Source code for heat.engine.clients.os.keystone

#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.

import re

from keystoneauth1 import exceptions as ks_exceptions

from heat.common import exception
from heat.engine.clients import client_plugin
from heat.engine.clients.os.keystone import heat_keystoneclient as hkc


[docs]class KeystoneClientPlugin(client_plugin.ClientPlugin): exceptions_module = [ks_exceptions, exception] service_types = [IDENTITY] = ['identity'] def _create(self): region_name = self._get_region_name() return hkc.KeystoneClient(self.context, region_name)
[docs] def is_not_found(self, ex): return isinstance(ex, (ks_exceptions.NotFound, exception.EntityNotFound))
[docs] def is_over_limit(self, ex): return isinstance(ex, ks_exceptions.RequestEntityTooLarge)
[docs] def is_conflict(self, ex): return isinstance(ex, ks_exceptions.Conflict)
[docs] def parse_entity_with_domain(self, entity_with_domain, entity_type): """Parse keystone entity user/role/project with domain. entity_with_domain should be in entity{domain} format. Returns a tuple of (entity, domain). """ try: match = re.search(r"\{(.*?)\}$", entity_with_domain) if match: entity = entity_with_domain[:match.start()] domain = match.group(1) domain = self.get_domain_id(domain) return (entity, domain) else: return (entity_with_domain, None) except Exception: raise exception.EntityNotFound(entity=entity_type, name=entity_with_domain)
[docs] def get_role_id(self, role, domain=None): if role is None: return None if not domain: role, domain = self.parse_entity_with_domain(role, 'KeystoneRole') try: role_obj = self.client().client.roles.get(role) return role_obj.id except ks_exceptions.NotFound: role_list = self.client().client.roles.list(name=role, domain=domain) for role_obj in role_list: if role_obj.name == role: return role_obj.id raise exception.EntityNotFound(entity='KeystoneRole', name=role)
[docs] def get_project_id(self, project, domain=None): if project is None: return None if not domain: project, domain = self.parse_entity_with_domain(project, 'KeystoneProject') try: project_obj = self.client().client.projects.get(project) return project_obj.id except ks_exceptions.NotFound: project_list = self.client().client.projects.list(name=project, domain=domain) for project_obj in project_list: if project_obj.name == project: return project_obj.id raise exception.EntityNotFound(entity='KeystoneProject', name=project)
[docs] def get_domain_id(self, domain): if domain is None: return None try: domain_obj = self.client().client.domains.get(domain) return domain_obj.id except ks_exceptions.NotFound: domain_list = self.client().client.domains.list(name=domain) for domain_obj in domain_list: if domain_obj.name == domain: return domain_obj.id raise exception.EntityNotFound(entity='KeystoneDomain', name=domain)
[docs] def get_group_id(self, group, domain=None): if group is None: return None if not domain: group, domain = self.parse_entity_with_domain(group, 'KeystoneGroup') try: group_obj = self.client().client.groups.get(group) return group_obj.id except ks_exceptions.NotFound: group_list = self.client().client.groups.list(name=group, domain=domain) for group_obj in group_list: if group_obj.name == group: return group_obj.id raise exception.EntityNotFound(entity='KeystoneGroup', name=group)
[docs] def get_service_id(self, service): if service is None: return None try: service_obj = self.client().client.services.get(service) return service_obj.id except ks_exceptions.NotFound: service_list = self.client().client.services.list(name=service) if len(service_list) == 1: return service_list[0].id elif len(service_list) > 1: raise exception.KeystoneServiceNameConflict(service=service) else: raise exception.EntityNotFound(entity='KeystoneService', name=service)
[docs] def get_user_id(self, user, domain=None): if user is None: return None if not domain: user, domain = self.parse_entity_with_domain(user, 'KeystoneUser') try: user_obj = self.client().client.users.get(user) return user_obj.id except ks_exceptions.NotFound: try: user_obj = self.client().client.users.find(name=user, domain_id=domain) return user_obj.id except ks_exceptions.NotFound: pass raise exception.EntityNotFound(entity='KeystoneUser', name=user)
[docs] def get_region_id(self, region): try: region_obj = self.client().client.regions.get(region) return region_obj.id except ks_exceptions.NotFound: raise exception.EntityNotFound(entity='KeystoneRegion', name=region)