Skip to content

Commit

Permalink
Create default organization when registering users via SCIM
Browse files Browse the repository at this point in the history
  • Loading branch information
@federicofdez
federicofdez committed Jul 20, 2016
1 parent b78fed7 commit 9180551
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 2 deletions.
28 changes: 27 additions & 1 deletion keystone/contrib/keystone_scim/controllers.py
View file
Expand Up @@ -132,7 +132,7 @@ def scim_get_service_provider_configs(self, context):
def scim_get_schemas(self, context):
return schemas.SCHEMAS


@dependency.requires('assignment_api', 'registration_api')
class ScimUserV3Controller(UserV3):

collection_name = 'users'
Expand Down Expand Up @@ -164,6 +164,32 @@ def create_user(self, context, **kwargs):
scim = self._denormalize(kwargs, context['path'])
user = conv.user_scim2key(scim, path=context['path'])
ref = super(ScimUserV3Controller, self).create_user(context, user=user)

if ref.get('user', None):
user_id = ref.get('user', None)['id']
# create user's associated project
project = {
'name':user_id,
'domain_id':ref.get('user', None)['domain_id'],
'enabled': True,
'is_default': True,
}
project_ref = self._assign_unique_id(self._normalize_dict(project))
project_ref = self._normalize_domain_id(context, project_ref)
project_ref = self.assignment_api.create_project(
project_ref['id'], project_ref)

# assign default role to new user in their associated project
default_role = self.registration_api.get_default_role()
self.assignment_api.create_grant(default_role['id'],
user_id=user_id,
project_id=project_ref['id'])

# store default_project_id and username
user['default_project_id'] = project_ref['id']
user['username'] = user_id
ref = super(ScimUserV3Controller, self).update_user(context, user_id=user_id, user=user)

return conv.user_key2scim(ref.get('user', None), path=context['path'])

def patch_user(self, context, user_id, **kwargs):
Expand Down
4 changes: 3 additions & 1 deletion keystone/contrib/keystone_scim/converter.py
View file
Expand Up @@ -54,7 +54,8 @@ def user_key2scim(ref, path, schema=True):
'active': ref.get('enabled', None),
'emails': [{'value': ref['email']}] if 'email' in ref else None,
get_schema(_EXT_SCHEMA, path): {
'domain_id': ref.get('domain_id', None)
'domain_id': ref.get('domain_id', None),
'default_project_id': ref.get('default_project_id', None)
}
}
return ref
Expand All @@ -80,6 +81,7 @@ def user_scim2key(scim, path):
'id': scim.get('id', None),
'enabled': scim.get('active', None),
'name': scim.get('userName', None),
'username': scim.get('id', None),
'description': scim.get('displayName', None),
'password': scim.get('password', None)
}
Expand Down

0 comments on commit 9180551

Please sign in to comment.