Package yakumo :: Package keystone :: Package v3 :: Module domain
[hide private]
[frames] | no frames]

Source Code for Module yakumo.keystone.v3.domain

  1  # Copyright 2014-2017 by Akira Yoshiyama <akirayoshiyama@gmail.com>. 
  2  # All Rights Reserved. 
  3  # 
  4  #    Licensed under the Apache License, Version 2.0 (the "License"); you may 
  5  #    not use this file except in compliance with the License. You may obtain 
  6  #    a copy of the License at 
  7  # 
  8  #         http://www.apache.org/licenses/LICENSE-2.0 
  9  # 
 10  #    Unless required by applicable law or agreed to in writing, software 
 11  #    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 
 12  #    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 
 13  #    License for the specific language governing permissions and limitations 
 14  #    under the License. 
 15   
 16  """ 
 17  Resource class and its manager for domains in Identity V3 API 
 18  """ 
 19   
 20  from yakumo import base 
 21  from yakumo.constant import UNDEF 
 22  from yakumo import exception 
 23  from yakumo import mapper 
 24   
 25  from .group import Resource as Group 
 26  from .role import Resource as Role 
 27  from .user import Resource as User 
 28   
 29   
 30  ATTRIBUTE_MAPPING = [ 
 31      ('id', 'id', mapper.Noop), 
 32      ('name', 'name', mapper.Noop), 
 33      ('description', 'description', mapper.Noop), 
 34      ('is_enabled', 'enabled', mapper.Noop), 
 35  ] 
 36   
 37   
38 -class Resource(base.Resource):
39 """resource class for domains on Identity V3 API""" 40
41 - def update(self, name=UNDEF, description=UNDEF, is_enabled=UNDEF):
42 """ 43 Update properties of a domain 44 45 @keyword name: Domain name 46 @type name: str 47 @keyword description: Description 48 @type description: str 49 @keyword is_enabled: Whether the domain is enabled or not 50 @type is_enabled: bool 51 @rtype: None 52 """ 53 super(Resource, self).update( 54 name=name, 55 description=description, 56 is_enabled=is_enabled)
57
58 - def check_roles(self, users=None, groups=None, roles=None):
59 """ 60 Check roles of users and/or groups for a project 61 62 @keyword users: List of users 63 @type users: [keystone.user.Resource] 64 @keyword groups: List of groups 65 @type groups: [keystone.group.Resource] 66 @keyword roles: List of roles 67 @type roles: [keystone.role.Resource] 68 @return: Whether users/groups have roles 69 @rtype: None 70 """ 71 if users is None: 72 users = [] 73 if isinstance(users, User): 74 users = [users] 75 if groups is None: 76 groups = [] 77 if isinstance(groups, Group): 78 groups = [groups] 79 if roles is None: 80 roles = [] 81 if isinstance(roles, Role): 82 roles = [roles] 83 84 ret = [] 85 for user in users: 86 try: 87 for role in roles: 88 self._http.head(self._url_resource_path, self._id, 89 "users", user.get_id(), 90 "roles", role.get_id()) 91 ret.append(True) 92 except exception.NotFound: 93 ret.append(False) 94 for group in groups: 95 try: 96 for role in roles: 97 self._http.head(self._url_resource_path, self._id, 98 "groups", group.get_id(), 99 "roles", role.get_id()) 100 ret.append(True) 101 except exception.NotFound: 102 ret.append(False) 103 return ret
104
105 - def grant_roles(self, users=None, groups=None, roles=None):
106 """ 107 Grant roles to users and/or groups for a project 108 109 @keyword users: List of users 110 @type users: [keystone.user.Resource] 111 @keyword groups: List of groups 112 @type groups: [keystone.group.Resource] 113 @keyword roles: List of roles 114 @type roles: [keystone.role.Resource] 115 @rtype: None 116 """ 117 if users is None: 118 users = [] 119 if isinstance(users, User): 120 users = [users] 121 if groups is None: 122 groups = [] 123 if isinstance(groups, Group): 124 groups = [groups] 125 if roles is None: 126 roles = [] 127 if isinstance(roles, Role): 128 roles = [roles] 129 for role in roles: 130 for user in users: 131 self._http.put(self._url_resource_path, self._id, 132 "users", user.get_id(), 133 "roles", role.get_id()) 134 for group in groups: 135 self._http.put(self._url_resource_path, self._id, 136 "groups", group.get_id(), 137 "roles", role.get_id())
138
139 - def revoke_roles(self, users=None, groups=None, roles=None):
140 """ 141 Revoke roles from users and/or groups for a project 142 143 @keyword users: List of users 144 @type users: [keystone.user.Resource] 145 @keyword groups: List of groups 146 @type groups: [keystone.group.Resource] 147 @keyword roles: List of roles 148 @type roles: [keystone.role.Resource] 149 @rtype: None 150 """ 151 if users is None: 152 users = [] 153 if isinstance(users, User): 154 users = [users] 155 if groups is None: 156 groups = [] 157 if isinstance(groups, Group): 158 groups = [groups] 159 if roles is None: 160 roles = [] 161 if isinstance(roles, Role): 162 roles = [roles] 163 for role in roles: 164 for user in users: 165 self._http.delete(self._url_resource_path, self._id, 166 "users", user.get_id(), 167 "roles", role.get_id()) 168 for group in groups: 169 self._http.delete(self._url_resource_path, self._id, 170 "groups", group.get_id(), 171 "roles", role.get_id())
172 173
174 -class Manager(base.Manager):
175 """manager class for domains on Identity V3 API""" 176 177 resource_class = Resource 178 service_type = 'identity' 179 _attr_mapping = ATTRIBUTE_MAPPING 180 _json_resource_key = 'domain' 181 _json_resources_key = 'domains' 182 _update_method = 'patch' 183 _url_resource_path = '/domains' 184
185 - def create(self, name=UNDEF, description=UNDEF, is_enabled=UNDEF):
186 """ 187 Register a domain 188 189 @keyword name: Domain name 190 @type name: str 191 @keyword description: Description 192 @type description: str 193 @keyword is_enabled: Whether the domain is enabled or not 194 @type is_enabled: bool 195 @return: Created domain 196 @rtype: yakumo.keystone.v3.domain.Resource 197 """ 198 return super(Manager, self).create( 199 name=name, 200 description=description, 201 is_enabled=is_enabled)
202