1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
# Copyright (c) 2016 Cable Television Laboratories, Inc. ("CableLabs")
# and others. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import logging
from keystoneclient.exceptions import NotFound
from snaps.openstack.os_credentials import OSCreds
from snaps.openstack.utils import keystone_utils
__author__ = 'spisarski'
logger = logging.getLogger('create_user')
class OpenStackUser:
"""
Class responsible for creating a user in OpenStack
"""
def __init__(self, os_creds, user_settings):
"""
Constructor
:param os_creds: The OpenStack connection credentials
:param user_settings: The user settings
:return:
"""
self.__os_creds = os_creds
self.user_settings = user_settings
self.__user = None
self.__keystone = None
def create(self, cleanup=False):
"""
Creates the user in OpenStack if it does not already exist
:param cleanup: Denotes whether or not this is being called for cleanup or not
:return: The OpenStack user object
"""
self.__keystone = keystone_utils.keystone_client(self.__os_creds)
self.__user = keystone_utils.get_user(self.__keystone, self.user_settings.name)
if self.__user:
logger.info('Found user with name - ' + self.user_settings.name)
elif not cleanup:
self.__user = keystone_utils.create_user(self.__keystone, self.user_settings)
else:
logger.info('Did not create user due to cleanup mode')
return self.__user
def clean(self):
"""
Cleanse environment of user
:return: void
"""
if self.__user:
try:
keystone_utils.delete_user(self.__keystone, self.__user)
except NotFound:
pass
self.__user = None
def get_user(self):
"""
Returns the OpenStack user object populated in create()
:return: the Object or None if not created
"""
return self.__user
def get_os_creds(self, project_name=None):
"""
Returns an OSCreds object based on this user account and a project
:param project_name: the name of the project to leverage in the credentials
:return:
"""
return OSCreds(username=self.user_settings.name,
password=self.user_settings.password,
auth_url=self.__os_creds.auth_url,
project_name=project_name,
identity_api_version=self.__os_creds.identity_api_version,
user_domain_id=self.__os_creds.user_domain_id,
project_domain_id=self.__os_creds.project_domain_id,
proxy_settings=self.__os_creds.proxy_settings)
class UserSettings:
def __init__(self, config=None, name=None, password=None, project_name=None, domain_name='default', email=None,
enabled=True):
"""
Constructor
:param config: dict() object containing the configuration settings using the attribute names below as each
member's the key and overrides any of the other parameters.
:param name: the user's name (required)
:param password: the user's password (required)
:param project_name: the user's primary project name (optional)
:param domain_name: the user's domain name (default='default'). For v3 APIs
:param email: the user's email address (optional)
:param enabled: denotes whether or not the user is enabled (default True)
"""
if config:
self.name = config.get('name')
self.password = config.get('password')
self.project_name = config.get('project_name')
self.email = config.get('email')
if config.get('domain_name'):
self.domain_name = config['domain_name']
else:
self.domain_name = domain_name
if config.get('enabled') is not None:
self.enabled = config['enabled']
else:
self.enabled = enabled
else:
self.name = name
self.password = password
self.project_name = project_name
self.email = email
self.enabled = enabled
self.domain_name = domain_name
if not self.name or not self.password:
raise Exception('The attributes name and password are required for UserSettings')
if not isinstance(self.enabled, bool):
raise Exception('The attribute enabled must be of type boolean')
|
