Restructure of the actions configuration
* Cleaned up some of the code that gets the action settings. * Added the option of per task action settings just in case a given task needs to reuse an action with different settings. Change-Id: I8194cd3155ac3db3faaf0de8b87617f3891d0b10
This commit is contained in:
parent
f9330d19ac
commit
6cdbb8eef1
101
conf/conf.yaml
101
conf/conf.yaml
@ -123,6 +123,70 @@ DEFAULT_TASK_SETTINGS:
|
|||||||
password: password
|
password: password
|
||||||
template: notification.txt
|
template: notification.txt
|
||||||
|
|
||||||
|
# Default Action settings:
|
||||||
|
# These can be overriden at a per task level below in the
|
||||||
|
# task settings so that multiple tasks can use the same actions
|
||||||
|
# slightly differently.
|
||||||
|
#
|
||||||
|
# TASK_SETTINGS:
|
||||||
|
# <task_type>:
|
||||||
|
# <othersettings> ....
|
||||||
|
# ....
|
||||||
|
# action_settings:
|
||||||
|
# <action_class_name>:
|
||||||
|
# <action_settings_overrides> ....
|
||||||
|
DEFAULT_ACTION_SETTINGS:
|
||||||
|
NewProjectAction:
|
||||||
|
default_roles:
|
||||||
|
- project_admin
|
||||||
|
- project_mod
|
||||||
|
- heat_stack_owner
|
||||||
|
- _member_
|
||||||
|
NewProjectWithUserAction:
|
||||||
|
default_roles:
|
||||||
|
- project_admin
|
||||||
|
- project_mod
|
||||||
|
- heat_stack_owner
|
||||||
|
- _member_
|
||||||
|
NewUserAction:
|
||||||
|
allowed_roles:
|
||||||
|
- project_admin
|
||||||
|
- project_mod
|
||||||
|
- heat_stack_owner
|
||||||
|
- _member_
|
||||||
|
ResetUserPasswordAction:
|
||||||
|
blacklisted_roles:
|
||||||
|
- admin
|
||||||
|
NewDefaultNetworkAction:
|
||||||
|
RegionOne:
|
||||||
|
network_name: default_network
|
||||||
|
subnet_name: default_subnet
|
||||||
|
router_name: default_router
|
||||||
|
public_network: 3cb50d61-5bce-4c03-96e6-8e262e12bb35
|
||||||
|
DNS_NAMESERVERS:
|
||||||
|
- 193.168.1.2
|
||||||
|
- 193.168.1.3
|
||||||
|
SUBNET_CIDR: 192.168.1.0/24
|
||||||
|
NewProjectDefaultNetworkAction:
|
||||||
|
RegionOne:
|
||||||
|
network_name: default_network
|
||||||
|
subnet_name: default_subnet
|
||||||
|
router_name: default_router
|
||||||
|
public_network: 3cb50d61-5bce-4c03-96e6-8e262e12bb35
|
||||||
|
DNS_NAMESERVERS:
|
||||||
|
- 193.168.1.2
|
||||||
|
- 193.168.1.3
|
||||||
|
SUBNET_CIDR: 192.168.1.0/24
|
||||||
|
AddDefaultUsersToProjectAction:
|
||||||
|
default_users:
|
||||||
|
- admin
|
||||||
|
default_roles:
|
||||||
|
- admin
|
||||||
|
SetProjectQuotaAction:
|
||||||
|
regions:
|
||||||
|
RegionOne:
|
||||||
|
quota_size: small
|
||||||
|
|
||||||
# These are cascading overrides for the default settings:
|
# These are cascading overrides for the default settings:
|
||||||
TASK_SETTINGS:
|
TASK_SETTINGS:
|
||||||
signup:
|
signup:
|
||||||
@ -206,43 +270,6 @@ TASK_SETTINGS:
|
|||||||
role_blacklist:
|
role_blacklist:
|
||||||
- admin
|
- admin
|
||||||
|
|
||||||
# Action settings:
|
|
||||||
ACTION_SETTINGS:
|
|
||||||
NewProjectAction:
|
|
||||||
default_roles:
|
|
||||||
- project_admin
|
|
||||||
- project_mod
|
|
||||||
- heat_stack_owner
|
|
||||||
- _member_
|
|
||||||
NewUserAction:
|
|
||||||
allowed_roles:
|
|
||||||
- project_admin
|
|
||||||
- project_mod
|
|
||||||
- heat_stack_owner
|
|
||||||
- _member_
|
|
||||||
ResetUserPasswordAction:
|
|
||||||
blacklisted_roles:
|
|
||||||
- admin
|
|
||||||
NewDefaultNetworkAction:
|
|
||||||
RegionOne:
|
|
||||||
network_name: default_network
|
|
||||||
subnet_name: default_subnet
|
|
||||||
router_name: default_router
|
|
||||||
public_network: 3cb50d61-5bce-4c03-96e6-8e262e12bb35
|
|
||||||
DNS_NAMESERVERS:
|
|
||||||
- 193.168.1.2
|
|
||||||
- 193.168.1.3
|
|
||||||
SUBNET_CIDR: 192.168.1.0/24
|
|
||||||
AddDefaultUsersToProjectAction:
|
|
||||||
default_users:
|
|
||||||
- admin
|
|
||||||
default_roles:
|
|
||||||
- admin
|
|
||||||
SetProjectQuotaAction:
|
|
||||||
regions:
|
|
||||||
RegionOne:
|
|
||||||
quota_size: small
|
|
||||||
|
|
||||||
# mapping between roles and managable roles
|
# mapping between roles and managable roles
|
||||||
ROLES_MAPPING:
|
ROLES_MAPPING:
|
||||||
admin:
|
admin:
|
||||||
|
@ -123,6 +123,20 @@ class BaseAction(object):
|
|||||||
self.action.task.add_action_note(
|
self.action.task.add_action_note(
|
||||||
str(self), note)
|
str(self), note)
|
||||||
|
|
||||||
|
@property
|
||||||
|
def settings(self):
|
||||||
|
"""Get my settings.
|
||||||
|
|
||||||
|
Returns a dict of the settings for this action.
|
||||||
|
"""
|
||||||
|
try:
|
||||||
|
task_conf = settings.TASK_SETTINGS[self.action.task.task_type]
|
||||||
|
return task_conf['action_settings'].get(
|
||||||
|
self.__class__.__name__, {})
|
||||||
|
except KeyError:
|
||||||
|
return settings.DEFAULT_ACTION_SETTINGS.get(
|
||||||
|
self.__class__.__name__, {})
|
||||||
|
|
||||||
def pre_approve(self):
|
def pre_approve(self):
|
||||||
return self._pre_approve()
|
return self._pre_approve()
|
||||||
|
|
||||||
|
@ -14,7 +14,6 @@
|
|||||||
|
|
||||||
from uuid import uuid4
|
from uuid import uuid4
|
||||||
|
|
||||||
from django.conf import settings
|
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
|
|
||||||
from stacktask.actions import user_store
|
from stacktask.actions import user_store
|
||||||
@ -87,8 +86,7 @@ class NewProjectAction(BaseAction, ProjectMixin, UserMixin):
|
|||||||
self.action.task.cache['user_id'] = user_id
|
self.action.task.cache['user_id'] = user_id
|
||||||
self.add_note("User already given roles.")
|
self.add_note("User already given roles.")
|
||||||
else:
|
else:
|
||||||
default_roles = settings.ACTION_SETTINGS.get(
|
default_roles = self.settings.get("default_roles", {})
|
||||||
'NewProjectAction', {}).get("default_roles", {})
|
|
||||||
|
|
||||||
project_id = self.get_cache('project_id')
|
project_id = self.get_cache('project_id')
|
||||||
keystone_user = self.action.task.keystone_user
|
keystone_user = self.action.task.keystone_user
|
||||||
@ -241,8 +239,7 @@ class NewProjectWithUserAction(UserNameAction, ProjectMixin, UserMixin):
|
|||||||
|
|
||||||
def _create_user_for_project(self):
|
def _create_user_for_project(self):
|
||||||
id_manager = user_store.IdentityManager()
|
id_manager = user_store.IdentityManager()
|
||||||
default_roles = settings.ACTION_SETTINGS.get(
|
default_roles = self.settings.get("default_roles", {})
|
||||||
'NewProjectAction', {}).get("default_roles", {})
|
|
||||||
|
|
||||||
project_id = self.get_cache('project_id')
|
project_id = self.get_cache('project_id')
|
||||||
|
|
||||||
@ -396,11 +393,9 @@ class AddDefaultUsersToProjectAction(BaseAction, ProjectMixin, UserMixin):
|
|||||||
]
|
]
|
||||||
|
|
||||||
def __init__(self, *args, **kwargs):
|
def __init__(self, *args, **kwargs):
|
||||||
self.users = settings.ACTION_SETTINGS.get(
|
|
||||||
'AddDefaultUsersToProjectAction', {}).get('default_users', [])
|
|
||||||
self.roles = settings.ACTION_SETTINGS.get(
|
|
||||||
'AddDefaultUsersToProjectAction', {}).get('default_roles', [])
|
|
||||||
super(AddDefaultUsersToProjectAction, self).__init__(*args, **kwargs)
|
super(AddDefaultUsersToProjectAction, self).__init__(*args, **kwargs)
|
||||||
|
self.users = self.settings.get('default_users', [])
|
||||||
|
self.roles = self.settings.get('default_roles', [])
|
||||||
|
|
||||||
def _validate_users(self):
|
def _validate_users(self):
|
||||||
id_manager = user_store.IdentityManager()
|
id_manager = user_store.IdentityManager()
|
||||||
|
@ -49,8 +49,7 @@ class NewDefaultNetworkAction(BaseAction, ProjectMixin):
|
|||||||
return True
|
return True
|
||||||
|
|
||||||
def _validate_defaults(self):
|
def _validate_defaults(self):
|
||||||
defaults = settings.ACTION_SETTINGS.get(
|
defaults = self.settings.get(self.region, {})
|
||||||
'NewDefaultNetworkAction', {}).get(self.region, {})
|
|
||||||
|
|
||||||
if not defaults:
|
if not defaults:
|
||||||
self.add_note('ERROR: No default settings for region %s.' %
|
self.add_note('ERROR: No default settings for region %s.' %
|
||||||
@ -76,8 +75,7 @@ class NewDefaultNetworkAction(BaseAction, ProjectMixin):
|
|||||||
|
|
||||||
def _create_network(self):
|
def _create_network(self):
|
||||||
neutron = openstack_clients.get_neutronclient(region=self.region)
|
neutron = openstack_clients.get_neutronclient(region=self.region)
|
||||||
defaults = settings.ACTION_SETTINGS.get(
|
defaults = self.settings.get(self.region, {})
|
||||||
'NewDefaultNetworkAction', {}).get(self.region, {})
|
|
||||||
|
|
||||||
if not self.get_cache('network_id'):
|
if not self.get_cache('network_id'):
|
||||||
try:
|
try:
|
||||||
@ -289,8 +287,7 @@ class SetProjectQuotaAction(BaseAction):
|
|||||||
return
|
return
|
||||||
|
|
||||||
# update quota for each openstack service
|
# update quota for each openstack service
|
||||||
regions_dict = settings.ACTION_SETTINGS.get(
|
regions_dict = self.settings.get('regions', {})
|
||||||
'SetProjectQuotaAction', {}).get('regions', {})
|
|
||||||
for region_name, region_settings in six.iteritems(regions_dict):
|
for region_name, region_settings in six.iteritems(regions_dict):
|
||||||
quota_size = region_settings.get('quota_size')
|
quota_size = region_settings.get('quota_size')
|
||||||
quota_settings = settings.PROJECT_QUOTA_SIZES.get(quota_size, {})
|
quota_settings = settings.PROJECT_QUOTA_SIZES.get(quota_size, {})
|
||||||
|
@ -16,7 +16,7 @@ from rest_framework import serializers
|
|||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
|
|
||||||
|
|
||||||
role_options = settings.ACTION_SETTINGS.get("NewUserAction", {}).get(
|
role_options = settings.DEFAULT_ACTION_SETTINGS.get("NewUserAction", {}).get(
|
||||||
"allowed_roles", [])
|
"allowed_roles", [])
|
||||||
|
|
||||||
|
|
||||||
|
@ -12,7 +12,6 @@
|
|||||||
# License for the specific language governing permissions and limitations
|
# License for the specific language governing permissions and limitations
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
from django.conf import settings
|
|
||||||
from django.db import models
|
from django.db import models
|
||||||
|
|
||||||
from stacktask.actions import user_store
|
from stacktask.actions import user_store
|
||||||
@ -163,8 +162,9 @@ class ResetUserPasswordAction(UserNameAction, UserMixin):
|
|||||||
'email'
|
'email'
|
||||||
]
|
]
|
||||||
|
|
||||||
blacklist = settings.ACTION_SETTINGS.get(
|
def __init__(self, *args, **kwargs):
|
||||||
'ResetUserPasswordAction', {}).get("blacklisted_roles", {})
|
super(ResetUserPasswordAction, self).__init__(*args, **kwargs)
|
||||||
|
self.blacklist = self.settings.get("blacklisted_roles", {})
|
||||||
|
|
||||||
def _validate_user_roles(self):
|
def _validate_user_roles(self):
|
||||||
id_manager = user_store.IdentityManager()
|
id_manager = user_store.IdentityManager()
|
||||||
|
@ -159,12 +159,14 @@ TOKEN_SUBMISSION_URL = CONFIG['TOKEN_SUBMISSION_URL']
|
|||||||
|
|
||||||
TOKEN_EXPIRE_TIME = CONFIG['TOKEN_EXPIRE_TIME']
|
TOKEN_EXPIRE_TIME = CONFIG['TOKEN_EXPIRE_TIME']
|
||||||
|
|
||||||
|
DEFAULT_ACTION_SETTINGS = CONFIG['DEFAULT_ACTION_SETTINGS']
|
||||||
|
|
||||||
TASK_SETTINGS = setup_task_settings(
|
TASK_SETTINGS = setup_task_settings(
|
||||||
CONFIG['DEFAULT_TASK_SETTINGS'],
|
CONFIG['DEFAULT_TASK_SETTINGS'],
|
||||||
|
CONFIG['DEFAULT_ACTION_SETTINGS'],
|
||||||
CONFIG['TASK_SETTINGS'])
|
CONFIG['TASK_SETTINGS'])
|
||||||
DEFAULT_TASK_SETTINGS = CONFIG['DEFAULT_TASK_SETTINGS']
|
|
||||||
|
|
||||||
ACTION_SETTINGS = CONFIG['ACTION_SETTINGS']
|
DEFAULT_TASK_SETTINGS = CONFIG['DEFAULT_TASK_SETTINGS']
|
||||||
|
|
||||||
PLUGIN_SETTINGS = CONFIG.get('PLUGIN_SETTINGS', {})
|
PLUGIN_SETTINGS = CONFIG.get('PLUGIN_SETTINGS', {})
|
||||||
|
|
||||||
|
@ -108,6 +108,63 @@ DEFAULT_TASK_SETTINGS = {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
DEFAULT_ACTION_SETTINGS = {
|
||||||
|
'NewProjectAction': {
|
||||||
|
'default_roles': {
|
||||||
|
"project_admin", "project_mod", "_member_", "heat_stack_owner"
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'NewProjectWithUserAction': {
|
||||||
|
'default_roles': {
|
||||||
|
"project_admin", "project_mod", "_member_", "heat_stack_owner"
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'NewUserAction': {
|
||||||
|
'allowed_roles': ['project_mod', 'project_admin', "_member_"]
|
||||||
|
},
|
||||||
|
'ResetUserPasswordAction': {
|
||||||
|
'blacklisted_roles': ['admin']
|
||||||
|
},
|
||||||
|
'NewDefaultNetworkAction': {
|
||||||
|
'RegionOne': {
|
||||||
|
'DNS_NAMESERVERS': ['193.168.1.2', '193.168.1.3'],
|
||||||
|
'SUBNET_CIDR': '192.168.1.0/24',
|
||||||
|
'network_name': 'somenetwork',
|
||||||
|
'public_network': '3cb50f61-5bce-4c03-96e6-8e262e12bb35',
|
||||||
|
'router_name': 'somerouter',
|
||||||
|
'subnet_name': 'somesubnet'
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'NewProjectDefaultNetworkAction': {
|
||||||
|
'RegionOne': {
|
||||||
|
'DNS_NAMESERVERS': ['193.168.1.2', '193.168.1.3'],
|
||||||
|
'SUBNET_CIDR': '192.168.1.0/24',
|
||||||
|
'network_name': 'somenetwork',
|
||||||
|
'public_network': '3cb50f61-5bce-4c03-96e6-8e262e12bb35',
|
||||||
|
'router_name': 'somerouter',
|
||||||
|
'subnet_name': 'somesubnet'
|
||||||
|
},
|
||||||
|
},
|
||||||
|
'AddDefaultUsersToProjectAction': {
|
||||||
|
'default_users': [
|
||||||
|
'admin',
|
||||||
|
],
|
||||||
|
'default_roles': [
|
||||||
|
'admin',
|
||||||
|
],
|
||||||
|
},
|
||||||
|
'SetProjectQuotaAction': {
|
||||||
|
'regions': {
|
||||||
|
'RegionOne': {
|
||||||
|
'quota_size': 'small'
|
||||||
|
},
|
||||||
|
'RegionTwo': {
|
||||||
|
'quota_size': 'large'
|
||||||
|
}
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
TASK_SETTINGS = {
|
TASK_SETTINGS = {
|
||||||
'invite_user': {
|
'invite_user': {
|
||||||
'emails': {
|
'emails': {
|
||||||
@ -172,49 +229,6 @@ TASK_SETTINGS = {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ACTION_SETTINGS = {
|
|
||||||
'NewProjectAction': {
|
|
||||||
'default_roles': {
|
|
||||||
"project_admin", "project_mod", "_member_", "heat_stack_owner"
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'NewUserAction': {
|
|
||||||
'allowed_roles': ['project_mod', 'project_admin', "_member_"]
|
|
||||||
},
|
|
||||||
'ResetUserPasswordAction': {
|
|
||||||
'blacklisted_roles': ['admin']
|
|
||||||
},
|
|
||||||
'NewDefaultNetworkAction': {
|
|
||||||
'RegionOne': {
|
|
||||||
'DNS_NAMESERVERS': ['193.168.1.2', '193.168.1.3'],
|
|
||||||
'SUBNET_CIDR': '192.168.1.0/24',
|
|
||||||
'network_name': 'somenetwork',
|
|
||||||
'public_network': '3cb50f61-5bce-4c03-96e6-8e262e12bb35',
|
|
||||||
'router_name': 'somerouter',
|
|
||||||
'subnet_name': 'somesubnet'
|
|
||||||
},
|
|
||||||
},
|
|
||||||
'AddDefaultUsersToProjectAction': {
|
|
||||||
'default_users': [
|
|
||||||
'admin',
|
|
||||||
],
|
|
||||||
'default_roles': [
|
|
||||||
'admin',
|
|
||||||
],
|
|
||||||
},
|
|
||||||
'SetProjectQuotaAction': {
|
|
||||||
'regions': {
|
|
||||||
'RegionOne': {
|
|
||||||
'quota_size': 'small'
|
|
||||||
},
|
|
||||||
'RegionTwo': {
|
|
||||||
'quota_size': 'large'
|
|
||||||
}
|
|
||||||
},
|
|
||||||
},
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
ROLES_MAPPING = {
|
ROLES_MAPPING = {
|
||||||
'admin': [
|
'admin': [
|
||||||
'project_admin', 'project_mod', '_member_', 'heat_stack_owner'
|
'project_admin', 'project_mod', '_member_', 'heat_stack_owner'
|
||||||
@ -280,7 +294,7 @@ conf_dict = {
|
|||||||
"ACTIVE_TASKVIEWS": ACTIVE_TASKVIEWS,
|
"ACTIVE_TASKVIEWS": ACTIVE_TASKVIEWS,
|
||||||
"DEFAULT_TASK_SETTINGS": DEFAULT_TASK_SETTINGS,
|
"DEFAULT_TASK_SETTINGS": DEFAULT_TASK_SETTINGS,
|
||||||
"TASK_SETTINGS": TASK_SETTINGS,
|
"TASK_SETTINGS": TASK_SETTINGS,
|
||||||
"ACTION_SETTINGS": ACTION_SETTINGS,
|
"DEFAULT_ACTION_SETTINGS": DEFAULT_ACTION_SETTINGS,
|
||||||
"TOKEN_SUBMISSION_URL": TOKEN_SUBMISSION_URL,
|
"TOKEN_SUBMISSION_URL": TOKEN_SUBMISSION_URL,
|
||||||
"TOKEN_EXPIRE_TIME": TOKEN_EXPIRE_TIME,
|
"TOKEN_EXPIRE_TIME": TOKEN_EXPIRE_TIME,
|
||||||
"ROLES_MAPPING": ROLES_MAPPING,
|
"ROLES_MAPPING": ROLES_MAPPING,
|
||||||
|
@ -26,20 +26,21 @@ def dict_merge(a, b):
|
|||||||
result = deepcopy(a)
|
result = deepcopy(a)
|
||||||
for k, v in b.iteritems():
|
for k, v in b.iteritems():
|
||||||
if k in result and isinstance(result[k], dict):
|
if k in result and isinstance(result[k], dict):
|
||||||
result[k] = dict_merge(result[k], v)
|
result[k] = dict_merge(result[k], v)
|
||||||
else:
|
else:
|
||||||
result[k] = deepcopy(v)
|
result[k] = deepcopy(v)
|
||||||
return result
|
return result
|
||||||
|
|
||||||
|
|
||||||
def setup_task_settings(default, task_settings):
|
def setup_task_settings(task_defaults, action_defaults, task_settings):
|
||||||
"""
|
"""
|
||||||
Cascading merge of the default settings, and the
|
Cascading merge of the default settings, and the
|
||||||
settings for each task_type.
|
settings for each task_type.
|
||||||
"""
|
"""
|
||||||
new_task_settings = {}
|
new_task_settings = {}
|
||||||
|
|
||||||
for task, settings in task_settings.iteritems():
|
for task, settings in task_settings.iteritems():
|
||||||
new_task_settings[task] = dict_merge(default, settings)
|
task_setting = deepcopy(task_defaults)
|
||||||
|
task_setting['action_settings'] = deepcopy(action_defaults)
|
||||||
|
new_task_settings[task] = dict_merge(task_setting, settings)
|
||||||
|
|
||||||
return new_task_settings
|
return new_task_settings
|
||||||
|
Loading…
Reference in New Issue
Block a user