return User.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None))
def sync_record(self, user):
- name = user.email[:user.email.find('@')]
- user_fields = {'name': name,
- 'email': user.email,
- 'password': hashlib.md5(user.password).hexdigest()[:6],
- 'enabled': True}
- if not user.kuser_id:
- keystone_user = self.driver.create_user(**user_fields)
- user.kuser_id = keystone_user.id
- else:
- self.driver.update_user(user.kuser_id, user_fields)
-
- if user.site:
- self.driver.add_user_role(user.kuser_id, user.site.tenant_id, 'user')
- if user.is_admin:
- self.driver.add_user_role(user.kuser_id, user.site.tenant_id, 'admin')
- else:
- # may have admin role so attempt to remove it
- self.driver.delete_user_role(user.kuser_id, user.site.tenant_id, 'admin')
-
- if user.public_key:
- driver = self.driver.client_driver(caller=user, tenant=user.site.login_base)
- key_fields = {'name': user.keyname,
- 'public_key': user.public_key}
- driver.create_keypair(**key_fields)
-
user.save()