x/ranger
Code Issues Proposed changes

Merge "Add user to keystone group"

Browse Source
This commit is contained in:
Zuul 2019-05-22 21:00:37 +00:00 committed by Gerrit Code Review
commit 265761babd
2 changed files with 92 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

157
orm/services/customer_manager/cms_rest/logic/group_logic.py
View File

@ -10,7 +10,7 @@ from orm.services.customer_manager.cms_rest.data.data_manager import \
DataManager
from orm.services.customer_manager.cms_rest.logger import get_logger
from orm.services.customer_manager.cms_rest.logic.error_base import (
DuplicateEntryError, ErrorStatus)
DuplicateEntryError, ErrorStatus, NotFound)
from orm.services.customer_manager.cms_rest.model.GroupModels import (
GroupResultWrapper,
GroupSummary,
@ -43,8 +43,26 @@ class GroupLogic(object):
self.add_regions_to_db(group.regions, sql_group_id, datamanager)
self.add_default_user_db(datamanager, group.users, [], uuid)
return sql_group
def add_default_users_to_region(self, datamanager, group_uuid, region_id):
''' create region user record(s) for every default user(s) for the group
found in groups_user table
'''
group_record = datamanager.get_record('group')
group = group_record.read_group_by_uuid(group_uuid)
defaultRegion = group.get_default_region()
# create region users from existing default users
existing_default_users =\
defaultRegion.group_region_users if defaultRegion else []
for user in existing_default_users:
datamanager.add_groups_user(group_uuid, user.user.id,
region_id, user.domain_name)
def add_regions_to_db(self, regions, sql_group_id,
datamanager, default_users=[]):
for region in regions:
@ -60,9 +78,16 @@ class GroupLogic(object):
' already associated with group')
raise ex
def add_default_user_db(self, datamanager, default_users_requested, existing_default_users, group_uuid):
default_region_users = []
self.add_user_db(datamanager, region.users,
default_users, sql_group_id, sql_region.id)
# create region users from default users
self.add_default_users_to_region(datamanager, sql_group_id,
sql_region.id)
def add_default_user_db(self, datamanager, default_users_requested,
existing_default_users, group_uuid):
default_region_users = []
for user_info in default_users_requested:
domain_value = user_info.domain
for username in user_info.id:
@ -71,8 +96,6 @@ class GroupLogic(object):
# check if there is user/user_domain match
# in existing_default_users list
# note: check with Hari or James on how to do
# an efficient search within a dictionary
default_user_exists =\
[username for exist_user in existing_default_users
if exist_user.user.name == username and
@ -88,6 +111,31 @@ class GroupLogic(object):
return default_region_users
def add_user_db(self, datamanager, region_users_requested,
all_existing_users, group_uuid, region_id):
# region_users = []
for user_info in region_users_requested:
domain_value = user_info.domain
for username in user_info.id:
region_user_exists = []
if all_existing_users:
# check if there is user/user_domain match
# in existing_default_users list
region_user_exists =\
[username for exist_user in all_existing_users
if exist_user.user.name == username and
exist_user.domain_name == domain_value]
if not region_user_exists:
# add user to cms_user table and group_users
sql_user = datamanager.add_user(username)
sql_groups_user = \
datamanager.add_groups_user(group_uuid, sql_user.id,
region_id, domain_value)
# region_users.append(sql_groups_user)
# return region_users
def assign_roles(self,
group_uuid,
role_assignments,
@ -170,8 +218,8 @@ class GroupLogic(object):
defaultRegion = group.get_default_region()
# get all existing default region users with their respective user domain
existing_default_users = defaultRegion.group_region_users if defaultRegion else []
existing_default_users =\
defaultRegion.group_region_users if defaultRegion else []
default_users = []
for default_user in existing_default_users:
@ -179,17 +227,15 @@ class GroupLogic(object):
default_users.append(default_user)
default_region_users =\
self.add_default_user_db(datamanager, users, default_users,
group_uuid)
self.add_default_user_db(datamanager, users,
existing_default_users, group_uuid)
# add default user(s) to all regions where group is assigned to
regions = group.get_group_regions()
for region in regions:
for user in default_region_users:
datamanager.add_groups_user(group_uuid, user.user_id,
region.region_id, user.domain_name)
self.add_user_db(datamanager, users, [],
group_uuid, region.region_id)
timestamp = utils.get_time_human()
datamanager.flush() # i want to get any exception created by this insert
datamanager.flush()
'''
# if len(customer.customer_customer_regions) > 1:
@ -236,48 +282,31 @@ class GroupLogic(object):
region_id = datamanager.get_region_id_by_name(region_id)
if group_id is None:
raise ErrorStatus(404, "group {} does not exist".format(group_uuid))
raise ErrorStatus(404, "group {} does not exist".format(
group_uuid))
if region_id is None:
raise ErrorStatus(404, "region {} does not exist".format(region_uuid))
raise ErrorStatus(404, "region {} does not exist".format(
region_uuid))
group_record = datamanager.get_record('group')
group = group_record.read_group_by_uuid(group_uuid)
groupRegion = group.get_region(region_id)
# get all users already assigned to the group region
current_region_users = groupRegion.group_region_users if groupRegion else []
current_region_users =\
groupRegion.group_region_users if groupRegion else []
# build the existing_users_list from current region users result
existing_users_list = []
region_users_list = []
for rgn_user in current_region_users:
if rgn_user.user not in existing_users_list:
existing_users_list.append(rgn_user)
# This section determines when to add region user to database.
# Only requested users that are not in the existing user list shall be
# added to the database
for user_info in region_users_requested:
domain_value = user_info.domain
for username in user_info.id:
region_user_exists = []
if existing_users_list:
# check if there is user/user_domain match
# in existing_default_users list
region_user_exists =\
[username for exist_user in existing_users_list
if exist_user.user.name == username and
exist_user.domain_name == domain_value]
if not region_user_exists:
# add user to cms_user table and group_users
sql_user = datamanager.add_user(username)
sql_groups_user = \
datamanager.add_groups_user(group_uuid, sql_user.id,
region_id, domain_value)
if rgn_user.user not in region_users_list:
region_users_list.append(rgn_user)
self.add_user_db(datamanager, region_users_requested,
region_users_list, group_uuid, region_id)
timestamp = utils.get_time_human()
datamanager.flush() # i want to get any exception created by this insert
datamanager.flush()
'''
# if len(customer.customer_customer_regions) > 1:
@ -287,12 +316,13 @@ class GroupLogic(object):
'''
if p_datamanager is None:
users_result = [{'id': user.id,
'domain': user.domain} for user in region_users_requested]
region_user_result_wrapper = build_response(group_uuid,
transaction_id,
'add_group_region_users',
users=users_result)
users_result =\
[{'id': user.id,
'domain': user.domain} for user in region_users_requested]
region_user_result_wrapper =\
build_response(group_uuid, transaction_id,
'add_group_region_users',
users=users_result)
datamanager.commit()
return region_user_result_wrapper
@ -339,8 +369,8 @@ class GroupLogic(object):
datamanager.rollback()
LOG.log_exception("Failed to delete default user, user not found",
e.message)
raise NotFound("Failed to delete default user, default %s not found" %
e.message)
raise NotFound("Failed to delete default user,"
"default %s not found" % e.message)
raise
except Exception as exp:
@ -350,8 +380,8 @@ class GroupLogic(object):
def delete_group_region_user(self, group_uuid, region_id, user,
user_domain, transaction_id):
LOG.info("Delete user: group: {0} region: {1} user: {2} user "
"domain: {3}".format(group_uuid, region_id, user, user_domain))
"domain: {3}".format(group_uuid, region_id, user,
user_domain))
datamanager = DataManager()
try:
@ -385,10 +415,10 @@ class GroupLogic(object):
except NotFound as e:
datamanager.rollback()
LOG.log_exception("Failed to delete region user, user not found",
e.message)
raise NotFound("Failed to delete region user, region %s not found" %
e.message)
LOG.log_exception("Failed to delete region user,"
" user not found", e.message)
raise NotFound("Failed to delete region user,"
" region %s not found" % e.message)
except Exception as exception:
datamanager.rollback()
LOG.log_exception("Failed to delete region user", exception)
@ -534,19 +564,16 @@ class GroupLogic(object):
raise ErrorStatus(
404,
"group with id {} does not exist".format(group_id))
default_users = []
defaultRegion = sql_group.get_default_region()
default_users =\
defaultRegion.group_region_users if defaultRegion else []
self.add_regions_to_db(regions, group_id, datamanager,
default_users)
datamanager.commit()
datamanager.session.expire(sql_group)
sql_group = datamanager.get_group_by_uuid_or_name(group_id)
group_dict = sql_group.get_proxy_dict()
for region in group_dict["regions"]:
new_region = next((r for r in regions
if r.name == region["name"]), None)
@ -554,19 +581,15 @@ class GroupLogic(object):
region["action"] = "create"
else:
region["action"] = "modify"
timestamp = utils.get_time_human()
RdsProxy.send_group_dict(group_dict, transaction_id, "POST")
base_link = '{0}{1}/'.format(conf.server.host_ip,
request.path)
result_regions = [{'id': region.name, 'added': timestamp,
'links': {'self': base_link + region.name}} for
region in regions]
region_result_wrapper = RegionResultWrapper(
transaction_id=transaction_id, regions=result_regions)
return region_result_wrapper
except Exception as exp:
datamanager.rollback()

4
orm/services/customer_manager/scripts/db_scripts/ranger_cms_create_db.sql
View File

@ -144,7 +144,7 @@ create table if not exists groups_user
primary key (group_id, region_id, user_id, domain_name),
foreign key (`user_id`) references `cms_user` (`id`) ON DELETE CASCADE,
foreign key (`group_id`) references `groups` (`uuid`) ON DELETE CASCADE ON UPDATE NO ACTION,
foreign key (`region_id`) references `groups_region` (`region_id`) ON UPDATE NO ACTION,
foreign key (`group_id`,`region_id`) references `groups_region` (`group_id`,`region_id`) ON DELETE CASCADE ON UPDATE NO ACTION,
foreign key (`domain_name`) references `cms_domain` (`name`) ON DELETE CASCADE ON UPDATE NO ACTION,
index group_id (group_id),
index region_id (region_id),
@ -175,4 +175,4 @@ create table if not exists groups_domain_role
foreign key (`domain_name`) references `cms_domain` (`name`) ON DELETE CASCADE ON UPDATE NO ACTION,
foreign key (`role_id`) references `groups_role` (`role_id`) ON DELETE CASCADE ON UPDATE NO ACTION,
foreign key (`region_id`) references `cms_region` (`id`) ON DELETE CASCADE ON UPDATE NO ACTION,
index role_id_idx (role_id));
index role_id_idx (role_id));