Code Review / snaps.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Closing keystone sessions after done with them.
[snaps.git] / snaps / openstack / utils / keystone_utils.py
diff --git a/snaps/openstack/utils/keystone_utils.py b/snaps/openstack/utils/keystone_utils.py
index f390c0f..52c86d8 100644 (file)
--- a/snaps/openstack/utils/keystone_utils.py
+++ b/snaps/openstack/utils/keystone_utils.py
@@ -14,10 +14,12 @@
 # limitations under the License.
 import logging
 
 # limitations under the License.
 import logging
 
+import keystoneauth1
 from keystoneclient.client import Client
 from keystoneauth1.identity import v3, v2
 from keystoneauth1 import session
 import requests
 from keystoneclient.client import Client
 from keystoneauth1.identity import v3, v2
 from keystoneauth1 import session
 import requests
+from keystoneclient.exceptions import NotFound
 
 from snaps.domain.project import Project, Domain
 from snaps.domain.role import Role
 
 from snaps.domain.project import Project, Domain
 from snaps.domain.role import Role
@@ -77,15 +79,29 @@ def keystone_session(os_creds):
                            verify=os_creds.cacert)
 
 
                            verify=os_creds.cacert)
 
 
-def keystone_client(os_creds):
+def close_session(session):
+    """
+    Closes a keystone session
+    :param session: a session.Session object
+    """
+    if isinstance(session, keystoneauth1.session.Session):
+        session.session.close()
+
+
+def keystone_client(os_creds, session=None):
     """
     Returns the keystone client
     :param os_creds: the OpenStack credentials (OSCreds) object
     """
     Returns the keystone client
     :param os_creds: the OpenStack credentials (OSCreds) object
+    :param session: the keystone session object (optional)
     :return: the client
     """
     :return: the client
     """
+
+    if not session:
+        session = keystone_session(os_creds)
+
     return Client(
         version=os_creds.identity_api_version,
     return Client(
         version=os_creds.identity_api_version,
-        session=keystone_session(os_creds),
+        session=session,
         interface=os_creds.interface,
         region_name=os_creds.region_name)
 
         interface=os_creds.interface,
         region_name=os_creds.region_name)
 
@@ -101,29 +117,20 @@ def get_endpoint(os_creds, service_type, interface='public'):
     auth = get_session_auth(os_creds)
     key_session = keystone_session(os_creds)
     return key_session.get_endpoint(
     auth = get_session_auth(os_creds)
     key_session = keystone_session(os_creds)
     return key_session.get_endpoint(
-        auth=auth, service_type=service_type, interface=interface)
+        auth=auth, service_type=service_type, region_name=os_creds.region_name,
+        interface=interface)
 
 
 
 
-def get_project(keystone=None, os_creds=None, project_settings=None,
-                project_name=None):
+def get_project(keystone=None, project_settings=None, project_name=None):
     """
     Returns the first project where the project_settings is used for the query
     if not None, else the project_name parameter is used for the query. If both
     parameters are None, None is returned
     :param keystone: the Keystone client
     """
     Returns the first project where the project_settings is used for the query
     if not None, else the project_name parameter is used for the query. If both
     parameters are None, None is returned
     :param keystone: the Keystone client
-    :param os_creds: the OpenStack credentials used to obtain the Keystone
-                     client if the keystone parameter is None
-    :param project_settings: a ProjectSettings object
+    :param project_settings: a ProjectConfig object
     :param project_name: the name to query
     :return: the SNAPS-OO Project domain object or None
     """
     :param project_name: the name to query
     :return: the SNAPS-OO Project domain object or None
     """
-    if not keystone:
-        if os_creds:
-            keystone = keystone_client(os_creds)
-        else:
-            raise KeystoneException(
-                'Cannot lookup project without the proper credentials')
-
     proj_filter = dict()
 
     if project_name:
     proj_filter = dict()
 
     if project_name:
@@ -151,6 +158,26 @@ def get_project(keystone=None, os_creds=None, project_settings=None,
                            domain_id=domain_id)
 
 
                            domain_id=domain_id)
 
 
+def get_project_by_id(keystone, proj_id):
+    """
+    Returns the first project where the project_settings is used for the query
+    if not None, else the project_name parameter is used for the query. If both
+    parameters are None, None is returned
+    :param keystone: the Keystone client
+    :param proj_id: the project ID
+    """
+    if proj_id and len(proj_id) > 0:
+        try:
+            os_proj = keystone.projects.get(proj_id)
+            if os_proj:
+                return Project(name=os_proj.name, project_id=os_proj.id,
+                               domain_id=os_proj)
+        except NotFound:
+            pass
+        except KeyError:
+            pass
+
+
 def create_project(keystone, project_settings):
     """
     Creates a project
 def create_project(keystone, project_settings):
     """
     Creates a project
@@ -175,6 +202,7 @@ def create_project(keystone, project_settings):
             enabled=project_settings.enabled)
         domain_id = os_project.domain_id
 
             enabled=project_settings.enabled)
         domain_id = os_project.domain_id
 
+    logger.info('Created project with name - %s', project_settings.name)
     return Project(
         name=os_project.name, project_id=os_project.id, domain_id=domain_id)
 
     return Project(
         name=os_project.name, project_id=os_project.id, domain_id=domain_id)
 
@@ -185,6 +213,7 @@ def delete_project(keystone, project):
     :param keystone: the Keystone clien
     :param project: the SNAPS-OO Project domain object
     """
     :param keystone: the Keystone clien
     :param project: the SNAPS-OO Project domain object
     """
+    logger.info('Deleting project with name - %s', project.name)
     if keystone.version == V2_VERSION_STR:
         keystone.tenants.delete(project.id)
     else:
     if keystone.version == V2_VERSION_STR:
         keystone.tenants.delete(project.id)
     else:
@@ -234,8 +263,8 @@ def create_user(keystone, user_settings):
     """
     project = None
     if user_settings.project_name:
     """
     project = None
     if user_settings.project_name:
-        project = get_project(keystone=keystone,
-                              project_name=user_settings.project_name)
+        project = get_project(
+            keystone=keystone, project_name=user_settings.project_name)
 
     if keystone.version == V2_VERSION_STR:
         project_id = None
 
     if keystone.version == V2_VERSION_STR:
         project_id = None
@@ -272,6 +301,7 @@ def create_user(keystone, user_settings):
                     project=os_project)
 
     if os_user:
                     project=os_project)
 
     if os_user:
+        logger.info('Created user with name - %s', os_user.name)
         return User(name=os_user.name, user_id=os_user.id)
 
 
         return User(name=os_user.name, user_id=os_user.id)
 
 
@@ -281,6 +311,7 @@ def delete_user(keystone, user):
     :param keystone: the Keystone client
     :param user: the SNAPS-OO User domain object
     """
     :param keystone: the Keystone client
     :param user: the SNAPS-OO User domain object
     """
+    logger.info('Deleting user with name - %s', user.name)
     keystone.users.delete(user.id)
 
 
     keystone.users.delete(user.id)
 
 
@@ -336,6 +367,7 @@ def create_role(keystone, name):
     :return: a SNAPS-OO Role domain object
     """
     role = keystone.roles.create(name)
     :return: a SNAPS-OO Role domain object
     """
     role = keystone.roles.create(name)
+    logger.info('Created role with name - %s', role.name)
     return Role(name=role.name, role_id=role.id)
 
 
     return Role(name=role.name, role_id=role.id)
 
 
@@ -346,6 +378,7 @@ def delete_role(keystone, role):
     :param role: the SNAPS-OO Role domain object to delete
     :return:
     """
     :param role: the SNAPS-OO Role domain object to delete
     :return:
     """
+    logger.info('Deleting role with name - %s', role.name)
     keystone.roles.delete(role.id)
 
 
     keystone.roles.delete(role.id)
 
 
@@ -360,6 +393,7 @@ def grant_user_role_to_project(keystone, role, user, project):
     """
 
     os_role = get_role_by_id(keystone, role.id)
     """
 
     os_role = get_role_by_id(keystone, role.id)
+    logger.info('Granting role %s to project %s', role.name, project.name)
     if keystone.version == V2_VERSION_STR:
         keystone.roles.add_user_role(user, os_role, tenant=project)
     else:
     if keystone.version == V2_VERSION_STR:
         keystone.roles.add_user_role(user, os_role, tenant=project)
     else:
@@ -373,9 +407,10 @@ def get_domain_by_id(keystone, domain_id):
     :param domain_id: the domain ID to retrieve
     :return: the SNAPS-OO Domain domain object
     """
     :param domain_id: the domain ID to retrieve
     :return: the SNAPS-OO Domain domain object
     """
-    domain = keystone.domains.get(domain_id)
-    if domain:
-        return Domain(name=domain.name, domain_id=domain.id)
+    if keystone.version != V2_VERSION_STR:
+        domain = keystone.domains.get(domain_id)
+        if domain:
+            return Domain(name=domain.name, domain_id=domain.id)
 
 
 def __get_os_domain_by_name(keystone, domain_name):
 
 
 def __get_os_domain_by_name(keystone, domain_name):