From: selvi.j Date: Tue, 18 Apr 2023 07:01:48 +0000 (+0000) Subject: Feature 10941: User Management Enhancements X-Git-Tag: release-v14.0-start~14 X-Git-Url: https://osm.etsi.org/gitweb/?a=commitdiff_plain;h=fca1247748bdd66f7d461ad7f03be260ef1e9e18;p=osm%2Fosmclient.git Feature 10941: User Management Enhancements Added the implementation code for the user management enhancements feature Change-Id: I84963effe05d2f8002497f3b96735255926b2339 Signed-off-by: selvi.j --- diff --git a/osmclient/cli_commands/rbac.py b/osmclient/cli_commands/rbac.py index 57809bf..d8f2068 100755 --- a/osmclient/cli_commands/rbac.py +++ b/osmclient/cli_commands/rbac.py @@ -19,6 +19,7 @@ from osmclient.cli_commands import utils from prettytable import PrettyTable import json import logging +import time logger = logging.getLogger("osmclient") @@ -374,6 +375,16 @@ def user_create(ctx, username, password, projects, project_role_mappings, domain "new_password", help="user's new password to update in expiry condition", ) +@click.option( + "--unlock", + is_flag=True, + help="unlock user", +) +@click.option( + "--renew", + is_flag=True, + help="renew user", +) @click.pass_context def user_update( ctx, @@ -386,6 +397,8 @@ def user_update( remove_project_role, change_password, new_password, + unlock, + renew, ): """Update a user information @@ -399,6 +412,8 @@ def user_update( REMOVE_PROJECT_ROLE: removing mappings for project/role(s) CHANGE_PASSWORD: user's current password to change NEW_PASSWORD: user's new password to update in expiry condition + UNLOCK: unlock user + RENEW: renew user """ logger.debug("") user = {} @@ -410,6 +425,8 @@ def user_update( user["remove-project-role"] = remove_project_role user["change_password"] = change_password user["new_password"] = new_password + user["unlock"] = unlock + user["renew"] = renew utils.check_client_version(ctx.obj, ctx.command.name) ctx.obj.user.update(username, user) @@ -447,10 +464,30 @@ def user_list(ctx, filter): utils.check_client_version(ctx.obj, ctx.command.name) if filter: filter = "&".join(filter) - resp = ctx.obj.user.list(filter) - table = PrettyTable(["name", "id"]) + resp, admin_show = ctx.obj.user.list(filter) for user in resp: - table.add_row([user["username"], user["_id"]]) + if user["username"] == "admin": + user["_admin"]["account_expire_time"] = "N/A" + if admin_show: + table = PrettyTable(["name", "id", "user_status", "expires_in"]) + for user in resp: + table.add_row( + [ + user["username"], + user["_id"], + user["_admin"]["user_status"].upper(), + time.strftime( + "%b-%d-%Y %X", + time.gmtime(user["_admin"]["account_expire_time"]), + ) + if not user["username"] == "admin" + else user["_admin"]["account_expire_time"], + ] + ) + else: + table = PrettyTable(["name", "id"]) + for user in resp: + table.add_row([user["username"], user["_id"]]) table.align = "l" print(table) diff --git a/osmclient/sol005/client.py b/osmclient/sol005/client.py index 4f15fc5..0cbc80a 100644 --- a/osmclient/sol005/client.py +++ b/osmclient/sol005/client.py @@ -142,6 +142,7 @@ class Client(object): for (key, val) in list(self._headers.items()) ] self._http_client.set_http_header(http_header) + return token def get_version(self): _, resp = self._http_client.get2_cmd(endpoint="/version", skip_query_admin=True) diff --git a/osmclient/sol005/user.py b/osmclient/sol005/user.py index d94b9c4..74a7c59 100644 --- a/osmclient/sol005/user.py +++ b/osmclient/sol005/user.py @@ -88,9 +88,9 @@ class User(object): """Updates an existing OSM user identified by name""" self._logger.debug("") if pwd_change: - self._client.get_token(pwd_change) + token_info = self._client.get_token(pwd_change) else: - self._client.get_token() + token_info = self._client.get_token() # print(user) myuser = self.get(name) update_user = { @@ -151,6 +151,28 @@ class User(object): mapping = {"project": project, "role": role} update_user["remove_project_role_mappings"].append(mapping) + if user.get("unlock"): + if token_info.get("admin_show"): + update_user["unlock"] = user["unlock"] + update_user["system_admin_id"] = token_info.get("user_id") + else: + raise ClientException( + "{} does not have privilege to unlock {}".format( + token_info.get("username"), myuser.get("username") + ) + ) + + if user.get("renew"): + if token_info.get("admin_show"): + update_user["renew"] = user["renew"] + update_user["system_admin_id"] = token_info.get("user_id") + else: + raise ClientException( + "{} does not have privilege to renew {}".format( + token_info.get("username"), myuser.get("username") + ) + ) + if not update_user["remove_project_role_mappings"]: del update_user["remove_project_role_mappings"] if not update_user["add_project_role_mappings"]: @@ -216,7 +238,11 @@ class User(object): def list(self, filter=None): """Returns the list of OSM users""" self._logger.debug("") - self._client.get_token() + response = self._client.get_token() + admin_show = None + if response: + admin_show = response.get("admin_show") + filter_string = "" if filter: filter_string = "?{}".format(filter) @@ -224,7 +250,9 @@ class User(object): "{}{}".format(self._apiBase, filter_string), skip_query_admin=True ) # print('RESP: {}'.format(resp)) - if resp: + if resp and response: + return json.loads(resp), admin_show + elif resp: return json.loads(resp) return list()