x/ranger
Code Issues Proposed changes

Merge "Add user to keystone group"

Browse Source
This commit is contained in:
Zuul 2019-05-22 21:00:37 +00:00 committed by Gerrit Code Review
commit 265761babd
2 changed files with 92 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

151
orm/services/customer_manager/cms_rest/logic/group_logic.py
View File

@ -10,7 +10,7 @@ from orm.services.customer_manager.cms_rest.data.data_manager import \
DataManager DataManager
from orm.services.customer_manager.cms_rest.logger import get_logger from orm.services.customer_manager.cms_rest.logger import get_logger
from orm.services.customer_manager.cms_rest.logic.error_base import ( from orm.services.customer_manager.cms_rest.logic.error_base import (
DuplicateEntryError, ErrorStatus) DuplicateEntryError, ErrorStatus, NotFound)
from orm.services.customer_manager.cms_rest.model.GroupModels import ( from orm.services.customer_manager.cms_rest.model.GroupModels import (
GroupResultWrapper, GroupResultWrapper,
GroupSummary, GroupSummary,
@ -43,8 +43,26 @@ class GroupLogic(object):
self.add_regions_to_db(group.regions, sql_group_id, datamanager) self.add_regions_to_db(group.regions, sql_group_id, datamanager)
self.add_default_user_db(datamanager, group.users, [], uuid)
return sql_group return sql_group
def add_default_users_to_region(self, datamanager, group_uuid, region_id):
''' create region user record(s) for every default user(s) for the group
found in groups_user table
'''
group_record = datamanager.get_record('group')
group = group_record.read_group_by_uuid(group_uuid)
defaultRegion = group.get_default_region()
# create region users from existing default users
existing_default_users =\
defaultRegion.group_region_users if defaultRegion else []
for user in existing_default_users:
datamanager.add_groups_user(group_uuid, user.user.id,
region_id, user.domain_name)
def add_regions_to_db(self, regions, sql_group_id, def add_regions_to_db(self, regions, sql_group_id,
datamanager, default_users=[]): datamanager, default_users=[]):
for region in regions: for region in regions:
@ -60,9 +78,16 @@ class GroupLogic(object):
' already associated with group') ' already associated with group')
raise ex raise ex
def add_default_user_db(self, datamanager, default_users_requested, existing_default_users, group_uuid): self.add_user_db(datamanager, region.users,
default_region_users = [] default_users, sql_group_id, sql_region.id)
# create region users from default users
self.add_default_users_to_region(datamanager, sql_group_id,
sql_region.id)
def add_default_user_db(self, datamanager, default_users_requested,
existing_default_users, group_uuid):
default_region_users = []
for user_info in default_users_requested: for user_info in default_users_requested:
domain_value = user_info.domain domain_value = user_info.domain
for username in user_info.id: for username in user_info.id:
@ -71,8 +96,6 @@ class GroupLogic(object):
# check if there is user/user_domain match # check if there is user/user_domain match
# in existing_default_users list # in existing_default_users list
# note: check with Hari or James on how to do
# an efficient search within a dictionary
default_user_exists =\ default_user_exists =\
[username for exist_user in existing_default_users [username for exist_user in existing_default_users
if exist_user.user.name == username and if exist_user.user.name == username and
@ -88,6 +111,31 @@ class GroupLogic(object):
return default_region_users return default_region_users
def add_user_db(self, datamanager, region_users_requested,
all_existing_users, group_uuid, region_id):
# region_users = []
for user_info in region_users_requested:
domain_value = user_info.domain
for username in user_info.id:
region_user_exists = []
if all_existing_users:
# check if there is user/user_domain match
# in existing_default_users list
region_user_exists =\
[username for exist_user in all_existing_users
if exist_user.user.name == username and
exist_user.domain_name == domain_value]
if not region_user_exists:
# add user to cms_user table and group_users
sql_user = datamanager.add_user(username)
sql_groups_user = \
datamanager.add_groups_user(group_uuid, sql_user.id,
region_id, domain_value)
# region_users.append(sql_groups_user)
# return region_users
def assign_roles(self, def assign_roles(self,
group_uuid, group_uuid,
role_assignments, role_assignments,
@ -170,8 +218,8 @@ class GroupLogic(object):
defaultRegion = group.get_default_region() defaultRegion = group.get_default_region()
# get all existing default region users with their respective user domain existing_default_users =\
existing_default_users = defaultRegion.group_region_users if defaultRegion else [] defaultRegion.group_region_users if defaultRegion else []
default_users = [] default_users = []
for default_user in existing_default_users: for default_user in existing_default_users:
@ -179,17 +227,15 @@ class GroupLogic(object):
default_users.append(default_user) default_users.append(default_user)
default_region_users =\ default_region_users =\
self.add_default_user_db(datamanager, users, default_users, self.add_default_user_db(datamanager, users,
group_uuid) existing_default_users, group_uuid)
# add default user(s) to all regions where group is assigned to # add default user(s) to all regions where group is assigned to
regions = group.get_group_regions() regions = group.get_group_regions()
for region in regions: for region in regions:
for user in default_region_users: self.add_user_db(datamanager, users, [],
datamanager.add_groups_user(group_uuid, user.user_id, group_uuid, region.region_id)
region.region_id, user.domain_name)
timestamp = utils.get_time_human() timestamp = utils.get_time_human()
datamanager.flush() # i want to get any exception created by this insert datamanager.flush()
''' '''
# if len(customer.customer_customer_regions) > 1: # if len(customer.customer_customer_regions) > 1:
@ -236,48 +282,31 @@ class GroupLogic(object):
region_id = datamanager.get_region_id_by_name(region_id) region_id = datamanager.get_region_id_by_name(region_id)
if group_id is None: if group_id is None:
raise ErrorStatus(404, "group {} does not exist".format(group_uuid)) raise ErrorStatus(404, "group {} does not exist".format(
group_uuid))
if region_id is None: if region_id is None:
raise ErrorStatus(404, "region {} does not exist".format(region_uuid)) raise ErrorStatus(404, "region {} does not exist".format(
region_uuid))
group_record = datamanager.get_record('group') group_record = datamanager.get_record('group')
group = group_record.read_group_by_uuid(group_uuid) group = group_record.read_group_by_uuid(group_uuid)
groupRegion = group.get_region(region_id) groupRegion = group.get_region(region_id)
# get all users already assigned to the group region # get all users already assigned to the group region
current_region_users = groupRegion.group_region_users if groupRegion else [] current_region_users =\
groupRegion.group_region_users if groupRegion else []
# build the existing_users_list from current region users result # build the existing_users_list from current region users result
existing_users_list = [] region_users_list = []
for rgn_user in current_region_users: for rgn_user in current_region_users:
if rgn_user.user not in existing_users_list: if rgn_user.user not in region_users_list:
existing_users_list.append(rgn_user) region_users_list.append(rgn_user)
# This section determines when to add region user to database.
# Only requested users that are not in the existing user list shall be
# added to the database
for user_info in region_users_requested:
domain_value = user_info.domain
for username in user_info.id:
region_user_exists = []
if existing_users_list:
# check if there is user/user_domain match
# in existing_default_users list
region_user_exists =\
[username for exist_user in existing_users_list
if exist_user.user.name == username and
exist_user.domain_name == domain_value]
if not region_user_exists:
# add user to cms_user table and group_users
sql_user = datamanager.add_user(username)
sql_groups_user = \
datamanager.add_groups_user(group_uuid, sql_user.id,
region_id, domain_value)
self.add_user_db(datamanager, region_users_requested,
region_users_list, group_uuid, region_id)
timestamp = utils.get_time_human() timestamp = utils.get_time_human()
datamanager.flush() # i want to get any exception created by this insert datamanager.flush()
''' '''
# if len(customer.customer_customer_regions) > 1: # if len(customer.customer_customer_regions) > 1:
@ -287,10 +316,11 @@ class GroupLogic(object):
''' '''
if p_datamanager is None: if p_datamanager is None:
users_result = [{'id': user.id, users_result =\
[{'id': user.id,
'domain': user.domain} for user in region_users_requested] 'domain': user.domain} for user in region_users_requested]
region_user_result_wrapper = build_response(group_uuid, region_user_result_wrapper =\
transaction_id, build_response(group_uuid, transaction_id,
'add_group_region_users', 'add_group_region_users',
users=users_result) users=users_result)
@ -339,8 +369,8 @@ class GroupLogic(object):
datamanager.rollback() datamanager.rollback()
LOG.log_exception("Failed to delete default user, user not found", LOG.log_exception("Failed to delete default user, user not found",
e.message) e.message)
raise NotFound("Failed to delete default user, default %s not found" % raise NotFound("Failed to delete default user,"
e.message) "default %s not found" % e.message)
raise raise
except Exception as exp: except Exception as exp:
@ -350,8 +380,8 @@ class GroupLogic(object):
def delete_group_region_user(self, group_uuid, region_id, user, def delete_group_region_user(self, group_uuid, region_id, user,
user_domain, transaction_id): user_domain, transaction_id):
LOG.info("Delete user: group: {0} region: {1} user: {2} user " LOG.info("Delete user: group: {0} region: {1} user: {2} user "
"domain: {3}".format(group_uuid, region_id, user, user_domain)) "domain: {3}".format(group_uuid, region_id, user,
user_domain))
datamanager = DataManager() datamanager = DataManager()
try: try:
@ -385,10 +415,10 @@ class GroupLogic(object):
except NotFound as e: except NotFound as e:
datamanager.rollback() datamanager.rollback()
LOG.log_exception("Failed to delete region user, user not found", LOG.log_exception("Failed to delete region user,"
e.message) " user not found", e.message)
raise NotFound("Failed to delete region user, region %s not found" % raise NotFound("Failed to delete region user,"
e.message) " region %s not found" % e.message)
except Exception as exception: except Exception as exception:
datamanager.rollback() datamanager.rollback()
LOG.log_exception("Failed to delete region user", exception) LOG.log_exception("Failed to delete region user", exception)
@ -534,19 +564,16 @@ class GroupLogic(object):
raise ErrorStatus( raise ErrorStatus(
404, 404,
"group with id {} does not exist".format(group_id)) "group with id {} does not exist".format(group_id))
default_users = [] defaultRegion = sql_group.get_default_region()
default_users =\
defaultRegion.group_region_users if defaultRegion else []
self.add_regions_to_db(regions, group_id, datamanager, self.add_regions_to_db(regions, group_id, datamanager,
default_users) default_users)
datamanager.commit() datamanager.commit()
datamanager.session.expire(sql_group) datamanager.session.expire(sql_group)
sql_group = datamanager.get_group_by_uuid_or_name(group_id) sql_group = datamanager.get_group_by_uuid_or_name(group_id)
group_dict = sql_group.get_proxy_dict() group_dict = sql_group.get_proxy_dict()
for region in group_dict["regions"]: for region in group_dict["regions"]:
new_region = next((r for r in regions new_region = next((r for r in regions
if r.name == region["name"]), None) if r.name == region["name"]), None)
@ -554,19 +581,15 @@ class GroupLogic(object):
region["action"] = "create" region["action"] = "create"
else: else:
region["action"] = "modify" region["action"] = "modify"
timestamp = utils.get_time_human() timestamp = utils.get_time_human()
RdsProxy.send_group_dict(group_dict, transaction_id, "POST") RdsProxy.send_group_dict(group_dict, transaction_id, "POST")
base_link = '{0}{1}/'.format(conf.server.host_ip, base_link = '{0}{1}/'.format(conf.server.host_ip,
request.path) request.path)
result_regions = [{'id': region.name, 'added': timestamp, result_regions = [{'id': region.name, 'added': timestamp,
'links': {'self': base_link + region.name}} for 'links': {'self': base_link + region.name}} for
region in regions] region in regions]
region_result_wrapper = RegionResultWrapper( region_result_wrapper = RegionResultWrapper(
transaction_id=transaction_id, regions=result_regions) transaction_id=transaction_id, regions=result_regions)
return region_result_wrapper return region_result_wrapper
except Exception as exp: except Exception as exp:
datamanager.rollback() datamanager.rollback()

2
orm/services/customer_manager/scripts/db_scripts/ranger_cms_create_db.sql
View File

@ -144,7 +144,7 @@ create table if not exists groups_user
primary key (group_id, region_id, user_id, domain_name), primary key (group_id, region_id, user_id, domain_name),
foreign key (`user_id`) references `cms_user` (`id`) ON DELETE CASCADE, foreign key (`user_id`) references `cms_user` (`id`) ON DELETE CASCADE,
foreign key (`group_id`) references `groups` (`uuid`) ON DELETE CASCADE ON UPDATE NO ACTION, foreign key (`group_id`) references `groups` (`uuid`) ON DELETE CASCADE ON UPDATE NO ACTION,
foreign key (`region_id`) references `groups_region` (`region_id`) ON UPDATE NO ACTION, foreign key (`group_id`,`region_id`) references `groups_region` (`group_id`,`region_id`) ON DELETE CASCADE ON UPDATE NO ACTION,
foreign key (`domain_name`) references `cms_domain` (`name`) ON DELETE CASCADE ON UPDATE NO ACTION, foreign key (`domain_name`) references `cms_domain` (`name`) ON DELETE CASCADE ON UPDATE NO ACTION,
index group_id (group_id), index group_id (group_id),
index region_id (region_id), index region_id (region_id),