Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- def create_users(self, users):
- """Create the given user(s).
- :param users: list of serialized user objects
- """
- with MongoDBClient(self._admin_user()) as client:
- for item in users:
- user = models.MongoDBUser.deserialize(item)
- # this could be called to create multiple users at once;
- # catch exceptions, log the message, and continue
- try:
- user.check_create()
- if self._get_user_record(user.name, client=client):
- raise ValueError(_('User with name %(user)s already '
- 'exists.') % {'user': user.name})
- self.create_validated_user(user, client=client)
- except (ValueError, pymongo.errors.PyMongoError) as e:
- LOG.error(e)
- LOG.warning('Skipping creation of user with name '
- '%(user)s', {'user': user.name})
- def create_master_users(self, users):
- """Create the given master_user(s).
- :param users: list of serialized user objects
- """
- with MongoDBClient(self._admin_user()) as client:
- for item in users:
- user = models.MongoDBUser.deserialize(item)
- # this could be called to create multiple users at once;
- # catch exceptions, log the message, and continue
- try:
- user.check_create()
- if self._get_user_record(user.name, client=client):
- raise ValueError(_('Master_User with name %(user)s already '
- 'exists.') % {'user': user.name})
- self.create_validated_user(user, client=client)
- except (ValueError, pymongo.errors.PyMongoError) as e:
- LOG.error(e)
- LOG.warning('Skipping creation of user with name '
- '%(user)s', {'user': user.name})
- def grant_access(self, username, databases):
- """Adds the RW role to the user for each specified database."""
- user = self.get_existing_user(username)
- for db_name in databases:
- # verify the database name
- models.MongoDBSchema(db_name)
- role = {'db': db_name, 'role': 'readWrite'}
- if role not in user.roles:
- LOG.debug('Adding role %(role)s to user %(user)s.',
- {'role': str(role), 'user': username})
- user.roles = role
- else:
- LOG.debug('User %(user)s already has role %(role)s.',
- {'user': username, 'role': str(role)})
- LOG.debug('Updating user %s.', username)
- self._update_user_roles(user)
- def grant_master_access(self, username, databases):
- """Adds the RW role to the user for each specified database."""
- master_user = self.get_existing_user(username)
- for db_name in databases:
- # verify the database name
- models.MongoDBSchema(db_name)
- role = {'db': db_name, 'role': 'readWrite', 'readWriteAnyDatabase', 'readAnyDatabase','dbAminAnyDatabase','cluserMonitor',
- 'cleanupOrphaned', 'enableSharding', 'flushRouterConfig', 'moveChunk', 'splitChunk', 'viewUser', 'dbOwner' }
- #if role not in user.roles:
- # LOG.debug('Adding role %(role)s to user %(user)s.',
- # {'role': str(role), 'user': username})
- # user.roles = role
- #else:
- # LOG.debug('User %(user)s already has role %(role)s.',
- # {'user': username, 'role': str(role)})
- LOG.debug('Updating user %s.', username)
- self._update_user_roles(master_user)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement