
#messages.error(self.request, _("Request expired."))
raise exceptions.NotFound(_("Request expired."))
return context
def _get_default_object(self, request):
default_role = fiware_api.keystone.get_member_role(request)
# Default role is necessary to add members to a project
if default_role is None:
default = getattr(settings, "OPENSTACK_KEYSTONE_DEFAULT_ROLE",
None)
msg = (('Could not find default role "%s" in Keystone') % default)
raise exceptions.NotFound(msg)
return default_role
def test_detail_view_with_exception(self):
message = test_data.fake_message_1
url = reverse('horizon:admin:user_messages:user_messages_detail',
args=[message.id])
self.mock_object(
api_manila, "messages_get",
mock.Mock(side_effect=horizon_exceptions.NotFound(404)))
res = self.client.get(url)
self.assertRedirectsNoFollow(res, INDEX_URL)
api_manila.messages_get.assert_called_once_with(mock.ANY, message.id)
def test_detail_view_with_exception(self):
url = reverse('horizon:project:shares:security_service_detail',
args=[test_data.sec_service.id])
self.mock_object(
api_manila, "security_service_get",
mock.Mock(side_effect=horizon_exceptions.NotFound(404)))
res = self.client.get(url)
self.assertRedirectsNoFollow(res, SHARE_INDEX_URL)
api_manila.security_service_get.assert_called_once_with(
mock.ANY, test_data.sec_service.id)
def test_detail_view_with_exception(self):
url = reverse('horizon:admin:share_snapshots:share_snapshot_detail',
args=[test_data.snapshot.id])
self.mock_object(
api_manila, "share_snapshot_get",
mock.Mock(side_effect=horizon_exceptions.NotFound(404)))
res = self.client.get(url)
self.assertRedirectsNoFollow(res, INDEX_URL)
api_manila.share_snapshot_get.assert_called_once_with(
mock.ANY, test_data.snapshot.id)
def user_list(request, project=None, domain=None, group=None, filters=None):
users = []
kwargs = {"project": project, "domain": domain, "group": group}
if filters is not None:
kwargs.update(filters)
if 'id' in kwargs:
try:
users = [user_get(request, kwargs['id'])]
except keystone_exceptions.NotFound:
raise exceptions.NotFound()
else:
users = keystoneclient(request, admin=True).users.list(**kwargs)
return [VERSIONS.upgrade_v2_user(user) for user in users]
def get_account_id(request, domain_id=None):
if domain_id is None:
ref = request.user.user_domain_id
else:
ref = domain_id
query = [{
"field": "account.ref_resource",
"op": "eq",
"value": ref,
"type": "string",
}]
params = [
"pagation.number=1", "pagation.count=1", "q.orderby=account.id",
"q.sort=asc"
]
try:
account = chakra.account_list(request, query, params)
account = [a.to_dict() for a in account]
if len(account) == 0:
raise exceptions.NotFound("Can't find account of current user")
return account[0].get('id')
except:
raise exceptions.NotFound("Can't find account of current user")
def post(self, request, query):
data = request.DATA
project_id = request.user.project_id
domain_id = request.user.user_domain_id
_account_id = get_account_id(request)
if _account_id == None:
raise exceptions.NotFound("Your User has no billing account")
data.update({
'project_id': project_id,
'domain_id': domain_id,
'account_id': _account_id,
'provider': 'openstack'
})
product = billing.product_create(request, data).to_dict()
return product
def get_balance(request):
domain_id = request.user.user_domain_id
query = [{
"field": "account.ref_resource",
"op": "eq",
"value": domain_id,
"type": "string",
}]
param = [
"pagation.number=1", "pagation.count=1", "q.orderby=account.id",
"q.sort=asc"
]
try:
items = chakra.account_list(request, query, param)
items = [i.to_dict() for i in items]
if len(items):
return items[0].get('balance')
except:
raise exceptions.NotFound("Can't find account of current user")
def get_expertid_from_keystone_user(request, redirect=None):
expertid = None
try:
user = api.keystone.user_get(request, request.user.id, admin=False)
expertid = getattr(user, 'expertid', None)
except Exception:
if redirect:
exceptions.handle(request,
_('Unable to retrieve user information.'),
redirect=redirect)
return None
if not expertid and redirect:
try:
raise exceptions.NotFound(
_('Can not find index in the expert table for the current user'
))
except Exception:
exceptions.handle(request, u"非法用户", redirect=redirect)
return expertid
def post(self, request, payment_id):
requestData = request.DATA
_account_id = get_account_id(request)
if _account_id == None:
raise exceptions.NotFound("Your User has no billing account.")
if requestData.get("type") == "invcode":
return create_invcode_payment(request, requestData.get('invcode'),
float(requestData.get('value')),
_account_id)
body = {
'ptype': requestData.get('type'),
'amount': float(requestData.get('value')),
'account_id': _account_id
}
new_payment = chakra.payment_create(request, **body)
items = new_payment.to_dict()
tn = items.get('trade_num')
pay_instance = OnlinePayFactory.get_instance(requestData.get("type"))
pay_url = pay_instance.get_pay_url(tn, requestData.get('value'),
getattr(settings, 'ALIPAY_SUBJECT'),
None)
return pay_url, items.get('id')
def get_by_node(cls, request, node):
"""Return the specified Heat Resource given a Node
:param request: request object
:type request: django.http.HttpRequest
:param node: node to match
:type node: tuskar_ui.api.node.Node
:return: matching Resource, or None if no Resource matches
the Node
:rtype: tuskar_ui.api.heat.Resource
"""
# TODO(tzumainn): this is terribly inefficient, but I don't see a
# better way. Maybe if Heat set some node metadata. . . ?
if node.instance_uuid:
for stack in Stack.list(request):
for resource in stack.resources(with_joins=False):
if resource.physical_resource_id == node.instance_uuid:
return resource
msg = _('Could not find resource matching node "%s"') % node.uuid
raise exceptions.NotFound(msg)
def __init__(self, request, *args, **kwargs):
super(UpdateProjectMembersAction,
self).__init__(request, *args, **kwargs)
err_msg = _('Unable to retrieve user list. Please try again later.')
# Use the domain_id from the project
domain_id = self.initial.get("domain_id", None)
project_id = ''
if 'project_id' in self.initial:
project_id = self.initial['project_id']
# Get the default role
try:
default_role = api.keystone.get_default_support_role(self.request)
# Default role is necessary to add members to a project
if default_role is None:
default = getattr(settings,
"OPENSTACK_KEYSTONE_DEFAULT_SUPPORT_ROLE",
None)
msg = (_('Could not find default role "%s" in Keystone') %
default)
raise exceptions.NotFound(msg)
except Exception:
LOG.warn(traceback.format_exc())
exceptions.handle(self.request,
err_msg,
redirect=reverse(INDEX_URL))
default_role_name = self.get_default_role_field_name()
self.fields[default_role_name] = forms.CharField(required=False)
self.fields[default_role_name].initial = default_role.id
# Get list of available users
# only list user have support role
all_users = []
try:
if policy.check((("identity", "admin_required"),), request) or\
policy.check((("identity", "support_required"),), request):
all_users = api.keystone.user_list(
request,
domain=domain_id,
filters={'default_role_id': default_role.id})
else:
parent_id = self.request.user.id
all_users = api.keystone.user_list(
self.request,
domain=domain_id,
filters={
"parent_id": parent_id,
'default_role_id': default_role.id
},
)
except Exception:
exceptions.handle(request, err_msg)
users_list = [(user.id, user.name) for user in all_users]
# Get list of roles
role_list = [default_role]
# try:
# role_list = api.keystone.role_list(request)
# for role in role_list[:]:
# if not request.user.is_superuser and role.name != default_role.name:
# role_list.remove(role)
# except Exception:
# exceptions.handle(request,
# err_msg,
# redirect=reverse(INDEX_URL))
for role in role_list:
field_name = self.get_member_field_name(role.id)
label = role.name
self.fields[field_name] = forms.MultipleChoiceField(required=False,
label=label)
self.fields[field_name].choices = users_list
self.fields[field_name].initial = []
# Figure out users & roles
if project_id:
try:
users_roles = api.keystone.get_project_users_roles(
request, project_id)
except Exception:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
for user_id in users_roles:
roles_ids = users_roles[user_id]
for role_id in roles_ids:
if role_id == default_role.id:
field_name = self.get_member_field_name(role_id)
self.fields[field_name].initial.append(user_id)
def __init__(self, request, *args, **kwargs):
super(UpdateProjectGroupsAction, self).__init__(request,
*args,
**kwargs)
err_msg = _('Unable to retrieve group list. Please try again later.')
# Use the domain_id from the project
domain_id = self.initial.get("domain_id", None)
project_id = ''
if 'project_id' in self.initial:
project_id = self.initial['project_id']
# Get the default role
try:
default_role = api.keystone.get_default_role(self.request)
# Default role is necessary to add members to a project
if default_role is None:
default = getattr(settings,
"OPENSTACK_KEYSTONE_DEFAULT_ROLE", None)
msg = (_('Could not find default role "%s" in Keystone') %
default)
raise exceptions.NotFound(msg)
except Exception:
exceptions.handle(self.request,
err_msg,
redirect=reverse(INDEX_URL))
default_role_name = self.get_default_role_field_name()
self.fields[default_role_name] = forms.CharField(required=False)
self.fields[default_role_name].initial = default_role.id
# Get list of available groups
all_groups = []
try:
all_groups = api.keystone.group_list(request,
domain=domain_id)
except Exception:
exceptions.handle(request, err_msg)
groups_list = [(group.id, group.name) for group in all_groups]
# Get list of roles
role_list = []
try:
role_list = api.keystone.role_list(request)
except Exception:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
for role in role_list:
field_name = self.get_member_field_name(role.id)
label = role.name
self.fields[field_name] = forms.MultipleChoiceField(required=False,
label=label)
self.fields[field_name].choices = groups_list
self.fields[field_name].initial = []
# Figure out groups & roles
if project_id:
try:
groups_roles = api.keystone.get_project_groups_roles(
request, project_id)
except Exception:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
for group_id in groups_roles:
roles_ids = groups_roles[group_id]
for role_id in roles_ids:
field_name = self.get_member_field_name(role_id)
self.fields[field_name].initial.append(group_id)
def __init__(self, request, *args, **kwargs):
super(UpdateDomainUsersAction, self).__init__(request, *args, **kwargs)
domain_id = self.initial.get("domain_id", '')
# Get the default role
try:
default_role = api.keystone.get_default_role(self.request)
# Default role is necessary to add members to a domain
if default_role is None:
default = getattr(settings, "OPENSTACK_KEYSTONE_DEFAULT_ROLE",
None)
msg = (_('Could not find default role "%s" in Keystone') %
default)
raise exceptions.NotFound(msg)
except Exception:
exceptions.handle(self.request,
_('Unable to find default role.'),
redirect=reverse(constants.DOMAINS_INDEX_URL))
default_role_name = self.get_default_role_field_name()
self.fields[default_role_name] = forms.CharField(required=False)
self.fields[default_role_name].initial = default_role.id
# Get list of available users
all_users = []
try:
all_users = api.keystone.user_list(request, domain=domain_id)
except Exception:
exceptions.handle(request, _('Unable to retrieve user list.'))
users_list = [(user.id, user.name) for user in all_users]
# Get list of roles
role_list = []
try:
role_list = api.keystone.role_list(request)
except Exception:
exceptions.handle(request,
_('Unable to retrieve role list.'),
redirect=reverse(constants.DOMAINS_INDEX_URL))
for role in role_list:
field_name = self.get_member_field_name(role.id)
label = role.name
self.fields[field_name] = forms.MultipleChoiceField(required=False,
label=label)
self.fields[field_name].choices = users_list
self.fields[field_name].initial = []
# Figure out users & roles
if domain_id:
try:
users_roles = api.keystone.get_domain_users_roles(
request, domain_id)
except Exception:
exceptions.handle(request,
_('Unable to retrieve user domain role '
'assignments.'),
redirect=reverse(
constants.DOMAINS_INDEX_URL))
for user_id in users_roles:
roles_ids = users_roles[user_id]
for role_id in roles_ids:
field_name = self.get_member_field_name(role_id)
self.fields[field_name].initial.append(user_id)
def __init__(self, request, *args, **kwargs):
super(UpdateProjectMembersAction,
self).__init__(request, *args, **kwargs)
err_msg = _('Unable to retrieve user list. Please try again later.')
# Use the domain_id from the project
domain_id = self.initial.get("domain_id", None)
project_id = ''
if 'project_id' in self.initial:
project_id = self.initial['project_id']
# Get the default role
try:
default_role = keystone.get_default_role(self.request)
# Default role is necessary to add members to a project
if default_role is None:
default = getattr(settings, "OPENSTACK_KEYSTONE_DEFAULT_ROLE",
None)
msg = (_('Could not find default role "%s" in Keystone') %
default)
raise exceptions.NotFound(msg)
except Exception:
exceptions.handle(self.request,
err_msg,
redirect=reverse(INDEX_URL))
default_role_name = self.get_default_role_field_name()
self.fields[default_role_name] = forms.CharField(required=False)
self.fields[default_role_name].initial = default_role.id
# Get list of available users
all_users = []
try:
all_users = api.keystone.user_list(request, domain=domain_id)
except Exception:
exceptions.handle(request, err_msg)
users_list = [(user.id, user.name) for user in all_users]
users_list = []
for user in all_users:
tenants = []
has_more = False
services_user = False
tenants, has_more = api.keystone.tenant_list(request, user=user.id)
for tenant in tenants:
if (getattr(user, 'tenantId', '') == tenant.id) and \
(tenant.name == 'services'):
services_user = True
if services_user is False:
users_list.append((user.id, user.name))
# Get list of roles
role_list = []
try:
role_list = api.keystone.role_list(request)
except Exception:
exceptions.handle(request, err_msg, redirect=reverse(INDEX_URL))
for role in role_list:
field_name = self.get_member_field_name(role.id)
label = role.name
self.fields[field_name] = forms.MultipleChoiceField(required=False,
label=label)
self.fields[field_name].choices = users_list
self.fields[field_name].initial = []
# Figure out users & roles
if project_id:
try:
users_roles = api.keystone.get_project_users_roles(
request, project_id)
except Exception:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
for user_id in users_roles:
roles_ids = users_roles[user_id]
for role_id in roles_ids:
field_name = self.get_member_field_name(role_id)
self.fields[field_name].initial.append(user_id)
def __init__(self, request, *args, **kwargs):
super(UpdateDomainGroupsAction, self).__init__(request, *args,
**kwargs)
err_msg = _('Unable to retrieve group list. Please try again later.')
domain_id = ''
if 'domain_id' in args[0]:
domain_id = args[0]['domain_id']
# Get the default role
try:
default_role = api.keystone.get_default_role(self.request)
# Default role is necessary to add members to a domain
if default_role is None:
default = getattr(settings, "OPENSTACK_KEYSTONE_DEFAULT_ROLE",
None)
msg = _('Could not find default role "%s" in Keystone') % \
default
raise exceptions.NotFound(msg)
except Exception:
exceptions.handle(self.request,
err_msg,
redirect=reverse(constants.DOMAINS_INDEX_URL))
default_role_name = self.get_default_role_field_name()
self.fields[default_role_name] = forms.CharField(required=False)
self.fields[default_role_name].initial = default_role.id
# Get list of available groups
all_groups = []
try:
all_groups = api.keystone.group_list(request, domain=domain_id)
except Exception:
exceptions.handle(request, err_msg)
groups_list = [(group.id, group.name) for group in all_groups]
# Get list of roles
role_list = []
try:
role_list = api.keystone.role_list(request)
except Exception:
exceptions.handle(request,
err_msg,
redirect=reverse(constants.DOMAINS_INDEX_URL))
for role in role_list:
field_name = self.get_member_field_name(role.id)
label = _(role.name)
self.fields[field_name] = forms.MultipleChoiceField(required=False,
label=label)
self.fields[field_name].choices = groups_list
self.fields[field_name].initial = []
# Figure out groups & roles
if domain_id:
for group in all_groups:
try:
roles = api.keystone.roles_for_group(self.request,
group=group.id,
domain=domain_id)
except Exception:
exceptions.handle(request,
err_msg,
redirect=reverse(
constants.DOMAINS_INDEX_URL))
for role in roles:
field_name = self.get_member_field_name(role.id)
self.fields[field_name].initial.append(group.id)
def handle(self, request, data):
# Create organization
default_domain = api.keystone.get_default_domain(request)
try:
self.object = fiware_api.keystone.project_create(
request,
name=data['name'],
description=data['description'],
enabled=True,
domain=default_domain,
website='')
except Exception:
exceptions.handle(request, GENERIC_ERROR_MESSAGE, ignore=True)
return False
# Set organization and user id
organization_id = self.object.id
user_id = request.user.id
LOG.debug('Organization %s created', organization_id)
# Grant purchaser in all default apps
default_apps = fiware_api.keystone.get_fiware_default_apps(
self.request)
purchaser_role = fiware_api.keystone.get_purchaser_role(self.request)
try:
for app in default_apps:
fiware_api.keystone.add_role_to_organization(
self.request,
purchaser_role.id,
organization_id,
app.id,
use_idm_account=True)
LOG.debug('Granted role %s in app %s', purchaser_role.name,
app.name)
except Exception as e:
exceptions.handle(
self.request,
redirect=reverse('horizon:idm:organizations:index'))
return False
# Find owner role id
try:
owner_role = fiware_api.keystone.get_owner_role(self.request)
if owner_role is None:
msg = ('Could not find owner role in Keystone')
LOG.debug(msg)
raise exceptions.NotFound(msg)
except Exception as e:
exceptions.handle(
self.request,
redirect=reverse('horizon:idm:organizations:index'))
return False
try:
api.keystone.add_tenant_user_role(request,
project=organization_id,
user=user_id,
role=owner_role.id)
LOG.debug('Added user %s and organization %s to role %s', user_id,
organization_id, owner_role.id)
except Exception:
exceptions.handle(
request, ('Failed to add {0} organization to list').format(
data['name']))
return False
response = shortcuts.redirect('switch_tenants', organization_id)
return response
