X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=osmclient%2Fsol005%2Fuser.py;h=917fb1af4cc10b72aa7f8d6477e9063f56cefb56;hb=fcfed2f9c065ba92f775fb6f4563d5d4b64e7797;hp=ad8027d03d1aebb19ed3ca54d5fadc8c6904561e;hpb=cbcb47feee334c67024ed7cabfade091accde04a;p=osm%2Fosmclient.git diff --git a/osmclient/sol005/user.py b/osmclient/sol005/user.py index ad8027d..917fb1a 100644 --- a/osmclient/sol005/user.py +++ b/osmclient/sol005/user.py @@ -19,119 +19,227 @@ OSM user mgmt API """ -from osmclient.common import utils from osmclient.common.exceptions import ClientException from osmclient.common.exceptions import NotFound import json -# import yaml +import logging class User(object): def __init__(self, http=None, client=None): self._http = http self._client = client - self._apiName = '/admin' - self._apiVersion = '/v1' - self._apiResource = '/users' - self._apiBase = '{}{}{}'.format(self._apiName, - self._apiVersion, self._apiResource) + self._logger = logging.getLogger("osmclient") + self._apiName = "/admin" + self._apiVersion = "/v1" + self._apiResource = "/users" + self._apiBase = "{}{}{}".format( + self._apiName, self._apiVersion, self._apiResource + ) def create(self, name, user): - """Creates a new OSM user - """ - http_code, resp = self._http.post_cmd(endpoint=self._apiBase, - postfields_dict=user) - #print('HTTP CODE: {}'.format(http_code)) - #print('RESP: {}'.format(resp)) - if http_code in (200, 201, 202, 204): - if resp: - resp = json.loads(resp) - if not resp or 'id' not in resp: - raise ClientException('unexpected response from server - {}'.format( - resp)) - print(resp['id']) + """Creates a new OSM user""" + self._logger.debug("") + self._client.get_token() + if not user["projects"] or ( + len(user["projects"]) == 1 and not user["projects"][0] + ): + del user["projects"] + elif len(user["projects"]) == 1: + user["projects"] = user["projects"][0].split(",") + + if user["project_role_mappings"]: + project_role_mappings = [] + + for set_mapping in user["project_role_mappings"]: + set_mapping_clean = [m.strip() for m in set_mapping.split(",")] + project, roles = set_mapping_clean[0], set_mapping_clean[1:] + + for role in roles: + mapping = {"project": project, "role": role} + + if mapping not in project_role_mappings: + project_role_mappings.append(mapping) + user["project_role_mappings"] = project_role_mappings else: - msg = "" - if resp: - try: - msg = json.loads(resp) - except ValueError: - msg = resp - raise ClientException("failed to create user {} - {}".format(name, msg)) - - def update(self, name, user): - """Updates an existing OSM user identified by name - """ - myuser = self.get(name) - http_code, resp = self._http.put_cmd(endpoint='{}/{}'.format(self._apiBase,myuser['_id']), - postfields_dict=user) - #print('HTTP CODE: {}'.format(http_code)) - #print('RESP: {}'.format(resp)) - if http_code in (200, 201, 202, 204): - if resp: - resp = json.loads(resp) - if not resp or 'id' not in resp: - raise ClientException('unexpected response from server - {}'.format( - resp)) - print(resp['id']) + del user["project_role_mappings"] + + http_code, resp = self._http.post_cmd( + endpoint=self._apiBase, postfields_dict=user, skip_query_admin=True + ) + # print('HTTP CODE: {}'.format(http_code)) + # print('RESP: {}'.format(resp)) + # if http_code in (200, 201, 202, 204): + if resp: + resp = json.loads(resp) + if not resp or "id" not in resp: + raise ClientException("unexpected response from server - {}".format(resp)) + print(resp["id"]) + # else: + # msg = "" + # if resp: + # try: + # msg = json.loads(resp) + # except ValueError: + # msg = resp + # raise ClientException("failed to create user {} - {}".format(name, msg)) + + def update(self, name, user, pwd_change=None): + """Updates an existing OSM user identified by name""" + self._logger.debug("") + if pwd_change: + self._client.get_token(pwd_change) else: - msg = "" + self._client.get_token() + # print(user) + myuser = self.get(name) + update_user = { + "add_project_role_mappings": [], + "remove_project_role_mappings": [], + } + + if not user.get("change_password"): + # if password is defined, update the password + if user.get("password"): + update_user["password"] = user["password"] + if user.get("username"): + update_user["username"] = user["username"] + else: + update_user["old_password"] = user["change_password"] + update_user["password"] = user["new_password"] + + if user.get("set-project"): + # Remove project and insert project role mapping + for set_project in user["set-project"]: + + set_project_clean = [m.strip() for m in set_project.split(",")] + project, roles = set_project_clean[0], set_project_clean[1:] + + update_user["remove_project_role_mappings"].append({"project": project}) + + for role in roles: + mapping = {"project": project, "role": role} + update_user["add_project_role_mappings"].append(mapping) + + if user.get("remove-project"): + for remove_project in user["remove-project"]: + update_user["remove_project_role_mappings"].append( + {"project": remove_project} + ) + + if user.get("add-project-role"): + for add_project_role in user["add-project-role"]: + add_project_role_clean = [ + m.strip() for m in add_project_role.split(",") + ] + project, roles = add_project_role_clean[0], add_project_role_clean[1:] + + for role in roles: + mapping = {"project": project, "role": role} + update_user["add_project_role_mappings"].append(mapping) + + if user.get("remove-project-role"): + for remove_project_role in user["remove-project-role"]: + remove_project_role_clean = [ + m.strip() for m in remove_project_role.split(",") + ] + project, roles = ( + remove_project_role_clean[0], + remove_project_role_clean[1:], + ) + + for role in roles: + mapping = {"project": project, "role": role} + update_user["remove_project_role_mappings"].append(mapping) + + if not update_user["remove_project_role_mappings"]: + del update_user["remove_project_role_mappings"] + if not update_user["add_project_role_mappings"]: + del update_user["add_project_role_mappings"] + if not update_user: + raise ClientException("At least something should be changed.") + + http_code, resp = self._http.patch_cmd( + endpoint="{}/{}".format(self._apiBase, myuser["_id"]), + postfields_dict=update_user, + skip_query_admin=True, + ) + # print('HTTP CODE: {}'.format(http_code)) + # print('RESP: {}'.format(resp)) + if http_code in (200, 201, 202): if resp: - try: - msg = json.loads(resp) - except ValueError: - msg = resp - raise ClientException("failed to update user {} - {}".format(name, msg)) + resp = json.loads(resp) + if not resp or "id" not in resp: + raise ClientException( + "unexpected response from server - {}".format(resp) + ) + print(resp["id"]) + elif http_code == 204: + print("Updated") + # else: + # msg = "" + # if resp: + # try: + # msg = json.loads(resp) + # except ValueError: + # msg = resp + # raise ClientException("failed to update user {} - {}".format(name, msg)) def delete(self, name, force=False): - """Deletes an existing OSM user identified by name - """ + """Deletes an existing OSM user identified by name""" + self._logger.debug("") + self._client.get_token() user = self.get(name) - querystring = '' + querystring = "" if force: - querystring = '?FORCE=True' - http_code, resp = self._http.delete_cmd('{}/{}{}'.format(self._apiBase, - user['_id'], querystring)) - #print('HTTP CODE: {}'.format(http_code)) - #print('RESP: {}'.format(resp)) + querystring = "?FORCE=True" + http_code, resp = self._http.delete_cmd( + "{}/{}{}".format(self._apiBase, user["_id"], querystring), + skip_query_admin=True, + ) + # print('HTTP CODE: {}'.format(http_code)) + # print('RESP: {}'.format(resp)) if http_code == 202: - print('Deletion in progress') + print("Deletion in progress") elif http_code == 204: - print('Deleted') - elif resp and 'result' in resp: - print('Deleted') + print("Deleted") + elif resp and "result" in resp: + print("Deleted") else: - msg = "" - if resp: - try: - msg = json.loads(resp) - except ValueError: - msg = resp + msg = resp or "" + # if resp: + # try: + # msg = json.loads(resp) + # except ValueError: + # msg = resp raise ClientException("failed to delete user {} - {}".format(name, msg)) def list(self, filter=None): - """Returns the list of OSM users - """ - filter_string = '' + """Returns the list of OSM users""" + self._logger.debug("") + self._client.get_token() + filter_string = "" if filter: - filter_string = '?{}'.format(filter) - resp = self._http.get_cmd('{}{}'.format(self._apiBase,filter_string)) - #print('RESP: {}'.format(resp)) + filter_string = "?{}".format(filter) + _, resp = self._http.get2_cmd( + "{}{}".format(self._apiBase, filter_string), skip_query_admin=True + ) + # print('RESP: {}'.format(resp)) if resp: - return resp + return json.loads(resp) return list() def get(self, name): - """Returns an OSM user based on name or id - """ - if utils.validate_uuid4(name): - for user in self.list(): - if name == user['_id']: - return user - else: - for user in self.list(): - if name == user['username']: - return user + """Returns an OSM user based on name or id""" + self._logger.debug("") + self._client.get_token() + # keystone with external LDAP contains large ids, not uuid format + # utils.validate_uuid4(name) cannot be used + user_list = self.list() + for user in user_list: + if name == user["_id"]: + return user + for user in user_list: + if name == user["username"]: + return user raise NotFound("User {} not found".format(name)) - -