示例#1
0
 def test_add_token(self):
     data = {
         'token': 'Test token',
         'user': '******',
         'tenant': 'Test tenant',
         'expires': '20120104T18:30',
         }
     manage_api.add_token(**data)
     result = manage_api.list_tokens()
     user = db_api.USER.get_by_name(data['user'])
     tenant = db_api.TENANT.get_by_name(data['tenant'])
     self.assertEqual(result, [[data['token'], user['id'],
                                datetime.datetime(2012, 1, 4, 18, 30),
                                tenant['id']]])
示例#2
0
文件: __init__.py 项目: pvo/keystone
def process(*args):
    """
    Usage: keystone-manage [options] type command [id [attributes]]
      type       : role, tenant, user, token, endpoint, endpointTemplates
      command    : add, list, disable, delete, grant, revoke
      id         : name or id
      attributes : depending on type...
        users    : password, tenant
        tokens   : user, tenant, expiration

      role list [tenant] will list roles granted on that tenant

    options
      -c | --config-file : config file to use
      -d | --debug : debug mode

    Example: keystone-manage user add Admin P@ssw0rd
    """
    # Check arguments
    if len(args) == 0:
        raise optparse.OptParseError(
            'No obj type specified for first argument')

    object_type = args[0]
    if object_type not in ['user', 'tenant', 'role', 'service',
            'endpointTemplates', 'token', 'endpoint', 'credentials']:
        raise optparse.OptParseError(
            '%s is not a supported obj type' % object_type)

    if len(args) == 1:
        raise optparse.OptParseError(
            'No command specified for second argument')
    command = args[1]
    if command not in ['add', 'list', 'disable', 'delete', 'grant', 'revoke']:
        raise optparse.OptParseError('add, disable, delete, and list are the '
            'only supported commands (right now)')

    if len(args) == 2:
        if command != 'list':
            raise optparse.OptParseError('No id specified for third argument')
    if len(args) > 2:
        object_id = args[2]

    # Helper functions

    def require_args(args, min, msg):
        """Ensure there are at least `min` arguments"""
        if len(args) < min:
            raise optparse.OptParseError(msg)

    optional_arg = (lambda args, x: len(args) > x and args[x] or None)

    def print_table(header_row, rows):
        """Prints a lists of lists as table in a human readable format"""
        print "\t".join(header_row)
        print '-' * 79
        rows = [[str(col) for col in row] for row in rows]
        print "\n".join(["\t".join(row) for row in rows])

    # Execute command

    if (object_type, command) == ('user', 'add'):
        require_args(args, 4, 'No password specified for fourth argument')
        if api.add_user(name=object_id, password=args[3],
                tenant=optional_arg(args, 4)):
            print "SUCCESS: User %s created." % object_id

    elif (object_type, command) == ('user', 'disable'):
        if api.disable_user(name=object_id):
            print "SUCCESS: User %s disabled." % object_id

    elif (object_type, command) == ('user', 'list'):
        print_table(('id', 'name', 'enabled', 'tenant'), api.list_users())

    elif (object_type, command) == ('tenant', 'add'):
        if api.add_tenant(name=object_id):
            print "SUCCESS: Tenant %s created." % object_id

    elif (object_type, command) == ('tenant', 'list'):
        print_table(('id', 'name', 'enabled'), api.list_tenants())

    elif (object_type, command) == ('tenant', 'disable'):
        if api.disable_tenant(name=object_id):
            print "SUCCESS: Tenant %s disabled." % object_id

    elif (object_type, command) == ('role', 'add'):
        if api.add_role(name=object_id):
            print "SUCCESS: Role %s created successfully." % object_id

    elif (object_type, command) == ('role', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            # print with users
            print 'Role assignments for tenant %s' % tenant
            print_table(('User', 'Role'), api.list_roles(tenant=tenant))
        else:
            # print without tenants
            print_table(('id', 'name'), api.list_roles())

    elif (object_type, command) == ('role', 'grant'):
        require_args(args, 4, "Missing arguments: role grant 'role' 'user' "
            "'tenant (optional)'")
        tenant = optional_arg(args, 4)
        if api.grant_role(object_id, args[3], tenant):
            print("SUCCESS: Granted %s the %s role on %s." %
                (object_id, args[3], tenant))

    elif (object_type, command) == ('endpointTemplates', 'add'):
        require_args(args, 9, "Missing arguments: endpointTemplates add "
            "'region' 'service' 'publicURL' 'adminURL' 'internalURL' "
            "'enabled' 'global'")
        if api.add_endpoint_template(region=args[2], service=args[3],
                public_url=args[4], admin_url=args[5], internal_url=args[6],
                enabled=args[7], is_global=args[8]):
            print("SUCCESS: Created EndpointTemplates for %s pointing to %s." %
                (args[3], args[4]))

    elif (object_type, command) == ('endpointTemplates', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            print 'Endpoints for tenant %s' % tenant
            print_table(('service', 'region', 'Public URL'),
                api.list_tenant_endpoints())
        else:
            print 'All EndpointTemplates'
            print_table(('service', 'region', 'Public URL'),
                api.list_endpoint_templates())

    elif (object_type, command) == ('endpoint', 'add'):
        require_args(args, 4, "Missing arguments: endPoint add tenant "
            "endPointTemplate")
        if api.add_endpoint(tenant=args[2], endpoint_template=args[3]):
            print("SUCCESS: Endpoint %s added to tenant %s." %
                (args[3], args[2]))

    elif (object_type, command) == ('token', 'add'):
        require_args(args, 6, 'Creating a token requires a token id, user, '
            'tenant, and expiration')
        if api.add_token(token=object_id, user=args[3], tenant=args[4],
                expires=args[5]):
            print "SUCCESS: Token %s created." % (object_id,)

    elif (object_type, command) == ('token', 'list'):
        print_table(('token', 'user', 'expiration', 'tenant'),
            api.list_tokens())

    elif (object_type, command) == ('token', 'delete'):
        if api.delete_token(token=object_id):
            print 'SUCCESS: Token %s deleted.' % (object_id,)

    elif (object_type, command) == ('service', 'add'):
        require_args(args, 4, "Missing arguments: service add name "
            "type")
        type = optional_arg(args, 3)
        desc = optional_arg(args, 4)
        if api.add_service(name=object_id, type=type, desc=desc):
            print "SUCCESS: Service %s created successfully." % (object_id,)

    elif (object_type, command) == ('service', 'list'):
        print_table(('id', 'name', 'type'), api.list_services())

    elif (object_type, command) == ('credentials', 'add'):
        require_args(args, 6, 'Creating a credentials requires a type, key, '
            'secret, and tenant_id (id is user_id)')
        if api.add_credentials(user=object_id, type=args[3], key=args[4],
                secrete=args[5], tenant=optional_arg(args, 6)):
            print "SUCCESS: Credentials %s created." % object_id

    else:
        # Command not handled
        print ("ERROR: unrecognized command %s %s" % (object_type, command))
示例#3
0
def process(*args):
    # Check arguments
    if len(args) == 0:
        raise optparse.OptParseError(OBJECT_NOT_SPECIFIED)
    else:
        object_type = args[0]
        if object_type not in OBJECTS:
            raise optparse.OptParseError(SUPPORTED_OBJECTS)

    if len(args) == 1:
        raise optparse.OptParseError(ACTION_NOT_SPECIFIED)
    else:
        action = args[1]
        if action not in ACTIONS:
            raise optparse.OptParseError(SUPPORTED_ACTIONS)

    if len(args) == 2 and action not in ['list']:
        raise optparse.OptParseError(ID_NOT_SPECIFIED)
    else:
        object_id = args[2]

    # Helper functions

    def require_args(args, min, msg):
        """Ensure there are at least `min` arguments"""
        if len(args) < min:
            raise optparse.OptParseError(msg)

    optional_arg = (lambda args, x: len(args) > x and args[x] or None)

    def print_table(header_row, rows):
        """Prints a lists of lists as table in a human readable format"""
        print "\t".join(header_row)
        print '-' * 79
        rows = [[str(col) for col in row] for row in rows]
        print "\n".join(["\t".join(row) for row in rows])

    # Execute command
    if (object_type, action) == ('user', 'add'):
        require_args(args, 4, 'No password specified for fourth argument')
        if api.add_user(name=object_id, password=args[3],
                tenant=optional_arg(args, 4)):
            print "SUCCESS: User %s created." % object_id

    elif (object_type, action) == ('user', 'list'):
        print_table(('id', 'name', 'enabled', 'tenant'), api.list_users())

    elif (object_type, action) == ('user', 'disable'):
        if api.disable_user(name=object_id):
            print "SUCCESS: User %s disabled." % object_id

    elif object_type == 'user':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('users'))

    elif (object_type, action) == ('tenant', 'add'):
        if api.add_tenant(name=object_id):
            print "SUCCESS: Tenant %s created." % object_id

    elif (object_type, action) == ('tenant', 'list'):
        print_table(('id', 'name', 'enabled'), api.list_tenants())

    elif (object_type, action) == ('tenant', 'disable'):
        if api.disable_tenant(name=object_id):
            print "SUCCESS: Tenant %s disabled." % object_id

    elif object_type == 'tenant':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tenants'))

    elif (object_type, action) == ('role', 'add'):
        if api.add_role(name=object_id):
            print "SUCCESS: Role %s created successfully." % object_id

    elif (object_type, action) == ('role', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            # print with users
            print 'Role assignments for tenant %s' % tenant
            print_table(('User', 'Role'), api.list_roles(tenant=tenant))
        else:
            # print without tenants
            print_table(('id', 'name'), api.list_roles())

    elif (object_type, action) == ('role', 'grant'):
        require_args(args, 4, "Missing arguments: role grant 'role' 'user' "
            "'tenant (optional)'")
        tenant = optional_arg(args, 4)
        if api.grant_role(object_id, args[3], tenant):
            print("SUCCESS: Granted %s the %s role on %s." %
                (object_id, args[3], tenant))

    elif object_type == 'role':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('roles'))

    elif (object_type, action) == ('endpointTemplates', 'add'):
        require_args(args, 9, "Missing arguments: endpointTemplates add "
            "'region' 'service' 'publicURL' 'adminURL' 'internalURL' "
            "'enabled' 'global'")
        if api.add_endpoint_template(region=args[2], service=args[3],
                public_url=args[4], admin_url=args[5], internal_url=args[6],
                enabled=args[7], is_global=args[8]):
            print("SUCCESS: Created EndpointTemplates for %s pointing to %s." %
                (args[3], args[4]))

    elif (object_type, action) == ('endpointTemplates', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            print 'Endpoints for tenant %s' % tenant
            print_table(('service', 'region', 'Public URL'),
                api.list_tenant_endpoints())
        else:
            print 'All EndpointTemplates'
            print_table(('service', 'region', 'Public URL'),
                api.list_endpoint_templates())

    elif object_type == 'endpointTemplates':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % (
            'endpointTemplates'))

    elif (object_type, action) == ('endpoint', 'add'):
        require_args(args, 4, "Missing arguments: endPoint add tenant "
            "endPointTemplate")
        if api.add_endpoint(tenant=args[2], endpoint_template=args[3]):
            print("SUCCESS: Endpoint %s added to tenant %s." %
                (args[3], args[2]))

    elif object_type == 'endpoint':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('endpoints'))

    elif (object_type, action) == ('token', 'add'):
        require_args(args, 6, 'Creating a token requires a token id, user, '
            'tenant, and expiration')
        if api.add_token(token=object_id, user=args[3], tenant=args[4],
                expires=args[5]):
            print "SUCCESS: Token %s created." % (object_id,)

    elif (object_type, action) == ('token', 'list'):
        print_table(('token', 'user', 'expiration', 'tenant'),
            api.list_tokens())

    elif (object_type, action) == ('token', 'delete'):
        if api.delete_token(token=object_id):
            print 'SUCCESS: Token %s deleted.' % (object_id,)

    elif object_type == 'token':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tokens'))

    elif (object_type, action) == ('service', 'add'):
        require_args(args, 4, "Missing arguments: service add name "
            "type")
        type = optional_arg(args, 3)
        desc = optional_arg(args, 4)
        if api.add_service(name=object_id, type=type, desc=desc):
            print "SUCCESS: Service %s created successfully." % (object_id,)

    elif (object_type, action) == ('service', 'list'):
        print_table(('id', 'name', 'type'), api.list_services())

    elif object_type == 'service':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('services'))

    elif (object_type, action) == ('credentials', 'add'):
        require_args(args, 6, 'Creating a credentials requires a type, key, '
            'secret, and tenant_id (id is user_id)')
        if api.add_credentials(user=object_id, type=args[3], key=args[4],
                secrete=args[5], tenant=optional_arg(args, 6)):
            print "SUCCESS: Credentials %s created." % object_id

    elif object_type == 'credentials':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('credentials'))

    else:
        # Command recognized but not handled: should never reach this
        raise NotImplementedError()
示例#4
0
def process(*args):
    # Check arguments
    if len(args) == 0:
        raise optparse.OptParseError(OBJECT_NOT_SPECIFIED)
    else:
        object_type = args[0]
        if object_type not in OBJECTS:
            raise optparse.OptParseError(SUPPORTED_OBJECTS)

    if len(args) == 1:
        raise optparse.OptParseError(ACTION_NOT_SPECIFIED)
    else:
        action = args[1]
        if action not in ACTIONS:
            raise optparse.OptParseError(SUPPORTED_ACTIONS)

    if action not in ['list', 'sync', 'version_control', 'version']:
        if len(args) == 2:
            raise optparse.OptParseError(ID_NOT_SPECIFIED)
        else:
            object_id = args[2]

    # Helper functions
    def require_args(args, min, msg):
        """Ensure there are at least `min` arguments"""
        if len(args) < min:
            raise optparse.OptParseError(msg)

    optional_arg = (lambda args, x:
        len(args) > x and str(args[x]).strip() or None)

    if object_type == 'database':
        options = get_options(args)

    # Execute command
    if (object_type, action) == ('user', 'add'):
        require_args(args, 4, 'No password specified for fourth argument')
        if api.add_user(name=object_id, password=args[3],
                tenant=optional_arg(args, 4)):
            print ("SUCCESS: User %s created." % object_id)

    elif (object_type, action) == ('user', 'list'):
        print (Table('Users', ['id', 'name', 'enabled', 'tenant'],
                     api.list_users()))

    elif (object_type, action) == ('user', 'disable'):
        if api.disable_user(name=object_id):
            print ("SUCCESS: User %s disabled." % object_id)

    elif object_type == 'user':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('users'))

    elif (object_type, action) == ('tenant', 'add'):
        if api.add_tenant(name=object_id):
            print ("SUCCESS: Tenant %s created." % object_id)

    elif (object_type, action) == ('tenant', 'list'):
        print Table('Tenants', ['id', 'name', 'enabled'], api.list_tenants())

    elif (object_type, action) == ('tenant', 'disable'):
        if api.disable_tenant(name=object_id):
            print ("SUCCESS: Tenant %s disabled." % object_id)

    elif object_type == 'tenant':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tenants'))

    elif (object_type, action) == ('role', 'add'):
        if api.add_role(name=object_id, service_name=optional_arg(args, 3)):
            print ("SUCCESS: Role %s created successfully." % object_id)

    elif (object_type, action) == ('role', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            # print with users
            print (Table('Role assignments for tenant %s' %
                         tenant, ['User', 'Role'],
                         api.list_roles(tenant=tenant)))
        else:
            # print without tenants
            print (Table('Roles', ['id', 'name', 'service_id', 'description'],
                         api.list_roles()))

    elif (object_type, action) == ('role', 'grant'):
        require_args(args, 4, "Missing arguments: role grant 'role' 'user' "
            "'tenant (optional)'")
        tenant = optional_arg(args, 4)
        if api.grant_role(object_id, args[3], tenant):
            print ("SUCCESS: Granted %s the %s role on %s." %
                (args[3], object_id, tenant))

    elif object_type == 'role':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('roles'))

    elif (object_type, action) == ('endpointTemplates', 'add'):
        require_args(args, 9, "Missing arguments: endpointTemplates add "
            "'region' 'service_name' 'publicURL' 'adminURL' 'internalURL' "
            "'enabled' 'global'")
        version_id = optional_arg(args, 9)
        version_list = optional_arg(args, 10)
        version_info = optional_arg(args, 11)
        if api.add_endpoint_template(region=args[2], service=args[3],
                public_url=args[4], admin_url=args[5], internal_url=args[6],
                enabled=args[7], is_global=args[8],
                version_id=version_id, version_list=version_list,
                version_info=version_info):
            print ("SUCCESS: Created EndpointTemplates for %s "
                                   "pointing to %s." % (args[3], args[4]))

    elif (object_type, action) == ('endpointTemplates', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            print Table('Endpoints for tenant %s' % tenant,
                        ['id', 'service', 'region', 'Public URL'],
                        api.list_tenant_endpoints(tenant))
        else:
            print Table('All EndpointTemplates', ['id', 'service', 'type',
                        'region', 'enabled', 'is_global', 'Public URL',
                        'Admin URL'],
                api.list_endpoint_templates())

    elif (object_type, action) == ('endpoint', 'add'):
        require_args(args, 4, "Missing arguments: endPoint add tenant "
            "endPointTemplate")
        if api.add_endpoint(tenant=args[2], endpoint_template=args[3]):
            print ("SUCCESS: Endpoint %s added to tenant %s." %
                (args[3], args[2]))

    elif object_type == 'endpoint':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('endpoints'))

    elif (object_type, action) == ('token', 'add'):
        require_args(args, 6, 'Creating a token requires a token id, user, '
            'tenant, and expiration')
        if api.add_token(token=object_id, user=args[3], tenant=args[4],
                expires=args[5]):
            print ("SUCCESS: Token %s created." % object_id)

    elif (object_type, action) == ('token', 'list'):
        print Table('Tokens', ('token', 'user', 'expiration', 'tenant'),
            api.list_tokens())

    elif (object_type, action) == ('token', 'delete'):
        if api.delete_token(token=object_id):
            print ('SUCCESS: Token %s deleted.' % (object_id,))

    elif object_type == 'token':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tokens'))

    elif (object_type, action) == ('service', 'add'):
        require_args(args, 4, "Missing arguments: service add <name> " \
                     "[type] [desc] [owner_id]"
            "type")
        type = optional_arg(args, 3)
        desc = optional_arg(args, 4)
        owner_id = optional_arg(args, 5)

        if api.add_service(name=object_id, type=type, desc=desc,
                           owner_id=owner_id):
            print ("SUCCESS: Service %s created successfully."
                                   % (object_id,))

    elif (object_type, action) == ('service', 'list'):
        print (Table('Services', ('id', 'name', 'type', 'owner_id',
                                  'description'), api.list_services()))

    elif object_type == 'service':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('services'))

    elif (object_type, action) == ('credentials', 'add'):
        require_args(args, 6, 'Creating a credentials requires a type, key, '
            'secret, and tenant_id (id is user_id)')
        if api.add_credentials(user=object_id, type=args[3], key=args[4],
                secrete=args[5], tenant=optional_arg(args, 6)):
            print ("SUCCESS: Credentials %s created." %
                                   (object_id,))

    elif object_type == 'credentials':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('credentials'))

    elif (object_type, action) == ('database', 'sync'):
        require_args(args, 1, 'Syncing database requires a version #')
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_sync(options['keystone.backends.sqlalchemy'],
                                 args)
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    elif (object_type, action) == ('database', 'upgrade'):
        require_args(args, 1, 'Upgrading database requires a version #')
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_upgrade(options['keystone.backends.sqlalchemy'],
                                 args)
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    elif (object_type, action) == ('database', 'downgrade'):
        require_args(args, 1, 'Downgrading database requires a version #')
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_downgrade(options['keystone.backends.sqlalchemy'],
                                 args)
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    elif (object_type, action) == ('database', 'version_control'):
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_version_control(options['keystone.backends.sqlalchemy'])
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    elif (object_type, action) == ('database', 'version'):
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_version(options['keystone.backends.sqlalchemy'])
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    elif (object_type, action) == ('database', 'goto'):
        require_args(args, 1, 'Jumping database versions requires a '
            'version #')
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_goto_version(options['keystone.backends.sqlalchemy'],
                    version=args[2])
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    else:
        # Command recognized but not handled: should never reach this
        raise NotImplementedError()
示例#5
0
def process(*args):
    # Check arguments
    if len(args) == 0:
        raise optparse.OptParseError(OBJECT_NOT_SPECIFIED)
    else:
        object_type = args[0]
        if object_type not in OBJECTS:
            raise optparse.OptParseError(SUPPORTED_OBJECTS)

    if len(args) == 1:
        raise optparse.OptParseError(ACTION_NOT_SPECIFIED)
    else:
        action = args[1]
        if action not in ACTIONS:
            raise optparse.OptParseError(SUPPORTED_ACTIONS)

    if action not in ["list"]:
        if len(args) == 2:
            raise optparse.OptParseError(ID_NOT_SPECIFIED)
        else:
            object_id = args[2]

    # Helper functions
    def require_args(args, min, msg):
        """Ensure there are at least `min` arguments"""
        if len(args) < min:
            raise optparse.OptParseError(msg)

    optional_arg = lambda args, x: len(args) > x and str(args[x]).strip() or None

    def print_table(header_row, rows):
        """Prints a lists of lists as table in a human readable format"""
        print "\t".join(header_row)
        print "-" * 79
        rows = [[str(col) for col in row] for row in rows]
        print "\n".join(["\t".join(row) for row in rows])

    # Execute command
    if (object_type, action) == ("user", "add"):
        require_args(args, 4, "No password specified for fourth argument")
        if api.add_user(name=object_id, password=args[3], tenant=optional_arg(args, 4)):
            print "SUCCESS: User %s created." % object_id

    elif (object_type, action) == ("user", "list"):
        print_table(("id", "name", "enabled", "tenant"), api.list_users())

    elif (object_type, action) == ("user", "disable"):
        if api.disable_user(name=object_id):
            print "SUCCESS: User %s disabled." % object_id

    elif object_type == "user":
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("users"))

    elif (object_type, action) == ("tenant", "add"):
        if api.add_tenant(name=object_id):
            print "SUCCESS: Tenant %s created." % object_id

    elif (object_type, action) == ("tenant", "list"):
        print_table(("id", "name", "enabled"), api.list_tenants())

    elif (object_type, action) == ("tenant", "disable"):
        if api.disable_tenant(name=object_id):
            print "SUCCESS: Tenant %s disabled." % object_id

    elif object_type == "tenant":
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("tenants"))

    elif (object_type, action) == ("role", "add"):
        if api.add_role(name=object_id):
            print "SUCCESS: Role %s created successfully." % object_id

    elif (object_type, action) == ("role", "list"):
        tenant = optional_arg(args, 2)
        if tenant:
            # print with users
            print "Role assignments for tenant %s" % tenant
            print_table(("User", "Role"), api.list_roles(tenant=tenant))
        else:
            # print without tenants
            print_table(("id", "name", "service_id", "description"), api.list_roles())

    elif (object_type, action) == ("role", "grant"):
        require_args(args, 4, "Missing arguments: role grant 'role' 'user' " "'tenant (optional)'")
        tenant = optional_arg(args, 4)
        if api.grant_role(object_id, args[3], tenant):
            print ("SUCCESS: Granted %s the %s role on %s." % (args[3], object_id, tenant))

    elif object_type == "role":
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("roles"))

    elif (object_type, action) == ("endpointTemplates", "add"):
        require_args(
            args,
            9,
            "Missing arguments: endpointTemplates add "
            "'region' 'service_name' 'publicURL' 'adminURL' 'internalURL' "
            "'enabled' 'global'",
        )
        version_id = optional_arg(args, 9)
        version_list = optional_arg(args, 10)
        version_info = optional_arg(args, 11)
        if api.add_endpoint_template(
            region=args[2],
            service=args[3],
            public_url=args[4],
            admin_url=args[5],
            internal_url=args[6],
            enabled=args[7],
            is_global=args[8],
            version_id=version_id,
            version_list=version_list,
            version_info=version_info,
        ):
            print ("SUCCESS: Created EndpointTemplates for %s pointing to %s." % (args[3], args[4]))

    elif (object_type, action) == ("endpointTemplates", "list"):
        tenant = optional_arg(args, 2)
        if tenant:
            print "Endpoints for tenant %s" % tenant
            print_table(("service", "region", "Public URL"), api.list_tenant_endpoints(tenant))
        else:
            print "All EndpointTemplates"
            print_table(
                ("id", "service", "type", "region", "enabled", "is_global", "Public URL", "Admin URL"),
                api.list_endpoint_templates(),
            )

    elif (object_type, action) == ("endpoint", "add"):
        require_args(args, 4, "Missing arguments: endPoint add tenant " "endPointTemplate")
        if api.add_endpoint(tenant=args[2], endpoint_template=args[3]):
            print ("SUCCESS: Endpoint %s added to tenant %s." % (args[3], args[2]))

    elif object_type == "endpoint":
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("endpoints"))

    elif (object_type, action) == ("token", "add"):
        require_args(args, 6, "Creating a token requires a token id, user, " "tenant, and expiration")
        if api.add_token(token=object_id, user=args[3], tenant=args[4], expires=args[5]):
            print "SUCCESS: Token %s created." % (object_id,)

    elif (object_type, action) == ("token", "list"):
        print_table(("token", "user", "expiration", "tenant"), api.list_tokens())

    elif (object_type, action) == ("token", "delete"):
        if api.delete_token(token=object_id):
            print "SUCCESS: Token %s deleted." % (object_id,)

    elif object_type == "token":
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("tokens"))

    elif (object_type, action) == ("service", "add"):
        require_args(args, 4, "Missing arguments: service add <name> " "[type] [desc] [owner_id]" "type")
        type = optional_arg(args, 3)
        desc = optional_arg(args, 4)
        owner_id = optional_arg(args, 5)

        if api.add_service(name=object_id, type=type, desc=desc, owner_id=owner_id):
            print "SUCCESS: Service %s created successfully." % (object_id,)

    elif (object_type, action) == ("service", "list"):
        print_table(("id", "name", "type", "owner_id", "description"), api.list_services())

    elif object_type == "service":
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("services"))

    elif (object_type, action) == ("credentials", "add"):
        require_args(args, 6, "Creating a credentials requires a type, key, " "secret, and tenant_id (id is user_id)")
        if api.add_credentials(
            user=object_id, type=args[3], key=args[4], secrete=args[5], tenant=optional_arg(args, 6)
        ):
            print "SUCCESS: Credentials %s created." % object_id

    elif object_type == "credentials":
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ("credentials"))

    else:
        # Command recognized but not handled: should never reach this
        raise NotImplementedError()
示例#6
0
def process(*args):
    # Check arguments
    if len(args) == 0:
        raise optparse.OptParseError(OBJECT_NOT_SPECIFIED)
    else:
        object_type = args[0]
        if object_type not in OBJECTS:
            raise optparse.OptParseError(SUPPORTED_OBJECTS)

    if len(args) == 1:
        raise optparse.OptParseError(ACTION_NOT_SPECIFIED)
    else:
        action = args[1]
        if action not in ACTIONS:
            raise optparse.OptParseError(SUPPORTED_ACTIONS)

    if action not in ['list', 'sync', 'version_control', 'version']:
        if len(args) == 2:
            raise optparse.OptParseError(ID_NOT_SPECIFIED)
        else:
            object_id = args[2]

    # Helper functions
    def require_args(args, min, msg):
        """Ensure there are at least `min` arguments"""
        if len(args) < min:
            raise optparse.OptParseError(msg)

    optional_arg = (lambda args, x:
        len(args) > x and str(args[x]).strip() or None)

    if object_type == 'database':
        options = get_options(args)

    # Execute command
    if (object_type, action) == ('user', 'add'):
        require_args(args, 4, 'No password specified for fourth argument')
        if api.add_user(name=object_id, password=args[3],
                tenant=optional_arg(args, 4)):
            print "SUCCESS: User %s created." % object_id

    elif (object_type, action) == ('user', 'list'):
        print Table('Users', ['id', 'name', 'enabled', 'tenant'],
                    api.list_users())

    elif (object_type, action) == ('user', 'disable'):
        if api.disable_user(name=object_id):
            print "SUCCESS: User %s disabled." % object_id

    elif object_type == 'user':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('users'))

    elif (object_type, action) == ('tenant', 'add'):
        if api.add_tenant(name=object_id):
            print "SUCCESS: Tenant %s created." % object_id

    elif (object_type, action) == ('tenant', 'list'):
        print Table('Tenants', ['id', 'name', 'enabled'], api.list_tenants())

    elif (object_type, action) == ('tenant', 'disable'):
        if api.disable_tenant(name=object_id):
            print "SUCCESS: Tenant %s disabled." % object_id

    elif object_type == 'tenant':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tenants'))

    elif (object_type, action) == ('role', 'add'):
        if api.add_role(name=object_id, service_name=optional_arg(args, 3)):
            print "SUCCESS: Role %s created successfully." % object_id

    elif (object_type, action) == ('role', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            # print with users
            print Table('Role assignments for tenant %s' % tenant,
                        ['User', 'Role'],
                       api.list_roles(tenant=tenant))
        else:
            # print without tenants
            print Table('Roles', ['id', 'name', 'service_id', 'description'],
                api.list_roles())

    elif (object_type, action) == ('role', 'grant'):
        require_args(args, 4, "Missing arguments: role grant 'role' 'user' "
            "'tenant (optional)'")
        tenant = optional_arg(args, 4)
        if api.grant_role(object_id, args[3], tenant):
            print("SUCCESS: Granted %s the %s role on %s." %
                (args[3], object_id, tenant))

    elif object_type == 'role':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('roles'))

    elif (object_type, action) == ('endpointTemplates', 'add'):
        require_args(args, 9, "Missing arguments: endpointTemplates add "
            "'region' 'service_name' 'publicURL' 'adminURL' 'internalURL' "
            "'enabled' 'global'")
        version_id = optional_arg(args, 9)
        version_list = optional_arg(args, 10)
        version_info = optional_arg(args, 11)
        if api.add_endpoint_template(region=args[2], service=args[3],
                public_url=args[4], admin_url=args[5], internal_url=args[6],
                enabled=args[7], is_global=args[8],
                version_id=version_id, version_list=version_list,
                version_info=version_info):
            print("SUCCESS: Created EndpointTemplates for %s pointing to %s." %
                (args[3], args[4]))

    elif (object_type, action) == ('endpointTemplates', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            print Table('Endpoints for tenant %s' % tenant,
                        ['id', 'service', 'region', 'Public URL'],
                        api.list_tenant_endpoints(tenant))
        else:
            print Table('All EndpointTemplates', ['id', 'service', 'type',
                        'region', 'enabled', 'is_global', 'Public URL',
                        'Admin URL'],
                api.list_endpoint_templates())

    elif (object_type, action) == ('endpoint', 'add'):
        require_args(args, 4, "Missing arguments: endPoint add tenant "
            "endPointTemplate")
        if api.add_endpoint(tenant=args[2], endpoint_template=args[3]):
            print("SUCCESS: Endpoint %s added to tenant %s." %
                (args[3], args[2]))

    elif object_type == 'endpoint':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('endpoints'))

    elif (object_type, action) == ('token', 'add'):
        require_args(args, 6, 'Creating a token requires a token id, user, '
            'tenant, and expiration')
        if api.add_token(token=object_id, user=args[3], tenant=args[4],
                expires=args[5]):
            print "SUCCESS: Token %s created." % (object_id,)

    elif (object_type, action) == ('token', 'list'):
        print Table('Tokens', ('token', 'user', 'expiration', 'tenant'),
            api.list_tokens())

    elif (object_type, action) == ('token', 'delete'):
        if api.delete_token(token=object_id):
            print 'SUCCESS: Token %s deleted.' % (object_id,)

    elif object_type == 'token':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tokens'))

    elif (object_type, action) == ('service', 'add'):
        require_args(args, 4, "Missing arguments: service add <name> " \
                     "[type] [desc] [owner_id]"
            "type")
        type = optional_arg(args, 3)
        desc = optional_arg(args, 4)
        owner_id = optional_arg(args, 5)

        if api.add_service(name=object_id, type=type, desc=desc,
                           owner_id=owner_id):
            print "SUCCESS: Service %s created successfully." % (object_id,)

    elif (object_type, action) == ('service', 'list'):
        print Table('Services',
                    ('id', 'name', 'type', 'owner_id', 'description'),
                    api.list_services())

    elif object_type == 'service':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('services'))

    elif (object_type, action) == ('credentials', 'add'):
        require_args(args, 6, 'Creating a credentials requires a type, key, '
            'secret, and tenant_id (id is user_id)')
        if api.add_credentials(user=object_id, type=args[3], key=args[4],
                secrete=args[5], tenant=optional_arg(args, 6)):
            print "SUCCESS: Credentials %s created." % object_id

    elif object_type == 'credentials':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('credentials'))

    elif (object_type, action) == ('database', 'sync'):
        require_args(args, 1, 'Syncing database requires a version #')
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_sync(options['keystone.backends.sqlalchemy'],
                                 args)
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    elif (object_type, action) == ('database', 'upgrade'):
        require_args(args, 1, 'Upgrading database requires a version #')
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_upgrade(options['keystone.backends.sqlalchemy'],
                                 args)
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    elif (object_type, action) == ('database', 'downgrade'):
        require_args(args, 1, 'Downgrading database requires a version #')
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_downgrade(options['keystone.backends.sqlalchemy'],
                                 args)
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    elif (object_type, action) == ('database', 'version_control'):
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_version_control(options['keystone.backends.sqlalchemy'])
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    elif (object_type, action) == ('database', 'version'):
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_version(options['keystone.backends.sqlalchemy'])
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    elif (object_type, action) == ('database', 'goto'):
        require_args(args, 1, 'Jumping database versions requires a '
            'version #')
        backend_names = options.get('backends', None)
        if backend_names:
            if 'keystone.backends.sqlalchemy' in backend_names.split(','):
                do_db_goto_version(options['keystone.backends.sqlalchemy'],
                    version=args[2])
            else:
                raise optparse.OptParseError(
                    'SQL alchemy backend not specified in config')

    else:
        # Command recognized but not handled: should never reach this
        raise NotImplementedError()
示例#7
0
def process(*args):
    # Check arguments
    if len(args) == 0:
        raise optparse.OptParseError(OBJECT_NOT_SPECIFIED)
    else:
        object_type = args[0]
        if object_type not in OBJECTS:
            raise optparse.OptParseError(SUPPORTED_OBJECTS)

    if len(args) == 1:
        raise optparse.OptParseError(ACTION_NOT_SPECIFIED)
    else:
        action = args[1]
        if action not in ACTIONS:
            raise optparse.OptParseError(SUPPORTED_ACTIONS)

    if len(args) == 2 and action not in ['list']:
        raise optparse.OptParseError(ID_NOT_SPECIFIED)
    else:
        object_id = args[2]

    # Helper functions

    def require_args(args, min, msg):
        """Ensure there are at least `min` arguments"""
        if len(args) < min:
            raise optparse.OptParseError(msg)

    optional_arg = (lambda args, x: len(args) > x and args[x] or None)

    def print_table(header_row, rows):
        """Prints a lists of lists as table in a human readable format"""
        print "\t".join(header_row)
        print '-' * 79
        rows = [[str(col) for col in row] for row in rows]
        print "\n".join(["\t".join(row) for row in rows])

    # Execute command
    if (object_type, action) == ('user', 'add'):
        require_args(args, 4, 'No password specified for fourth argument')
        if api.add_user(name=object_id,
                        password=args[3],
                        tenant=optional_arg(args, 4)):
            print "SUCCESS: User %s created." % object_id

    elif (object_type, action) == ('user', 'list'):
        print_table(('id', 'name', 'enabled', 'tenant'), api.list_users())

    elif (object_type, action) == ('user', 'disable'):
        if api.disable_user(name=object_id):
            print "SUCCESS: User %s disabled." % object_id

    elif object_type == 'user':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('users'))

    elif (object_type, action) == ('tenant', 'add'):
        if api.add_tenant(name=object_id):
            print "SUCCESS: Tenant %s created." % object_id

    elif (object_type, action) == ('tenant', 'list'):
        print_table(('id', 'name', 'enabled'), api.list_tenants())

    elif (object_type, action) == ('tenant', 'disable'):
        if api.disable_tenant(name=object_id):
            print "SUCCESS: Tenant %s disabled." % object_id

    elif object_type == 'tenant':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tenants'))

    elif (object_type, action) == ('role', 'add'):
        if api.add_role(name=object_id):
            print "SUCCESS: Role %s created successfully." % object_id

    elif (object_type, action) == ('role', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            # print with users
            print 'Role assignments for tenant %s' % tenant
            print_table(('User', 'Role'), api.list_roles(tenant=tenant))
        else:
            # print without tenants
            print_table(('id', 'name'), api.list_roles())

    elif (object_type, action) == ('role', 'grant'):
        require_args(
            args, 4, "Missing arguments: role grant 'role' 'user' "
            "'tenant (optional)'")
        tenant = optional_arg(args, 4)
        if api.grant_role(object_id, args[3], tenant):
            print("SUCCESS: Granted %s the %s role on %s." %
                  (object_id, args[3], tenant))

    elif object_type == 'role':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('roles'))

    elif (object_type, action) == ('endpointTemplates', 'add'):
        require_args(
            args, 9, "Missing arguments: endpointTemplates add "
            "'region' 'service' 'publicURL' 'adminURL' 'internalURL' "
            "'enabled' 'global'")
        if api.add_endpoint_template(region=args[2],
                                     service=args[3],
                                     public_url=args[4],
                                     admin_url=args[5],
                                     internal_url=args[6],
                                     enabled=args[7],
                                     is_global=args[8]):
            print("SUCCESS: Created EndpointTemplates for %s pointing to %s." %
                  (args[3], args[4]))

    elif (object_type, action) == ('endpointTemplates', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            print 'Endpoints for tenant %s' % tenant
            print_table(('service', 'region', 'Public URL'),
                        api.list_tenant_endpoints())
        else:
            print 'All EndpointTemplates'
            print_table(('service', 'region', 'Public URL'),
                        api.list_endpoint_templates())

    elif object_type == 'endpointTemplates':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED %
                                     ('endpointTemplates'))

    elif (object_type, action) == ('endpoint', 'add'):
        require_args(
            args, 4, "Missing arguments: endPoint add tenant "
            "endPointTemplate")
        if api.add_endpoint(tenant=args[2], endpoint_template=args[3]):
            print("SUCCESS: Endpoint %s added to tenant %s." %
                  (args[3], args[2]))

    elif object_type == 'endpoint':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('endpoints'))

    elif (object_type, action) == ('token', 'add'):
        require_args(
            args, 6, 'Creating a token requires a token id, user, '
            'tenant, and expiration')
        if api.add_token(token=object_id,
                         user=args[3],
                         tenant=args[4],
                         expires=args[5]):
            print "SUCCESS: Token %s created." % (object_id, )

    elif (object_type, action) == ('token', 'list'):
        print_table(('token', 'user', 'expiration', 'tenant'),
                    api.list_tokens())

    elif (object_type, action) == ('token', 'delete'):
        if api.delete_token(token=object_id):
            print 'SUCCESS: Token %s deleted.' % (object_id, )

    elif object_type == 'token':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('tokens'))

    elif (object_type, action) == ('service', 'add'):
        require_args(args, 4, "Missing arguments: service add name " "type")
        type = optional_arg(args, 3)
        desc = optional_arg(args, 4)
        if api.add_service(name=object_id, type=type, desc=desc):
            print "SUCCESS: Service %s created successfully." % (object_id, )

    elif (object_type, action) == ('service', 'list'):
        print_table(('id', 'name', 'type'), api.list_services())

    elif object_type == 'service':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('services'))

    elif (object_type, action) == ('credentials', 'add'):
        require_args(
            args, 6, 'Creating a credentials requires a type, key, '
            'secret, and tenant_id (id is user_id)')
        if api.add_credentials(user=object_id,
                               type=args[3],
                               key=args[4],
                               secrete=args[5],
                               tenant=optional_arg(args, 6)):
            print "SUCCESS: Credentials %s created." % object_id

    elif object_type == 'credentials':
        raise optparse.OptParseError(ACTION_NOT_SUPPORTED % ('credentials'))

    else:
        # Command recognized but not handled: should never reach this
        raise NotImplementedError()
示例#8
0
def process(*args):
    """
    Usage: keystone-manage [options] type command [id [attributes]]
      type       : role, tenant, user, token, endpoint, endpointTemplates
      command    : add, list, disable, delete, grant, revoke
      id         : name or id
      attributes : depending on type...
        users    : password, tenant
        tokens   : user, tenant, expiration

      role list [tenant] will list roles granted on that tenant

    options
      -c | --config-file : config file to use
      -d | --debug : debug mode

    Example: keystone-manage user add Admin P@ssw0rd
    """
    # Check arguments
    if len(args) == 0:
        raise optparse.OptParseError(
            'No obj type specified for first argument')

    object_type = args[0]
    if object_type not in [
            'user', 'tenant', 'role', 'service', 'endpointTemplates', 'token',
            'endpoint', 'credentials'
    ]:
        raise optparse.OptParseError('%s is not a supported obj type' %
                                     object_type)

    if len(args) == 1:
        raise optparse.OptParseError(
            'No command specified for second argument')
    command = args[1]
    if command not in ['add', 'list', 'disable', 'delete', 'grant', 'revoke']:
        raise optparse.OptParseError('add, disable, delete, and list are the '
                                     'only supported commands (right now)')

    if len(args) == 2:
        if command != 'list':
            raise optparse.OptParseError('No id specified for third argument')
    if len(args) > 2:
        object_id = args[2]

    # Helper functions

    def require_args(args, min, msg):
        """Ensure there are at least `min` arguments"""
        if len(args) < min:
            raise optparse.OptParseError(msg)

    optional_arg = (lambda args, x: len(args) > x and args[x] or None)

    def print_table(header_row, rows):
        """Prints a lists of lists as table in a human readable format"""
        print "\t".join(header_row)
        print '-' * 79
        rows = [[str(col) for col in row] for row in rows]
        print "\n".join(["\t".join(row) for row in rows])

    # Execute command

    if (object_type, command) == ('user', 'add'):
        require_args(args, 4, 'No password specified for fourth argument')
        if api.add_user(name=object_id,
                        password=args[3],
                        tenant=optional_arg(args, 4)):
            print "SUCCESS: User %s created." % object_id

    elif (object_type, command) == ('user', 'disable'):
        if api.disable_user(name=object_id):
            print "SUCCESS: User %s disabled." % object_id

    elif (object_type, command) == ('user', 'list'):
        print_table(('id', 'enabled', 'tenant'), api.list_users())

    elif (object_type, command) == ('tenant', 'add'):
        if api.add_tenant(name=object_id):
            print "SUCCESS: Tenant %s created." % object_id

    elif (object_type, command) == ('tenant', 'list'):
        print_table(('id', 'name', 'enabled'), api.list_tenants())

    elif (object_type, command) == ('tenant', 'disable'):
        if api.disable_tenant(name=object_id):
            print "SUCCESS: Tenant %s disabled." % object_id

    elif (object_type, command) == ('role', 'add'):
        if api.add_role(name=object_id):
            print "SUCCESS: Role %s created successfully." % object_id

    elif (object_type, command) == ('role', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            # print with users
            print 'Role assignments for tenant %s' % tenant
            print_table(('User', 'Role'), api.list_roles(tenant=tenant))
        else:
            # print without tenants
            print_table(('id', 'name'), api.list_roles())

    elif (object_type, command) == ('role', 'grant'):
        require_args(
            args, 4, "Missing arguments: role grant 'role' 'user' "
            "'tenant (optional)'")
        tenant = optional_arg(args, 4)
        if api.grant_role(object_id, args[3], tenant):
            print("SUCCESS: Granted %s the %s role on %s." %
                  (object_id, args[3], tenant))

    elif (object_type, command) == ('endpointTemplates', 'add'):
        require_args(
            args, 9, "Missing arguments: endpointTemplates add "
            "'region' 'service' 'publicURL' 'adminURL' 'internalURL' "
            "'enabled' 'global'")
        if api.add_endpoint_template(region=args[2],
                                     service=args[3],
                                     public_url=args[4],
                                     admin_url=args[5],
                                     internal_url=args[6],
                                     enabled=args[7],
                                     is_global=args[8]):
            print("SUCCESS: Created EndpointTemplates for %s pointing to %s." %
                  (args[3], args[4]))

    elif (object_type, command) == ('endpointTemplates', 'list'):
        tenant = optional_arg(args, 2)
        if tenant:
            print 'Endpoints for tenant %s' % tenant
            print_table(('service', 'region', 'Public URL'),
                        api.list_tenant_endpoints())
        else:
            print 'All EndpointTemplates'
            print_table(('service', 'region', 'Public URL'),
                        api.list_endpoint_templates())

    elif (object_type, command) == ('endpoint', 'add'):
        require_args(
            args, 4, "Missing arguments: endPoint add tenant "
            "endPointTemplate")
        if api.add_endpoint(tenant=args[2], endpoint_template=args[3]):
            print("SUCCESS: Endpoint %s added to tenant %s." %
                  (args[3], args[2]))

    elif (object_type, command) == ('token', 'add'):
        require_args(
            args, 6, 'Creating a token requires a token id, user, '
            'tenant, and expiration')
        if api.add_token(token=object_id,
                         user=args[3],
                         tenant=args[4],
                         expires=args[5]):
            print "SUCCESS: Token %s created." % (object_id, )

    elif (object_type, command) == ('token', 'list'):
        print_table(('token', 'user', 'expiration', 'tenant'),
                    api.list_tokens())

    elif (object_type, command) == ('token', 'delete'):
        if api.delete_token(token=object_id):
            print 'SUCCESS: Token %s deleted.' % (object_id, )

    elif (object_type, command) == ('service', 'add'):
        require_args(args, 4, "Missing arguments: service add name " "type")
        type = optional_arg(args, 3)
        desc = optional_arg(args, 4)
        if api.add_service(name=object_id, type=type, desc=desc):
            print "SUCCESS: Service %s created successfully." % (object_id, )

    elif (object_type, command) == ('service', 'list'):
        print_table(('id', 'name', 'type'), api.list_services())

    elif (object_type, command) == ('credentials', 'add'):
        require_args(
            args, 6, 'Creating a credentials requires a type, key, '
            'secret, and tenant_id (id is user_id)')
        if api.add_credentials(user=object_id,
                               type=args[3],
                               key=args[4],
                               secrete=args[5],
                               tenant=optional_arg(args, 6)):
            print "SUCCESS: Credentials %s created." % object_id

    else:
        # Command not handled
        print("ERROR: unrecognized command %s %s" % (object_type, command))