Reworked the export command to be

nova-manage shell export --filename=somefile This will output the somefile file in to the keystone-manage syntax that will then be used by a shellscript that is being proposed to keystone.
2011-09-19 21:41:48 +00:00
parent a3fc1b9253 4dc2a091bd
commit dd950516da
1 changed files with 53 additions and 0 deletions
--- a/bin/nova-manage
+++ b/bin/nova-manage
@@ -61,6 +61,7 @@ import math
 import netaddr
 from optparse import OptionParser
 import os
+import StringIO
 import sys
 import time

@@ -274,6 +275,58 @@ class ShellCommands(object):
        arguments: path"""
        exec(compile(open(path).read(), path, 'exec'), locals(), globals())

+    @args('--filename', dest='filename', metavar='<path>', default=False,
+          help='Export file path')
+    def export(self, filename):
+        """Export Nova users into a file that can be consumed by Keystone"""
+
+        def create_file(filename):
+            data = generate_data()
+            with open(filename, 'w') as f:
+                f.write(data.getvalue())
+
+        def tenants(data, am):
+            for project in am.get_projects():
+                print >> data, ("tenant add '%s'" %
+                               (project.name))
+                for u in project.member_ids:
+                    user = am.get_user(u)
+                    print >> data, ("user add '%s' '%s' '%s'" %
+                                   (user.name, user.access, project.name))
+                    print >> data, ("credentials add 'EC2' '%s:%s' '%s' '%s'" %
+                            (user.access, project.id, user.secret, project.id))
+
+        def roles(data, am):
+            for role in am.get_roles():
+                print >> data, ("role add '%s'" % (role))
+
+        def grant_roles(data, am):
+            roles = am.get_roles()
+            for project in am.get_projects():
+                for u in project.member_ids:
+                    user = am.get_user(u)
+                    for role in db.user_get_roles_for_project(ctxt, u,
+                                                              project.id):
+                        print >> data, ("role grant '%s', '%s', '%s')," %
+                                       (user.name, role, project.name))
+            print >> data
+
+        def generate_data():
+            data = StringIO.StringIO()
+            am = manager.AuthManager()
+            tenants(data, am)
+            roles(data, am)
+            grant_roles(data, am)
+            data.seek(0)
+            return data
+
+        ctxt = context.get_admin_context()
+        if filename:
+            create_file(filename)
+        else:
+            data = generate_data()
+            print data.getvalue()
+

 class RoleCommands(object):
    """Class for managing roles."""