# vim: tabstop=4 shiftwidth=4 softtabstop=4
# Copyright 2012 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# All Rights Reserved.
#
# Copyright 2012 Nebula, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from django.utils.translation import ugettext as _
from django.core.urlresolvers import reverse
from horizon import api
from horizon import exceptions
from horizon import workflows
from horizon import forms
INDEX_URL = "horizon:syspanel:projects:index"
ADD_USER_URL = "horizon:syspanel:projects:create_user"
[docs]class UpdateProjectQuotaAction(workflows.Action):
ifcb_label = _("Injected File Content Bytes")
metadata_items = forms.IntegerField(min_value=-1,
label=_("Metadata Items"))
cores = forms.IntegerField(min_value=-1, label=_("VCPUs"))
instances = forms.IntegerField(min_value=-1, label=_("Instances"))
injected_files = forms.IntegerField(min_value=-1,
label=_("Injected Files"))
injected_file_content_bytes = forms.IntegerField(min_value=-1,
label=ifcb_label)
volumes = forms.IntegerField(min_value=-1, label=_("Volumes"))
gigabytes = forms.IntegerField(min_value=-1, label=_("Gigabytes"))
ram = forms.IntegerField(min_value=-1, label=_("RAM (MB)"))
floating_ips = forms.IntegerField(min_value=-1, label=_("Floating IPs"))
class Meta:
name = _("Quota")
slug = 'update_quotas'
help_text = _("From here you can set quotas "
"(max limits) for the project.")
[docs]class UpdateProjectQuota(workflows.Step):
action_class = UpdateProjectQuotaAction
depends_on = ("project_id",)
contributes = ("metadata_items",
"cores",
"instances",
"injected_files",
"injected_file_content_bytes",
"volumes",
"gigabytes",
"ram",
"floating_ips")
[docs]class CreateProjectInfoAction(workflows.Action):
name = forms.CharField(label=_("Name"))
description = forms.CharField(
widget=forms.widgets.Textarea(),
label=_("Description"),
required=False)
enabled = forms.BooleanField(label=_("Enabled"),
required=False,
initial=True)
class Meta:
name = _("Project Info")
help_text = _("From here you can create a new "
"project to organize users.")
[docs]class CreateProjectInfo(workflows.Step):
action_class = CreateProjectInfoAction
contributes = ("project_id",
"name",
"description",
"enabled")
[docs]class UpdateProjectMembersAction(workflows.Action):
default_role = forms.CharField(required=False)
def __init__(self, request, *args, **kwargs):
super(UpdateProjectMembersAction, self).__init__(request,
*args,
**kwargs)
err_msg = _('Unable to retrieve user list. Please try again later.')
project_id = ''
if 'project_id' in args[0]:
project_id = args[0]['project_id']
# Get the default role
try:
default_role = api.get_default_role(self.request).id
except:
exceptions.handle(self.request,
err_msg,
redirect=reverse(INDEX_URL))
self.fields['default_role'].initial = default_role
# Get list of available users
all_users = []
try:
all_users = api.keystone.user_list(request)
except:
exceptions.handle(request, err_msg)
users_list = [(user.id, user.name) for user in all_users]
# Get list of roles
role_list = []
try:
role_list = api.keystone.role_list(request)
except:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
for role in role_list:
field_name = "role_" + role.id
label = _(role.name)
self.fields[field_name] = forms.MultipleChoiceField(required=False,
label=label)
self.fields[field_name].choices = users_list
self.fields[field_name].initial = []
# Figure out users & roles
if project_id:
for user in all_users:
try:
roles = api.roles_for_user(self.request,
user.id,
project_id)
except:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
if roles:
primary_role = roles[0].id
self.fields["role_" + primary_role].initial.append(user.id)
class Meta:
name = _("Project Members")
slug = "update_members"
[docs]class UpdateProjectMembers(workflows.Step):
action_class = UpdateProjectMembersAction
template_name = "syspanel/projects/_update_members.html"
[docs] def contribute(self, data, context):
if data:
try:
roles = api.keystone.role_list(self.workflow.request)
except:
exceptions.handle(self.workflow.request,
_('Unable to retrieve user list.'))
post = self.workflow.request.POST
for role in roles:
field = "role_" + role.id
context[field] = post.getlist(field)
return context
[docs]class CreateProject(workflows.Workflow):
slug = "add_project"
name = _("Add Project")
finalize_button_name = _("Finish")
success_message = _('Created new project "%s".')
failure_message = _('Unable to create project "%s".')
success_url = "horizon:syspanel:projects:index"
default_steps = (CreateProjectInfo,
UpdateProjectMembers,
UpdateProjectQuota)
[docs] def handle(self, request, data):
# create the project
try:
desc = data['description']
self.object = api.keystone.tenant_create(request,
tenant_name=data['name'],
description=desc,
enabled=data['enabled'])
except:
exceptions.handle(request, ignore=True)
return False
project_id = self.object.id
# update project members
users_to_add = 0
try:
available_roles = api.keystone.role_list(request)
# count how many users are to be added
for role in available_roles:
role_list = data["role_" + role.id]
users_to_add += len(role_list)
# add new users to project
for role in available_roles:
role_list = data["role_" + role.id]
users_added = 0
for user in role_list:
api.add_tenant_user_role(request,
tenant_id=project_id,
user_id=user,
role_id=role.id)
users_added += 1
users_to_add -= users_added
except:
exceptions.handle(request, _('Failed to add %s project members '
'and set project quotas.'
% users_to_add))
# update the project quota
ifcb = data['injected_file_content_bytes']
try:
api.nova.tenant_quota_update(request,
project_id,
metadata_items=data['metadata_items'],
injected_file_content_bytes=ifcb,
volumes=data['volumes'],
gigabytes=data['gigabytes'],
ram=data['ram'],
floating_ips=data['floating_ips'],
instances=data['instances'],
injected_files=data['injected_files'],
cores=data['cores'])
except:
exceptions.handle(request, _('Unable to set project quotas.'))
return True
[docs]class UpdateProjectInfoAction(CreateProjectInfoAction):
enabled = forms.BooleanField(required=False, label=_("Enabled"))
class Meta:
name = _("Project Info")
slug = 'update_info'
help_text = _("From here you can edit the project details.")
[docs]class UpdateProjectInfo(workflows.Step):
action_class = UpdateProjectInfoAction
depends_on = ("project_id",)
contributes = ("name",
"description",
"enabled")
[docs]class UpdateProject(workflows.Workflow):
slug = "update_project"
name = _("Edit Project")
finalize_button_name = _("Save")
success_message = _('Modified project "%s".')
failure_message = _('Unable to modify project "%s".')
success_url = "horizon:syspanel:projects:index"
default_steps = (UpdateProjectInfo,
UpdateProjectMembers,
UpdateProjectQuota)
[docs] def handle(self, request, data):
project_id = data['project_id']
# update project info
try:
api.tenant_update(request,
tenant_id=project_id,
tenant_name=data['name'],
description=data['description'],
enabled=data['enabled'])
except:
exceptions.handle(request, ignore=True)
return False
# update project members
users_to_modify = 0
try:
available_roles = api.keystone.role_list(request)
project_members = api.keystone.user_list(request,
tenant_id=project_id)
users_to_modify = len(project_members)
for user in project_members:
current_roles = api.roles_for_user(self.request,
user.id,
project_id)
for role in available_roles:
role_list = data["role_" + role.id]
if user.id in role_list:
if role not in current_roles:
# user role has changed
api.add_tenant_user_role(request,
tenant_id=project_id,
user_id=user.id,
role_id=role.id)
else:
# user role is unchanged
current_roles.pop(current_roles.index(role))
# delete user's removed roles
for to_delete in current_roles:
api.remove_tenant_user_role(request,
tenant_id=project_id,
user_id=user.id,
role_id=to_delete.id)
users_to_modify -= 1
# add new roles to project
for role in available_roles:
# count how many users may be added for exception handling
role_list = data["role_" + role.id]
users_to_modify += len(role_list)
for role in available_roles:
role_list = data["role_" + role.id]
users_added = 0
for user in role_list:
if not filter(lambda x: user == x.id, project_members):
api.add_tenant_user_role(request,
tenant_id=project_id,
user_id=user,
role_id=role.id)
users_added += 1
users_to_modify -= users_added
except:
exceptions.handle(request, _('Failed to modify %s project members '
'and update project quotas.'
% users_to_modify))
return True
# update the project quota
ifcb = data['injected_file_content_bytes']
try:
api.tenant_quota_update(request,
project_id,
metadata_items=data['metadata_items'],
injected_file_content_bytes=ifcb,
volumes=data['volumes'],
gigabytes=data['gigabytes'],
ram=data['ram'],
floating_ips=data['floating_ips'],
instances=data['instances'],
injected_files=data['injected_files'],
cores=data['cores'])
return True
except:
exceptions.handle(request, _('Modified project information and '
'members, but unable to modify '
'project quotas.'))
return True