def get_data(self):
domains = []
domain_context = self.request.session.get('domain_context')
if policy.check((
("identity", "identity:list_domains"),
), self.request) and not domain_context:
try:
domains = api.keystone.domain_list(self.request)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve domain list.'))
elif policy.check((
("identity", "identity:get_domain"),
), self.request):
try:
domain_id = identity.get_domain_id_for_operation(self.request)
domain = api.keystone.domain_get(self.request, domain_id)
domains.append(domain)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve domain information.'))
else:
msg = _("Insufficient privilege level to view domain information.")
messages.info(self.request, msg)
return domains
def get_data(self):
groups = []
filters = self.get_filters()
self._needs_filter_first = False
if policy.check((("identity", "identity:list_groups"),),
self.request):
# If filter_first is set and if there are not other filters
# selected, then search criteria must be provided and
# return an empty list
filter_first = getattr(settings, 'FILTER_DATA_FIRST', {})
if filter_first.get('identity.groups', False) \
and len(filters) == 0:
self._needs_filter_first = True
return groups
domain_id = identity.get_domain_id_for_operation(self.request)
try:
groups = api.keystone.group_list(self.request,
domain=domain_id,
filters=filters)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve group list.'))
else:
msg = _("Insufficient privilege level to view group information.")
messages.info(self.request, msg)
return groups
def _update_project(self, request, data):
"""Update project info"""
domain_id = identity.get_domain_id_for_operation(request)
try:
project_id = data['project_id']
# add extra information
if keystone.VERSIONS.active >= 3:
EXTRA_INFO = settings.PROJECT_TABLE_EXTRA_INFO
kwargs = dict((key, data.get(key)) for key in EXTRA_INFO)
else:
kwargs = {}
return api.keystone.tenant_update(request,
project_id,
name=data['name'],
description=data['description'],
enabled=data['enabled'],
domain=domain_id,
**kwargs)
except exceptions.Conflict:
msg = _('Project name "%s" is already used.') % data['name']
self.failure_message = msg
return
except Exception as e:
LOG.debug('Project update failed: %s', e)
exceptions.handle(request, ignore=True)
return
def get_data(self):
groups = []
filters = self.get_filters()
self._needs_filter_first = False
if policy.check((("identity", "identity:list_groups"), ),
self.request):
# If filter_first is set and if there are not other filters
# selected, then search criteria must be provided and
# return an empty list
filter_first = getattr(settings, 'FILTER_DATA_FIRST', {})
if filter_first.get('identity.groups', False) \
and len(filters) == 0:
self._needs_filter_first = True
return groups
domain_id = identity.get_domain_id_for_operation(self.request)
try:
groups = api.keystone.group_list(self.request,
domain=domain_id,
filters=filters)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve group list.'))
else:
msg = _("Insufficient privilege level to view group information.")
messages.info(self.request, msg)
return groups
def get_data(self):
users = []
filters = self.get_filters()
if policy.check((("identity", "identity:list_users"),),
self.request):
domain_id = identity.get_domain_id_for_operation(self.request)
try:
users = api.keystone.user_list(self.request,
domain=domain_id,
filters=filters)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve user list.'))
elif policy.check((("identity", "identity:get_user"),),
self.request):
try:
user = api.keystone.user_get(self.request,
self.request.user.id)
users.append(user)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve user information.'))
else:
msg = _("Insufficient privilege level to view user information.")
messages.info(self.request, msg)
if api.keystone.VERSIONS.active >= 3:
domain_lookup = api.keystone.domain_lookup(self.request)
for u in users:
u.domain_name = domain_lookup.get(u.domain_id)
return users
def _update_project(self, request, data):
"""Update project info"""
domain_id = identity.get_domain_id_for_operation(request)
try:
project_id = data['project_id']
# add extra information
if keystone.VERSIONS.active >= 3:
EXTRA_INFO = getattr(settings, 'PROJECT_TABLE_EXTRA_INFO', {})
kwargs = dict((key, data.get(key)) for key in EXTRA_INFO)
else:
kwargs = {}
return api.keystone.tenant_update(
request,
project_id,
name=data['name'],
description=data['description'],
enabled=data['enabled'],
domain=domain_id,
**kwargs)
except exceptions.Conflict:
msg = _('Project name "%s" is already used.') % data['name']
self.failure_message = msg
return
except Exception as e:
LOG.debug('Project update failed: %s', e)
exceptions.handle(request, ignore=True)
return
def get_data(self):
domains = []
domain_context = self.request.session.get('domain_context')
if policy.check((
("identity", "identity:list_domains"),
), self.request) and not domain_context:
try:
domains = api.keystone.domain_list(self.request)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve domain list.'))
elif policy.check((
("identity", "identity:get_domain"),
), self.request):
try:
domain_id = identity.get_domain_id_for_operation(self.request)
domain = api.keystone.domain_get(self.request, domain_id)
domains.append(domain)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve domain information.'))
else:
msg = _("Insufficient privilege level to view domain information.")
messages.info(self.request, msg)
return domains
def get_data(self):
tenants = []
marker = self.request.GET.get(
project_tables.TenantsTable._meta.pagination_param, None)
self._more = False
filters = self.get_filters()
self._needs_filter_first = False
if policy.check((("identity", "identity:list_projects"),),
self.request):
# If filter_first is set and if there are not other filters
# selected, then search criteria must be provided and
# return an empty list
filter_first = getattr(settings, 'FILTER_DATA_FIRST', {})
if filter_first.get('identity.projects', False) and len(
filters) == 0:
self._needs_filter_first = True
self._more = False
return tenants
domain_id = identity.get_domain_id_for_operation(self.request)
try:
tenants, self._more = api.keystone.tenant_list(
self.request,
domain=domain_id,
paginate=True,
filters=filters,
marker=marker)
except Exception:
exceptions.handle(self.request,
_("Unable to retrieve project list."))
elif policy.check((("identity", "identity:list_user_projects"),),
self.request):
try:
tenants, self._more = api.keystone.tenant_list(
self.request,
user=self.request.user.id,
paginate=True,
marker=marker,
filters=filters,
admin=False)
except Exception:
exceptions.handle(self.request,
_("Unable to retrieve project information."))
else:
msg = \
_("Insufficient privilege level to view project information.")
messages.info(self.request, msg)
if api.keystone.VERSIONS.active >= 3:
domain_lookup = api.keystone.domain_lookup(self.request)
for t in tenants:
t.domain_name = domain_lookup.get(t.domain_id)
return tenants
def get_data(self):
tenants = []
marker = self.request.GET.get(
project_tables.TenantsTable._meta.pagination_param, None)
self._more = False
filters = self.get_filters()
self._needs_filter_first = False
if policy.check((("identity", "identity:list_projects"), ),
self.request):
# If filter_first is set and if there are not other filters
# selected, then search criteria must be provided and
# return an empty list
filter_first = getattr(settings, 'FILTER_DATA_FIRST', {})
if filter_first.get('identity.projects',
False) and len(filters) == 0:
self._needs_filter_first = True
self._more = False
return tenants
domain_id = identity.get_domain_id_for_operation(self.request)
try:
tenants, self._more = api.keystone.tenant_list(
self.request,
domain=domain_id,
paginate=True,
filters=filters,
marker=marker)
except Exception:
exceptions.handle(self.request,
_("Unable to retrieve project list."))
elif policy.check((("identity", "identity:list_user_projects"), ),
self.request):
try:
tenants, self._more = api.keystone.tenant_list(
self.request,
user=self.request.user.id,
paginate=True,
marker=marker,
filters=filters,
admin=False)
except Exception:
exceptions.handle(self.request,
_("Unable to retrieve project information."))
else:
msg = \
_("Insufficient privilege level to view project information.")
messages.info(self.request, msg)
if api.keystone.VERSIONS.active >= 3:
domain_lookup = api.keystone.domain_lookup(self.request)
for t in tenants:
t.domain_name = domain_lookup.get(t.domain_id)
return tenants
def get_tenants_data(self):
for role in self.request.user.roles:
self.roles.append(role.get('name'))
if self.roles.__contains__("user"):
self.template_name = 'main/overview/index_user.html'
elif self.roles.__contains__('project_manager'):
self.template_name = 'main/overview/index_pm.html'
tenants = []
marker = self.request.GET.get(
project_tables.TenantsTable._meta.pagination_param, None)
self._more = False
if policy.check((("identity", "identity:list_projects"), ),
self.request):
domain_id = identity.get_domain_id_for_operation(self.request)
try:
if self.request.user.username == 'admin':
tenants, self._more = api.keystone.tenant_list(
self.request,
domain=domain_id,
paginate=True,
marker=marker)
else:
tenants, self._more = api.keystone.tenant_my_list(
self.request, user_id=self.request.user.id)
except Exception:
exceptions.handle(self.request,
_("Unable to retrieve project list."))
elif policy.check((("identity", "identity:list_user_projects"), ),
self.request):
try:
tenants, self._more = api.keystone.tenant_list(
self.request,
user=self.request.user.id,
paginate=True,
marker=marker,
admin=False)
except Exception:
exceptions.handle(self.request,
_("Unable to retrieve project information."))
else:
msg = \
_("Insufficient privilege level to view project information.")
messages.info(self.request, msg)
if api.keystone.VERSIONS.active >= 3:
domain_lookup = api.keystone.domain_lookup(self.request)
for t in tenants:
t.domain_name = domain_lookup.get(t.domain_id)
return tenants
def post(self, request):
"""Create a group.
This action creates a group using parameters supplied in the POST
application/json object. The "name" (string) parameter is required,
"description" (string) is optional.
This method returns the new group object on success.
"""
new_group = api.keystone.group_create(
request, identity_utils.get_domain_id_for_operation(request),
request.DATA['name'], request.DATA.get("description", None))
return rest_utils.CreatedResponse(
'/api/keystone/groups/%s' % new_group.id, new_group.to_dict())
def handle(self, request, data):
try:
LOG.info('Creating group with name "%s"' % data['name'])
api.keystone.group_create(
request,
domain_id=identity_utils.get_domain_id_for_operation(
self.request),
name=data['name'],
description=data['description'])
messages.success(request,
_('Group "%s" was successfully created.')
% data['name'])
except Exception:
exceptions.handle(request, _('Unable to create group.'))
return False
return True
def handle(self, request, data):
try:
LOG.info('Creating group with name "%s"' % data['name'])
api.keystone.group_create(
request,
domain_id=identity_utils.get_domain_id_for_operation(
self.request),
name=data['name'],
description=data['description'])
messages.success(
request,
_('Group "%s" was successfully created.') % data['name'])
except Exception:
exceptions.handle(request, _('Unable to create group.'))
return False
return True
def get_data(self):
groups = []
domain_id = identity.get_domain_id_for_operation(self.request)
filters = self.get_filters()
if policy.check((("identity", "identity:list_groups"), ),
self.request):
try:
groups = api.keystone.group_list(self.request,
domain=domain_id,
filters=filters)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve group list.'))
else:
msg = _("Insufficient privilege level to view group information.")
messages.info(self.request, msg)
return groups
def get_data(self):
users = []
filters = self.get_filters()
self._needs_filter_first = False
if policy.check((("identity", "identity:list_users"),),
self.request):
# If filter_first is set and if there are not other filters
# selected, then search criteria must be provided
# and return an empty list
filter_first = getattr(settings, 'FILTER_DATA_FIRST', {})
if filter_first.get('identity.users', False) and len(filters) == 0:
self._needs_filter_first = True
return users
domain_id = identity.get_domain_id_for_operation(self.request)
try:
users = api.keystone.user_list(self.request,
domain=domain_id,
filters=filters)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve user list.'))
elif policy.check((("identity", "identity:get_user"),),
self.request):
try:
user = api.keystone.user_get(self.request,
self.request.user.id,
admin=False)
users.append(user)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve user information.'))
else:
msg = _("Insufficient privilege level to view user information.")
messages.info(self.request, msg)
if api.keystone.VERSIONS.active >= 3:
domain_lookup = api.keystone.domain_lookup(self.request)
for u in users:
u.domain_name = domain_lookup.get(u.domain_id)
return users
def get_data(self):
users = []
filters = self.get_filters()
self._needs_filter_first = False
if policy.check((("identity", "identity:list_users"),),
self.request):
# If filter_first is set and if there are not other filters
# selected, then search criteria must be provided
# and return an empty list
filter_first = getattr(settings, 'FILTER_DATA_FIRST', {})
if filter_first.get('identity.users', False) and len(filters) == 0:
self._needs_filter_first = True
return users
domain_id = identity.get_domain_id_for_operation(self.request)
try:
users = api.keystone.user_list(self.request,
domain=domain_id,
filters=filters)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve user list.'))
elif policy.check((("identity", "identity:get_user"),),
self.request):
try:
user = api.keystone.user_get(self.request,
self.request.user.id,
admin=False)
users.append(user)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve user information.'))
else:
msg = _("Insufficient privilege level to view user information.")
messages.info(self.request, msg)
if api.keystone.VERSIONS.active >= 3:
domain_lookup = api.keystone.domain_lookup(self.request)
for u in users:
u.domain_name = domain_lookup.get(u.domain_id)
return users
def post(self, request):
"""Create a group.
This action creates a group using parameters supplied in the POST
application/json object. The "name" (string) parameter is required,
"description" (string) is optional.
This method returns the new group object on success.
"""
new_group = api.keystone.group_create(
request,
identity_utils.get_domain_id_for_operation(request),
request.DATA['name'],
request.DATA.get("description", None))
return rest_utils.CreatedResponse(
'/api/keystone/groups/%s' % new_group.id,
new_group.to_dict()
)
def get_data(self):
tenants = []
marker = self.request.GET.get(
project_tables.TenantsTable._meta.pagination_param, None)
self._more = False
filters = self.get_filters()
if policy.check((("identity", "identity:list_projects"), ),
self.request):
domain_id = identity.get_domain_id_for_operation(self.request)
try:
tenants, self._more = api.keystone.tenant_list(
self.request,
domain=domain_id,
paginate=True,
filters=filters,
marker=marker)
except Exception:
exceptions.handle(self.request,
_("Unable to retrieve project list."))
elif policy.check((("identity", "identity:list_user_projects"), ),
self.request):
try:
tenants, self._more = api.keystone.tenant_list(
self.request,
user=self.request.user.id,
paginate=True,
marker=marker,
filters=filters,
admin=False)
except Exception:
exceptions.handle(self.request,
_("Unable to retrieve project information."))
else:
msg = \
_("Insufficient privilege level to view project information.")
messages.info(self.request, msg)
if api.keystone.VERSIONS.active >= 3:
domain_lookup = api.keystone.domain_lookup(self.request)
for t in tenants:
t.domain_name = domain_lookup.get(t.domain_id)
return tenants
def get_users_data(self):
users = []
self._needs_filter_first = False
if policy.check((("identity", "identity:list_users"), ), self.request):
domain_id = identity.get_domain_id_for_operation(self.request)
try:
if self.request.user.username == 'admin':
users = api.keystone.user_list(self.request,
domain=domain_id)
#filters=filters)
else:
projects = api.keystone.tenant_list(
self.request, user=self.request.user.id, admin=True)
users = api.keystone.user_my_list(self.request,
projects=projects)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve user list.'))
elif policy.check((("identity", "identity:get_user"), ), self.request):
try:
user = api.keystone.user_get(self.request,
self.request.user.id,
admin=False)
users.append(user)
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve user information.'))
else:
msg = _("Insufficient privilege level to view user information.")
messages.info(self.request, msg)
if api.keystone.VERSIONS.active >= 3:
domain_lookup = api.keystone.domain_lookup(self.request)
for u in users:
u.domain_name = domain_lookup.get(u.domain_id)
return users
def get_tenants_data(self):
tenants = []
marker = self.request.GET.get(
project_tables.TenantsTable._meta.pagination_param, None)
self._more = False
filters = self._get_filter()
if policy.check((("crystal", "crystal:list_projects"), ),
self.request):
# If filter_first is set and if there are not other filters
# selected, then search criteria must be provided and
# return an empty list
filter_first = getattr(settings, 'FILTER_DATA_FIRST', {})
if filter_first.get('crystal.projects', False):
return tenants
domain_id = identity.get_domain_id_for_operation(self.request)
try:
tenants, self._more = api.keystone.tenant_list(
self.request,
domain=domain_id,
paginate=True,
filters=filters,
marker=marker)
except Exception:
exceptions.handle(self.request,
_("Unable to retrieve project list."))
elif policy.check((("crystal", "crystal:list_user_projects"), ),
self.request):
try:
tenants, self._more = api.keystone.tenant_list(
self.request,
user=self.request.user.id,
paginate=True,
marker=marker,
filters=filters,
admin=False)
except Exception:
exceptions.handle(self.request,
_("Unable to retrieve project information."))
else:
msg = \
_("Insufficient privilege level to view project information.")
messages.info(self.request, msg)
if api.keystone.VERSIONS.active >= 3:
domain_lookup = api.keystone.domain_lookup(self.request)
for t in tenants:
t.domain_name = domain_lookup.get(t.domain_id)
enabled_crystal_projects = json.loads(
crystal_api.list_projects_crystal_enabled(self.request).text)
projects = []
for tenant in tenants:
if tenant.id in enabled_crystal_projects:
crystal_enabled = True
else:
crystal_enabled = False
project = CrystalProject(tenant.id, tenant.name,
tenant.description, tenant.domain_id,
tenant.enabled, crystal_enabled)
projects.append(project)
return projects
def _get_group_members(self):
group_id = self.kwargs['group_id']
domain_id = identity.get_domain_id_for_operation(self.request)
return api.keystone.user_list(self.request,
domain=domain_id,
group=group_id)
def _get_group_members(self):
group_id = self.kwargs['group_id']
domain_id = identity.get_domain_id_for_operation(self.request)
return api.keystone.user_list(self.request, domain=domain_id,
group=group_id)
