diff --git a/orm/services/customer_manager/cms_rest/data/sql_alchemy/models.py b/orm/services/customer_manager/cms_rest/data/sql_alchemy/models.py index 3c6c805a..91261153 100755 --- a/orm/services/customer_manager/cms_rest/data/sql_alchemy/models.py +++ b/orm/services/customer_manager/cms_rest/data/sql_alchemy/models.py @@ -84,6 +84,10 @@ class Groups(Base, CMSBaseModel): proxy_dict["regions"] = [ group_region.get_proxy_dict() for group_region in group_regions] + existing_group_regions = self.get_group_regions() + proxy_dict["regions"] = [ + group_region.get_proxy_dict() for group_region in existing_group_regions] + proxy_dict["groups_roles"] = [ group_role.get_proxy_dict() for group_role in self.groups_roles] @@ -95,10 +99,6 @@ class Groups(Base, CMSBaseModel): group_domain_role.get_proxy_dict() for group_domain_role in self.groups_domain_roles] - proxy_dict["groups_users"] = [ - groups_user.get_proxy_dict() - for groups_user in self.groups_users] - return proxy_dict def get_default_region(self): @@ -191,13 +191,28 @@ class GroupsRegion(Base, CMSBaseModel): ) def get_proxy_dict(self): - return { + + proxy_dict = { "name": self.region.name, - "group_id": self.group_id, - "region_id": self.region_id, "action": "modify" } + proxy_dict["users"] = [] + user = None + + for region_user in self.group_region_users: + if user and user["domain"] != region_user.domain_name: + proxy_dict["users"].append(user) + user = {"domain": region_user.domain_name, "id": [region_user.user.name]} + elif user is None: + user = {"domain": region_user.domain_name, "id": [region_user.user.name]} + else: + user["id"].append(region_user.user.name) + if user: + proxy_dict["users"].append(user) + + return proxy_dict + def to_wsme(self): name = self.region.name type = self.region.type @@ -353,15 +368,15 @@ class GroupsUser(Base, CMSBaseModel): group_id = Column(String(64), ForeignKey('groups.uuid'), primary_key=True, nullable=False, index=True) - user_id = Column(Integer, ForeignKey('cms_user.id'), - primary_key=True, nullable=False, index=True) - region_id = Column(Integer, ForeignKey('groups_region.region_id'), primary_key=True, nullable=False, index=True) domain_name = Column(String(64), ForeignKey('cms_domain.name'), primary_key=True, nullable=False) + user_id = Column(Integer, ForeignKey('cms_user.id'), + primary_key=True, nullable=False, index=True) + user = relationship("CmsUser", viewonly=True) groups = relationship("Groups", viewonly=True) groups_regions = relationship("GroupsRegion", viewonly=True) diff --git a/orm/services/customer_manager/cms_rest/logic/group_logic.py b/orm/services/customer_manager/cms_rest/logic/group_logic.py index 5927c659..dc7113cc 100755 --- a/orm/services/customer_manager/cms_rest/logic/group_logic.py +++ b/orm/services/customer_manager/cms_rest/logic/group_logic.py @@ -1,4 +1,3 @@ -from pecan import request from pecan import conf, request import requests @@ -41,9 +40,13 @@ class GroupLogic(object): sql_group_id = sql_group.uuid datamanager.add_group_region(sql_group_id, -1) + # add group users as needed + default_users_requested = group.users + default_region_users =\ + self.add_default_user_db(datamanager, default_users_requested, [], sql_group_id) + self.add_regions_to_db(group.regions, sql_group_id, datamanager) - self.add_default_user_db(datamanager, group.users, [], uuid) return sql_group def add_default_users_to_region(self, datamanager, group_uuid, region_id): @@ -81,10 +84,6 @@ class GroupLogic(object): self.add_user_db(datamanager, region.users, default_users, sql_group_id, sql_region.id) - # create region users from default users - self.add_default_users_to_region(datamanager, sql_group_id, - sql_region.id) - def add_default_user_db(self, datamanager, default_users_requested, existing_default_users, group_uuid): default_region_users = [] @@ -113,7 +112,6 @@ class GroupLogic(object): def add_user_db(self, datamanager, region_users_requested, all_existing_users, group_uuid, region_id): - # region_users = [] for user_info in region_users_requested: domain_value = user_info.domain @@ -133,8 +131,6 @@ class GroupLogic(object): sql_groups_user = \ datamanager.add_groups_user(group_uuid, sql_user.id, region_id, domain_value) - # region_users.append(sql_groups_user) - # return region_users def assign_roles(self, group_uuid, @@ -226,7 +222,6 @@ class GroupLogic(object): group = group_record.read_group_by_uuid(group_uuid) defaultRegion = group.get_default_region() - existing_default_users =\ defaultRegion.group_region_users if defaultRegion else [] @@ -246,12 +241,10 @@ class GroupLogic(object): timestamp = utils.get_time_human() datamanager.flush() - ''' - # if len(customer.customer_customer_regions) > 1: - # call rds logic - # if regions: - # RdsProxy.send_group_dict(group, transaction_id, "PUT") - ''' + group_dict = group.get_proxy_dict() + if len(group.group_regions) > 1: + # RdsProxy.send_group(group, transaction_id, "PUT") + RdsProxy.send_group_dict(group_dict, transaction_id, "PUT") if p_datamanager is None: users_result = [{'id': user.id, @@ -316,25 +309,23 @@ class GroupLogic(object): region_users_list, group_uuid, region_id) timestamp = utils.get_time_human() datamanager.flush() + group_dict = group.get_proxy_dict() - ''' - # if len(customer.customer_customer_regions) > 1: - # call rds logic - # if regions: - # RdsProxy.send_customer(customer, transaction_id, "PUT") - ''' + if len(group.group_regions) > 1: + RdsProxy.send_group_dict(group_dict, transaction_id, "PUT") if p_datamanager is None: - users_result =\ - [{'id': user.id, - 'domain': user.domain} for user in region_users_requested] - region_user_result_wrapper =\ - build_response(group_uuid, transaction_id, - 'add_group_region_users', - users=users_result) - datamanager.commit() - return region_user_result_wrapper + + users_result =\ + [{'id': user.id, + 'domain': user.domain} for user in region_users_requested] + region_user_result_wrapper =\ + build_response(group_uuid, transaction_id, + 'add_group_region_users', + users=users_result) + + return region_user_result_wrapper except Exception as exception: datamanager.rollback() @@ -365,12 +356,15 @@ class GroupLogic(object): raise NotFound("user {}@{} domain".format(user, domain)) datamanager.flush() - # if len(customer.customer_customer_regions) > 1: - # RdsProxy.send_customer(customer, transaction_id, "PUT") + group_record = datamanager.get_record('group') + group = group_record.read_group_by_uuid(group_uuid) + group_dict = group.get_proxy_dict() + + if len(group.group_regions) > 1: + RdsProxy.send_group_dict(group_dict, transaction_id, "PUT") datamanager.commit() - # following log info does not yet include user_domain LOG.info("User {0} from region {1} in group {2} deleted". format(user, 'DEFAULT', group_uuid)) @@ -415,7 +409,11 @@ class GroupLogic(object): "instead." % (user, user_domain, group_uuid) raise ErrorStatus(400, message) - # RdsProxy.send_customer(customer, transaction_id, "PUT") + group_record = datamanager.get_record('group') + group = group_record.read_group_by_uuid(group_uuid) + group_dict = group.get_proxy_dict() + RdsProxy.send_group_dict(group_dict, transaction_id, "PUT") + datamanager.commit() LOG.info("User {0} with user domain {1} from region {2} " @@ -579,10 +577,19 @@ class GroupLogic(object): self.add_regions_to_db(regions, group_id, datamanager, default_users) + + # create additional region users from default group users + for region in regions: + sql_region = datamanager.add_region(region) + self.add_default_users_to_region(datamanager, group_id, + sql_region.id) + datamanager.commit() datamanager.session.expire(sql_group) + sql_group = datamanager.get_group_by_uuid_or_name(group_id) group_dict = sql_group.get_proxy_dict() + for region in group_dict["regions"]: new_region = next((r for r in regions if r.name == region["name"]), None) @@ -590,6 +597,7 @@ class GroupLogic(object): region["action"] = "create" else: region["action"] = "modify" + timestamp = utils.get_time_human() RdsProxy.send_group_dict(group_dict, transaction_id, "POST") base_link = '{0}{1}/'.format(conf.server.host_ip, diff --git a/orm/services/customer_manager/scripts/db_scripts/ranger_cms_create_db.sql b/orm/services/customer_manager/scripts/db_scripts/ranger_cms_create_db.sql index ca8f99fd..b94e7046 100755 --- a/orm/services/customer_manager/scripts/db_scripts/ranger_cms_create_db.sql +++ b/orm/services/customer_manager/scripts/db_scripts/ranger_cms_create_db.sql @@ -141,14 +141,14 @@ create table if not exists groups_user region_id integer not null, user_id integer not null, domain_name varchar(64) not null, - primary key (group_id, region_id, user_id, domain_name), + primary key (group_id, region_id, domain_name, user_id), foreign key (`user_id`) references `cms_user` (`id`) ON DELETE CASCADE, foreign key (`group_id`) references `groups` (`uuid`) ON DELETE CASCADE ON UPDATE NO ACTION, foreign key (`group_id`,`region_id`) references `groups_region` (`group_id`,`region_id`) ON DELETE CASCADE ON UPDATE NO ACTION, foreign key (`domain_name`) references `cms_domain` (`name`) ON DELETE CASCADE ON UPDATE NO ACTION, index group_id (group_id), index region_id (region_id), - index user_id (user_id)); + index domain_name (domain_name)); create table if not exists groups_customer_role ( diff --git a/orm/services/resource_distributor/rds/services/yaml_group_builder.py b/orm/services/resource_distributor/rds/services/yaml_group_builder.py index d8a57f3a..cc37c397 100755 --- a/orm/services/resource_distributor/rds/services/yaml_group_builder.py +++ b/orm/services/resource_distributor/rds/services/yaml_group_builder.py @@ -38,24 +38,32 @@ def yamlbuilder(alldata, region): } } - if "groups_users" in jsondata and len(jsondata["groups_users"]) > 0: - template_name = '{}_user_assignments'.format(group_name) - users = [] + template_name = '{}_user_assignments'.format(group_name) + users = [] - for user in jsondata['groups_users']: - users.append({ - "name": user["user_name"], - "user_domain": user["domain_name"] - }) + if region['users']: + for user in region['users']: + domain_name = user['domain'] + for id in user['id']: + users.append({ + "name": id, + "user_domain": domain_name}) resources["resources"][template_name] = { 'type': 'OS::Keystone::GroupUserAssignment\n', 'properties': { + 'users': users, 'group': "{get_resource: %s}" % group_name, 'group_domain': "%s" % jsondata['domain_name'], } } + outputs["outputs"]["%s_user_assignments_id" % group_name] = { + "value": { + "get_resource": "%s_user_assignments" % group_name + } + } + if "groups_roles" in jsondata and len(jsondata["groups_roles"]) > 0: template_name = "{}_role_assignments".format(group_name) roles = [] diff --git a/orm/tests/unit/rds/services/test_group_yaml.py b/orm/tests/unit/rds/services/test_group_yaml.py index 95a39332..11f1fa3a 100644 --- a/orm/tests/unit/rds/services/test_group_yaml.py +++ b/orm/tests/unit/rds/services/test_group_yaml.py @@ -7,12 +7,15 @@ from orm.services.resource_distributor.rds.services import\ yaml_group_builder as GroupBuild alldata = { - 'domain_name': 'nc', 'description': 'this is a description', 'enabled': 1, - 'regions': [{'name': 'regionname'}], + 'domain_name': 'nc', + "regions": [{ + "action": "modify", + "name": "local", + "users": []}], 'name': 'test_group'} -yaml_group = \ +yaml_group_nousers = \ 'heat_template_version: 2015-1-1\n\ndescription: yaml file for region - ' \ 'regionname\n\nresources:\n'\ ' test_group:\n properties:\n'\ @@ -20,12 +23,11 @@ yaml_group = \ ' domain: nc\n'\ ' name: test_group\n'\ ' type: OS::Keystone::Group\n\n\n'\ - 'outputs:\n'\ - ' test_group_id:\n'\ - ' value: {get_resource: test_group}\n' + 'outputs:\n test_group_id:\n value: {get_resource: test_group}\n' \ region = {'name': 'regionname', - 'rangerAgentVersion': 1.0} + 'rangerAgentVersion': 1.0, + 'users': []} class CreateResource(unittest.TestCase): @@ -39,4 +41,4 @@ class CreateResource(unittest.TestCase): yamlfile = GroupBuild.yamlbuilder(alldata, region) yamlfile_as_json = yaml.safe_load(yamlfile) self.assertEqual(yamlfile_as_json['heat_template_version'], ver) - self.assertEqual(yaml.safe_load(yamlfile), yaml.safe_load(yaml_group)) + self.assertEqual(yaml.safe_load(yamlfile), yaml.safe_load(yaml_group_nousers))