Merge "Ability to retrieve current/owner user/project"
This commit is contained in:
commit
edf6394dbe
@ -35,6 +35,8 @@ Classes:
|
||||
io.murano.StackTrace: StackTrace.yaml
|
||||
io.murano.SharedIp: SharedIp.yaml
|
||||
io.murano.File: File.yaml
|
||||
io.murano.User: User.yaml
|
||||
io.murano.Project: Project.yaml
|
||||
|
||||
|
||||
io.murano.configuration.Linux: configuration/Linux.yaml
|
||||
|
@ -57,7 +57,7 @@ class Controller(object):
|
||||
raise exc.HTTPForbidden()
|
||||
|
||||
task_id = actions.ActionServices.execute(
|
||||
action_id, session, unit, request.context.auth_token, body or {})
|
||||
action_id, session, unit, request.context, body or {})
|
||||
return {'task_id': task_id}
|
||||
|
||||
@verify_env
|
||||
|
@ -133,7 +133,7 @@ class Controller(object):
|
||||
|
||||
envs.EnvironmentServices.deploy(session,
|
||||
unit,
|
||||
request.context.auth_token)
|
||||
request.context)
|
||||
|
||||
|
||||
def create_resource():
|
||||
|
@ -47,7 +47,8 @@ class Controller(object):
|
||||
|
||||
credentials = {
|
||||
'token': request.context.auth_token,
|
||||
'tenant_id': request.context.tenant
|
||||
'project_id': request.context.tenant,
|
||||
'user_id': request.context.user
|
||||
}
|
||||
|
||||
try:
|
||||
|
@ -176,3 +176,13 @@ def get_session_client_parameters(service_type=None,
|
||||
'region_name': region
|
||||
})
|
||||
return result
|
||||
|
||||
|
||||
def get_user(uid):
|
||||
client = _create_keystone_admin_client()
|
||||
return client.users.get(uid).to_dict()
|
||||
|
||||
|
||||
def get_project(pid):
|
||||
client = _create_keystone_admin_client()
|
||||
return client.projects.get(pid).to_dict()
|
||||
|
@ -182,7 +182,10 @@ class TaskExecutor(object):
|
||||
self._model = task['model']
|
||||
self._session = execution_session.ExecutionSession()
|
||||
self._session.token = task['token']
|
||||
self._session.project_id = task['tenant_id']
|
||||
self._session.project_id = task['project_id']
|
||||
self._session.user_id = task['user_id']
|
||||
self._session.environment_owner_project_id = self._model['project_id']
|
||||
self._session.environment_owner_user_id = self._model['user_id']
|
||||
self._session.system_attributes = self._model.get('SystemData', {})
|
||||
self._reporter = reporter
|
||||
|
||||
@ -202,6 +205,8 @@ class TaskExecutor(object):
|
||||
self._session.system_attributes[
|
||||
'Packages'] = pkg_loader.export_fixation_table()
|
||||
self._model['SystemData'] = self._session.system_attributes
|
||||
self._model['project_id'] = self._session.environment_owner_project_id
|
||||
self._model['user_id'] = self._session.environment_owner_user_id
|
||||
result['model'] = self._model
|
||||
|
||||
if (not self._model.get('Objects') and
|
||||
@ -335,7 +340,8 @@ class StaticActionExecutor(object):
|
||||
self._action = task['action']
|
||||
self._session = execution_session.ExecutionSession()
|
||||
self._session.token = task['token']
|
||||
self._session.project_id = task['tenant_id']
|
||||
self._session.project_id = task['project_id']
|
||||
self._session.user_id = task['user_id']
|
||||
self._reporter = reporter
|
||||
self._model_policy_enforcer = enforcer.ModelPolicyEnforcer(
|
||||
self._session)
|
||||
|
@ -108,13 +108,15 @@ class EnvironmentServices(object):
|
||||
network_driver)
|
||||
objects['?']['type'] = 'io.murano.Environment'
|
||||
objects['?']['metadata'] = {}
|
||||
environment_params['tenant_id'] = context.tenant
|
||||
|
||||
data = {
|
||||
'Objects': objects,
|
||||
'Attributes': []
|
||||
'Attributes': [],
|
||||
'project_id': context.tenant,
|
||||
'user_id': context.user
|
||||
}
|
||||
|
||||
environment_params['tenant_id'] = context.tenant
|
||||
environment = models.Environment()
|
||||
environment.update(environment_params)
|
||||
|
||||
@ -235,7 +237,7 @@ class EnvironmentServices(object):
|
||||
}
|
||||
|
||||
@staticmethod
|
||||
def deploy(session, unit, token):
|
||||
def deploy(session, unit, context):
|
||||
environment = unit.query(models.Environment).get(
|
||||
session.environment_id)
|
||||
|
||||
@ -243,7 +245,8 @@ class EnvironmentServices(object):
|
||||
'ObjectsCopy' not in session.description):
|
||||
EnvironmentServices.remove(session.environment_id)
|
||||
else:
|
||||
sessions.SessionServices.deploy(session, environment, unit, token)
|
||||
sessions.SessionServices.deploy(
|
||||
session, environment, unit, context)
|
||||
|
||||
@staticmethod
|
||||
def _objectify(data, replacements):
|
||||
|
@ -102,7 +102,7 @@ class SessionServices(object):
|
||||
return True
|
||||
|
||||
@staticmethod
|
||||
def deploy(session, environment, unit, token):
|
||||
def deploy(session, environment, unit, context):
|
||||
"""Prepares and deployes environment
|
||||
|
||||
Prepares environment for deployment and send deployment command to
|
||||
@ -118,4 +118,4 @@ class SessionServices(object):
|
||||
actions.ActionServices.submit_task(
|
||||
action_name, environment.id,
|
||||
{}, environment, session,
|
||||
token, unit)
|
||||
context, unit)
|
||||
|
@ -381,3 +381,9 @@ def spawn(func, *args, **kwargs):
|
||||
return func(*args, **kwargs)
|
||||
|
||||
return eventlet.spawn(wrapper)
|
||||
|
||||
|
||||
def new(properties, owner=None, type=None):
|
||||
context = helpers.get_context()
|
||||
return helpers.get_object_store().load(
|
||||
properties, owner, type or get_this(context).type, context=context)
|
||||
|
@ -24,6 +24,9 @@ class ExecutionSession(object):
|
||||
def __init__(self):
|
||||
self.token = None
|
||||
self.project_id = None
|
||||
self.user_id = None
|
||||
self.environment_owner_project_id = None
|
||||
self.environment_owner_user_id = None
|
||||
self.trust_id = None
|
||||
self.system_attributes = {}
|
||||
self._set_up_list = []
|
||||
|
46
murano/engine/system/project.py
Normal file
46
murano/engine/system/project.py
Normal file
@ -0,0 +1,46 @@
|
||||
# Copyright (c) 2016 Mirantis Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
# implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
from murano.common import auth_utils
|
||||
from murano.dsl import dsl
|
||||
from murano.dsl import helpers
|
||||
|
||||
|
||||
@dsl.name('io.murano.Project')
|
||||
class Project(object):
|
||||
@classmethod
|
||||
def get_current(cls):
|
||||
fields = auth_utils.get_project(
|
||||
helpers.get_execution_session().project_id)
|
||||
return cls._to_object(fields)
|
||||
|
||||
@classmethod
|
||||
def get_environment_owner(cls):
|
||||
fields = auth_utils.get_project(
|
||||
helpers.get_execution_session().environment_owner_project_id)
|
||||
return cls._to_object(fields)
|
||||
|
||||
@staticmethod
|
||||
def _to_object(fields):
|
||||
for field in ('links', 'parent_id', 'enabled'):
|
||||
fields.pop(field, None)
|
||||
obj_def = {
|
||||
'id': fields.pop('id'),
|
||||
'name': fields.pop('name'),
|
||||
'domain': fields.pop('domain_id', 'Default'),
|
||||
'description': fields.pop('description', None),
|
||||
'extra': fields
|
||||
}
|
||||
return dsl.new(obj_def)
|
@ -20,9 +20,11 @@ from murano.engine.system import instance_reporter
|
||||
from murano.engine.system import logger
|
||||
from murano.engine.system import metadef_browser
|
||||
from murano.engine.system import net_explorer
|
||||
from murano.engine.system import project
|
||||
from murano.engine.system import resource_manager
|
||||
from murano.engine.system import status_reporter
|
||||
from murano.engine.system import test_fixture
|
||||
from murano.engine.system import user
|
||||
from murano.engine.system import workflowclient
|
||||
|
||||
|
||||
@ -38,3 +40,5 @@ def register(package):
|
||||
package.register_class(test_fixture.TestFixture)
|
||||
package.register_class(workflowclient.MistralClient)
|
||||
package.register_class(metadef_browser.MetadefBrowser)
|
||||
package.register_class(user.User)
|
||||
package.register_class(project.Project)
|
||||
|
46
murano/engine/system/user.py
Normal file
46
murano/engine/system/user.py
Normal file
@ -0,0 +1,46 @@
|
||||
# Copyright (c) 2016 Mirantis Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
# implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
from murano.common import auth_utils
|
||||
from murano.dsl import dsl
|
||||
from murano.dsl import helpers
|
||||
|
||||
|
||||
@dsl.name('io.murano.User')
|
||||
class User(object):
|
||||
@classmethod
|
||||
def get_current(cls):
|
||||
fields = auth_utils.get_user(helpers.get_execution_session().user_id)
|
||||
return cls._to_object(fields)
|
||||
|
||||
@classmethod
|
||||
def get_environment_owner(cls):
|
||||
fields = auth_utils.get_user(
|
||||
helpers.get_execution_session().environment_owner_user_id)
|
||||
return cls._to_object(fields)
|
||||
|
||||
@staticmethod
|
||||
def _to_object(fields):
|
||||
fields = dict(fields)
|
||||
for field in ('links', 'enabled', 'default_project_id'):
|
||||
fields.pop(field, None)
|
||||
obj_def = {
|
||||
'id': fields.pop('id'),
|
||||
'name': fields.pop('name'),
|
||||
'domain': fields.pop('domain_id', 'Default'),
|
||||
'email': fields.pop('email', None),
|
||||
'extra': fields
|
||||
}
|
||||
return dsl.new(obj_def)
|
@ -19,7 +19,7 @@ from murano.services import states
|
||||
class ActionServices(object):
|
||||
@staticmethod
|
||||
def create_action_task(action_name, target_obj,
|
||||
args, environment, session, token):
|
||||
args, environment, session, context):
|
||||
action = None
|
||||
if action_name and target_obj:
|
||||
action = {
|
||||
@ -30,8 +30,9 @@ class ActionServices(object):
|
||||
task = {
|
||||
'action': action,
|
||||
'model': session.description,
|
||||
'token': token,
|
||||
'tenant_id': environment.tenant_id,
|
||||
'token': context.auth_token,
|
||||
'project_id': context.tenant,
|
||||
'user_id': context.user,
|
||||
'id': environment.id
|
||||
}
|
||||
if session.description['Objects'] is not None:
|
||||
@ -58,16 +59,16 @@ class ActionServices(object):
|
||||
|
||||
@staticmethod
|
||||
def submit_task(action_name, target_obj,
|
||||
args, environment, session, token, unit):
|
||||
args, environment, session, context, unit):
|
||||
task = ActionServices.create_action_task(
|
||||
action_name, target_obj, args,
|
||||
environment, session, token)
|
||||
environment, session, context)
|
||||
task_id = actions_db.update_task(action_name, session, task, unit)
|
||||
rpc.engine().handle_task(task)
|
||||
return task_id
|
||||
|
||||
@staticmethod
|
||||
def execute(action_id, session, unit, token, args=None):
|
||||
def execute(action_id, session, unit, context, args=None):
|
||||
if args is None:
|
||||
args = {}
|
||||
environment = actions_db.get_environment(session, unit)
|
||||
@ -79,7 +80,7 @@ class ActionServices(object):
|
||||
|
||||
return ActionServices.submit_task(
|
||||
action[1]['name'], action[0], args, environment,
|
||||
session, token, unit)
|
||||
session, context, unit)
|
||||
|
||||
@staticmethod
|
||||
def find_action(model, action_id):
|
||||
|
@ -30,7 +30,8 @@ class StaticActionServices(object):
|
||||
task = {
|
||||
'action': action,
|
||||
'token': credentials['token'],
|
||||
'tenant_id': credentials['tenant_id'],
|
||||
'project_id': credentials['project_id'],
|
||||
'user_id': credentials['user_id'],
|
||||
'id': str(uuid.uuid4())
|
||||
}
|
||||
return rpc.engine().call_static_action(task)
|
||||
|
@ -115,6 +115,7 @@ class ControllerTest(object):
|
||||
# cfg.CONF.set_default('host', 'server.test')
|
||||
self.api_version = '1.0'
|
||||
self.tenant = 'test_tenant'
|
||||
self.user = 'test_user'
|
||||
self.mock_policy_check = None
|
||||
self.mapper = routes.Mapper()
|
||||
self.api = router.API(self.mapper)
|
||||
|
@ -71,7 +71,8 @@ class TestActionsApi(tb.ControllerTest, tb.MuranoApiTestCase):
|
||||
'method': 'Testaction',
|
||||
'object_id': '12345'
|
||||
},
|
||||
'tenant_id': self.tenant,
|
||||
'project_id': self.tenant,
|
||||
'user_id': self.user,
|
||||
'model': {
|
||||
'Attributes': {},
|
||||
'Objects': {
|
||||
|
@ -48,7 +48,8 @@ class TestStaticActionsApi(tb.ControllerTest, tb.MuranoApiTestCase):
|
||||
rpc_task = {
|
||||
'action': action,
|
||||
'token': None,
|
||||
'tenant_id': 'test_tenant',
|
||||
'project_id': 'test_tenant',
|
||||
'user_id': 'test_user',
|
||||
'id': mock.ANY
|
||||
}
|
||||
|
||||
|
@ -72,15 +72,23 @@ class TestTaskExecutor(base.MuranoTestCase):
|
||||
'SystemData': {
|
||||
'Packages': 'my_packages'
|
||||
},
|
||||
'project_id': 'my_tenant_id',
|
||||
'user_id': 'my_user_id'
|
||||
},
|
||||
'token': 'my_token',
|
||||
'tenant_id': 'my_tenant_id',
|
||||
'project_id': 'my_tenant_id',
|
||||
'user_id': 'my_user_id',
|
||||
'id': 'my_env_id'
|
||||
}
|
||||
self.task_executor = engine.TaskExecutor(self.task)
|
||||
self.task_executor._model = self.task['model']
|
||||
self.task_executor._session.token = self.task['token']
|
||||
self.task_executor._session.project_id = self.task['tenant_id']
|
||||
self.task_executor._session.project_id = self.task['project_id']
|
||||
self.task_executor._session.user_id = self.task['user_id']
|
||||
self.task_executor._session.environment_owner_project_id_ = \
|
||||
self.task['model']['project_id']
|
||||
self.task_executor._session.environment_owner_user_id = \
|
||||
self.task['model']['user_id']
|
||||
(self.task_executor._session
|
||||
.system_attributes) = (self.task_executor._model.
|
||||
get('SystemData', {}))
|
||||
@ -155,7 +163,8 @@ class TestStaticActionExecutor(base.MuranoTestCase):
|
||||
self.task = {
|
||||
'action': self.action,
|
||||
'token': 'test_token',
|
||||
'tenant_id': 'test_tenant',
|
||||
'project_id': 'test_tenant',
|
||||
'user_id': 'test_user',
|
||||
'id': 'test_task_id'
|
||||
}
|
||||
self.task_executor = engine.StaticActionExecutor(self.task)
|
||||
@ -262,9 +271,14 @@ class TestTaskProcessingEndpoint(base.MuranoTestCase):
|
||||
}
|
||||
self.task = {
|
||||
'action': self.action,
|
||||
'model': {'SystemData': {'TrustId': 'test_trust_id'}},
|
||||
'model': {
|
||||
'SystemData': {'TrustId': 'test_trust_id'},
|
||||
'project_id': 'test_tenant',
|
||||
'user_id': 'test_user'
|
||||
},
|
||||
'token': 'test_token',
|
||||
'tenant_id': 'test_tenant',
|
||||
'project_id': 'test_tenant',
|
||||
'user_id': 'test_user',
|
||||
'id': 'test_task_id'
|
||||
}
|
||||
context_manager = mock_context_manager.MockContextManager()
|
||||
@ -309,7 +323,8 @@ class TestStaticActionEndpoint(base.MuranoTestCase):
|
||||
'action': self.action,
|
||||
'model': {'SystemData': {'TrustId': 'test_trust_id'}},
|
||||
'token': 'test_token',
|
||||
'tenant_id': 'test_tenant',
|
||||
'project_id': 'test_tenant',
|
||||
'user_id': 'test_user',
|
||||
'id': 'test_task_id'
|
||||
}
|
||||
context_manager = mock_context_manager.MockContextManager()
|
||||
|
@ -36,9 +36,13 @@ class TestModelPolicyEnforcer(base.MuranoTestCase):
|
||||
|
||||
self.task = {
|
||||
'action': {'method': 'deploy'},
|
||||
'model': {'Objects': None},
|
||||
'model': {'Objects': None,
|
||||
'project_id': 'tenant',
|
||||
'user_id': 'user'
|
||||
},
|
||||
'token': 'token',
|
||||
'tenant_id': 'environment.tenant_id',
|
||||
'project_id': 'tenant',
|
||||
'user_id': 'user',
|
||||
'id': 'environment.id'
|
||||
}
|
||||
|
||||
|
@ -34,11 +34,14 @@ class TestActions(test_base.MuranoTestCase):
|
||||
},
|
||||
'applications': [],
|
||||
'services': ['service1', 'service2']
|
||||
}
|
||||
},
|
||||
'project_id': 'XXX',
|
||||
'user_id': 'YYY'
|
||||
}
|
||||
mock_session = mock.MagicMock(description=mock_description)
|
||||
mock_token = 'test_token'
|
||||
|
||||
mock_context = mock.Mock(auth_token='test_token',
|
||||
tenant='test_tenant',
|
||||
user='test_user')
|
||||
expected_task = {
|
||||
'action': {
|
||||
'object_id': mock_target_obj,
|
||||
@ -52,10 +55,13 @@ class TestActions(test_base.MuranoTestCase):
|
||||
},
|
||||
'applications':
|
||||
mock_session.description['Objects']['services']
|
||||
}
|
||||
},
|
||||
'token': mock_token,
|
||||
'tenant_id': mock_environment.tenant_id,
|
||||
'project_id': 'XXX',
|
||||
'user_id': 'YYY'
|
||||
},
|
||||
'token': 'test_token',
|
||||
'project_id': 'test_tenant',
|
||||
'user_id': 'test_user',
|
||||
'id': mock_environment.id
|
||||
}
|
||||
|
||||
@ -64,7 +70,7 @@ class TestActions(test_base.MuranoTestCase):
|
||||
mock_args,
|
||||
mock_environment,
|
||||
mock_session,
|
||||
mock_token)
|
||||
mock_context)
|
||||
|
||||
self.assertEqual(expected_task, task)
|
||||
|
||||
@ -115,7 +121,10 @@ class TestActions(test_base.MuranoTestCase):
|
||||
test_args = 'test_args'
|
||||
test_environment = 'test_environment'
|
||||
test_session = 'test_session'
|
||||
test_token = 'test_token'
|
||||
context = mock.Mock()
|
||||
context.auth_token = 'test_token'
|
||||
context.tenant = 'test_tenant'
|
||||
context.user = 'test_user'
|
||||
test_unit = 'test_unit'
|
||||
|
||||
task_id = actions.ActionServices.submit_task(test_action_name,
|
||||
@ -123,7 +132,7 @@ class TestActions(test_base.MuranoTestCase):
|
||||
test_args,
|
||||
test_environment,
|
||||
test_session,
|
||||
test_token,
|
||||
context,
|
||||
test_unit)
|
||||
|
||||
self.assertEqual('123', task_id)
|
||||
@ -132,7 +141,7 @@ class TestActions(test_base.MuranoTestCase):
|
||||
test_args,
|
||||
test_environment,
|
||||
test_session,
|
||||
test_token)
|
||||
context)
|
||||
mock_update_task.assert_called_once_with(test_action_name,
|
||||
test_session, mock_task,
|
||||
test_unit)
|
||||
|
5
releasenotes/notes/user-project-6173d7282765b5ca.yaml
Normal file
5
releasenotes/notes/user-project-6173d7282765b5ca.yaml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
features:
|
||||
- Added classes that represent OpenStack user and project
|
||||
- Added ability to retrieve current user and project info
|
||||
- Added ability to retrieve environment owner user and project info
|
Loading…
Reference in New Issue
Block a user