Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Migrate roles from metadata to user_project_metadata
migration 017 did not migrate existing roles from the metadata table that was created in 001. Adding a migration (20) that compares the roles in the metadata table (if any) and joins them to the new user_project_metadata role that matches the user and tenant from the old table. Also adding subsequent tests to check both of the issues above. bug 1131087 Change-Id: I00ea6043d949c9c358827e25f05c63515fe5dea8
- Loading branch information
Showing
2 changed files
with
236 additions
and
4 deletions.
There are no files selected for viewing
104 changes: 104 additions & 0 deletions
104
keystone/common/sql/migrate_repo/versions/020_migrate_metadata_table_roles.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,104 @@ | ||
import json | ||
import uuid | ||
|
||
import sqlalchemy as sql | ||
from sqlalchemy import orm | ||
|
||
from keystone import config | ||
from keystone import exception | ||
|
||
|
||
CONF = config.CONF | ||
|
||
|
||
def upgrade(migrate_engine): | ||
meta = sql.MetaData() | ||
meta.bind = migrate_engine | ||
|
||
user_table = sql.Table('user', meta, autoload=True) | ||
role_table = sql.Table('role', meta, autoload=True) | ||
project_table = sql.Table('project', meta, autoload=True) | ||
new_metadata_table = sql.Table('user_project_metadata', | ||
meta, | ||
autoload=True) | ||
|
||
conn = migrate_engine.connect() | ||
|
||
old_metadata_table = sql.Table('metadata', meta, autoload=True) | ||
session = sql.orm.sessionmaker(bind=migrate_engine)() | ||
|
||
for metadata in session.query(old_metadata_table): | ||
if not config.CONF.member_role_id in metadata.data: | ||
data = json.loads(metadata.data) | ||
data['roles'].append(config.CONF.member_role_id) | ||
else: | ||
data = metadata.data | ||
|
||
r = session.query(new_metadata_table).filter_by( | ||
user_id=metadata.user_id, | ||
project_id=metadata.tenant_id).first() | ||
|
||
if r is not None: | ||
# roles should be the union of the two role lists | ||
old_roles = data['roles'] | ||
new_roles = json.loads(r.data)['roles'] | ||
data['roles'] = list(set(old_roles) | set(new_roles)) | ||
q = new_metadata_table.update().where( | ||
new_metadata_table.c.user_id == metadata.user_id and | ||
new_metadata_table.c.project_id == metadata.tenant_id).values( | ||
data=json.dumps(data)) | ||
else: | ||
q = new_metadata_table.insert().values( | ||
user_id=metadata.user_id, | ||
project_id=metadata.tenant_id, | ||
data=json.dumps(data)) | ||
|
||
conn.execute(q) | ||
|
||
session.close() | ||
old_metadata_table.drop() | ||
|
||
|
||
def downgrade(migrate_engine): | ||
meta = sql.MetaData() | ||
meta.bind = migrate_engine | ||
|
||
user_table = sql.Table('user', meta, autoload=True) | ||
project_table = sql.Table('project', meta, autoload=True) | ||
|
||
metadata_table = sql.Table( | ||
'metadata', | ||
meta, | ||
sql.Column( | ||
'user_id', | ||
sql.String(64), | ||
sql.ForeignKey('user.id'), | ||
primary_key=True), | ||
sql.Column( | ||
'tenant_id', | ||
sql.String(64), | ||
primary_key=True), | ||
sql.Column('data', | ||
sql.Text())) | ||
metadata_table.create(migrate_engine, checkfirst=True) | ||
|
||
user_project_metadata_table = sql.Table( | ||
'user_project_metadata', | ||
meta, | ||
autoload=True) | ||
|
||
metadata_table = sql.Table( | ||
'metadata', | ||
meta, | ||
autoload=True) | ||
|
||
session = sql.orm.sessionmaker(bind=migrate_engine)() | ||
|
||
for metadata in session.query(user_project_metadata_table): | ||
if 'roles' in metadata: | ||
roles = json.loads(metadata.data) | ||
ins = (metadata_table.insert() | ||
.values(user_id=metadata.user_id, | ||
tenant_id=metadata.project_id)) | ||
|
||
session.close() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters