Sapan Bhatia | 24836f1 | 2013-08-27 10:16:05 -0400 | [diff] [blame] | 1 | import os |
| 2 | import base64 |
Tony Mack | ae7f30c | 2013-09-25 12:46:50 -0400 | [diff] [blame] | 3 | from django.db.models import F, Q |
Sapan Bhatia | 24836f1 | 2013-08-27 10:16:05 -0400 | [diff] [blame] | 4 | from planetstack.config import Config |
Sapan Bhatia | 04c94ad | 2013-09-02 18:00:28 -0400 | [diff] [blame] | 5 | from observer.openstacksyncstep import OpenStackSyncStep |
Sapan Bhatia | 6d21da3 | 2014-11-11 21:41:12 -0500 | [diff] [blame] | 6 | from core.models import User, UserDeployment, SitePrivilege, SiteDeployment |
Sapan Bhatia | 24836f1 | 2013-08-27 10:16:05 -0400 | [diff] [blame] | 7 | |
| 8 | class SyncSitePrivileges(OpenStackSyncStep): |
Tony Mack | dacfb98 | 2013-09-24 21:57:16 -0400 | [diff] [blame] | 9 | requested_interval=0 |
| 10 | provides=[SitePrivilege] |
Tony Mack | 66646d5 | 2013-09-24 21:47:12 -0400 | [diff] [blame] | 11 | |
Sapan Bhatia | b83643c | 2014-07-23 09:59:32 -0400 | [diff] [blame] | 12 | def fetch_pending(self, deleted): |
| 13 | # Deleting site privileges is not supported yet |
| 14 | if (deleted): |
| 15 | return [] |
| 16 | |
Tony Mack | 31078dd | 2013-10-02 12:46:21 -0400 | [diff] [blame] | 17 | return SitePrivilege.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None)) |
Tony Mack | 66646d5 | 2013-09-24 21:47:12 -0400 | [diff] [blame] | 18 | |
Tony Mack | 37146d2 | 2013-10-21 11:02:51 -0400 | [diff] [blame] | 19 | def sync_record(self, site_priv): |
Tony Mack | e4be32f | 2014-03-11 20:45:25 -0400 | [diff] [blame] | 20 | # sync site privileges at all site deployments |
Sapan Bhatia | 84ba65d | 2014-11-11 21:44:35 -0500 | [diff] [blame] | 21 | site_deployments = SiteDeployment.objects.filter(site=site_priv.site) |
Tony Mack | e4be32f | 2014-03-11 20:45:25 -0400 | [diff] [blame] | 22 | for site_deployment in site_deployments: |
Sapan Bhatia | 84ba65d | 2014-11-11 21:44:35 -0500 | [diff] [blame] | 23 | user_deployments = UserDeployment.objects.filter(deployment=site_deployment.deployment) |
Tony Mack | e4be32f | 2014-03-11 20:45:25 -0400 | [diff] [blame] | 24 | if user_deployments: |
| 25 | kuser_id = user_deployments[0].kuser_id |
Tony Mack | f77f140 | 2014-04-02 07:06:53 -0400 | [diff] [blame] | 26 | driver = self.driver.admin_driver(deployment=site_deployment.deployment.name) |
Tony Mack | e4be32f | 2014-03-11 20:45:25 -0400 | [diff] [blame] | 27 | driver.add_user_role(kuser_id, |
| 28 | site_deployment.tenant_id, |
Tony Mack | f77f140 | 2014-04-02 07:06:53 -0400 | [diff] [blame] | 29 | site_priv.role.role) |