def handle(self, request, data):
try:
tenantadmin_roleid, default_roleid = check_and_get_roleids(request)
usr_and_prj = data['requestid'].split(':')
with transaction.atomic():
q_args = {
'registration__regid' : int(usr_and_prj[0]),
'project__projectname' : usr_and_prj[1]
}
prj_req = PrjRequest.objects.filter(**q_args)[0]
project_name = prj_req.project.projectname
project_id = prj_req.project.projectid
user_name = prj_req.registration.username
user_id = prj_req.registration.userid
#
# clear request
#
prj_req.delete()
#
# send notification to project managers and users
#
user_email = keystone_api.user_get(request, user_id).email
prjman_list = get_project_managers(request, project_id)
noti_params = {
'username' : user_name,
'project' : project_name,
'notes' : data['reason']
}
noti_sbj, noti_body = notification_render(SUBSCR_FORCED_NO_TYPE, noti_params)
notifyUsers([ pman.email for pman in prjman_list ], noti_sbj, noti_body)
noti_sbj, noti_body = notification_render(SUBSCR_NO_TYPE, noti_params)
notifyUsers(user_email, noti_sbj, noti_body)
except:
LOG.error("Error forced-checking request", exc_info=True)
messages.error(request, _("Cannot forced check request"))
return False
return True
def delete(self, request, obj_id):
tenant_ref = None
tenants, dummy = keystone_api.tenant_list(request, user=obj_id)
for tmpten in tenants:
tenant_managers = get_project_managers(request, tmpten.id)
if len(tenant_managers) == 1 and tenant_managers[0].id == obj_id:
tenant_ref = tmpten.name
if tenant_ref:
failure = AuthorizationFailure()
failure._safe_message=_("Cannot delete unique admin for %s") % tenant_ref
raise failure
else:
with transaction.atomic():
Registration.objects.filter(userid=obj_id).delete()
super(DeleteUsersAction, self).delete(request, obj_id)
def handle(self, request, data):
if not data['username']:
messages.error(request, _("Cannot process request: missing username"))
return False
try:
tenantadmin_roleid, default_roleid = check_and_get_roleids(request)
with transaction.atomic():
registration = Registration.objects.get(regid=int(data['regid']))
reg_request = RegRequest.objects.filter(registration=registration)[0]
prjReqList = PrjRequest.objects.filter(registration=registration)
password = reg_request.password
if not password:
password = generate_pwd()
user_email = reg_request.email
#
# Mapping of external accounts
#
if reg_request.externalid:
mapping = UserMapping(globaluser=reg_request.externalid,
registration=reg_request.registration)
mapping.save()
LOG.info("Registered external account %s" % reg_request.externalid)
#
# Forward request to project administrators
#
q_args = {
'project__projectid__isnull' : False,
'flowstatus' : PSTATUS_REG
}
prjReqList.filter(**q_args).update(flowstatus=PSTATUS_PENDING)
#
# Creation of new tenants
#
new_prj_list = list()
q_args = {
'project__projectid__isnull' : True,
'flowstatus' : PSTATUS_REG
}
for p_reqs in prjReqList.filter(**q_args):
kprj = keystone_api.tenant_create(request, p_reqs.project.projectname,
p_reqs.project.description, True)
p_reqs.project.projectid = kprj.id
p_reqs.project.save()
new_prj_list.append(p_reqs.project)
LOG.info("Created tenant %s" % p_reqs.project.projectname)
#
# User creation
#
if not registration.userid:
kuser = keystone_api.user_create(request,
name=registration.username,
password=password,
email=user_email,
enabled=True)
registration.username = data['username']
registration.expdate = self.expiration
registration.userid = kuser.id
registration.save()
LOG.info("Created user %s" % registration.username)
#
# The new user is the project manager of its tenant
# register the expiration date per tenant
#
for prj_item in new_prj_list:
expiration = Expiration()
expiration.registration = registration
expiration.project = prj_item
expiration.expdate = self.expiration
expiration.save()
keystone_api.add_tenant_user_role(request, prj_item.projectid,
registration.userid, tenantadmin_roleid)
#
# Send notifications to project administrators and users
#
for p_item in prjReqList.filter(flowstatus=PSTATUS_PENDING):
m_users = get_project_managers(request, p_item.project.projectid)
m_emails = [ usr.email for usr in m_users ]
noti_params = {
'username' : data['username'],
'project' : p_item.project.projectname
}
noti_sbj, noti_body = notification_render(SUBSCR_WAIT_TYPE, noti_params)
notifyUsers(m_emails, noti_sbj, noti_body)
n2_params = {
'project' : p_item.project.projectname,
'prjadmins' : m_emails
}
noti_sbj, noti_body = notification_render(SUBSCR_ONGOING, n2_params)
notifyUsers(user_email, noti_sbj, noti_body)
newprj_reqs = prjReqList.filter(flowstatus=PSTATUS_REG)
for p_item in newprj_reqs:
noti_params = {
'username' : p_item.registration.username,
'project' : p_item.project.projectname,
'guestmode' : False
}
noti_sbj, noti_body = notification_render(FIRST_REG_OK_TYPE, noti_params)
notifyUsers(user_email, noti_sbj, noti_body)
#
# cache cleanup
#
newprj_reqs.delete()
reg_request.delete()
except:
LOG.error("Error pre-checking request", exc_info=True)
messages.error(request, _("Cannot pre-check request"))
return False
return True
