From 0c488612d6e33c5c03794d9858ace0d116b78fb4 Mon Sep 17 00:00:00 2001 From: asteroide Date: Fri, 11 Sep 2015 17:45:54 +0200 Subject: Debug all the tenant commands in moonclient and fix some bugs in opnfv-moon related to tenant. Change-Id: I1d21df2a55545582a98c17181255ab53cab5689b --- .../keystone/contrib/moon/backends/sql.py | 24 +++++-- keystone-moon/keystone/contrib/moon/controllers.py | 9 ++- keystone-moon/keystone/contrib/moon/core.py | 74 +++++++++++----------- 3 files changed, 59 insertions(+), 48 deletions(-) (limited to 'keystone-moon/keystone/contrib') diff --git a/keystone-moon/keystone/contrib/moon/backends/sql.py b/keystone-moon/keystone/contrib/moon/backends/sql.py index 9f4beb6b..43bd3078 100644 --- a/keystone-moon/keystone/contrib/moon/backends/sql.py +++ b/keystone-moon/keystone/contrib/moon/backends/sql.py @@ -323,8 +323,21 @@ __all_objects__ = ( Rule, ) + class TenantConnector(TenantDriver): + @staticmethod + def __update_dict(base, update): + """Update a dict only if values are not None + + :param base: dict to update + :param update: updates for the base dict + :return: None + """ + for key in update: + if type(update[key]) is not None: + base[key] = update[key] + def get_tenants_dict(self): with sql.transaction() as session: query = session.query(Tenant) @@ -354,13 +367,10 @@ class TenantConnector(TenantDriver): query = session.query(Tenant) query = query.filter_by(id=tenant_id) ref = query.first() - tenant_ref = ref.to_dict() - tenant_ref.update(tenant_dict) - new_tenant = Tenant(id=tenant_id, tenant=tenant_ref) - for attr in Tenant.attributes: - if attr != 'id': - setattr(ref, attr, getattr(new_tenant, attr)) - return {ref.id: ref.tenant} + tenant_dict_orig = dict(ref.tenant) + self.__update_dict(tenant_dict_orig, tenant_dict) + setattr(ref, "tenant", tenant_dict_orig) + return {ref.id: tenant_dict_orig} class IntraExtensionConnector(IntraExtensionDriver): diff --git a/keystone-moon/keystone/contrib/moon/controllers.py b/keystone-moon/keystone/contrib/moon/controllers.py index 4065eabf..239650f5 100644 --- a/keystone-moon/keystone/contrib/moon/controllers.py +++ b/keystone-moon/keystone/contrib/moon/controllers.py @@ -92,9 +92,12 @@ class Tenants(controller.V3Controller): tenant_id = kw.get('tenant_id', None) tenant_dict = dict() tenant_dict['name'] = k_tenant_dict.get('name', None) - tenant_dict['description'] = kw.get('tenant_description', None) - tenant_dict['intra_authz_extension_id'] = kw.get('tenant_intra_authz_extension_id', None) - tenant_dict['intra_admin_extension_id'] = kw.get('tenant_intra_admin_extension_id', None) + if 'tenant_description' in kw: + tenant_dict['description'] = kw.get('tenant_description', None) + if 'tenant_intra_authz_extension_id' in kw: + tenant_dict['intra_authz_extension_id'] = kw.get('tenant_intra_authz_extension_id', None) + if 'tenant_intra_admin_extension_id' in kw: + tenant_dict['intra_admin_extension_id'] = kw.get('tenant_intra_admin_extension_id', None) self.tenant_api.set_tenant_dict(user_id, tenant_id, tenant_dict) diff --git a/keystone-moon/keystone/contrib/moon/core.py b/keystone-moon/keystone/contrib/moon/core.py index 86aadc8b..aa6db0cc 100644 --- a/keystone-moon/keystone/contrib/moon/core.py +++ b/keystone-moon/keystone/contrib/moon/core.py @@ -412,31 +412,30 @@ class TenantManager(manager.Manager): keystone_tenant = self.__get_keystone_tenant_dict(tenant_dict['id'], tenant_dict['name']) tenant_dict.update(keystone_tenant) # Sync users between intra_authz_extension and intra_admin_extension - if tenant_dict['intra_admin_extension_id']: - if not tenant_dict['intra_authz_extension_id']: - raise TenantNoIntraAuthzExtension() - # authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id']) - # admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id']) - # for _subject_id in authz_subjects_dict: - # if _subject_id not in admin_subjects_dict: - # self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id'], authz_subjects_dict[_subject_id]) - # for _subject_id in admin_subjects_dict: - # if _subject_id not in authz_subjects_dict: - # self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id'], admin_subjects_dict[_subject_id]) - - # TODO (ateroide): check whether we can replace the below code by the above one - # NOTE (ateroide): at a first glance: no, subject_id changes depending on which intra_extesion is used - # we must use name which is constant. - authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id']) - authz_subject_names_list = [authz_subjects_dict[subject_id]["name"] for subject_id in authz_subjects_dict] - admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id']) - admin_subject_names_list = [admin_subjects_dict[subject_id]["name"] for subject_id in admin_subjects_dict] - for _subject_id in authz_subjects_dict: - if authz_subjects_dict[_subject_id]["name"] not in admin_subject_names_list: - self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id'], authz_subjects_dict[_subject_id]) - for _subject_id in admin_subjects_dict: - if admin_subjects_dict[_subject_id]["name"] not in authz_subject_names_list: - self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id'], admin_subjects_dict[_subject_id]) + if 'intra_admin_extension_id' in tenant_dict: + if 'intra_authz_extension_id' in tenant_dict: + # authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id']) + # admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id']) + # for _subject_id in authz_subjects_dict: + # if _subject_id not in admin_subjects_dict: + # self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id'], authz_subjects_dict[_subject_id]) + # for _subject_id in admin_subjects_dict: + # if _subject_id not in authz_subjects_dict: + # self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id'], admin_subjects_dict[_subject_id]) + + # TODO (ateroide): check whether we can replace the below code by the above one + # NOTE (ateroide): at a first glance: no, subject_id changes depending on which intra_extesion is used + # we must use name which is constant. + authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id']) + authz_subject_names_list = [authz_subjects_dict[subject_id]["name"] for subject_id in authz_subjects_dict] + admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id']) + admin_subject_names_list = [admin_subjects_dict[subject_id]["name"] for subject_id in admin_subjects_dict] + for _subject_id in authz_subjects_dict: + if authz_subjects_dict[_subject_id]["name"] not in admin_subject_names_list: + self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id'], authz_subjects_dict[_subject_id]) + for _subject_id in admin_subjects_dict: + if admin_subjects_dict[_subject_id]["name"] not in authz_subject_names_list: + self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id'], admin_subjects_dict[_subject_id]) return self.driver.add_tenant_dict(tenant_dict['id'], tenant_dict) @@ -463,19 +462,18 @@ class TenantManager(manager.Manager): raise TenantUnknown() # Sync users between intra_authz_extension and intra_admin_extension - if tenant_dict['intra_admin_extension_id']: - if not tenant_dict['intra_authz_extension_id']: - raise TenantNoIntraAuthzExtension - authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id']) - authz_subject_names_list = [authz_subjects_dict[subject_id]["name"] for subject_id in authz_subjects_dict] - admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id']) - admin_subject_names_list = [admin_subjects_dict[subject_id]["name"] for subject_id in admin_subjects_dict] - for _subject_id in authz_subjects_dict: - if authz_subjects_dict[_subject_id]["name"] not in admin_subject_names_list: - self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id'], authz_subjects_dict[_subject_id]) - for _subject_id in admin_subjects_dict: - if admin_subjects_dict[_subject_id]["name"] not in authz_subject_names_list: - self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id'], admin_subjects_dict[_subject_id]) + if 'intra_admin_extension_id' in tenant_dict: + if 'intra_authz_extension_id' in tenant_dict: + authz_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id']) + authz_subject_names_list = [authz_subjects_dict[subject_id]["name"] for subject_id in authz_subjects_dict] + admin_subjects_dict = self.admin_api.get_subjects_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id']) + admin_subject_names_list = [admin_subjects_dict[subject_id]["name"] for subject_id in admin_subjects_dict] + for _subject_id in authz_subjects_dict: + if authz_subjects_dict[_subject_id]["name"] not in admin_subject_names_list: + self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_admin_extension_id'], authz_subjects_dict[_subject_id]) + for _subject_id in admin_subjects_dict: + if admin_subjects_dict[_subject_id]["name"] not in authz_subject_names_list: + self.admin_api.add_subject_dict(self.root_api.get_root_admin_id(), tenant_dict['intra_authz_extension_id'], admin_subjects_dict[_subject_id]) return self.driver.set_tenant_dict(tenant_id, tenant_dict) -- cgit 1.2.3-korg