[Fiware-lab-federation-nodes] Instructions to upgrade Community users

[José Ignacio Carretero]

Hi Cristian,

That last curl (the one to get the token) is for keystone v2.0 --- That 
works with url: http://cloud.lab.fiware.org:4730/v2.0/tokens

but it is deprecated and sometime it will be removed, despite of getting 
an unusable token out of Scope. --- Why  not using openstack CLI tools?

1. Create a virtual environment for python:
virtualenv os
2. Install the Openstack tools (you'll need python 2.7 and python-dev 
installed in order to make this work):
     source os/bin/activate
     pip install python-openstackclient
3. Issue a token (not needed):
openstack token issue
4. Get user data:
     openstack user show ${user_name}

---

Anyway, if you insist in using "curl", I'd suggest having installed the 
jq command (which is a json parser, etc. --- Just a wonderful tool to 
work with json input).

Getting a Token for Keystone V3:
data="{ \"auth\": {
         \"identity\": {
             \"methods\": [ \"password\" ],
             \"password\": {
                 \"user\": {
                     \"name\": \"$OS_USERNAME\",
                     \"domain\": {\"id\":\"default\"},
                     \"password\": \"$OS_PASSWORD\"
                 }
             }
         }
     }
}"
curl -i http://cloud.lab.fiware.org:4730/v3/auth/tokens -H 
"Content-Type: application/json"-d  "$data" 2>/dev/null |awk 
'/^X-Subject-Token: / {print $2}'

Now, you can use the 2nd curl:
curl -H "X-Auth-Token: ${token}" -H "Accept: application/json" 
http://cloud.lab.fiware.org:4731/v3/users?name=${user_name}

Hope this helps.

Best regards,
José Ignacio

El 16/10/2017 a las 14:54, Cristian CMECIU escribió:
>
> Hi Álvaro,
>
> I didn’t succeeded to check if a user is created using:
>
> curl -H "X-Auth-Token: {admin_token}" 
> http://cloud.lab.fiware.org:4730/v3/users?name=“{user_email} 
> <http://cloud.lab.fiware.org:4730/v3/users?name=%E2%80%9C%7buser_email%7d>”
>
> Using v2.0 endpoint, I get the token but I get this error  when I 
> check the user:
>
> {"error": {"message": "The resource could not be found.", "code": 404, 
> "title": "Not Found"}}
>
> For v3 version I cannot get any token:
>
> # curl -d '{"auth":{"passwordCredentials":{"username": 
> "admin-lannion", "password": "admin_passwd"}}}' -H 'Content-type: 
> application/json' --url http://cloud.lab.fiware.org:4730/v3/tokens
>
> Is there another way to get the admin token?
>
> BR,
>
> *Cristian CMECIU*
>
> Fiware-Lab/ Lannion Region
>
> Images et Réseaux Support Engineer
>
> FIWARE_lab
>
> *De :*fiware-lab-federation-nodes-bounces at lists.fiware.org 
> [mailto:fiware-lab-federation-nodes-bounces at lists.fiware.org] *De la 
> part de* Álvaro Alonso
> *Envoyé :* mercredi 11 octobre 2017 16:12
> *À :* fiware-lab-federation-nodes at lists.fiware.org
> *Objet :* [Fiware-lab-federation-nodes] Instructions to upgrade 
> Community users
>
> Dear IOs,
>
> I include below detailed instructions regarding how to upgrade users 
> to community.
>
> Please, note that actions like searching a user or project are usually 
> done using Horizon filters. However, due to large number of entities 
> we currently have in our Keystone instance, rendering those amount of 
> users/projects in the interface is not feasible. For that reason we 
> have enabled a pagination to display some entities (projects and 
> users). Unfortunately, the filter just acts over the rendered entities 
> so it is not posible to use it to find users or projects globally.
>
> Instructions:
>
> 1. If the user is not created you have to create it.
> 2. If the user doesn’t have an associated project to create cloud 
> resources, you have to create it and to assign the user as a member of 
> the project.
>
> 3. Include in the metadata of the user (“description” field) the date 
> in which the user has been upgraded to Community (with the format 
> "community_started_at": "YYYY-MM-DD”).
>
> - You can check if the user is already created using this API request: 
> curl -H "X-Auth-Token: {admin_token}" 
> http://cloud.lab.fiware.org:4730/v3/users?name=“{user_email} 
> <http://cloud.lab.fiware.org:4730/v3/users?name=%E2%80%9C%7buser_email%7d>”
>
> - In the user creation wizard, you can directly create an associated 
> project to the user. Thus, the user is automatically associated as 
> member of that project.
>
> - Identity -> Users -> Create User
>
>
> 4. Assign the role “Community” in the domain “default” to the user.
>
> - Identiity -> Domains -> Manage Members (Default Domain) -> Search 
> the user in the left side bar -> Select the user (+ icon) -> Search 
> the user in the right side bar -> Select Community role
>
>
> 5.  If you want to assign different quotas than the default ones, 
> assign the desired quotas to the created project in your node
>
> - Projects -> Project details -> Modify quotas
>
> - To find the project details you can use the URL 
> https://cloud.lab.fiware.org/identity/{project_id 
> <https://cloud.lab.fiware.org/identity/%7bproject_id>}detail/ 
> <https://cloud.lab.fiware.org/identity/9de7c6071e834a07a869969e467d099d/detail/>
>
> - To find the project associated to a user you can check user details 
> in https://cloud.lab.fiware.org/identity/users/{user_id}/detail/ 
> <https://cloud.lab.fiware.org/identity/users/%7Buser_id%7D/detail/>
>
> - To check user id you can use the API curl -H "X-Auth-Token: 
> {admin_token}" 
> http://cloud.lab.fiware.org:4730/v3/users?name=“{user_email} 
> <http://cloud.lab.fiware.org:4730/v3/users?name=%E2%80%9C%7buser_email%7d>”
>
> 6. Assign the corresponding endpoint_group to the project associated 
> to the user
>
> - curl -H "X-Auth-Token: {admin-token}” -X PUT 
> http://cloud.lab.fiware.org:4730/v3//OS-EP-FILTER/endpoint_groups/{region_endpoint_group_id}/projects/{project_id} 
> <http://cloud.lab.fiware.org:4730/v3/OS-EP-FILTER/endpoint_groups/%7Bregion_endpoint_group%7D/projects/%7Bproject_id%7D>
>
> - IMPORTANT: if no endpoint group is assigned to a user, it has access 
> to every node. So please, this step is very important.
>
> - You can find your node’s endpoint group id in the attached document.
>
> 7. Notify the user of the account creation. Ask him/her to change the 
> password the first time accessing the portal.
>
> BR
>
> --
> Álvaro
>
>
>
> __________________________________________________________________________________________
>
> You can get more information about our cookies and privacy policies on the following links:
> - http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE_Privacy_Policy
> - http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Cookies_Policy_FIWARE
>
> Fiware-lab-federation-nodes mailing list
> Fiware-lab-federation-nodes at lists.fiware.org
> https://lists.fiware.org/listinfo/fiware-lab-federation-nodes
>

-- 
−−−
José Ignacio Carretero 	
	
FIWARE Cloud and Platform Expert
FIWARE Foundation 	
	FIWARE Foundation
Franklinstrasse 13A
10587 Berlin
email: joseignacio.carretero at fiware.org 
<mailto:joseignacio.carretero at fiware.org>
www: http://fiware.org
twitter: @jicarreterogu @FIWARE
skype: jicarretero 	
	


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171016/a1ff8852/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 6250 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171016/a1ff8852/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Foundation-31B.png
Type: image/png
Size: 251283 bytes
Desc: not available
URL: <https://lists.fiware.org/private/fiware-lab-federation-nodes/attachments/20171016/a1ff8852/attachment-0003.png>