Fix bug 744

[osm/NBI.git] / osm_nbi / authconn_keystone.py
diff --git a/osm_nbi/authconn_keystone.py b/osm_nbi/authconn_keystone.py

index b0cab0c..f819d3f 100644 (file)
--- a/osm_nbi/authconn_keystone.py
+++ b/osm_nbi/authconn_keystone.py
@@ -23,7 +23,7 @@ AuthconnKeystone implements implements the connector for
  Openstack Keystone and leverages the RBAC model, to bring
  it for OSM.
  """
  Openstack Keystone and leverages the RBAC model, to bring
  it for OSM.
  """
-import time
+
  
  __author__ = "Eduardo Sousa <esousa@whitestack.com>"
  __date__ = "$27-jul-2018 23:59:59$"
  
  __author__ = "Eduardo Sousa <esousa@whitestack.com>"
  __date__ = "$27-jul-2018 23:59:59$"
@@ -32,12 +32,14 @@ from authconn import Authconn, AuthException, AuthconnOperationException
  
  import logging
  import requests
  
  import logging
  import requests
+import time
  from keystoneauth1 import session
  from keystoneauth1.identity import v3
  from keystoneauth1.exceptions.base import ClientException
  from keystoneauth1.exceptions.http import Conflict
  from keystoneclient.v3 import client
  from http import HTTPStatus
  from keystoneauth1 import session
  from keystoneauth1.identity import v3
  from keystoneauth1.exceptions.base import ClientException
  from keystoneauth1.exceptions.http import Conflict
  from keystoneclient.v3 import client
  from http import HTTPStatus
+from validation import is_valid_uuid
  
  
  class AuthconnKeystone(Authconn):
  
  
  class AuthconnKeystone(Authconn):
@@ -258,10 +260,11 @@ class AuthconnKeystone(Authconn):
              users = self.keystone.users.list()
              users = [{
                  "username": user.name,
              users = self.keystone.users.list()
              users = [{
                  "username": user.name,
-                "_id": user.id
+                "_id": user.id,
+                "id": user.id
              } for user in users if user.name != self.admin_username]
  
              } for user in users if user.name != self.admin_username]
  
-            allowed_fields = ["_id", "username"]
+            allowed_fields = ["_id", "id", "username"]
              for key in filter_q.keys():
                  if key not in allowed_fields:
                      continue
              for key in filter_q.keys():
                  if key not in allowed_fields:
                      continue
@@ -273,14 +276,16 @@ class AuthconnKeystone(Authconn):
                  projects = self.keystone.projects.list(user=user["_id"])
                  projects = [{
                      "name": project.name,
                  projects = self.keystone.projects.list(user=user["_id"])
                  projects = [{
                      "name": project.name,
-                    "_id": project.id
+                    "_id": project.id,
+                    "id": project.id
                  } for project in projects]
  
                  for project in projects:
                      roles = self.keystone.roles.list(user=user["_id"], project=project["_id"])
                      roles = [{
                          "name": role.name,
                  } for project in projects]
  
                  for project in projects:
                      roles = self.keystone.roles.list(user=user["_id"], project=project["_id"])
                      roles = [{
                          "name": role.name,
-                        "_id": role.id
+                        "_id": role.id,
+                        "id": role.id
                      } for role in roles]
                      project["roles"] = roles
  
                      } for role in roles]
                      project["roles"] = roles
  
@@ -295,8 +300,7 @@ class AuthconnKeystone(Authconn):
          """
          Get role list.
  
          """
          Get role list.
  
-        :return: returns the list of roles for the user in that project. If
-        the token is unscoped it returns None.
+        :return: returns the list of roles.
          """
          try:
              roles_list = self.keystone.roles.list()
          """
          try:
              roles_list = self.keystone.roles.list()
@@ -418,9 +422,20 @@ class AuthconnKeystone(Authconn):
          :raises AuthconnOperationException: if role assignment failed.
          """
          try:
          :raises AuthconnOperationException: if role assignment failed.
          """
          try:
-            user_obj = list(filter(lambda x: x.name == user, self.keystone.users.list()))[0]
-            project_obj = list(filter(lambda x: x.name == project, self.keystone.projects.list()))[0]
-            role_obj = list(filter(lambda x: x.name == role, self.keystone.roles.list()))[0]
+            if is_valid_uuid(user):
+                user_obj = self.keystone.users.get(user)
+            else:
+                user_obj = self.keystone.users.list(name=user)[0]
+
+            if is_valid_uuid(project):
+                project_obj = self.keystone.projects.get(project)
+            else:
+                project_obj = self.keystone.projects.list(name=project)[0]
+
+            if is_valid_uuid(role):
+                role_obj = self.keystone.roles.get(role)
+            else:
+                role_obj = self.keystone.roles.list(name=role)[0]
  
              self.keystone.roles.grant(role_obj, user=user_obj, project=project_obj)
          except ClientException:
  
              self.keystone.roles.grant(role_obj, user=user_obj, project=project_obj)
          except ClientException: