def user_create(request, name=None, email=None, password=None, project=None, enabled=None, domain=None, description=None, **data): manager = keystoneclient(request, admin=True).users try: if VERSIONS.active < 3: user = manager.create(name, password, email, project, enabled) return VERSIONS.upgrade_v2_user(user) else: return manager.create( name, password=password, email=email, default_project=project, enabled=enabled, domain=domain, description=description, **data) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def tenant_create(request, name, description=None, enabled=None, domain=None, **kwargs): manager = VERSIONS.get_project_manager(request, admin=True) try: if VERSIONS.active < 3: return manager.create(name, description, enabled, **kwargs) else: return manager.create(name, domain, description=description, enabled=enabled, **kwargs) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def user_update(request, user, **data): manager = keystoneclient(request, admin=True).users error = None if not keystone_can_edit_user(): raise keystone_exceptions.ClientException(405, _("Identity service does not allow editing user data.")) # The v2 API updates user model and default project separately if VERSIONS.active < 3: # Update user details try: user = manager.update(user, **data) except keystone_exceptions.Conflict: raise exceptions.Conflict() except Exception: error = exceptions.handle(request, ignore=True) if "project" in data: project = data.pop('project') # Update default tenant try: user_update_tenant(request, user, project) user.tenantId = project except Exception: error = exceptions.handle(request, ignore=True) # Check for existing roles # Show a warning if no role exists for the project user_roles = roles_for_user(request, user, project) if not user_roles: messages.warning(request, _('User %s has no role defined for ' 'that project.') % data.get('name', None)) if error is not None: raise error # v3 API is so much simpler... else: try: user = manager.update(user, **data) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def swift_delete_container(request, name): # It cannot be deleted if it's not empty. The batch remove of objects # be done in swiftclient instead of Horizon. objects, more = swift_get_objects(request, name) if objects: error_msg = _("The container cannot be deleted " "since it is not empty.") exc = exceptions.Conflict(error_msg) raise exc swift_api(request).delete_container(name) return True
def swift_delete_folder(request, container_name, object_name): objects, more = swift_get_objects(request, container_name, prefix=object_name) # In case the given object is pseudo folder, # it can be deleted only if it is empty. # swift_get_objects will return at least # one object (i.e container_name) even if the # given pseudo folder is empty. So if swift_get_objects # returns more than one object then only it will be # considered as non empty folder. if len(objects) > 1: error_msg = _("The pseudo folder cannot be deleted " "since it is not empty.") exc = exceptions.Conflict(error_msg) raise exc swift_api(request).delete_object(container_name, object_name) return True
def mapping_create(request, mapping_id, rules): manager = keystoneclient(request, admin=True).federation.mappings try: return manager.create(mapping_id=mapping_id, rules=rules) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def identity_provider_update(request, idp_id, description=None, enabled=False, remote_ids=None): manager = keystoneclient(request, admin=True).federation.identity_providers try: return manager.update(idp_id, description=description, enabled=enabled, remote_ids=remote_ids) except keystone_exceptions.Conflict: raise exceptions.Conflict()
def protocol_create(request, protocol_id, identity_provider, mapping): manager = keystoneclient(request).federation.protocols try: return manager.create(protocol_id, identity_provider, mapping) except keystone_exceptions.Conflict: raise exceptions.Conflict()