[1/2] git commit: Allow user to specify a default_project_id when creating a user.
Repository: libcloud Updated Branches: refs/heads/trunk 5af1bf363 - 23d4355a1 Allow user to specify a default_project_id when creating a user. Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/9910bd5d Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/9910bd5d Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/9910bd5d Branch: refs/heads/trunk Commit: 9910bd5d85db29e79366e010db9685db61d1fa32 Parents: 5af1bf3 Author: Tomaz Muraus to...@apache.org Authored: Thu Aug 14 11:06:44 2014 +0200 Committer: Tomaz Muraus to...@apache.org Committed: Thu Aug 14 11:07:00 2014 +0200 -- libcloud/common/openstack_identity.py | 11 +++ 1 file changed, 7 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/libcloud/blob/9910bd5d/libcloud/common/openstack_identity.py -- diff --git a/libcloud/common/openstack_identity.py b/libcloud/common/openstack_identity.py index b9723fc..dec8f43 100644 --- a/libcloud/common/openstack_identity.py +++ b/libcloud/common/openstack_identity.py @@ -1087,11 +1087,8 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): response = self.authenticated_request(path, method='DELETE') return response.status == httplib.NO_CONTENT -def create_domain(self): -pass - def create_user(self, email, password, name, description=None, -domain_id=None, enabled=True): +domain_id=None, default_project_id=None, enabled=True): Create a new user account. @@ -1110,6 +1107,9 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): :param domain_id: ID of the domain to add the user to (optional). :type domain_id: ``str`` +:param default_project_id: ID of the default user project (optional). +:type default_project_id: ``str`` + :param enabled: True to enable user after creation. :type enabled: ``bool`` @@ -1129,6 +1129,9 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): if domain_id: data['domain_id'] = domain_id +if default_project_id: +data['default_project_id'] = default_project_id + data = json.dumps({'user': data}) response = self.authenticated_request('/v3/users', data=data, method='POST')
[2/2] git commit: Allow user to scope a token to either project or a domain by passing scope_to (and domain_name) argument to Identity v3 class constructor.
Allow user to scope a token to either project or a domain by passing scope_to (and domain_name) argument to Identity v3 class constructor. Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/23d4355a Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/23d4355a Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/23d4355a Branch: refs/heads/trunk Commit: 23d4355a1c86cefdeb04936265a820723a3f5c15 Parents: 9910bd5 Author: Tomaz Muraus to...@apache.org Authored: Thu Aug 14 11:30:08 2014 +0200 Committer: Tomaz Muraus to...@apache.org Committed: Thu Aug 14 11:48:40 2014 +0200 -- libcloud/common/openstack_identity.py | 61 +++- libcloud/test/common/test_openstack_identity.py | 49 +++- 2 files changed, 92 insertions(+), 18 deletions(-) -- http://git-wip-us.apache.org/repos/asf/libcloud/blob/23d4355a/libcloud/common/openstack_identity.py -- diff --git a/libcloud/common/openstack_identity.py b/libcloud/common/openstack_identity.py index dec8f43..f208258 100644 --- a/libcloud/common/openstack_identity.py +++ b/libcloud/common/openstack_identity.py @@ -879,8 +879,24 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): name = 'OpenStack Identity API v3.x' auth_version = '3.0' -def __init__(self, auth_url, user_id, key, tenant_name=None, timeout=None, - parent_conn=None): +def __init__(self, auth_url, user_id, key, tenant_name=None, + domain_name='Default', scope_to='project', + timeout=None, parent_conn=None): + +:param tenant_name: Name of the project this user belongs to. Note: +When scope_to is set to project, this argument +control to which project to scope the token to. +:type tenant_name: ``str`` + +:param domain_name: Domain the user belongs to. Note: Then scope_to +is set to token, this argument controls to which +domain to scope the token to. +:type domain_name: ``str`` + +:param scope_to: Whether to scope a token to a project or a + domain +:type scope_to: ``str`` + super(OpenStackIdentity_3_0_Connection, self).__init__(auth_url=auth_url, user_id=user_id, @@ -888,6 +904,19 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): tenant_name=tenant_name, timeout=timeout, parent_conn=parent_conn) +if scope_to not in ['project', 'domain']: +raise ValueError('Invalid value for scope_to argument: %s' % + (scope_to)) + +if scope_to == 'project' and (not tenant_name or not domain_name): +raise ValueError('Must provide tenant_name and domain_name ' + 'argument') +elif scope_to == 'domain' and not domain_name: +raise ValueError('Must provide domain_name argument') + +self.tenant_name = tenant_name +self.domain_name = domain_name +self.scope_to = scope_to self.auth_user_roles = None def authenticate(self, force=False): @@ -897,9 +926,6 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): if not self._is_authentication_needed(force=force): return self -# TODO: Support for custom domain -domain = 'Default' - data = { 'auth': { 'identity': { @@ -907,33 +933,36 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): 'password': { 'user': { 'domain': { -'name': domain +'name': self.domain_name }, 'name': self.user_id, 'password': self.key } } -}, -'scope': { -'project': { -'domain': { -'name': domain -}, -'name': self.tenant_name -} } } } -if self.tenant_name: +if self.scope_to == 'project': +# Scope token to project (tenant) data['auth']['scope'] = { 'project': { 'domain': { -'name': domain +
[2/2] git commit: Add support for prettifying JSON response body which is printed to a file like object when using LIBCLOUD_DEBUG environment variable. This option can be enabled by setting LIBCLOUD_D
Add support for prettifying JSON response body which is printed to a file like object when using LIBCLOUD_DEBUG environment variable. This option can be enabled by setting LIBCLOUD_DEBUG_PRETTY_PRINT_JSON environment variable. Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/266ade55 Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/266ade55 Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/266ade55 Branch: refs/heads/trunk Commit: 266ade55730f6071b1853732a5d50db2220b71b2 Parents: 591ffb0 Author: Tomaz Muraus to...@apache.org Authored: Thu Aug 14 14:17:56 2014 +0200 Committer: Tomaz Muraus to...@apache.org Committed: Thu Aug 14 14:22:28 2014 +0200 -- CHANGES.rst | 6 ++ libcloud/common/base.py | 12 2 files changed, 18 insertions(+) -- http://git-wip-us.apache.org/repos/asf/libcloud/blob/266ade55/CHANGES.rst -- diff --git a/CHANGES.rst b/CHANGES.rst index 814672a..edc1711 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -11,6 +11,12 @@ General OpenStack Identity (Keystone) service API v3. [Tomaz Muraus] +- Add support for prettifying JSON response body which is printed to a file + like object when using ``LIBCLOUD_DEBUG`` environment variable. + This option can be enabled by setting ``LIBCLOUD_DEBUG_PRETTY_PRINT_JSON`` + environment variable. + [Tomaz Muraus] + Compute ~~~ http://git-wip-us.apache.org/repos/asf/libcloud/blob/266ade55/libcloud/common/base.py -- diff --git a/libcloud/common/base.py b/libcloud/common/base.py index a42f228..488f084 100644 --- a/libcloud/common/base.py +++ b/libcloud/common/base.py @@ -300,17 +300,29 @@ class LoggingConnection(): headers = lowercase_keys(dict(r.getheaders())) encoding = headers.get('content-encoding', None) +content_type = headers.get('content-type', None) if encoding in ['zlib', 'deflate']: body = decompress_data('zlib', body) elif encoding in ['gzip', 'x-gzip']: body = decompress_data('gzip', body) +pretty_print_json = os.environ.get('LIBCLOUD_DEBUG_PRETTY_PRINT_JSON', + False) + if r.chunked: ht += %x\r\n % (len(body)) ht += u(body) ht += \r\n0\r\n else: +if pretty_print_json and content_type == 'application/json': +try: +body = json.loads(u(body)) +body = json.dumps(body, sort_keys=True, indent=4) +except: +# Invalid JSON or server is lying about content-type +pass + ht += u(body) if sys.version_info = (2, 6) and sys.version_info (2, 7):
[1/2] git commit: Update __all__ remove variables which have been moved to a different module.
Repository: libcloud Updated Branches: refs/heads/trunk 23d4355a1 - 266ade557 Update __all__ remove variables which have been moved to a different module. Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/591ffb06 Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/591ffb06 Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/591ffb06 Branch: refs/heads/trunk Commit: 591ffb06c66459e99dd7d1b51806105a7946f98e Parents: 23d4355 Author: Tomaz Muraus to...@apache.org Authored: Thu Aug 14 13:58:09 2014 +0200 Committer: Tomaz Muraus to...@apache.org Committed: Thu Aug 14 14:22:24 2014 +0200 -- libcloud/common/openstack.py| 11 ++- libcloud/test/common/test_openstack_identity.py | 2 +- 2 files changed, 3 insertions(+), 10 deletions(-) -- http://git-wip-us.apache.org/repos/asf/libcloud/blob/591ffb06/libcloud/common/openstack.py -- diff --git a/libcloud/common/openstack.py b/libcloud/common/openstack.py index 0a11d44..e44d144 100644 --- a/libcloud/common/openstack.py +++ b/libcloud/common/openstack.py @@ -47,22 +47,15 @@ AUTH_VERSIONS_WITH_EXPIRES = [ '2.0', '2.0_apikey', '2.0_password', +'3.x', '3.x_password' ] -# How many seconds to substract from the auth token expiration time before -# testing if the token is still valid. -# The time is subtracted to account for the HTTP request latency and prevent -# user from getting InvalidCredsError if token is about to expire. -AUTH_TOKEN_EXPIRES_GRACE_SECONDS = 5 - __all__ = [ 'OpenStackBaseConnection', 'OpenStackResponse', 'OpenStackException', -'OpenStackDriverMixin', - -'AUTH_TOKEN_EXPIRES_GRACE_SECONDS' +'OpenStackDriverMixin' ] http://git-wip-us.apache.org/repos/asf/libcloud/blob/591ffb06/libcloud/test/common/test_openstack_identity.py -- diff --git a/libcloud/test/common/test_openstack_identity.py b/libcloud/test/common/test_openstack_identity.py index 6057401..20ec116 100644 --- a/libcloud/test/common/test_openstack_identity.py +++ b/libcloud/test/common/test_openstack_identity.py @@ -25,7 +25,7 @@ from mock import Mock from libcloud.utils.py3 import httplib from libcloud.common.openstack import OpenStackBaseConnection -from libcloud.common.openstack import AUTH_TOKEN_EXPIRES_GRACE_SECONDS +from libcloud.common.openstack_identity import AUTH_TOKEN_EXPIRES_GRACE_SECONDS from libcloud.common.openstack_identity import get_class_for_auth_version from libcloud.common.openstack_identity import OpenStackIdentity_2_0_Connection from libcloud.common.openstack_identity import OpenStackServiceCatalog
git commit: Rename grant_role_to_user to grant_domain_role_to_user and revoke_role_from user to revoke_domain_role_from_user and also add methods for granting and removing project roles.
Repository: libcloud Updated Branches: refs/heads/trunk b7a6c783d - 988b1392a Rename grant_role_to_user to grant_domain_role_to_user and revoke_role_from user to revoke_domain_role_from_user and also add methods for granting and removing project roles. Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/988b1392 Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/988b1392 Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/988b1392 Branch: refs/heads/trunk Commit: 988b1392a7aa061b220318f2fd85f727db2e9f61 Parents: b7a6c78 Author: Tomaz Muraus to...@apache.org Authored: Thu Aug 14 19:16:35 2014 +0200 Committer: Tomaz Muraus to...@apache.org Committed: Thu Aug 14 19:16:35 2014 +0200 -- libcloud/common/openstack_identity.py | 69 ++-- libcloud/test/common/test_openstack_identity.py | 53 --- 2 files changed, 107 insertions(+), 15 deletions(-) -- http://git-wip-us.apache.org/repos/asf/libcloud/blob/988b1392/libcloud/common/openstack_identity.py -- diff --git a/libcloud/common/openstack_identity.py b/libcloud/common/openstack_identity.py index d468e73..c0a3697 100644 --- a/libcloud/common/openstack_identity.py +++ b/libcloud/common/openstack_identity.py @@ -1087,11 +1087,14 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): result = self._to_roles(data=response.object['roles']) return result -def grant_role_to_user(self, domain, role, user): +def grant_domain_role_to_user(self, domain, role, user): -Grant role to the domain user. +Grant domain role to a user. -Note: This function appeats to be idempodent. +Note: This function appears to be idempodent. + +:param domain: Domain to grant the role to. +:type domain: :class:`.OpenStackIdentityDomain` :param role: Role to grant. :type role: :class:`.OpenStackIdentityRole` @@ -1107,15 +1110,71 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): response = self.authenticated_request(path, method='PUT') return response.status == httplib.NO_CONTENT -def revoke_role_from_user(self, domain, user, role): +def revoke_domain_role_from_user(self, domain, user, role): -Revoke role from a domain user. +Revoke domain role from a user. + +:param domain: Domain to revoke the role from. +:type domain: :class:`.OpenStackIdentityDomain` + +:param role: Role to revoke. +:type role: :class:`.OpenStackIdentityRole` + +:param user: User to revoke the role from. +:type user: :class:`.OpenStackIdentityUser` + +:return: ``True`` on success. +:rtype: ``bool`` path = ('/v3/domains/%s/users/%s/roles/%s' % (domain.id, user.id, role.id)) response = self.authenticated_request(path, method='DELETE') return response.status == httplib.NO_CONTENT +def grant_project_role_to_user(self, project, role, user): + +Grant project role to a user. + +Note: This function appeats to be idempodent. + +:param project: Project to grant the role to. +:type project: :class:`.OpenStackIdentityDomain` + +:param role: Role to grant. +:type role: :class:`.OpenStackIdentityRole` + +:param user: User to grant the role to. +:type user: :class:`.OpenStackIdentityUser` + +:return: ``True`` on success. +:rtype: ``bool`` + +path = ('/v3/projects/%s/users/%s/roles/%s' % +(project.id, user.id, role.id)) +response = self.authenticated_request(path, method='PUT') +return response.status == httplib.NO_CONTENT + +def revoke_project_role_from_user(self, project, role, user): + +Revoke project role from a user. + +:param project: Project to revoke the role from. +:type project: :class:`.OpenStackIdentityDomain` + +:param role: Role to revoke. +:type role: :class:`.OpenStackIdentityRole` + +:param user: User to revoke the role from. +:type user: :class:`.OpenStackIdentityUser` + +:return: ``True`` on success. +:rtype: ``bool`` + +path = ('/v3/projects/%s/users/%s/roles/%s' % +(project.id, user.id, role.id)) +response = self.authenticated_request(path, method='DELETE') +return response.status == httplib.NO_CONTENT + def create_user(self, email, password, name, description=None, domain_id=None, default_project_id=None, enabled=True):
git commit: Add and use OpenStackIdentityTokenScope enum class.
Repository: libcloud Updated Branches: refs/heads/trunk 988b1392a - 8a3e80809 Add and use OpenStackIdentityTokenScope enum class. Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/8a3e8080 Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/8a3e8080 Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/8a3e8080 Branch: refs/heads/trunk Commit: 8a3e80809a1fdd9df1553b37e5391aeb4c145278 Parents: 988b139 Author: Tomaz Muraus to...@apache.org Authored: Thu Aug 14 19:23:10 2014 +0200 Committer: Tomaz Muraus to...@apache.org Committed: Thu Aug 14 19:23:10 2014 +0200 -- libcloud/common/openstack_identity.py | 28 ++-- 1 file changed, 22 insertions(+), 6 deletions(-) -- http://git-wip-us.apache.org/repos/asf/libcloud/blob/8a3e8080/libcloud/common/openstack_identity.py -- diff --git a/libcloud/common/openstack_identity.py b/libcloud/common/openstack_identity.py index c0a3697..d30716f 100644 --- a/libcloud/common/openstack_identity.py +++ b/libcloud/common/openstack_identity.py @@ -83,6 +83,14 @@ class OpenStackIdentityEndpointType(object): ADMIN = 'admin' +class OpenStackIdentityTokenScope(object): + +Enum class for openstack identity token scope. + +PROJECT = 'project' +DOMAIN = 'domain' + + class OpenStackIdentityVersion(object): def __init__(self, version, status, updated, url): self.version = version @@ -879,8 +887,14 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): name = 'OpenStack Identity API v3.x' auth_version = '3.0' +VALID_TOKEN_SCOPES = [ +OpenStackIdentityTokenScope.PROJECT, +OpenStackIdentityTokenScope.DOMAIN +] + def __init__(self, auth_url, user_id, key, tenant_name=None, - domain_name='Default', token_scope='project', + domain_name='Default', + token_scope=OpenStackIdentityTokenScope.PROJECT, timeout=None, parent_conn=None): :param tenant_name: Name of the project this user belongs to. Note: @@ -904,14 +918,16 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): tenant_name=tenant_name, timeout=timeout, parent_conn=parent_conn) -if token_scope not in ['project', 'domain']: +if token_scope not in self.VALID_TOKEN_SCOPES: raise ValueError('Invalid value for token_scope argument: %s' % (token_scope)) -if token_scope == 'project' and (not tenant_name or not domain_name): +if (token_scope == OpenStackIdentityTokenScope.PROJECT and +(not tenant_name or not domain_name)): raise ValueError('Must provide tenant_name and domain_name ' 'argument') -elif token_scope == 'domain' and not domain_name: +elif (token_scope == OpenStackIdentityTokenScope.DOMAIN and +not domain_name): raise ValueError('Must provide domain_name argument') self.tenant_name = tenant_name @@ -943,7 +959,7 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): } } -if self.token_scope == 'project': +if self.token_scope == OpenStackIdentityTokenScope.PROJECT: # Scope token to project (tenant) data['auth']['scope'] = { 'project': { @@ -953,7 +969,7 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection): 'name': self.tenant_name } } -elif self.token_scope == 'domain': +elif self.token_scope == OpenStackIdentityTokenScope.DOMAIN: # Scope token to domain data['auth']['scope'] = { 'domain': {
git commit: Fix typos in __repr__.
Repository: libcloud Updated Branches: refs/heads/trunk 8a3e80809 - 9b6110e35 Fix typos in __repr__. Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/9b6110e3 Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/9b6110e3 Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/9b6110e3 Branch: refs/heads/trunk Commit: 9b6110e3519272b91f9d51ca58a09ba25fd4aa3a Parents: 8a3e808 Author: Tomaz Muraus to...@apache.org Authored: Thu Aug 14 19:51:23 2014 +0200 Committer: Tomaz Muraus to...@apache.org Committed: Thu Aug 14 19:51:23 2014 +0200 -- libcloud/common/openstack_identity.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) -- http://git-wip-us.apache.org/repos/asf/libcloud/blob/9b6110e3/libcloud/common/openstack_identity.py -- diff --git a/libcloud/common/openstack_identity.py b/libcloud/common/openstack_identity.py index d30716f..d13975e 100644 --- a/libcloud/common/openstack_identity.py +++ b/libcloud/common/openstack_identity.py @@ -100,7 +100,7 @@ class OpenStackIdentityVersion(object): def __repr__(self): return (('OpenStackIdentityVersion version=%s, status=%s, ' - 'updated=%s, url=%s' % + 'updated=%s, url=%s' % (self.version, self.status, self.updated, self.url))) @@ -153,8 +153,8 @@ class OpenStackIdentityUser(object): def __repr__(self): return (('OpenStackIdentityUser id=%s, domain_id=%s, name=%s, ' - 'email=%s, enabled=%s' % (self.id, self.domain_id, self.name, - self.email, self.enabled))) + 'email=%s, enabled=%s' % (self.id, self.domain_id, self.name, +self.email, self.enabled))) class OpenStackServiceCatalog(object):