From df1a4c618b56ff611ab1a7c117f68a162b324db1 Mon Sep 17 00:00:00 2001
From: Vishvananda Ishaya <vishvananda@yahoo.com>
Date: Tue, 1 Jun 2010 13:47:10 -0700
Subject: [PATCH 1/2] Fix novarc to use project when creating access key

---
 nova/auth/novarc.template |  8 ++++----
 nova/auth/users.py        | 16 ++++++++++++----
 2 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/nova/auth/novarc.template b/nova/auth/novarc.template
index a993d18829de..ee1bc75f2d17 100644
--- a/nova/auth/novarc.template
+++ b/nova/auth/novarc.template
@@ -1,11 +1,11 @@
 # Copyright [2010] [Anso Labs, LLC]
-# 
+#
 #    Licensed under the Apache License, Version 2.0 (the "License");
 #    you may not use this file except in compliance with the License.
 #    You may obtain a copy of the License at
-# 
+#
 #        http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 #    Unless required by applicable law or agreed to in writing, software
 #    distributed under the License is distributed on an "AS IS" BASIS,
 #    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -13,7 +13,7 @@
 #    limitations under the License.
 
 NOVA_KEY_DIR=$(pushd $(dirname $BASH_SOURCE)>/dev/null; pwd; popd>/dev/null)
-export EC2_ACCESS_KEY="%(access)s"
+export EC2_ACCESS_KEY="%(access)s:%(project)s"
 export EC2_SECRET_KEY="%(secret)s"
 export EC2_URL="%(ec2)s"
 export S3_URL="%(s3)s"
diff --git a/nova/auth/users.py b/nova/auth/users.py
index b09bcfcf2920..c60922feb011 100644
--- a/nova/auth/users.py
+++ b/nova/auth/users.py
@@ -93,9 +93,12 @@ class User(AuthBase):
     def is_project_manager(self, project):
         return UserManager.instance().is_project_manager(self, project)
 
-    def generate_rc(self):
+    def generate_rc(self, project=None):
+        if project is None:
+            project = self.id
         rc = open(FLAGS.credentials_template).read()
         rc = rc % { 'access': self.access,
+                    'project': project,
                     'secret': self.secret,
                     'ec2': FLAGS.ec2_url,
                     's3': 'http://%s:%s' % (FLAGS.s3_host, FLAGS.s3_port),
@@ -168,7 +171,9 @@ class Project(Group):
         return User.safe_id(user) == self.project_manager_id
 
     def get_credentials(self, user):
-        rc = user.generate_rc()
+        if not isinstance(user, User):
+            user = UserManager.instance().get_user(user)
+        rc = user.generate_rc(self.id)
         private_key, signed_cert = self.generate_x509_cert(user)
 
         tmpdir = tempfile.mkdtemp()
@@ -238,7 +243,7 @@ class UserManager(object):
                 raise exception.NotAuthorized('Signature does not match')
         return (user, project)
 
-    def create_project(self, name, manager_user, description, member_users=None):
+    def create_project(self, name, manager_user, description=None, member_users=None):
         if member_users:
             member_users = [User.safe_id(u) for u in member_users]
         with LDAPWrapper() as conn:
@@ -462,12 +467,15 @@ class LDAPWrapper(object):
         self.conn.add_s(self.__uid_to_dn(name), attr)
         return self.__to_user(dict(attr))
 
-    def create_project(self, name, manager_uid, description, member_uids = None):
+    def create_project(self, name, manager_uid, description=None, member_uids=None):
         if self.project_exists(name):
             raise exception.Duplicate("Project can't be created because project %s already exists" % name)
         if not self.user_exists(manager_uid):
             raise exception.NotFound("Project can't be created because manager %s doesn't exist" % manager_uid)
         manager_dn = self.__uid_to_dn(manager_uid)
+        # description is a required attribute
+        if description is None:
+            description = name
         members = []
         if member_uids != None:
             for member_uid in member_uids:

From 79bda65d4e529b132cf2fd599d41d0643f694c52 Mon Sep 17 00:00:00 2001
From: Vishvananda Ishaya <vishvananda@yahoo.com>
Date: Tue, 1 Jun 2010 13:48:06 -0700
Subject: [PATCH 2/2] Add project methods to nova-manage

---
 bin/nova-manage | 33 +++++++++++++++++++++++++++------
 1 file changed, 27 insertions(+), 6 deletions(-)

diff --git a/bin/nova-manage b/bin/nova-manage
index d2108626b982..765eb1f53cfe 100755
--- a/bin/nova-manage
+++ b/bin/nova-manage
@@ -71,15 +71,35 @@ class UserCommands(object):
         for user in self.manager.get_users():
             print user.name
 
-    def zip(self, name, filename='nova.zip'):
+class ProjectCommands(object):
+    def __init__(self):
+        self.manager = users.UserManager.instance()
+
+    def create(self, name, project_manager, description=None):
+        """creates a new project
+        arguments: name project_manager [description]"""
+        user = self.manager.create_project(name, project_manager, description)
+
+    def delete(self, name):
+        """deletes an existing project
+        arguments: name"""
+        self.manager.delete_project(name)
+
+    def list(self):
+        """lists all projects
+        arguments: <none>"""
+        for project in self.manager.get_projects():
+            print project.name
+
+    def zip(self, project_id, user_id, filename='nova.zip'):
         """exports credentials for user to a zip file
-        arguments: name [filename='nova.zip]"""
-        user = self.manager.get_user(name)
-        if user:
+        arguments: project_id user_id [filename='nova.zip]"""
+        project = self.manager.get_project(project_id)
+        if project:
             with open(filename, 'w') as f:
-                f.write(user.get_credentials())
+                f.write(project.get_credentials(user_id))
         else:
-            print "User %s doesn't exist" % name
+            print "Project %s doesn't exist" % project
 
 
 def usage(script_name):
@@ -88,6 +108,7 @@ def usage(script_name):
 
 categories = [
     ('user', UserCommands),
+    ('project', ProjectCommands),
 ]