try again, with puppetforge modules, correctly included now

[dsa-puppet.git] / 3rdparty / modules / keystone / lib / puppet / type / keystone_user_role.rb

diff --git a/3rdparty/modules/keystone/lib/puppet/type/keystone_user_role.rb b/3rdparty/modules/keystone/lib/puppet/type/keystone_user_role.rb
new file mode 100644 (file)
index 0000000..9ac24e3
--- /dev/null
+++ b/3rdparty/modules/keystone/lib/puppet/type/keystone_user_role.rb
@@ -0,0 +1,51 @@
+# LP#1408531
+File.expand_path('../..', File.dirname(__FILE__)).tap { |dir| $LOAD_PATH.unshift(dir) unless $LOAD_PATH.include?(dir) }
+require 'puppet/util/openstack'
+Puppet::Type.newtype(:keystone_user_role) do
+
+  desc <<-EOT
+    This is currently used to model the creation of
+    keystone users roles.
+
+    User roles are an assignment of a role to a user on
+    a certain tenant. The combination of all of these
+    attributes is unique.
+  EOT
+
+  ensurable
+
+  newparam(:name, :namevar => true) do
+    newvalues(/^\S+@\S+$/)
+  end
+
+  newproperty(:roles,  :array_matching => :all) do
+    def insync?(is)
+      return false unless is.is_a? Array
+      # order of roles does not matter
+      is.sort == self.should.sort
+    end
+  end
+
+  autorequire(:keystone_user) do
+    self[:name].rpartition('@').first
+  end
+
+  autorequire(:keystone_tenant) do
+    self[:name].rpartition('@').last
+  end
+
+  autorequire(:keystone_role) do
+    self[:roles]
+  end
+
+  # we should not do anything until the keystone service is started
+  autorequire(:service) do
+    ['keystone']
+  end
+
+  auth_param_doc=<<EOT
+If no other credentials are present, the provider will search in
+/etc/keystone/keystone.conf for an admin token and auth url.
+EOT
+  Puppet::Util::Openstack.add_openstack_type_methods(self, auth_param_doc)
+end