python-troveclient/troveclient/v1/users.py

# Copyright (c) 2011 OpenStack Foundation
# All Rights Reserved.
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.

from troveclient import base
from troveclient.v1 import databases
from troveclient.common import check_for_exceptions
from troveclient.common import limit_url
from troveclient.common import Paginated
from troveclient.common import quote_user_host
import urlparse


class User(base.Resource):
    """
    A database user
    """
    def __repr__(self):
        return "<User: %s>" % self.name


class Users(base.ManagerWithFind):
    """
    Manage :class:`Users` resources.
    """
    resource_class = User

    def create(self, instance_id, users):
        """
        Create users with permissions to the specified databases
        """
        body = {"users": users}
        url = "/instances/%s/users" % instance_id
        resp, body = self.api.client.post(url, body=body)
        check_for_exceptions(resp, body)

    def delete(self, instance_id, username, hostname=None):
        """Delete an existing user in the specified instance"""
        user = quote_user_host(username, hostname)
        url = "/instances/%s/users/%s" % (instance_id, user)
        resp, body = self.api.client.delete(url)
        check_for_exceptions(resp, body)

    def _list(self, url, response_key, limit=None, marker=None):
        resp, body = self.api.client.get(limit_url(url, limit, marker))
        check_for_exceptions(resp, body)
        if not body:
            raise Exception("Call to " + url +
                            " did not return a body.")
        links = body.get('links', [])
        next_links = [link['href'] for link in links if link['rel'] == 'next']
        next_marker = None
        for link in next_links:
            # Extract the marker from the url.
            parsed_url = urlparse.urlparse(link)
            query_dict = dict(urlparse.parse_qsl(parsed_url.query))
            next_marker = query_dict.get('marker', None)
        users = [self.resource_class(self, res) for res in body[response_key]]
        return Paginated(users, next_marker=next_marker, links=links)

    def list(self, instance, limit=None, marker=None):
        """
        Get a list of all Users from the instance's Database.

        :rtype: list of :class:`User`.
        """
        return self._list("/instances/%s/users" % base.getid(instance),
                          "users", limit, marker)

    def get(self, instance_id, username, hostname=None):
        """
        Get a single User from the instance's Database.

        :rtype: :class:`User`.
        """
        user = quote_user_host(username, hostname)
        url = "/instances/%s/users/%s" % (instance_id, user)
        return self._get(url, "user")

    def update_attributes(self, instance, username, newuserattr=None,
                          hostname=None):
        """
        Update attributes of a single User in an instance.

        :rtype: :class:`User`.
        """
        instance_id = base.getid(instance)
        user = quote_user_host(username, hostname)
        user_dict = {}
        if not newuserattr:
            newuserattr = {}
        else:
            user_dict['user'] = newuserattr
        url = "/instances/%s/users/%s" % (instance_id, user)
        resp, body = self.api.client.put(url, body=user_dict)
        check_for_exceptions(resp, body)

    def list_access(self, instance, username, hostname=None):
        """Show all databases the given user has access to. """
        instance_id = base.getid(instance)
        user = quote_user_host(username, hostname)
        url = "/instances/%(instance_id)s/users/%(user)s/databases"
        local_vars = locals()
        resp, body = self.api.client.get(url % local_vars)
        check_for_exceptions(resp, body)
        if not body:
            raise Exception("Call to %s did not return to a body" % url)
        return [databases.Database(self, db) for db in body['databases']]

    def grant(self, instance, username, databases, hostname=None):
        """Allow an existing user permissions to access a database."""
        instance_id = base.getid(instance)
        user = quote_user_host(username, hostname)
        url = "/instances/%(instance_id)s/users/%(user)s/databases"
        dbs = {'databases': [{'name': db} for db in databases]}
        local_vars = locals()
        resp, body = self.api.client.put(url % local_vars, body=dbs)
        check_for_exceptions(resp, body)

    def revoke(self, instance, username, database, hostname=None):
        """Revoke from an existing user access permissions to a database."""
        instance_id = base.getid(instance)
        user = quote_user_host(username, hostname)
        url = ("/instances/%(instance_id)s/users/%(user)s/"
               "databases/%(database)s")
        local_vars = locals()
        resp, body = self.api.client.delete(url % local_vars)
        check_for_exceptions(resp, body)

    def change_passwords(self, instance, users):
        """Change the password for one or more users."""
        instance_id = base.getid(instance)
        user_dict = {"users": users}
        url = "/instances/%s/users" % instance_id
        resp, body = self.api.client.put(url, body=user_dict)
        check_for_exceptions(resp, body)
Replace OpenStack LLC with OpenStack Foundation Some files still use trademark OpenStack LLC in header, which should be changed to OpenStack Foundation. Change-Id: Ib30cd06cdd13b9f949e028753716aa55736f4a40 Fixes-Bug: #1214176 2013-09-20 05:09:03 +08:00			`# Copyright (c) 2011 OpenStack Foundation`
Initial copy of reddwarfclient from reddwarf project. 2012-03-07 08:04:53 -06:00			`# All Rights Reserved.`
			`#`
			`# Licensed under the Apache License, Version 2.0 (the "License"); you may`
			`# not use this file except in compliance with the License. You may obtain`
			`# a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT`
			`# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the`
			`# License for the specific language governing permissions and limitations`
			`# under the License.`

Rename from reddwarf to trove. Implements Blueprint reddwarf-trove-rename Change-Id: Ib2d694c7466887ca297bea4250eca17cdc06b7bf 2013-06-17 23:34:27 -07:00			`from troveclient import base`
Massive refactoring to the troveclient The new client adheres to the standards of the other clients now. It prints out tables, uses ENVVAR's for auth, no longer stores pickled json in a login token, uses openstack common, and moves the cli operations into a v1 module for the future of trove when it has a v2 api. Please note for compatibility, the troveclient.compat module has the old cli. In order to deploy it, amend the setup.cfg to include the compat module. implements blueprint cli-compliance-upgrade Change-Id: Ie69d9dbc75ce90496da316244c97acca1877a327 2013-09-26 22:26:02 -07:00			`from troveclient.v1 import databases`
Rename from reddwarf to trove. Implements Blueprint reddwarf-trove-rename Change-Id: Ib2d694c7466887ca297bea4250eca17cdc06b7bf 2013-06-17 23:34:27 -07:00			`from troveclient.common import check_for_exceptions`
			`from troveclient.common import limit_url`
			`from troveclient.common import Paginated`
			`from troveclient.common import quote_user_host`
Adds pagination limit and marker to instances, databases, and users indices. 2012-05-22 16:35:47 -05:00			`import urlparse`
Initial copy of reddwarfclient from reddwarf project. 2012-03-07 08:04:53 -06:00

			`class User(base.Resource):`
			`"""`
			`A database user`
			`"""`
			`def __repr__(self):`
			`return "<User: %s>" % self.name`


			`class Users(base.ManagerWithFind):`
			`"""`
			Manage :class:`Users` resources.
			`"""`
			`resource_class = User`

			`def create(self, instance_id, users):`
			`"""`
			`Create users with permissions to the specified databases`
			`"""`
			`body = {"users": users}`
			`url = "/instances/%s/users" % instance_id`
			`resp, body = self.api.client.post(url, body=body)`
			`check_for_exceptions(resp, body)`

Adds optional host parameter to users. All calls that involve calling a user by name now also allow for the host to be specified optionally. Similarly, all calls that respond with a user also include the host, defaulting to '%', MySQL's shorthand for 'anywhere'. Hosts with dots in the name are escaped to avoid a problem with the way our routing parses URLs. Change-Id: Idc5d514a7d862a723469ca8b49f1c51ae07f741b 2013-03-11 10:53:36 -05:00			`def delete(self, instance_id, username, hostname=None):`
Initial copy of reddwarfclient from reddwarf project. 2012-03-07 08:04:53 -06:00			`"""Delete an existing user in the specified instance"""`
Adds optional host parameter to users. All calls that involve calling a user by name now also allow for the host to be specified optionally. Similarly, all calls that respond with a user also include the host, defaulting to '%', MySQL's shorthand for 'anywhere'. Hosts with dots in the name are escaped to avoid a problem with the way our routing parses URLs. Change-Id: Idc5d514a7d862a723469ca8b49f1c51ae07f741b 2013-03-11 10:53:36 -05:00			`user = quote_user_host(username, hostname)`
PEP8 fixes 2012-04-23 12:58:21 -05:00			`url = "/instances/%s/users/%s" % (instance_id, user)`
Initial copy of reddwarfclient from reddwarf project. 2012-03-07 08:04:53 -06:00			`resp, body = self.api.client.delete(url)`
			`check_for_exceptions(resp, body)`

Adds pagination limit and marker to instances, databases, and users indices. 2012-05-22 16:35:47 -05:00			`def _list(self, url, response_key, limit=None, marker=None):`
			`resp, body = self.api.client.get(limit_url(url, limit, marker))`
Initial copy of reddwarfclient from reddwarf project. 2012-03-07 08:04:53 -06:00			`check_for_exceptions(resp, body)`
			`if not body:`
			`raise Exception("Call to " + url +`
			`" did not return a body.")`
Adds pagination limit and marker to instances, databases, and users indices. 2012-05-22 16:35:47 -05:00			`links = body.get('links', [])`
			`next_links = [link['href'] for link in links if link['rel'] == 'next']`
			`next_marker = None`
			`for link in next_links:`
			`# Extract the marker from the url.`
			`parsed_url = urlparse.urlparse(link)`
			`query_dict = dict(urlparse.parse_qsl(parsed_url.query))`
			`next_marker = query_dict.get('marker', None)`
			`users = [self.resource_class(self, res) for res in body[response_key]]`
			`return Paginated(users, next_marker=next_marker, links=links)`
Initial copy of reddwarfclient from reddwarf project. 2012-03-07 08:04:53 -06:00
Adds pagination limit and marker to instances, databases, and users indices. 2012-05-22 16:35:47 -05:00			`def list(self, instance, limit=None, marker=None):`
Initial copy of reddwarfclient from reddwarf project. 2012-03-07 08:04:53 -06:00			`"""`
			`Get a list of all Users from the instance's Database.`

			:rtype: list of :class:`User`.
			`"""`
			`return self._list("/instances/%s/users" % base.getid(instance),`
Adds pagination limit and marker to instances, databases, and users indices. 2012-05-22 16:35:47 -05:00			`"users", limit, marker)`
User modify functions. Grant, revoke, and list user access. Get user. Change user password. Partially implements blueprint modify-users Change-Id: I786d857175309d504cf1ad0a31a248d64399202c 2013-01-22 12:58:26 -06:00
Adds optional host parameter to users. All calls that involve calling a user by name now also allow for the host to be specified optionally. Similarly, all calls that respond with a user also include the host, defaulting to '%', MySQL's shorthand for 'anywhere'. Hosts with dots in the name are escaped to avoid a problem with the way our routing parses URLs. Change-Id: Idc5d514a7d862a723469ca8b49f1c51ae07f741b 2013-03-11 10:53:36 -05:00			`def get(self, instance_id, username, hostname=None):`
User modify functions. Grant, revoke, and list user access. Get user. Change user password. Partially implements blueprint modify-users Change-Id: I786d857175309d504cf1ad0a31a248d64399202c 2013-01-22 12:58:26 -06:00			`"""`
			`Get a single User from the instance's Database.`

			:rtype: :class:`User`.
			`"""`
Adds optional host parameter to users. All calls that involve calling a user by name now also allow for the host to be specified optionally. Similarly, all calls that respond with a user also include the host, defaulting to '%', MySQL's shorthand for 'anywhere'. Hosts with dots in the name are escaped to avoid a problem with the way our routing parses URLs. Change-Id: Idc5d514a7d862a723469ca8b49f1c51ae07f741b 2013-03-11 10:53:36 -05:00			`user = quote_user_host(username, hostname)`
			`url = "/instances/%s/users/%s" % (instance_id, user)`
Fixes data type bug in get-user call Also fixes an authentication problem preventing rd-client calls from finding their service endpoint and issuing calls. Partially addresses bug #1132975 Change-Id: Iae2badda67793f30d957e414ee87d32853ef3d8e 2013-02-28 17:07:33 -06:00			`return self._get(url, "user")`
User modify functions. Grant, revoke, and list user access. Get user. Change user password. Partially implements blueprint modify-users Change-Id: I786d857175309d504cf1ad0a31a248d64399202c 2013-01-22 12:58:26 -06:00
API for Modify User Attributes - username, host, password At present, when a Cloud Database user creates a username, password and hostname for a database user, he does not have the ability to modify these user attributes. This API enables the Cloud DB user to make changes to one or more of these user attributes (username,hostname,password). These changes are in the troveclient to enable simple command line requests Implements: blueprint modify-userattributes Change-Id: I0887f2d927eec8c77c0f562c9d855a370591231a 2013-06-28 17:48:03 -05:00			`def update_attributes(self, instance, username, newuserattr=None,`
			`hostname=None):`
			`"""`
			`Update attributes of a single User in an instance.`

			:rtype: :class:`User`.
			`"""`
			`instance_id = base.getid(instance)`
			`user = quote_user_host(username, hostname)`
			`user_dict = {}`
			`if not newuserattr:`
			`newuserattr = {}`
			`else:`
			`user_dict['user'] = newuserattr`
			`url = "/instances/%s/users/%s" % (instance_id, user)`
			`resp, body = self.api.client.put(url, body=user_dict)`
			`check_for_exceptions(resp, body)`

Adds optional host parameter to users. All calls that involve calling a user by name now also allow for the host to be specified optionally. Similarly, all calls that respond with a user also include the host, defaulting to '%', MySQL's shorthand for 'anywhere'. Hosts with dots in the name are escaped to avoid a problem with the way our routing parses URLs. Change-Id: Idc5d514a7d862a723469ca8b49f1c51ae07f741b 2013-03-11 10:53:36 -05:00			`def list_access(self, instance, username, hostname=None):`
User modify functions. Grant, revoke, and list user access. Get user. Change user password. Partially implements blueprint modify-users Change-Id: I786d857175309d504cf1ad0a31a248d64399202c 2013-01-22 12:58:26 -06:00			`"""Show all databases the given user has access to. """`
			`instance_id = base.getid(instance)`
Adds optional host parameter to users. All calls that involve calling a user by name now also allow for the host to be specified optionally. Similarly, all calls that respond with a user also include the host, defaulting to '%', MySQL's shorthand for 'anywhere'. Hosts with dots in the name are escaped to avoid a problem with the way our routing parses URLs. Change-Id: Idc5d514a7d862a723469ca8b49f1c51ae07f741b 2013-03-11 10:53:36 -05:00			`user = quote_user_host(username, hostname)`
			`url = "/instances/%(instance_id)s/users/%(user)s/databases"`
PEP8 with tox -epep8 check fails Change-Id: Ife06919f321ab4ad73bece2e6080fbd7d947eeef Fixes: bug #1219014 2013-08-30 20:32:17 +03:00			`local_vars = locals()`
			`resp, body = self.api.client.get(url % local_vars)`
User modify functions. Grant, revoke, and list user access. Get user. Change user password. Partially implements blueprint modify-users Change-Id: I786d857175309d504cf1ad0a31a248d64399202c 2013-01-22 12:58:26 -06:00			`check_for_exceptions(resp, body)`
			`if not body:`
			`raise Exception("Call to %s did not return to a body" % url)`
			`return [databases.Database(self, db) for db in body['databases']]`

Adds optional host parameter to users. All calls that involve calling a user by name now also allow for the host to be specified optionally. Similarly, all calls that respond with a user also include the host, defaulting to '%', MySQL's shorthand for 'anywhere'. Hosts with dots in the name are escaped to avoid a problem with the way our routing parses URLs. Change-Id: Idc5d514a7d862a723469ca8b49f1c51ae07f741b 2013-03-11 10:53:36 -05:00			`def grant(self, instance, username, databases, hostname=None):`
User modify functions. Grant, revoke, and list user access. Get user. Change user password. Partially implements blueprint modify-users Change-Id: I786d857175309d504cf1ad0a31a248d64399202c 2013-01-22 12:58:26 -06:00			`"""Allow an existing user permissions to access a database."""`
			`instance_id = base.getid(instance)`
Adds optional host parameter to users. All calls that involve calling a user by name now also allow for the host to be specified optionally. Similarly, all calls that respond with a user also include the host, defaulting to '%', MySQL's shorthand for 'anywhere'. Hosts with dots in the name are escaped to avoid a problem with the way our routing parses URLs. Change-Id: Idc5d514a7d862a723469ca8b49f1c51ae07f741b 2013-03-11 10:53:36 -05:00			`user = quote_user_host(username, hostname)`
			`url = "/instances/%(instance_id)s/users/%(user)s/databases"`
User modify functions. Grant, revoke, and list user access. Get user. Change user password. Partially implements blueprint modify-users Change-Id: I786d857175309d504cf1ad0a31a248d64399202c 2013-01-22 12:58:26 -06:00			`dbs = {'databases': [{'name': db} for db in databases]}`
PEP8 with tox -epep8 check fails Change-Id: Ife06919f321ab4ad73bece2e6080fbd7d947eeef Fixes: bug #1219014 2013-08-30 20:32:17 +03:00			`local_vars = locals()`
			`resp, body = self.api.client.put(url % local_vars, body=dbs)`
User modify functions. Grant, revoke, and list user access. Get user. Change user password. Partially implements blueprint modify-users Change-Id: I786d857175309d504cf1ad0a31a248d64399202c 2013-01-22 12:58:26 -06:00			`check_for_exceptions(resp, body)`

Adds optional host parameter to users. All calls that involve calling a user by name now also allow for the host to be specified optionally. Similarly, all calls that respond with a user also include the host, defaulting to '%', MySQL's shorthand for 'anywhere'. Hosts with dots in the name are escaped to avoid a problem with the way our routing parses URLs. Change-Id: Idc5d514a7d862a723469ca8b49f1c51ae07f741b 2013-03-11 10:53:36 -05:00			`def revoke(self, instance, username, database, hostname=None):`
User modify functions. Grant, revoke, and list user access. Get user. Change user password. Partially implements blueprint modify-users Change-Id: I786d857175309d504cf1ad0a31a248d64399202c 2013-01-22 12:58:26 -06:00			`"""Revoke from an existing user access permissions to a database."""`
			`instance_id = base.getid(instance)`
Adds optional host parameter to users. All calls that involve calling a user by name now also allow for the host to be specified optionally. Similarly, all calls that respond with a user also include the host, defaulting to '%', MySQL's shorthand for 'anywhere'. Hosts with dots in the name are escaped to avoid a problem with the way our routing parses URLs. Change-Id: Idc5d514a7d862a723469ca8b49f1c51ae07f741b 2013-03-11 10:53:36 -05:00			`user = quote_user_host(username, hostname)`
			`url = ("/instances/%(instance_id)s/users/%(user)s/"`
User modify functions. Grant, revoke, and list user access. Get user. Change user password. Partially implements blueprint modify-users Change-Id: I786d857175309d504cf1ad0a31a248d64399202c 2013-01-22 12:58:26 -06:00			`"databases/%(database)s")`
PEP8 with tox -epep8 check fails Change-Id: Ife06919f321ab4ad73bece2e6080fbd7d947eeef Fixes: bug #1219014 2013-08-30 20:32:17 +03:00			`local_vars = locals()`
			`resp, body = self.api.client.delete(url % local_vars)`
User modify functions. Grant, revoke, and list user access. Get user. Change user password. Partially implements blueprint modify-users Change-Id: I786d857175309d504cf1ad0a31a248d64399202c 2013-01-22 12:58:26 -06:00			`check_for_exceptions(resp, body)`

			`def change_passwords(self, instance, users):`
			`"""Change the password for one or more users."""`
			`instance_id = base.getid(instance)`
			`user_dict = {"users": users}`
			`url = "/instances/%s/users" % instance_id`
			`resp, body = self.api.client.put(url, body=user_dict)`
			`check_for_exceptions(resp, body)`