diff options
| author | Devin Carlen <devin.carlen@gmail.com> | 2010-07-28 00:28:56 +0000 |
|---|---|---|
| committer | Devin Carlen <devin.carlen@gmail.com> | 2010-07-28 00:28:56 +0000 |
| commit | 40dfe6316fae4b14f9fa694653341349a86d55ab (patch) | |
| tree | a046afa1851cc903897306e8e0dbc3281aa84cd4 | |
| parent | c42b214c61342089401b5191e70c0c6b09fb5a4a (diff) | |
Wired up user:project auth calls
| -rw-r--r-- | nova/adminclient.py | 5 | ||||
| -rw-r--r-- | nova/auth/manager.py | 1 | ||||
| -rw-r--r-- | nova/endpoint/admin.py | 13 |
3 files changed, 8 insertions, 11 deletions
diff --git a/nova/adminclient.py b/nova/adminclient.py index 9b9505ac1..e81e0470f 100644 --- a/nova/adminclient.py +++ b/nova/adminclient.py @@ -122,13 +122,14 @@ class NovaAdminClient(object): **kwargs) self.apiconn.APIVersion = 'nova' - def connection_for(self, username, **kwargs): + def connection_for(self, username, project, **kwargs): """ Returns a boto ec2 connection for the given username. """ user = self.get_user(username) + access_key = '%s:%s' % (user.accesskey, project) return boto.connect_ec2( - aws_access_key_id=user.accesskey, + aws_access_key_id=access_key, aws_secret_access_key=user.secretkey, is_secure=False, region=RegionInfo(None, self.region, self.clc_ip), diff --git a/nova/auth/manager.py b/nova/auth/manager.py index bc373fd26..8c8c7377c 100644 --- a/nova/auth/manager.py +++ b/nova/auth/manager.py @@ -532,6 +532,7 @@ class AuthManager(object): def get_projects(self): """Retrieves list of all projects""" + # TODO(devcamcar): Implement filter by user. with self.driver() as drv: project_list = drv.get_projects() if not project_list: diff --git a/nova/endpoint/admin.py b/nova/endpoint/admin.py index e3762e2af..e1e06e944 100644 --- a/nova/endpoint/admin.py +++ b/nova/endpoint/admin.py @@ -106,10 +106,7 @@ class AdminController(object): @admin_only def modify_user_role(self, context, user, role, project=None, operation='add', **kwargs): - """ - Add or remove a role for a user and project. - """ - + """Add or remove a role for a user and project.""" if operation == 'add': manager.AuthManager().add_role(user, role, project) elif operation == 'remove': @@ -137,8 +134,9 @@ class AdminController(object): return project_dict(manager.AuthManager().get_project(name)) @admin_only - def describe_projects(self, context, **kwargs): + def describe_projects(self, context, user=None, **kwargs): """Returns all projects - should be changed to deal with a list.""" + # TODO(devcamcar): Implement filter by user. return {'projectSet': [project_dict(u) for u in manager.AuthManager().get_projects()]} @@ -164,10 +162,7 @@ class AdminController(object): @admin_only def modify_project_user(self, context, user, project, operation, **kwargs): - """ - Add or remove a user from a project. - """ - + """Add or remove a user from a project.""" if operation =='add': manager.AuthManager().add_to_project(user, project) elif operation == 'remove': |