1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
import json
import sqlalchemy as sql
from keystone import config
CONF = config.CONF
def upgrade(migrate_engine):
meta = sql.MetaData()
meta.bind = migrate_engine
sql.Table('user', meta, autoload=True)
sql.Table('project', meta, autoload=True)
role_table = sql.Table('role', meta, autoload=True)
user_project_role_table = sql.Table(
'user_project_metadata',
meta,
sql.Column('user_id',
sql.String(64),
sql.ForeignKey('user.id'),
primary_key=True),
sql.Column('project_id',
sql.String(64),
sql.ForeignKey('project.id'),
primary_key=True),
sql.Column('data', sql.Text()))
user_project_role_table.create(migrate_engine, checkfirst=True)
conn = migrate_engine.connect()
conn.execute(role_table.insert(),
id=CONF.member_role_id,
name=CONF.member_role_name,
extra=json.dumps({'description':
'Default role for project membership',
'enabled': 'True'}))
user_project_membership_table = sql.Table('user_project_membership',
meta, autoload=True)
session = sql.orm.sessionmaker(bind=migrate_engine)()
for membership in session.query(user_project_membership_table):
data = {'roles': [config.CONF.member_role_id]}
ins = user_project_role_table.insert().values(
user_id=membership.user_id,
project_id=membership.tenant_id,
data=json.dumps(data))
conn.execute(ins)
session.close()
user_project_membership_table.drop()
def downgrade(migrate_engine):
meta = sql.MetaData()
meta.bind = migrate_engine
sql.Table('user', meta, autoload=True)
sql.Table('project', meta, autoload=True)
user_project_membership_table = sql.Table(
'user_project_membership',
meta,
sql.Column(
'user_id',
sql.String(64),
sql.ForeignKey('user.id'),
primary_key=True),
sql.Column(
'tenant_id',
sql.String(64),
sql.ForeignKey('project.id'),
primary_key=True))
user_project_membership_table.create(migrate_engine, checkfirst=True)
user_project_metadata_table = sql.Table(
'user_project_metadata',
meta,
autoload=True)
session = sql.orm.sessionmaker(bind=migrate_engine)()
for membership in session.query(user_project_metadata_table):
if 'roles' in membership:
roles = membership['roles']
if config.CONF.member_role_id in roles:
user_project_membership_table.insert().values(
user_id=membership.user_id,
tenant_id=membership.project_id)
session.close()
role_table = sql.Table('role', meta, autoload=True)
conn = migrate_engine.connect()
user_project_membership_table = sql.Table(
'user_project_membership', meta, autoload=True)
role_table = sql.Table('role', meta, autoload=True)
conn.execute(role_table.delete().where(role_table.c.id ==
config.CONF.member_role_id))
user_project_metadata_table.drop()
|