2b846515f3
This patch supports using domain scoped tokens against keystone v3. Use Cases: Cloud Admin - view and manage identity resources across domains Domain Admin - view and manage identity resources in the domain logged in User - view identity project in the domain logged in Regression: Supports keystone v2 through local_settings.py configuration Supports keystone v3 with multidomain = False Supports keystone v3 with mulitdomain = True Relates to https://review.openstack.org/#/c/141153/ Background on how to test is here https://wiki.openstack.org/wiki/Horizon/DomainWorkFlow Co-Authored-By: Brad Pokorny <Brad_Pokorny@symantec.com> Co-Authored-By: Brian Tully <brian.tully@hp.com> Co-Authored-By: Michael Hagedorn <mike.hagedorn@hp.com> Co-Authored-By: woomatt <matt.wood@hp.com> Partially Implements: blueprint domain-scoped-tokens Closes-Bug: #1413851 Change-Id: Iaa19bfef9b0c70304ff81d083c62b218b2d02479
91 lines
3.4 KiB
Python
91 lines
3.4 KiB
Python
# Copyright 2013 Hewlett-Packard Development Company, L.P.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
from django.core.urlresolvers import reverse
|
|
from django.utils.translation import ugettext_lazy as _
|
|
|
|
from horizon import exceptions
|
|
from horizon import messages
|
|
from horizon import tables
|
|
from horizon import workflows
|
|
|
|
from openstack_dashboard import api
|
|
from openstack_dashboard import policy
|
|
|
|
from openstack_dashboard.dashboards.identity.domains import constants
|
|
from openstack_dashboard.dashboards.identity.domains \
|
|
import tables as project_tables
|
|
from openstack_dashboard.dashboards.identity.domains \
|
|
import workflows as project_workflows
|
|
|
|
|
|
class IndexView(tables.DataTableView):
|
|
table_class = project_tables.DomainsTable
|
|
template_name = constants.DOMAINS_INDEX_VIEW_TEMPLATE
|
|
page_title = _("Domains")
|
|
|
|
def get_data(self):
|
|
domains = []
|
|
domain_id = api.keystone.get_effective_domain_id(self.request)
|
|
|
|
if policy.check((("identity", "identity:list_domains"),),
|
|
self.request):
|
|
try:
|
|
if domain_id:
|
|
domain = api.keystone.domain_get(self.request, domain_id)
|
|
domains.append(domain)
|
|
else:
|
|
domains = api.keystone.domain_list(self.request)
|
|
except Exception:
|
|
exceptions.handle(self.request,
|
|
_('Unable to retrieve domain list.'))
|
|
elif policy.check((("identity", "identity:get_domain"),),
|
|
self.request):
|
|
try:
|
|
domain = api.keystone.domain_get(self.request, domain_id)
|
|
domains.append(domain)
|
|
except Exception:
|
|
exceptions.handle(self.request,
|
|
_('Unable to retrieve domain information.'))
|
|
else:
|
|
msg = _("Insufficient privilege level to view domain information.")
|
|
messages.info(self.request, msg)
|
|
return domains
|
|
|
|
|
|
class CreateDomainView(workflows.WorkflowView):
|
|
workflow_class = project_workflows.CreateDomain
|
|
|
|
|
|
class UpdateDomainView(workflows.WorkflowView):
|
|
workflow_class = project_workflows.UpdateDomain
|
|
|
|
def get_initial(self):
|
|
initial = super(UpdateDomainView, self).get_initial()
|
|
|
|
domain_id = self.kwargs['domain_id']
|
|
initial['domain_id'] = domain_id
|
|
|
|
try:
|
|
# get initial domain info
|
|
domain_info = api.keystone.domain_get(self.request,
|
|
domain_id)
|
|
for field in constants.DOMAIN_INFO_FIELDS:
|
|
initial[field] = getattr(domain_info, field, None)
|
|
except Exception:
|
|
exceptions.handle(self.request,
|
|
_('Unable to retrieve domain details.'),
|
|
redirect=reverse(constants.DOMAINS_INDEX_URL))
|
|
return initial
|