Blame - _modules/keystonev3/roles.py - salt-formulas/keystone

blob: bd85c16b02dc092fabc3783aae03f47f5dd24497 [file] [log] [blame]

Vasyl Saienko	4eda4f2	2018-04-26 19:30:39 +0300	[diff] [blame]	1	from keystonev3.common import get_by_name_or_uuid, send
				2	from keystonev3.common import KeystoneException
				3
				4	try:
				5	from urllib.parse import urlencode
				6	except ImportError:
				7	from urllib import urlencode
				8
				9
				10	@send('get')
				11	def role_list(**kwargs):
				12	url = '/roles?{}'.format(urlencode(kwargs))
				13	return url, None
				14
				15
				16	@send('get')
				17	def role_assignment_list(**kwargs):
				18	url = '/role_assignments?{}'.format(urlencode(kwargs))
				19	return url, None
				20
				21
				22	@send('put')
				23	def role_add(user_id, role_id, project_id=None, domain_id=None, **kwargs):
				24	if (project_id and domain_id) or (not project_id and not domain_id):
				25	raise KeystoneException('Role can be assigned either to project '
				26	'or domain.')
				27	if project_id:
				28	url = '/projects/{}/users/{}/roles/{}'.format(project_id, user_id,
				29	role_id)
				30	elif domain_id:
				31	url = '/domains/{}/users/{}/roles/{}'.format(domain_id, user_id,
				32	role_id)
				33	return url, None
				34
				35
				36	@send('delete')
				37	def role_delete(user_id, role_id, project_id=None, domain_id=None, **kwargs):
				38	if (project_id and domain_id) or (not project_id and not domain_id):
				39	raise KeystoneException('Role can be unassigned either from project '
				40	'or domain.')
				41	if project_id:
				42	url = '/projects/{}/users/{}/roles/{}'.format(project_id, user_id,
				43	role_id)
				44	elif domain_id:
				45	url = '/domains/{}/users/{}/roles/{}'.format(domain_id, user_id,
				46	role_id)
				47	return url, None
				48
				49
				50	@send('head')
				51	def role_assignment_check(user_id, role_id, project_id=None,
				52	domain_id=None, **kwargs):
				53	if (project_id and domain_id) or (not project_id and not domain_id):
				54	raise KeystoneException('Role can be assigned either to project '
				55	'or domain.')
				56	if project_id:
				57	url = '/projects/{}/users/{}/roles/{}'.format(project_id, user_id,
				58	role_id)
				59	elif domain_id:
				60	url = '/domains/{}/users/{}/roles/{}'.format(domain_id, user_id,
				61	role_id)
				62	return url, None
				63
				64
				65	@get_by_name_or_uuid(role_list, 'roles', 'role_id')
				66	@send('get')
				67	def role_get_details(role_id, **kwargs):
				68	url = '/roles/{}?{}'.format(role_id, urlencode(kwargs))
				69	return url, None
				70
				71
				72	@get_by_name_or_uuid(role_list, 'roles', 'role_id')
				73	@send('patch')
				74	def role_update(role_id, **kwargs):
				75	url = '/roles/{}'.format(role_id)
				76	json = {
				77	'role': kwargs,
				78	}
				79	return url, json
				80
				81
				82	@get_by_name_or_uuid(role_list, 'roles', 'role_id')
				83	@send('delete')
				84	def role_remove(role_id, **kwargs):
				85	url = '/roles/{}'.format(role_id)
				86	return url, None
				87
				88
				89	@send('post')
				90	def role_create(**kwargs):
				91	url = '/roles'
				92	json = {
				93	'role': kwargs,
				94	}
				95	return url, json