SEBA-405 Convert synchronizer framework to library
Change-Id: If8562f23dc15c7d18d7a8b040b33756708b3c5ec
diff --git a/lib/xos-synchronizer/tests/steps/sync_controller_slice_privileges.py b/lib/xos-synchronizer/tests/steps/sync_controller_slice_privileges.py
new file mode 100644
index 0000000..ec0667c
--- /dev/null
+++ b/lib/xos-synchronizer/tests/steps/sync_controller_slice_privileges.py
@@ -0,0 +1,95 @@
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+import os
+import base64
+import json
+from xossynchronizer.steps.syncstep import SyncStep
+from xossynchronizer.mock_modelaccessor import *
+
+class SyncControllerSlicePrivileges(SyncStep):
+ provides = [SlicePrivilege]
+ requested_interval = 0
+ observes = ControllerSlicePrivilege
+ playbook = "sync_controller_users.yaml"
+
+ def map_sync_inputs(self, controller_slice_privilege):
+ if not controller_slice_privilege.controller.admin_user:
+ return
+
+ template = os_template_env.get_template("sync_controller_users.yaml")
+ roles = [controller_slice_privilege.slice_privilege.role.role]
+ # setup user home slice roles at controller
+ if not controller_slice_privilege.slice_privilege.user.site:
+ raise Exception(
+ "Sliceless user %s"
+ % controller_slice_privilege.slice_privilege.user.email
+ )
+ else:
+ user_fields = {
+ "endpoint": controller_slice_privilege.controller.auth_url,
+ "endpoint_v3": controller_slice_privilege.controller.auth_url_v3,
+ "domain": controller_slice_privilege.controller.domain,
+ "name": controller_slice_privilege.slice_privilege.user.email,
+ "email": controller_slice_privilege.slice_privilege.user.email,
+ "password": controller_slice_privilege.slice_privilege.user.remote_password,
+ "admin_user": controller_slice_privilege.controller.admin_user,
+ "admin_password": controller_slice_privilege.controller.admin_password,
+ "ansible_tag": "%s@%s@%s"
+ % (
+ controller_slice_privilege.slice_privilege.user.email.replace(
+ "@", "-at-"
+ ),
+ controller_slice_privilege.slice_privilege.slice.name,
+ controller_slice_privilege.controller.name,
+ ),
+ "admin_tenant": controller_slice_privilege.controller.admin_tenant,
+ "roles": roles,
+ "tenant": controller_slice_privilege.slice_privilege.slice.name,
+ }
+ return user_fields
+
+ def map_sync_outputs(self, controller_slice_privilege, res):
+ controller_slice_privilege.role_id = res[0]["id"]
+ controller_slice_privilege.save()
+
+ def delete_record(self, controller_slice_privilege):
+ controller_register = json.loads(
+ controller_slice_privilege.controller.backend_register
+ )
+ if controller_register.get("disabled", False):
+ raise InnocuousException(
+ "Controller %s is disabled" % controller_slice_privilege.controller.name
+ )
+
+ if controller_slice_privilege.role_id:
+ driver = self.driver.admin_driver(
+ controller=controller_slice_privilege.controller
+ )
+ user = ControllerUser.objects.filter(
+ controller_id=controller_slice_privilege.controller.id,
+ user_id=controller_slice_privilege.slice_privilege.user.id,
+ )
+ user = user[0]
+ slice = ControllerSlice.objects.filter(
+ controller_id=controller_slice_privilege.controller.id,
+ user_id=controller_slice_privilege.slice_privilege.user.id,
+ )
+ slice = slice[0]
+ driver.delete_user_role(
+ user.kuser_id,
+ slice.tenant_id,
+ controller_slice_privilege.slice_prvilege.role.role,
+ )