示例#1
0
def migrate_volume(context, volume_id):
    volume = context.src_cloud.cinder.volumes.get(volume_id)
    volume_id = volume.id
    tenant_id = volume._info["os-vol-tenant-attr:tenant_id"]
    tenant_retrieve = "tenant-{}-retrieve".format(tenant_id)
    try:
        users = context.src_cloud.keystone.tenants.list_users(tenant_id)
    except exceptions.keystone_excs.NotFound:
        LOG.info("No users in tenant %s, using %s", tenant_id, context.dst_cloud.keystone.auth_ref["user"]["name"])
        user_id = None
    else:
        user = users.pop()
        if str(user.name) == "admin":
            user_id = None
        else:
            user_id = user.id
    user_retrieve = "user-{}-retrieve".format(user_id)
    resources = []

    if tenant_retrieve not in context.store:
        tenant_flow = tenant_tasks.migrate_tenant(context, tenant_id)
    if user_id and user_retrieve not in context.store:
        user_flow = user_tasks.migrate_user(context, user_id)
    resources.append(tenant_flow)
    volume_flow = volume_tasks.migrate_detached_volume(context, volume_id, user_id, tenant_id)
    return resources, volume_flow
示例#2
0
    def test_migrate_orphan_user(self, flow_mock,
                                 retrieve_user_mock, ensure_user_mock):
        flow_mock.return_value = self.flow
        flow = user.migrate_user(
            self.context,
            self.user_id,
        )

        flow_mock.assert_called_once_with("migrate-user-%s" % self.user_id)
        self.assertEqual(retrieve_user_mock.call_count, 1)
        self.assertEqual(
            self.flow.add.call_args_list,
            [call(retrieve_user_mock()), call(ensure_user_mock())]
        )
        self.assertEqual(self.context.store,
                         {"user-%s-retrieve" % self.user_id: self.user_id})
示例#3
0
def migrate_identity(context, tenant_id):
    flow = graph_flow.Flow("identity-{}".format(tenant_id))
    tenant_retrieve = "tenant-{}-retrieve".format(tenant_id)
    if tenant_retrieve not in context.store:
        tenant_flow = tenant_tasks.migrate_tenant(context, tenant_id)
        flow.add(tenant_flow)
    users_ids, roles_ids = set(), set()
    # XXX(akscram): Due to the bug #1308218 users duplication can be here.
    users = context.src_cloud.keystone.users.list(tenant_id)
    for user in users:
        user_retrieve = "user-{}-retrieve".format(user.id)
        if (user.id == context.src_cloud.keystone.auth_ref.user_id or
                user.id in users_ids or
                user_retrieve in context.store):
            continue
        user_tenant_id = getattr(user, "tenantId", None)
        user_flow = user_tasks.migrate_user(context, user.id,
                                            tenant_id=user_tenant_id)
        flow.add(user_flow)
        users_ids.add(user.id)
        user_roles = context.src_cloud.keystone.users.list_roles(
            user.id, tenant=tenant_id)
        for role in user_roles:
            # NOTE(akscram): Actually all roles which started with
            #                underscore are hidden.
            if role.name.startswith("_"):
                continue
            roles_ids.add(role.id)
            user_role_ensure = "user-role-{}-{}-{}-ensure".format(user.id,
                                                                  role.id,
                                                                  tenant_id)
            if user_role_ensure in context.store:
                continue
            membership_flow = user_tasks.migrate_membership(context,
                                                            user.id,
                                                            role.id,
                                                            tenant_id)
            flow.add(membership_flow)
    for role_id in roles_ids:
        role_retrieve = "role-{}-retrieve".format(role_id)
        if role_retrieve not in context.store:
            role_flow = role_tasks.migrate_role(context, role_id)
            flow.add(role_flow)
    return users_ids, flow
示例#4
0
def migrate_server_identity(context, server_info):
    server_id = server_info["id"]
    flow = graph_flow.Flow("server-identity-{}".format(server_id))
    tenant_id = server_info["tenant_id"]
    user_id = server_info["user_id"]
    tenant_retrieve = "tenant-{}-retrieve".format(tenant_id)
    user_retrieve = "user-{}-retrieve".format(user_id)
    if tenant_retrieve not in context.store:
        tenant_flow = tenant_tasks.migrate_tenant(context, tenant_id)
        flow.add(tenant_flow)
    if user_retrieve not in context.store:
        user = context.src_cloud.keystone.users.get(user_id)
        user_tenant_id = getattr(user, "tenantId", None)
        user_flow = user_tasks.migrate_user(context, user_id,
                                            tenant_id=user_tenant_id)
        flow.add(user_flow)
    roles = context.src_cloud.keystone.users.list_roles(user_id,
                                                        tenant=tenant_id)
    for role in roles:
        role_id = role.id
        role_retrieve = "role-{}-retrieve".format(role_id)
        if role_retrieve not in context.store:
            role_flow = role_tasks.migrate_role(context, role_id)
            flow.add(role_flow)

        if role.name.startswith("_"):
            continue
        user_role_ensure = "user-role-{}-{}-{}-ensure".format(user_id,
                                                              role_id,
                                                              tenant_id)
        if user_role_ensure in context.store:
            continue
        membership_flow = user_tasks.migrate_membership(context, user_id,
                                                        role_id, tenant_id)
        flow.add(membership_flow)
    return flow