+ def add_person(self, person_filter, role_name=None):
+ assert 'slice_id' in self
+ assert 'tenant_id' in self
+ if not role_name:
+ role_name = 'user'
+ roles = Roles(self.api, role_name)
+ if not roles:
+ raise PLCInvalidArgument, "No such role %s" % role_name
+ role = roles[0]
+ tenant = self.api.client_shell.keystone.tenants.find(id=self['tenant_id'])
+ persons = Persons(self.api, person_filter)
+ for person in persons:
+ keystone_user = self.api.client_shell.keystone.users.find(id=person['keystone_id'])
+ tenant.add_user(keystone_user, role.object)
+ slice_person = SlicePerson(self.api, {'slice_id': self['slice_id'],
+ 'person_id': person['person_id']})
+ slice_person.sync()
+
+ def remove_person(self, person_filter, role=None):
+ assert 'slice_id' in self
+ assert 'tenant_id' in self
+ if not role_name:
+ role_name = 'user'
+ roles = Roles(self.api, role_name)
+ if not roles:
+ raise PLCInvalidArgument, "No such role %s" % role_name
+ role = roles[0]
+ tenant = self.api.client_shell.keystone.tenants.find(id=self['tenant_id'])
+ persons = Persons(self.api, person_filter)
+ for person in persons:
+ keystone_user = self.api.client_shell.keystone.users.find(id=person['keystone_id'])
+ tenant.remove_user(keystone_user, role.object)
+ slice_person = SlicePerson(self.api, {'slice_id': self['slice_id'],
+ 'person_id': person['person_id']})
+ slice_person.delete()
+