2
# Licensed under the Apache License, Version 2.0 (the "License"); you may
3
# not use this file except in compliance with the License. You may obtain
4
# a copy of the License at
6
# http://www.apache.org/licenses/LICENSE-2.0
8
# Unless required by applicable law or agreed to in writing, software
9
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
10
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
11
# License for the specific language governing permissions and limitations
14
import role_assignments
16
from heat.common.i18n import _
17
from heat.engine import constraints
18
from heat.engine import properties
19
from heat.engine import support
22
class KeystoneGroup(role_assignments.KeystoneRoleAssignment):
24
Heat Template Resource for Keystone Group.
26
heat_template_version: 2013-05-23
28
description: Sample Keystone Group template
33
description: Keystone group name
36
description: Keystone group description
39
description: Keystone group domain name
45
description: group role domain
48
description: group role project
52
type: OS::Keystone::Group
54
name: {get_param: group_name}
55
domain: {get_param: group_domain}
56
description: {get_param: group_description}
58
- role: {get_param: group_role}
59
domain: {get_param: group_role_domain}
60
- role: {get_param: group_role}
61
project: {get_param: group_role_project}
64
support_status = support.SupportStatus(
66
message=_('Supported versions: keystone v3'))
69
NAME, DOMAIN, DESCRIPTION
71
'name', 'domain', 'description'
75
NAME: properties.Schema(
76
properties.Schema.STRING,
77
_('Name of keystone group.'),
80
DOMAIN: properties.Schema(
81
properties.Schema.STRING,
82
_('Name or id of keystone domain.'),
85
constraints=[constraints.CustomConstraint('keystone.domain')]
87
DESCRIPTION: properties.Schema(
88
properties.Schema.STRING,
89
_('Description of keystone group.'),
96
update(role_assignments.KeystoneRoleAssignment.properties_schema))
98
def _create_group(self,
102
domain = (self.client_plugin('keystone').
103
get_domain_id(domain))
105
return self.keystone().client.groups.create(
108
description=description)
110
def _delete_group(self, group_id):
111
return self.keystone().client.groups.delete(group_id)
113
def _update_group(self,
117
new_description=None):
120
if new_name is not None:
121
values['name'] = new_name
122
if new_description is not None:
123
values['description'] = new_description
125
values['group'] = group_id
126
domain = (self.client_plugin('keystone').
127
get_domain_id(domain))
128
values['domain_id'] = domain
129
return self.keystone().client.groups.update(**values)
131
def handle_create(self):
132
group_name = (self.properties.get(self.NAME) or
133
self.physical_resource_name())
134
description = self.properties.get(self.DESCRIPTION)
135
domain = self.properties.get(self.DOMAIN)
137
group = self._create_group(
138
group_name=group_name,
139
description=description,
143
self.resource_id_set(group.id)
145
super(KeystoneGroup, self).handle_create(user_id=None,
148
def handle_update(self, json_snippet=None, tmpl_diff=None, prop_diff=None):
149
name = prop_diff.get(self.NAME) or self.physical_resource_name()
150
description = prop_diff.get(self.DESCRIPTION)
151
domain = (prop_diff.get(self.DOMAIN) or
152
self._stored_properties_data.get(self.DOMAIN))
155
group_id=self.resource_id,
157
new_description=description,
161
super(KeystoneGroup, self).handle_update(user_id=None,
162
group_id=self.resource_id,
165
def handle_delete(self):
166
if self.resource_id is not None:
168
super(KeystoneGroup, self).handle_delete(
170
group_id=self.resource_id)
172
self._delete_group(group_id=self.resource_id)
173
except Exception as ex:
174
self.client_plugin('keystone').ignore_not_found(ex)
177
def resource_mapping():
179
'OS::Keystone::Group': KeystoneGroup