fix merge errors

2 files changed, 72 insertions, 53 deletions

diff --git a/nova/auth/fakeldap.py b/nova/auth/fakeldap.py
index e27ac57bb..116fcbb78 100644
--- a/nova/auth/fakeldap.py
+++ b/nova/auth/fakeldap.py
@@ -34,15 +34,19 @@ SCOPE_SUBTREE  = 2
 MOD_ADD = 0
 MOD_DELETE = 1
 
+
 class NO_SUCH_OBJECT(Exception):
     pass
 
+
 class OBJECT_CLASS_VIOLATION(Exception):
     pass
 
+
 def initialize(uri):
     return FakeLDAP()
 
+
 def _match_query(query, attrs):
     """Match an ldap query to an attribute dictionary.
 
@@ -67,6 +71,7 @@ def _match_query(query, attrs):
     (k, sep, v) = inner.partition('=')
     return _match(k, v, attrs)
 
+
 def _paren_groups(source):
     """Split a string into parenthesized groups."""
     count = 0
@@ -83,6 +88,7 @@ def _paren_groups(source):
                 result.append(source[start:pos+1])
     return result
 
+
 def _match(k, v, attrs):
     """Match a given key and value against an attribute list."""
     if k not in attrs:
@@ -96,6 +102,7 @@ def _match(k, v, attrs):
             return True
     return False
 
+
 def _subs(value):
     """Returns a list of subclass strings.
 
@@ -109,6 +116,32 @@ def _subs(value):
         return [value] + subs[value]
     return [value]
 
+
+def _from_json(encoded):
+    """Convert attribute values from json representation.
+
+    Args:
+    encoded -- a json encoded string
+
+    Returns a list of strings
+
+    """
+    return [str(x) for x in json.loads(encoded)]
+
+
+def _to_json(unencoded):
+    """Convert attribute values into json representation.
+
+    Args:
+    unencoded -- an unencoded string or list of strings.  If it
+        is a single string, it will be converted into a list.
+
+    Returns a json string
+
+    """
+    return json.dumps(list(unencoded))
+
+
 class FakeLDAP(object):
     #TODO(vish): refactor this class to use a wrapper instead of accessing
     #            redis directly
@@ -125,7 +158,7 @@ class FakeLDAP(object):
         """Add an object with the specified attributes at dn."""
         key = "%s%s" % (self.__redis_prefix, dn)
 
-        value_dict = dict([(k, self.__to_json(v)) for k, v in attr])
+        value_dict = dict([(k, _to_json(v)) for k, v in attr])
         datastore.Redis.instance().hmset(key, value_dict)
 
     def delete_s(self, dn):
@@ -145,12 +178,12 @@ class FakeLDAP(object):
         key = "%s%s" % (self.__redis_prefix, dn)
 
         for cmd, k, v in attrs:
-            values = self.__from_json(redis.hget(key, k))
+            values = _from_json(redis.hget(key, k))
             if cmd == MOD_ADD:
                 values.append(v)
             else:
                 values.remove(v)
-            values = redis.hset(key, k, self.__to_json(values))
+            values = redis.hset(key, k, _to_json(values))
 
     def search_s(self, dn, scope, query=None, fields=None):
         """Search for all matching objects under dn using the query.
@@ -171,7 +204,7 @@ class FakeLDAP(object):
             # get the attributes from redis
             attrs = redis.hgetall(key)
             # turn the values from redis into lists
-            attrs = dict([(k, self.__from_json(v))
+            attrs = dict([(k, _from_json(v))
                           for k, v in attrs.iteritems()])
             # filter the objects by query
             if not query or _match_query(query, attrs):
@@ -188,25 +221,4 @@ class FakeLDAP(object):
     def __redis_prefix(self):
         return 'ldap:'
 
-    def __from_json(self, encoded):
-        """Convert attribute values from json representation.
-
-        Args:
-        encoded -- a json encoded string
-
-        Returns a list of strings
 
-        """
-        return [str(x) for x in json.loads(encoded)]
-
-    def __to_json(self, unencoded):
-        """Convert attribute values into json representation.
-
-        Args:
-        unencoded -- an unencoded string or list of strings.  If it
-            is a single string, it will be converted into a list.
-
-        Returns a json string
-
-        """
-        return json.dumps(list(unencoded))
diff --git a/nova/auth/users.py b/nova/auth/users.py
index bb78dad99..0ee2d4441 100644
--- a/nova/auth/users.py
+++ b/nova/auth/users.py
@@ -27,6 +27,7 @@ import datetime
 import logging
 import os
 import shutil
+import signer
 import string
 from string import Template
 import tempfile
@@ -39,15 +40,14 @@ except Exception, e:
     import fakeldap as ldap
 
 import fakeldap
-from nova import datastore
 
 # TODO(termie): clean up these imports
-import signer
+from nova import datastore
 from nova import exception
 from nova import flags
 from nova import crypto
 from nova import utils
-from nova.compute import model
+
 
 from nova import objectstore # for flags
 
@@ -101,10 +101,17 @@ flags.DEFINE_string('credential_cert_file', 'cert.pem',
                     'Filename of certificate in credentials zip')
 flags.DEFINE_string('credential_rc_file', 'novarc',
                     'Filename of rc in credentials zip')
-flags.DEFINE_integer('vpn_start_port', 8000,
+
+flags.DEFINE_integer('vpn_start_port', 1000,
                     'Start port for the cloudpipe VPN servers')
-flags.DEFINE_integer('vpn_end_port', 9999,
+flags.DEFINE_integer('vpn_end_port', 2000,
                     'End port for the cloudpipe VPN servers')
+
+flags.DEFINE_string('credential_cert_subject',
+                    '/C=US/ST=California/L=MountainView/O=AnsoLabs/'
+                    'OU=NovaDev/CN=%s-%s',
+                    'Subject for certificate for users')
+
 flags.DEFINE_string('vpn_ip', '127.0.0.1',
                     'Public IP for the cloudpipe VPN servers')
 
@@ -306,7 +313,7 @@ class NoMorePorts(exception.Error):
     pass
 
 
-class Vpn(model.BasicModel):
+class Vpn(datastore.BasicModel):
     def __init__(self, project_id):
         self.project_id = project_id
         super(Vpn, self).__init__()
@@ -317,27 +324,25 @@ class Vpn(model.BasicModel):
 
     @classmethod
     def create(cls, project_id):
-        # TODO (vish): get list of vpn ips from redis
-        for ip in [FLAGS.vpn_ip]:
-            try:
-                port = cls.find_free_port_for_ip(ip)
-                vpn = cls(project_id)
-                # save ip for project
-                vpn['project'] = project_id
-                vpn['ip'] = ip
-                vpn['port'] = port
-                vpn.save()
-                return vpn
-            except NoMorePorts:
-                pass
-        raise NoMorePorts()
+        # TODO(vish): get list of vpn ips from redis
+        port = cls.find_free_port_for_ip(FLAGS.vpn_ip)
+        vpn = cls(project_id)
+        # save ip for project
+        vpn['project'] = project_id
+        vpn['ip'] = FLAGS.vpn_ip
+        vpn['port'] = port
+        vpn.save()
+        return vpn
 
     @classmethod
     def find_free_port_for_ip(cls, ip):
-        # TODO(vish): the redis access should be refactored into a
-        #             base class
+        # TODO(vish): these redis commands should be generalized and
+        #             placed into a base class. Conceptually, it is
+        #             similar to an association, but we are just
+        #             storing a set of values instead of keys that
+        #             should be turned into objects.
         redis = datastore.Redis.instance()
-        key = 'ip:%s:ports'
+        key = 'ip:%s:ports' % ip
         # TODO(vish): these ports should be allocated through an admin
         #             command instead of a flag
         if (not redis.exists(key) and
@@ -345,14 +350,14 @@ class Vpn(model.BasicModel):
             for i in range(FLAGS.vpn_start_port, FLAGS.vpn_end_port + 1):
                 redis.sadd(key, i)
 
-        port = datastore.Redis.instance().spop(key)
+        port = redis.spop(key)
         if not port:
             raise NoMorePorts()
         return port
 
     @classmethod
     def num_ports_for_ip(cls, ip):
-        return datastore.Redis.instance().scard('ip:%s:ports')
+        return datastore.Redis.instance().scard('ip:%s:ports' % ip)
 
     @property
     def ip(self):
@@ -466,7 +471,9 @@ class UserManager(object):
             #             create and destroy a project
             Vpn.create(name)
             return conn.create_project(name,
-                    User.safe_id(manager_user), description, member_users)
+                                       User.safe_id(manager_user),
+                                       description,
+                                       member_users)
 
 
     def get_projects(self):
@@ -584,7 +591,7 @@ class UserManager(object):
 
     def __cert_subject(self, uid):
         # FIXME(ja) - this should be pulled from a global configuration
-        return "/C=US/ST=California/L=MountainView/O=AnsoLabs/OU=NovaDev/CN=%s-%s" % (uid, str(datetime.datetime.utcnow().isoformat()))
+        return FLAGS.credential_cert_subject % (uid, utils.isotime())
 
 
 class LDAPWrapper(object):
@@ -773,7 +780,7 @@ class LDAPWrapper(object):
 
     def __create_group(self, group_dn, name, uid,
                        description, member_uids = None):
-        if self.group_exists(name):
+        if self.group_exists(group_dn):
             raise exception.Duplicate("Group can't be created because "
                                       "group %s already exists" % name)
         members = []