Package yakumo :: Package keystone :: Package v3 :: Module project
[hide private]
[frames] | no frames]

Source Code for Module yakumo.keystone.v3.project

  1  # Copyright 2014-2017 by Akira Yoshiyama <akirayoshiyama@gmail.com>. 
  2  # All Rights Reserved. 
  3  # 
  4  #    Licensed under the Apache License, Version 2.0 (the "License"); you may 
  5  #    not use this file except in compliance with the License. You may obtain 
  6  #    a copy of the License at 
  7  # 
  8  #         http://www.apache.org/licenses/LICENSE-2.0 
  9  # 
 10  #    Unless required by applicable law or agreed to in writing, software 
 11  #    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 
 12  #    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 
 13  #    License for the specific language governing permissions and limitations 
 14  #    under the License. 
 15   
 16  """ 
 17  Resource class and its manager for projects in Identity V3 API 
 18  """ 
 19   
 20  from yakumo import base 
 21  from yakumo.constant import UNDEF 
 22  from yakumo import exception 
 23  from yakumo import mapper 
 24   
 25  from .group import Resource as Group 
 26  from .role import Resource as Role 
 27  from .user import Resource as User 
 28   
 29   
 30  ATTRIBUTE_MAPPING = [ 
 31      ('id', 'id', mapper.Noop), 
 32      ('name', 'name', mapper.Noop), 
 33      ('description', 'description', mapper.Noop), 
 34      ('parent', 'parent_id', mapper.Resource('keystone.project')), 
 35      ('domain', 'domain_id', mapper.Resource('keystone.domain')), 
 36      ('is_enabled', 'enabled', mapper.Noop), 
 37  ] 
 38   
 39   
40 -class Resource(base.Resource):
41 """resource class for projects on Identity V3 API""" 42
43 - def update(self, name=UNDEF, description=UNDEF, parent=UNDEF, domain=UNDEF, 44 is_enabled=UNDEF):
45 """ 46 Update properties of a project 47 48 @keyword name: Project name 49 @type name: str 50 @keyword description: Description 51 @type description: str 52 @keyword parent: Parent project 53 @type parent: yakumo.keystone.v3.project.Resource 54 @keyword domain: Domain 55 @type domain: yakumo.keystone.v3.domain.Resource 56 @keyword is_enabled: Whether project is enabled or not 57 @type is_enabled: bool 58 @rtype: None 59 """ 60 super(Resource, self).update( 61 name=name, 62 description=description, 63 parent=parent, 64 domain=domain, 65 is_enabled=is_enabled)
66
67 - def check_roles(self, users=None, groups=None, roles=None):
68 """ 69 Check roles of users and/or groups for a project 70 71 @keyword users: List of users 72 @type users: [keystone.user.Resource] 73 @keyword groups: List of groups 74 @type groups: [keystone.group.Resource] 75 @keyword roles: List of roles 76 @type roles: [keystone.role.Resource] 77 @return: Whether users/groups have roles 78 @rtype: None 79 """ 80 if users is None: 81 users = [] 82 if isinstance(users, User): 83 users = [users] 84 if groups is None: 85 groups = [] 86 if isinstance(groups, Group): 87 groups = [groups] 88 if roles is None: 89 roles = [] 90 if isinstance(roles, Role): 91 roles = [roles] 92 93 ret = [] 94 for user in users: 95 try: 96 for role in roles: 97 self._http.head(self._url_resource_path, self._id, 98 "users", user.get_id(), 99 "roles", role.get_id()) 100 ret.append(True) 101 except exception.NotFound: 102 ret.append(False) 103 for group in groups: 104 try: 105 for role in roles: 106 self._http.head(self._url_resource_path, self._id, 107 "groups", group.get_id(), 108 "roles", role.get_id()) 109 ret.append(True) 110 except exception.NotFound: 111 ret.append(False) 112 return ret
113
114 - def grant_roles(self, users=None, groups=None, roles=None):
115 """ 116 Grant roles to users and/or groups for a project 117 118 @keyword users: List of users 119 @type users: [keystone.user.Resource] 120 @keyword groups: List of groups 121 @type groups: [keystone.group.Resource] 122 @keyword roles: List of roles 123 @type roles: [keystone.role.Resource] 124 @rtype: None 125 """ 126 if users is None: 127 users = [] 128 if isinstance(users, User): 129 users = [users] 130 if groups is None: 131 groups = [] 132 if isinstance(groups, Group): 133 groups = [groups] 134 if roles is None: 135 roles = [] 136 if isinstance(roles, Role): 137 roles = [roles] 138 for role in roles: 139 for user in users: 140 self._http.put(self._url_resource_path, self._id, 141 "users", user.get_id(), 142 "roles", role.get_id()) 143 for group in groups: 144 self._http.put(self._url_resource_path, self._id, 145 "groups", group.get_id(), 146 "roles", role.get_id())
147
148 - def revoke_roles(self, users=None, groups=None, roles=None):
149 """ 150 Revoke roles from users and/or groups for a project 151 152 @keyword users: List of users 153 @type users: [keystone.user.Resource] 154 @keyword groups: List of groups 155 @type groups: [keystone.group.Resource] 156 @keyword roles: List of roles 157 @type roles: [keystone.role.Resource] 158 @rtype: None 159 """ 160 if users is None: 161 users = [] 162 if isinstance(users, User): 163 users = [users] 164 if groups is None: 165 groups = [] 166 if isinstance(groups, Group): 167 groups = [groups] 168 if roles is None: 169 roles = [] 170 if isinstance(roles, Role): 171 roles = [roles] 172 for role in roles: 173 for user in users: 174 self._http.delete(self._url_resource_path, self._id, 175 "users", user.get_id(), 176 "roles", role.get_id()) 177 for group in groups: 178 self._http.delete(self._url_resource_path, self._id, 179 "groups", group.get_id(), 180 "roles", role.get_id())
181 182
183 -class Manager(base.Manager):
184 """manager class for projects on Identity V3 API""" 185 186 resource_class = Resource 187 service_type = 'identity' 188 _attr_mapping = ATTRIBUTE_MAPPING 189 _json_resource_key = 'project' 190 _json_resources_key = 'projects' 191 _update_method = 'patch' 192 _url_resource_path = '/projects' 193
194 - def create(self, name=UNDEF, description=UNDEF, parent=UNDEF, domain=UNDEF, 195 is_enabled=UNDEF):
196 """ 197 Register a project 198 199 @keyword name: Project name 200 @type name: str 201 @keyword description: Description 202 @type description: str 203 @keyword parent: Parent project 204 @type parent: yakumo.keystone.v3.project.Resource 205 @keyword domain: Domain 206 @type domain: yakumo.keystone.v3.domain.Resource 207 @keyword is_enabled: Whether project is enabled or not 208 @type is_enabled: bool 209 @return: Created project 210 @rtype: yakumo.keystone.v3.project.Resource 211 """ 212 return super(Manager, self).create( 213 name=name, 214 description=description, 215 parent=parent, 216 domain=domain, 217 is_enabled=is_enabled)
218