def get(self, request, provider_id, identity_id, format=None):
"""
Return the credential information for this identity
"""
#Sanity checks:
# User is authenticated
user = request.user
try:
# User is a member of a group ( TODO: loop through all instead)
group = user.group_set.get(name=user.username)
# Group has access to the active, running provider
provider = group.providers.get(id=provider_id,
active=True,
end_date=None)
# Group has access to the identity on that provider
identity = group.identities.get(provider=provider, id=identity_id)
# All other members of the identity are visible
id_members = CoreIdentityMembership.objects.filter(
identity__id=identity_id)
except ObjectDoesNotExist as odne:
return failure_response(
status.HTTP_404_NOT_FOUND,
'%s does not exist.' % odne.message.split()[0])
id_list = [id_member.identity for id_member in id_members[:1]]
serializer = IdentitySerializer(id_list, many=True)
serialized_data = serializer.data
return Response(serialized_data)
def post(self, request, cloud_admin_uuid):
"""
Passes in:
Username (To apply the identity to)
Credentials (Nested, will be applied to new identity)
"""
user = request.user
data = request.DATA
try:
provider_uuid = data['provider']
provider = Provider.objects.get(cloudadministrator__user=user,
uuid=provider_uuid)
except KeyError:
return Response(
"Missing 'provider' key, Expected UUID. Received no value.",
status=status.HTTP_409_conflict)
except Exception:
return Response("Provider with UUID %s does not exist" %
provider_uuid,
status=status.HTTP_409_conflict)
raise Exception
driver = get_account_driver(provider)
missing_args = driver.clean_credentials(data)
if missing_args:
raise Exception("Cannot create account. Missing credentials: %s" %
missing_args)
identity = driver.create_account(**data)
serializer = IdentitySerializer(identity)
# TODO: Account creation SHOULD return IdentityMembership NOT identity.
# membership = driver.create_account(**data)
# serializer = AccountSerializer(membership)
return Response(serializer.data)
def delete(self,
request,
provider_id,
identity_id,
group_name,
format=None):
"""
Unshare the identity
"""
try:
identity = Identity.objects.get(id=identity_id)
except Identity.DoesNotExist:
return failure_response(status.HTTP_404_NOT_FOUND,
"Identity does not exist.")
if not identity.can_share(user):
logger.error("User %s cannot remove sharing from identity %s. " +
"This incident will be reported" %
(user, identity_id))
return failure_response(
status.HTTP_401_UNAUTHORIZED,
"User %s cannot remove sharing from identity %s. " +
"This incident will be reported" % (user, identity_id))
group = Group.objects.get(name=group_name)
id_member = identity.unshare(group)
serializer = IdentitySerializer(id_member.identity)
serialized_data = serializer.data
return Response(serialized_data)
def post(self, request, provider_id, identity_id, format=None):
"""
Create a new identity member (ADMINS & OWNERS GROUP LEADERS ONLY)
"""
user = request.user
data = request.DATA
try:
identity = Identity.objects.get(id=identity_id)
group_name = data['group']
group = Group.objects.get(name=group_name)
prov_member = identity.provider.share(group)
id_member = identity.share(group)
except ObjectDoesNotExist as odne:
return failure_response(
status.HTTP_404_NOT_FOUND,
'%s does not exist.' % odne.message.split()[0])
if not identity.can_share(user):
logger.error("User %s cannot share identity %s. " +
"This incident will be reported")
return failure_response(
status.HTTP_401_UNAUTHORIZED,
"User %s cannot remove sharing from identity %s. " +
"This incident will be reported" % (user, identity_id))
serializer = IdentitySerializer(id_member.identity)
serialized_data = serializer.data
return Response(serialized_data)
def get(self, request, provider_uuid, username):
"""
Detailed view of all identities for provider,user combination.
username -- The username to match identities
"""
identities = CoreIdentity.objects.filter(provider__uuid=provider_uuid,
created_by__username=username)
serialized_data = IdentitySerializer(identities, many=True).data
return Response(serialized_data)
def get(self, request, provider_id, username):
"""
Return information on all identities given to this username on
the specific provider
"""
identities = CoreIdentity.objects.filter(provider__id=provider_id,
created_by__username=username)
serialized_data = IdentitySerializer(identities, many=True).data
return Response(serialized_data)
def get(self, request, provider_uuid, identity_uuid, format=None):
"""
Authentication Required, Get details for a specific identity.
"""
provider = get_provider(request.user, provider_uuid)
identity = get_identity(request.user, identity_uuid)
if not provider or not identity:
return invalid_provider_identity(provider_uuid, identity_uuid)
serialized_data = IdentitySerializer(identity).data
logger.debug(type(serialized_data))
return Response(serialized_data)
def get(self, request, provider_uuid, format=None):
"""
List of identities for the user on the selected provider.
"""
provider = get_provider(request.user, provider_uuid)
if not provider:
return invalid_provider(provider_uuid)
identities = get_identity_list(request.user, provider)
serialized_data = IdentitySerializer(identities, many=True).data
return Response(serialized_data)
def get(self, request, provider_id, identity_id, format=None):
"""
Authentication Required, Get details for a specific identity.
"""
username = request.user.username
group = Group.objects.get(name=username)
provider = group.providers.get(id=provider_id,
active=True,
end_date=None)
identity = group.identities.get(provider=provider, id=identity_id)
serialized_data = IdentitySerializer(identity).data
logger.debug(type(serialized_data))
return Response(serialized_data)
def get(self, request, provider_id, identity_id, format=None):
"""
Return the credential information for this identity
"""
username = request.user.username
group = Group.objects.get(name=username)
provider = group.providers.get(id=provider_id,
active=True,
end_date=None)
identity = group.identities.get(provider=provider, id=identity_id)
serialized_data = IdentitySerializer(identity).data
logger.debug(type(serialized_data))
return Response(serialized_data)
def get(self, request, provider_id, format=None):
"""
List of identities for the user on the selected provider.
"""
#NOTE: Identity's belonging to the group matching the username
#TODO: This should be user, user.groups.all, etc. to account for
#future 'shared' identitys
username = request.user.username
group = Group.objects.get(name=username)
provider = group.providers.get(id=provider_id,
active=True,
end_date=None)
identities = group.identities.filter(provider=provider).order_by('id')
serialized_data = IdentitySerializer(identities, many=True).data
return Response(serialized_data)