diff --git a/bin/nova-manage b/bin/nova-manage index 089b2eeae..4e9307273 100755 --- a/bin/nova-manage +++ b/bin/nova-manage @@ -61,6 +61,7 @@ import math import netaddr from optparse import OptionParser import os +import StringIO import sys import time @@ -274,6 +275,58 @@ class ShellCommands(object): arguments: path""" exec(compile(open(path).read(), path, 'exec'), locals(), globals()) + @args('--filename', dest='filename', metavar='', default=False, + help='Export file path') + def export(self, filename): + """Export Nova users into a file that can be consumed by Keystone""" + + def create_file(filename): + data = generate_data() + with open(filename, 'w') as f: + f.write(data.getvalue()) + + def tenants(data, am): + for project in am.get_projects(): + print >> data, ("tenant add '%s'" % + (project.name)) + for u in project.member_ids: + user = am.get_user(u) + print >> data, ("user add '%s' '%s' '%s'" % + (user.name, user.access, project.name)) + print >> data, ("credentials add 'EC2' '%s:%s' '%s' '%s'" % + (user.access, project.id, user.secret, project.id)) + + def roles(data, am): + for role in am.get_roles(): + print >> data, ("role add '%s'" % (role)) + + def grant_roles(data, am): + roles = am.get_roles() + for project in am.get_projects(): + for u in project.member_ids: + user = am.get_user(u) + for role in db.user_get_roles_for_project(ctxt, u, + project.id): + print >> data, ("role grant '%s', '%s', '%s')," % + (user.name, role, project.name)) + print >> data + + def generate_data(): + data = StringIO.StringIO() + am = manager.AuthManager() + tenants(data, am) + roles(data, am) + grant_roles(data, am) + data.seek(0) + return data + + ctxt = context.get_admin_context() + if filename: + create_file(filename) + else: + data = generate_data() + print data.getvalue() + class RoleCommands(object): """Class for managing roles."""