def create_context(trust_id, project_id): """Creates Mistral security context. :param trust_id: Trust Id. :param project_id: Project Id. :return: Mistral security context. """ if CONF.pecan.auth_enable: client = keystone.client_for_trusts(trust_id) return auth_ctx.MistralContext( user_id=client.user_id, project_id=project_id, auth_token=client.auth_token, is_trust_scoped=True, trust_id=trust_id, ) return auth_ctx.MistralContext( user_id=None, project_id=None, auth_token=None, is_admin=True )
def create_context(trust_id, project_id): """Creates Mistral security context. :param trust_id: Trust Id. :param project_id: Project Id. :return: Mistral security context. """ if CONF.pecan.auth_enable: client = keystone.client_for_trusts(trust_id) if client.session: # Method get_token is deprecated, using get_auth_headers. token = client.session.get_auth_headers().get('X-Auth-Token') user_id = client.session.get_user_id() else: token = client.auth_token user_id = client.user_id return auth_ctx.MistralContext( user=user_id, tenant=project_id, auth_token=token, is_trust_scoped=True, trust_id=trust_id, ) return auth_ctx.MistralContext( user=None, tenant=None, auth_token=None, is_admin=True )
def create_context(workbook): if 'trust_id' not in workbook: return admin_user = CONF.keystone.admin_user admin_password = CONF.keystone.admin_password if CONF.pecan.auth_enable: client = keystone.client_for_trusts( admin_user, admin_password, trust_id=workbook['trust_id'], project_id=workbook['project_id']) return context.MistralContext( user_id=client.user_id, project_id=workbook['project_id'], auth_token=client.auth_token ) else: return context.MistralContext( user_id=None, project_id=None, auth_token=None )
def create_context(trust_id, project_id): """Creates Mistral security context. :param trust_id: Trust Id. :param project_id: Project Id. :return: Mistral security context. """ if CONF.pecan.auth_enable: client = keystone.client_for_trusts(trust_id) if client.session: # Method get_token is deprecated, using get_auth_headers. token = client.session.get_auth_headers().get('X-Auth-Token') user_id = client.session.get_user_id() else: token = client.auth_token user_id = client.user_id return auth_ctx.MistralContext( user=user_id, tenant=project_id, auth_token=token, is_trust_scoped=True, trust_id=trust_id, ) return auth_ctx.MistralContext(user=None, tenant=None, auth_token=None, is_admin=True)
def delete_trust(trust_id): if not trust_id: return keystone_client = keystone.client_for_trusts(trust_id) try: keystone_client.trusts.delete(trust_id) except Exception as e: LOG.warning("Failed to delete trust [id=%s]: %s" % (trust_id, e))
def delete_trust(workbook): if 'trust_id' not in workbook: return admin_user = CONF.keystone.admin_user admin_password = CONF.keystone.admin_password keystone_client = keystone.client_for_trusts( admin_user, admin_password, workbook.trust_id) keystone_client.trusts.delete(workbook.trust_id)
def create_context(workbook): if 'trust_id' not in workbook: return if CONF.pecan.auth_enable: client = keystone.client_for_trusts(workbook['trust_id']) return context.MistralContext(user_id=client.user_id, project_id=workbook['project_id'], auth_token=client.auth_token) else: return context.MistralContext(user_id=None, project_id=None, auth_token=None)
def delete_trust(trust_id=None): if not trust_id: # Try to retrieve trust from context. if auth_ctx.has_ctx(): trust_id = auth_ctx.ctx().trust_id if not trust_id: return keystone_client = keystone.client_for_trusts(trust_id) try: keystone_client.trusts.delete(trust_id) except Exception as e: LOG.warning("Failed to delete trust [id=%s]: %s", trust_id, e)
def delete_trust(trust_id): if not trust_id: return ctx = auth_ctx.ctx() # If this trust is already in the context then it means that # context already has trust scoped token from exactly this trust_id. # So we don't need request the token from the trust one more time. if ctx.is_trust_scoped and ctx.trust_id == trust_id: keystone_client = keystone.client() else: keystone_client = keystone.client_for_trusts(trust_id) try: keystone_client.trusts.delete(trust_id) except Exception as e: LOG.warning("Failed to delete trust [id=%s]: %s" % (trust_id, e))
def create_trust(workbook): client = keystone.client() ctx = context.ctx() admin_user = CONF.keystone.admin_user admin_password = CONF.keystone.admin_password admin_tenant_name = CONF.keystone.admin_tenant_name trustee_id = keystone.client_for_trusts( admin_user, admin_password, project_name=admin_tenant_name).user_id trust = client.trusts.create(trustor_user=client.user_id, trustee_user=trustee_id, impersonation=True, role_names=ctx['roles'], project=ctx['project_id']) return db_api.workbook_update(workbook['name'], {'trust_id': trust.id, 'project_id': ctx['project_id']})
def delete_trust(workbook): if 'trust_id' not in workbook: return keystone_client = keystone.client_for_trusts(workbook['trust_id']) keystone_client.trusts.delete(workbook.trust_id)
def delete_trust(workbook): if not workbook.trust_id: return keystone_client = keystone.client_for_trusts(workbook.trust_id) keystone_client.trusts.delete(workbook.trust_id)