Gitiles
Code Review Sign In
gerrit.opencord.org / openstack / 36478d136ba3839e4691c82df81754dadd186516 / . / xos / synchronizer / steps / sync_controller_users.py
blob: 189703aec6625ec506ee47ec42e7740ede8d1a1c [file] [log] [blame]
Scott Bakerb63ea792016-08-11 10:24:48 -0700[diff] [blame]1import os
2import base64
3from collections import defaultdict
4from django.db.models import F, Q
5from xos.config import Config
Scott Baker8b75e852016-08-16 15:04:59 -0700[diff] [blame]6from synchronizers.openstack.openstacksyncstep import OpenStackSyncStep
Scott Bakerb63ea792016-08-11 10:24:48 -0700[diff] [blame]7from synchronizers.base.syncstep import *
8from core.models.site import Controller, SiteDeployment, SiteDeployment
9from core.models.user import User
10from core.models.controlleruser import ControllerUser
Sapan Bhatia259205e2017-01-24 19:32:59 +0100[diff] [blame]11from synchronizers.base.ansible_helper import *
Scott Bakerb63ea792016-08-11 10:24:48 -0700[diff] [blame]12from xos.logger import observer_logger as logger
13import json
14
15class SyncControllerUsers(OpenStackSyncStep):
16 provides=[User]
17 requested_interval=0
18 observes=ControllerUser
19 playbook='sync_controller_users.yaml'
20
21 def map_sync_inputs(self, controller_user):
22 if not controller_user.controller.admin_user:
23 logger.info("controller %r has no admin_user, skipping" % controller_user.controller)
24 return
25
26 # All users will have at least the 'user' role at their home site/tenant.
27 # We must also check if the user should have the admin role
28
29 roles = ['user']
30 if controller_user.user.is_admin:
Scott Baker04a37f52016-08-11 10:52:21 -0700[diff] [blame]31 driver = self.driver.admin_driver(controller=controller_user.controller)
Scott Bakerb63ea792016-08-11 10:24:48 -0700[diff] [blame]32 roles.append(driver.get_admin_role().name)
33
34 # setup user home site roles at controller
35 if not controller_user.user.site:
36 raise Exception('Siteless user %s'%controller_user.user.email)
37 else:
38 # look up tenant id for the user's site at the controller
39 #ctrl_site_deployments = SiteDeployment.objects.filter(
40 # site_deployment__site=controller_user.user.site,
41 # controller=controller_user.controller)
42
43 #if ctrl_site_deployments:
44 # # need the correct tenant id for site at the controller
45 # tenant_id = ctrl_site_deployments[0].tenant_id
46 # tenant_name = ctrl_site_deployments[0].site_deployment.site.login_base
47 user_fields = {
48 'endpoint':controller_user.controller.auth_url,
49 'endpoint_v3': controller_user.controller.auth_url_v3,
50 'domain': controller_user.controller.domain,
51 'name': controller_user.user.email,
52 'email': controller_user.user.email,
53 'password': controller_user.user.remote_password,
54 'admin_user': controller_user.controller.admin_user,
55 'admin_password': controller_user.controller.admin_password,
56 'ansible_tag':'%s@%s'%(controller_user.user.email.replace('@','-at-'),controller_user.controller.name),
57 'admin_project': controller_user.controller.admin_tenant,
58 'roles':roles,
59 'project':controller_user.user.site.login_base
60 }
61 return user_fields
62
63 def map_sync_outputs(self, controller_user, res):
64 controller_user.kuser_id = res[0]['user']['id']
65 controller_user.backend_status = '1 - OK'
66 controller_user.save()
67
68 def delete_record(self, controller_user):
69 if controller_user.kuser_id:
70 driver = self.driver.admin_driver(controller=controller_user.controller)
71 driver.delete_user(controller_user.kuser_id)