Sapan Bhatia | 24836f1 | 2013-08-27 10:16:05 -0400 | [diff] [blame] | 1 | import os |
| 2 | import base64 |
Tony Mack | ae7f30c | 2013-09-25 12:46:50 -0400 | [diff] [blame] | 3 | from django.db.models import F, Q |
Sapan Bhatia | 24836f1 | 2013-08-27 10:16:05 -0400 | [diff] [blame] | 4 | from planetstack.config import Config |
Sapan Bhatia | 04c94ad | 2013-09-02 18:00:28 -0400 | [diff] [blame] | 5 | from observer.openstacksyncstep import OpenStackSyncStep |
Tony Mack | 528d422 | 2014-12-05 17:13:08 -0500 | [diff] [blame] | 6 | from core.models import User, ControllerUsers, SitePrivilege, ControllerSiteDeployments |
Sapan Bhatia | 24836f1 | 2013-08-27 10:16:05 -0400 | [diff] [blame] | 7 | |
| 8 | class SyncSitePrivileges(OpenStackSyncStep): |
Tony Mack | dacfb98 | 2013-09-24 21:57:16 -0400 | [diff] [blame] | 9 | requested_interval=0 |
| 10 | provides=[SitePrivilege] |
Tony Mack | 66646d5 | 2013-09-24 21:47:12 -0400 | [diff] [blame] | 11 | |
Sapan Bhatia | b83643c | 2014-07-23 09:59:32 -0400 | [diff] [blame] | 12 | def fetch_pending(self, deleted): |
| 13 | # Deleting site privileges is not supported yet |
| 14 | if (deleted): |
| 15 | return [] |
| 16 | |
Tony Mack | 31078dd | 2013-10-02 12:46:21 -0400 | [diff] [blame] | 17 | return SitePrivilege.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None)) |
Tony Mack | 66646d5 | 2013-09-24 21:47:12 -0400 | [diff] [blame] | 18 | |
Tony Mack | 37146d2 | 2013-10-21 11:02:51 -0400 | [diff] [blame] | 19 | def sync_record(self, site_priv): |
Tony Mack | 336e0f9 | 2014-11-30 15:53:08 -0500 | [diff] [blame] | 20 | # sync site privileges at all site controllers |
Tony Mack | 528d422 | 2014-12-05 17:13:08 -0500 | [diff] [blame] | 21 | ctrl_site_deployments = ControllerSiteDeployments.objects.filter(site_deployment__site=site_priv.site) |
| 22 | for ctrl_site_deployment in ctrl_site_deployments: |
| 23 | controller_users = ControllerUsers.objects.filter(controller=ctrl_site_deployment.controller, |
| 24 | user=site_priv.user) |
Tony Mack | 336e0f9 | 2014-11-30 15:53:08 -0500 | [diff] [blame] | 25 | if controller_users: |
| 26 | kuser_id = controller_users[0].kuser_id |
Tony Mack | 528d422 | 2014-12-05 17:13:08 -0500 | [diff] [blame] | 27 | driver = self.driver.admin_driver(controller=ctrl_site_deployment.controller) |
Tony Mack | e4be32f | 2014-03-11 20:45:25 -0400 | [diff] [blame] | 28 | driver.add_user_role(kuser_id, |
Tony Mack | 528d422 | 2014-12-05 17:13:08 -0500 | [diff] [blame] | 29 | ctrl_site_deployment.controller.tenant_id, |
Tony Mack | f77f140 | 2014-04-02 07:06:53 -0400 | [diff] [blame] | 30 | site_priv.role.role) |