Class: Fog::Identity::OpenStack::Real

Inherits:

Object

• Object
• Fog::Identity::OpenStack::Real

Defined in:

lib/fog/openstack/identity.rb,
lib/fog/openstack/requests/identity/get_role.rb,
lib/fog/openstack/requests/identity/get_tenant.rb,
lib/fog/openstack/requests/identity/list_roles.rb,
lib/fog/openstack/requests/identity/list_users.rb,
lib/fog/openstack/requests/identity/set_tenant.rb,
lib/fog/openstack/requests/identity/check_token.rb,
lib/fog/openstack/requests/identity/create_role.rb,
lib/fog/openstack/requests/identity/create_user.rb,
lib/fog/openstack/requests/identity/delete_role.rb,
lib/fog/openstack/requests/identity/delete_user.rb,
lib/fog/openstack/requests/identity/update_user.rb,
lib/fog/openstack/requests/identity/list_tenants.rb,
lib/fog/openstack/requests/identity/create_tenant.rb,
lib/fog/openstack/requests/identity/delete_tenant.rb,
lib/fog/openstack/requests/identity/update_tenant.rb,
lib/fog/openstack/requests/identity/get_user_by_id.rb,
lib/fog/openstack/requests/identity/validate_token.rb,
lib/fog/openstack/requests/identity/create_user_role.rb,
lib/fog/openstack/requests/identity/delete_user_role.rb,
lib/fog/openstack/requests/identity/get_user_by_name.rb,
lib/fog/openstack/requests/identity/get_tenants_by_id.rb,
lib/fog/openstack/requests/identity/add_user_to_tenant.rb,
lib/fog/openstack/requests/identity/get_ec2_credential.rb,
lib/fog/openstack/requests/identity/get_tenants_by_name.rb,
lib/fog/openstack/requests/identity/list_ec2_credentials.rb,
lib/fog/openstack/requests/identity/create_ec2_credential.rb,
lib/fog/openstack/requests/identity/delete_ec2_credential.rb,
lib/fog/openstack/requests/identity/list_user_global_roles.rb,
lib/fog/openstack/requests/identity/remove_user_from_tenant.rb,
lib/fog/openstack/requests/identity/list_endpoints_for_token.rb,
lib/fog/openstack/requests/identity/list_roles_for_user_on_tenant.rb

Instance Attribute Summary

• #current_tenant ⇒ Object readonly

  Returns the value of attribute current_tenant.

• #current_user ⇒ Object readonly

  Returns the value of attribute current_user.

• #unscoped_token ⇒ Object readonly

  Returns the value of attribute unscoped_token.

Instance Method Summary

• #add_user_to_tenant(tenant_id, user_id, role_id) ⇒ Object
• #check_token(token_id, tenant_id) ⇒ Object
• #create_ec2_credential(user_id, tenant_id) ⇒ Object

  Create an EC2 credential for a user in a tenant.

• #create_role(name) ⇒ Object
• #create_tenant(attributes) ⇒ Object
• #create_user(name, password, email, tenantId = nil, enabled = true) ⇒ Object
• #create_user_role(tenant_id, user_id, role_id) ⇒ Object
• #credentials ⇒ Object
• #delete_ec2_credential(user_id, access) ⇒ Object

  Destroy an EC2 credential for a user.

• #delete_role(role_id) ⇒ Object
• #delete_tenant(id) ⇒ Object
• #delete_user(user_id) ⇒ Object
• #delete_user_role(tenant_id, user_id, role_id) ⇒ Object
• #get_ec2_credential(user_id, access) ⇒ Object

  Retrieves an EC2 credential for a user.

• #get_role(id) ⇒ Object
• #get_tenant(id) ⇒ Object
• #get_tenants_by_id(tenant_id) ⇒ Object
• #get_tenants_by_name(name) ⇒ Object
• #get_user_by_id(user_id) ⇒ Object
• #get_user_by_name(name) ⇒ Object
• #initialize(options = {}) ⇒ Real constructor

  A new instance of Real.

• #list_ec2_credentials(user_id) ⇒ Object

  List EC2 credentials for a user.

• #list_endpoints_for_token(token_id) ⇒ Object
• #list_roles ⇒ Object
• #list_roles_for_user_on_tenant(tenant_id, user_id) ⇒ Object
• #list_tenants(limit = nil, marker = nil) ⇒ Object
• #list_user_global_roles(user_id) ⇒ Object
• #list_users(tenant_id = nil) ⇒ Object
• #reload ⇒ Object
• #remove_user_from_tenant(tenant_id, user_id, role_id) ⇒ Object
• #request(params) ⇒ Object
• #set_tenant(tenant) ⇒ Object
• #update_tenant(id, attributes) ⇒ Object
• #update_user(user_id, options = {}) ⇒ Object
• #validate_token(token_id, tenant_id) ⇒ Object

Constructor Details

#initialize(options = {}) ⇒ Real

Returns a new instance of Real.

# File 'lib/fog/openstack/identity.rb', line 171

def initialize(options={})
  @openstack_auth_token = options[:openstack_auth_token]

  unless @openstack_auth_token
    missing_credentials = Array.new
    @openstack_api_key  = options[:openstack_api_key]
    @openstack_username = options[:openstack_username]

    missing_credentials << :openstack_api_key  unless @openstack_api_key
    missing_credentials << :openstack_username unless @openstack_username
    raise ArgumentError, "Missing required arguments: #{missing_credentials.join(', ')}" unless missing_credentials.empty?
  end

  @openstack_tenant   = options[:openstack_tenant]
  @openstack_auth_uri = URI.parse(options[:openstack_auth_url])
  @openstack_management_url       = options[:openstack_management_url]
  @openstack_must_reauthenticate  = false
  @openstack_service_type = options[:openstack_service_type] || ['identity']
  @openstack_service_name = options[:openstack_service_name]

  @connection_options = options[:connection_options] || {}

  @openstack_current_user_id = options[:openstack_current_user_id]

  @openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL'

  @current_user = options[:current_user]
  @current_tenant = options[:current_tenant]

  authenticate

  @persistent = options[:persistent] || false
  @connection = Fog::Connection.new("#{@scheme}://#{@host}:#{@port}", @persistent, @connection_options)
end

Instance Attribute Details

#current_tenant ⇒ Object (readonly)

Returns the value of attribute current_tenant.

# File 'lib/fog/openstack/identity.rb', line 168

def current_tenant
  @current_tenant
end

#current_user ⇒ Object (readonly)

Returns the value of attribute current_user.

# File 'lib/fog/openstack/identity.rb', line 167

def current_user
  @current_user
end

#unscoped_token ⇒ Object (readonly)

Returns the value of attribute unscoped_token.

# File 'lib/fog/openstack/identity.rb', line 169

def unscoped_token
  @unscoped_token
end

Instance Method Details

#add_user_to_tenant(tenant_id, user_id, role_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/add_user_to_tenant.rb', line 5

def add_user_to_tenant(tenant_id, user_id, role_id)
  request(
    :expects => 200,
    :method  => 'PUT',
    :path    => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
  )
end

#check_token(token_id, tenant_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/check_token.rb', line 6

def check_token(token_id, tenant_id)
  request(
    :expects  => [200, 203],
    :method   => 'HEAD',
    :path     => "tokens/#{token_id}?belongsTo=#{tenant_id}"
  )
end

#create_ec2_credential(user_id, tenant_id) ⇒ Object

Create an EC2 credential for a user in a tenant. Requires administrator credentials.

Parameters

• user_id<~String>: The id of the user to create an EC2 credential for

• tenant_id<~String>: The id of the tenant to create the credential in

Returns

• response<~Excon::Response>:

  • body<~Hash>:

    • ‘credential’<~Hash>: Created EC2 credential

      • ‘access’<~String>: The access key

      • ‘secret’<~String>: The secret key

      • ‘user_id’<~String>: The user id

      • ‘tenant_id’<~String>: The tenant id

# File 'lib/fog/openstack/requests/identity/create_ec2_credential.rb', line 25

def create_ec2_credential(user_id, tenant_id)
  data = { 'tenant_id' => tenant_id }

  request(
    :body    => Fog::JSON.encode(data),
    :expects => [200, 202],
    :method  => 'POST',
    :path    => "users/#{user_id}/credentials/OS-EC2"
  )
end

#create_role(name) ⇒ Object

# File 'lib/fog/openstack/requests/identity/create_role.rb', line 5

def create_role(name)
  data = {
    'role' => {
      'name' => name
    }
  }

  request(
    :body     => Fog::JSON.encode(data),
    :expects  => [200, 202],
    :method   => 'POST',
    :path   => '/OS-KSADM/roles'
  )
end

#create_tenant(attributes) ⇒ Object

# File 'lib/fog/openstack/requests/identity/create_tenant.rb', line 5

def create_tenant(attributes)
  request(
    :expects => [200],
    :method  => 'POST',
    :path    => "tenants",
    :body    => Fog::JSON.encode({ 'tenant' => attributes })
  )
end

#create_user(name, password, email, tenantId = nil, enabled = true) ⇒ Object

# File 'lib/fog/openstack/requests/identity/create_user.rb', line 6

def create_user(name, password, email, tenantId=nil, enabled=true)
  data = {
    'user' => {
      'name'      => name,
      'password'  => password,
      'tenantId'  => tenantId,
      'email'     => email,
      'enabled'   => enabled,
    }
  }

  request(
    :body     => Fog::JSON.encode(data),
    :expects  => [200, 202],
    :method   => 'POST',
    :path     => '/users'
  )
end

#create_user_role(tenant_id, user_id, role_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/create_user_role.rb', line 6

def create_user_role(tenant_id, user_id, role_id)
  request(
    :expects  => 200,
    :method   => 'PUT',
    :path     => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
  )
end

#credentials ⇒ Object

# File 'lib/fog/openstack/identity.rb', line 206

def credentials
  { :provider                 => 'openstack',
    :openstack_auth_url       => @openstack_auth_uri.to_s,
    :openstack_auth_token     => @auth_token,
    :openstack_management_url => @openstack_management_url,
    :openstack_current_user_id => @openstack_current_user_id,
    :current_user             => @current_user,
    :current_tenant           => @current_tenant }
end

#delete_ec2_credential(user_id, access) ⇒ Object

Destroy an EC2 credential for a user. Requires administrator credentials.

Parameters

• user_id<~String>: The id of the user to delete the credential for

• access<~String>: The access key of the credential to destroy

Returns

• response<~Excon::Response>:

  • body<~String>: Empty string

# File 'lib/fog/openstack/requests/identity/delete_ec2_credential.rb', line 19

def delete_ec2_credential(user_id, access)
  request(
    :expects => [200, 204],
    :method  => 'DELETE',
    :path    => "users/#{user_id}/credentials/OS-EC2/#{access}"
  )
end

#delete_role(role_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/delete_role.rb', line 6

def delete_role(role_id)
  request(
    :expects => [200, 204],
    :method => 'DELETE',
    :path   => "/OS-KSADM/roles/#{role_id}"
  )
end

#delete_tenant(id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/delete_tenant.rb', line 5

def delete_tenant(id)
  request(
    :expects => [200, 204],
    :method  => 'DELETE',
    :path    => "tenants/#{id}"
  )
end

#delete_user(user_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/delete_user.rb', line 6

def delete_user(user_id)
  request(
    :expects => [200, 204],
    :method => 'DELETE',
    :path   => "users/#{user_id}"
  )
end

#delete_user_role(tenant_id, user_id, role_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/delete_user_role.rb', line 6

def delete_user_role(tenant_id, user_id, role_id)
  request(
    :expects  => 204,
    :method   => 'DELETE',
    :path     => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
  )
end

#get_ec2_credential(user_id, access) ⇒ Object

Retrieves an EC2 credential for a user. Requires administrator credentials.

Parameters

• user_id<~String>: The id of the user to retrieve the credential for

• access<~String>: The access key of the credential to retrieve

Returns

• response<~Excon::Response>:

  • body<~Hash>:

    • ‘credential’<~Hash>: The EC2 credential

      • ‘access’<~String>: The access key

      • ‘secret’<~String>: The secret key

      • ‘user_id’<~String>: The user id

      • ‘tenant_id’<~String>: The tenant id

# File 'lib/fog/openstack/requests/identity/get_ec2_credential.rb', line 24

def get_ec2_credential(user_id, access)
  request(
    :expects => [200, 202],
    :method  => 'GET',
    :path    => "users/#{user_id}/credentials/OS-EC2/#{access}"
  )
rescue Excon::Errors::Unauthorized
  raise Fog::Identity::OpenStack::NotFound
end

#get_role(id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/get_role.rb', line 5

def get_role(id)
  request(
    :expects => [200, 204],
    :method  => 'GET',
    :path    => "/OS-KSADM/roles/#{id}"
  )
end

#get_tenant(id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/get_tenant.rb', line 5

def get_tenant(id)
  request(
    :expects => [200, 204],
    :method  => 'GET',
    :path    => "tenants/#{id}"
  )
end

#get_tenants_by_id(tenant_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/get_tenants_by_id.rb', line 6

def get_tenants_by_id(tenant_id)
  request(
    :expects  => [200],
    :method   => 'GET',
    :path     => "tenants/#{tenant_id}"
  )
end

#get_tenants_by_name(name) ⇒ Object

# File 'lib/fog/openstack/requests/identity/get_tenants_by_name.rb', line 6

def get_tenants_by_name(name)
  request(
    :expects  => [200],
    :method   => 'GET',
    :path     => "tenants?name=#{name}"
  )
end

#get_user_by_id(user_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/get_user_by_id.rb', line 6

def get_user_by_id(user_id)
  request(
    :expects  => [200, 203],
    :method   => 'GET',
    :path     => "users/#{user_id}"
  )
end

#get_user_by_name(name) ⇒ Object

# File 'lib/fog/openstack/requests/identity/get_user_by_name.rb', line 6

def get_user_by_name(name)
  request(
    :expects  => [200, 203],
    :method   => 'GET',
    :path     => "users?name=#{name}"
  )
end

#list_ec2_credentials(user_id) ⇒ Object

List EC2 credentials for a user. Requires administrator credentials.

Parameters

• user_id<~String>: The id of the user to retrieve the credential for

Returns

• response<~Excon::Response>:

  • body<~Hash>:

    • ‘credentials’<~Array>: The user’s EC2 credentials

      • ‘access’<~String>: The access key

      • ‘secret’<~String>: The secret key

      • ‘user_id’<~String>: The user id

      • ‘tenant_id’<~String>: The tenant id

# File 'lib/fog/openstack/requests/identity/list_ec2_credentials.rb', line 23

def list_ec2_credentials(user_id)
  request(
    :expects => [200, 202],
    :method  => 'GET',
    :path    => "users/#{user_id}/credentials/OS-EC2"
  )
end

#list_endpoints_for_token(token_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/list_endpoints_for_token.rb', line 6

def list_endpoints_for_token(token_id)
  request(
    :expects  => [200, 203],
    :method   => 'HEAD',
    :path     => "tokens/#{token_id}/endpoints"
  )
end

#list_roles ⇒ Object

# File 'lib/fog/openstack/requests/identity/list_roles.rb', line 6

def list_roles
  request(
    :expects => 200,
    :method => 'GET',
    :path   => '/OS-KSADM/roles'
  )
end

#list_roles_for_user_on_tenant(tenant_id, user_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/list_roles_for_user_on_tenant.rb', line 5

def list_roles_for_user_on_tenant(tenant_id, user_id)
  request(
    :expects  => [200],
    :method   => 'GET',
    :path     => "tenants/#{tenant_id}/users/#{user_id}/roles"
  )
end

#list_tenants(limit = nil, marker = nil) ⇒ Object

# File 'lib/fog/openstack/requests/identity/list_tenants.rb', line 5

def list_tenants(limit = nil, marker = nil)
  params = Hash.new
  params['limit']  = limit  if limit
  params['marker'] = marker if marker

  request(
    :expects => [200, 204],
    :method  => 'GET',
    :path    => "tenants",
    :query   => params
  )
end

#list_user_global_roles(user_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/list_user_global_roles.rb', line 6

def list_user_global_roles(user_id)
  request(
    :expects  => [200],
    :method   => 'GET',
    :path     => "users/#{user_id}/roles"
  )
end

#list_users(tenant_id = nil) ⇒ Object

# File 'lib/fog/openstack/requests/identity/list_users.rb', line 5

def list_users(tenant_id = nil)
  path = tenant_id ? "tenants/#{tenant_id}/users" : 'users'
  request(
    :expects => [200, 204],
    :method  => 'GET',
    :path    => path
  )
end

#reload ⇒ Object

# File 'lib/fog/openstack/identity.rb', line 216

def reload
  @connection.reset
end

#remove_user_from_tenant(tenant_id, user_id, role_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/remove_user_from_tenant.rb', line 5

def remove_user_from_tenant(tenant_id, user_id, role_id)
  request(
    :expects => [200, 204],
    :method  => 'DELETE',
    :path    => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
  )
end

#request(params) ⇒ Object

# File 'lib/fog/openstack/identity.rb', line 220

def request(params)
  retried = false
  begin
    response = @connection.request(params.merge({
      :headers  => {
        'Content-Type' => 'application/json',
        'Accept' => 'application/json',
        'X-Auth-Token' => @auth_token
      }.merge!(params[:headers] || {}),
      :path     => "#{@path}/#{params[:path]}"#,
    }))
  rescue Excon::Errors::Unauthorized => error
    raise if retried
    retried = true

    @openstack_must_reauthenticate = true
    authenticate
    retry
  rescue Excon::Errors::HTTPStatusError => error
    raise case error
    when Excon::Errors::NotFound
      Fog::Identity::OpenStack::NotFound.slurp(error)
    else
      error
    end
  end
  unless response.body.empty?
    response.body = Fog::JSON.decode(response.body)
  end
  response
end

#set_tenant(tenant) ⇒ Object

# File 'lib/fog/openstack/requests/identity/set_tenant.rb', line 6

def set_tenant(tenant)
  @openstack_must_reauthenticate = true
  @openstack_tenant = tenant.to_s
  authenticate
end

#update_tenant(id, attributes) ⇒ Object

# File 'lib/fog/openstack/requests/identity/update_tenant.rb', line 5

def update_tenant(id, attributes)
  request(
    :expects => [200],
    :method  => 'PUT',
    :path    => "tenants/#{id}",
    :body    => Fog::JSON.encode({ 'tenant' => attributes })
  )
end

#update_user(user_id, options = {}) ⇒ Object

# File 'lib/fog/openstack/requests/identity/update_user.rb', line 6

def update_user(user_id, options = {})
  url = options.delete('url') || "/users/#{user_id}"
  request(
    :body     => Fog::JSON.encode({ 'user' => options }),
    :expects  => 200,
    :method   => 'PUT',
    :path     => url
  )
end

#validate_token(token_id, tenant_id) ⇒ Object

# File 'lib/fog/openstack/requests/identity/validate_token.rb', line 6

def validate_token(token_id, tenant_id)
  request(
    :expects  => [200, 203],
    :method   => 'GET',
    :path     => "tokens/#{token_id}?belongsTo=#{tenant_id}"
  )
end