| Index: trunk/extensions/OpenStackManager/special/SpecialNovaProject.php |
| — | — | @@ -176,6 +176,7 @@ |
| 177 | 177 | $out .= $sk->link( $this->getTitle(), wfMsg( 'openstackmanager-createproject' ), array(), array( 'action' => 'create' ), array() ); |
| 178 | 178 | $projectsOut = Html::element( 'th', array(), wfMsg( 'openstackmanager-projectname' ) ); |
| 179 | 179 | $projectsOut .= Html::element( 'th', array(), wfMsg( 'openstackmanager-members' ) ); |
| | 180 | + $projectsOut .= Html::element( 'th', array(), wfMsg( 'openstackmanager-roles' ) ); |
| 180 | 181 | $projectsOut .= Html::element( 'th', array(), wfMsg( 'openstackmanager-actions' ) ); |
| 181 | 182 | $projects = OpenStackNovaProject::getAllProjects(); |
| 182 | 183 | if ( ! $projects ) { |
| — | — | @@ -196,6 +197,30 @@ |
| 197 | 198 | $memberOut = Html::rawElement( 'ul', array(), $memberOut ); |
| 198 | 199 | } |
| 199 | 200 | $projectOut .= Html::rawElement( 'td', array(), $memberOut ); |
| | 201 | + $rolesOut = Html::element( 'th', array(), wfMsg( 'openstackmanager-rolename' ) ); |
| | 202 | + $rolesOut .= Html::element( 'th', array(), wfMsg( 'openstackmanager-members' ) ); |
| | 203 | + $rolesOut .= Html::element( 'th', array(), wfMsg( 'openstackmanager-actions' ) ); |
| | 204 | + foreach ( $project->getRoles() as $role ) { |
| | 205 | + $roleOut = Html::element( 'td', array(), $role->getRoleName() ); |
| | 206 | + $roleMembers = ''; |
| | 207 | + $specialRoleTitle = Title::newFromText( 'Special:NovaRole' ); |
| | 208 | + foreach ( $role->getMembers() as $member ) { |
| | 209 | + $link = $sk->link( $specialRoleTitle, wfMsg( 'openstackmanager-removerolemember' ), array(), |
| | 210 | + array( 'action' => 'removemember', 'projectname' => $projectName, 'rolename' => $role->getRoleName(), 'member' => $member, 'referrer' => 'Special:NovaProject' ), array() ); |
| | 211 | + $member = $member . ' (' . $link . ')'; |
| | 212 | + $roleMembers .= Html::rawElement( 'li', array(), $member ); |
| | 213 | + } |
| | 214 | + $roleMembers = Html::rawElement( 'ul', array(), $roleMembers ); |
| | 215 | + $roleOut .= Html::rawElement( 'td', array(), $roleMembers ); |
| | 216 | + $link = $sk->link( $specialRoleTitle, wfMsg( 'openstackmanager-addrolemember' ), array(), |
| | 217 | + array( 'action' => 'addmember', 'projectname' => $projectName, 'rolename' => $role->getRoleName(), 'referrer' => 'Special:NovaProject' ), array() ); |
| | 218 | + $actions = Html::rawElement( 'li', array(), $link ); |
| | 219 | + $actions = Html::rawElement( 'ul', array(), $actions ); |
| | 220 | + $roleOut .= Html::rawElement( 'td', array(), $actions ); |
| | 221 | + $rolesOut .= Html::rawElement( 'tr', array(), $roleOut ); |
| | 222 | + } |
| | 223 | + $rolesOut = Html::rawElement( 'table', array( 'class' => 'wikitable' ), $rolesOut ); |
| | 224 | + $projectOut .= Html::rawElement( 'td', array(), $rolesOut ); |
| 200 | 225 | $link = $sk->link( $this->getTitle(), wfMsg( 'openstackmanager-deleteproject' ), array(), |
| 201 | 226 | array( 'action' => 'delete', 'projectname' => $projectName ), array() ); |
| 202 | 227 | $actions = Html::rawElement( 'li', array(), $link ); |
| Index: trunk/extensions/OpenStackManager/OpenStackManager.i18n.php |
| — | — | @@ -134,6 +134,10 @@ |
| 135 | 135 | 'openstackmanager-badinstancename' => 'Bad instance name provided. Instance names must start with a-z, and can only contain a-z, 0-9, and - characters.', |
| 136 | 136 | 'openstackmanager-novaproject-project' => 'Project', |
| 137 | 137 | 'openstackmanager-novaproject-info' => 'Project Information', |
| | 138 | + 'openstackmanager-roles' => 'Roles', |
| | 139 | + 'openstackmanager-rolename' => 'Role Name', |
| | 140 | + 'openstackmanager-removerolemember' => 'Remove role member', |
| | 141 | + 'openstackmanager-addrolemember' => 'Add role member', |
| 138 | 142 | |
| 139 | 143 | 'openstackmanager-shellaccountname' => 'Instance Shell Account Name', |
| 140 | 144 | 'openstackmanager-shellaccountnamehelp' => 'The shell account name must start with a-z, and can only contain a-z, 0-9, -, and _ characters.', |
| Index: trunk/extensions/OpenStackManager/OpenStackNovaProject.php |
| — | — | @@ -5,7 +5,10 @@ |
| 6 | 6 | var $projectname; |
| 7 | 7 | var $projectDN; |
| 8 | 8 | var $projectInfo; |
| | 9 | + var $roles; |
| 9 | 10 | |
| | 11 | + static $rolenames = array( 'sysadmin', 'netadmin' ); |
| | 12 | + |
| 10 | 13 | function __construct( $projectname ) { |
| 11 | 14 | $this->projectname = $projectname; |
| 12 | 15 | $this->connect(); |
| — | — | @@ -32,12 +35,20 @@ |
| 33 | 36 | $this->projectInfo = ldap_get_entries( $wgAuth->ldapconn, $result ); |
| 34 | 37 | wfRestoreWarnings(); |
| 35 | 38 | $this->projectDN = $this->projectInfo[0]['dn']; |
| | 39 | + $this->roles = array(); |
| | 40 | + foreach ( self::$rolenames as $rolename ) { |
| | 41 | + $this->roles[] = OpenStackNovaRole::getProjectRoleByName( $rolename, $this ); |
| | 42 | + } |
| 36 | 43 | } |
| 37 | 44 | |
| 38 | 45 | function getProjectName() { |
| 39 | 46 | return $this->projectname; |
| 40 | 47 | } |
| 41 | 48 | |
| | 49 | + function getRoles() { |
| | 50 | + return $this->roles; |
| | 51 | + } |
| | 52 | + |
| 42 | 53 | function getMembers() { |
| 43 | 54 | $members = array(); |
| 44 | 55 | if ( isset( $this->projectInfo[0]['member'] ) ) { |
| — | — | @@ -170,12 +181,19 @@ |
| 171 | 182 | $project['cn'] = $projectname; |
| 172 | 183 | $project['owner'] = $wgOpenStackManagerLDAPUser; |
| 173 | 184 | $project['gidnumber'] = OpenStackNovaUser::getNextIdNumber( $wgAuth, 'gidnumber' ); |
| 174 | | - $dn = 'cn=' . $projectname . ',' . $wgOpenStackManagerLDAPProjectBaseDN; |
| | 185 | + $projectdn = 'cn=' . $projectname . ',' . $wgOpenStackManagerLDAPProjectBaseDN; |
| 175 | 186 | |
| 176 | 187 | wfSuppressWarnings(); |
| 177 | | - $success = ldap_add( $wgAuth->ldapconn, $dn, $project ); |
| | 188 | + $success = ldap_add( $wgAuth->ldapconn, $projectdn, $project ); |
| 178 | 189 | wfRestoreWarnings(); |
| | 190 | + $project = OpenStackNovaProject( $projectname ); |
| 179 | 191 | if ( $success ) { |
| | 192 | + foreach ( self::$rolenames as $rolename ) { |
| | 193 | + $role = OpenStackNovaRole::createRole( $rolename, $project ); |
| | 194 | + # TODO: If role addition fails, find a way to fail gracefully |
| | 195 | + # Though, if the project was added successfully, it is unlikely |
| | 196 | + # that role addition will fail. |
| | 197 | + } |
| 180 | 198 | $wgAuth->printDebug( "Successfully added project $projectname", NONSENSITIVE ); |
| 181 | 199 | return true; |
| 182 | 200 | } else { |
| — | — | @@ -189,7 +207,6 @@ |
| 190 | 208 | global $wgOpenStackManagerLDAPUser, $wgOpenStackManagerLDAPUserPassword; |
| 191 | 209 | global $wgOpenStackManagerLDAPDomain; |
| 192 | 210 | |
| 193 | | - |
| 194 | 211 | $wgAuth->connect( $wgOpenStackManagerLDAPDomain ); |
| 195 | 212 | $wgAuth->bindAs( $wgOpenStackManagerLDAPUser, $wgOpenStackManagerLDAPUserPassword ); |
| 196 | 213 | |
| — | — | @@ -199,20 +216,29 @@ |
| 200 | 217 | } |
| 201 | 218 | $dn = $project->projectDN; |
| 202 | 219 | |
| 203 | | - # Projects can have roles as sub entries, fail if they exist |
| 204 | | - # It is a bad idea to rely on LDAP failure here, as some directories |
| 205 | | - # may simply delete sub entries. |
| | 220 | + # Projects can have roles as sub-entries, we need to delete them first |
| 206 | 221 | $result = ldap_list( $wgAuth->ldapconn, $dn, 'objectclass=*' ); |
| 207 | 222 | $roles = ldap_get_entries( $wgAuth->ldapconn, $result ); |
| 208 | | - if ( $roles['count'] != "0" ) { |
| 209 | | - return false; |
| | 223 | + array_shift( $roles ); |
| | 224 | + foreach ( $roles as $role ) { |
| | 225 | + $roledn = $role['dn']; |
| | 226 | + wfSuppressWarnings(); |
| | 227 | + $success = ldap_delete( $wgAuth->ldapconn, $roledn ); |
| | 228 | + wfRestoreWarnings(); |
| | 229 | + if ( $success ){ |
| | 230 | + $wgAuth->printDebug( "Successfully deleted role $roledn", NONSENSITIVE ); |
| | 231 | + } else { |
| | 232 | + $wgAuth->printDebug( "Failed to delete role $roledn", NONSENSITIVE ); |
| | 233 | + } |
| 210 | 234 | } |
| 211 | 235 | wfSuppressWarnings(); |
| 212 | 236 | $success = ldap_delete( $wgAuth->ldapconn, $dn ); |
| 213 | 237 | wfRestoreWarnings(); |
| 214 | 238 | if ( $success ) { |
| | 239 | + $wgAuth->printDebug( "Successfully deleted project $projectname", NONSENSITIVE ); |
| 215 | 240 | return true; |
| 216 | 241 | } else { |
| | 242 | + $wgAuth->printDebug( "Failed to delete project $projectname", NONSENSITIVE ); |
| 217 | 243 | return false; |
| 218 | 244 | } |
| 219 | 245 | } |
| Index: trunk/extensions/OpenStackManager/OpenStackManager.php |
| — | — | @@ -21,7 +21,7 @@ |
| 22 | 22 | 'path' => __FILE__, |
| 23 | 23 | 'name' => 'OpenStackManager', |
| 24 | 24 | 'author' => 'Ryan Lane', |
| 25 | | - 'version' => '0.7', |
| | 25 | + 'version' => '0.8', |
| 26 | 26 | 'url' => 'http://mediawiki.org/wiki/Extension:OpenStackManager', |
| 27 | 27 | 'descriptionmsg' => 'openstackmanager-desc', |
| 28 | 28 | ); |
| — | — | @@ -75,6 +75,7 @@ |
| 76 | 76 | $wgAutoloadClasses['OpenStackNovaAddress'] = $dir . 'OpenStackNovaAddress.php'; |
| 77 | 77 | $wgAutoloadClasses['OpenStackNovaSecurityGroup'] = $dir . 'OpenStackNovaSecurityGroup.php'; |
| 78 | 78 | $wgAutoloadClasses['OpenStackNovaSecurityGroupRule'] = $dir . 'OpenStackNovaSecurityGroupRule.php'; |
| | 79 | +$wgAutoloadClasses['OpenStackNovaRole'] = $dir . 'OpenStackNovaRole.php'; |
| 79 | 80 | $wgAutoloadClasses['SpecialNovaInstance'] = $dir . 'special/SpecialNovaInstance.php'; |
| 80 | 81 | $wgAutoloadClasses['SpecialNovaKey'] = $dir . 'special/SpecialNovaKey.php'; |
| 81 | 82 | $wgAutoloadClasses['SpecialNovaProject'] = $dir . 'special/SpecialNovaProject.php'; |