def create_role(self, admin_token, role):
self.__validate_service_or_keystone_admin_token(admin_token)
if not isinstance(role, Role):
raise fault.BadRequestFault("Expecting a Role")
if not role.name:
raise fault.BadRequestFault("Expecting a Role name")
if api.ROLE.get(role.name) != None:
raise fault.RoleConflictFault("A role with that name '" +
role.name + "' already exists")
#Check if the passed service exist
#and the role begins with service_id:.
if role.service_id:
service = api.SERVICE.get(role.service_id)
if service is None:
raise fault.BadRequestFault(
"A service with that id doesnt exist.")
if not role.name.startswith(service.name + ":"):
raise fault.BadRequestFault(
"Role should begin with service name '" + service.name +
":'")
drole = models.Role()
drole.name = role.name
drole.desc = role.description
drole.service_id = role.service_id
drole = api.ROLE.create(drole)
role.id = drole.id
return role
def add_role(name):
obj = db_models.Role()
obj.name = name
role = db_api.ROLE.create(obj)
return role