From: Tony Mack <tmack@paris.CS.Princeton.EDU>
Date: Fri, 5 Oct 2012 04:00:29 +0000 (-0400)
Subject: fix paramater types. added validate_last_updated(). fix improve add_role
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=996323b747d1b202a9612cbf65401d53a2c8d797;p=plcapi.git

fix paramater types. added validate_last_updated(). fix improve add_role
---

diff --git a/PLC/Persons.py b/PLC/Persons.py
index 8170a713..958a23d1 100644
--- a/PLC/Persons.py
+++ b/PLC/Persons.py
@@ -2,6 +2,7 @@
 # Functions for interacting with the persons table in the database
 #
 
+from datetime import datetime
 from types import StringTypes
 try:
     from hashlib import md5
@@ -42,9 +43,9 @@ class Person(AlchemyObj):
         'enabled': Parameter(bool, "Has been enabled"),
         'password': Parameter(str, "Account password in crypt() form", max = 254),
         'verification_key': Parameter(str, "Reset password key", max = 254, nullok = True),
-        'verification_expires': Parameter(int, "Date and time when verification_key expires", nullok = True),
-        'last_updated': Parameter(int, "Date and time of last update", ro = True),
-        'date_created': Parameter(int, "Date and time when account was created", ro = True),
+        'verification_expires': Parameter(datetime, "Date and time when verification_key expires", nullok = True),
+        'last_updated': Parameter(datetime, "Date and time of last update", ro = True, nullok=True),
+        'date_created': Parameter(datetime, "Date and time when account was created", ro = True, default=datetime.now()),
         'role_ids': Parameter([int], "List of role identifiers", joined=True),
         'roles': Parameter([str], "List of roles", joined=True),
         'site_ids': Parameter([int], "List of site identifiers", joined=True),
@@ -55,6 +56,11 @@ class Person(AlchemyObj):
         'person_tag_ids' : Parameter ([int], "List of tags attached to this person", joined=True),
         }
 
+    def validate_last_updated(self, last_updated):
+        # always return current timestamp
+        last_updated = datetime.now()
+        return last_updated
+
     def validate_email(self, email):
         """
         Validate email address. Stolen from Mailman.
@@ -119,19 +125,22 @@ class Person(AlchemyObj):
 
         return False
 
-    def add_role(self, role_name, login_base=None):
+    def add_role(self, role_name, site_filter = {}):
+        assert 'keystone_id' in self
+        from PLC.Sites import Sites
         user = self.api.client_shell.keystone.users.find(id=self['keystone_id'])
         roles = Roles(self.api, {'name': role_name})
         if not roles:
             raise PLCInvalidArgument, "Role %s not found" % role_name 
         role = roles[0]
       
-        if login_base:
-            # add role at the requested site
-            tenant = self.api.client_shell.keystone.tenants.find(name=login_base) 
-            self.api.client_shell.keystone.roles.add_user_role(user, role, tenant)
+        if site_filter:
+            sites = Sites(self.api, site_filter)
+            for site in sites: 
+                # add role at the requested site
+                tenant = self.api.client_shell.keystone.tenants.find(id=site['tenant_id']) 
+                self.api.client_shell.keystone.roles.add_user_role(user, tenant, role)
         else:
-            from PLC.Sites import Sites
             # add role to at all of users sites
             if not self['site_ids']:
                 raise PLCInvalidArgument, "Cannot add role unless user already belongs to a site or a valid site is specified"
@@ -139,9 +148,10 @@ class Person(AlchemyObj):
                 sites = Sites(self.api, {'site_id': site_id})
                 site = sites[0]
                 tenant = self.api.client_shell.keystone.tenants.find(id=site['tenant_id'])
-                self.api.client_shell.keystone.roles.add_user_role(user, role, tenant)
+                self.api.client_shell.keystone.roles.add_user_role(user, tenant, role)
     
     def remove_role(self, role_name, login_base=None):
+        assert 'keystone_id' in self
         user = self.api.client_shell.keystone.users.find(id=self['keystone_id'])
         roles = Roles(self.api, {'name': role_name})
         if not roles:
@@ -156,8 +166,7 @@ class Person(AlchemyObj):
             from PLC.Sites import Sites
             # add role to at all of users sites
             if not self['site_ids']:
-                raise PLCInvalidArgument, "Cannot add role unless user already belongs to a site or a valid site
- is specified"
+                raise PLCInvalidArgument, "Must specify a valid site or add user to site first"
             for site_id in self['site_ids']:
                 sites = Sites(self.api, {'site_id': site_id})
                 site = sites[0]