X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FNBI.git;a=blobdiff_plain;f=osm_nbi%2Fauthconn.py;h=140e0245e76867613dfa54d12bcc013e6d556c9f;hp=90f009655e804007273a8d7edf07fc39070eda98;hb=c844536bb27c39aa48988284c5a0d7b404930a8a;hpb=7b7ffa61e6282094c1bd528e60b3b395c3ab1358

diff --git a/osm_nbi/authconn.py b/osm_nbi/authconn.py
index 90f0096..140e024 100644
--- a/osm_nbi/authconn.py
+++ b/osm_nbi/authconn.py
@@ -31,11 +31,18 @@ from http import HTTPStatus
 
 class AuthException(Exception):
     """
-    Authentication error.
+    Authentication error, because token, user password not recognized
     """
     def __init__(self, message, http_code=HTTPStatus.UNAUTHORIZED):
+        super(AuthException, self).__init__(message)
         self.http_code = http_code
-        Exception.__init__(self, message)
+
+
+class AuthExceptionUnauthorized(AuthException):
+    """
+    Authentication error, because not having rights to make this operation
+    """
+    pass
 
 
 class AuthconnException(Exception):
@@ -43,7 +50,7 @@ class AuthconnException(Exception):
     Common and base class Exception for all authconn exceptions.
     """
     def __init__(self, message, http_code=HTTPStatus.UNAUTHORIZED):
-        Exception.__init__(message)
+        super(AuthconnException, self).__init__(message)
         self.http_code = http_code
 
 
@@ -52,7 +59,7 @@ class AuthconnConnectionException(AuthconnException):
     Connectivity error with Auth backend.
     """
     def __init__(self, message, http_code=HTTPStatus.BAD_GATEWAY):
-        AuthconnException.__init__(self, message, http_code)
+        super(AuthconnConnectionException, self).__init__(message, http_code)
 
 
 class AuthconnNotSupportedException(AuthconnException):
@@ -60,7 +67,7 @@ class AuthconnNotSupportedException(AuthconnException):
     The request is not supported by the Auth backend.
     """
     def __init__(self, message, http_code=HTTPStatus.NOT_IMPLEMENTED):
-        AuthconnException.__init__(self, message, http_code)
+        super(AuthconnNotSupportedException, self).__init__(message, http_code)
 
 
 class AuthconnNotImplementedException(AuthconnException):
@@ -68,7 +75,7 @@ class AuthconnNotImplementedException(AuthconnException):
     The method is not implemented by the Auth backend.
     """
     def __init__(self, message, http_code=HTTPStatus.NOT_IMPLEMENTED):
-        AuthconnException.__init__(self, message, http_code)
+        super(AuthconnNotImplementedException, self).__init__(message, http_code)
 
 
 class AuthconnOperationException(AuthconnException):
@@ -76,7 +83,23 @@ class AuthconnOperationException(AuthconnException):
     The operation executed failed.
     """
     def __init__(self, message, http_code=HTTPStatus.INTERNAL_SERVER_ERROR):
-        AuthconnException.__init__(self, message, http_code)
+        super(AuthconnOperationException, self).__init__(message, http_code)
+
+
+class AuthconnNotFoundException(AuthconnException):
+    """
+    The operation executed failed because element not found.
+    """
+    def __init__(self, message, http_code=HTTPStatus.NOT_FOUND):
+        super().__init__(message, http_code)
+
+
+class AuthconnConflictException(AuthconnException):
+    """
+    The operation has conflicts.
+    """
+    def __init__(self, message, http_code=HTTPStatus.CONFLICT):
+        super().__init__(message, http_code)
 
 
 class Authconn:
@@ -96,27 +119,34 @@ class Authconn:
         """
         self.config = config
 
-    def authenticate_with_user_password(self, user, password):
+    def authenticate(self, user, password, project=None, token=None):
         """
-        Authenticate a user using username and password.
+        Authenticate a user using username/password or token, plus project
+        :param user: user: name, id or None
+        :param password: password or None
+        :param project: name, id, or None. If None first found project will be used to get an scope token
+        :param token: previous token to obtain authorization
+        :return: the scoped token info or raises an exception. The token is a dictionary with:
+            _id:  token string id,
+            username: username,
+            project_id: scoped_token project_id,
+            project_name: scoped_token project_name,
+            expires: epoch time when it expires,
 
-        :param user: username
-        :param password: password
-        :return: an unscoped token that grants access to project list
         """
         raise AuthconnNotImplementedException("Should have implemented this")
 
-    def authenticate_with_token(self, token, project=None):
-        """
-        Authenticate a user using a token. Can be used to revalidate the token
-        or to get a scoped token.
-
-        :param token: a valid token.
-        :param project: (optional) project for a scoped token.
-        :return: return a revalidated token, scoped if a project was passed or
-        the previous token was already scoped.
-        """
-        raise AuthconnNotImplementedException("Should have implemented this")
+    # def authenticate_with_token(self, token, project=None):
+    #     """
+    #     Authenticate a user using a token. Can be used to revalidate the token
+    #     or to get a scoped token.
+    #
+    #     :param token: a valid token.
+    #     :param project: (optional) project for a scoped token.
+    #     :return: return a revalidated token, scoped if a project was passed or
+    #     the previous token was already scoped.
+    #     """
+    #     raise AuthconnNotImplementedException("Should have implemented this")
 
     def validate_token(self, token):
         """
@@ -136,7 +166,7 @@ class Authconn:
         """
         raise AuthconnNotImplementedException("Should have implemented this")
 
-    def get_project_list(self, token):
+    def get_user_project_list(self, token):
         """
         Get all the projects associated with a user.
 
@@ -145,7 +175,7 @@ class Authconn:
         """
         raise AuthconnNotImplementedException("Should have implemented this")
 
-    def get_role_list(self, token):
+    def get_user_role_list(self, token):
         """
         Get role list for a scoped project.
 
@@ -165,25 +195,34 @@ class Authconn:
         """
         raise AuthconnNotImplementedException("Should have implemented this")
 
-    def change_password(self, user, new_password):
+    def update_user(self, user, new_name=None, new_password=None):
         """
-        Change the user password.
+        Change the user name and/or password.
 
-        :param user: username.
+        :param user: username or user_id
+        :param new_name: new name
         :param new_password: new password.
-        :raises AuthconnOperationException: if user password change failed.
+        :raises AuthconnOperationException: if change failed.
         """
         raise AuthconnNotImplementedException("Should have implemented this")
 
-    def delete_user(self, user):
+    def delete_user(self, user_id):
         """
         Delete user.
 
-        :param user: username.
+        :param user_id: user identifier.
         :raises AuthconnOperationException: if user deletion failed.
         """
         raise AuthconnNotImplementedException("Should have implemented this")
 
+    def get_user_list(self, filter_q=None):
+        """
+        Get user list.
+
+        :param filter_q: dictionary to filter user list by name (username is also admited) and/or _id
+        :return: returns a list of users.
+        """
+
     def create_role(self, role):
         """
         Create a role.
@@ -193,33 +232,70 @@ class Authconn:
         """
         raise AuthconnNotImplementedException("Should have implemented this")
 
-    def delete_role(self, role):
+    def delete_role(self, role_id):
         """
         Delete a role.
 
-        :param role: role name.
+        :param role_id: role identifier.
         :raises AuthconnOperationException: if user deletion failed.
         """
         raise AuthconnNotImplementedException("Should have implemented this")
 
+    def get_role_list(self, filter_q=None):
+        """
+        Get all the roles.
+
+        :param filter_q: dictionary to filter role list by _id and/or name.
+        :return: list of roles
+        """
+        raise AuthconnNotImplementedException("Should have implemented this")
+
+    def update_role(self, role, new_name):
+        """
+        Change the name of a role
+        :param role: role name or id to be changed
+        :param new_name: new name
+        :return: None
+        """
+        raise AuthconnNotImplementedException("Should have implemented this")
+
     def create_project(self, project):
         """
         Create a project.
 
         :param project: project name.
+        :return: the internal id of the created project
         :raises AuthconnOperationException: if project creation failed.
         """
         raise AuthconnNotImplementedException("Should have implemented this")
 
-    def delete_project(self, project):
+    def delete_project(self, project_id):
         """
         Delete a project.
 
-        :param project: project name.
+        :param project_id: project identifier.
         :raises AuthconnOperationException: if project deletion failed.
         """
         raise AuthconnNotImplementedException("Should have implemented this")
 
+    def get_project_list(self, filter_q=None):
+        """
+        Get all the projects.
+
+        :param filter_q: dictionary to filter project list, by "name" and/or "_id"
+        :return: list of projects
+        """
+        raise AuthconnNotImplementedException("Should have implemented this")
+
+    def update_project(self, project_id, new_name):
+        """
+        Change the name of a project
+        :param project_id: project to be changed
+        :param new_name: new name
+        :return: None
+        """
+        raise AuthconnNotImplementedException("Should have implemented this")
+
     def assign_role_to_user(self, user, project, role):
         """
         Assigning a role to a user in a project.