-
Notifications
You must be signed in to change notification settings - Fork 11
/
tasks.py
200 lines (150 loc) · 6.47 KB
/
tasks.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
# Copyright (C) 2015 Catalyst IT Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from django.utils import timezone
from rest_framework.response import Response
from confspirator import groups
from confspirator import fields
from adjutant import exceptions
from adjutant.api import utils
from adjutant.api.v1.base import BaseDelegateAPI
# NOTE(adriant): We should deprecate these Views properly and switch tests
# to work against the openstack ones.
class CreateProjectAndUser(BaseDelegateAPI):
url = r"^actions/CreateProjectAndUser/?$"
config_group = groups.DynamicNameConfigGroup(
children=[
fields.StrConfig(
"default_region",
help_text="Default region in which any potential resources may be created.",
required=True,
default="RegionOne",
),
fields.StrConfig(
"default_domain_id",
help_text="Domain in which project and users will be created.",
default="default",
required=True,
),
fields.StrConfig(
"default_parent_id",
help_text="Parent id under which this project will be created. "
"Default is None, and will create under default domain.",
default=None,
),
]
)
task_type = "create_project_and_user"
def post(self, request, format=None):
"""
Unauthenticated endpoint bound primarily to NewProjectWithUser.
This process requires approval, so this will validate
incoming data and create a task to be approved
later.
"""
self.logger.info("(%s) - Starting new project task." % timezone.now())
class_conf = self.config
# we need to set the region the resources will be created in:
request.data["region"] = class_conf.default_region
# domain
request.data["domain_id"] = class_conf.default_domain_id
# parent_id for new project, if null defaults to domain:
request.data["parent_id"] = class_conf.default_parent_id
self.task_manager.create_from_request(self.task_type, request)
return Response({"notes": ["task created"]}, status=202)
class InviteUser(BaseDelegateAPI):
url = r"^actions/InviteUser/?$"
task_type = "invite_user_to_project"
@utils.mod_or_admin
def get(self, request):
return super(InviteUser, self).get(request)
@utils.mod_or_admin
def post(self, request, format=None):
"""
Invites a user to the current tenant.
This endpoint requires either Admin access or the
request to come from a project_admin|project_mod.
As such this Task is considered pre-approved.
"""
self.logger.info("(%s) - New AttachUser request." % timezone.now())
# Default project_id to the keystone user's project
if "project_id" not in request.data or request.data["project_id"] is None:
request.data["project_id"] = request.keystone_user["project_id"]
# Default domain_id to the keystone user's project
if "domain_id" not in request.data or request.data["domain_id"] is None:
request.data["domain_id"] = request.keystone_user["project_domain_id"]
self.task_manager.create_from_request(self.task_type, request)
return Response({"notes": ["task created"]}, status=202)
class ResetPassword(BaseDelegateAPI):
url = r"^actions/ResetPassword/?$"
task_type = "reset_user_password"
@utils.minimal_duration(min_time=3)
def post(self, request, format=None):
"""
Unauthenticated endpoint bound to the password reset action.
This will submit and approve a password reset request.
---
parameters:
- name: email
required: true
type: string
description: The email of the user to reset
- name: username
required: false
type: string
description: The username of the user, not required if using
USERNAME_IS_PASSWORD
responseMessages:
- code: 400
message: Validation Errors
- code: 200
message: Success. Does not indicate user exists.
"""
self.logger.info("(%s) - New ResetUser request." % timezone.now())
try:
self.task_manager.create_from_request(self.task_type, request)
except exceptions.BaseTaskException as e:
self.logger.info(
"(%s) - ResetPassword raised error: %s" % (timezone.now(), e)
)
response_dict = {
"notes": ["If user with email exists, reset token will be issued."]
}
return Response(response_dict, status=202)
class EditUser(BaseDelegateAPI):
url = r"^actions/EditUser/?$"
task_type = "edit_user_roles"
@utils.mod_or_admin
def post(self, request, format=None):
"""
This endpoint requires either mod access or the
request to come from a project_admin.
As such this Task is considered pre-approved.
Runs process_actions, then does the approve step and
approve validation, and creates a Token if valid.
"""
self.logger.info("(%s) - New EditUser request." % timezone.now())
self.task_manager.create_from_request(self.task_type, request)
return Response({"notes": ["task created"]}, status=202)
class UpdateEmail(BaseDelegateAPI):
url = r"^actions/UpdateEmail/?$"
task_type = "update_user_email"
@utils.authenticated
def post(self, request, format=None):
"""
Endpoint bound to the update email action.
This will submit and approve an update email action.
"""
request.data["user_id"] = request.keystone_user["user_id"]
self.task_manager.create_from_request(self.task_type, request)
return Response({"notes": ["task created"]}, status=202)