Changes to delete dependencies when services,endpoint_templates,roles are being deleted.

PEP8 and Pylint fixes.Also do ldap related changes. Change-Id: I0c07aceef8815303ac8f3e83dd44cd74c0a7f6df
author: Yogeshwar Srikrishnan <yoga80@yahoo.com> 2011-08-09 18:06:36 -0500
committer: Yogeshwar Srikrishnan <yoga80@yahoo.com> 2011-08-10 14:30:26 -0500
commit: 91a4b9e287385c8d8d29773358a28056997b3cc5 (patch)
tree: 2b447d0c3a745f4eafd965f1502b46758ef8be8d
parent: e2c3c7d67c40312b0202fa48ede59e6ef688e40a (diff)
5 files changed, 153 insertions, 33 deletions
diff --git a/keystone/backends/api.py b/keystone/backends/api.py
index 8f022d46..1ab5d983 100755
--- a/keystone/backends/api.py
+++ b/keystone/backends/api.py
@@ -131,10 +131,10 @@ class BaseTenantGroupAPI(object):
     def get(self, id, tenant):
         raise NotImplementedError
 
-    def get_page(self, tenantId, marker, limit):
+    def get_page(self, tenant_id, marker, limit):
         raise NotImplementedError
 
-    def get_page_markers(self, tenantId, marker, limit):
+    def get_page_markers(self, tenant_id, marker, limit):
         raise NotImplementedError
 
     def update(self, id, tenant_id, values):
@@ -192,6 +192,9 @@ class BaseRoleAPI(object):
     def get(self, id):
         raise NotImplementedError
 
+    def get_by_service(self, service_id):
+        raise NotImplementedError
+
     def get_all(self):
         raise NotImplementedError
 
@@ -210,6 +213,9 @@ class BaseRoleAPI(object):
     def ref_get(self, id):
         raise NotImplementedError
 
+    def ref_get_by_role(self, id):
+        raise NotImplementedError
+
     def ref_delete(self, id):
         raise NotImplementedError
 
@@ -259,6 +265,9 @@ class BaseEndpointTemplateAPI(object):
     def get_all(self):
         raise NotImplementedError
 
+    def get_by_service(self, service_id):
+        raise NotImplementedError
+
     def get_page(self, marker, limit):
         raise NotImplementedError
 
@@ -272,6 +281,9 @@ class BaseEndpointTemplateAPI(object):
             limit):
         raise NotImplementedError
 
+    def endpoint_get_by_endpoint_template(self, endpoint_template_id):
+        raise NotImplementedError
+
     def endpoint_add(self, values):
         raise NotImplementedError
 
@@ -286,6 +298,12 @@ class BaseEndpointTemplateAPI(object):
 
 
 class BaseServiceAPI:
+    def create(self, values):
+        raise NotImplementedError
+
+    def get(self, id):
+        raise NotImplementedError
+
     def get_all(self):
         raise NotImplementedError
 
@@ -295,6 +313,9 @@ class BaseServiceAPI:
     def get_page_markers(self, marker, limit):
         raise NotImplementedError
 
+    def delete(self, id):
+        raise NotImplementedError
+
 
 class BaseCredentialsAPI(object):
     def create(self, values):
diff --git a/keystone/backends/ldap/api/role.py b/keystone/backends/ldap/api/role.py
index b0ecc467..d3129a3b 100644
--- a/keystone/backends/ldap/api/role.py
+++ b/keystone/backends/ldap/api/role.py
@@ -58,16 +58,29 @@ class RoleAPI(BaseLdapAPI, BaseTenantAPI):
         except ldap.NO_SUCH_OBJECT:
             if tenant_id is None or self.get(role_id) is None:
                 raise exception.NotFound("Role %s not found" % (role_id,))
+            if tenant_id != None:
+                tenant_dn = self.api.tenant._id_to_dn(tenant_id)
+            else:
+                tenant_dn = None
             attrs = [
                 ('objectClass', 'keystoneTenantRole'),
                 ('member', user_dn),
                 ('keystoneRole', self._id_to_dn(role_id)),
+                ('tenant', tenant_dn),
             ]
             conn.add_s(role_dn, attrs)
         return models.UserRoleAssociation(
             id=self._create_ref(role_id, tenant_id, user_id),
             role_id=role_id, user_id=user_id, tenant_id=tenant_id)
 
+    def get_by_service(self, service_id):
+        roles = self.get_all('(service_id=%s)' % \
+                    (ldap.filter.escape_filter_chars(service_id),))
+        try:
+            return roles[0]
+        except IndexError:
+            return None
+
     def get_role_assignments(self, tenant_id):
         conn = self.api.get_connection()
         query = '(objectClass=keystoneTenantRole)'
@@ -154,3 +167,30 @@ class RoleAPI(BaseLdapAPI, BaseTenantAPI):
         for tenant in self.api.tenant.get_all():
             all_roles += self.ref_get_all_tenant_roles(user_id, tenant.id)
         return self._get_page_markers(marker, limit, all_roles)
+
+    def  ref_get_by_role(self, id):
+        role_dn = self._id_to_dn(id)
+        try:
+            roles = self.get_all('(keystoneRole=%s)' % (role_dn,))
+        except ldap.NO_SUCH_OBJECT:
+            return []
+        res = []
+        for role_dn, attrs in roles:
+            try:
+                user_dns = attrs['member']
+                tenant_dns = attrs['tenant']
+            except KeyError:
+                continue
+            for user_dn in user_dns:
+                user_id = ldap.dn.str2dn(user_dn)[0][0][1]
+                tenant_id = None
+                if tenant_dns != None:
+                    for tenant_dn in tenant_dns:
+                        tenant_id = ldap.dn.str2dn(tenant_dn)[0][0][1]
+                role_id = ldap.dn.str2dn(role_dn)[0][0][1]
+                res.append(models.UserRoleAssociation(
+                    id=self._create_ref(role_id, tenant_id, user_id),
+                    user_id=user_id,
+                    role_id=role_id,
+                    tenant_id=tenant_id))
+        return res
diff --git a/keystone/backends/sqlalchemy/api/endpoint_template.py b/keystone/backends/sqlalchemy/api/endpoint_template.py
index 56db3ee7..26bddc36 100755
--- a/keystone/backends/sqlalchemy/api/endpoint_template.py
+++ b/keystone/backends/sqlalchemy/api/endpoint_template.py
@@ -31,7 +31,7 @@ class EndpointTemplateAPI(BaseEndpointTemplateAPI):
             session = get_session()
         with session.begin():
             endpoint_template = self.get(id, session)
-            session.delete(endpoint_template)
+        session.delete(endpoint_template)
 
     def get(self, id, session=None):
         if not session:
@@ -45,6 +45,12 @@ class EndpointTemplateAPI(BaseEndpointTemplateAPI):
             session = get_session()
         return session.query(models.EndpointTemplates).all()
 
+    def get_by_service(self, service_id, session=None):
+        if not session:
+            session = get_session()
+        return session.query(models.EndpointTemplates).\
+            filter_by(service=service_id).all()
+
     def get_page(self, marker, limit, session=None):
         if not session:
             session = get_session()
@@ -186,6 +192,14 @@ class EndpointTemplateAPI(BaseEndpointTemplateAPI):
                         filter_by(tenant_id=tenant_id).first()
         return result
 
+    def endpoint_get_by_endpoint_template(
+        self, endpoint_template_id, session=None):
+        if not session:
+            session = get_session()
+        result = session.query(models.Endpoints).\
+            filter_by(endpoint_template_id=endpoint_template_id).all()
+        return result
+
     def endpoint_delete(self, id, session=None):
         if not session:
             session = get_session()
diff --git a/keystone/backends/sqlalchemy/api/role.py b/keystone/backends/sqlalchemy/api/role.py
index e5b393ec..d725cb4a 100755
--- a/keystone/backends/sqlalchemy/api/role.py
+++ b/keystone/backends/sqlalchemy/api/role.py
@@ -39,6 +39,13 @@ class RoleAPI(BaseRoleAPI):
         result = session.query(models.Role).filter_by(id=id).first()
         return result
 
+    def get_by_service(self, service_id, session=None):
+        if not session:
+            session = get_session()
+        result = session.query(models.Role).\
+            filter_by(service_id=service_id).all()
+        return result
+
     def get_all(self, session=None):
         if not session:
             session = get_session()
@@ -181,6 +188,13 @@ class RoleAPI(BaseRoleAPI):
             next_page = next_page.id
         return (prev_page, next_page)
 
+    def ref_get_by_role(self, role_id, session=None):
+        if not session:
+            session = get_session()
+        result = session.query(models.UserRoleAssociation).\
+            filter_by(role_id=role_id).all()
+        return result
+
 
 def get():
     return RoleAPI()
diff --git a/keystone/logic/service.py b/keystone/logic/service.py
index b649e990..0960028e 100755
--- a/keystone/logic/service.py
+++ b/keystone/logic/service.py
@@ -447,13 +447,13 @@ class IdentityService(object):
         if dtoken.tenant_id:
             drole_refs = api.ROLE.ref_get_all_tenant_roles(duser.id,
                                                              dtoken.tenant_id)
-            for droleRef in drole_refs:
-                ts.append(RoleRef(droleRef.id, droleRef.role_id,
-                                         droleRef.tenant_id))
+            for drole_ref in drole_refs:
+                ts.append(RoleRef(drole_ref.id, drole_ref.role_id,
+                                         drole_ref.tenant_id))
         drole_refs = api.ROLE.ref_get_all_global_roles(duser.id)
-        for droleRef in drole_refs:
-            ts.append(RoleRef(droleRef.id, droleRef.role_id,
-                                     droleRef.tenant_id))
+        for drole_ref in drole_refs:
+            ts.append(RoleRef(drole_ref.id, drole_ref.role_id,
+                                     drole_ref.tenant_id))
         user = auth.User(duser.id, duser.tenant_id, RoleRefs(ts, []))
         return auth.ValidateData(token, user)
 
@@ -572,6 +572,10 @@ class IdentityService(object):
         drole = api.ROLE.get(role_id)
         if not drole:
             raise fault.ItemNotFoundFault("The role could not be found")
+        role_refs = api.ROLE.ref_get_by_role(role_id)
+        if role_refs != None:
+            for role_ref in role_refs:
+                api.ROLE.ref_delete(role_ref.id)
         api.ROLE.delete(role_id)
 
     def create_role_ref(self, admin_token, user_id, role_ref):
@@ -662,23 +666,29 @@ class IdentityService(object):
         if not dendpoint_template:
             raise fault.ItemNotFoundFault(
                 "The endpoint template could not be found")
+        #Delete Related endpoints
+        endpoints = api.ENDPOINT_TEMPLATE.\
+            endpoint_get_by_endpoint_template(endpoint_template_id)
+        if endpoints != None:
+            for endpoint in endpoints:
+                api.ENDPOINT_TEMPLATE.endpoint_delete(endpoint.id)
         api.ENDPOINT_TEMPLATE.delete(endpoint_template_id)
 
     def get_endpoint_templates(self, admin_token, marker, limit, url):
         self.__validate_service_or_keystone_admin_token(admin_token)
 
         ts = []
-        dendpointTemplates = api.ENDPOINT_TEMPLATE.get_page(marker, limit)
-        for dendpointTemplate in dendpointTemplates:
+        dendpoint_templates = api.ENDPOINT_TEMPLATE.get_page(marker, limit)
+        for dendpoint_template in dendpoint_templates:
             ts.append(EndpointTemplate(
-                dendpointTemplate.id,
-                dendpointTemplate.region,
-                dendpointTemplate.service,
-                dendpointTemplate.public_url,
-                dendpointTemplate.admin_url,
-                dendpointTemplate.internal_url,
-                dendpointTemplate.enabled,
-                dendpointTemplate.is_global))
+                dendpoint_template.id,
+                dendpoint_template.region,
+                dendpoint_template.service,
+                dendpoint_template.public_url,
+                dendpoint_template.admin_url,
+                dendpoint_template.internal_url,
+                dendpoint_template.enabled,
+                dendpoint_template.is_global))
         prev, next = api.ENDPOINT_TEMPLATE.get_page_markers(marker, limit)
         links = []
         if prev:
@@ -692,19 +702,19 @@ class IdentityService(object):
     def get_endpoint_template(self, admin_token, endpoint_template_id):
         self.__validate_service_or_keystone_admin_token(admin_token)
 
-        dendpointTemplate = api.ENDPOINT_TEMPLATE.get(endpoint_template_id)
-        if not dendpointTemplate:
+        dendpoint_template = api.ENDPOINT_TEMPLATE.get(endpoint_template_id)
+        if not dendpoint_template:
             raise fault.ItemNotFoundFault(
                 "The endpoint template could not be found")
         return EndpointTemplate(
-            dendpointTemplate.id,
-            dendpointTemplate.region,
-            dendpointTemplate.service,
-            dendpointTemplate.public_url,
-            dendpointTemplate.admin_url,
-            dendpointTemplate.internal_url,
-            dendpointTemplate.enabled,
-            dendpointTemplate.is_global)
+            dendpoint_template.id,
+            dendpoint_template.region,
+            dendpoint_template.service,
+            dendpoint_template.public_url,
+            dendpoint_template.admin_url,
+            dendpoint_template.internal_url,
+            dendpoint_template.enabled,
+            dendpoint_template.is_global)
 
     def get_tenant_endpoints(self, admin_token, marker, limit, url, tenant_id):
         self.__validate_service_or_keystone_admin_token(admin_token)
@@ -716,14 +726,14 @@ class IdentityService(object):
 
         ts = []
 
-        dtenantEndpoints = \
+        dtenant_endpoints = \
             api.ENDPOINT_TEMPLATE.\
                 endpoint_get_by_tenant_get_page(
                     tenant_id, marker, limit)
-        for dtenantEndpoint in dtenantEndpoints:
-            ts.append(Endpoint(dtenantEndpoint.id,
+        for dtenant_endpoint in dtenant_endpoints:
+            ts.append(Endpoint(dtenant_endpoint.id,
                     url + '/endpointTemplates/' + \
-                    str(dtenantEndpoint.endpoint_template_id)))
+                    str(dtenant_endpoint.endpoint_template_id)))
         links = []
         if ts.__len__():
             prev, next = \
@@ -810,6 +820,27 @@ class IdentityService(object):
     def delete_service(self, admin_token, service_id):
         self.__validate_service_or_keystone_admin_token(admin_token)
         dservice = api.SERVICE.get(service_id)
+
         if not dservice:
             raise fault.ItemNotFoundFault("The service could not be found")
+
+        #Delete Related Endpointtemplates and Endpoints.
+        endpoint_templates = api.ENDPOINT_TEMPLATE.get_by_service(service_id)
+        if endpoint_templates != None:
+            for endpoint_template in endpoint_templates:
+                endpoints = api.ENDPOINT_TEMPLATE.\
+                    endpoint_get_by_endpoint_template(endpoint_template.id)
+                if endpoints != None:
+                    for endpoint in endpoints:
+                        api.ENDPOINT_TEMPLATE.endpoint_delete(endpoint.id)
+                api.ENDPOINT_TEMPLATE.delete(endpoint_template.id)
+        #Delete Related Role and RoleRefs
+        roles = api.ROLE.get_by_service(service_id)
+        if roles != None:
+            for role in roles:
+                role_refs = api.ROLE.ref_get_by_role(role.id)
+                if role_refs != None:
+                    for role_ref in role_refs:
+                        api.ROLE.ref_delete(role_ref.id)
+                api.ROLE.delete(role.id)
         api.SERVICE.delete(service_id)
author	Yogeshwar Srikrishnan <yoga80@yahoo.com>	2011-08-09 18:06:36 -0500
committer	Yogeshwar Srikrishnan <yoga80@yahoo.com>	2011-08-10 14:30:26 -0500
commit	91a4b9e287385c8d8d29773358a28056997b3cc5 (patch)
tree	2b447d0c3a745f4eafd965f1502b46758ef8be8d
parent	e2c3c7d67c40312b0202fa48ede59e6ef688e40a (diff)