Exemplo n.º 1
0
    def update_actions(self, old_alarm=None):
        trustor_user_id = pecan.request.headers.get('X-User-Id')
        trustor_project_id = pecan.request.headers.get('X-Project-Id')
        roles = pecan.request.headers.get('X-Roles', '')
        if roles:
            roles = roles.split(',')
        else:
            roles = []
        auth_plugin = pecan.request.environ.get('keystone.token_auth')

        if old_alarm:
            prev_trust_ids = set(old_alarm._get_existing_trust_ids())
        else:
            prev_trust_ids = set()
        trust_id = prev_trust_ids.pop() if prev_trust_ids else None
        trust_id_used = False

        for actions in (self.ok_actions, self.alarm_actions,
                        self.insufficient_data_actions):
            if actions is not None:
                for index, action in enumerate(actions[:]):
                    url = netutils.urlsplit(action)
                    if self._is_trust_url(url):
                        if '@' in url.netloc:
                            errmsg = _("trust URL cannot contain a trust ID.")
                            raise base.ClientSideError(errmsg)
                        if trust_id is None:
                            # We have a trust action without a trust ID,
                            # create it
                            trust_id = keystone_client.create_trust_id(
                                pecan.request.cfg, trustor_user_id,
                                trustor_project_id, roles, auth_plugin)
                        if trust_id_used:
                            pw = ''
                        else:
                            pw = ':delete'
                            trust_id_used = True
                        netloc = '%s%s@%s' % (trust_id, pw, url.netloc)
                        url = urlparse.SplitResult(url.scheme, netloc,
                                                   url.path, url.query,
                                                   url.fragment)
                        actions[index] = url.geturl()
        if trust_id is not None and not trust_id_used:
            prev_trust_ids.add(trust_id)
        for old_trust_id in prev_trust_ids:
            keystone_client.delete_trust_id(pecan.request.cfg, old_trust_id,
                                            auth_plugin)
Exemplo n.º 2
0
 def delete_trust(self, action):
     auth_plugin = pecan.request.environ.get('keystone.token_auth')
     url = netutils.urlsplit(action)
     if self._is_trust_url(url) and url.password:
         keystone_client.delete_trust_id(url.username, auth_plugin)
Exemplo n.º 3
0
 def delete_actions(self):
     auth_plugin = pecan.request.environ.get('keystone.token_auth')
     for trust_id in self._get_existing_trust_ids():
         keystone_client.delete_trust_id(trust_id, auth_plugin)
Exemplo n.º 4
0
 def delete_trust(self, action):
     auth_plugin = pecan.request.environ.get('keystone.token_auth')
     url = netutils.urlsplit(action)
     if self._is_trust_url(url) and url.password:
         keystone_client.delete_trust_id(pecan.request.cfg, url.username,
                                         auth_plugin)