Merge branch 'master' into net
This commit is contained in:
commit
56a58cc421
|
@ -71,15 +71,35 @@ class UserCommands(object):
|
||||||
for user in self.manager.get_users():
|
for user in self.manager.get_users():
|
||||||
print user.name
|
print user.name
|
||||||
|
|
||||||
def zip(self, name, filename='nova.zip'):
|
class ProjectCommands(object):
|
||||||
|
def __init__(self):
|
||||||
|
self.manager = users.UserManager.instance()
|
||||||
|
|
||||||
|
def create(self, name, project_manager, description=None):
|
||||||
|
"""creates a new project
|
||||||
|
arguments: name project_manager [description]"""
|
||||||
|
user = self.manager.create_project(name, project_manager, description)
|
||||||
|
|
||||||
|
def delete(self, name):
|
||||||
|
"""deletes an existing project
|
||||||
|
arguments: name"""
|
||||||
|
self.manager.delete_project(name)
|
||||||
|
|
||||||
|
def list(self):
|
||||||
|
"""lists all projects
|
||||||
|
arguments: <none>"""
|
||||||
|
for project in self.manager.get_projects():
|
||||||
|
print project.name
|
||||||
|
|
||||||
|
def zip(self, project_id, user_id, filename='nova.zip'):
|
||||||
"""exports credentials for user to a zip file
|
"""exports credentials for user to a zip file
|
||||||
arguments: name [filename='nova.zip]"""
|
arguments: project_id user_id [filename='nova.zip]"""
|
||||||
user = self.manager.get_user(name)
|
project = self.manager.get_project(project_id)
|
||||||
if user:
|
if project:
|
||||||
with open(filename, 'w') as f:
|
with open(filename, 'w') as f:
|
||||||
f.write(user.get_credentials())
|
f.write(project.get_credentials(user_id))
|
||||||
else:
|
else:
|
||||||
print "User %s doesn't exist" % name
|
print "Project %s doesn't exist" % project
|
||||||
|
|
||||||
|
|
||||||
def usage(script_name):
|
def usage(script_name):
|
||||||
|
@ -88,6 +108,7 @@ def usage(script_name):
|
||||||
|
|
||||||
categories = [
|
categories = [
|
||||||
('user', UserCommands),
|
('user', UserCommands),
|
||||||
|
('project', ProjectCommands),
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,11 +1,11 @@
|
||||||
# Copyright [2010] [Anso Labs, LLC]
|
# Copyright [2010] [Anso Labs, LLC]
|
||||||
#
|
#
|
||||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
# you may not use this file except in compliance with the License.
|
# you may not use this file except in compliance with the License.
|
||||||
# You may obtain a copy of the License at
|
# You may obtain a copy of the License at
|
||||||
#
|
#
|
||||||
# http://www.apache.org/licenses/LICENSE-2.0
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
#
|
#
|
||||||
# Unless required by applicable law or agreed to in writing, software
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
@ -13,7 +13,7 @@
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
NOVA_KEY_DIR=$(pushd $(dirname $BASH_SOURCE)>/dev/null; pwd; popd>/dev/null)
|
NOVA_KEY_DIR=$(pushd $(dirname $BASH_SOURCE)>/dev/null; pwd; popd>/dev/null)
|
||||||
export EC2_ACCESS_KEY="%(access)s"
|
export EC2_ACCESS_KEY="%(access)s:%(project)s"
|
||||||
export EC2_SECRET_KEY="%(secret)s"
|
export EC2_SECRET_KEY="%(secret)s"
|
||||||
export EC2_URL="%(ec2)s"
|
export EC2_URL="%(ec2)s"
|
||||||
export S3_URL="%(s3)s"
|
export S3_URL="%(s3)s"
|
||||||
|
|
|
@ -93,9 +93,12 @@ class User(AuthBase):
|
||||||
def is_project_manager(self, project):
|
def is_project_manager(self, project):
|
||||||
return UserManager.instance().is_project_manager(self, project)
|
return UserManager.instance().is_project_manager(self, project)
|
||||||
|
|
||||||
def generate_rc(self):
|
def generate_rc(self, project=None):
|
||||||
|
if project is None:
|
||||||
|
project = self.id
|
||||||
rc = open(FLAGS.credentials_template).read()
|
rc = open(FLAGS.credentials_template).read()
|
||||||
rc = rc % { 'access': self.access,
|
rc = rc % { 'access': self.access,
|
||||||
|
'project': project,
|
||||||
'secret': self.secret,
|
'secret': self.secret,
|
||||||
'ec2': FLAGS.ec2_url,
|
'ec2': FLAGS.ec2_url,
|
||||||
's3': 'http://%s:%s' % (FLAGS.s3_host, FLAGS.s3_port),
|
's3': 'http://%s:%s' % (FLAGS.s3_host, FLAGS.s3_port),
|
||||||
|
@ -168,7 +171,9 @@ class Project(Group):
|
||||||
return User.safe_id(user) == self.project_manager_id
|
return User.safe_id(user) == self.project_manager_id
|
||||||
|
|
||||||
def get_credentials(self, user):
|
def get_credentials(self, user):
|
||||||
rc = user.generate_rc()
|
if not isinstance(user, User):
|
||||||
|
user = UserManager.instance().get_user(user)
|
||||||
|
rc = user.generate_rc(self.id)
|
||||||
private_key, signed_cert = self.generate_x509_cert(user)
|
private_key, signed_cert = self.generate_x509_cert(user)
|
||||||
|
|
||||||
tmpdir = tempfile.mkdtemp()
|
tmpdir = tempfile.mkdtemp()
|
||||||
|
@ -238,7 +243,7 @@ class UserManager(object):
|
||||||
raise exception.NotAuthorized('Signature does not match')
|
raise exception.NotAuthorized('Signature does not match')
|
||||||
return (user, project)
|
return (user, project)
|
||||||
|
|
||||||
def create_project(self, name, manager_user, description, member_users=None):
|
def create_project(self, name, manager_user, description=None, member_users=None):
|
||||||
if member_users:
|
if member_users:
|
||||||
member_users = [User.safe_id(u) for u in member_users]
|
member_users = [User.safe_id(u) for u in member_users]
|
||||||
with LDAPWrapper() as conn:
|
with LDAPWrapper() as conn:
|
||||||
|
@ -462,12 +467,15 @@ class LDAPWrapper(object):
|
||||||
self.conn.add_s(self.__uid_to_dn(name), attr)
|
self.conn.add_s(self.__uid_to_dn(name), attr)
|
||||||
return self.__to_user(dict(attr))
|
return self.__to_user(dict(attr))
|
||||||
|
|
||||||
def create_project(self, name, manager_uid, description, member_uids = None):
|
def create_project(self, name, manager_uid, description=None, member_uids=None):
|
||||||
if self.project_exists(name):
|
if self.project_exists(name):
|
||||||
raise exception.Duplicate("Project can't be created because project %s already exists" % name)
|
raise exception.Duplicate("Project can't be created because project %s already exists" % name)
|
||||||
if not self.user_exists(manager_uid):
|
if not self.user_exists(manager_uid):
|
||||||
raise exception.NotFound("Project can't be created because manager %s doesn't exist" % manager_uid)
|
raise exception.NotFound("Project can't be created because manager %s doesn't exist" % manager_uid)
|
||||||
manager_dn = self.__uid_to_dn(manager_uid)
|
manager_dn = self.__uid_to_dn(manager_uid)
|
||||||
|
# description is a required attribute
|
||||||
|
if description is None:
|
||||||
|
description = name
|
||||||
members = []
|
members = []
|
||||||
if member_uids != None:
|
if member_uids != None:
|
||||||
for member_uid in member_uids:
|
for member_uid in member_uids:
|
||||||
|
|
Loading…
Reference in New Issue