openstack
/
deb-aodh
Code Issues Proposed changes

Merge "Don't create multiple trust IDs per alarm"

This commit is contained in:
Jenkins 2017-01-04 15:40:34 +00:00 committed by Gerrit Code Review
parent a68e872174 2d15753924
commit 5363ff8500
1 changed files with 37 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
aodh/api/controllers/v2/alarms.py
View File

@ -386,6 +386,16 @@ class Alarm(base.Base):
def _is_trust_url(url): def _is_trust_url(url):
return url.scheme.startswith('trust+') return url.scheme.startswith('trust+')
def _get_existing_trust_ids(self):
for action in itertools.chain(self.ok_actions or [],
self.alarm_actions or [],
self.insufficient_data_actions or []):
url = netutils.urlsplit(action)
if self._is_trust_url(url):
trust_id = url.username
if trust_id and url.password == 'delete':
yield trust_id
def update_actions(self, old_alarm=None): def update_actions(self, old_alarm=None):
trustor_user_id = pecan.request.headers.get('X-User-Id') trustor_user_id = pecan.request.headers.get('X-User-Id')
trustor_project_id = pecan.request.headers.get('X-Project-Id') trustor_project_id = pecan.request.headers.get('X-Project-Id')
@ -395,46 +405,48 @@ class Alarm(base.Base):
else: else:
roles = [] roles = []
auth_plugin = pecan.request.environ.get('keystone.token_auth') auth_plugin = pecan.request.environ.get('keystone.token_auth')
if old_alarm:
prev_trust_ids = set(old_alarm._get_existing_trust_ids())
else:
prev_trust_ids = set()
trust_id = prev_trust_ids.pop() if prev_trust_ids else None
trust_id_used = False
for actions in (self.ok_actions, self.alarm_actions, for actions in (self.ok_actions, self.alarm_actions,
self.insufficient_data_actions): self.insufficient_data_actions):
if actions is not None: if actions is not None:
for index, action in enumerate(actions[:]): for index, action in enumerate(actions[:]):
url = netutils.urlsplit(action) url = netutils.urlsplit(action)
if self._is_trust_url(url): if self._is_trust_url(url):
if '@' not in url.netloc: if '@' in url.netloc:
continue
if trust_id is None:
# We have a trust action without a trust ID, # We have a trust action without a trust ID,
# create it # create it
trust_id = keystone_client.create_trust_id( trust_id = keystone_client.create_trust_id(
pecan.request.cfg, pecan.request.cfg,
trustor_user_id, trustor_project_id, roles, trustor_user_id, trustor_project_id, roles,
auth_plugin) auth_plugin)
netloc = '%s:delete@%s' % (trust_id, url.netloc) if trust_id_used:
url = list(url) pw = ''
url[1] = netloc else:
actions[index] = urlparse.urlunsplit(url) pw = ':delete'
if old_alarm: trust_id_used = True
new_actions = list(itertools.chain( netloc = '%s%s@%s' % (trust_id, pw, url.netloc)
self.ok_actions or [], url = urlparse.SplitResult(url.scheme, netloc,
self.alarm_actions or [], url.path, url.query,
self.insufficient_data_actions or [])) url.fragment)
for action in itertools.chain( actions[index] = url.geturl()
old_alarm.ok_actions or [], if trust_id is not None and not trust_id_used:
old_alarm.alarm_actions or [], prev_trust_ids.add(trust_id)
old_alarm.insufficient_data_actions or []): for old_trust_id in prev_trust_ids:
if action not in new_actions: keystone_client.delete_trust_id(old_trust_id, auth_plugin)
self.delete_trust(action)
def delete_actions(self): def delete_actions(self):
for action in itertools.chain(self.ok_actions or [],
self.alarm_actions or [],
self.insufficient_data_actions or []):
self.delete_trust(action)
def delete_trust(self, action):
auth_plugin = pecan.request.environ.get('keystone.token_auth') auth_plugin = pecan.request.environ.get('keystone.token_auth')
url = netutils.urlsplit(action) for trust_id in self._get_existing_trust_ids():
if self._is_trust_url(url) and url.password: keystone_client.delete_trust_id(trust_id, auth_plugin)
keystone_client.delete_trust_id(url.username, auth_plugin)
Alarm.add_attributes(**{"%s_rule" % ext.name: ext.plugin Alarm.add_attributes(**{"%s_rule" % ext.name: ext.plugin