def populate_roles_choices(self, request, context): roles = [] success = [] try: if request.user.roles: for role in request.user.roles: if (role.name == "Tenant Admin") & (role.roletype == "Tenant Admin"): success.append("Tenant Admin") else: success.append("Member") if "Tenant Admin" in success: rolelist = roledetail.objects(tenantid=request.user.tenantid.id) roles = [(role.id, role.name) for role in rolelist] else: rolelist = roledetail.objects(tenantid=request.user.tenantid.id) for role in rolelist: if (role.name == "Tenant Admin") & (role.roletype == "Tenant Admin"): pass else: roles.append((role.id, role.name)) else: roles = [] except Exception, e: messages.error(request,_(e.message)) LOG.error(e.message) roles = []
def get_data(self): try: # Add data to the context here... if "Tenant Admin" not in self.request.session["user_roles"]: refresh_session_policies(self.request, self.request.user) obj = roledetail.objects(tenantid=self.request.user.tenantid.id) roles = [] for role in obj: action = [] access = "" if role.policy == [] and role.access == []: role_obj = RoleObj(id=role.id, name=role.name, roletype=role.roletype) elif role.policy == [] and role.access: for k in role.access: access = access + "" + k + "," + "\n" role_obj = RoleObj( id=role.id, name=role.name, roletype=role.roletype, access=access[:-2].title() ) else: for i in role.policy: cloud = tenantclouds.objects(id=i.cloudid.id).first() action.append(cloud.name) action = set(action) action = list(action) for k in role.access: access = access + "" + k + "," + "\n" role_obj = RoleObj( role.id, role.name, role.roletype, ",\n".join(action).title(), access[:-2].title() ) roles.append(role_obj) except Exception, e: messages.error(self.request, _(e.message)) LOG.error(e.message) roles = []
def populate_roles_choices(self, request, context): try: id = context['id'] rolelist = [] success = [] user_rolelist = User.objects(id=id).first() if request.user.roles: for role in request.user.roles: if (role.name == "Tenant Admin") & (role.roletype == "Tenant Admin"): success.append("Tenant Admin") else: success.append("Member") aval_rolelist = roledetail.objects(tenantid=request.user.tenantid.id) if "Tenant Admin" in success: for i in aval_rolelist: if i in user_rolelist.roles: rolelist.append(i) else: pass else: for i in aval_rolelist: if i in user_rolelist.roles: if i.roletype == "Tenant Admin": pass else: rolelist.append(i) else: pass roles = [(role.id, role.name) for role in rolelist] except Exception, e: messages.error(request,_(e.message)) LOG.error(e.message) roles = []
def get_data(self): # Add data to the context here... if "Tenant Admin" not in self.request.session['user_roles']: refresh_session_policies(self.request, self.request.user) obj = User.objects(tenantid=self.request.user.tenantid.id) users = [] for user in obj: role_name = "" for a in user.roles: role = roledetail.objects(id=a.id).first() role_name = role_name + role.name+"," tet_obj = UserObj(user.id,user.username,role_name[:-1]) users.append(tet_obj) return users
def action(self, request, obj_id): try: role = roledetail.objects(id=obj_id).first() users = User.objects.all() for user in users: if len(user.roles) == 1: for roles in user.roles: if roles.id == role.id: raise Exception( "Role can't be delete. Some users have this role only. Remove them first..." ) for user in users: role_list = [] for roles in user.roles: if roles.id == role.id: pass else: role_list.append(roles) User.objects(id=user.id).update(set__roles=role_list) role.delete() except Exception, e: messages.info(request, _(e.message)) exceptions.handle_redirect(request, self.success_url)
def action(self, request, obj_id): try: role = roledetail.objects(id=obj_id).first() users = User.objects.all() for user in users: if (len(user.roles) == 1): for roles in user.roles: if roles.id == role.id: raise Exception( "Role can't be delete. Some users have this role only. Remove them first..." ) for user in users: role_list = [] for roles in user.roles: if roles.id == role.id: pass else: role_list.append(roles) User.objects(id=user.id).update(set__roles=role_list) role.delete() except Exception, e: messages.info(request, _(e.message)) exceptions.handle_redirect(request, self.success_url)
def get_data(self): try: # Add data to the context here... if "Tenant Admin" not in self.request.session['user_roles']: refresh_session_policies(self.request, self.request.user) obj = roledetail.objects(tenantid=self.request.user.tenantid.id) roles = [] for role in obj: action = [] access = "" if role.policy == [] and role.access == []: role_obj = RoleObj(id=role.id, name=role.name, roletype=role.roletype) elif role.policy == [] and role.access: for k in role.access: access = access + "" + k + "," + "\n" role_obj = RoleObj(id=role.id, name=role.name, roletype=role.roletype, access=access[:-2].title()) else: for i in role.policy: cloud = tenantclouds.objects(id=i.cloudid.id).first() action.append(cloud.name) action = set(action) action = list(action) for k in role.access: access = access + "" + k + "," + "\n" role_obj = RoleObj(role.id,role.name,role.roletype,\ ",\n".join(action).title(),access[:-2].title()) roles.append(role_obj) except Exception, e: messages.error(self.request, _(e.message)) LOG.error(e.message) roles = []
def action(self, request, obj_id): cloud = tenantclouds.objects(id=obj_id).first() roles = roledetail.objects(tenantid=request.user.tenantid) for role in roles: list1 = [] for a in role.policy: if (str(a.cloudid.id) == str(obj_id)): pass else: list1.append(a) roledetail.objects(id=role.id).update(set__policy=list1) user = get_user_document().objects( username=request.user.username).first() if cloud.platform == "Openstack": if user.openstackname == cloud.name: clouds = sum([[ y.cloudid for y in i.policy if y.cloudid.platform == "Openstack" ] for i in user.roles], []) if clouds: openstack_user = openstack_authenticate.authenticate( user_domain_name=None, username=clouds[0]["cloud_meta"]["publickey"], password=encode_decode( clouds[0]["cloud_meta"]["privatekey"], "decode"), auth_url=clouds[0]["cloud_meta"]["endpoint"]) utoken = openstack_user.token if utoken: delete_token(user.endpoint, user.token.id) otoken = trail.DocToken( user=utoken.user, user_domain_id=utoken.user_domain_id, id=utoken.id, project=utoken.project, tenant=utoken.project, domain=utoken.domain, roles=utoken.roles, serviceCatalog=utoken.serviceCatalog) user.token = otoken user.authorized_tenants = [ remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants ] user.service_catalog = openstack_user.service_catalog user.services_region = openstack_user.services_region user.project_name = openstack_user.project_name user.tenant_name = openstack_user.tenant_name user.tenant_id = openstack_user.tenant_id user.project_id = openstack_user.project_id user.endpoint = clouds[0]["cloud_meta"]["endpoint"] + "" user.openstackname = clouds[0]["name"] else: delete_token(user.endpoint, user.token.id) user.authorized_tenants = [] user.service_catalog = [] user.services_region = None user.project_name = None user.tenant_name = None user.tenant_id = None user.project_id = None user.endpoint = None user.token = None user.openstackname = None if cloud.platform == "Cnext": if user.cnextname == cloud.name: clouds = sum([[ y.cloudid for y in i.policy if y.cloudid.platform == "Cnext" ] for i in user.roles], []) if clouds: user.cnextpublickey = clouds[0]["cloud_meta"]["publickey"] user.cnextprivatekey = encode_decode( clouds[0]["cloud_meta"]["privatekey"], "encode") user.cnextendpoint = clouds[0]["cloud_meta"]["endpoint"] user.cnextname = clouds[0]["name"] else: user.cnextpublickey = "" user.cnextprivatekey = "" user.cnextendpoint = "" user.cnextname = "" if cloud.platform == "Hpcloud": hp_clouds = Hpclouddata.objects.all() for hp_cloud in hp_clouds: if hp_cloud.hpcloudid.id == cloud.id: if hp_cloud.id == request.user.hp_attr.id: clouds = sum([[ y.cloudid for y in i.policy if y.cloudid.platform == "Hpcloud" ] for i in user.roles], []) if clouds: hpclouds = Hpclouddata.objects.all() for hpcloud in hpclouds: if hpcloud.hpcloudid.id != cloud.id: user.hp_attr = hpcloud hpcloudobj = tenantclouds.objects( id=hpcloud.hpcloudid.id).first() user.hpname = hpcloudobj.name else: user.hp_attr = None user.hpname = None hp = Hpclouddata.objects(id=hp_cloud.id).first() hp.delete() else: hp = Hpclouddata.objects(id=hp_cloud.id).first() hp.delete() if cloud.platform == "Amazon": if user.awsname == cloud.name: clouds = sum([[ y.cloudid for y in i.policy if y.cloudid.platform == "Amazon" ] for i in user.roles], []) if clouds: user.awspublickey = clouds[0]["cloud_meta"]["publickey"] user.awsprivatekey = encode_decode( clouds[0]["cloud_meta"]["privatekey"], "encode") user.awsendpoint = clouds[0]["cloud_meta"]["endpoint"] user.awsname = clouds[0]["name"] else: user.awspublickey = "" user.awsprivatekey = "" user.awsendpoint = "" user.awsname = "" user.save() cloud.delete()
def action(self, request, obj_id): cloud = tenantclouds.objects(id = obj_id).first() roles = roledetail.objects(tenantid=request.user.tenantid) for role in roles: list1 = [] for a in role.policy: if (str(a.cloudid.id) == str(obj_id)): pass else: list1.append(a) roledetail.objects(id=role.id).update(set__policy=list1) user = get_user_document().objects(username=request.user.username).first() if cloud.platform == "Openstack": if user.openstackname == cloud.name: clouds = sum([[y.cloudid for y in i.policy if y.cloudid.platform == "Openstack"] for i in user.roles], []) if clouds: openstack_user = openstack_authenticate.authenticate(user_domain_name=None,username=clouds[0]["cloud_meta"]["publickey"], password=encode_decode(clouds[0]["cloud_meta"]["privatekey"],"decode"), auth_url= clouds[0]["cloud_meta"]["endpoint"]) utoken = openstack_user.token if utoken: delete_token(user.endpoint,user.token.id) otoken = trail.DocToken(user=utoken.user, user_domain_id=utoken.user_domain_id, id=utoken.id, project=utoken.project, tenant=utoken.project, domain=utoken.domain, roles=utoken.roles, serviceCatalog=utoken.serviceCatalog ) user.token = otoken user.authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants] user.service_catalog = openstack_user.service_catalog user.services_region = openstack_user.services_region user.project_name = openstack_user.project_name user.tenant_name = openstack_user.tenant_name user.tenant_id = openstack_user.tenant_id user.project_id = openstack_user.project_id user.endpoint = clouds[0]["cloud_meta"]["endpoint"] + "" user.openstackname = clouds[0]["name"] else: delete_token(user.endpoint,user.token.id) user.authorized_tenants = [] user.service_catalog = [] user.services_region = None user.project_name = None user.tenant_name = None user.tenant_id = None user.project_id = None user.endpoint = None user.token = None user.openstackname = None if cloud.platform =="Cnext": if user.cnextname == cloud.name: clouds = sum([[y.cloudid for y in i.policy if y.cloudid.platform == "Cnext"] for i in user.roles], []) if clouds: user.cnextpublickey = clouds[0]["cloud_meta"]["publickey"] user.cnextprivatekey = encode_decode(clouds[0]["cloud_meta"]["privatekey"],"encode") user.cnextendpoint = clouds[0]["cloud_meta"]["endpoint"] user.cnextname = clouds[0]["name"] else: user.cnextpublickey = "" user.cnextprivatekey = "" user.cnextendpoint = "" user.cnextname = "" if cloud.platform == "Hpcloud": hp_clouds = Hpclouddata.objects.all() for hp_cloud in hp_clouds: if hp_cloud.hpcloudid.id == cloud.id: if hp_cloud.id == request.user.hp_attr.id: clouds = sum([[y.cloudid for y in i.policy if y.cloudid.platform == "Hpcloud"] for i in user.roles], []) if clouds: hpclouds = Hpclouddata.objects.all() for hpcloud in hpclouds: if hpcloud.hpcloudid.id != cloud.id: user.hp_attr = hpcloud hpcloudobj = tenantclouds.objects(id = hpcloud.hpcloudid.id).first() user.hpname = hpcloudobj.name else: user.hp_attr = None user.hpname = None hp = Hpclouddata.objects(id = hp_cloud.id).first() hp.delete() else: hp = Hpclouddata.objects(id = hp_cloud.id).first() hp.delete() if cloud.platform =="Amazon": if user.awsname == cloud.name: clouds = sum([[y.cloudid for y in i.policy if y.cloudid.platform == "Amazon"] for i in user.roles], []) if clouds: user.awspublickey = clouds[0]["cloud_meta"]["publickey"] user.awsprivatekey = encode_decode(clouds[0]["cloud_meta"]["privatekey"],"encode") user.awsendpoint = clouds[0]["cloud_meta"]["endpoint"] user.awsname = clouds[0]["name"] else: user.awspublickey = "" user.awsprivatekey = "" user.awsendpoint = "" user.awsname = "" user.save() cloud.delete()