From 9f2b8f6a05f4db1167ae9536d4e96441aea3643d Mon Sep 17 00:00:00 2001 From: ImMin5 Date: Wed, 3 Apr 2024 12:08:22 +0900 Subject: [PATCH] fix: fix provider plugin update api (#199) Signed-off-by: ImMin5 --- .../identity/service/provider_service.py | 14 +++--- .../service/service_account_service.py | 50 +++++++++++-------- 2 files changed, 35 insertions(+), 29 deletions(-) diff --git a/src/spaceone/identity/service/provider_service.py b/src/spaceone/identity/service/provider_service.py index 6e39ba6d..dfffe446 100644 --- a/src/spaceone/identity/service/provider_service.py +++ b/src/spaceone/identity/service/provider_service.py @@ -93,7 +93,7 @@ def update(self, params: ProviderUpdateRequest) -> Union[ProviderResponse, dict] ) @convert_model def update_plugin( - self, params: ProviderUpdatePluginRequest + self, params: ProviderUpdatePluginRequest ) -> Union[ProviderResponse, dict]: """update provider plugin info Args: @@ -118,7 +118,7 @@ def update_plugin( self.check_update_provider_plugin_info(provider.options) - plugin_info = provider.plugin_info.to_dict() + plugin_info = provider.plugin_info if version: plugin_info["version"] = version @@ -199,7 +199,7 @@ def get(self, params: ProviderGetRequest) -> Union[ProviderResponse, dict]: @append_keyword_filter(["provider", "name"]) @convert_model def list( - self, params: ProviderSearchQueryRequest + self, params: ProviderSearchQueryRequest ) -> Union[ProvidersResponse, dict]: """list providers @@ -258,8 +258,8 @@ def _init_plugin(self, endpoint: str, options: dict, domain_id: str) -> dict: @staticmethod def _check_sync_option_with_plugin_info( - provider_options: Union[dict, None], - plugin_info: Union[Plugin, dict, None], + provider_options: Union[dict, None], + plugin_info: Union[Plugin, dict, None], ) -> None: if provider_options: if provider_options.get("support_auto_sync"): @@ -276,8 +276,8 @@ def _check_sync_option_with_plugin_info( if plugin_info: if not ( - provider_options.get("support_trusted_account") - or not provider_options.get("support_auto_sync") + provider_options.get("support_trusted_account") + or not provider_options.get("support_auto_sync") ): raise ERROR_INVALID_PARAMETER( key="options", diff --git a/src/spaceone/identity/service/service_account_service.py b/src/spaceone/identity/service/service_account_service.py index dfb3c89c..e944d325 100644 --- a/src/spaceone/identity/service/service_account_service.py +++ b/src/spaceone/identity/service/service_account_service.py @@ -42,7 +42,7 @@ def __init__(self, *args, **kwargs): ) @convert_model def create( - self, params: ServiceAccountCreateRequest + self, params: ServiceAccountCreateRequest ) -> Union[ServiceAccountResponse, dict]: """create service account @@ -111,7 +111,7 @@ def create( ) # Create a secret - secret_mgr = SecretManager() + secret_mgr = self.locator.get_manager("SecretManager") create_secret_params = { "name": f"{service_account_vo.service_account_id}-secret", "data": params.secret_data, @@ -125,7 +125,8 @@ def create( "trusted_secret_id" ] = trusted_account_vo.trusted_secret_id - secret_info = secret_mgr.create_secret(create_secret_params) + domain_id = params.domain_id + secret_info = secret_mgr.create_secret(create_secret_params, domain_id) # Update secret_id in service_account_vo service_account_vo = self.service_account_mgr.update_service_account_by_vo( @@ -140,7 +141,7 @@ def create( ) @convert_model def create_app( - self, params: ServiceAccountCreateAppRequest + self, params: ServiceAccountCreateAppRequest ) -> Union[AppResponse, dict]: """create app created by service account @@ -168,8 +169,11 @@ def create_app( ) if service_account_vo.app_id: - raise ERROR_EXIST_RESOURCE(key='app_id', value=service_account_vo.app_id, - message="Please delete the existing app first.") + raise ERROR_EXIST_RESOURCE( + key="app_id", + value=service_account_vo.app_id, + message="Please delete the existing app first.", + ) params_data = { "name": f"{service_account_vo.name} agent app", @@ -180,7 +184,7 @@ def create_app( "resource_group": resource_group, "service_account_id": service_account_id, "is_managed": True, - "expired_at": self._get_expired_at() + "expired_at": self._get_expired_at(), } app_vo = self.app_mgr.create_app(params_data) @@ -203,7 +207,7 @@ def create_app( ) @convert_model def update( - self, params: ServiceAccountUpdateRequest + self, params: ServiceAccountUpdateRequest ) -> Union[ServiceAccountResponse, dict]: """update service account @@ -251,11 +255,11 @@ def update( @transaction( permission="identity:ServiceAccount.write", - role_types=["WORKSPACE_OWNER", "WORKSPACE_MEMBER"], + role_types=["DOMAIN_ADMIN", "WORKSPACE_OWNER", "WORKSPACE_MEMBER"], ) @convert_model def update_secret_data( - self, params: ServiceAccountUpdateSecretRequest + self, params: ServiceAccountUpdateSecretRequest ) -> Union[ServiceAccountResponse, dict]: """update service account secret data @@ -343,7 +347,7 @@ def update_secret_data( ) @convert_model def delete_secret_data( - self, params: ServiceAccountDeleteSecretRequest + self, params: ServiceAccountDeleteSecretRequest ) -> ServiceAccountResponse: """delete service account secret data @@ -407,7 +411,9 @@ def delete(self, params: ServiceAccountDeleteRequest) -> None: self.resource_mgr.check_is_managed_resource(service_account_vo) if service_account_vo.app_id: - raise ERROR_SERVICE_ACCOUNT_CANNOT_BE_DELETED_WITH_EXISTING_APP(key='service_account_id') + raise ERROR_SERVICE_ACCOUNT_CANNOT_BE_DELETED_WITH_EXISTING_APP( + key="service_account_id" + ) secret_mgr = SecretManager() secret_mgr.delete_related_secrets(service_account_vo.service_account_id) @@ -420,7 +426,7 @@ def delete(self, params: ServiceAccountDeleteRequest) -> None: ) @convert_model def enable_app( - self, params: ServiceAccountEnableAppRequest + self, params: ServiceAccountEnableAppRequest ) -> Union[AppResponse, dict]: """enable app created by service account @@ -461,7 +467,7 @@ def enable_app( ) @convert_model def disable_app( - self, params: ServiceAccountDisableAppRequest + self, params: ServiceAccountDisableAppRequest ) -> Union[AppResponse, dict]: """disable app created by service account @@ -502,7 +508,7 @@ def disable_app( ) @convert_model def regenerate_app( - self, params: ServiceAccountRegenerateAppRequest + self, params: ServiceAccountRegenerateAppRequest ) -> Union[AppResponse, dict]: """regenerate app created by service account @@ -582,7 +588,9 @@ def delete_app(self, params: ServiceAccountDeleteAppRequest) -> None: service_account_id, ) self.app_mgr.delete_app_by_vo(app_vo) - self.service_account_mgr.update_service_account_by_vo({"app_id": None}, service_account_vo) + self.service_account_mgr.update_service_account_by_vo( + {"app_id": None}, service_account_vo + ) @transaction( permission="identity:ServiceAccount.read", @@ -590,7 +598,7 @@ def delete_app(self, params: ServiceAccountDeleteAppRequest) -> None: ) @convert_model def get( - self, params: ServiceAccountGetRequest + self, params: ServiceAccountGetRequest ) -> Union[ServiceAccountResponse, dict]: """get service account @@ -636,7 +644,7 @@ def get( @set_query_page_limit(1000) @convert_model def list( - self, params: ServiceAccountSearchQueryRequest + self, params: ServiceAccountSearchQueryRequest ) -> Union[ServiceAccountsResponse, dict]: """list service accounts @@ -702,7 +710,7 @@ def stat(self, params: ServiceAccountStatQueryRequest) -> dict: return self.service_account_mgr.stat_service_accounts(query) def _create_service_account_app_client_secret( - self, app_vo: App, service_account_id: str + self, app_vo: App, service_account_id: str ) -> Tuple[str, str]: """create client_id, client_secret for app created by service account @@ -733,6 +741,4 @@ def _create_service_account_app_client_secret( @staticmethod def _get_expired_at() -> str: - return (datetime.utcnow() + timedelta(days=365)).strftime( - "%Y-%m-%d %H:%M:%S" - ) + return (datetime.utcnow() + timedelta(days=365)).strftime("%Y-%m-%d %H:%M:%S")