Restructure of the actions configuration

* Cleaned up some of the code that gets the action settings.
* Added the option of per task action settings just in case
  a given task needs to reuse an action with different settings.

Change-Id: I8194cd3155ac3db3faaf0de8b87617f3891d0b10
This commit is contained in:
adrian-turjak 2016-12-19 17:30:11 +13:00
parent f9330d19ac
commit 6cdbb8eef1
9 changed files with 156 additions and 106 deletions

View File

@ -123,6 +123,70 @@ DEFAULT_TASK_SETTINGS:
password: password password: password
template: notification.txt template: notification.txt
# Default Action settings:
# These can be overriden at a per task level below in the
# task settings so that multiple tasks can use the same actions
# slightly differently.
#
# TASK_SETTINGS:
# <task_type>:
# <othersettings> ....
# ....
# action_settings:
# <action_class_name>:
# <action_settings_overrides> ....
DEFAULT_ACTION_SETTINGS:
NewProjectAction:
default_roles:
- project_admin
- project_mod
- heat_stack_owner
- _member_
NewProjectWithUserAction:
default_roles:
- project_admin
- project_mod
- heat_stack_owner
- _member_
NewUserAction:
allowed_roles:
- project_admin
- project_mod
- heat_stack_owner
- _member_
ResetUserPasswordAction:
blacklisted_roles:
- admin
NewDefaultNetworkAction:
RegionOne:
network_name: default_network
subnet_name: default_subnet
router_name: default_router
public_network: 3cb50d61-5bce-4c03-96e6-8e262e12bb35
DNS_NAMESERVERS:
- 193.168.1.2
- 193.168.1.3
SUBNET_CIDR: 192.168.1.0/24
NewProjectDefaultNetworkAction:
RegionOne:
network_name: default_network
subnet_name: default_subnet
router_name: default_router
public_network: 3cb50d61-5bce-4c03-96e6-8e262e12bb35
DNS_NAMESERVERS:
- 193.168.1.2
- 193.168.1.3
SUBNET_CIDR: 192.168.1.0/24
AddDefaultUsersToProjectAction:
default_users:
- admin
default_roles:
- admin
SetProjectQuotaAction:
regions:
RegionOne:
quota_size: small
# These are cascading overrides for the default settings: # These are cascading overrides for the default settings:
TASK_SETTINGS: TASK_SETTINGS:
signup: signup:
@ -206,43 +270,6 @@ TASK_SETTINGS:
role_blacklist: role_blacklist:
- admin - admin
# Action settings:
ACTION_SETTINGS:
NewProjectAction:
default_roles:
- project_admin
- project_mod
- heat_stack_owner
- _member_
NewUserAction:
allowed_roles:
- project_admin
- project_mod
- heat_stack_owner
- _member_
ResetUserPasswordAction:
blacklisted_roles:
- admin
NewDefaultNetworkAction:
RegionOne:
network_name: default_network
subnet_name: default_subnet
router_name: default_router
public_network: 3cb50d61-5bce-4c03-96e6-8e262e12bb35
DNS_NAMESERVERS:
- 193.168.1.2
- 193.168.1.3
SUBNET_CIDR: 192.168.1.0/24
AddDefaultUsersToProjectAction:
default_users:
- admin
default_roles:
- admin
SetProjectQuotaAction:
regions:
RegionOne:
quota_size: small
# mapping between roles and managable roles # mapping between roles and managable roles
ROLES_MAPPING: ROLES_MAPPING:
admin: admin:

View File

@ -123,6 +123,20 @@ class BaseAction(object):
self.action.task.add_action_note( self.action.task.add_action_note(
str(self), note) str(self), note)
@property
def settings(self):
"""Get my settings.
Returns a dict of the settings for this action.
"""
try:
task_conf = settings.TASK_SETTINGS[self.action.task.task_type]
return task_conf['action_settings'].get(
self.__class__.__name__, {})
except KeyError:
return settings.DEFAULT_ACTION_SETTINGS.get(
self.__class__.__name__, {})
def pre_approve(self): def pre_approve(self):
return self._pre_approve() return self._pre_approve()

View File

@ -14,7 +14,6 @@
from uuid import uuid4 from uuid import uuid4
from django.conf import settings
from django.utils import timezone from django.utils import timezone
from stacktask.actions import user_store from stacktask.actions import user_store
@ -87,8 +86,7 @@ class NewProjectAction(BaseAction, ProjectMixin, UserMixin):
self.action.task.cache['user_id'] = user_id self.action.task.cache['user_id'] = user_id
self.add_note("User already given roles.") self.add_note("User already given roles.")
else: else:
default_roles = settings.ACTION_SETTINGS.get( default_roles = self.settings.get("default_roles", {})
'NewProjectAction', {}).get("default_roles", {})
project_id = self.get_cache('project_id') project_id = self.get_cache('project_id')
keystone_user = self.action.task.keystone_user keystone_user = self.action.task.keystone_user
@ -241,8 +239,7 @@ class NewProjectWithUserAction(UserNameAction, ProjectMixin, UserMixin):
def _create_user_for_project(self): def _create_user_for_project(self):
id_manager = user_store.IdentityManager() id_manager = user_store.IdentityManager()
default_roles = settings.ACTION_SETTINGS.get( default_roles = self.settings.get("default_roles", {})
'NewProjectAction', {}).get("default_roles", {})
project_id = self.get_cache('project_id') project_id = self.get_cache('project_id')
@ -396,11 +393,9 @@ class AddDefaultUsersToProjectAction(BaseAction, ProjectMixin, UserMixin):
] ]
def __init__(self, *args, **kwargs): def __init__(self, *args, **kwargs):
self.users = settings.ACTION_SETTINGS.get(
'AddDefaultUsersToProjectAction', {}).get('default_users', [])
self.roles = settings.ACTION_SETTINGS.get(
'AddDefaultUsersToProjectAction', {}).get('default_roles', [])
super(AddDefaultUsersToProjectAction, self).__init__(*args, **kwargs) super(AddDefaultUsersToProjectAction, self).__init__(*args, **kwargs)
self.users = self.settings.get('default_users', [])
self.roles = self.settings.get('default_roles', [])
def _validate_users(self): def _validate_users(self):
id_manager = user_store.IdentityManager() id_manager = user_store.IdentityManager()

View File

@ -49,8 +49,7 @@ class NewDefaultNetworkAction(BaseAction, ProjectMixin):
return True return True
def _validate_defaults(self): def _validate_defaults(self):
defaults = settings.ACTION_SETTINGS.get( defaults = self.settings.get(self.region, {})
'NewDefaultNetworkAction', {}).get(self.region, {})
if not defaults: if not defaults:
self.add_note('ERROR: No default settings for region %s.' % self.add_note('ERROR: No default settings for region %s.' %
@ -76,8 +75,7 @@ class NewDefaultNetworkAction(BaseAction, ProjectMixin):
def _create_network(self): def _create_network(self):
neutron = openstack_clients.get_neutronclient(region=self.region) neutron = openstack_clients.get_neutronclient(region=self.region)
defaults = settings.ACTION_SETTINGS.get( defaults = self.settings.get(self.region, {})
'NewDefaultNetworkAction', {}).get(self.region, {})
if not self.get_cache('network_id'): if not self.get_cache('network_id'):
try: try:
@ -289,8 +287,7 @@ class SetProjectQuotaAction(BaseAction):
return return
# update quota for each openstack service # update quota for each openstack service
regions_dict = settings.ACTION_SETTINGS.get( regions_dict = self.settings.get('regions', {})
'SetProjectQuotaAction', {}).get('regions', {})
for region_name, region_settings in six.iteritems(regions_dict): for region_name, region_settings in six.iteritems(regions_dict):
quota_size = region_settings.get('quota_size') quota_size = region_settings.get('quota_size')
quota_settings = settings.PROJECT_QUOTA_SIZES.get(quota_size, {}) quota_settings = settings.PROJECT_QUOTA_SIZES.get(quota_size, {})

View File

@ -16,7 +16,7 @@ from rest_framework import serializers
from django.conf import settings from django.conf import settings
role_options = settings.ACTION_SETTINGS.get("NewUserAction", {}).get( role_options = settings.DEFAULT_ACTION_SETTINGS.get("NewUserAction", {}).get(
"allowed_roles", []) "allowed_roles", [])

View File

@ -12,7 +12,6 @@
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
from django.conf import settings
from django.db import models from django.db import models
from stacktask.actions import user_store from stacktask.actions import user_store
@ -163,8 +162,9 @@ class ResetUserPasswordAction(UserNameAction, UserMixin):
'email' 'email'
] ]
blacklist = settings.ACTION_SETTINGS.get( def __init__(self, *args, **kwargs):
'ResetUserPasswordAction', {}).get("blacklisted_roles", {}) super(ResetUserPasswordAction, self).__init__(*args, **kwargs)
self.blacklist = self.settings.get("blacklisted_roles", {})
def _validate_user_roles(self): def _validate_user_roles(self):
id_manager = user_store.IdentityManager() id_manager = user_store.IdentityManager()

View File

@ -159,12 +159,14 @@ TOKEN_SUBMISSION_URL = CONFIG['TOKEN_SUBMISSION_URL']
TOKEN_EXPIRE_TIME = CONFIG['TOKEN_EXPIRE_TIME'] TOKEN_EXPIRE_TIME = CONFIG['TOKEN_EXPIRE_TIME']
DEFAULT_ACTION_SETTINGS = CONFIG['DEFAULT_ACTION_SETTINGS']
TASK_SETTINGS = setup_task_settings( TASK_SETTINGS = setup_task_settings(
CONFIG['DEFAULT_TASK_SETTINGS'], CONFIG['DEFAULT_TASK_SETTINGS'],
CONFIG['DEFAULT_ACTION_SETTINGS'],
CONFIG['TASK_SETTINGS']) CONFIG['TASK_SETTINGS'])
DEFAULT_TASK_SETTINGS = CONFIG['DEFAULT_TASK_SETTINGS']
ACTION_SETTINGS = CONFIG['ACTION_SETTINGS'] DEFAULT_TASK_SETTINGS = CONFIG['DEFAULT_TASK_SETTINGS']
PLUGIN_SETTINGS = CONFIG.get('PLUGIN_SETTINGS', {}) PLUGIN_SETTINGS = CONFIG.get('PLUGIN_SETTINGS', {})

View File

@ -108,6 +108,63 @@ DEFAULT_TASK_SETTINGS = {
} }
} }
DEFAULT_ACTION_SETTINGS = {
'NewProjectAction': {
'default_roles': {
"project_admin", "project_mod", "_member_", "heat_stack_owner"
},
},
'NewProjectWithUserAction': {
'default_roles': {
"project_admin", "project_mod", "_member_", "heat_stack_owner"
},
},
'NewUserAction': {
'allowed_roles': ['project_mod', 'project_admin', "_member_"]
},
'ResetUserPasswordAction': {
'blacklisted_roles': ['admin']
},
'NewDefaultNetworkAction': {
'RegionOne': {
'DNS_NAMESERVERS': ['193.168.1.2', '193.168.1.3'],
'SUBNET_CIDR': '192.168.1.0/24',
'network_name': 'somenetwork',
'public_network': '3cb50f61-5bce-4c03-96e6-8e262e12bb35',
'router_name': 'somerouter',
'subnet_name': 'somesubnet'
},
},
'NewProjectDefaultNetworkAction': {
'RegionOne': {
'DNS_NAMESERVERS': ['193.168.1.2', '193.168.1.3'],
'SUBNET_CIDR': '192.168.1.0/24',
'network_name': 'somenetwork',
'public_network': '3cb50f61-5bce-4c03-96e6-8e262e12bb35',
'router_name': 'somerouter',
'subnet_name': 'somesubnet'
},
},
'AddDefaultUsersToProjectAction': {
'default_users': [
'admin',
],
'default_roles': [
'admin',
],
},
'SetProjectQuotaAction': {
'regions': {
'RegionOne': {
'quota_size': 'small'
},
'RegionTwo': {
'quota_size': 'large'
}
},
},
}
TASK_SETTINGS = { TASK_SETTINGS = {
'invite_user': { 'invite_user': {
'emails': { 'emails': {
@ -172,49 +229,6 @@ TASK_SETTINGS = {
} }
} }
ACTION_SETTINGS = {
'NewProjectAction': {
'default_roles': {
"project_admin", "project_mod", "_member_", "heat_stack_owner"
},
},
'NewUserAction': {
'allowed_roles': ['project_mod', 'project_admin', "_member_"]
},
'ResetUserPasswordAction': {
'blacklisted_roles': ['admin']
},
'NewDefaultNetworkAction': {
'RegionOne': {
'DNS_NAMESERVERS': ['193.168.1.2', '193.168.1.3'],
'SUBNET_CIDR': '192.168.1.0/24',
'network_name': 'somenetwork',
'public_network': '3cb50f61-5bce-4c03-96e6-8e262e12bb35',
'router_name': 'somerouter',
'subnet_name': 'somesubnet'
},
},
'AddDefaultUsersToProjectAction': {
'default_users': [
'admin',
],
'default_roles': [
'admin',
],
},
'SetProjectQuotaAction': {
'regions': {
'RegionOne': {
'quota_size': 'small'
},
'RegionTwo': {
'quota_size': 'large'
}
},
},
}
ROLES_MAPPING = { ROLES_MAPPING = {
'admin': [ 'admin': [
'project_admin', 'project_mod', '_member_', 'heat_stack_owner' 'project_admin', 'project_mod', '_member_', 'heat_stack_owner'
@ -280,7 +294,7 @@ conf_dict = {
"ACTIVE_TASKVIEWS": ACTIVE_TASKVIEWS, "ACTIVE_TASKVIEWS": ACTIVE_TASKVIEWS,
"DEFAULT_TASK_SETTINGS": DEFAULT_TASK_SETTINGS, "DEFAULT_TASK_SETTINGS": DEFAULT_TASK_SETTINGS,
"TASK_SETTINGS": TASK_SETTINGS, "TASK_SETTINGS": TASK_SETTINGS,
"ACTION_SETTINGS": ACTION_SETTINGS, "DEFAULT_ACTION_SETTINGS": DEFAULT_ACTION_SETTINGS,
"TOKEN_SUBMISSION_URL": TOKEN_SUBMISSION_URL, "TOKEN_SUBMISSION_URL": TOKEN_SUBMISSION_URL,
"TOKEN_EXPIRE_TIME": TOKEN_EXPIRE_TIME, "TOKEN_EXPIRE_TIME": TOKEN_EXPIRE_TIME,
"ROLES_MAPPING": ROLES_MAPPING, "ROLES_MAPPING": ROLES_MAPPING,

View File

@ -26,20 +26,21 @@ def dict_merge(a, b):
result = deepcopy(a) result = deepcopy(a)
for k, v in b.iteritems(): for k, v in b.iteritems():
if k in result and isinstance(result[k], dict): if k in result and isinstance(result[k], dict):
result[k] = dict_merge(result[k], v) result[k] = dict_merge(result[k], v)
else: else:
result[k] = deepcopy(v) result[k] = deepcopy(v)
return result return result
def setup_task_settings(default, task_settings): def setup_task_settings(task_defaults, action_defaults, task_settings):
""" """
Cascading merge of the default settings, and the Cascading merge of the default settings, and the
settings for each task_type. settings for each task_type.
""" """
new_task_settings = {} new_task_settings = {}
for task, settings in task_settings.iteritems(): for task, settings in task_settings.iteritems():
new_task_settings[task] = dict_merge(default, settings) task_setting = deepcopy(task_defaults)
task_setting['action_settings'] = deepcopy(action_defaults)
new_task_settings[task] = dict_merge(task_setting, settings)
return new_task_settings return new_task_settings