mirror of
https://github.com/valitydev/salt.git
synced 2024-11-08 09:23:56 +00:00
Merge pull request #7158 from KennethWilke/develop
More Keystone tenant stuff
This commit is contained in:
commit
53bb39a2a3
@ -283,6 +283,33 @@ def tenant_create(name, description=None, enabled=True):
|
||||
return tenant_get(new.id)
|
||||
|
||||
|
||||
def tenant_delete(tenant_id=None, name=None):
|
||||
'''
|
||||
Delete a tenant (keystone tenant-delete)
|
||||
|
||||
CLI Examples:
|
||||
|
||||
.. code-block:: bash
|
||||
|
||||
salt '*' keystone.tenant_delete c965f79c4f864eaaa9c3b41904e67082
|
||||
salt '*' keystone.tenant_delete tenant_id=c965f79c4f864eaaa9c3b41904e67082
|
||||
salt '*' keystone.tenant_delete name=demo
|
||||
'''
|
||||
kstone = auth()
|
||||
if name:
|
||||
for tenant in kstone.tenants.list():
|
||||
if tenant.name == name:
|
||||
tenant_id = tenant.id
|
||||
break
|
||||
if not tenant_id:
|
||||
return {'Error': 'Unable to resolve tenant id'}
|
||||
kstone.tenants.delete(tenant_id)
|
||||
ret = 'Tenant ID {0} deleted'.format(tenant_id)
|
||||
if name:
|
||||
ret += ' ({0})'.format(name)
|
||||
return ret
|
||||
|
||||
|
||||
def tenant_get(tenant_id=None, name=None):
|
||||
'''
|
||||
Return a specific tenants (keystone tenant-get)
|
||||
@ -482,10 +509,11 @@ def user_delete(user_id=None, name=None):
|
||||
def user_update(user_id=None,
|
||||
name=None,
|
||||
email=None,
|
||||
enabled=None):
|
||||
enabled=None,
|
||||
tenant=None):
|
||||
'''
|
||||
Update a user's information (keystone user-update)
|
||||
The following fields may be updated: name, email, enabled.
|
||||
The following fields may be updated: name, email, enabled, tenant.
|
||||
Because the name is one of the fields, a valid user id is required.
|
||||
|
||||
CLI Examples:
|
||||
@ -512,6 +540,12 @@ def user_update(user_id=None,
|
||||
if enabled is None:
|
||||
enabled = user.enabled
|
||||
kstone.users.update(user=user_id, name=name, email=email, enabled=enabled)
|
||||
if tenant:
|
||||
for t in kstone.tenants.list():
|
||||
if t.name == tenant:
|
||||
tenant_id = t.id
|
||||
break
|
||||
kstone.users.update_tenant(user_id, tenant_id)
|
||||
ret = 'Info updated for user ID {0}'.format(user_id)
|
||||
return ret
|
||||
|
||||
@ -651,8 +685,6 @@ def _item_list():
|
||||
#role-delete Delete role
|
||||
#service-create Add service to Service Catalog
|
||||
#service-delete Delete service from Service Catalog
|
||||
#tenant-delete Delete tenant
|
||||
#tenant-update Update tenant name, description, enabled status
|
||||
#user-role-add Add role to user
|
||||
#user-role-remove Remove role from user
|
||||
#discover Discover Keystone servers and show authentication
|
||||
|
@ -31,7 +31,7 @@ def __virtual__():
|
||||
def user_present(name,
|
||||
password,
|
||||
email,
|
||||
tenant_id=None,
|
||||
tenant=None,
|
||||
enabled=True):
|
||||
'''
|
||||
Ensure that the keystone user is present with the specified properties.
|
||||
@ -45,30 +45,48 @@ def user_present(name,
|
||||
email
|
||||
The email address for this user
|
||||
|
||||
tenant_id
|
||||
The tenant id for this user
|
||||
tenant
|
||||
The tenant for this user
|
||||
|
||||
enabled
|
||||
Availability state for this user
|
||||
'''
|
||||
ret = {'name': name,
|
||||
'changes': {},
|
||||
'result': True,
|
||||
'comment': 'Keystone user {0} is already present'.format(name)}
|
||||
'comment': 'User "{0}" is already present'.format(name)}
|
||||
|
||||
# Validate tenant if set
|
||||
if tenant is not None:
|
||||
tenantdata = __salt__['keystone.tenant_get'](name=tenant)
|
||||
if 'Error' in tenantdata:
|
||||
ret['result'] = False
|
||||
ret['comment'] = 'Tenant "{0}" does not exist'.format(tenant)
|
||||
return ret
|
||||
tenant_id = tenantdata[tenant]['id']
|
||||
else:
|
||||
tenant_id = None
|
||||
|
||||
# Check if user is already present
|
||||
user = __salt__['keystone.user_get'](name=name)
|
||||
if 'Error' not in user:
|
||||
if user[name]['email'] != email:
|
||||
__salt__['keystone.user_update'](name=name, email=email)
|
||||
ret['comment'] = 'Keystone user {0} has been updated'.format(name)
|
||||
ret['comment'] = 'User "{0}" has been updated'.format(name)
|
||||
ret['changes']['Email'] = 'Updated'
|
||||
if user[name]['enabled'] != enabled:
|
||||
__salt__['keystone.user_update'](name=name, enabled=enabled)
|
||||
ret['comment'] = 'Keystone user {0} has been updated'.format(name)
|
||||
ret['comment'] = 'User "{0}" has been updated'.format(name)
|
||||
ret['changes']['Enabled'] = 'Now {0}'.format(enabled)
|
||||
if user[name]['tenant_id'] != tenant_id:
|
||||
__salt__['keystone.user_update'](name=name, tenant=tenant)
|
||||
ret['comment'] = 'User "{0}" has been updated'.format(name)
|
||||
ret['changes']['Tenant'] = 'Added to "{0}" tenant'.format(tenant)
|
||||
if not __salt__['keystone.user_verify_password'](name=name,
|
||||
password=password):
|
||||
__salt__['keystone.user_password_update'](name=name,
|
||||
password=password)
|
||||
ret['comment'] = 'Keystone user {0} has been updated'.format(name)
|
||||
ret['comment'] = 'User "{0}" has been updated'.format(name)
|
||||
ret['changes']['Password'] = 'Updated'
|
||||
else:
|
||||
# Create that user!
|
||||
@ -93,14 +111,14 @@ def user_absent(name):
|
||||
ret = {'name': name,
|
||||
'changes': {},
|
||||
'result': True,
|
||||
'comment': 'Keystone user {0} is already absent'.format(name)}
|
||||
'comment': 'User "{0}" is already absent'.format(name)}
|
||||
|
||||
# Check if user is present
|
||||
user = __salt__['keystone.user_get'](name=name)
|
||||
if 'Error' not in user:
|
||||
# Delete that user!
|
||||
__salt__['keystone.user_delete'](name=name)
|
||||
ret['comment'] = 'Keystone user {0} has been deleted'.format(name)
|
||||
ret['comment'] = 'User "{0}" has been deleted'.format(name)
|
||||
ret['changes']['User'] = 'Deleted'
|
||||
|
||||
return ret
|
||||
@ -109,11 +127,20 @@ def user_absent(name):
|
||||
def tenant_present(name, description=None, enabled=True):
|
||||
''''
|
||||
Ensures that the keystone tenant exists
|
||||
|
||||
name
|
||||
The name of the tenant to manage
|
||||
|
||||
description
|
||||
The description to use for this tenant
|
||||
|
||||
enabled
|
||||
Availability state for this tenant
|
||||
'''
|
||||
ret = {'name': name,
|
||||
'changes': {},
|
||||
'result': True,
|
||||
'comment': 'Keystone tenant {0} already exists'.format(name)}
|
||||
'comment': 'Tenant "{0}" already exists'.format(name)}
|
||||
|
||||
# Check if user is already present
|
||||
tenant = __salt__['keystone.tenant_get'](name=name)
|
||||
@ -121,17 +148,40 @@ def tenant_present(name, description=None, enabled=True):
|
||||
if 'Error' not in tenant:
|
||||
if tenant[name]['description'] != description:
|
||||
__salt__['keystone.tenant_update'](name, description, enabled)
|
||||
comment = 'Keystone tenant {0} has been updated'.format(name)
|
||||
comment = 'Tenant "{0}" has been updated'.format(name)
|
||||
ret['comment'] = comment
|
||||
ret['changes']['Description'] = 'Updated'
|
||||
if tenant[name]['enabled'] != enabled:
|
||||
__salt__['keystone.tenant_update'](name, description, enabled)
|
||||
comment = 'Keystone tenant {0} has been updated'.format(name)
|
||||
comment = 'Tenant "{0}" has been updated'.format(name)
|
||||
ret['comment'] = comment
|
||||
ret['changes']['Enabled'] = 'Now {0}'.format(enabled)
|
||||
else:
|
||||
# Create tenant
|
||||
__salt__['keystone.tenant_create'](name, description, enabled)
|
||||
ret['comment'] = 'Keystone tenant {0} has been added'.format(name)
|
||||
ret['comment'] = 'Tenant "{0}" has been added'.format(name)
|
||||
ret['changes']['Tenant'] = 'Created'
|
||||
return ret
|
||||
|
||||
|
||||
def tenant_absent(name):
|
||||
'''
|
||||
Ensure that the keystone tenant is absent.
|
||||
|
||||
name
|
||||
The name of the tenant that should not exist
|
||||
'''
|
||||
ret = {'name': name,
|
||||
'changes': {},
|
||||
'result': True,
|
||||
'comment': 'Tenant "{0}" is already absent'.format(name)}
|
||||
|
||||
# Check if tenant is present
|
||||
tenant = __salt__['keystone.tenant_get'](name=name)
|
||||
if 'Error' not in tenant:
|
||||
# Delete tenant
|
||||
__salt__['keystone.tenant_delete'](name=name)
|
||||
ret['comment'] = 'Tenant "{0}" has been deleted'.format(name)
|
||||
ret['changes']['Tenant'] = 'Deleted'
|
||||
|
||||
return ret
|
||||
|
Loading…
Reference in New Issue
Block a user