1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
|
# Copyright (c) 2017 Cable Television Laboratories, Inc. ("CableLabs")
# and others. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import logging
from keystoneclient.exceptions import NotFound
from snaps.openstack.openstack_creator import OpenStackIdentityObject
from snaps.openstack.os_credentials import OSCreds
from snaps.openstack.utils import keystone_utils
__author__ = 'spisarski'
logger = logging.getLogger('create_user')
class OpenStackUser(OpenStackIdentityObject):
"""
Class responsible for managing a user in OpenStack
"""
def __init__(self, os_creds, user_settings):
"""
Constructor
:param os_creds: The OpenStack connection credentials
:param user_settings: The user settings
:return:
"""
super(self.__class__, self).__init__(os_creds)
self.user_settings = user_settings
self.__user = None
def initialize(self):
"""
Creates the user in OpenStack if it does not already exist
:return: The User domain object
"""
super(self.__class__, self).initialize()
self.__user = keystone_utils.get_user(self._keystone,
self.user_settings.name)
return self.__user
def create(self, cleanup=False):
"""
Creates a User if one does not already exist
:return: The User domain object
"""
self.initialize()
if not self.__user:
self.__user = keystone_utils.create_user(self._keystone,
self.user_settings)
return self.__user
def clean(self):
"""
Cleanse environment of user
:return: void
"""
if self.__user:
try:
keystone_utils.delete_user(self._keystone, self.__user)
except NotFound:
pass
self.__user = None
def get_user(self):
"""
Returns the OpenStack user object populated in create()
:return: the Object or None if not created
"""
return self.__user
def get_os_creds(self, project_name=None):
"""
Returns an OSCreds object based on this user account and a project
:param project_name: the name of the project to leverage in the
credentials
:return:
"""
return OSCreds(
username=self.user_settings.name,
password=self.user_settings.password,
auth_url=self._os_creds.auth_url,
project_name=project_name,
identity_api_version=self._os_creds.identity_api_version,
image_api_version=self._os_creds.image_api_version,
network_api_version=self._os_creds.network_api_version,
compute_api_version=self._os_creds.compute_api_version,
heat_api_version=self._os_creds.heat_api_version,
volume_api_version=self._os_creds.volume_api_version,
user_domain_name=self._os_creds.user_domain_name,
user_domain_id=self._os_creds.user_domain_id,
project_domain_name=self._os_creds.project_domain_name,
project_domain_id=self._os_creds.project_domain_id,
interface=self._os_creds.interface,
proxy_settings=self._os_creds.proxy_settings,
cacert=self._os_creds.cacert)
class UserSettings:
def __init__(self, **kwargs):
"""
Constructor
:param name: the user's name (required)
:param password: the user's password (required)
:param project_name: the user's primary project name (optional)
:param domain_name: the user's domain name (default='Default'). For v3
APIs
:param email: the user's email address (optional)
:param enabled: denotes whether or not the user is enabled
(default True)
:param roles: dict where key is the role's name and value is the name
of the project to associate with the role (optional)
"""
self.name = kwargs.get('name')
self.password = kwargs.get('password')
self.project_name = kwargs.get('project_name')
self.email = kwargs.get('email')
self.domain_name = kwargs.get('domain_name', 'Default')
self.enabled = kwargs.get('enabled', True)
self.roles = kwargs.get('roles', dict())
if not self.name or not self.password:
raise UserSettingsException(
'The attributes name and password are required for '
'UserSettings')
if not isinstance(self.enabled, bool):
raise UserSettingsException('The attribute enabled must be of type'
' boolean')
class UserSettingsException(Exception):
"""
Raised when there is a problem with the values set in the UserSettings
class
"""
|