| Scott Baker | 105b6b7 | 2014-05-12 10:40:25 -0700 | [diff] [blame^] | 1 | import os |
| 2 | import base64 |
| 3 | from django.db.models import F, Q |
| 4 | from planetstack.config import Config |
| 5 | from observer.openstacksyncstep import OpenStackSyncStep |
| 6 | from core.models.slice import * |
| 7 | from core.models.user import UserDeployments |
| 8 | from util.logger import Logger, logging |
| 9 | |
| 10 | logger = Logger(level=logging.INFO) |
| 11 | |
| 12 | class SyncSliceMemberships(OpenStackSyncStep): |
| 13 | requested_interval=0 |
| 14 | provides=[SlicePrivilege] |
| 15 | |
| 16 | def fetch_pending(self): |
| 17 | return SlicePrivilege.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None)) |
| 18 | |
| 19 | def sync_record(self, slice_memb): |
| 20 | # sync slice memberships at all slice deployments |
| 21 | logger.info("syncing slice privilege: %s %s" % (slice_memb.slice.name, slice_memb.user.email)) |
| 22 | slice_deployments = SliceDeployments.objects.filter(slice=slice_memb.slice) |
| 23 | for slice_deployment in slice_deployments: |
| 24 | if not slice_deployment.tenant_id: |
| 25 | continue |
| 26 | user_deployments = UserDeployments.objects.filter(deployment=slice_deployment.deployment, |
| 27 | user=slice_memb.user) |
| 28 | if user_deployments: |
| 29 | kuser_id = user_deployments[0].kuser_id |
| 30 | driver = self.driver.admin_driver(deployment=slice_deployment.deployment.name) |
| 31 | driver.add_user_role(kuser_id, |
| 32 | slice_deployment.tenant_id, |
| 33 | slice_memb.role.role) |