prevent the mapping N*PDP <=> 1*Keystone_project

Change-Id: Ia43d7fb2a2c8054e9cf492395f2e3ef396d184cf

4 files changed, 28 insertions, 4 deletions

diff --git a/moon_manager/moon_manager/api/pdp.py b/moon_manager/moon_manager/api/pdp.py
index 4dc2c310..3ae55d33 100644
--- a/moon_manager/moon_manager/api/pdp.py
+++ b/moon_manager/moon_manager/api/pdp.py
@@ -14,9 +14,7 @@ import requests
 import time
 from python_moonutilities.security_functions import check_auth
 from python_moondb.core import PDPManager
-from python_moondb.core import PolicyManager
-from python_moondb.core import ModelManager
-from python_moonutilities import configuration
+from python_moonutilities import configuration, exceptions
 
 __version__ = "4.3.2"
 
@@ -51,6 +49,14 @@ def add_pod(uuid, data):
     logger.info(req.text)
 
 
+def check_keystone_pid(k_pid):
+    data = PDPManager.get_pdp(user_id="admin")
+    for pdp_key, pdp_value in data.items():
+        logger.info("pdp={}".format(pdp_value))
+        if pdp_value["keystone_project_id"] == k_pid:
+            return True
+
+
 class PDP(Resource):
     """
     Endpoint for pdp requests
@@ -113,6 +119,9 @@ class PDP(Resource):
             data = dict(request.json)
             if not data.get("keystone_project_id"):
                 data["keystone_project_id"] = None
+            else:
+                if check_keystone_pid(data.get("keystone_project_id")):
+                    raise exceptions.PdpKeystoneMappingConflict
             data = PDPManager.add_pdp(
                 user_id=user_id, pdp_id=None, value=request.json)
             uuid = list(data.keys())[0]
@@ -166,6 +175,9 @@ class PDP(Resource):
             _data = dict(request.json)
             if not _data.get("keystone_project_id"):
                 _data["keystone_project_id"] = None
+            else:
+                if check_keystone_pid(_data.get("keystone_project_id")):
+                    raise exceptions.PdpKeystoneMappingConflict
             data = PDPManager.update_pdp(
                 user_id=user_id, pdp_id=uuid, value=_data)
             logger.debug("data={}".format(data))
diff --git a/python_moonutilities/Changelog b/python_moonutilities/Changelog
index 91f09cbf..2c4c02a8 100644
--- a/python_moonutilities/Changelog
+++ b/python_moonutilities/Changelog
@@ -74,3 +74,7 @@ CHANGES
 1.4.4
 -----
 - Code cleaning
+
+1.4.5
+-----
+- Add PdpKeystoneMappingConflict exception
diff --git a/python_moonutilities/python_moonutilities/__init__.py b/python_moonutilities/python_moonutilities/__init__.py
index 6d1ac746..bcd7e545 100644
--- a/python_moonutilities/python_moonutilities/__init__.py
+++ b/python_moonutilities/python_moonutilities/__init__.py
@@ -3,6 +3,6 @@
 # license which can be found in the file 'LICENSE' in this package distribution
 # or at 'http://www.apache.org/licenses/LICENSE-2.0'.
 
-__version__ = "1.4.4"
+__version__ = "1.4.5"
 
 
diff --git a/python_moonutilities/python_moonutilities/exceptions.py b/python_moonutilities/python_moonutilities/exceptions.py
index 5b9ff340..2d689287 100644
--- a/python_moonutilities/python_moonutilities/exceptions.py
+++ b/python_moonutilities/python_moonutilities/exceptions.py
@@ -504,6 +504,7 @@ class ConsulComponentNotFound(ConsulError):
     title = 'Consul error'
     logger = "WARNING"
 
+
 class ConsulComponentContentError(ConsulError):
     description = _("invalid content of component .")
     code = 500
@@ -541,6 +542,13 @@ class PdpExisting(MoonError):
     logger = "Error"
 
 
+class PdpKeystoneMappingConflict(MoonError):
+    description = _("A pdp is already mapped to that Keystone project.")
+    code = 409
+    title = 'Pdp Mapping Error'
+    logger = "Error"
+
+
 class PolicyUnknown(MoonError):
     description = _("The policy is unknown.")
     code = 400