Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / tempest / 48e35d57b98aa1abf672375517c420b962c514eb / . / tempest / common / isolated_creds.py
blob: a4081c9be924a67b648460139097158aeb4e5646 [file] [log] [blame]
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]1# Copyright 2013 IBM Corp.
2#
3# Licensed under the Apache License, Version 2.0 (the "License"); you may
4# not use this file except in compliance with the License. You may obtain
5# a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12# License for the specific language governing permissions and limitations
13# under the License.
14
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]15import netaddr
Doug Hellmann583ce2c2015-03-11 14:55:46 +0000[diff] [blame]16from oslo_log import log as logging
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]17import six
Masayuki Igawabfa07602015-01-20 18:47:17 +0900[diff] [blame]18from tempest_lib import exceptions as lib_exc
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]19
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]20from tempest import clients
Jamie Lennox15350172015-08-17 10:54:25 +1000[diff] [blame]21from tempest.common import cred_client
Marc Kodererd2690fe2014-07-16 14:17:47 +0200[diff] [blame]22from tempest.common import cred_provider
Andrea Frittoli (andreaf)8def7ca2015-05-13 14:24:19 +0100[diff] [blame]23from tempest.common.utils import data_utils
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]24from tempest import config
25from tempest import exceptions
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]26
Sean Dague86bd8422013-12-20 09:56:44 -0500[diff] [blame]27CONF = config.CONF
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]28LOG = logging.getLogger(__name__)
29
30
Marc Kodererd2690fe2014-07-16 14:17:47 +0200[diff] [blame]31class IsolatedCreds(cred_provider.CredentialProvider):
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]32
LingxianKong9c713d22015-06-09 15:19:55 +0800[diff] [blame]33 def __init__(self, identity_version=None, name=None,
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]34 network_resources=None):
LingxianKong9c713d22015-06-09 15:19:55 +0800[diff] [blame]35 super(IsolatedCreds, self).__init__(identity_version, name,
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]36 network_resources)
Matthew Treinish9f756a02014-01-15 10:26:07 -0500[diff] [blame]37 self.network_resources = network_resources
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]38 self.isolated_creds = {}
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]39 self.ports = []
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]40 self.default_admin_creds = cred_provider.get_configured_credentials(
41 'identity_admin', fill_in=True,
42 identity_version=self.identity_version)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]43 self.identity_admin_client, self.network_admin_client = (
44 self._get_admin_clients())
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]45 # Domain where isolated credentials are provisioned (v3 only).
46 # Use that of the admin account is None is configured.
47 self.creds_domain_name = None
48 if self.identity_version == 'v3':
49 self.creds_domain_name = (
David Kranz87fc7e92015-07-28 14:05:20 -0400[diff] [blame]50 self.default_admin_creds.project_domain_name or
51 CONF.auth.default_credentials_domain_name)
Jamie Lennox15350172015-08-17 10:54:25 +1000[diff] [blame]52 self.creds_client = cred_client.get_creds_client(
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]53 self.identity_admin_client, self.creds_domain_name)
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]54
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]55 def _get_admin_clients(self):
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]56 """
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]57 Returns a tuple with instances of the following admin clients (in this
58 order):
59 identity
60 network
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]61 """
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]62 os = clients.Manager(self.default_admin_creds)
63 if self.identity_version == 'v2':
64 return os.identity_client, os.network_client
65 else:
66 return os.identity_v3_client, os.network_client
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]67
Matthew Treinish976e8df2014-12-19 14:21:54 -0500[diff] [blame]68 def _create_creds(self, suffix="", admin=False, roles=None):
Sean Dague6969b902014-01-28 06:48:37 -0500[diff] [blame]69 """Create random credentials under the following schema.
70
71 If the name contains a '.' is the full class path of something, and
72 we don't really care. If it isn't, it's probably a meaningful name,
73 so use it.
74
75 For logging purposes, -user and -tenant are long and redundant,
76 don't use them. The user# will be sufficient to figure it out.
77 """
78 if '.' in self.name:
79 root = ""
80 else:
81 root = self.name
82
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]83 project_name = data_utils.rand_name(root) + suffix
84 project_desc = project_name + "-desc"
85 project = self.creds_client.create_project(
86 name=project_name, description=project_desc)
Sean Dague6969b902014-01-28 06:48:37 -0500[diff] [blame]87
88 username = data_utils.rand_name(root) + suffix
LingxianKong9c713d22015-06-09 15:19:55 +0800[diff] [blame]89 user_password = data_utils.rand_password()
Sean Dague6969b902014-01-28 06:48:37 -0500[diff] [blame]90 email = data_utils.rand_name(root) + suffix + "@example.com"
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]91 user = self.creds_client.create_user(
LingxianKong9c713d22015-06-09 15:19:55 +0800[diff] [blame]92 username, user_password, project, email)
John Warren56317e02015-08-12 20:48:32 +0000[diff] [blame]93 if 'user' in user:
94 user = user['user']
Matthew Treinish32f98a42015-07-14 19:58:46 -0400[diff] [blame]95 role_assigned = False
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]96 if admin:
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]97 self.creds_client.assign_user_role(user, project,
98 CONF.identity.admin_role)
Matthew Treinish32f98a42015-07-14 19:58:46 -0400[diff] [blame]99 role_assigned = True
Matthew Treinish976e8df2014-12-19 14:21:54 -0500[diff] [blame]100 # Add roles specified in config file
101 for conf_role in CONF.auth.tempest_roles:
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]102 self.creds_client.assign_user_role(user, project, conf_role)
Matthew Treinish32f98a42015-07-14 19:58:46 -0400[diff] [blame]103 role_assigned = True
Matthew Treinish976e8df2014-12-19 14:21:54 -0500[diff] [blame]104 # Add roles requested by caller
105 if roles:
106 for role in roles:
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]107 self.creds_client.assign_user_role(user, project, role)
Matthew Treinish32f98a42015-07-14 19:58:46 -0400[diff] [blame]108 role_assigned = True
109 # NOTE(mtreinish) For a user to have access to a project with v3 auth
110 # it must beassigned a role on the project. So we need to ensure that
111 # our newly created user has a role on the newly created project.
112 if self.identity_version == 'v3' and not role_assigned:
113 self.creds_client.create_user_role('Member')
114 self.creds_client.assign_user_role(user, project, 'Member')
115
LingxianKong9c713d22015-06-09 15:19:55 +0800[diff] [blame]116 creds = self.creds_client.get_credentials(user, project, user_password)
Andrea Frittoli (andreaf)9540dfd2015-03-25 17:06:50 -0400[diff] [blame]117 return cred_provider.TestResources(creds)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]118
119 def _create_network_resources(self, tenant_id):
120 network = None
121 subnet = None
122 router = None
Matthew Treinish9f756a02014-01-15 10:26:07 -0500[diff] [blame]123 # Make sure settings
124 if self.network_resources:
125 if self.network_resources['router']:
126 if (not self.network_resources['subnet'] or
127 not self.network_resources['network']):
128 raise exceptions.InvalidConfiguration(
129 'A router requires a subnet and network')
130 elif self.network_resources['subnet']:
131 if not self.network_resources['network']:
132 raise exceptions.InvalidConfiguration(
133 'A subnet requires a network')
134 elif self.network_resources['dhcp']:
135 raise exceptions.InvalidConfiguration('DHCP requires a subnet')
136
Masayuki Igawa259c1132013-10-31 17:48:44 +0900[diff] [blame]137 data_utils.rand_name_root = data_utils.rand_name(self.name)
Matthew Treinish9f756a02014-01-15 10:26:07 -0500[diff] [blame]138 if not self.network_resources or self.network_resources['network']:
139 network_name = data_utils.rand_name_root + "-network"
140 network = self._create_network(network_name, tenant_id)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]141 try:
Matthew Treinish9f756a02014-01-15 10:26:07 -0500[diff] [blame]142 if not self.network_resources or self.network_resources['subnet']:
143 subnet_name = data_utils.rand_name_root + "-subnet"
144 subnet = self._create_subnet(subnet_name, tenant_id,
145 network['id'])
146 if not self.network_resources or self.network_resources['router']:
147 router_name = data_utils.rand_name_root + "-router"
148 router = self._create_router(router_name, tenant_id)
149 self._add_router_interface(router['id'], subnet['id'])
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]150 except Exception:
151 if router:
152 self._clear_isolated_router(router['id'], router['name'])
153 if subnet:
154 self._clear_isolated_subnet(subnet['id'], subnet['name'])
155 if network:
156 self._clear_isolated_network(network['id'], network['name'])
157 raise
158 return network, subnet, router
159
160 def _create_network(self, name, tenant_id):
David Kranz34e88122014-12-11 15:24:05 -0500[diff] [blame]161 resp_body = self.network_admin_client.create_network(
Andrea Frittoliae9aca02014-09-25 11:43:11 +0100[diff] [blame]162 name=name, tenant_id=tenant_id)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]163 return resp_body['network']
164
165 def _create_subnet(self, subnet_name, tenant_id, network_id):
Sean Dague86bd8422013-12-20 09:56:44 -0500[diff] [blame]166 base_cidr = netaddr.IPNetwork(CONF.network.tenant_network_cidr)
167 mask_bits = CONF.network.tenant_network_mask_bits
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]168 for subnet_cidr in base_cidr.subnet(mask_bits):
169 try:
Andrea Frittoliae9aca02014-09-25 11:43:11 +0100[diff] [blame]170 if self.network_resources:
David Kranz34e88122014-12-11 15:24:05 -0500[diff] [blame]171 resp_body = self.network_admin_client.\
Andrea Frittoliae9aca02014-09-25 11:43:11 +0100[diff] [blame]172 create_subnet(
173 network_id=network_id, cidr=str(subnet_cidr),
174 name=subnet_name,
175 tenant_id=tenant_id,
176 enable_dhcp=self.network_resources['dhcp'],
177 ip_version=4)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]178 else:
David Kranz34e88122014-12-11 15:24:05 -0500[diff] [blame]179 resp_body = self.network_admin_client.\
Andrea Frittoliae9aca02014-09-25 11:43:11 +0100[diff] [blame]180 create_subnet(network_id=network_id,
181 cidr=str(subnet_cidr),
182 name=subnet_name,
183 tenant_id=tenant_id,
184 ip_version=4)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]185 break
Masayuki Igawa4b29e472015-02-16 10:41:54 +0900[diff] [blame]186 except lib_exc.BadRequest as e:
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]187 if 'overlaps with another subnet' not in str(e):
188 raise
189 else:
David Kranzd4210412014-11-21 08:37:45 -0500[diff] [blame]190 message = 'Available CIDR for subnet creation could not be found'
191 raise Exception(message)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]192 return resp_body['subnet']
193
194 def _create_router(self, router_name, tenant_id):
195 external_net_id = dict(
Sean Dague86bd8422013-12-20 09:56:44 -0500[diff] [blame]196 network_id=CONF.network.public_network_id)
David Kranz34e88122014-12-11 15:24:05 -0500[diff] [blame]197 resp_body = self.network_admin_client.create_router(
Andrea Frittoliae9aca02014-09-25 11:43:11 +0100[diff] [blame]198 router_name,
199 external_gateway_info=external_net_id,
200 tenant_id=tenant_id)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]201 return resp_body['router']
202
203 def _add_router_interface(self, router_id, subnet_id):
Andrea Frittoliae9aca02014-09-25 11:43:11 +0100[diff] [blame]204 self.network_admin_client.add_router_interface_with_subnet_id(
205 router_id, subnet_id)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]206
Andrea Frittoli9612e812014-03-13 10:57:26 +0000[diff] [blame]207 def get_credentials(self, credential_type):
Matthew Treinish976e8df2014-12-19 14:21:54 -0500[diff] [blame]208 if self.isolated_creds.get(str(credential_type)):
209 credentials = self.isolated_creds[str(credential_type)]
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]210 else:
Matthew Treinish976e8df2014-12-19 14:21:54 -0500[diff] [blame]211 if credential_type in ['primary', 'alt', 'admin']:
212 is_admin = (credential_type == 'admin')
213 credentials = self._create_creds(admin=is_admin)
214 else:
215 credentials = self._create_creds(roles=credential_type)
216 self.isolated_creds[str(credential_type)] = credentials
Andrea Frittolifc315902014-03-20 09:21:44 +0000[diff] [blame]217 # Maintained until tests are ported
Andrea Frittolifc315902014-03-20 09:21:44 +0000[diff] [blame]218 LOG.info("Acquired isolated creds:\n credentials: %s"
219 % credentials)
Adam Gandelman85395e72014-07-29 18:34:33 -0700[diff] [blame]220 if (CONF.service_available.neutron and
Matthew Treinish2219d382015-04-24 10:33:04 -0400[diff] [blame]221 not CONF.baremetal.driver_enabled and
222 CONF.auth.create_isolated_networks):
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]223 network, subnet, router = self._create_network_resources(
Andrea Frittolifc315902014-03-20 09:21:44 +0000[diff] [blame]224 credentials.tenant_id)
Andrea Frittoli (andreaf)9540dfd2015-03-25 17:06:50 -0400[diff] [blame]225 credentials.set_resources(network=network, subnet=subnet,
226 router=router)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]227 LOG.info("Created isolated network resources for : \n"
Andrea Frittolifc315902014-03-20 09:21:44 +0000[diff] [blame]228 + " credentials: %s" % credentials)
Andrea Frittoli9612e812014-03-13 10:57:26 +0000[diff] [blame]229 return credentials
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]230
Andrea Frittoli9612e812014-03-13 10:57:26 +0000[diff] [blame]231 def get_primary_creds(self):
232 return self.get_credentials('primary')
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]233
Andrea Frittoli9612e812014-03-13 10:57:26 +0000[diff] [blame]234 def get_admin_creds(self):
235 return self.get_credentials('admin')
Andrea Frittolifc315902014-03-20 09:21:44 +0000[diff] [blame]236
Andrea Frittoli9612e812014-03-13 10:57:26 +0000[diff] [blame]237 def get_alt_creds(self):
238 return self.get_credentials('alt')
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]239
Matthew Treinish976e8df2014-12-19 14:21:54 -0500[diff] [blame]240 def get_creds_by_roles(self, roles, force_new=False):
241 roles = list(set(roles))
242 # The roles list as a str will become the index as the dict key for
243 # the created credentials set in the isolated_creds dict.
244 exist_creds = self.isolated_creds.get(str(roles))
245 # If force_new flag is True 2 cred sets with the same roles are needed
246 # handle this by creating a separate index for old one to store it
247 # separately for cleanup
248 if exist_creds and force_new:
249 new_index = str(roles) + '-' + str(len(self.isolated_creds))
250 self.isolated_creds[new_index] = exist_creds
251 del self.isolated_creds[str(roles)]
Matthew Treinish976e8df2014-12-19 14:21:54 -0500[diff] [blame]252 return self.get_credentials(roles)
253
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]254 def _clear_isolated_router(self, router_id, router_name):
255 net_client = self.network_admin_client
256 try:
257 net_client.delete_router(router_id)
Masayuki Igawabfa07602015-01-20 18:47:17 +0900[diff] [blame]258 except lib_exc.NotFound:
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]259 LOG.warn('router with name: %s not found for delete' %
260 router_name)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]261
262 def _clear_isolated_subnet(self, subnet_id, subnet_name):
263 net_client = self.network_admin_client
264 try:
265 net_client.delete_subnet(subnet_id)
Masayuki Igawabfa07602015-01-20 18:47:17 +0900[diff] [blame]266 except lib_exc.NotFound:
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]267 LOG.warn('subnet with name: %s not found for delete' %
268 subnet_name)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]269
270 def _clear_isolated_network(self, network_id, network_name):
271 net_client = self.network_admin_client
272 try:
273 net_client.delete_network(network_id)
Masayuki Igawabfa07602015-01-20 18:47:17 +0900[diff] [blame]274 except lib_exc.NotFound:
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]275 LOG.warn('network with name: %s not found for delete' %
276 network_name)
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]277
Ala Rezmerita846eb7c2014-03-10 09:06:03 +0100[diff] [blame]278 def _cleanup_default_secgroup(self, tenant):
279 net_client = self.network_admin_client
David Kranz34e88122014-12-11 15:24:05 -0500[diff] [blame]280 resp_body = net_client.list_security_groups(tenant_id=tenant,
281 name="default")
Ala Rezmerita846eb7c2014-03-10 09:06:03 +0100[diff] [blame]282 secgroups_to_delete = resp_body['security_groups']
283 for secgroup in secgroups_to_delete:
284 try:
285 net_client.delete_security_group(secgroup['id'])
Masayuki Igawabfa07602015-01-20 18:47:17 +0900[diff] [blame]286 except lib_exc.NotFound:
Ala Rezmerita846eb7c2014-03-10 09:06:03 +0100[diff] [blame]287 LOG.warn('Security group %s, id %s not found for clean-up' %
288 (secgroup['name'], secgroup['id']))
289
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]290 def _clear_isolated_net_resources(self):
291 net_client = self.network_admin_client
Andrea Frittoli (andreaf)9540dfd2015-03-25 17:06:50 -0400[diff] [blame]292 for cred in self.isolated_creds:
293 creds = self.isolated_creds.get(cred)
294 if (not creds or not any([creds.router, creds.network,
295 creds.subnet])):
296 continue
Salvatore Orlandocf996c62014-01-30 09:15:18 -0800[diff] [blame]297 LOG.debug("Clearing network: %(network)s, "
Matthew Treinishfe094ea2014-12-09 01:19:27 +0000[diff] [blame]298 "subnet: %(subnet)s, router: %(router)s",
Andrea Frittoli (andreaf)9540dfd2015-03-25 17:06:50 -0400[diff] [blame]299 {'network': creds.network, 'subnet': creds.subnet,
300 'router': creds.router})
Salvatore Orlandocf996c62014-01-30 09:15:18 -0800[diff] [blame]301 if (not self.network_resources or
Andrea Frittoli (andreaf)9540dfd2015-03-25 17:06:50 -0400[diff] [blame]302 (self.network_resources.get('router') and creds.subnet)):
Matthew Treinish9f756a02014-01-15 10:26:07 -0500[diff] [blame]303 try:
Andrea Frittoliae9aca02014-09-25 11:43:11 +0100[diff] [blame]304 net_client.remove_router_interface_with_subnet_id(
Andrea Frittoli (andreaf)9540dfd2015-03-25 17:06:50 -0400[diff] [blame]305 creds.router['id'], creds.subnet['id'])
Masayuki Igawabfa07602015-01-20 18:47:17 +0900[diff] [blame]306 except lib_exc.NotFound:
Matthew Treinish9f756a02014-01-15 10:26:07 -0500[diff] [blame]307 LOG.warn('router with name: %s not found for delete' %
Andrea Frittoli (andreaf)9540dfd2015-03-25 17:06:50 -0400[diff] [blame]308 creds.router['name'])
309 self._clear_isolated_router(creds.router['id'],
310 creds.router['name'])
Salvatore Orlandocf996c62014-01-30 09:15:18 -0800[diff] [blame]311 if (not self.network_resources or
Salvatore Orlandocf996c62014-01-30 09:15:18 -0800[diff] [blame]312 self.network_resources.get('subnet')):
Andrea Frittoli (andreaf)9540dfd2015-03-25 17:06:50 -0400[diff] [blame]313 self._clear_isolated_subnet(creds.subnet['id'],
314 creds.subnet['name'])
Salvatore Orlandocf996c62014-01-30 09:15:18 -0800[diff] [blame]315 if (not self.network_resources or
316 self.network_resources.get('network')):
Andrea Frittoli (andreaf)9540dfd2015-03-25 17:06:50 -0400[diff] [blame]317 self._clear_isolated_network(creds.network['id'],
318 creds.network['name'])
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]319
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]320 def clear_isolated_creds(self):
321 if not self.isolated_creds:
322 return
Miguel Lavalleb8fabc52013-08-23 11:19:57 -0500[diff] [blame]323 self._clear_isolated_net_resources()
Matthew Treinishdc060d02015-04-23 14:20:26 -0400[diff] [blame]324 for creds in six.itervalues(self.isolated_creds):
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]325 try:
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]326 self.creds_client.delete_user(creds.user_id)
Masayuki Igawabfa07602015-01-20 18:47:17 +0900[diff] [blame]327 except lib_exc.NotFound:
Andrea Frittolifc315902014-03-20 09:21:44 +0000[diff] [blame]328 LOG.warn("user with name: %s not found for delete" %
329 creds.username)
Matthew Treinishb86cda92013-07-29 11:22:23 -0400[diff] [blame]330 try:
Andrea Frittolic3280152015-02-26 12:42:34 +0000[diff] [blame]331 if CONF.service_available.neutron:
332 self._cleanup_default_secgroup(creds.tenant_id)
333 self.creds_client.delete_project(creds.tenant_id)
Masayuki Igawabfa07602015-01-20 18:47:17 +0900[diff] [blame]334 except lib_exc.NotFound:
Andrea Frittolifc315902014-03-20 09:21:44 +0000[diff] [blame]335 LOG.warn("tenant with name: %s not found for delete" %
336 creds.tenant_name)
ahmadfe72a402015-02-13 17:30:36 +0530[diff] [blame]337 self.isolated_creds = {}
Andrea Frittoli8283b4e2014-07-17 13:28:58 +0100[diff] [blame]338
339 def is_multi_user(self):
340 return True
Yair Fried76488d72014-10-21 10:13:19 +0300[diff] [blame]341
342 def is_multi_tenant(self):
343 return True
Matthew Treinish4a596932015-03-06 20:37:01 -0500[diff] [blame]344
345 def is_role_available(self, role):
346 return True