Commit af399a32 by Szabolcs Gelencser

Initial implementation of group share

parent 41f8460e
...@@ -495,14 +495,18 @@ class AclUpdateView(LoginRequiredMixin, View, SingleObjectMixin): ...@@ -495,14 +495,18 @@ class AclUpdateView(LoginRequiredMixin, View, SingleObjectMixin):
msg = _("Successfully shared with group %s" % new_group_name) msg = _("Successfully shared with group %s" % new_group_name)
messages.success(self.request, msg) messages.success(self.request, msg)
def __get_members_of_snapshot(self, glance):
template = self.get_object()
old_members_generator = glance.image_members.list(template.image_id)
return [m.member_id for m in old_members_generator]
def __handle_user_assignment(self): def __handle_user_assignment(self):
glance = self.__get_glance_admin_client(self.request.user.tenant_id) glance = self.__get_glance_admin_client(self.request.user.tenant_id)
template = self.get_object() template = self.get_object()
new_template_user = self.request.POST['name'] new_template_user = self.request.POST['name']
project_id_of_user = self.__get_project_id_by_name(new_template_user) project_id_of_user = self.__get_project_id_by_name(new_template_user)
old_members_generator = glance.image_members.list(template.image_id) old_members = self.__get_members_of_snapshot(glance)
old_members = [m.member_id for m in old_members_generator]
if project_id_of_user in old_members: if project_id_of_user in old_members:
msg = _("Template is already shared with %s" % new_template_user) msg = _("Template is already shared with %s" % new_template_user)
...@@ -549,34 +553,61 @@ class AclUpdateView(LoginRequiredMixin, View, SingleObjectMixin): ...@@ -549,34 +553,61 @@ class AclUpdateView(LoginRequiredMixin, View, SingleObjectMixin):
return removes return removes
def __remove_user(self, member_id): def __remove_user_from_db(self, member_id):
template = self.get_object() template = self.get_object()
glance = self.__get_glance_admin_client(self.request.user.tenant_id)
glance.image_members.delete(template.image_id, member_id)
user = TemplateUserMember.objects.get(project_id=member_id) user = TemplateUserMember.objects.get(project_id=member_id)
template.users.remove(user) template.users.remove(user)
template.save() template.save()
def __remove_group(self, member_id): def __remove_group_from_db(self, member_id):
template = self.get_object() template = self.get_object()
template.groups.remove(member_id) template.groups.remove(member_id)
template.save() template.save()
def __handle_removes(self): def __handle_removes_from_db(self):
removes = self.__get_removes() removes = self.__get_removes()
for member_id in removes['u']: for member_id in removes['u']:
self.__remove_user(member_id) self.__remove_user_from_db(member_id)
messages.success(self.request, _("Successfully removed user")) messages.success(self.request, _("Successfully removed user"))
for member_id in removes['g']: for member_id in removes['g']:
self.__remove_group(member_id) self.__remove_group_from_db(member_id)
messages.success(self.request, _("Successfully removed group")) messages.success(self.request, _("Successfully removed group"))
def __is_member_of_groups(self, member_id):
template = self.get_object()
for group in template.groups.all():
group_members = self.__list_users_of_group(group.group_id)
for group_member in group_members:
if group_member.default_project_id == member_id:
return True
return False
def __cleanup_member(self, member_id):
template = self.get_object()
try:
template.users.get(project_id=member_id)
return # member is assigned as user
except TemplateUserMember.DoesNotExist:
pass
if not self.__is_member_of_groups(member_id):
glance = self.__get_glance_admin_client(self.request.user.tenant_id)
glance.image_members.delete(template.image_id, member_id)
def __cleanup_assigned_members_of_snapshot(self):
template = self.get_object()
glance = self.__get_glance_admin_client(self.request.user.tenant_id)
member_ids = self.__get_members_of_snapshot(glance)
for member_id in member_ids:
self.__cleanup_member(member_id)
def post(self, request, *args, **kwargs): def post(self, request, *args, **kwargs):
template = self.get_object() template = self.get_object()
openstack_api.glance.image_update(request, template.image_id, visibility="shared") openstack_api.glance.image_update(request, template.image_id, visibility="shared")
self.__handle_removes_from_db()
self.__handle_assignments() self.__handle_assignments()
self.__handle_removes() self.__cleanup_assigned_members_of_snapshot()
return redirect("%s#access" % template.get_absolute_url()) return redirect("%s#access" % template.get_absolute_url())
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment