1 # Copyright ETSI Contributors and Others.
4 # Licensed under the Apache License, Version 2.0 (the "License"); you may
5 # not use this file except in compliance with the License. You may obtain
6 # a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13 # License for the specific language governing permissions and limitations
17 from osmclient
.common
.exceptions
import ClientException
18 from osmclient
.cli_commands
import utils
19 from prettytable
import PrettyTable
23 logger
= logging
.getLogger("osmclient")
26 ##############################
27 # Role Management Operations #
28 ##############################
31 @click.command(name
="role-create", short_help
="creates a new role")
32 @click.argument("name")
33 @click.option("--permissions", default
=None, help="role permissions using a dictionary")
35 def role_create(ctx
, name
, permissions
):
40 NAME: Name or ID of the role.
41 DEFINITION: Definition of grant/denial of access to resources.
44 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
45 ctx
.obj
.role
.create(name
, permissions
)
48 @click.command(name
="role-update", short_help
="updates a role")
49 @click.argument("name")
50 @click.option("--set-name", default
=None, help="change name of rle")
54 help="yaml format dictionary with permission: True/False to access grant/denial",
56 @click.option("--remove", default
=None, help="yaml format list to remove a permission")
58 def role_update(ctx
, name
, set_name
, add
, remove
):
63 NAME: Name or ID of the role.
64 DEFINITION: Definition overwrites the old definition.
65 ADD: Grant/denial of access to resource to add.
66 REMOVE: Grant/denial of access to resource to remove.
69 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
70 ctx
.obj
.role
.update(name
, set_name
, None, add
, remove
)
73 @click.command(name
="role-delete", short_help
="deletes a role")
74 @click.argument("name")
76 def role_delete(ctx
, name
):
81 NAME: Name or ID of the role.
84 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
85 ctx
.obj
.role
.delete(name
)
88 @click.command(name
="role-list", short_help
="list all roles")
93 help="restricts the list to the projects matching the filter",
96 def role_list(ctx
, filter):
101 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
103 filter = "&".join(filter)
104 resp
= ctx
.obj
.role
.list(filter)
105 table
= PrettyTable(["name", "id"])
107 table
.add_row([role
["name"], role
["_id"]])
112 @click.command(name
="role-show", short_help
="show specific role")
113 @click.argument("name")
115 def role_show(ctx
, name
):
117 Shows the details of a role.
120 NAME: Name or ID of the role.
123 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
124 resp
= ctx
.obj
.role
.get(name
)
126 table
= PrettyTable(["key", "attribute"])
127 for k
, v
in resp
.items():
128 table
.add_row([k
, json
.dumps(v
, indent
=2)])
134 # Project mgmt operations
138 @click.command(name
="project-create", short_help
="creates a new project")
139 @click.argument("name")
140 # @click.option('--description',
141 # default='no description',
142 # help='human readable description')
143 @click.option("--domain-name", "domain_name", default
=None, help="assign to a domain")
149 help="provide quotas. Can be used several times: 'quota1=number[,quota2=number,...]'. Quotas can be one "
150 "of vnfds, nsds, nsts, pdus, nsrs, nsis, vim_accounts, wim_accounts, sdns, k8sclusters, k8srepos",
153 def project_create(ctx
, name
, domain_name
, quotas
):
154 """Creates a new project
156 NAME: name of the project
157 DOMAIN_NAME: optional domain name for the project when keystone authentication is used
158 QUOTAS: set quotas for the project
161 project
= {"name": name
}
163 project
["domain_name"] = domain_name
164 quotas_dict
= _process_project_quotas(quotas
)
166 project
["quotas"] = quotas_dict
168 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
169 ctx
.obj
.project
.create(name
, project
)
172 def _process_project_quotas(quota_list
):
177 for quota
in quota_list
:
178 for single_quota
in quota
.split(","):
179 k
, v
= single_quota
.split("=")
180 quotas_dict
[k
] = None if v
in ("None", "null", "") else int(v
)
181 except (ValueError, TypeError):
182 raise ClientException(
183 "invalid format for 'quotas'. Use 'k1=v1,v1=v2'. v must be a integer or null"
188 @click.command(name
="project-delete", short_help
="deletes a project")
189 @click.argument("name")
191 def project_delete(ctx
, name
):
194 NAME: name or ID of the project to be deleted
197 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
198 ctx
.obj
.project
.delete(name
)
201 @click.command(name
="project-list", short_help
="list all projects")
206 help="restricts the list to the projects matching the filter",
209 def project_list(ctx
, filter):
210 """list all projects"""
212 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
214 filter = "&".join(filter)
215 resp
= ctx
.obj
.project
.list(filter)
216 table
= PrettyTable(["name", "id"])
218 table
.add_row([proj
["name"], proj
["_id"]])
223 @click.command(name
="project-show", short_help
="shows the details of a project")
224 @click.argument("name")
226 def project_show(ctx
, name
):
227 """shows the details of a project
229 NAME: name or ID of the project
232 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
233 resp
= ctx
.obj
.project
.get(name
)
235 table
= PrettyTable(["key", "attribute"])
236 for k
, v
in resp
.items():
237 table
.add_row([k
, json
.dumps(v
, indent
=2)])
243 name
="project-update", short_help
="updates a project (only the name can be updated)"
245 @click.argument("project")
246 @click.option("--name", default
=None, help="new name for the project")
252 help="change quotas. Can be used several times: 'quota1=number|empty[,quota2=...]' "
253 "(use empty to reset quota to default",
256 def project_update(ctx
, project
, name
, quotas
):
258 Update a project name
261 :param project: id or name of the project to modify
262 :param name: new name for the project
263 :param quotas: change quotas of the project
269 project_changes
["name"] = name
270 quotas_dict
= _process_project_quotas(quotas
)
272 project_changes
["quotas"] = quotas_dict
274 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
275 ctx
.obj
.project
.update(project
, project_changes
)
279 # User mgmt operations
283 @click.command(name
="user-create", short_help
="creates a new user")
284 @click.argument("username")
289 confirmation_prompt
=True,
290 help="user password",
294 # prompt="Comma separate list of projects",
296 callback
=lambda ctx
, param
, value
: "".join(value
).split(",")
297 if all(len(x
) == 1 for x
in value
)
299 help="list of project ids that the user belongs to",
302 "--project-role-mappings",
303 "project_role_mappings",
306 help="assign role(s) in a project. Can be used several times: 'project,role1[,role2,...]'",
308 @click.option("--domain-name", "domain_name", default
=None, help="assign to a domain")
310 def user_create(ctx
, username
, password
, projects
, project_role_mappings
, domain_name
):
311 """Creates a new user
314 USERNAME: name of the user
315 PASSWORD: password of the user
316 PROJECTS: projects assigned to user (internal only)
317 PROJECT_ROLE_MAPPING: roles in projects assigned to user (keystone)
318 DOMAIN_NAME: optional domain name for the user when keystone authentication is used
322 user
["username"] = username
323 user
["password"] = password
324 user
["projects"] = projects
325 user
["project_role_mappings"] = project_role_mappings
327 user
["domain_name"] = domain_name
329 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
330 ctx
.obj
.user
.create(username
, user
)
333 @click.command(name
="user-update", short_help
="updates user information")
334 @click.argument("username")
339 # confirmation_prompt=True,
340 help="user password",
342 @click.option("--set-username", "set_username", default
=None, help="change username")
348 help="create/replace the roles for this project: 'project,role1[,role2,...]'",
355 help="removes project from user: 'project'",
358 "--add-project-role",
362 help="assign role(s) in a project. Can be used several times: 'project,role1[,role2,...]'",
365 "--remove-project-role",
366 "remove_project_role",
369 help="remove role(s) in a project. Can be used several times: 'project,role1[,role2,...]'",
371 @click.option("--change_password", "change_password", help="user's current password")
375 help="user's new password to update in expiry condition",
390 """Update a user information
393 USERNAME: name of the user
394 PASSWORD: new password
395 SET_USERNAME: new username
396 SET_PROJECT: creating mappings for project/role(s)
397 REMOVE_PROJECT: deleting mappings for project/role(s)
398 ADD_PROJECT_ROLE: adding mappings for project/role(s)
399 REMOVE_PROJECT_ROLE: removing mappings for project/role(s)
400 CHANGE_PASSWORD: user's current password to change
401 NEW_PASSWORD: user's new password to update in expiry condition
405 user
["password"] = password
406 user
["username"] = set_username
407 user
["set-project"] = set_project
408 user
["remove-project"] = remove_project
409 user
["add-project-role"] = add_project_role
410 user
["remove-project-role"] = remove_project_role
411 user
["change_password"] = change_password
412 user
["new_password"] = new_password
414 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
415 ctx
.obj
.user
.update(username
, user
)
416 if not user
.get("change_password"):
417 ctx
.obj
.user
.update(username
, user
)
419 ctx
.obj
.user
.update(username
, user
, pwd_change
=True)
422 @click.command(name
="user-delete", short_help
="deletes a user")
423 @click.argument("name")
424 # @click.option('--force', is_flag=True, help='forces the deletion bypassing pre-conditions')
426 def user_delete(ctx
, name
):
430 NAME: name or ID of the user to be deleted
433 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
434 ctx
.obj
.user
.delete(name
)
437 @click.command(name
="user-list", short_help
="list all users")
442 help="restricts the list to the users matching the filter",
445 def user_list(ctx
, filter):
447 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
449 filter = "&".join(filter)
450 resp
= ctx
.obj
.user
.list(filter)
451 table
= PrettyTable(["name", "id"])
453 table
.add_row([user
["username"], user
["_id"]])
458 @click.command(name
="user-show", short_help
="shows the details of a user")
459 @click.argument("name")
461 def user_show(ctx
, name
):
462 """shows the details of a user
464 NAME: name or ID of the user
467 utils
.check_client_version(ctx
.obj
, ctx
.command
.name
)
468 resp
= ctx
.obj
.user
.get(name
)
469 if "password" in resp
:
470 resp
["password"] = "********"
472 table
= PrettyTable(["key", "attribute"])
473 for k
, v
in resp
.items():
474 table
.add_row([k
, json
.dumps(v
, indent
=2)])