Add version schedule pep440-git-full
[osm/NBI.git] / osm_nbi / authconn.py
1 # -*- coding: utf-8 -*-
2
3 """
4 Authconn implements an Abstract class for the Auth backend connector
5 plugins with the definition of the methods to be implemented.
6 """
7
8 __author__ = "Eduardo Sousa <esousa@whitestack.com>"
9 __date__ = "$27-jul-2018 23:59:59$"
10
11 from http import HTTPStatus
12
13
14 class AuthException(Exception):
15 """
16 Authentication error.
17 """
18 def __init__(self, message, http_code=HTTPStatus.UNAUTHORIZED):
19 self.http_code = http_code
20 Exception.__init__(self, message)
21
22
23 class AuthconnException(Exception):
24 """
25 Common and base class Exception for all authconn exceptions.
26 """
27 def __init__(self, message, http_code=HTTPStatus.UNAUTHORIZED):
28 Exception.__init__(message)
29 self.http_code = http_code
30
31
32 class AuthconnConnectionException(AuthconnException):
33 """
34 Connectivity error with Auth backend.
35 """
36 def __init__(self, message, http_code=HTTPStatus.BAD_GATEWAY):
37 AuthconnException.__init__(self, message, http_code)
38
39
40 class AuthconnNotSupportedException(AuthconnException):
41 """
42 The request is not supported by the Auth backend.
43 """
44 def __init__(self, message, http_code=HTTPStatus.NOT_IMPLEMENTED):
45 AuthconnException.__init__(self, message, http_code)
46
47
48 class AuthconnNotImplementedException(AuthconnException):
49 """
50 The method is not implemented by the Auth backend.
51 """
52 def __init__(self, message, http_code=HTTPStatus.NOT_IMPLEMENTED):
53 AuthconnException.__init__(self, message, http_code)
54
55
56 class AuthconnOperationException(AuthconnException):
57 """
58 The operation executed failed.
59 """
60 def __init__(self, message, http_code=HTTPStatus.INTERNAL_SERVER_ERROR):
61 AuthconnException.__init__(self, message, http_code)
62
63
64 class Authconn:
65 """
66 Abstract base class for all the Auth backend connector plugins.
67 Each Auth backend connector plugin must be a subclass of
68 Authconn class.
69 """
70 def __init__(self, config):
71 """
72 Constructor of the Authconn class.
73
74 Note: each subclass
75
76 :param config: configuration dictionary containing all the
77 necessary configuration parameters.
78 """
79 self.config = config
80
81 def authenticate_with_user_password(self, user, password):
82 """
83 Authenticate a user using username and password.
84
85 :param user: username
86 :param password: password
87 :return: an unscoped token that grants access to project list
88 """
89 raise AuthconnNotImplementedException("Should have implemented this")
90
91 def authenticate_with_token(self, token, project=None):
92 """
93 Authenticate a user using a token. Can be used to revalidate the token
94 or to get a scoped token.
95
96 :param token: a valid token.
97 :param project: (optional) project for a scoped token.
98 :return: return a revalidated token, scoped if a project was passed or
99 the previous token was already scoped.
100 """
101 raise AuthconnNotImplementedException("Should have implemented this")
102
103 def validate_token(self, token):
104 """
105 Check if the token is valid.
106
107 :param token: token to validate
108 :return: dictionary with information associated with the token. If the
109 token is not valid, returns None.
110 """
111 raise AuthconnNotImplementedException("Should have implemented this")
112
113 def revoke_token(self, token):
114 """
115 Invalidate a token.
116
117 :param token: token to be revoked
118 """
119 raise AuthconnNotImplementedException("Should have implemented this")
120
121 def get_project_list(self, token):
122 """
123 Get all the projects associated with a user.
124
125 :param token: valid token
126 :return: list of projects
127 """
128 raise AuthconnNotImplementedException("Should have implemented this")
129
130 def get_role_list(self, token):
131 """
132 Get role list for a scoped project.
133
134 :param token: scoped token.
135 :return: returns the list of roles for the user in that project. If
136 the token is unscoped it returns None.
137 """
138 raise AuthconnNotImplementedException("Should have implemented this")
139
140 def create_user(self, user, password):
141 """
142 Create a user.
143
144 :param user: username.
145 :param password: password.
146 :raises AuthconnOperationException: if user creation failed.
147 """
148 raise AuthconnNotImplementedException("Should have implemented this")
149
150 def change_password(self, user, new_password):
151 """
152 Change the user password.
153
154 :param user: username.
155 :param new_password: new password.
156 :raises AuthconnOperationException: if user password change failed.
157 """
158 raise AuthconnNotImplementedException("Should have implemented this")
159
160 def delete_user(self, user):
161 """
162 Delete user.
163
164 :param user: username.
165 :raises AuthconnOperationException: if user deletion failed.
166 """
167 raise AuthconnNotImplementedException("Should have implemented this")
168
169 def create_role(self, role):
170 """
171 Create a role.
172
173 :param role: role name.
174 :raises AuthconnOperationException: if role creation failed.
175 """
176 raise AuthconnNotImplementedException("Should have implemented this")
177
178 def delete_role(self, role):
179 """
180 Delete a role.
181
182 :param role: role name.
183 :raises AuthconnOperationException: if user deletion failed.
184 """
185 raise AuthconnNotImplementedException("Should have implemented this")
186
187 def create_project(self, project):
188 """
189 Create a project.
190
191 :param project: project name.
192 :raises AuthconnOperationException: if project creation failed.
193 """
194 raise AuthconnNotImplementedException("Should have implemented this")
195
196 def delete_project(self, project):
197 """
198 Delete a project.
199
200 :param project: project name.
201 :raises AuthconnOperationException: if project deletion failed.
202 """
203 raise AuthconnNotImplementedException("Should have implemented this")
204
205 def assign_role_to_user(self, user, project, role):
206 """
207 Assigning a role to a user in a project.
208
209 :param user: username.
210 :param project: project name.
211 :param role: role name.
212 :raises AuthconnOperationException: if role assignment failed.
213 """
214 raise AuthconnNotImplementedException("Should have implemented this")
215
216 def remove_role_from_user(self, user, project, role):
217 """
218 Remove a role from a user in a project.
219
220 :param user: username.
221 :param project: project name.
222 :param role: role name.
223 :raises AuthconnOperationException: if role assignment revocation failed.
224 """
225 raise AuthconnNotImplementedException("Should have implemented this")