tosca support for attaching users to CORDSubscriberRoot
diff --git a/xos/configurations/cord/cord.yaml b/xos/configurations/cord/cord.yaml
index e878322..565c419 100644
--- a/xos/configurations/cord/cord.yaml
+++ b/xos/configurations/cord/cord.yaml
@@ -453,6 +453,18 @@
path: andybavier/docker-vcpe
tag: develop
+ # Let's add a user who can be administrator of the household
+ johndoe@myhouse.com:
+ type: tosca.nodes.User
+ properties:
+ password: letmein
+ firstname: john
+ lastname: doe
+ requirements:
+ - site:
+ node: mysite
+ relationship: tosca.relationships.MemberOfSite
+
# A subscriber
My House:
type: tosca.nodes.CORDSubscriber
@@ -462,6 +474,10 @@
cdn_enable: false
url_filter_enable: false
url_filter_level: R
+ requirements:
+ - house_admin:
+ node: johndoe@myhouse.com
+ relationship: tosca.relationships.AdminPrivilege
Mom's PC:
type: tosca.nodes.CORDUser
diff --git a/xos/tosca/resources/CORDSubscriber.py b/xos/tosca/resources/CORDSubscriber.py
index 4097ca9..f013032 100644
--- a/xos/tosca/resources/CORDSubscriber.py
+++ b/xos/tosca/resources/CORDSubscriber.py
@@ -6,7 +6,7 @@
from translator.toscalib.tosca_template import ToscaTemplate
import pdb
-from core.models import User
+from core.models import User, TenantRootPrivilege, TenantRootRole
from services.cord.models import CordSubscriberRoot
from xosresource import XOSResource
@@ -17,7 +17,8 @@
copyin_props = ["service_specific_id", "firewall_enable", "url_filter_enable", "cdn_enable", "url_filter_level"]
def postprocess(self, obj):
- pass
+ rolemap = ( ("tosca.relationships.AdminPrivilege", "admin"), ("tosca.relationships.AccessPrivilege", "access"), )
+ self.postprocess_privileges(TenantRootRole, TenantRootPrivilege, rolemap, obj, "tenant_root")
def can_delete(self, obj):
return super(XOSCORDSubscriber, self).can_delete(obj)
diff --git a/xos/tosca/resources/xosresource.py b/xos/tosca/resources/xosresource.py
index fa14380..cc4672b 100644
--- a/xos/tosca/resources/xosresource.py
+++ b/xos/tosca/resources/xosresource.py
@@ -103,10 +103,16 @@
def postprocess_privileges(self, roleclass, privclass, rolemap, obj, toFieldName):
for (rel, role) in rolemap:
for email in self.get_requirements(rel):
- role = self.get_xos_object(roleclass, role=role)
+ role_obj = self.get_xos_object(roleclass, throw_exception=False, role=role)
+ if not role_obj:
+ # if the role doesn't exist, make it
+ self.info("Creating %s %s" % (roleclass.__name__, role))
+ role_obj = roleclass(role=role)
+ role_obj.save()
+
user = self.get_xos_object(User, email=email)
- if not privclass.objects.filter(user=user, role=role, **{toFieldName: obj}):
- sp = privclass(user=user, role=role, **{toFieldName: obj})
+ if not privclass.objects.filter(user=user, role=role_obj, **{toFieldName: obj}):
+ sp = privclass(user=user, role=role_obj, **{toFieldName: obj})
sp.save()
self.info("Added privilege on %s role %s for %s" % (str(obj), str(role), str(user)))
diff --git a/xos/tosca/samples/cord.yaml b/xos/tosca/samples/cord.yaml
index 567ced0..a9baf25 100644
--- a/xos/tosca/samples/cord.yaml
+++ b/xos/tosca/samples/cord.yaml
@@ -70,8 +70,19 @@
node: mysite
relationship: tosca.relationships.MemberOfSite
- # Now let's add a subscriber
+ # Let's add a user who can be administrator of the household
+ johndoe@myhouse.com:
+ type: tosca.nodes.User
+ properties:
+ password: letmein
+ firstname: john
+ lastname: doe
+ requirements:
+ - site:
+ node: mysite
+ relationship: tosca.relationships.MemberOfSite
+ # Now let's add a subscriber
My House:
type: tosca.nodes.CORDSubscriber
properties:
@@ -80,6 +91,10 @@
cdn_enable: true
url_filter_enable: true
url_filter_level: R
+ requirements:
+ - house_admin:
+ node: johndoe@myhouse.com
+ relationship: tosca.relationships.AdminPrivilege
Mom's PC:
type: tosca.nodes.CORDUser
@@ -137,3 +152,5 @@
+
+