blob: 6354d1fcd0b670a504838be949e07e3216213179 [file] [log] [blame]
Sapan Bhatia24836f12013-08-27 10:16:05 -04001import os
2import base64
Tony Mackae7f30c2013-09-25 12:46:50 -04003from django.db.models import F, Q
Sapan Bhatia24836f12013-08-27 10:16:05 -04004from planetstack.config import Config
Sapan Bhatia04c94ad2013-09-02 18:00:28 -04005from observer.openstacksyncstep import OpenStackSyncStep
Tony Macke10fbe52015-01-03 19:37:39 -05006from core.models import User, ControllerUsers, SitePrivilege, SiteDeployments
Sapan Bhatia24836f12013-08-27 10:16:05 -04007
8class SyncSitePrivileges(OpenStackSyncStep):
Tony Mackdacfb982013-09-24 21:57:16 -04009 requested_interval=0
10 provides=[SitePrivilege]
Tony Mack66646d52013-09-24 21:47:12 -040011
Sapan Bhatiab83643c2014-07-23 09:59:32 -040012 def fetch_pending(self, deleted):
13 # Deleting site privileges is not supported yet
14 if (deleted):
15 return []
16
Tony Mack31078dd2013-10-02 12:46:21 -040017 return SitePrivilege.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None))
Tony Mack66646d52013-09-24 21:47:12 -040018
Tony Mack37146d22013-10-21 11:02:51 -040019 def sync_record(self, site_priv):
Tony Mack06c8e472014-11-30 15:53:08 -050020 # sync site privileges at all site controllers
Tony Macke10fbe52015-01-03 19:37:39 -050021 ctrl_site_deployments = SiteDeployments.objects.filter(site_deployment__site=site_priv.site)
Tony Mackd14d48f2014-12-05 17:13:08 -050022 for ctrl_site_deployment in ctrl_site_deployments:
23 controller_users = ControllerUsers.objects.filter(controller=ctrl_site_deployment.controller,
24 user=site_priv.user)
Tony Mack06c8e472014-11-30 15:53:08 -050025 if controller_users:
26 kuser_id = controller_users[0].kuser_id
Tony Mackd14d48f2014-12-05 17:13:08 -050027 driver = self.driver.admin_driver(controller=ctrl_site_deployment.controller)
Tony Macke4be32f2014-03-11 20:45:25 -040028 driver.add_user_role(kuser_id,
Tony Mackd14d48f2014-12-05 17:13:08 -050029 ctrl_site_deployment.controller.tenant_id,
Tony Mackf77f1402014-04-02 07:06:53 -040030 site_priv.role.role)