#!/usr/bin/python # Copyright (c) 2010 OpenStack, LLC. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or # implied. # See the License for the specific language governing permissions and # limitations under the License. from ConfigParser import ConfigParser from os.path import basename from sys import argv, exit from swift.common.bufferedhttp import http_connect_raw as http_connect if __name__ == '__main__': f = '/etc/swift/auth-server.conf' good = False noaccess = False if len(argv) == 6 and argv[4] == 'noaccess': good = True noaccess = True f = argv[5] elif len(argv) == 5: good = True if argv[4] == 'noaccess': noaccess = True else: f = argv[4] elif len(argv) == 4: good = True if not good: exit(''' Syntax: %s [noaccess] [conf_file] The noaccess keyword will create a user with no access to the account; another user for the account will have to add the user to the ACLs for a container to grant some access. '''.strip() % basename(argv[0])) new_account = argv[1] new_user = argv[2] new_password = argv[3] c = ConfigParser() if not c.read(f): exit('Unable to read conf file: %s' % f) conf = dict(c.items('app:auth-server')) host = conf.get('bind_ip', '127.0.0.1') port = int(conf.get('bind_port', 11000)) ssl = conf.get('cert_file') is not None path = '/account/%s/%s' % (new_account, new_user) headers = {'X-Auth-Key': new_password} if noaccess: headers['X-User-No-Access'] = 'true' conn = http_connect(host, port, 'PUT', path, headers, ssl=ssl) resp = conn.getresponse() if resp.status == 204: print resp.getheader('x-storage-url') else: print 'Account creation failed. (%d)' % resp.status