Blame - xos/synchronizer/steps/sync_controller_slice_privileges.py - globalxos

blob: c6b9cb3061b97aa379856c86b9fe16e128a3bd81 [file] [log] [blame]

Andy Bavier	89a9542	2016-11-02 14:38:39 -0400	[diff] [blame]	1	import os
				2	import base64
				3	from collections import defaultdict
				4	from django.db.models import F, Q
				5	from xos.config import Config
				6	from synchronizers.base.syncstep import *
				7	from core.models.slice import Controller, SlicePrivilege
				8	from core.models.user import User
				9	from core.models.controlleruser import ControllerUser, ControllerSlicePrivilege
				10	from synchronizers.base.ansible import *
				11	from xos.logger import observer_logger as logger
				12	import json
				13
				14	class SyncControllerSlicePrivileges(SyncStep):
				15	provides=[SlicePrivilege]
				16	requested_interval=0
				17	observes=ControllerSlicePrivilege
				18	playbook = 'sync_controller_slice_privileges.yaml'
				19
				20	def map_sync_inputs(self, controller_slice_privilege):
				21	if not controller_slice_privilege.controller.admin_user:
				22	logger.info("controller %r has no admin_user, skipping" % controller_slice_privilege.controller)
				23	return
				24
				25	template = os_template_env.get_template('sync_controller_users.yaml')
				26	role = controller_slice_privilege.slice_privilege.role.role
				27	# setup user home slice roles at controller
				28	if not controller_slice_privilege.slice_privilege.user.site:
				29	raise Exception('Sliceless user %s'%controller_slice_privilege.slice_privilege.user.email)
				30	user_fields = {
				31	'endpoint':controller_slice_privilege.controller.auth_url,
				32	'user_name': controller_slice_privilege.slice_privilege.user.email,
				33	'admin_user': controller_slice_privilege.controller.admin_user,
				34	'admin_password': controller_slice_privilege.controller.admin_password,
				35	'ansible_tag':'%s@%s@%s'%(controller_slice_privilege.slice_privilege.user.email.replace('@','-at-'),controller_slice_privilege.slice_privilege.slice.name,controller_slice_privilege.controller.name),
				36	'role':role,
				37	'slice_name':controller_slice_privilege.slice_privilege.slice.name}
				38	return user_fields
				39
				40	def map_sync_outputs(self, controller_slice_privilege, res):
				41	controller_slice_privilege.role_id = res[0]['id']
				42	controller_slice_privilege.save()
				43
				44	def delete_record(self, controller_slice_privilege):
				45	controller_register = json.loads(controller_slice_privilege.controller.backend_register)
				46	if (controller_register.get('disabled',False)):
				47	raise InnocuousException('Controller %s is disabled'%controller_slice_privilege.controller.name)