diff options
| author |   Thomas Duval <thomas.duval@orange.com> | 2017-11-07 11:23:23 +0100 |
|---|---|---|
| committer | Thomas Duval <thomas.duval@orange.com> | 2017-11-07 11:23:23 +0100 |
| commit | 232d674bd645f961ff4f3e9765a806536cf3f3bf (patch) | |
| tree | a8192ef940dd935784a7be50fe2d095d4ab4956c /moonv4/moon_db | |
| parent | d11ee09f6fc511d6f7000fba35ad6aedfc65c92b (diff) | |
Connect the Moon subjects with the Keystone users.
Change-Id: I67a8956e86cda0853f352743ab0886169bdc2902
Diffstat (limited to 'moonv4/moon_db')
| -rw-r--r-- | moonv4/moon_db/Changelog | 4 | ||||
| -rw-r--r-- | moonv4/moon_db/moon_db/__init__.py | 2 | ||||
| -rw-r--r-- | moonv4/moon_db/moon_db/api/policy.py | 17 |
3 files changed, 17 insertions, 6 deletions
diff --git a/moonv4/moon_db/Changelog b/moonv4/moon_db/Changelog index 16452f6e..fa84ca92 100644 --- a/moonv4/moon_db/Changelog +++ b/moonv4/moon_db/Changelog @@ -28,3 +28,7 @@ CHANGES - Fix a bug in core.py - Update db_manager +1.1.0 +----- +- When adding a subject, check the existence of that user in the Keystone DB and + create it if necessary diff --git a/moonv4/moon_db/moon_db/__init__.py b/moonv4/moon_db/moon_db/__init__.py index d42cdbdf..ac014182 100644 --- a/moonv4/moon_db/moon_db/__init__.py +++ b/moonv4/moon_db/moon_db/__init__.py @@ -3,5 +3,5 @@ # license which can be found in the file 'LICENSE' in this package distribution # or at 'http://www.apache.org/licenses/LICENSE-2.0'. -__version__ = "1.0.3" +__version__ = "1.1.0" diff --git a/moonv4/moon_db/moon_db/api/policy.py b/moonv4/moon_db/moon_db/api/policy.py index e0413bdc..093d14bd 100644 --- a/moonv4/moon_db/moon_db/api/policy.py +++ b/moonv4/moon_db/moon_db/api/policy.py @@ -4,11 +4,10 @@ # or at 'http://www.apache.org/licenses/LICENSE-2.0'. from uuid import uuid4 -from oslo_log import log as logging -from moon_utilities.security_functions import filter_input, enforce +import logging +from moon_utilities.security_functions import enforce from moon_db.api.managers import Managers - LOG = logging.getLogger("moon.db.api.policy") @@ -52,9 +51,17 @@ class PolicyManager(Managers): @enforce(("read", "write"), "perimeter") def add_subject(self, user_id, policy_id, perimeter_id=None, value=None): + k_user = Managers.KeystoneManager.get_user_by_name(value.get('name')) + if not k_user['users']: + k_user = Managers.KeystoneManager.create_user(value) if not perimeter_id: - perimeter_id = uuid4().hex - # TODO (asteroide): must check and add Keystone ID here + try: + perimeter_id = k_user['users'][0].get('id', uuid4().hex) + except IndexError: + k_user = Managers.KeystoneManager.get_user_by_name( + value.get('name')) + perimeter_id = uuid4().hex + value.update(k_user['users'][0]) return self.driver.set_subject(policy_id=policy_id, perimeter_id=perimeter_id, value=value) @enforce(("read", "write"), "perimeter") |