# Copyright 2009-2015 Eucalyptus Systems, Inc.
#
# Redistribution and use of this software in source and binary forms,
# with or without modification, are permitted provided that the following
# conditions are met:
#
# Redistributions of source code must retain the above copyright notice,
# this list of conditions and the following disclaimer.
#
# Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
import sys
from requestbuilder import Arg, MutuallyExclusiveArgList
from euca2ools.commands.iam import IAMRequest, AS_ACCOUNT, arg_user
from euca2ools.commands.iam.addusertogroup import AddUserToGroup
from euca2ools.commands.iam.createaccesskey import CreateAccessKey
from euca2ools.commands.iam.getgroup import GetGroup
class CreateUser(IAMRequest):
DESCRIPTION = 'Create a new user'
ARGS = [arg_user(help='name of the new user (required)'),
Arg('-p', '--path', dest='Path',
help='path for the new user (default: "/")'),
Arg('-g', '--group-name', route_to=None,
help='also add the new user to a group'),
Arg('--verify', action='store_true', route_to=None,
help='''ensure the group given with -g exists before doing
anything'''),
Arg('-k', '--create-accesskey', action='store_true', route_to=None,
help='also create an access key for the new user and show it'),
MutuallyExclusiveArgList(
Arg('-v', '--verbose', action='store_true', route_to=None,
help="show the new user's ARN and GUID"),
Arg('-w', '--write-config', action='store_true', route_to=None,
help='''output access keys and region information in the
form of a euca2ools.ini(5) configuration file instead of
by themselves (implies -k)''')),
Arg('-d', '--domain', route_to=None, help='''the DNS domain to
use for region information in configuration file output
(default: based on IAM URL)'''),
Arg('-l', '--set-default-user', action='store_true', route_to=None,
help='''set this user as the default user for the region
in euca2ools.ini(5) configuration file output. This
option is only useful when used with -w.'''),
AS_ACCOUNT]
def preprocess(self):
if self.args.get('verify') and self.args.get('group_name'):
obj = GetGroup.from_other(
self, GroupName=self.args['group_name'],
DelegateAccount=self.params['DelegateAccount'])
# This will blow up if the group does not exist.
obj.main()
def postprocess(self, result):
if self.args.get('group_name'):
obj = AddUserToGroup.from_other(
self, UserName=self.args['UserName'],
GroupName=self.args['group_name'],
DelegateAccount=self.params['DelegateAccount'])
obj.main()
if self.args.get('create_accesskey') or self.args.get('write_config'):
obj = CreateAccessKey.from_other(
self, UserName=self.args['UserName'],
DelegateAccount=self.params['DelegateAccount'],
write_config=self.args.get('write_config'),
domain=self.args.get('domain'),
set_default_user=self.args.get('set_default_user'))
key_result = obj.main()
result.update(key_result)
def print_result(self, result):
if self.args.get('write_config'):
result['configfile'].write(sys.stdout)
else:
if self.args['verbose']:
print result['User']['Arn']
print result['User']['UserId']
if 'AccessKey' in result:
print result['AccessKey']['AccessKeyId']
print result['AccessKey']['SecretAccessKey']