def list_user_tenants_role(user_id, is_admin=True): db = dbpools.get_keystone() admin_tenant = yield get_admin_tenant_id() try: cur = yield db.execute( "select actor_id as user ,target_id as tenant , role_id as role from assignment where target_id != %s and actor_id = %s ", ( admin_tenant, user_id, )) user_tenants = cur.fetchall() result = [] for item in user_tenants: role = str(item['role']) item['role'] = yield get_role_by_id(role) if is_admin: if role == get_role_by_name( CONF.identify.internal_tenant_admin_role): result.append(item) else: result.append(item) except Exception: LOG.error("list tenant role error user id is %s", user_id) raise gen.Return(result)
def get_user_by_name(name): try: pool = dbpools.get_keystone() sql = 'select id,`name`,extra from user where name = %s ' cur = yield pool.execute(sql, (name, )) user = cur.fetchone() if user: extra = json.loads(user["extra"]) ##获取数据库中的字符串,解析成为字典 user.pop("extra") user["displayname"] = extra.get("displayname") except Exception, e: LOG.error("get user by name %s error %s", name, e)
def update_tenant(self, tenant_id, body): tenant = yield identify.get_tenant_by_id(tenant_id) if not tenant: raise TenantNotExist db = dbpools.get_keystone() cur = yield db.execute("select name from project where id = %s ", (tenant_id, )) old_tenant_name = cur.fetchone() t = yield identify.update_tenant(tenant_id, **body) optLog.write(self.request, Type.TENANT, old_tenant_name['name'], Operator.UPDATE, t['name']) self.response(Response(result=t))
def f(): db = dbpools.get_keystone() try: # cur = yield db.execute("select a.id,a.name,a.description,b.count from project as a ," # "(select target_id, count(*)-1 count from assignment where target_id = %s) as b " # "where a.id = b.target_id", (tenant_id,)) cur = yield db.execute( "select a.id,a.name,a.description,b.count " "from (SELECT id,description,name from project WHERE id=%s) a " "LEFT JOIN (select target_id, count(*)-1 count from assignment where target_id=%s) b " "on a.id = b.target_id", (tenant_id, tenant_id)) tenant = cur.fetchone() except openstack.OpenStackException, e: LOG.error("get tenants failed: %s", (e.message, )) raise TenantOperationFailed()
def __list_users_admin_role(): db = dbpools.get_keystone() admin_tenant_id = yield openstack.get_admin_tenant_id() try: cur = yield db.execute( "select actor_id as user ,target_id as tenant , role_id as role from assignment where target_id = %s ", (admin_tenant_id, )) user_tenant_role = cur.fetchall() user_role = {} for item in user_tenant_role: user_role[item['user']] = yield openstack.get_role_by_id( item['role']) except Exception: raise QueryUserTenantRoleFailed raise gen.Return(user_role)
def get_user_role(user_id, tenant_id=None): db = dbpools.get_keystone() if not tenant_id: tenant_id = yield openstack.get_admin_tenant_id() try: cur = yield db.execute( "select role_id as role from assignment where actor_id = %s and target_id = %s ", ( user_id, tenant_id, )) user_role = cur.fetchone() role = {} if user_role: role['id'] = user_role.get("role") role_name = yield openstack.get_role_by_id(user_role.get("role")) role['name'] = role_name.get("name") except Exception: raise QueryUserTenantRoleFailed raise gen.Return(role)
def del_expires_token(): yield dbpools.execute_commit( dbpools.get_keystone(), "delete from token where expires < utc_timestamp() limit 1000" )