def from_xml(xml_str):
try:
dom = etree.Element("root")
dom.append(etree.fromstring(xml_str))
root = dom.find("{http://docs.openstack.org/identity/api/v2.0}"
"auth")
xmlns = "http://docs.openstack.org/identity/api/ext/OS-KSEC2/v1.0"
if root is None:
root = dom.find("{%s}ec2Credentials" % xmlns)
else:
root = root.find("{%s}ec2Credentials" % xmlns)
if root is None:
raise fault.BadRequestFault("Expecting ec2Credentials")
access = root.get("key")
utils.check_empty_string(access, "Expecting an access key.")
signature = root.get("signature")
utils.check_empty_string(signature, "Expecting a signature.")
verb = root.get("verb")
utils.check_empty_string(verb, "Expecting a verb.")
host = root.get("host")
utils.check_empty_string(signature, "Expecting a host.")
path = root.get("path")
utils.check_empty_string(signature, "Expecting a path.")
# TODO(vish): parse xml params
params = {}
return Ec2Credentials(access, signature, verb, host, path, params)
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse password credentials",
str(e))
def from_xml(xml_str):
try:
dom = etree.Element("root")
dom.append(etree.fromstring(xml_str))
root = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \
"user")
if root == None:
raise fault.BadRequestFault("Expecting User")
name = root.get("name")
tenant_id = root.get("tenantId")
email = root.get("email")
eppn = root.get("eppn")
password = root.get("password")
enabled = root.get("enabled")
if not name:
raise fault.BadRequestFault("Expecting User")
elif not password:
raise fault.BadRequestFault("Expecting User password")
elif not email:
raise fault.BadRequestFault("Expecting User email")
enabled = enabled is None or enabled.lower() in ["true", "yes"]
return User(password, id, name, tenant_id, email, eppn, enabled)
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse User", str(e))
def from_xml(xml_str):
try:
dom = etree.Element("root")
dom.append(etree.fromstring(xml_str))
eppn_el = dom.find("{http://docs.openstack.org/identity/api/v2.0}"
"tokenByEppn")
email_el = dom.find("{http://docs.openstack.org/identity/api/v2.0}"
"tokenByEmail")
if email_el is not None:
email = email_el.get("email")
if email == None:
raise fault.BadRequestFault("Expecting email")
return TokenBy(email, 'email')
elif eppn_el is not None:
eppn = eppn_el.get("eppn")
if eppn == None:
raise fault.BadRequestFault("Expecting eppn")
return TokenBy(eppn, 'eppn')
else:
raise fault.BadRequestFault(
'Expecting tokenByEmail or tokenByEppn')
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse TokenBy", str(e))
def from_xml(xml_str):
try:
dom = etree.Element("root")
dom.append(etree.fromstring(xml_str))
root = dom.find("{http://docs.openstack.org/identity/api/v2.0}"
"auth")
if root is None:
raise fault.BadRequestFault("Expecting auth")
tenant_id = root.get("tenantId")
tenant_name = root.get("tenantName")
password_credentials = \
root.find("{http://docs.openstack.org/identity/api/v2.0}"
"passwordCredentials")
if password_credentials is None:
raise fault.BadRequestFault("Expecting passwordCredentials")
username = password_credentials.get("username")
utils.check_empty_string(username, "Expecting a username")
password = password_credentials.get("password")
utils.check_empty_string(password, "Expecting a password")
if tenant_id and tenant_name:
raise fault.BadRequestFault(
"Expecting either Tenant ID or Tenant Name, but not both")
return AuthWithPasswordCredentials(username, password, tenant_id,
tenant_name)
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse password access", str(e))
def create_role_ref(self, admin_token, user_id, role_ref):
self.__validate_service_or_keystone_admin_token(admin_token)
duser = api.USER.get(user_id)
if not duser:
raise fault.ItemNotFoundFault("The user could not be found")
if not isinstance(role_ref, RoleRef):
raise fault.BadRequestFault("Expecting a Role Ref")
if role_ref.role_id == None:
raise fault.BadRequestFault("Expecting a Role Id")
drole = api.ROLE.get(role_ref.role_id)
if drole == None:
raise fault.ItemNotFoundFault("The role not found")
if role_ref.tenant_id != None:
dtenant = api.TENANT.get(role_ref.tenant_id)
if dtenant == None:
raise fault.ItemNotFoundFault("The tenant not found")
drole_ref = models.UserRoleAssociation()
drole_ref.user_id = duser.id
drole_ref.role_id = drole.id
if role_ref.tenant_id != None:
drole_ref.tenant_id = dtenant.id
user_role_ref = api.USER.user_role_add(drole_ref)
role_ref.role_ref_id = user_role_ref.id
return role_ref
def add_endpoint_template(self, admin_token, endpoint_template):
self.__validate_service_or_keystone_admin_token(admin_token)
if not isinstance(endpoint_template, EndpointTemplate):
raise fault.BadRequestFault("Expecting a EndpointTemplate")
if endpoint_template.service == None or \
len(endpoint_template.service.strip()) == 0:
raise fault.BadRequestFault("Expecting serviceId.")
if endpoint_template.service != None and\
len(endpoint_template.service.strip()) > 0 and\
api.SERVICE.get(endpoint_template.service) == None:
raise fault.BadRequestFault(
"A service with that id doesn't exist.")
dendpoint_template = models.EndpointTemplates()
dendpoint_template.region = endpoint_template.region
dendpoint_template.service_id = endpoint_template.service
dendpoint_template.public_url = endpoint_template.public_url
dendpoint_template.admin_url = endpoint_template.admin_url
dendpoint_template.internal_url = endpoint_template.internal_url
dendpoint_template.enabled = endpoint_template.enabled
dendpoint_template.is_global = endpoint_template.is_global
dendpoint_template = api.ENDPOINT_TEMPLATE.create(dendpoint_template)
endpoint_template.id = dendpoint_template.id
return endpoint_template
def from_json(json_str):
try:
obj = json.loads(json_str)
if not "user" in obj:
raise fault.BadRequestFault("Expecting User")
user = obj["user"]
# Check that fields are valid
invalid = [
key for key in user if key not in
['id', 'name', 'password', 'tenantId', 'email', 'enabled']
]
if invalid != []:
raise fault.BadRequestFault("Invalid attribute(s): %s" %
invalid)
id = user.get('id', None)
name = user.get('name', None)
password = user.get('password', None)
tenant_id = user.get('tenantId', None)
email = user.get('email', None)
enabled = user.get('enabled', True)
if not isinstance(enabled, bool):
raise fault.BadRequestFault("Bad enabled attribute!")
return User(password, id, name, tenant_id, email, enabled)
except (ValueError, TypeError) as e:
raise fault.BadRequestFault("Cannot parse Tenant", str(e))
def create_user(self, admin_token, user):
self.__validate_admin_token(admin_token)
self.validate_and_fetch_user_tenant(user.tenant_id)
if not isinstance(user, User):
raise fault.BadRequestFault("Expecting a User")
if user.name is None or not user.name.strip():
raise fault.BadRequestFault("Expecting a unique username")
if api.USER.get_by_name(user.name):
raise fault.UserConflictFault(
"A user with that name already exists")
if api.USER.get_by_email(user.email):
raise fault.EmailConflictFault(
"A user with that email already exists")
duser = models.User()
duser.name = user.name
duser.password = user.password
duser.email = user.email
duser.enabled = user.enabled
duser.tenant_id = user.tenant_id
duser = api.USER.create(duser)
user.id = duser.id
return user
def modify_endpoint_template(self, admin_token, endpoint_template_id,
endpoint_template):
self.__validate_service_or_keystone_admin_token(admin_token)
if not isinstance(endpoint_template, EndpointTemplate):
raise fault.BadRequestFault("Expecting a EndpointTemplate")
dendpoint_template = api.ENDPOINT_TEMPLATE.get(endpoint_template_id)
if not dendpoint_template:
raise fault.ItemNotFoundFault(
"The endpoint template could not be found")
#Check if the passed service exist.
if endpoint_template.service != None and\
len(endpoint_template.service.strip()) > 0 and\
api.SERVICE.get(endpoint_template.service) == None:
raise fault.BadRequestFault(
"A service with that id doesn't exist.")
dendpoint_template.region = endpoint_template.region
dendpoint_template.service_id = endpoint_template.service
dendpoint_template.public_url = endpoint_template.public_url
dendpoint_template.admin_url = endpoint_template.admin_url
dendpoint_template.internal_url = endpoint_template.internal_url
dendpoint_template.enabled = endpoint_template.enabled
dendpoint_template.is_global = endpoint_template.is_global
dendpoint_template = api.ENDPOINT_TEMPLATE.update(
endpoint_template_id, dendpoint_template)
return EndpointTemplate(
dendpoint_template.id, dendpoint_template.region,
dendpoint_template.service_id, dendpoint_template.public_url,
dendpoint_template.admin_url, dendpoint_template.internal_url,
dendpoint_template.enabled, dendpoint_template.is_global)
def from_xml(xml_str):
try:
dom = etree.Element("root")
dom.append(etree.fromstring(xml_str))
root = dom.find(
"{http://docs.openstack.org/identity/api/v2.0}tenant")
if root is None:
raise fault.BadRequestFault("Expecting Tenant")
id = root.get("id")
name = root.get("name")
enabled = root.get("enabled")
if enabled is None or enabled == "true" or enabled == "yes":
set_enabled = True
elif enabled == "false" or enabled == "no":
set_enabled = False
else:
raise fault.BadRequestFault("Bad enabled attribute!")
desc = root.find("{http://docs.openstack.org/identity/api/v2.0}"
"description")
if desc is None:
description = None
else:
description = desc.text
return models.Tenant(id=id, name=name, description=description,
enabled=set_enabled)
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse Tenant", str(e))
def create_tenant(self, admin_token, tenant):
"""
Given a token with the right privileges (an admin token), create
a new tenant
"""
self.__validate_admin_token(admin_token)
if not isinstance(tenant, Tenant):
raise fault.BadRequestFault("Expecting a Tenant")
if not tenant.name:
raise fault.BadRequestFault("Expecting a unique Tenant Name")
if api.TENANT.get_by_name(tenant.name) != None:
raise fault.TenantConflictFault(
"A tenant with that name already exists")
dtenant = models.Tenant()
dtenant.name = tenant.name
dtenant.desc = tenant.description
dtenant.enabled = tenant.enabled
dtenant = api.TENANT.create(dtenant)
tenant.id = dtenant.id
return tenant
def from_json(json_str):
try:
obj = json.loads(json_str)
if not "tenant" in obj:
raise fault.BadRequestFault("Expecting tenant")
tenant = obj["tenant"]
# Check that fields are valid
invalid = [key for key in tenant if key not in\
['id', 'name', 'enabled', 'description']]
if invalid != []:
raise fault.BadRequestFault("Invalid attribute(s): %s"
% invalid)
id = tenant.get("id", None)
name = tenant.get("name", None)
set_enabled = True
if "enabled" in tenant:
set_enabled = tenant["enabled"]
if not isinstance(set_enabled, bool):
raise fault.BadRequestFault("Bad enabled attribute!")
description = tenant.get("description")
return Tenant(id=id, name=name, description=description,
enabled=set_enabled)
except (ValueError, TypeError) as e:
raise fault.BadRequestFault("Cannot parse Tenant", str(e))
def from_xml(xml_str):
try:
dom = etree.Element("root")
dom.append(etree.fromstring(xml_str))
root = dom.find("{http://docs.openstack.org/identity/api/v2.0}"
"auth")
if root == None:
raise fault.BadRequestFault("Expecting auth")
token = root.find("{http://docs.openstack.org/identity/api/v2.0}"
"token")
if token is None:
raise fault.BadRequestFault("Expecting token")
token_id = token.get("id")
tenant_id = root.get("tenantId")
tenant_name = root.get("tenantName")
if token_id is None:
raise fault.BadRequestFault("Expecting a token id")
if tenant_id and tenant_name:
raise fault.BadRequestFault(
"Expecting either Tenant ID or Tenant Name, but not both")
return AuthWithUnscopedToken(token_id, tenant_id, tenant_name)
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse password access", str(e))
def from_xml(xml_str):
try:
dom = etree.Element("root")
dom.append(etree.fromstring(xml_str))
root = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \
"user")
if root == None:
raise fault.BadRequestFault("Expecting User")
id = root.get("id")
name = root.get("name")
tenant_id = root.get("tenantId")
email = root.get("email")
eppn = root.get("eppn")
password = root.get("password")
enabled = root.get("enabled")
if enabled == None or enabled == "true" or enabled == "yes":
set_enabled = True
elif enabled == "false" or enabled == "no":
set_enabled = False
else:
raise fault.BadRequestFault("Bad enabled attribute!")
# TODO: WTF is this?!
if password == '':
password = id
return User(password=password,
id=id,
name=name,
tenant_id=tenant_id,
email=email,
eppn=eppn,
enabled=set_enabled)
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse User", str(e))
def from_xml(xml_str):
try:
dom = etree.Element("root")
dom.append(etree.fromstring(xml_str))
root = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \
"biller")
if root == None:
raise fault.BadRequestFault("Expecting Bill_Unit")
total_vcpu = root.get("total_vcpu")
total_ram = root.get("total_ram")
total_vdisk = root.get("total_vdisk")
name = root.get("name")
enabled = root.get("enabled")
if not total_vcpu:
raise fault.BadRequestFault("Expecting Bill_Unit")
elif not total_vdisk:
raise fault.BadRequestFault("Expecting Bill_Unit vdisk")
enabled = enabled is None or enabled.lower() in ["true", "yes"]
LOG.info(
'keystone logic biller py from_xml dom id:%d vcpu:%d ram:%d vdisk:%d date:%s enabled:%d'
% (id, total_vcpu, total_ram, total_vdisk, name, enabled))
return Bill_Unit(id, name, total_vcpu, total_ram, total_vdisk,
enabled)
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse Bill_Unit", str(e))
def create_role(self, admin_token, role):
self.__validate_service_or_keystone_admin_token(admin_token)
if not isinstance(role, Role):
raise fault.BadRequestFault("Expecting a Role")
if not role.name:
raise fault.BadRequestFault("Expecting a Role name")
if api.ROLE.get(role.name) != None:
raise fault.RoleConflictFault("A role with that name '" +
role.name + "' already exists")
#Check if the passed service exist
#and the role begins with service_id:.
if role.service_id:
service = api.SERVICE.get(role.service_id)
if service is None:
raise fault.BadRequestFault(
"A service with that id doesnt exist.")
if not role.name.startswith(service.name + ":"):
raise fault.BadRequestFault(
"Role should begin with service name '" + service.name +
":'")
drole = models.Role()
drole.name = role.name
drole.desc = role.description
drole.service_id = role.service_id
drole = api.ROLE.create(drole)
role.id = drole.id
return role
def from_json(json_str):
LOG.info('keystone logic types biller py from_json before try %s' %
json_str)
try:
obj = json.loads(json_str)
if not "biller" in obj:
raise fault.BadRequestFault("Expecting Bill_Unit")
LOG.info('keystone logic types biller py from_json object %s' %
obj)
biller = obj["biller"]
LOG.info('keystone logic types biller py from_json biller %s' %
biller)
total_vcpu = biller.get('total_vcpu', None)
LOG.info(
'keystone lllogic types biller py from_json before IF vcpu%s' %
total_vcpu)
if (total_vcpu == None or total_vcpu == 0):
raise fault.BadRequestFault("Expecting Instance_Bill_Unit")
LOG.info('keystone logic types biller py from_json before ram')
if "total_ram" in biller:
total_ram = biller["total_ram"]
else:
total_ram = None
LOG.info('keystone logic types biller py from_json afterram')
if "name" in biller:
name = biller["name"]
#date =datetime.strptime(biller["date"], "%Y-%m-%d")
if "total_cost" in biller:
total_cost = biller["total_cost"]
if "changed_on" in biller:
changed_on = biller["changed_on"]
LOG.info(
'\n keystone logic types biller py from_json after name : %s created date: %s'
% (name, changed_on))
if "total_vdisk" not in biller:
raise fault.BadRequestFault("Expecting Bill_Unit vdisk")
total_vdisk = biller["total_vdisk"]
LOG.info('keystone logic types biller py from_json vdisk : %s ' %
total_vdisk)
if "enabled" in biller:
set_enabled = biller["enabled"]
if not isinstance(set_enabled, bool):
raise fault.BadRequestFault("Bad enabled attribute!")
else:
set_enabled = True
LOG.info(
'keystone logic types biller py from_json set_enabled : %s ' %
set_enabled)
id = biller.get('id', None)
LOG.info(
'before instance bill json return id : %s name :%s total_vcpu:%d total_ram:%d total_vdisk:%d total_cost: %s enabled:%d'
% (id, name, total_vcpu, total_ram, total_vdisk, total_cost,
set_enabled))
return Instance_Bill(id, name, total_vcpu, total_ram, total_vdisk,
changed_on, total_cost, set_enabled)
except (ValueError, TypeError) as e:
raise fault.BadRequestFault("Cannot parse Instance bill ", str(e))
def create_user(self, admin_token, user):
self.__validate_admin_token(admin_token)
self.validate_and_fetch_user_tenant(user.tenant_id)
if not isinstance(user, User):
raise fault.BadRequestFault("Expecting a User")
if user.name is None or not user.name.strip():
raise fault.BadRequestFault("Expecting a unique username")
if api.USER.get_by_name(user.name):
raise fault.UserConflictFault(
"A user with that name already exists")
if user.email is not None:
if len(user.email) == 0:
raise fault.BadRequestFault("Expecting a email")
if api.USER.get_by_email(user.email):
raise fault.EmailConflictFault(
"A user with that email already exists")
if user.eppn is not None:
if len(user.eppn) == 0:
raise fault.BadRequestFault("Expecting a eppn")
if api.USER.get_by_eppn(user.eppn):
raise fault.EppnConflictFault(
"A user with that eppn already exists")
duser = models.User()
duser.name = user.name
duser.password = user.password
duser.email = user.email
duser.eppn = user.eppn
duser.enabled = user.enabled
duser.tenant_id = user.tenant_id
duser = api.USER.create(duser)
user.id = duser.id
# create credentilas
dcreds = models.Credentials()
dtenant = api.TENANT.get_user_tenants(user.id)
if dtenant:
dcreds.key = dtenant[0].name + ":" + user.name
else:
dcreds.key = user.name
dcreds.user_id = user.id
dcreds.tenant_id = user.tenant_id
dcreds.type = "EC2"
dcreds.secret = user.password
api.CREDENTIALS.create(dcreds)
return user
def from_json(json_str):
LOG.info('keystone logic types biller py from_json before try %s' %
json_str)
try:
obj = json.loads(json_str)
if not "biller" in obj:
raise fault.BadRequestFault("Expecting Bill_Unit")
LOG.info('keystone logic types biller py from_json object %s' %
obj)
biller = obj["biller"]
LOG.info('keystone logic types biller py from_json biller %s' %
biller)
vcpu = biller.get('vcpu', None)
LOG.info(
'keystone logic types biller py from_json before IF vcpu%s' %
vcpu)
if (vcpu == None or vcpu == 0):
raise fault.BadRequestFault("Expecting Bill_Unit")
LOG.info('keystone logic types biller py from_json before ram')
if "ram" in biller:
ram = biller["ram"]
else:
ram = None
LOG.info('keystone logic types biller py from_json afterram')
if "date" in biller:
date = biller["date"]
#date =datetime.strptime(biller["date"], "%Y-%m-%d")
if "changed_on" in biller:
changed_on = biller["changed_on"]
LOG.info(
'keystone logic types biller py from_json after date : %s created date: %s'
% (date, changed_on))
if "vdisk" not in biller:
raise fault.BadRequestFault("Expecting Bill_Unit vdisk")
vdisk = biller["vdisk"]
LOG.info('keystone logic types biller py from_json vdisk : %s ' %
vdisk)
if "enabled" in biller:
set_enabled = biller["enabled"]
if not isinstance(set_enabled, bool):
raise fault.BadRequestFault("Bad enabled attribute!")
else:
set_enabled = True
LOG.info(
'keystone logic types biller py from_json set_enabled : %s ' %
set_enabled)
id = biller.get('id', None)
LOG.info(
'before return id :%s vcpu:%d ram:%d vdisk:%d date:%s enabled:%d'
% (id, vcpu, ram, vdisk, date, set_enabled))
return Bill_Unit(id, vcpu, ram, vdisk, date, changed_on,
set_enabled)
except (ValueError, TypeError) as e:
raise fault.BadRequestFault("Cannot parse bill Unit", str(e))
def from_json(json_str):
try:
obj = json.loads(json_str)
if not "ec2Credentials" in obj:
raise fault.BadRequestFault("Expecting ec2Credentials")
cred = obj["ec2Credentials"]
# Check that fields are valid
invalid = [key for key in cred if key not in\
['username', 'access', 'signature', 'params',
'verb', 'host', 'path']]
if invalid != []:
raise fault.BadRequestFault("Invalid attribute(s): %s" %
invalid)
if not "access" in cred:
raise fault.BadRequestFault("Expecting an access key")
access = cred["access"]
if not "signature" in cred:
raise fault.BadRequestFault("Expecting a signature")
signature = cred["signature"]
if not "verb" in cred:
raise fault.BadRequestFault("Expecting a verb")
verb = cred["verb"]
if not "host" in cred:
raise fault.BadRequestFault("Expecting a host")
host = cred["host"]
if not "path" in cred:
raise fault.BadRequestFault("Expecting a path")
path = cred["path"]
if not "params" in cred:
raise fault.BadRequestFault("Expecting params")
params = cred["params"]
return Ec2Credentials(access, signature, verb, host, path, params)
except (ValueError, TypeError) as e:
raise fault.BadRequestFault("Cannot parse password credentials",
str(e))
def _validate_auth(obj, *valid_keys):
root = obj.keys()[0]
for key in root:
if not key in valid_keys:
raise fault.BadRequestFault('Invalid attribute(s): %s' % key)
if root.get('tenantId') and root.get('tenantName'):
raise fault.BadRequestFault(
'Expecting either Tenant ID or Tenant Name, but not both')
return root
def from_xml(xml_str):
""" Verify Diablo syntax and return class initialized with data"""
try:
dom = etree.Element("root")
dom.append(etree.fromstring(xml_str))
root = \
dom.find("{http://docs.openstack.org/identity/api/v2.0}"
"access")
if root is None:
raise fault.BadRequestFault("Expecting access")
return D5ValidateData(init_xml=root)
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse Diablo response", str(e))
def from_json(json_str):
try:
obj = json.loads(json_str)
region = None
service = None
public_url = None
admin_url = None
internal_url = None
enabled = None
is_global = None
if not "endpointTemplate" in obj:
raise fault.BadRequestFault("Expecting endpointTemplate")
endpoint_template = obj["endpointTemplate"]
# Check that fields are valid
invalid = [
key for key in endpoint_template if key not in [
'id', 'region', 'serviceId', 'publicURL', 'adminURL',
'internalURL', 'enabled', 'global'
]
]
if invalid != []:
raise fault.BadRequestFault("Invalid attribute(s): %s" %
invalid)
if not "id" in endpoint_template:
id = None
else:
id = endpoint_template["id"]
if 'region' in endpoint_template:
region = endpoint_template["region"]
if 'serviceId' in endpoint_template:
service = endpoint_template["serviceId"]
if 'publicURL' in endpoint_template:
public_url = endpoint_template["publicURL"]
if 'adminURL' in endpoint_template:
admin_url = endpoint_template["adminURL"]
if 'internalURL' in endpoint_template:
internal_url = endpoint_template["internalURL"]
if 'enabled' in endpoint_template:
enabled = endpoint_template["enabled"]
if 'global' in endpoint_template:
is_global = endpoint_template["global"]
return EndpointTemplate(id, region, service, public_url, admin_url,
internal_url, enabled, is_global)
except (ValueError, TypeError) as e:
raise fault.BadRequestFault(\
"Cannot parse endpointTemplate", str(e))
def from_json(json_str):
try:
obj = json.loads(json_str)
if not "s3Credentials" in obj:
raise fault.BadRequestFault("Expecting S3Credentials")
cred = obj["s3Credentials"]
# Check that fields are valid
invalid = [key for key in cred if key not in\
['username', 'access', 'signature', 'verb', 'expire',
'path', 'content-type', 'content-md5', 'xheaders']]
if invalid != []:
raise fault.BadRequestFault("Invalid attribute(s): %s"
% invalid)
if not "access" in cred:
raise fault.BadRequestFault("Expecting an access key")
access = cred["access"]
if not "signature" in cred:
raise fault.BadRequestFault("Expecting a signature")
signature = cred["signature"]
if not "verb" in cred:
raise fault.BadRequestFault("Expecting a verb")
verb = cred["verb"]
if not "path" in cred:
raise fault.BadRequestFault("Expecting a path")
path = cred["path"]
if not "expire" in cred:
raise fault.BadRequestFault("Expecting a expire")
expire = cred["expire"]
content_type = cred.get("content-type", '')
content_md5 = cred.get("content-md5", '')
xheaders = cred.get("xheaders", None)
return S3Credentials(access, signature, verb, path, expire, content_type, content_md5, xheaders)
except (ValueError, TypeError) as e:
raise fault.BadRequestFault("Cannot parse password credentials",
str(e))
def _validate_key(obj, key, *required_keys):
if not key in obj:
raise fault.BadRequestFault('Expecting %s' % key)
ret = obj[key]
for skey in ret:
if not skey in required_keys:
raise fault.BadRequestFault('Invalid attribute(s): %s' % skey)
for required_key in required_keys:
if not ret.get(required_key):
raise fault.BadRequestFault('Expecting %s:%s' %
(key, required_key))
return ret
def _validate_auth(obj, *valid_keys):
if not 'auth' in obj:
raise fault.BadRequestFault('Expecting auth')
auth = obj.get('auth')
for key in auth:
if not key in valid_keys:
raise fault.BadRequestFault('Invalid attribute(s): %s' % key)
if auth.get('tenantId') and auth.get('tenantName'):
raise fault.BadRequestFault(
'Expecting either Tenant ID or Tenant Name, but not both')
return auth
def from_xml(xml_str):
try:
dom = etree.Element("root")
dom.append(etree.fromstring(xml_str))
root = dom.find("{http://docs.x7.org/identity/api/v2.0}" \
"role")
if root == None:
raise fault.BadRequestFault("Expecting Role")
role_id = root.get("roleId")
tenant_id = root.get("tenantId")
if role_id == None:
raise fault.BadRequestFault("Expecting Role")
return RoleRef('', role_id, tenant_id)
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse Role", str(e))
def from_xml(xml_str):
try:
dom = etree.Element("root")
dom.append(etree.fromstring(xml_str))
root = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \
"passwordCredentials")
if root is None:
raise fault.BadRequestFault("Expecting passwordCredentials")
user_name = root.get("username")
password = root.get("password")
utils.check_empty_string(password, "Expecting a password.")
return PasswordCredentials(user_name, password)
except etree.LxmlError as e:
raise fault.BadRequestFault("Cannot parse passwordCredentials",
str(e))
def check_empty_string(value, message):
"""
Checks whether a string is empty and raises
fault for empty string.
"""
if is_empty_string(value):
raise fault.BadRequestFault(message)
def get_tenant_endpoints(self, admin_token, marker, limit, url, tenant_id):
self.__validate_service_or_keystone_admin_token(admin_token)
if tenant_id == None:
raise fault.BadRequestFault("Expecting a Tenant Id")
if api.TENANT.get(tenant_id) == None:
raise fault.ItemNotFoundFault("The tenant not found")
ts = []
dtenant_endpoints = \
api.ENDPOINT_TEMPLATE.\
endpoint_get_by_tenant_get_page(
tenant_id, marker, limit)
for dtenant_endpoint in dtenant_endpoints:
ts.append(Endpoint(dtenant_endpoint.id,
url + '/endpointTemplates/' + \
str(dtenant_endpoint.endpoint_template_id)))
links = []
if ts.__len__():
prev, next = \
api.ENDPOINT_TEMPLATE.endpoint_get_by_tenant_get_page_markers(
tenant_id, marker, limit)
if prev:
links.append(
atom.Link('prev',
"%s?'marker=%s&limit=%s'" % (url, prev, limit)))
if next:
links.append(
atom.Link('next',
"%s?'marker=%s&limit=%s'" % (url, next, limit)))
return Endpoints(ts, links)