def client(username, password, trust_id=None): '''return a Swift client This will return a Swift client for the specified username scoped to the current context project, unless a trust identifier is specified. If a trust identifier is present then the Swift client will be created based on a preauthorized token generated by the username scoped to the trust identifier. :param username: The username for the Swift client :param password: The password associated with the username :param trust_id: A trust identifier for scoping the username (optional) :returns: A Swift client object ''' if trust_id: proxyclient = k.client_for_proxy_user(username, password, trust_id) return client_from_token(proxyclient.auth_token) else: return swiftclient.Connection(auth_version='2.0', cacert=CONF.swift.ca_file, insecure=CONF.swift.api_insecure, authurl=su.retrieve_auth_url(), user=username, key=password, tenant_name=sh.retrieve_tenant())
def client(username, password, trust_id=None): '''return a Swift client This will return a Swift client for the specified username scoped to the current context project, unless a trust identifier is specified. If a trust identifier is present then the Swift client will be created based on a preauthorized token generated by the username scoped to the trust identifier. :param username: The username for the Swift client :param password: The password associated with the username :param trust_id: A trust identifier for scoping the username (optional) :returns: A Swift client object ''' if trust_id: proxyclient = k.client_for_proxy_user(username, password, trust_id) return client_from_token(proxyclient.auth_token) else: return swiftclient.Connection( auth_version='2.0', cacert=CONF.swift.ca_file, insecure=CONF.swift.api_insecure, authurl=su.retrieve_auth_url(), user=username, key=password, tenant_name=sh.retrieve_tenant(), retries=CONF.retries.retries_number, retry_on_ratelimit=True, starting_backoff=CONF.retries.retry_after, max_backoff=CONF.retries.retry_after)
def client(username, password, trust_id=None): '''return a Swift client This will return a Swift client for the specified username scoped to the current context project, unless a trust identifier is specified. If a trust identifier is present then the Swift client will be created based on a preauthorized token generated by the username scoped to the trust identifier. :param username: The username for the Swift client :param password: The password associated with the username :param trust_id: A trust identifier for scoping the username (optional) :returns: A Swift client object ''' client_kwargs = dict(auth_version='2.0') if trust_id: proxyclient = k.client_for_proxy_user(username, password, trust_id) client_kwargs.update(preauthurl=su.retrieve_preauth_url(), preauthtoken=proxyclient.auth_token) else: client_kwargs.update(authurl=su.retrieve_auth_url(), user=username, key=password, tenant_name=sh.retrieve_tenant()) return swiftclient.Connection(**client_kwargs)
def _get_conn_for_proxy_user(configs): preauthurl = su.retrieve_preauth_url() proxyclient = k.client_for_proxy_user(configs['proxy_username'], configs['proxy_password'], configs['proxy_trust_id']) return swiftclient.Connection(preauthurl=preauthurl, preauthtoken=proxyclient.auth_token, auth_version='2.0')
def delete_proxy_user_for_cluster(cluster): '''Delete a proxy user based on a Cluster :param cluster: The cluster model with proxy user information ''' proxy_configs = cluster.cluster_configs.get('proxy_configs') if proxy_configs is not None: proxy_username = proxy_configs.get('proxy_username') proxy_password = proxy_configs.get('proxy_password') proxy_trust_id = proxy_configs.get('proxy_trust_id') proxy_user = k.client_for_proxy_user(proxy_username, proxy_password, proxy_trust_id) t.delete_trust(proxy_user, proxy_trust_id) proxy_user_delete(proxy_username) update = {'cluster_configs': cluster.cluster_configs.to_dict()} del update['cluster_configs']['proxy_configs'] conductor.cluster_update(context.ctx(), cluster, update)
def delete_proxy_user_for_job_execution(job_execution): '''Delete a proxy user based on a JobExecution :param job_execution: The job execution with proxy user information :returns: An updated job_configs dictionary or None ''' proxy_configs = job_execution.job_configs.get('proxy_configs') if proxy_configs is not None: proxy_username = proxy_configs.get('proxy_username') proxy_password = proxy_configs.get('proxy_password') proxy_trust_id = proxy_configs.get('proxy_trust_id') proxy_user = k.client_for_proxy_user(proxy_username, proxy_password, proxy_trust_id) t.delete_trust(proxy_user, proxy_trust_id) proxy_user_delete(proxy_username) update = job_execution.job_configs.to_dict() del update['proxy_configs'] return update return None
def create_proxy_user_for_job_execution(job_execution): '''Creates a proxy user and adds the credentials to the job execution :param job_execution: The job execution model to update ''' username = '******'.format(job_execution.id) password = proxy_user_create(username) current_user = k.client() proxy_user = k.client_for_proxy_user(username, password) trust_id = t.create_trust(trustor=current_user, trustee=proxy_user, role_names=CONF.proxy_user_role_names) update = {'job_configs': job_execution.job_configs.to_dict()} update['job_configs']['proxy_configs'] = { 'proxy_username': username, 'proxy_password': password, 'proxy_trust_id': trust_id } conductor.job_execution_update(context.ctx(), job_execution, update)
def delete_proxy_user_for_job_execution(job_execution): '''Delete a proxy user based on a JobExecution :param job_execution: The job execution with proxy user information :returns: An updated job_configs dictionary or None ''' proxy_configs = job_execution.job_configs.get('proxy_configs') if proxy_configs is not None: proxy_username = proxy_configs.get('proxy_username') proxy_password = proxy_configs.get('proxy_password') proxy_trust_id = proxy_configs.get('proxy_trust_id') proxy_user = k.client_for_proxy_user(proxy_username, proxy_password, proxy_trust_id) t.delete_trust(proxy_user, proxy_trust_id) proxy_user_delete(proxy_username) update = {'job_configs': job_execution.job_configs.to_dict()} del update['job_configs']['proxy_configs'] return update return None
def create_proxy_user_for_cluster(cluster): '''Creates a proxy user and adds the credentials to the cluster :param cluster: The cluster model to update ''' if cluster.cluster_configs.get('proxy_configs'): return cluster username = '******'.format(cluster.id) password = proxy_user_create(username) current_user = k.client() proxy_user = k.client_for_proxy_user(username, password) trust_id = t.create_trust(trustor=current_user, trustee=proxy_user, role_names=CONF.proxy_user_role_names) update = {'cluster_configs': cluster.cluster_configs.to_dict()} update['cluster_configs']['proxy_configs'] = { 'proxy_username': username, 'proxy_password': password, 'proxy_trust_id': trust_id } return conductor.cluster_update(context.ctx(), cluster, update)