planetstack/openstack_observer/steps/sync_site_privileges.py

   1 import os
   2 import base64
   3 from django.db.models import F, Q
   4 from planetstack.config import Config
   5 from observer.openstacksyncstep import OpenStackSyncStep
   6 from core.models import User, ControllerUsers, SitePrivilege, ControllerSites
   7
   8 class SyncSitePrivileges(OpenStackSyncStep):
   9     requested_interval=0
  10     provides=[SitePrivilege]
  11
  12     def fetch_pending(self, deleted):
  13         # Deleting site privileges is not supported yet
  14         if (deleted):
  15             return []
  16
  17         return SitePrivilege.objects.filter(Q(enacted__lt=F('updated')) | Q(enacted=None))
  18
  19     def sync_record(self, site_priv):
  20         # sync site privileges at all site controllers
  21         controller_sites = ControllerSites.objects.filter(site=site_priv.site)
  22         for controller_site in controller_sites:
  23             controller_users = ControllerUsers.objects.filter(controller=controller_site.controller)
  24             if controller_users:
  25                 kuser_id  = controller_users[0].kuser_id
  26                 driver = self.driver.admin_driver(controller=controller_site.controller)
  27                 driver.add_user_role(kuser_id,
  28                                      controller_site.tenant_id,
  29                                      site_priv.role.role)