1 # Copyright (c) 2017 Cable Television Laboratories, Inc. ("CableLabs")
2 # and others. All rights reserved.
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at:
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
17 from keystoneclient.exceptions import NotFound
19 from snaps.openstack.openstack_creator import OpenStackIdentityObject
20 from snaps.openstack.os_credentials import OSCreds
21 from snaps.openstack.utils import keystone_utils
23 __author__ = 'spisarski'
25 logger = logging.getLogger('create_user')
28 class OpenStackUser(OpenStackIdentityObject):
30 Class responsible for managing a user in OpenStack
33 def __init__(self, os_creds, user_settings):
36 :param os_creds: The OpenStack connection credentials
37 :param user_settings: The user settings
40 super(self.__class__, self).__init__(os_creds)
42 self.user_settings = user_settings
47 Creates the user in OpenStack if it does not already exist
48 :return: The User domain object
50 super(self.__class__, self).initialize()
52 self.__user = keystone_utils.get_user(self._keystone,
53 self.user_settings.name)
56 def create(self, cleanup=False):
58 Creates a User if one does not already exist
59 :return: The User domain object
63 self.__user = keystone_utils.create_user(self._keystone,
69 Cleanse environment of user
74 keystone_utils.delete_user(self._keystone, self.__user)
81 Returns the OpenStack user object populated in create()
82 :return: the Object or None if not created
86 def get_os_creds(self, project_name=None):
88 Returns an OSCreds object based on this user account and a project
89 :param project_name: the name of the project to leverage in the
94 username=self.user_settings.name,
95 password=self.user_settings.password,
96 auth_url=self._os_creds.auth_url,
97 project_name=project_name,
98 identity_api_version=self._os_creds.identity_api_version,
99 image_api_version=self._os_creds.image_api_version,
100 network_api_version=self._os_creds.network_api_version,
101 compute_api_version=self._os_creds.compute_api_version,
102 heat_api_version=self._os_creds.heat_api_version,
103 volume_api_version=self._os_creds.volume_api_version,
104 user_domain_name=self._os_creds.user_domain_name,
105 user_domain_id=self._os_creds.user_domain_id,
106 project_domain_name=self._os_creds.project_domain_name,
107 project_domain_id=self._os_creds.project_domain_id,
108 interface=self._os_creds.interface,
109 proxy_settings=self._os_creds.proxy_settings,
110 cacert=self._os_creds.cacert)
114 def __init__(self, **kwargs):
118 :param name: the user's name (required)
119 :param password: the user's password (required)
120 :param project_name: the user's primary project name (optional)
121 :param domain_name: the user's domain name (default='default'). For v3
123 :param email: the user's email address (optional)
124 :param enabled: denotes whether or not the user is enabled
126 :param roles: dict where key is the role's name and value is the name
127 the project to associate with the role
130 self.name = kwargs.get('name')
131 self.password = kwargs.get('password')
132 self.project_name = kwargs.get('project_name')
133 self.email = kwargs.get('email')
134 self.domain_name = kwargs.get('domain_name', 'Default')
135 self.enabled = kwargs.get('enabled', True)
136 self.roles = kwargs.get('roles', dict())
138 if not self.name or not self.password:
139 raise UserSettingsException(
140 'The attributes name and password are required for '
143 if not isinstance(self.enabled, bool):
144 raise UserSettingsException('The attribute enabled must be of type'
148 class UserSettingsException(Exception):
150 Raised when there is a problem with the values set in the UserSettings