Class: Fog::Identity::OpenStack::V2::Real

Inherits:
Object
  • Object
show all
Includes:
OpenStack::Common
Defined in:
lib/fog/openstack/identity_v2.rb,
lib/fog/openstack/requests/identity_v2/get_role.rb,
lib/fog/openstack/requests/identity_v2/get_tenant.rb,
lib/fog/openstack/requests/identity_v2/list_roles.rb,
lib/fog/openstack/requests/identity_v2/list_users.rb,
lib/fog/openstack/requests/identity_v2/set_tenant.rb,
lib/fog/openstack/requests/identity_v2/check_token.rb,
lib/fog/openstack/requests/identity_v2/create_role.rb,
lib/fog/openstack/requests/identity_v2/create_user.rb,
lib/fog/openstack/requests/identity_v2/delete_role.rb,
lib/fog/openstack/requests/identity_v2/delete_user.rb,
lib/fog/openstack/requests/identity_v2/update_user.rb,
lib/fog/openstack/requests/identity_v2/list_tenants.rb,
lib/fog/openstack/requests/identity_v2/create_tenant.rb,
lib/fog/openstack/requests/identity_v2/delete_tenant.rb,
lib/fog/openstack/requests/identity_v2/update_tenant.rb,
lib/fog/openstack/requests/identity_v2/get_user_by_id.rb,
lib/fog/openstack/requests/identity_v2/validate_token.rb,
lib/fog/openstack/requests/identity_v2/create_user_role.rb,
lib/fog/openstack/requests/identity_v2/delete_user_role.rb,
lib/fog/openstack/requests/identity_v2/get_user_by_name.rb,
lib/fog/openstack/requests/identity_v2/get_tenants_by_id.rb,
lib/fog/openstack/requests/identity_v2/add_user_to_tenant.rb,
lib/fog/openstack/requests/identity_v2/get_ec2_credential.rb,
lib/fog/openstack/requests/identity_v2/get_tenants_by_name.rb,
lib/fog/openstack/requests/identity_v2/list_ec2_credentials.rb,
lib/fog/openstack/requests/identity_v2/create_ec2_credential.rb,
lib/fog/openstack/requests/identity_v2/delete_ec2_credential.rb,
lib/fog/openstack/requests/identity_v2/list_user_global_roles.rb,
lib/fog/openstack/requests/identity_v2/remove_user_from_tenant.rb,
lib/fog/openstack/requests/identity_v2/list_endpoints_for_token.rb,
lib/fog/openstack/requests/identity_v2/list_roles_for_user_on_tenant.rb

Instance Attribute Summary

Attributes included from OpenStack::Common

#unscoped_token

Attributes included from OpenStack::Core

#auth_token, #auth_token_expiration, #current_tenant, #current_user, #current_user_id, #openstack_domain_id, #openstack_domain_name, #openstack_identity_prefix, #openstack_project_domain, #openstack_project_domain_id, #openstack_user_domain, #openstack_user_domain_id

Class Method Summary collapse

Instance Method Summary collapse

Methods included from OpenStack::Common

#request

Methods included from OpenStack::Core

#credentials, #initialize_identity, #reload

Constructor Details

#initialize(options = {}) ⇒ Real

Returns a new instance of Real.



180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
# File 'lib/fog/openstack/identity_v2.rb', line 180

def initialize(options={})
  initialize_identity options

  @openstack_service_type   = options[:openstack_service_type] || ['identity']
  @openstack_service_name   = options[:openstack_service_name]
  @identity_prefix          = options[:openstack_identity_prefix] ? "/#{options[:openstack_identity_prefix]}" : nil

  @connection_options       = options[:connection_options] || {}

  @openstack_endpoint_type  = options[:openstack_endpoint_type] || 'adminURL'

  authenticate

  @persistent = options[:persistent] || false
  @connection = Fog::Core::Connection.new("#{@scheme}://#{@host}:#{@port}#{@identity_prefix}", @persistent, @connection_options)
end

Class Method Details

.not_found_classObject



175
176
177
# File 'lib/fog/openstack/identity_v2.rb', line 175

def self.not_found_class
  Fog::Identity::OpenStack::NotFound
end

Instance Method Details

#add_user_to_tenant(tenant_id, user_id, role_id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/add_user_to_tenant.rb', line 6

def add_user_to_tenant(tenant_id, user_id, role_id)
  request(
      :expects => 200,
      :method => 'PUT',
      :path => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
  )
end

#check_token(token_id, tenant_id = nil) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/check_token.rb', line 6

def check_token(token_id, tenant_id=nil)
  request(
      :expects => [200, 203],
      :method => 'HEAD',
      :path => "tokens/#{token_id}"+(tenant_id ? "?belongsTo=#{tenant_id}" : '')
  )
end

#create_ec2_credential(user_id, tenant_id) ⇒ Object

Create an EC2 credential for a user in a tenant. Requires administrator credentials.

Parameters

  • user_id<~String>: The id of the user to create an EC2 credential for

  • tenant_id<~String>: The id of the tenant to create the credential in

Returns

  • response<~Excon::Response>:

    • body<~Hash>:

      • ‘credential’<~Hash>: Created EC2 credential

        • ‘access’<~String>: The access key

        • ‘secret’<~String>: The secret key

        • ‘user_id’<~String>: The user id

        • ‘tenant_id’<~String>: The tenant id



25
26
27
28
29
30
31
32
33
34
# File 'lib/fog/openstack/requests/identity_v2/create_ec2_credential.rb', line 25

def create_ec2_credential(user_id, tenant_id)
  data = {'tenant_id' => tenant_id}

  request(
      :body => Fog::JSON.encode(data),
      :expects => [200, 202],
      :method => 'POST',
      :path => "users/#{user_id}/credentials/OS-EC2"
  )
end

#create_role(name) ⇒ Object



6
7
8
9
10
11
12
13
14
15
16
17
18
19
# File 'lib/fog/openstack/requests/identity_v2/create_role.rb', line 6

def create_role(name)
  data = {
      'role' => {
          'name' => name
      }
  }

  request(
      :body => Fog::JSON.encode(data),
      :expects => [200, 202],
      :method => 'POST',
      :path => '/OS-KSADM/roles'
  )
end

#create_tenant(attributes) ⇒ Object



6
7
8
9
10
11
12
13
# File 'lib/fog/openstack/requests/identity_v2/create_tenant.rb', line 6

def create_tenant(attributes)
  request(
      :expects => [200],
      :method => 'POST',
      :path => "tenants",
      :body => Fog::JSON.encode({'tenant' => attributes})
  )
end

#create_user(name, password, email, tenantId = nil, enabled = true) ⇒ Object



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# File 'lib/fog/openstack/requests/identity_v2/create_user.rb', line 6

def create_user(name, password, email, tenantId=nil, enabled=true)
  data = {
      'user' => {
          'name' => name,
          'password' => password,
          'tenantId' => tenantId,
          'email' => email,
          'enabled' => enabled,
      }
  }

  request(
      :body => Fog::JSON.encode(data),
      :expects => [200, 202],
      :method => 'POST',
      :path => '/users'
  )
end

#create_user_role(tenant_id, user_id, role_id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/create_user_role.rb', line 6

def create_user_role(tenant_id, user_id, role_id)
  request(
      :expects => 200,
      :method => 'PUT',
      :path => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
  )
end

#delete_ec2_credential(user_id, access) ⇒ Object

Destroy an EC2 credential for a user. Requires administrator credentials.

Parameters

  • user_id<~String>: The id of the user to delete the credential for

  • access<~String>: The access key of the credential to destroy

Returns

  • response<~Excon::Response>:

    • body<~String>: Empty string



19
20
21
22
23
24
25
# File 'lib/fog/openstack/requests/identity_v2/delete_ec2_credential.rb', line 19

def delete_ec2_credential(user_id, access)
  request(
      :expects => [200, 204],
      :method => 'DELETE',
      :path => "users/#{user_id}/credentials/OS-EC2/#{access}"
  )
end

#delete_role(role_id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/delete_role.rb', line 6

def delete_role(role_id)
  request(
      :expects => [200, 204],
      :method => 'DELETE',
      :path => "/OS-KSADM/roles/#{role_id}"
  )
end

#delete_tenant(id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/delete_tenant.rb', line 6

def delete_tenant(id)
  request(
      :expects => [200, 204],
      :method => 'DELETE',
      :path => "tenants/#{id}"
  )
end

#delete_user(user_id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/delete_user.rb', line 6

def delete_user(user_id)
  request(
      :expects => [200, 204],
      :method => 'DELETE',
      :path => "users/#{user_id}"
  )
end

#delete_user_role(tenant_id, user_id, role_id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/delete_user_role.rb', line 6

def delete_user_role(tenant_id, user_id, role_id)
  request(
      :expects => 204,
      :method => 'DELETE',
      :path => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
  )
end

#get_ec2_credential(user_id, access) ⇒ Object

Retrieves an EC2 credential for a user. Requires administrator credentials.

Parameters

  • user_id<~String>: The id of the user to retrieve the credential for

  • access<~String>: The access key of the credential to retrieve

Returns

  • response<~Excon::Response>:

    • body<~Hash>:

      • ‘credential’<~Hash>: The EC2 credential

        • ‘access’<~String>: The access key

        • ‘secret’<~String>: The secret key

        • ‘user_id’<~String>: The user id

        • ‘tenant_id’<~String>: The tenant id



24
25
26
27
28
29
30
31
32
# File 'lib/fog/openstack/requests/identity_v2/get_ec2_credential.rb', line 24

def get_ec2_credential(user_id, access)
  request(
      :expects => [200, 202],
      :method => 'GET',
      :path => "users/#{user_id}/credentials/OS-EC2/#{access}"
  )
rescue Excon::Errors::Unauthorized
  raise Fog::Identity::OpenStack::NotFound
end

#get_role(id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/get_role.rb', line 6

def get_role(id)
  request(
      :expects => [200, 204],
      :method => 'GET',
      :path => "/OS-KSADM/roles/#{id}"
  )
end

#get_tenant(id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/get_tenant.rb', line 6

def get_tenant(id)
  request(
      :expects => [200, 204],
      :method => 'GET',
      :path => "tenants/#{id}"
  )
end

#get_tenants_by_id(tenant_id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/get_tenants_by_id.rb', line 6

def get_tenants_by_id(tenant_id)
  request(
      :expects => [200],
      :method => 'GET',
      :path => "tenants/#{tenant_id}"
  )
end

#get_tenants_by_name(name) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/get_tenants_by_name.rb', line 6

def get_tenants_by_name(name)
  request(
      :expects => [200],
      :method => 'GET',
      :path => "tenants?name=#{name}"
  )
end

#get_user_by_id(user_id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/get_user_by_id.rb', line 6

def get_user_by_id(user_id)
  request(
      :expects => [200, 203],
      :method => 'GET',
      :path => "users/#{user_id}"
  )
end

#get_user_by_name(name) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/get_user_by_name.rb', line 6

def get_user_by_name(name)
  request(
      :expects => [200, 203],
      :method => 'GET',
      :path => "users?name=#{name}"
  )
end

#list_ec2_credentials(options = {}) ⇒ Object

List EC2 credentials for a user. Requires administrator credentials.

Parameters hash

  • :user_id<~String>: The id of the user to retrieve the credential for

Returns

  • response<~Excon::Response>:

    • body<~Hash>:

      • ‘credentials’<~Array>: The user’s EC2 credentials

        • ‘access’<~String>: The access key

        • ‘secret’<~String>: The secret key

        • ‘user_id’<~String>: The user id

        • ‘tenant_id’<~String>: The tenant id



23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# File 'lib/fog/openstack/requests/identity_v2/list_ec2_credentials.rb', line 23

def list_ec2_credentials(options = {})
  if options.is_a?(Hash)
    user_id = options.delete(:user_id)
    query = options
  else
    Fog::Logger.deprecation('Calling OpenStack[:identity].list_ec2_credentials(user_id) is deprecated, use .list_ec2_credentials(:user_id => value)')
    user_id = options
    query = {}
  end

  request(
    :expects => [200, 202],
    :method  => 'GET',
    :path    => "users/#{user_id}/credentials/OS-EC2",
    :query   => query
  )
end

#list_endpoints_for_token(token_id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/list_endpoints_for_token.rb', line 6

def list_endpoints_for_token(token_id)
  request(
      :expects => [200, 203],
      :method => 'HEAD',
      :path => "tokens/#{token_id}/endpoints"
  )
end

#list_roles(options = {}) ⇒ Object



6
7
8
9
10
11
12
13
# File 'lib/fog/openstack/requests/identity_v2/list_roles.rb', line 6

def list_roles(options = {})
  request(
      :expects => 200,
      :method  => 'GET',
      :path    => '/OS-KSADM/roles',
      :query   => options
  )
end

#list_roles_for_user_on_tenant(tenant_id, user_id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/list_roles_for_user_on_tenant.rb', line 6

def list_roles_for_user_on_tenant(tenant_id, user_id)
  request(
      :expects => [200],
      :method => 'GET',
      :path => "tenants/#{tenant_id}/users/#{user_id}/roles"
  )
end

#list_tenants(options = nil, marker = nil) ⇒ Object



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# File 'lib/fog/openstack/requests/identity_v2/list_tenants.rb', line 6

def list_tenants(options = nil, marker = nil)
  if options.is_a?(Hash)
    params = options
  else
    Fog::Logger.deprecation('Calling OpenStack[:identity].list_tenants(limit, marker) is deprecated, use'\
                            ' .list_ec2_credentials(:limit => value, :marker => value)')
    params = {}
    params['limit'] = options if options
    params['marker'] = marker if marker
  end

  request(
      :expects => [200, 204],
      :method  => 'GET',
      :path    => "tenants",
      :query   => params
  )
end

#list_user_global_roles(user_id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/list_user_global_roles.rb', line 6

def list_user_global_roles(user_id)
  request(
      :expects => [200],
      :method => 'GET',
      :path => "users/#{user_id}/roles"
  )
end

#list_users(options = {}) ⇒ Object



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# File 'lib/fog/openstack/requests/identity_v2/list_users.rb', line 6

def list_users(options = {})
  if options.is_a?(Hash)
    tenant_id = options.delete(:tenant_id)
    query = options
  else
    Fog::Logger.deprecation('Calling OpenStack[:identity].list_users(tenant_id) is deprecated, use .list_users(:tenant_id => value)')
    tenant_id = options
    query = {}
  end

  path = tenant_id ? "tenants/#{tenant_id}/users" : 'users'
  request(
      :expects => [200, 204],
      :method  => 'GET',
      :path    => path,
      :query   => query
  )
end

#remove_user_from_tenant(tenant_id, user_id, role_id) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/remove_user_from_tenant.rb', line 6

def remove_user_from_tenant(tenant_id, user_id, role_id)
  request(
      :expects => [200, 204],
      :method => 'DELETE',
      :path => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
  )
end

#set_tenant(tenant) ⇒ Object



6
7
8
9
10
# File 'lib/fog/openstack/requests/identity_v2/set_tenant.rb', line 6

def set_tenant(tenant)
  @openstack_must_reauthenticate = true
  @openstack_tenant = tenant.to_s
  authenticate
end

#update_tenant(id, attributes) ⇒ Object



6
7
8
9
10
11
12
13
# File 'lib/fog/openstack/requests/identity_v2/update_tenant.rb', line 6

def update_tenant(id, attributes)
  request(
      :expects => [200],
      :method => 'PUT',
      :path => "tenants/#{id}",
      :body => Fog::JSON.encode({'tenant' => attributes})
  )
end

#update_user(user_id, options = {}) ⇒ Object



6
7
8
9
10
11
12
13
14
# File 'lib/fog/openstack/requests/identity_v2/update_user.rb', line 6

def update_user(user_id, options = {})
  url = options.delete('url') || "/users/#{user_id}"
  request(
      :body => Fog::JSON.encode({'user' => options}),
      :expects => 200,
      :method => 'PUT',
      :path => url
  )
end

#validate_token(token_id, tenant_id = nil) ⇒ Object



6
7
8
9
10
11
12
# File 'lib/fog/openstack/requests/identity_v2/validate_token.rb', line 6

def validate_token(token_id, tenant_id=nil)
  request(
      :expects => [200, 203],
      :method => 'GET',
      :path => "tokens/#{token_id}"+(tenant_id ? "?belongsTo=#{tenant_id}" : '')
  )
end