blob: cf838cf390a9d4ba69a6f99a2827d149e1b9d74f [file] [log] [blame]
Sapan Bhatia24836f12013-08-27 10:16:05 -04001import os
2import base64
Tony Mackae7f30c2013-09-25 12:46:50 -04003from django.db.models import F, Q
Sapan Bhatia24836f12013-08-27 10:16:05 -04004from planetstack.config import Config
Sapan Bhatia04c94ad2013-09-02 18:00:28 -04005from observer.openstacksyncstep import OpenStackSyncStep
6from core.models.site import *
Tony Mackd1a17e12014-03-19 15:18:15 -04007from core.models.user import User, UserDeployments
Sapan Bhatia24836f12013-08-27 10:16:05 -04008
9class SyncSitePrivileges(OpenStackSyncStep):
Tony Mackdacfb982013-09-24 21:57:16 -040010 requested_interval=0
11 provides=[SitePrivilege]
Tony Mack66646d52013-09-24 21:47:12 -040012
13 def fetch_pending(self):
Tony Mack31078dd2013-10-02 12:46:21 -040014 return SitePrivilege.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None))
Tony Mack66646d52013-09-24 21:47:12 -040015
Tony Mack37146d22013-10-21 11:02:51 -040016 def sync_record(self, site_priv):
Tony Mackdacfb982013-09-24 21:57:16 -040017 if site_priv.user.kuser_id and site_priv.site.tenant_id:
18 self.driver.add_user_role(site_priv.user.kuser_id,
19 site_priv.site.tenant_id,
Tony Mack00367072013-10-08 18:09:30 -040020 site_priv.role.role)
Tony Macke4be32f2014-03-11 20:45:25 -040021
22 # sync site privileges at all site deployments
23 site_deployments = SiteDeployments.objects.filter(site=site_priv.site)
24 for site_deployment in site_deployments:
25 user_deployments = UserDeployments.objects.filter(deployment=site_deployment.deployment)
26 if user_deployments:
27 kuser_id = user_deployments[0].kuser_id
28 driver = self.driver.admin_driver(deployment=site_deployment.name)
29 driver.add_user_role(kuser_id,
30 site_deployment.tenant_id,
31 slice_memb.role.role)