Merge "Provide a way to set user permission for rabbitmq users"
This commit is contained in:
commit
8b2acd270f
|
@ -17,7 +17,13 @@ this in Heat:
|
|||
nova:
|
||||
username: nova
|
||||
password: SuperSecret
|
||||
tags: administrator
|
||||
tags:
|
||||
- administrator
|
||||
- monitoring
|
||||
permissions:
|
||||
conf: .*
|
||||
write: .*
|
||||
read: .*
|
||||
password_handle: {Ref: RabbitMQPasswordHandle}
|
||||
|
||||
Using cfn-signal, we will feed back a generated password into the handle
|
||||
|
|
|
@ -74,7 +74,6 @@ LOG.info("need = %s" % need)
|
|||
for need_user in need:
|
||||
detail = user_map[need_user]
|
||||
username = detail['username']
|
||||
tags = detail['tags']
|
||||
if username not in have:
|
||||
if 'password' in detail:
|
||||
password = detail['password']
|
||||
|
@ -90,11 +89,19 @@ for need_user in need:
|
|||
PASSWORD_HANDLE])
|
||||
else:
|
||||
print '%s:%s' % (username, password)
|
||||
args = ['rabbitmqctl', 'set_user_tags', username]
|
||||
args.extend(tags)
|
||||
subprocess.check_call(args, stdout=sys.stderr)
|
||||
if 'permissions' in detail:
|
||||
args = ['rabbitmqctl', 'set_permissions', username]
|
||||
args.append(detail['permissions']['conf'])
|
||||
args.append(detail['permissions']['write'])
|
||||
args.append(detail['permissions']['read'])
|
||||
subprocess.check_call(args, stdout=sys.stderr)
|
||||
if 'tags' in detail:
|
||||
tags = detail['tags']
|
||||
args = ['rabbitmqctl', 'set_user_tags', username]
|
||||
args.extend(tags)
|
||||
subprocess.check_call(args, stdout=sys.stderr)
|
||||
|
||||
have = set(get_existing_users().keys())
|
||||
if want - have:
|
||||
LOG.error('Desired users missing: want=%s have=%s', (want, have))
|
||||
LOG.error('Desired users missing: want=%s have=%s', want, have)
|
||||
sys.exit(1)
|
||||
|
|
Loading…
Reference in New Issue