- token_info = self.keystone.tokens.validate(token=token)
- roles_info = self.keystone.roles.list(user=token_info["user"]["id"], project=token_info["project"]["id"])
-
- roles = [role.name for role in roles_info]
-
- return roles
- except ClientException:
- self.logger.exception("Error during user role listing using keystone")
- raise AuthException("Error during user role listing using Keystone", http_code=HTTPStatus.UNAUTHORIZED)
-
- def create_user(self, user, password):
+ user = user_info.get("_id") or user_info.get("username")
+ if is_valid_uuid(user):
+ user_obj_list = [self.keystone.users.get(user)]
+ else:
+ user_obj_list = self.keystone.users.list(name=user)
+ if not user_obj_list:
+ raise AuthconnNotFoundException("User '{}' not found".format(user))
+ user_obj = user_obj_list[0]
+ user_id = user_obj.id
+ if user_info.get("password") or user_info.get("username") \
+ or user_info.get("add_project_role_mappings") or user_info.get("remove_project_role_mappings"):
+ self.keystone.users.update(user_id, password=user_info.get("password"), name=user_info.get("username"),
+ _admin={"created": user_obj._admin["created"], "modified": time.time()})
+ for mapping in user_info.get("remove_project_role_mappings", []):
+ self.remove_role_from_user(user_id, mapping["project"], mapping["role"])
+ for mapping in user_info.get("add_project_role_mappings", []):
+ self.assign_role_to_user(user_id, mapping["project"], mapping["role"])
+ except ClientException as e:
+ # self.logger.exception("Error during user password/name update using keystone: {}".format(e))
+ raise AuthconnOperationException("Error during user update using Keystone: {}".format(e))
+
+ def delete_user(self, user_id):