add moonv4

Change-Id: I247af788d0b0fb961fbc85416486b241eb1d807c
Signed-off-by: WuKong <rebirthmonkey@gmail.com>

1 files changed, 137 insertions, 0 deletions

diff --git a/moonv4/moon_db/moon_db/api/tenants.py b/moonv4/moon_db/moon_db/api/tenants.py
new file mode 100644
index 00000000..dd7c4ec5
--- /dev/null
+++ b/moonv4/moon_db/moon_db/api/tenants.py
@@ -0,0 +1,137 @@
+# Copyright 2015 Open Platform for NFV Project, Inc. and its contributors
+# This software is distributed under the terms and conditions of the 'Apache-2.0'
+# license which can be found in the file 'LICENSE' in this package distribution
+# or at 'http://www.apache.org/licenses/LICENSE-2.0'.
+
+from uuid import uuid4
+from moon_utilities import exceptions
+from moon_db.api.managers import Managers
+from moon_utilities.security_functions import filter_input, enforce
+from oslo_log import log as logging
+
+LOG = logging.getLogger(__name__)
+
+
+class TenantManager(Managers):
+
+    def __init__(self, connector=None):
+        self.driver = connector.driver
+        Managers.TenantManager = self
+
+    @filter_input
+    @enforce("read", "tenants")
+    def get_tenants_dict(self, user_id):
+        """
+        Return a dictionary with all tenants
+        :return: {
+            tenant_id1: {
+                name: xxx,
+                description: yyy,
+                intra_authz_extension_id: zzz,
+                intra_admin_extension_id: zzz,
+                },
+            tenant_id2: {...},
+            ...
+            }
+        """
+        return self.driver.get_tenants_dict()
+
+    def __get_keystone_tenant_dict(self, tenant_id="", tenant_name=""):
+        tenants = Managers.KeystoneManager.list_projects()
+        for tenant in tenants:
+            if tenant_id and tenant_id == tenant['id']:
+                return tenant
+            if tenant_name and tenant_name == tenant['name']:
+                return tenant
+        if not tenant_id:
+            tenant_id = uuid4().hex
+        if not tenant_name:
+            tenant_name = tenant_id
+        tenant = {
+            "id": tenant_id,
+            "name": tenant_name,
+            "description": "Auto generated tenant from Moon platform",
+            "enabled": True,
+            "domain_id": "default"
+        }
+        keystone_tenant = Managers.KeystoneManager.create_project(tenant["id"], tenant)
+        return keystone_tenant
+
+    @filter_input
+    @enforce(("read", "write"), "tenants")
+    def add_tenant_dict(self, user_id, tenant_id, tenant_dict):
+        tenants_dict = self.driver.get_tenants_dict()
+        for tenant_id in tenants_dict:
+            if tenants_dict[tenant_id]['name'] == tenant_dict['name']:
+                raise exceptions.TenantAddedNameExisting()
+
+        # Check (and eventually sync) Keystone tenant
+        if 'id' not in tenant_dict:
+            tenant_dict['id'] = None
+        keystone_tenant = self.__get_keystone_tenant_dict(tenant_dict['id'], tenant_dict['name'])
+        for att in keystone_tenant:
+            if keystone_tenant[att]:
+                tenant_dict[att] = keystone_tenant[att]
+        # Sync users between intra_authz_extension and intra_admin_extension
+        LOG.debug("add_tenant_dict {}".format(tenant_dict))
+        if 'intra_admin_extension_id' in tenant_dict and tenant_dict['intra_admin_extension_id']:
+            if 'intra_authz_extension_id' in tenant_dict and tenant_dict['intra_authz_extension_id']:
+                authz_subjects_dict = Managers.IntraExtensionAdminManager.get_subjects_dict(
+                    Managers.IntraExtensionRootManager.root_admin_id, tenant_dict['intra_authz_extension_id'])
+                authz_subject_names_list = [authz_subjects_dict[subject_id]["name"] for subject_id in authz_subjects_dict]
+                admin_subjects_dict = Managers.IntraExtensionAdminManager.get_subjects_dict(
+                    Managers.IntraExtensionRootManager.root_admin_id, tenant_dict['intra_admin_extension_id'])
+                admin_subject_names_list = [admin_subjects_dict[subject_id]["name"] for subject_id in admin_subjects_dict]
+                for _subject_id in authz_subjects_dict:
+                    if authz_subjects_dict[_subject_id]["name"] not in admin_subject_names_list:
+                        Managers.IntraExtensionAdminManager.add_subject_dict(
+                            Managers.IntraExtensionRootManager.root_admin_id, tenant_dict['intra_admin_extension_id'], authz_subjects_dict[_subject_id])
+                for _subject_id in admin_subjects_dict:
+                    if admin_subjects_dict[_subject_id]["name"] not in authz_subject_names_list:
+                        Managers.IntraExtensionAdminManager.add_subject_dict(
+                            Managers.IntraExtensionRootManager.root_admin_id, tenant_dict['intra_authz_extension_id'], admin_subjects_dict[_subject_id])
+
+        return self.driver.add_tenant_dict(tenant_dict['id'], tenant_dict)
+
+    @filter_input
+    @enforce("read", "tenants")
+    def get_tenant_dict(self, user_id, tenant_id):
+        tenants_dict = self.driver.get_tenants_dict()
+        if tenant_id not in tenants_dict:
+            raise exceptions.TenantUnknown()
+        return tenants_dict[tenant_id]
+
+    @filter_input
+    @enforce(("read", "write"), "tenants")
+    def del_tenant(self, user_id, tenant_id):
+        if tenant_id not in self.driver.get_tenants_dict():
+            raise exceptions.TenantUnknown()
+        self.driver.del_tenant(tenant_id)
+
+    @filter_input
+    @enforce(("read", "write"), "tenants")
+    def set_tenant_dict(self, user_id, tenant_id, tenant_dict):
+        tenants_dict = self.driver.get_tenants_dict()
+        if tenant_id not in tenants_dict:
+            raise exceptions.TenantUnknown()
+
+        # Sync users between intra_authz_extension and intra_admin_extension
+        if 'intra_admin_extension_id' in tenant_dict:
+            if 'intra_authz_extension_id' in tenant_dict:
+                authz_subjects_dict = Managers.IntraExtensionAdminManager.get_subjects_dict(
+                    Managers.IntraExtensionRootManager.root_admin_id, tenant_dict['intra_authz_extension_id'])
+                authz_subject_names_list = [authz_subjects_dict[subject_id]["name"] for subject_id in authz_subjects_dict]
+                admin_subjects_dict = Managers.IntraExtensionAdminManager.get_subjects_dict(
+                    Managers.IntraExtensionRootManager.root_admin_id, tenant_dict['intra_admin_extension_id'])
+                admin_subject_names_list = [admin_subjects_dict[subject_id]["name"] for subject_id in admin_subjects_dict]
+                for _subject_id in authz_subjects_dict:
+                    if authz_subjects_dict[_subject_id]["name"] not in admin_subject_names_list:
+                        Managers.IntraExtensionAdminManager.add_subject_dict(
+                            Managers.IntraExtensionRootManager.root_admin_id, tenant_dict['intra_admin_extension_id'], authz_subjects_dict[_subject_id])
+                for _subject_id in admin_subjects_dict:
+                    if admin_subjects_dict[_subject_id]["name"] not in authz_subject_names_list:
+                        Managers.IntraExtensionAdminManager.add_subject_dict(
+                            Managers.IntraExtensionRootManager.root_admin_id, tenant_dict['intra_authz_extension_id'], admin_subjects_dict[_subject_id])
+
+        return self.driver.set_tenant_dict(tenant_id, tenant_dict)
+