Exemplo n.º 1
0
 def handle(self, request, data):
     user = get_user_document().objects(username=request.user.username).first()
     openstack_clouds = sum([[y.cloudid for y in i.policy if 
                         y.cloudid.platform == "Openstack"] for i in request.user.roles], [])
     for cloud in openstack_clouds:
         if str(cloud.id) == str(data['account_name']):
             os_cloud = tenantclouds.objects(id = cloud.id).first()
             openstack_user = openstack_authenticate.authenticate(user_domain_name=None,
                                                                  username=os_cloud.cloud_meta['publickey'],
                                                                  password=encode_decode(os_cloud.cloud_meta['privatekey'],'decode'),
                                                                  auth_url= os_cloud.cloud_meta['endpoint'])
             utoken = openstack_user.token
             if utoken:
                 delete_token(user.endpoint,user.token.id)
                 otoken = trail.DocToken(user=utoken.user,
                                         user_domain_id=utoken.user_domain_id,
                                         id=utoken.id,
                                         project=utoken.project,
                                         tenant=utoken.project,
                                         domain=utoken.domain,
                                         roles=utoken.roles,
                                         serviceCatalog=utoken.serviceCatalog
                                         )
                 user.token = otoken
                 user.authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants]
                 user.service_catalog = openstack_user.service_catalog
                 user.services_region = openstack_user.services_region
                 user.project_name = openstack_user.project_name
                 user.tenant_name = openstack_user.tenant_name
                 user.tenant_id = openstack_user.tenant_id
                 user.project_id = openstack_user.project_id
                 user.endpoint = os_cloud.cloud_meta['endpoint'] + ""
                 user.openstackname = os_cloud.name
                 user.save()
                 return True
     return False
Exemplo n.º 2
0
    def handle(self, request, context):
        cloud_id = context.get('cloud_id', None)
        username = context.get('publickey', None)
        cloudname = context.get('cloudname', None)
        platform = context.get('platform', None)
        password = context.get('secretkey', None)
        endpoint = context.get('endpoint', None)
        cloud_type = context.get('cloud_type', None)
        if (username == '') & (password == ''):
            username = context.get('publickey', None)
            password = context.get('secretkey', None)
        get_user_document().objects(username=request.user.username).first()
        user = get_user_document().objects(
            username=request.user.username).first()
        try:
            if platform == "Cnext":
                httpInst = httplib2.Http()
                httpInst.add_credentials(name = username, \
                                     password = password)
                url = endpoint + "/api/instance?resourceType=vm"
                resp, body = httpInst.request(url)
                if resp.status == 200:
                    cloud = tenantclouds(name=cloudname,
                                         cloud_type=cloud_type,
                                         platform=platform,
                                         cloud_meta={
                                             "publickey":
                                             username,
                                             "privatekey":
                                             encode_decode(password, "encode"),
                                             "endpoint":
                                             endpoint
                                         },
                                         tenantid=request.user.tenantid.id,
                                         cloudid=cloud_id)
                    cloud.save()

                    roles = roledetail.objects(
                        tenantid=request.user.tenantid.id)
                    allowed_action = actions.objects.first().allowed
                    for role in roles:
                        if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
                            i = {
                                "cloudid": cloud.id,
                                "provider": "ALL",
                                "region": "ALL",
                                "allowed": allowed_action
                            }
                            roledetail.objects(id=role.id).update(
                                push__policy=i)
                        else:
                            pass
                    if user.cnextname == "" or user.cnextname is None:
                        user.cnextpublickey = username
                        user.cnextprivatekey = encode_decode(
                            password, "encode")
                        user.cnextendpoint = endpoint
                        user.cnextname = cloudname
                        user.save()

                    refresh_session_policies(request, request.user)
                    return True
                else:
                    return False

            elif platform == "Openstack":
                openstack_user = openstack_authenticate.authenticate(
                    user_domain_name=None,
                    username=username,
                    password=password,
                    auth_url=endpoint)
                utoken = openstack_user.token
                if utoken:
                    cloud = tenantclouds(name=cloudname,
                                         cloud_type=cloud_type,
                                         platform=platform,
                                         cloud_meta={
                                             "publickey":
                                             username,
                                             "privatekey":
                                             encode_decode(password, "encode"),
                                             "endpoint":
                                             endpoint
                                         },
                                         tenantid=request.user.tenantid.id,
                                         cloudid=cloud_id)
                    cloud.save()
                    allowed_action = actions.objects.first().allowed
                    roles = roledetail.objects(
                        tenantid=request.user.tenantid.id)
                    for role in roles:
                        if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
                            i = {
                                "cloudid": cloud.id,
                                "provider": "",
                                "region": "",
                                "allowed": allowed_action
                            }
                            roledetail.objects(id=role.id).update(
                                push__policy=i)

                    if user.openstackname == "" or user.openstackname is None:
                        otoken = trail.DocToken(
                            user=utoken.user,
                            user_domain_id=utoken.user_domain_id,
                            id=utoken.id,
                            project=utoken.project,
                            tenant=utoken.project,
                            domain=utoken.domain,
                            roles=utoken.roles,
                            serviceCatalog=utoken.serviceCatalog)
                        user.token = otoken
                        user.authorized_tenants = [
                            remove_tenants(d.__dict__)
                            for d in openstack_user.authorized_tenants
                        ]
                        user.service_catalog = openstack_user.service_catalog
                        user.services_region = openstack_user.services_region
                        user.project_name = openstack_user.project_name
                        user.tenant_name = openstack_user.tenant_name
                        user.tenant_id = openstack_user.tenant_id
                        user.project_id = openstack_user.project_id
                        user.endpoint = endpoint + ""
                        user.openstackname = cloudname
                        msg = _("Successfully user token created in "
                                "Mongodb.")
                        user.save()
                        LOG.debug(msg)
                    else:
                        delete_token(endpoint, utoken.id)
                    refresh_session_policies(request, request.user)
                    return True
                else:
                    return False
            elif platform == "Hpcloud":
                openstack_user = openstack_authenticate.authenticate(
                    user_domain_name=None,
                    username=username,
                    password=password,
                    auth_url=endpoint)
                utoken = openstack_user.token
                if utoken:
                    cloud = tenantclouds(name=cloudname,
                                         cloud_type=cloud_type,
                                         platform=platform,
                                         cloud_meta={
                                             "publickey":
                                             username,
                                             "privatekey":
                                             encode_decode(password, "encode"),
                                             "endpoint":
                                             endpoint
                                         },
                                         tenantid=request.user.tenantid.id,
                                         cloudid=cloud_id)
                    cloud.save()
                    allowed_action = actions.objects.first().allowed
                    roles = roledetail.objects(
                        tenantid=request.user.tenantid.id)
                    for role in roles:
                        if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
                            i = {
                                "cloudid": cloud.id,
                                "provider": "",
                                "region": "",
                                "allowed": allowed_action
                            }
                            roledetail.objects(id=role.id).update(
                                push__policy=i)

                    otoken = trail.DocToken(
                        user=utoken.user,
                        user_domain_id=utoken.user_domain_id,
                        id=utoken.id,
                        project=utoken.project,
                        tenant=utoken.project,
                        domain=utoken.domain,
                        roles=utoken.roles,
                        serviceCatalog=utoken.serviceCatalog)
                    hp = trail.Hpclouddata(token = otoken,\
                                      authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants],\
                                      service_catalog = openstack_user.service_catalog,\
                                      services_region = openstack_user.services_region,\
                                      project_name = openstack_user.project_name,\
                                      tenant_name = openstack_user.tenant_name,\
                                      tenant_id = openstack_user.tenant_id,\
                                      project_id = openstack_user.project_id,\
                                      endpoint = endpoint + "",\
                                      hpcloudid = cloud.id
                                      )
                    hp.save()
                    if user.hp_attr == "" or user.hp_attr is None:
                        user.hp_attr = hp
                        user.hpname = cloudname
                        user.save()
                    msg = _("Successfully user token created in " "Mongodb.")
                    LOG.debug(msg)
                    refresh_session_policies(request, request.user)
                    return True

                else:
                    return False

            elif platform == "Amazon":
                status = test(endpoint, username, password)
                if status == True:
                    cloud = tenantclouds(name=cloudname,
                                         cloud_type=cloud_type,
                                         platform=platform,
                                         cloud_meta={
                                             "publickey":
                                             username,
                                             "privatekey":
                                             encode_decode(password, "encode"),
                                             "endpoint":
                                             endpoint
                                         },
                                         tenantid=request.user.tenantid.id,
                                         cloudid=cloud_id)
                    cloud.save()

                    roles = roledetail.objects(
                        tenantid=request.user.tenantid.id)
                    allowed_action = actions.objects.first().allowed
                    for role in roles:
                        if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
                            i = {
                                "cloudid": cloud.id,
                                "provider": "ALL",
                                "region": "ALL",
                                "allowed": allowed_action
                            }
                            roledetail.objects(id=role.id).update(
                                push__policy=i)
                        else:
                            pass
                    if user.awsname == "" or user.awsname is None:
                        user.awspublickey = username
                        user.awsprivatekey = encode_decode(password, "encode")
                        user.awsendpoint = endpoint
                        user.awsname = cloudname
                        user.save()
                    refresh_session_policies(request, request.user)
                    return True
                else:
                    return False
            else:
                cloud = tenantclouds(name=cloudname,
                                     cloud_type=cloud_type,
                                     platform=platform,
                                     cloud_meta={
                                         "publickey":
                                         username,
                                         "privatekey":
                                         encode_decode(password, "encode"),
                                         "endpoint":
                                         endpoint
                                     },
                                     tenantid=request.user.tenantid.id)
                cloud.save()

                roles = roledetail.objects(tenantid=request.user.tenantid.id)
                for role in roles:
                    if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
                        i = {
                            "cloudid":
                            cloud.id,
                            "provider": [],
                            "region": [],
                            "allowed": [
                                "Create Instance", "Delete Instance",
                                "Create KP and SG", "Delete KP and SG",
                                "Start Instance", "Stop Instance",
                                "Create Volume", "Delete Volume",
                                "Attach and  Dettach  Volume"
                            ]
                        }
                        roledetail.objects(id=role.id).update(push__policy=i)
                return True
        except Exception, e:
            messages.error(request, _(e.message))
            LOG.error(e.message)
Exemplo n.º 3
0
    def action(self, request, obj_id):
        cloud = tenantclouds.objects(id=obj_id).first()
        roles = roledetail.objects(tenantid=request.user.tenantid)
        for role in roles:
            list1 = []
            for a in role.policy:
                if (str(a.cloudid.id) == str(obj_id)):
                    pass
                else:
                    list1.append(a)
            roledetail.objects(id=role.id).update(set__policy=list1)
        user = get_user_document().objects(
            username=request.user.username).first()

        if cloud.platform == "Openstack":
            if user.openstackname == cloud.name:
                clouds = sum([[
                    y.cloudid
                    for y in i.policy if y.cloudid.platform == "Openstack"
                ] for i in user.roles], [])
                if clouds:
                    openstack_user = openstack_authenticate.authenticate(
                        user_domain_name=None,
                        username=clouds[0]["cloud_meta"]["publickey"],
                        password=encode_decode(
                            clouds[0]["cloud_meta"]["privatekey"], "decode"),
                        auth_url=clouds[0]["cloud_meta"]["endpoint"])
                    utoken = openstack_user.token
                    if utoken:
                        delete_token(user.endpoint, user.token.id)
                        otoken = trail.DocToken(
                            user=utoken.user,
                            user_domain_id=utoken.user_domain_id,
                            id=utoken.id,
                            project=utoken.project,
                            tenant=utoken.project,
                            domain=utoken.domain,
                            roles=utoken.roles,
                            serviceCatalog=utoken.serviceCatalog)
                        user.token = otoken
                        user.authorized_tenants = [
                            remove_tenants(d.__dict__)
                            for d in openstack_user.authorized_tenants
                        ]
                        user.service_catalog = openstack_user.service_catalog
                        user.services_region = openstack_user.services_region
                        user.project_name = openstack_user.project_name
                        user.tenant_name = openstack_user.tenant_name
                        user.tenant_id = openstack_user.tenant_id
                        user.project_id = openstack_user.project_id
                        user.endpoint = clouds[0]["cloud_meta"]["endpoint"] + ""
                        user.openstackname = clouds[0]["name"]
                else:
                    delete_token(user.endpoint, user.token.id)
                    user.authorized_tenants = []
                    user.service_catalog = []
                    user.services_region = None
                    user.project_name = None
                    user.tenant_name = None
                    user.tenant_id = None
                    user.project_id = None
                    user.endpoint = None
                    user.token = None
                    user.openstackname = None

        if cloud.platform == "Cnext":
            if user.cnextname == cloud.name:
                clouds = sum([[
                    y.cloudid
                    for y in i.policy if y.cloudid.platform == "Cnext"
                ] for i in user.roles], [])
                if clouds:
                    user.cnextpublickey = clouds[0]["cloud_meta"]["publickey"]
                    user.cnextprivatekey = encode_decode(
                        clouds[0]["cloud_meta"]["privatekey"], "encode")
                    user.cnextendpoint = clouds[0]["cloud_meta"]["endpoint"]
                    user.cnextname = clouds[0]["name"]
                else:
                    user.cnextpublickey = ""
                    user.cnextprivatekey = ""
                    user.cnextendpoint = ""
                    user.cnextname = ""

        if cloud.platform == "Hpcloud":
            hp_clouds = Hpclouddata.objects.all()
            for hp_cloud in hp_clouds:
                if hp_cloud.hpcloudid.id == cloud.id:
                    if hp_cloud.id == request.user.hp_attr.id:
                        clouds = sum([[
                            y.cloudid for y in i.policy
                            if y.cloudid.platform == "Hpcloud"
                        ] for i in user.roles], [])
                        if clouds:
                            hpclouds = Hpclouddata.objects.all()
                            for hpcloud in hpclouds:
                                if hpcloud.hpcloudid.id != cloud.id:
                                    user.hp_attr = hpcloud
                                    hpcloudobj = tenantclouds.objects(
                                        id=hpcloud.hpcloudid.id).first()
                                    user.hpname = hpcloudobj.name
                        else:
                            user.hp_attr = None
                            user.hpname = None
                        hp = Hpclouddata.objects(id=hp_cloud.id).first()
                        hp.delete()
                    else:
                        hp = Hpclouddata.objects(id=hp_cloud.id).first()
                        hp.delete()

        if cloud.platform == "Amazon":
            if user.awsname == cloud.name:
                clouds = sum([[
                    y.cloudid
                    for y in i.policy if y.cloudid.platform == "Amazon"
                ] for i in user.roles], [])
                if clouds:
                    user.awspublickey = clouds[0]["cloud_meta"]["publickey"]
                    user.awsprivatekey = encode_decode(
                        clouds[0]["cloud_meta"]["privatekey"], "encode")
                    user.awsendpoint = clouds[0]["cloud_meta"]["endpoint"]
                    user.awsname = clouds[0]["name"]
                else:
                    user.awspublickey = ""
                    user.awsprivatekey = ""
                    user.awsendpoint = ""
                    user.awsname = ""
        user.save()
        cloud.delete()
Exemplo n.º 4
0
 def action(self, request, obj_id):
     cloud = tenantclouds.objects(id = obj_id).first()
     roles = roledetail.objects(tenantid=request.user.tenantid)
     for role in roles:
         list1 = []
         for a in role.policy:
             if (str(a.cloudid.id) == str(obj_id)):
                 pass
             else:
                 list1.append(a)
         roledetail.objects(id=role.id).update(set__policy=list1)
     user = get_user_document().objects(username=request.user.username).first()
     
     if cloud.platform == "Openstack":
         if user.openstackname == cloud.name:
             clouds = sum([[y.cloudid for y in i.policy 
                            if y.cloudid.platform == "Openstack"] 
                           for i in user.roles], [])
             if clouds:
                 openstack_user = openstack_authenticate.authenticate(user_domain_name=None,username=clouds[0]["cloud_meta"]["publickey"],
                              password=encode_decode(clouds[0]["cloud_meta"]["privatekey"],"decode"),
                              auth_url= clouds[0]["cloud_meta"]["endpoint"])
                 utoken = openstack_user.token
                 if utoken:
                     delete_token(user.endpoint,user.token.id)
                     otoken = trail.DocToken(user=utoken.user, 
                                                 user_domain_id=utoken.user_domain_id,
                                                 id=utoken.id,
                                                 project=utoken.project,
                                                 tenant=utoken.project,
                                                 domain=utoken.domain,
                                                 roles=utoken.roles,
                                                 serviceCatalog=utoken.serviceCatalog
                                                 )
                     user.token = otoken
                     user.authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants]
                     user.service_catalog = openstack_user.service_catalog
                     user.services_region = openstack_user.services_region
                     user.project_name = openstack_user.project_name
                     user.tenant_name = openstack_user.tenant_name
                     user.tenant_id = openstack_user.tenant_id
                     user.project_id = openstack_user.project_id
                     user.endpoint = clouds[0]["cloud_meta"]["endpoint"] + ""
                     user.openstackname = clouds[0]["name"]
             else:
                 delete_token(user.endpoint,user.token.id)
                 user.authorized_tenants = []
                 user.service_catalog = []
                 user.services_region = None
                 user.project_name = None
                 user.tenant_name = None
                 user.tenant_id = None
                 user.project_id = None
                 user.endpoint = None
                 user.token = None
                 user.openstackname = None
     
     if cloud.platform =="Cnext":
         if user.cnextname == cloud.name:
             clouds = sum([[y.cloudid for y in i.policy 
                            if y.cloudid.platform == "Cnext"] 
                           for i in user.roles], [])
             if clouds:
                 user.cnextpublickey = clouds[0]["cloud_meta"]["publickey"]
                 user.cnextprivatekey = encode_decode(clouds[0]["cloud_meta"]["privatekey"],"encode")
                 user.cnextendpoint = clouds[0]["cloud_meta"]["endpoint"]
                 user.cnextname = clouds[0]["name"]
             else:
                 user.cnextpublickey = ""
                 user.cnextprivatekey = ""
                 user.cnextendpoint = ""
                 user.cnextname = ""
     
     if cloud.platform == "Hpcloud":
         hp_clouds = Hpclouddata.objects.all()
         for hp_cloud in hp_clouds:
             if hp_cloud.hpcloudid.id == cloud.id:
                 if hp_cloud.id == request.user.hp_attr.id:
                     clouds = sum([[y.cloudid for y in i.policy 
                                     if y.cloudid.platform == "Hpcloud"] 
                                     for i in user.roles], [])
                     if clouds:
                         hpclouds = Hpclouddata.objects.all()
                         for hpcloud in hpclouds:
                             if hpcloud.hpcloudid.id != cloud.id:
                                 user.hp_attr = hpcloud
                                 hpcloudobj = tenantclouds.objects(id = hpcloud.hpcloudid.id).first()
                                 user.hpname = hpcloudobj.name
                     else:
                         user.hp_attr = None
                         user.hpname = None
                     hp = Hpclouddata.objects(id = hp_cloud.id).first()
                     hp.delete()
                 else:
                     hp = Hpclouddata.objects(id = hp_cloud.id).first()
                     hp.delete()
     
     if cloud.platform =="Amazon":
         if user.awsname == cloud.name:
             clouds = sum([[y.cloudid for y in i.policy 
                            if y.cloudid.platform == "Amazon"] 
                           for i in user.roles], [])
             if clouds:
                 user.awspublickey = clouds[0]["cloud_meta"]["publickey"]
                 user.awsprivatekey = encode_decode(clouds[0]["cloud_meta"]["privatekey"],"encode")
                 user.awsendpoint = clouds[0]["cloud_meta"]["endpoint"]
                 user.awsname = clouds[0]["name"]
             else:
                 user.awspublickey = ""
                 user.awsprivatekey = ""
                 user.awsendpoint = ""
                 user.awsname = ""
     user.save()
     cloud.delete()
Exemplo n.º 5
0
 def handle(self, request, context):
     cloud_id = context.get('cloud_id', None)
     username = context.get('publickey', None)
     cloudname = context.get('cloudname', None)
     platform = context.get('platform', None)
     password = context.get('secretkey', None)
     endpoint = context.get('endpoint', None)
     cloud_type = context.get('cloud_type', None)
     if (username == '') & (password == ''):
         username = context.get('publickey', None)
         password = context.get('secretkey', None)
     get_user_document().objects(username=request.user.username).first()
     user = get_user_document().objects(username=request.user.username).first()
     try:
         if platform == "Cnext":
             httpInst = httplib2.Http()
             httpInst.add_credentials(name = username, \
                                  password = password)
             url = endpoint + "/api/instance?resourceType=vm"
             resp, body = httpInst.request(url)
             if resp.status == 200 :
                 cloud = tenantclouds(name = cloudname,cloud_type = cloud_type, 
                                     platform = platform,cloud_meta ={"publickey":username,"privatekey":encode_decode(password,"encode"),"endpoint":endpoint},
                                     tenantid=request.user.tenantid.id,
                                     cloudid=cloud_id)
                 cloud.save()
                 
                 roles = roledetail.objects(tenantid = request.user.tenantid.id)
                 allowed_action = actions.objects.first().allowed
                 for role in roles:
                     if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
                         i = {"cloudid":cloud.id,"provider":"ALL","region":"ALL","allowed": allowed_action}
                         roledetail.objects(id = role.id).update(push__policy=i)
                     else:
                         pass
                 if user.cnextname == "" or user.cnextname is None:
                     user.cnextpublickey = username
                     user.cnextprivatekey = encode_decode(password,"encode")
                     user.cnextendpoint = endpoint
                     user.cnextname = cloudname
                     user.save()
                 
                 refresh_session_policies(request, request.user)
                 return True
             else:
                 return False
         
         elif platform == "Openstack":
             openstack_user = openstack_authenticate.authenticate(user_domain_name=None,username=username,
                              password=password,
                              auth_url= endpoint)
             utoken = openstack_user.token
             if utoken:
                 cloud = tenantclouds(name = cloudname,cloud_type = cloud_type, 
                                     platform = platform,cloud_meta ={"publickey":username,"privatekey":encode_decode(password,"encode"),"endpoint":endpoint},
                                     tenantid=request.user.tenantid.id,
                                     cloudid=cloud_id)
                 cloud.save()
                 allowed_action = actions.objects.first().allowed
                 roles = roledetail.objects(tenantid = request.user.tenantid.id)
                 for role in roles:
                     if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
                         i = {"cloudid":cloud.id,"provider":"","region":"","allowed":allowed_action}
                         roledetail.objects(id = role.id).update(push__policy=i)
                 
                 if user.openstackname == "" or user.openstackname is None:
                     otoken = trail.DocToken(user=utoken.user, 
                                                 user_domain_id=utoken.user_domain_id,
                                                 id=utoken.id,
                                                 project=utoken.project,
                                                 tenant=utoken.project,
                                                 domain=utoken.domain,
                                                 roles=utoken.roles,
                                                 serviceCatalog=utoken.serviceCatalog
                                                 )
                     user.token = otoken
                     user.authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants]
                     user.service_catalog = openstack_user.service_catalog
                     user.services_region = openstack_user.services_region
                     user.project_name = openstack_user.project_name
                     user.tenant_name = openstack_user.tenant_name
                     user.tenant_id = openstack_user.tenant_id
                     user.project_id = openstack_user.project_id
                     user.endpoint = endpoint + ""
                     user.openstackname = cloudname
                     msg = _("Successfully user token created in "
                       "Mongodb.")
                     user.save() 
                     LOG.debug(msg)
                 else:
                     delete_token(endpoint,utoken.id)
                 refresh_session_policies(request, request.user)        
                 return True
             else:
                 return False
         elif platform == "Hpcloud":
             openstack_user = openstack_authenticate.authenticate(user_domain_name=None,username=username,
                              password=password,
                              auth_url= endpoint)
             utoken = openstack_user.token
             if utoken:
                 cloud = tenantclouds(name = cloudname,cloud_type = cloud_type, 
                                     platform = platform,cloud_meta ={"publickey":username,"privatekey":encode_decode(password,"encode"),"endpoint":endpoint},
                                     tenantid=request.user.tenantid.id,
                                     cloudid=cloud_id)
                 cloud.save()
                 allowed_action = actions.objects.first().allowed
                 roles = roledetail.objects(tenantid = request.user.tenantid.id)
                 for role in roles:
                     if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
                         i = {"cloudid":cloud.id,"provider":"","region":"","allowed":allowed_action}
                         roledetail.objects(id = role.id).update(push__policy=i)
     
     
                 otoken = trail.DocToken(user=utoken.user, 
                                                 user_domain_id=utoken.user_domain_id,
                                                 id=utoken.id,
                                                 project=utoken.project,
                                                 tenant=utoken.project,
                                                 domain=utoken.domain,
                                                 roles=utoken.roles,
                                                 serviceCatalog=utoken.serviceCatalog
                                                 )
                 hp = trail.Hpclouddata(token = otoken,\
                                   authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants],\
                                   service_catalog = openstack_user.service_catalog,\
                                   services_region = openstack_user.services_region,\
                                   project_name = openstack_user.project_name,\
                                   tenant_name = openstack_user.tenant_name,\
                                   tenant_id = openstack_user.tenant_id,\
                                   project_id = openstack_user.project_id,\
                                   endpoint = endpoint + "",\
                                   hpcloudid = cloud.id
                                   )
                 hp.save()
                 if user.hp_attr == "" or user.hp_attr is None:
                     user.hp_attr = hp
                     user.hpname = cloudname
                     user.save()
                 msg = _("Successfully user token created in "
                       "Mongodb.") 
                 LOG.debug(msg)        
                 refresh_session_policies(request, request.user)
                 return True
                 
             else:
                 return False
             
         elif platform == "Amazon":  
                 status = test(endpoint,username,password)
                 if status == True:                                     
                     cloud = tenantclouds(name = cloudname,cloud_type = cloud_type, 
                                         platform = platform,cloud_meta ={"publickey":username,"privatekey":encode_decode(password,"encode"),"endpoint":endpoint},
                                         tenantid=request.user.tenantid.id,
                                         cloudid=cloud_id)
                     cloud.save()
                     
                     roles = roledetail.objects(tenantid = request.user.tenantid.id)
                     allowed_action = actions.objects.first().allowed
                     for role in roles:
                         if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
                             i = {"cloudid":cloud.id,"provider":"ALL","region":"ALL","allowed": allowed_action}
                             roledetail.objects(id = role.id).update(push__policy=i)
                         else:
                             pass
                     if user.awsname == "" or user.awsname is None:
                         user.awspublickey = username
                         user.awsprivatekey = encode_decode(password,"encode")
                         user.awsendpoint = endpoint
                         user.awsname = cloudname
                         user.save()
                     refresh_session_policies(request, request.user)             
                     return True
                 else:
                     return False
         else:
             cloud = tenantclouds(name = cloudname,cloud_type = cloud_type, 
                                     platform = platform,cloud_meta ={"publickey":username,"privatekey":encode_decode(password,"encode"),"endpoint":endpoint},
                                     tenantid=request.user.tenantid.id)
             cloud.save()
             
             roles = roledetail.objects(tenantid = request.user.tenantid.id)
             for role in roles:
                 if role.roletype == "Tenant Admin" and role.name == "Tenant Admin":
                     i = {"cloudid":cloud.id,"provider":[],"region":[],"allowed":[ "Create Instance" , "Delete Instance" , "Create KP and SG" , "Delete KP and SG" , "Start Instance" , "Stop Instance" , "Create Volume" , "Delete Volume" , "Attach and  Dettach  Volume"]}
                     roledetail.objects(id = role.id).update(push__policy=i)
             return True
     except Exception,e:
         messages.error(request,_(e.message))
         LOG.error(e.message)  
Exemplo n.º 6
0
   def handle(self, request, context):
       id = context.get('id', None) 
       username = context.get('username', None)
       cloudname = context.get('cloudname', None)
       password = context.get('password', None)
       endpoint = context.get('endpoint', None)
       if (username == '') & (password == ''):
           username = context.get('publickey', None)
           password = context.get('secretkey', None)
       try:
           user = get_user_document().objects(username=request.user.username).first()
           cloud = tenantclouds.objects(id = id).first()
           if cloud.platform =="Amazon":
               status = test(endpoint,username,password)
               if status == True:
                   if user.awsname == cloud.name:
                       user.awspublickey = username
                       user.awsprivatekey = trail.encode_decode(password,"encode")
                       user.awsendpoint = endpoint
                       user.awsname = cloudname
               else:
                   return False
           if cloud.platform =="Cnext":
               httpInst = httplib2.Http()
               httpInst.add_credentials(name = username, \
                                    password = password)
               url = endpoint + ":8130/apiv2/instance"   
               resp, body = httpInst.request(url)
               if resp.status == 200 :
                   if user.cnextname == cloud.name:
                       user.cnextpublickey = username
                       user.cnextprivatekey = trail.encode_decode(password,"encode")
                       user.cnextendpoint = endpoint
                       user.cnextname = cloudname
               else:
                   return False
           if cloud.platform =="Hpcloud":
               openstack_user = openstack_authenticate.authenticate(user_domain_name=None,username=username,
                                password=password,
                                auth_url= endpoint)
               utoken = openstack_user.token
               if utoken:
                   hp = Hpclouddata.objects(id = request.user.hp_attr.id).first()
                   hpcloud = tenantclouds.objects(id = hp.hpcloudid.id).first()
                   if hpcloud.name == cloud.name:
                       otoken = trail.DocToken(user=utoken.user, 
                                                   user_domain_id=utoken.user_domain_id,
                                                   id=utoken.id,
                                                   project=utoken.project,
                                                   tenant=utoken.project,
                                                   domain=utoken.domain,
                                                   roles=utoken.roles,
                                                   serviceCatalog=utoken.serviceCatalog
                                                   )
                       hp.token = otoken
                       hp.authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants]
                       hp.service_catalog = openstack_user.service_catalog
                       hp.services_region = openstack_user.services_region
                       hp.project_name = openstack_user.project_name
                       hp.tenant_name = openstack_user.tenant_name
                       hp.tenant_id = openstack_user.tenant_id
                       hp.project_id = openstack_user.project_id
                       hp.endpoint = endpoint
                       hp.save()
                       user.hpname = cloudname
               else:
                   return False
           if cloud.platform =="Openstack":
               openstack_user = openstack_authenticate.authenticate(user_domain_name=None,username=username,
                                password=password,
                                auth_url= endpoint)
               utoken = openstack_user.token
               if utoken:
                   if user.openstackname == cloud.name:
                       delete_token(user.endpoint,user.token.id)
                       otoken = trail.DocToken(user=utoken.user, 
                                                   user_domain_id=utoken.user_domain_id,
                                                   id=utoken.id,
                                                   project=utoken.project,
                                                   tenant=utoken.project,
                                                   domain=utoken.domain,
                                                   roles=utoken.roles,
                                                   serviceCatalog=utoken.serviceCatalog
                                                   )
                       user.token = otoken
                       user.authorized_tenants = [remove_tenants(d.__dict__) for d in openstack_user.authorized_tenants]
                       user.service_catalog = openstack_user.service_catalog
                       user.services_region = openstack_user.services_region
                       user.project_name = openstack_user.project_name
                       user.tenant_name = openstack_user.tenant_name
                       user.tenant_id = openstack_user.tenant_id
                       user.project_id = openstack_user.project_id
                       user.endpoint = endpoint + ""
                       user.openstackname = cloudname
                   else:
                       delete_token(endpoint,utoken.id)
               else:
                   return False
           clouds = tenantclouds.objects(id = id).update(set__name = cloudname,set__cloud_meta ={"publickey":username,"privatekey":trail.encode_decode(password,"encode"),"endpoint":endpoint})
           user.save()
           refresh_session_policies(request, request.user)
           return True
 
       except Exception,e:
           messages.error(request,_(e.message))
           LOG.error(e.message)