%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python2.7/site-packages/salt/states/
Upload File :
Create Path :
Current File : //lib/python2.7/site-packages/salt/states/keystone.pyo

�
���^c@@s
dZddlmZmZmZd�Zdadadd�Z	de
dde
dd�Zdd�Zde
dd	�Z
dd
�Zde
dd�Zdd�Zdd
�Zdd�Zddd�Zdd�Zdddddddd�Zdddd�ZdS(u�
Management of Keystone users
============================

:depends:   - keystoneclient Python module
:configuration: See :py:mod:`salt.modules.keystone` for setup instructions.

.. code-block:: yaml

    Keystone tenants:
      keystone.tenant_present:
        - names:
          - admin
          - demo
          - service

    Keystone roles:
      keystone.role_present:
        - names:
          - admin
          - Member

    admin:
      keystone.user_present:
        - password: R00T_4CC3SS
        - email: admin@domain.com
        - roles:
            admin:   # tenants
              - admin  # roles
            service:
              - admin
              - Member
        - require:
          - keystone: Keystone tenants
          - keystone: Keystone roles

    nova:
      keystone.user_present:
        - password: '$up3rn0v4'
        - email: nova@domain.com
        - tenant: service
        - roles:
            service:
              - admin
        - require:
          - keystone: Keystone tenants
          - keystone: Keystone roles

    demo:
      keystone.user_present:
        - password: 'd3m0n$trati0n'
        - email: demo@domain.com
        - tenant: demo
        - roles:
            demo:
              - Member
        - require:
          - keystone: Keystone tenants
          - keystone: Keystone roles

    nova service:
      keystone.service_present:
        - name: nova
        - service_type: compute
        - description: OpenStack Compute Service

i(tabsolute_importtunicode_literalstprint_functioncC@sdtkrdStS(u9
    Only load if the keystone module is in __salt__
    u
keystone.authukeystone(t__salt__tFalse(((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pyt__virtual__Hsiu	tenant_idcK@sVy>ttdd||�jd��dkr=dadanWntk
rQnXdS(ue
    Sets global variables _OS_IDENTITY_API_VERSION and _TENANT_ID
    depending on API version.
    ukeystone.api_versiontprofileuviu
project_idN(tfloatRtstript
_TENANT_IDt_OS_IDENTITY_API_VERSIONtKeyError(Rtconnection_args((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pyt_api_versionSs+

c	K@s�i|d6id6td6dj|�d6}
td||	�|rQ|rQ|}n|d7k	r�tdd|d||	�}d	|kr�t|
d<d
j|�|
d<|
S||d}nd7}tdd|d||	�}
d	|
kr�t}t}t}t}|
|jd
d7�|kr"t}n|
|jdd7�|krGt}n|r�t|
|ksy|
|jtd7�|kr�t}n|tkr�tdd|d|d||	�r�t}ntjd�r|s�|s�|s�|rd7|
d<dj|�|
d<|tkrd|
dd<n|tkr8d|
dd<n|tkr^dj|�|
dd<n|tkr{d|
dd<n|
Sdj|�|
d<|r�tdd|d|d||	�dj|�|
d<d|
dd<n|r/tdd|d|d||	�dj|�|
d<dj|�|
dd<n|r�tdd|d |d||	�dj|�|
d<d!j|�|
dd<n|r�td"d|d|d||	�dj|�|
d<d|
dd<n|r�x�|D]�}t	i|d#6|d$6|d%6|	�}td&|�}x�||D]�}||krtjd�r`d7|
d<d'j|�|
d<|
St	i|d(6|d)6|d*6|d%6|	�}td+|�}d,|
dkr�|
dd,j
|�q�|g|
dd,<qqWtt|�t||��}x�|D]�}tjd�r8d7|
d<d'j|�|
d<|
St	i|d(6|d)6|d*6|d%6|	�}td-|�}d,|
dkr�|
dd,j
|�q|g|
dd,<qWq�Wq�n�tjd�r�d7|
d<d.j|�|
d<d/|
dd0<|
Std1d|d|d|d2|d|d||	�|rxL|D]A}x8||D],}td+d3|d4|d |d||	�qHWq7Wnd5j|�|
d<d6|
dd0<|
S(8u�
    Ensure that the keystone user is present with the specified properties.

    name
        The name of the user to manage

    password
        The password to use for this user.

        .. note::

            If the user already exists and a different password was set for
            the user than the one specified here, the password for the user
            will be updated. Please set the ``password_reset`` option to
            ``False`` if this is not the desired behavior.

    password_reset
        Whether or not to reset password after initial set. Defaults to
        ``True``.

    email
        The email address for this user

    tenant
        The tenant (name) for this user

    project
        The project (name) for this user (overrides tenant in api v3)

    enabled
        Availability state for this user

    roles
        The roles the user should have under given tenants.
        Passed as a dictionary mapping tenant names to a list
        of roles in this tenant, i.e.::

            roles:
                admin:   # tenant
                  - admin  # role
                service:
                  - admin
                  - Member
    unameuchangesuresultuUser "{0}" will be updateducommentRukeystone.tenant_gettnameuErroru%Tenant / project "{0}" does not existuidukeystone.user_getuemailuenabledukeystone.user_verify_passwordtpasswordutestuWill be updateduEmailuWill be TrueuEnableduWill be added to "{0}" tenantuTenantuPassworduUser "{0}" is already presentukeystone.user_updatetemailuUser "{0}" has been updateduUpdatedtenableduNow {0}ttenantuAdded to "{0}" tenantukeystone.user_password_updateu	user_nameutenant_nameuprofileukeystone.user_role_listu"User roles "{0}" will been updateduuseruroleutenantukeystone.user_role_addurolesukeystone.user_role_removeu!Keystone user "{0}" will be addeduWill be createduUserukeystone.user_createt	tenant_idtusertroleu Keystone user {0} has been addeduCreatedN(
tTruetformatR
tNoneRRtgetR	t__opts__tdicttappendtlisttset(RRRRRtrolesRtpassword_resettprojectRtrett
tenantdataRRtchange_emailtchange_enabledt
change_tenanttchange_passwordtargsttenant_rolesRtaddargstnewroletroles_to_removetoldrole((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pytuser_presentbs�6

		
				
	'
   


	 

	

cK@s�i|d6id6td6dj|�d6}tdd|d||�}d	|kr�tjd
�r�d|d<dj|�|d<|Stdd|d||�d
j|�|d<d|dd<n|S(uo
    Ensure that the keystone user is absent.

    name
        The name of the user that should not exist
    unameuchangesuresultuUser "{0}" is already absentucommentukeystone.user_getRRuErrorutestuUser "{0}" will be deletedukeystone.user_deleteuUser "{0}" has been deleteduDeleteduUserN(RRRRRR(RRRR"R((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pytuser_absent-s 
	
cK@s�i|d6id6td6dj|�d6}td||�tdd|d||�}d	|kr�||jd
d#�|krtjd�r�d#|d<dj|�|d<d
|dd<|Stdd|d|d|d||�dj|�|d<d|dd<n||jdd#�|kr�tjd�rjd#|d<dj|�|d<dj|�|dd<|Stdd|d|d|d||�dj|�|d<dj|�|dd<q�n�tjd�r�d#|d<dj|�|d<d|dd<|Stdkr;tdd|ddd|d|d||�}n(tdd|d|d|d||�}|tkrud nd!|dd<||d<d"j|�|d<|S($u�
    Ensures that the keystone tenant exists

    name
        The name of the tenant to manage

    description
        The description to use for this tenant

    enabled
        Availability state for this tenant
    unameuchangesuresultu%Tenant / project "{0}" already existsucommentRukeystone.tenant_getRuErrorudescriptionutestu&Tenant / project "{0}" will be updateduWill be updateduDescriptionukeystone.tenant_updatetdescriptionRu'Tenant / project "{0}" has been updateduUpdateduenableduWill be {0}uEnableduNow {0}u$Tenant / project "{0}" will be addeduWill be createduTenantiukeystone.project_createtdomainudefaultukeystone.tenant_createuCreateduFailedu%Tenant / project "{0}" has been addedN(RRR
RRRRR
(RR0RRRR"Rtcreated((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pyttenant_presentJsb
	


 
cK@s�i|d6id6td6dj|�d6}tdd|d||�}d	|kr�tjd
�r�d|d<dj|�|d<|Stdd|d||�d
j|�|d<d|dd<n|S(us
    Ensure that the keystone tenant is absent.

    name
        The name of the tenant that should not exist
    unameuchangesuresultu(Tenant / project "{0}" is already absentucommentukeystone.tenant_getRRuErrorutestu&Tenant / project "{0}" will be deletedukeystone.tenant_deleteu'Tenant / project "{0}" has been deleteduDeleteduTenant/ProjectN(RRRRRR(RRRR"R((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pyt
tenant_absent�s"
	
c	K@st|d|d|d||�S(u�
    Ensures that the keystone project exists
    Alias for tenant_present from V2 API to fulfill
    V3 API naming convention.

    .. versionadded:: 2016.11.0

    name
        The name of the project to manage

    description
        The description to use for this project

    enabled
        Availability state for this project

    .. code-block:: yaml

        nova:
            keystone.project_present:
                - enabled: True
                - description: 'Nova Compute Service'

    R0RR(R3(RR0RRR((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pytproject_present�scK@st|d||�S(uY
    Ensure that the keystone project is absent.
    Alias for tenant_absent from V2 API to fulfill
    V3 API naming convention.

    .. versionadded:: 2016.11.0

    name
        The name of the project that should not exist

    .. code-block:: yaml

        delete_nova:
            keystone.project_absent:
                - name: nova
    R(R4(RRR((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pytproject_absent�scK@s�i|d6id6td6dj|�d6}tdd|d||�}d	|krW|Stjd
�r�d|d<dj|�|d<|Std|d||�d
j|�|d<d|dd<|S(un'
    Ensures that the keystone role exists

    name
        The name of the role that should be present
    unameuchangesuresultuRole "{0}" already existsucommentukeystone.role_getRRuErrorutestuRole "{0}" will be addedukeystone.role_createuRole "{0}" has been addeduCreateduRoleN(RRRRRR(RRRR"R((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pytrole_present�s"
	
cK@s�i|d6id6td6dj|�d6}tdd|d||�}d	|kr�tjd
�r�d|d<dj|�|d<|Stdd|d||�d
j|�|d<d|dd<n|S(uo
    Ensure that the keystone role is absent.

    name
        The name of the role that should not exist
    unameuchangesuresultuRole "{0}" is already absentucommentukeystone.role_getRRuErrorutestuRole "{0}" will be deletedukeystone.role_deleteuRole "{0}" has been deleteduDeleteduRoleN(RRRRRR(RRRR"R((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pytrole_absents 
	
cK@s�i|d6id6td6dj|�d6}tdd|d||�}d	|krW|Stjd
�r�d|d<dj|�|d<|Std|||d||�d
j|�|d<d|dd<|S(u�
    Ensure service present in Keystone catalog

    name
        The name of the service

    service_type
        The type of Openstack Service

    description (optional)
        Description of the service
    unameuchangesuresultuService "{0}" already existsucommentukeystone.service_getRRuErrorutestuService "{0}" will be addedukeystone.service_createuService "{0}" has been addeduCreateduServiceN(RRRRRR(Rtservice_typeR0RRR"R((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pytservice_present s(
	

cK@s�i|d6id6td6dj|�d6}tdd|d||�}d	|kr�tjd
�r�d|d<dj|�|d<|Stdd|d||�d
j|�|d<d|dd<n|S(u�
    Ensure that the service doesn't exist in Keystone catalog

    name
        The name of the service that should not exist
    unameuchangesuresultuService "{0}" is already absentucommentukeystone.service_getRRuErrorutestuService "{0}" will be deletedukeystone.service_deleteuService "{0}" has been deleteduDeleteduServiceN(RRRRRR(RRRR"R((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pytservice_absentJs$
	
c
@s9i�d6id6td6dd6�td���td��d�d���}	�fd	�}
����������	f
d
�}|	r�d|	kr�|	jd��kr�td
kr�t}t}
|	jdd"��	kr|
dj|	jdd"��	���d<t}n|	jdd"��kr^|
dj|	jdd"�����d<t}
ntjd�r�|sy|
r�d"�d<d�dd<�dcdj��7<�S|r��	�dd<n|
rg��dd<qgn�t}t}t}|	jdd"��kr:t}|
dj|	jdd"�����d<n|	jdd"��kr�t}|
dj|	jdd"�����d<n|	jdd"��kr�t}|
dj|	jdd"�����d<ntjd�r"|s�|s�|r"d"�d<�dcdj��7<d�dd<�S|r9��dd<n|rP��dd<n|rg��dd<n�drtd��d�d���|��dcdj��7<qnXtjd�r�d"�d<d�dd<dj���d<�S|�d j���d<�ddkr5d!j���d<n�S(#u
    Ensure the specified endpoints exists for service

    name
        The Service name

    publicurl
        The public url of service endpoint (for V2 API)

    internalurl
        The internal url of service endpoint (for V2 API)

    adminurl
        The admin url of the service endpoint (for V2 API)

    region
        The region of the endpoint

    url
        The endpoint URL (for V3 API)

    interface
        The interface type, which describes the visibility
        of the endpoint. (for V3 API)

    unameuchangesuresultuucommentRukeystone.endpoint_gett	interfacec@s�jdd�|dS(Nucommentuu
(R(tdesc(R"(s8/usr/lib/python2.7/site-packages/salt/states/keystone.pyt_changes�sc
@swtdkr>td�d�d�	d�d����d<n5td�d�d�d	�d
�d����d<dS(Niukeystone.endpoint_createtregionturlR<Ruchangest	publicurltadminurltinternalurl(R
R((
RBRR<RCRRRAR?R"R@(s8/usr/lib/python2.7/site-packages/salt/states/keystone.pyt_create_endpoint�s uErroruregioniuurluURL changes from "{0}" to "{1}"u	interfaceu%Interface changes from "{0}" to "{1}"utestuWill be updateduEndpointu*Endpoint for service "{0}" will be updatedu	publicurlu&Public URL changes from "{0}" to "{1}"uadminurlu%Admin URL changes from "{0}" to "{1}"uinternalurlu(Internal URL changes from "{0}" to "{1}"ukeystone.endpoint_deleteu+Endpoint for service "{0}" has been updateduWill be createdu(Endpoint for service "{0}" will be addedu)Endpoint for service "{0}" has been addedu)Endpoint for service "{0}" already existsN(	RR
RRR
RRRR(RRARCRBR?RR@R<RtendpointR>RDt
change_urltchange_interfacetchange_publicurltchange_adminurltchange_internalurl((
RBRR<RCRRRAR?R"R@s8/usr/lib/python2.7/site-packages/salt/states/keystone.pytendpoint_presentis�"

	*'(	(	
	"	"!

 
cK@si|d6id6td6dj||dk	r<dj|�nd�d6}td||d	|d
||�}|su|Stjd�r�d|d<dj|�|d<|Std
||d	|d
||�dj||dk	r�dj|�nd�|d<d|dd<|S(ud
    Ensure that the endpoint for a service doesn't exist in Keystone catalog

    name
        The name of the service whose endpoints should not exist

    region (optional)
        The region of the endpoint.  Defaults to ``RegionOne``.

    interface
        The interface type, which describes the visibility
        of the endpoint. (for V3 API)
    unameuchangesuresultu/Endpoint for service "{0}"{1} is already absentu, interface "{0}",uucommentukeystone.endpoint_getRR<utestu*Endpoint for service "{0}" will be deletedukeystone.endpoint_deleteu.Endpoint for service "{0}"{1} has been deleteduDeleteduendpointN(RRRRRR(RR?RR<RR"RE((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pytendpoint_absents.
	(	
	(N(t__doc__t
__future__RRRRR
R	RR
RR.R/R3R4R5R6R7R8R:R;RKRL(((s8/usr/lib/python2.7/site-packages/salt/states/keystone.pyt<module>Ds:	�H) �

Zerion Mini Shell 1.0