summaryrefslogtreecommitdiffstats
path: root/gluster/swift/common/middleware/gswauth/bin/gswauth-delete-account
blob: 204bb9532fa383b24df71a8025ee39ec6d5848e5 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#!/usr/bin/env python
# Copyright (c) 2010-2011 OpenStack, LLC.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.

import gettext
import socket

from optparse import OptionParser
from sys import argv, exit

from swift.common.bufferedhttp import http_connect_raw as http_connect
from swift.common.utils import urlparse


if __name__ == '__main__':
    gettext.install('gswauth', unicode=1)
    parser = OptionParser(usage='Usage: %prog [options] <account>')
    parser.add_option('-A', '--admin-url', dest='admin_url',
        default='http://127.0.0.1:8080/auth/', help='The URL to the auth '
        'subsystem (default: http://127.0.0.1:8080/auth/')
    parser.add_option('-U', '--admin-user', dest='admin_user',
        default='.super_admin', 
        help='The user with admin rights to delete accounts '
        '(default: .super_admin).')
    parser.add_option('-K', '--admin-key', dest='admin_key',
        help='The key for the user with admin rights to delete accounts '
        'is required.')
    args = argv[1:]
    if not args:
        args.append('-h')
    (options, args) = parser.parse_args(args)
    if len(args) != 1:
        parser.parse_args(['-h'])
    if options.admin_key is None:
        parser.parse_args(['-h'])
    account = args[0]
    parsed = urlparse(options.admin_url)
    if parsed.scheme not in ('http', 'https'):
        raise Exception('Cannot handle protocol scheme %s for url %s' %
                        (parsed.scheme, repr(options.admin_url)))
    parsed_path = parsed.path
    if not parsed_path:
        parsed_path = '/'
    elif parsed_path[-1] != '/':
        parsed_path += '/'
    path = '%sv2/%s' % (parsed_path, account)
    headers = {'X-Auth-Admin-User': options.admin_user,
               'X-Auth-Admin-Key': options.admin_key}
    try:
        conn = http_connect(parsed.hostname, parsed.port, 'DELETE', path, headers,
                            ssl=(parsed.scheme == 'https'))
        resp = conn.getresponse()
    except socket.gaierror, err:
        exit('Account deletion failed: %s. ' \
             'Check that the admin_url is valid' % err)
    except socket.error, (errno, msg):
        exit('Account deletion failed: %s. ' \
             'Check that the admin_url is valid' % msg)

    if resp.status // 100 != 2:
        if resp.status == 401:
            exit('Delete account failed: %s %s: Invalid user/key provided' %
                (resp.status, resp.reason))
        elif resp.status == 403:
            exit('Delete account failed: %s %s: Insufficient privileges' %
                (resp.status, resp.reason))
        elif resp.status == 404:
            exit('Delete account failed: %s %s: Account %s does not exist' %
                (resp.status, resp.reason, account))
        elif resp.status == 409:
            exit('Delete account failed: %s %s: Account %s contains active users. '
                 'Delete all users first.' % (resp.status, resp.reason, account))
        else:
            exit('Delete account failed: %s %s' % (resp.status, resp.reason))