Sapan Bhatia | 24836f1 | 2013-08-27 10:16:05 -0400 | [diff] [blame] | 1 | import os |
| 2 | import base64 |
Tony Mack | ae7f30c | 2013-09-25 12:46:50 -0400 | [diff] [blame] | 3 | from django.db.models import F, Q |
Sapan Bhatia | 24836f1 | 2013-08-27 10:16:05 -0400 | [diff] [blame] | 4 | from planetstack.config import Config |
Sapan Bhatia | 04c94ad | 2013-09-02 18:00:28 -0400 | [diff] [blame] | 5 | from observer.openstacksyncstep import OpenStackSyncStep |
| 6 | from core.models.site import * |
Tony Mack | d1a17e1 | 2014-03-19 15:18:15 -0400 | [diff] [blame] | 7 | from core.models.user import User, UserDeployments |
Sapan Bhatia | 24836f1 | 2013-08-27 10:16:05 -0400 | [diff] [blame] | 8 | |
| 9 | class SyncSitePrivileges(OpenStackSyncStep): |
Tony Mack | dacfb98 | 2013-09-24 21:57:16 -0400 | [diff] [blame] | 10 | requested_interval=0 |
| 11 | provides=[SitePrivilege] |
Tony Mack | 66646d5 | 2013-09-24 21:47:12 -0400 | [diff] [blame] | 12 | |
| 13 | def fetch_pending(self): |
Tony Mack | 31078dd | 2013-10-02 12:46:21 -0400 | [diff] [blame] | 14 | return SitePrivilege.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None)) |
Tony Mack | 66646d5 | 2013-09-24 21:47:12 -0400 | [diff] [blame] | 15 | |
Tony Mack | 37146d2 | 2013-10-21 11:02:51 -0400 | [diff] [blame] | 16 | def sync_record(self, site_priv): |
Tony Mack | dacfb98 | 2013-09-24 21:57:16 -0400 | [diff] [blame] | 17 | if site_priv.user.kuser_id and site_priv.site.tenant_id: |
| 18 | self.driver.add_user_role(site_priv.user.kuser_id, |
| 19 | site_priv.site.tenant_id, |
Tony Mack | 0036707 | 2013-10-08 18:09:30 -0400 | [diff] [blame] | 20 | site_priv.role.role) |
Tony Mack | e4be32f | 2014-03-11 20:45:25 -0400 | [diff] [blame] | 21 | |
| 22 | # sync site privileges at all site deployments |
| 23 | site_deployments = SiteDeployments.objects.filter(site=site_priv.site) |
| 24 | for site_deployment in site_deployments: |
| 25 | user_deployments = UserDeployments.objects.filter(deployment=site_deployment.deployment) |
| 26 | if user_deployments: |
| 27 | kuser_id = user_deployments[0].kuser_id |
| 28 | driver = self.driver.admin_driver(deployment=site_deployment.name) |
| 29 | driver.add_user_role(kuser_id, |
| 30 | site_deployment.tenant_id, |
| 31 | slice_memb.role.role) |