def test_user_endpoint_as_admin(self): user, password = '******', 'p@ssw0rd' auth._client_set(user, password, tenant_name='test_default_tenant') \ .AndReturn('FAKE_CLIENT_SET') auth.admin_role_id('FAKE_CLIENT_SET').AndReturn('AR_ID') auth.current_user_id().AndReturn('FAKE_UID') self.mox.ReplayAll() rv = self.app.test_client().get( '/hello', headers={'Authorization': _basic_auth(user, password)}) self.assertEquals(rv.status_code, 200, rv.data)
def test_user_endpoint_as_admin(self): user, password = '******', 'p@ssw0rd' auth._client_set(user, password, tenant_name='test_default_tenant') \ .AndReturn('FAKE_CLIENT_SET') auth.admin_role_id('FAKE_CLIENT_SET').AndReturn('AR_ID') auth.current_user_id().AndReturn('FAKE_UID') self.mox.ReplayAll() rv = self.app.test_client().get( '/hello', headers={'Authorization': _basic_auth(user, password)} ) self.assertEquals(rv.status_code, 200, rv.data)
def _user_is_visible(user, admin_mode): if admin_mode or user.id == auth.current_user_id(): return True try: user_projects = set( (role.tenant.get('id') for role in user.list_roles())) user_projects.intersection_update(auth.current_user_project_ids()) return len(user_projects) > 0 except osc_exc.HttpException: return False
def delete_users_ssh_key(user_id, key_name): if user_id != auth.current_user_id(): auth.assert_admin() mgr = auth.admin_client_set().compute_ext.user_keypairs try: mgr.delete(user_id, key_name) except osc_exc.NotFound: abort(404) return make_json_response(None, 204)
def _user_is_visible(user, admin_mode): if admin_mode or user.id == auth.current_user_id(): return True try: user_projects = set((role.tenant.get('id') for role in user.list_roles())) user_projects.intersection_update(auth.current_user_project_ids()) return len(user_projects) > 0 except osc_exc.HttpException: return False
def create_users_ssh_key(user_id): data = parse_request_data(required=_SCHEMA.required) if user_id != auth.current_user_id(): auth.assert_admin() fetch_user(user_id, g.is_admin) # check that user exists and is visible mgr = auth.admin_client_set().compute_ext.user_keypairs try: kp = mgr.create(user_id, data['name'], data['public-key']) except osc_exc.BadRequest, e: raise exc.InvalidRequest(str(e))
def remove_project_user(project_id, user_id): tenant = get_tenant(project_id) if user_id != current_user_id(): assert_admin() try: user_mgr = admin_client_set().identity_admin.users roles = user_mgr.list_roles(user_id, project_id) except osc_exc.NotFound: abort(404) if not roles: abort(404) # user was not member of the project for role in roles: try: tenant.remove_user(user_id, role.id) except osc_exc.NotFound: pass # already deleted by someone else return make_json_response(None, status_code=204)
def get_current_user(): """Current user resource shortcut""" return get_user(current_user_id())
def current_user_(): return auth.current_user_id()
def test_current_user_id(self): self.mox.ReplayAll() self.fake_client_set.http_client.access['user'] = {'id': 'THE_UID'} with self.app.test_request_context(): self.install_fake_auth() self.assertEquals('THE_UID', auth.current_user_id())
def test_current_user_id(self): self.mox.ReplayAll() self.fake_client_set.http_client.access['user'] = { 'id' : 'THE_UID' } with self.app.test_request_context(): self.install_fake_auth() self.assertEquals('THE_UID', auth.current_user_id())