From 919059aa496221a36ce59354331d85207ae52a2b Mon Sep 17 00:00:00 2001
From: Tony Mack <tmack@tux.cs.princeton.edu>
Date: Sun, 30 Nov 2014 20:44:38 -0500
Subject: [PATCH] renaming

---
 .../steps/sync_controller_users.py            | 86 +++++++++++++++++++
 .../steps/sync_controller_users.yaml          | 16 ++++
 2 files changed, 102 insertions(+)
 create mode 100644 planetstack/openstack_observer/steps/sync_controller_users.py
 create mode 100644 planetstack/openstack_observer/steps/sync_controller_users.yaml

diff --git a/planetstack/openstack_observer/steps/sync_controller_users.py b/planetstack/openstack_observer/steps/sync_controller_users.py
new file mode 100644
index 0000000..2e8256f
--- /dev/null
+++ b/planetstack/openstack_observer/steps/sync_controller_users.py
@@ -0,0 +1,86 @@
+import os
+import base64
+import hashlib
+from collections import defaultdict
+from django.db.models import F, Q
+from planetstack.config import Config
+from observer.openstacksyncstep import OpenStackSyncStep
+from core.models.site import SiteDeployments, Deployment
+from core.models.user import User
+from core.models.userdeployments import UserDeployments
+from util.logger import Logger, logging
+
+from observer.ansible import *
+
+logger = Logger(level=logging.INFO)
+
+class SyncUserDeployments(OpenStackSyncStep):
+    provides=[UserDeployments, User]
+    requested_interval=0
+
+    def fetch_pending(self, deleted):
+
+        if (deleted):
+            return UserDeployments.deleted_objects.all()
+        else:
+            return UserDeployments.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None)) 
+
+    def sync_record(self, user_deployment):
+        logger.info("sync'ing user %s at deployment %s" % (user_deployment.user, user_deployment.deployment.name))
+
+        if not user_deployment.deployment.admin_user:
+            logger.info("deployment %r has no admin_user, skipping" % user_deployment.deployment)
+            return
+
+	template = os_template_env.get_template('sync_user_deployments.yaml')
+	
+        name = user_deployment.user.email[:user_deployment.user.email.find('@')]
+
+	roles = []
+	# setup user deployment home site roles  
+        if user_deployment.user.site:
+            site_deployments = SiteDeployments.objects.filter(site=user_deployment.user.site,
+                                                              deployment=user_deployment.deployment)
+            if site_deployments:
+                # need the correct tenant id for site at the deployment
+                tenant_id = site_deployments[0].tenant_id  
+		tenant_name = site_deployments[0].site.login_base
+
+		roles.append('user')
+                if user_deployment.user.is_admin:
+                    roles.append('admin')
+	    else:
+		raise Exception('Internal error. Missing SiteDeployments for user %s'%user_deployment.user.email)
+	else:
+	    raise Exception('Siteless user %s'%user_deployment.user.email)
+
+
+        user_fields = {'endpoint':user_deployment.deployment.auth_url,
+		       'name': user_deployment.user.email,
+                       'email': user_deployment.user.email,
+                       'password': hashlib.md5(user_deployment.user.password).hexdigest()[:6],
+                       'admin_user': user_deployment.deployment.admin_user,
+		       'admin_password': user_deployment.deployment.admin_password,
+		       'admin_tenant': 'admin',
+		       'roles':roles,
+		       'tenant':tenant_name}    
+	
+	rendered = template.render(user_fields)
+	res = run_template('sync_user_deployments.yaml', user_fields)
+
+	# results is an array in which each element corresponds to an 
+	# "ok" string received per operation. If we get as many oks as
+	# the number of operations we issued, that means a grand success.
+	# Otherwise, the number of oks tell us which operation failed.
+	expected_length = len(roles) + 1
+	if (len(res)==expected_length):
+        	user_deployment.save()
+	elif (len(res)):
+		raise Exception('Could not assign roles for user %s'%user_fields['name'])
+	else:
+		raise Exception('Could not create or update user %s'%user_fields['name'])
+
+    def delete_record(self, user_deployment):
+        if user_deployment.kuser_id:
+            driver = self.driver.admin_driver(deployment=user_deployment.deployment.name)
+            driver.delete_user(user_deployment.kuser_id)
diff --git a/planetstack/openstack_observer/steps/sync_controller_users.yaml b/planetstack/openstack_observer/steps/sync_controller_users.yaml
new file mode 100644
index 0000000..95cdba3
--- /dev/null
+++ b/planetstack/openstack_observer/steps/sync_controller_users.yaml
@@ -0,0 +1,16 @@
+---
+- hosts: 127.0.0.1
+  connection: local
+  tasks:
+  - keystone_user: 
+       endpoint={{ endpoint }} 
+       user="{{ name }}" 
+       email={{ email }} 
+       password={{ password }} 
+       login_user={{ admin_user }} 
+       login_password={{ admin_password }} 
+       login_tenant_name={{ admin_tenant }} 
+       tenant={{ tenant }}
+  {% for role in roles %}
+  - keystone_user: endpoint={{ endpoint}} login_user={{ admin_user }} login_password={{ admin_password }} login_tenant_name={{ admin_tenant }} user="{{ name }}" role={{ role }} tenant={{ tenant }}
+  {% endfor %}
-- 
2.47.0