remove keystone-moon

Change-Id: I80d7c9b669f19d5f6607e162de8e0e55c2f80fdd Signed-off-by: RHE <rebirthmonkey@gmail.com>
author: RHE <rebirthmonkey@gmail.com> 2017-11-24 13:54:26 +0100
committer: RHE <rebirthmonkey@gmail.com> 2017-11-24 13:54:26 +0100
commit: 920a49cfa055733d575282973e23558c33087a4a (patch)
tree: d371dab34efa5028600dad2e7ca58063626e7ba4 /keystone-moon/keystone/policy
parent: ef3eefca70d8abb4a00dafb9419ad32738e934b2 (diff)
8 files changed, 0 insertions, 436 deletions
diff --git a/keystone-moon/keystone/policy/__init__.py b/keystone-moon/keystone/policy/__init__.py
deleted file mode 100644
index a95aac1f..00000000
--- a/keystone-moon/keystone/policy/__init__.py
+++ /dev/null
@@ -1,16 +0,0 @@
-# Copyright 2012 OpenStack Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from keystone.policy import controllers  # noqa
-from keystone.policy.core import *  # noqa
diff --git a/keystone-moon/keystone/policy/backends/__init__.py b/keystone-moon/keystone/policy/backends/__init__.py
deleted file mode 100644
index e69de29b..00000000
--- a/keystone-moon/keystone/policy/backends/__init__.py
+++ /dev/null
diff --git a/keystone-moon/keystone/policy/backends/rules.py b/keystone-moon/keystone/policy/backends/rules.py
deleted file mode 100644
index 5a13287d..00000000
--- a/keystone-moon/keystone/policy/backends/rules.py
+++ /dev/null
@@ -1,92 +0,0 @@
-# Copyright (c) 2011 OpenStack, LLC.
-# All Rights Reserved.
-#
-#    Licensed under the Apache License, Version 2.0 (the "License"); you may
-#    not use this file except in compliance with the License. You may obtain
-#    a copy of the License at
-#
-#         http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-#    License for the specific language governing permissions and limitations
-#    under the License.
-
-"""Policy engine for keystone"""
-
-from oslo_config import cfg
-from oslo_log import log
-from oslo_policy import policy as common_policy
-
-from keystone import exception
-from keystone import policy
-
-
-CONF = cfg.CONF
-LOG = log.getLogger(__name__)
-
-
-_ENFORCER = None
-
-
-def reset():
-    global _ENFORCER
-    _ENFORCER = None
-
-
-def init():
-    global _ENFORCER
-    if not _ENFORCER:
-        _ENFORCER = common_policy.Enforcer(CONF)
-
-
-def enforce(credentials, action, target, do_raise=True):
-    """Verifies that the action is valid on the target in this context.
-
-    :param credentials: user credentials
-    :param action: string representing the action to be checked, which should
-                   be colon separated for clarity.
-    :param target: dictionary representing the object of the action for object
-                   creation this should be a dictionary representing the
-                   location of the object e.g. {'project_id':
-                   object.project_id}
-    :raises keystone.exception.Forbidden: If verification fails.
-
-    Actions should be colon separated for clarity. For example:
-
-    * identity:list_users
-
-    """
-    init()
-
-    # Add the exception arguments if asked to do a raise
-    extra = {}
-    if do_raise:
-        extra.update(exc=exception.ForbiddenAction, action=action,
-                     do_raise=do_raise)
-
-    return _ENFORCER.enforce(action, target, credentials, **extra)
-
-
-class Policy(policy.PolicyDriverV8):
-    def enforce(self, credentials, action, target):
-        LOG.debug('enforce %(action)s: %(credentials)s', {
-            'action': action,
-            'credentials': credentials})
-        enforce(credentials, action, target)
-
-    def create_policy(self, policy_id, policy):
-        raise exception.NotImplemented()
-
-    def list_policies(self):
-        raise exception.NotImplemented()
-
-    def get_policy(self, policy_id):
-        raise exception.NotImplemented()
-
-    def update_policy(self, policy_id, policy):
-        raise exception.NotImplemented()
-
-    def delete_policy(self, policy_id):
-        raise exception.NotImplemented()
diff --git a/keystone-moon/keystone/policy/backends/sql.py b/keystone-moon/keystone/policy/backends/sql.py
deleted file mode 100644
index 94763f0d..00000000
--- a/keystone-moon/keystone/policy/backends/sql.py
+++ /dev/null
@@ -1,71 +0,0 @@
-# Copyright 2012 OpenStack LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from keystone.common import sql
-from keystone import exception
-from keystone.policy.backends import rules
-
-
-class PolicyModel(sql.ModelBase, sql.DictBase):
-    __tablename__ = 'policy'
-    attributes = ['id', 'blob', 'type']
-    id = sql.Column(sql.String(64), primary_key=True)
-    blob = sql.Column(sql.JsonBlob(), nullable=False)
-    type = sql.Column(sql.String(255), nullable=False)
-    extra = sql.Column(sql.JsonBlob())
-
-
-class Policy(rules.Policy):
-
-    @sql.handle_conflicts(conflict_type='policy')
-    def create_policy(self, policy_id, policy):
-        with sql.session_for_write() as session:
-            ref = PolicyModel.from_dict(policy)
-            session.add(ref)
-
-            return ref.to_dict()
-
-    def list_policies(self):
-        with sql.session_for_read() as session:
-            refs = session.query(PolicyModel).all()
-            return [ref.to_dict() for ref in refs]
-
-    def _get_policy(self, session, policy_id):
-        """Private method to get a policy model object (NOT a dictionary)."""
-        ref = session.query(PolicyModel).get(policy_id)
-        if not ref:
-            raise exception.PolicyNotFound(policy_id=policy_id)
-        return ref
-
-    def get_policy(self, policy_id):
-        with sql.session_for_read() as session:
-            return self._get_policy(session, policy_id).to_dict()
-
-    @sql.handle_conflicts(conflict_type='policy')
-    def update_policy(self, policy_id, policy):
-        with sql.session_for_write() as session:
-            ref = self._get_policy(session, policy_id)
-            old_dict = ref.to_dict()
-            old_dict.update(policy)
-            new_policy = PolicyModel.from_dict(old_dict)
-            ref.blob = new_policy.blob
-            ref.type = new_policy.type
-            ref.extra = new_policy.extra
-
-        return ref.to_dict()
-
-    def delete_policy(self, policy_id):
-        with sql.session_for_write() as session:
-            ref = self._get_policy(session, policy_id)
-            session.delete(ref)
diff --git a/keystone-moon/keystone/policy/controllers.py b/keystone-moon/keystone/policy/controllers.py
deleted file mode 100644
index e6eb9bca..00000000
--- a/keystone-moon/keystone/policy/controllers.py
+++ /dev/null
@@ -1,56 +0,0 @@
-# Copyright 2012 OpenStack Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from keystone.common import controller
-from keystone.common import dependency
-from keystone.common import validation
-from keystone import notifications
-from keystone.policy import schema
-
-
-@dependency.requires('policy_api')
-class PolicyV3(controller.V3Controller):
-    collection_name = 'policies'
-    member_name = 'policy'
-
-    @controller.protected()
-    @validation.validated(schema.policy_create, 'policy')
-    def create_policy(self, context, policy):
-        ref = self._assign_unique_id(self._normalize_dict(policy))
-        initiator = notifications._get_request_audit_info(context)
-        ref = self.policy_api.create_policy(ref['id'], ref, initiator)
-        return PolicyV3.wrap_member(context, ref)
-
-    @controller.filterprotected('type')
-    def list_policies(self, context, filters):
-        hints = PolicyV3.build_driver_hints(context, filters)
-        refs = self.policy_api.list_policies(hints=hints)
-        return PolicyV3.wrap_collection(context, refs, hints=hints)
-
-    @controller.protected()
-    def get_policy(self, context, policy_id):
-        ref = self.policy_api.get_policy(policy_id)
-        return PolicyV3.wrap_member(context, ref)
-
-    @controller.protected()
-    @validation.validated(schema.policy_update, 'policy')
-    def update_policy(self, context, policy_id, policy):
-        initiator = notifications._get_request_audit_info(context)
-        ref = self.policy_api.update_policy(policy_id, policy, initiator)
-        return PolicyV3.wrap_member(context, ref)
-
-    @controller.protected()
-    def delete_policy(self, context, policy_id):
-        initiator = notifications._get_request_audit_info(context)
-        return self.policy_api.delete_policy(policy_id, initiator)
diff --git a/keystone-moon/keystone/policy/core.py b/keystone-moon/keystone/policy/core.py
deleted file mode 100644
index f52795a5..00000000
--- a/keystone-moon/keystone/policy/core.py
+++ /dev/null
@@ -1,141 +0,0 @@
-# Copyright 2012 OpenStack Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-"""Main entry point into the Policy service."""
-
-import abc
-
-from oslo_config import cfg
-import six
-
-from keystone.common import dependency
-from keystone.common import manager
-from keystone import exception
-from keystone import notifications
-
-
-CONF = cfg.CONF
-
-
-@dependency.provider('policy_api')
-class Manager(manager.Manager):
-    """Default pivot point for the Policy backend.
-
-    See :mod:`keystone.common.manager.Manager` for more details on how this
-    dynamically calls the backend.
-
-    """
-
-    driver_namespace = 'keystone.policy'
-
-    _POLICY = 'policy'
-
-    def __init__(self):
-        super(Manager, self).__init__(CONF.policy.driver)
-
-    def create_policy(self, policy_id, policy, initiator=None):
-        ref = self.driver.create_policy(policy_id, policy)
-        notifications.Audit.created(self._POLICY, policy_id, initiator)
-        return ref
-
-    def get_policy(self, policy_id):
-        try:
-            return self.driver.get_policy(policy_id)
-        except exception.NotFound:
-            raise exception.PolicyNotFound(policy_id=policy_id)
-
-    def update_policy(self, policy_id, policy, initiator=None):
-        if 'id' in policy and policy_id != policy['id']:
-            raise exception.ValidationError('Cannot change policy ID')
-        try:
-            ref = self.driver.update_policy(policy_id, policy)
-        except exception.NotFound:
-            raise exception.PolicyNotFound(policy_id=policy_id)
-        notifications.Audit.updated(self._POLICY, policy_id, initiator)
-        return ref
-
-    @manager.response_truncated
-    def list_policies(self, hints=None):
-        # NOTE(henry-nash): Since the advantage of filtering or list limiting
-        # of policies at the driver level is minimal, we leave this to the
-        # caller.
-        return self.driver.list_policies()
-
-    def delete_policy(self, policy_id, initiator=None):
-        try:
-            ret = self.driver.delete_policy(policy_id)
-        except exception.NotFound:
-            raise exception.PolicyNotFound(policy_id=policy_id)
-        notifications.Audit.deleted(self._POLICY, policy_id, initiator)
-        return ret
-
-
-@six.add_metaclass(abc.ABCMeta)
-class PolicyDriverV8(object):
-
-    def _get_list_limit(self):
-        return CONF.policy.list_limit or CONF.list_limit
-
-    @abc.abstractmethod
-    def enforce(self, context, credentials, action, target):
-        """Verify that a user is authorized to perform action.
-
-        For more information on a full implementation of this see:
-        `keystone.policy.backends.rules.Policy.enforce`
-        """
-        raise exception.NotImplemented()  # pragma: no cover
-
-    @abc.abstractmethod
-    def create_policy(self, policy_id, policy):
-        """Store a policy blob.
-
-        :raises keystone.exception.Conflict: If a duplicate policy exists.
-
-        """
-        raise exception.NotImplemented()  # pragma: no cover
-
-    @abc.abstractmethod
-    def list_policies(self):
-        """List all policies."""
-        raise exception.NotImplemented()  # pragma: no cover
-
-    @abc.abstractmethod
-    def get_policy(self, policy_id):
-        """Retrieve a specific policy blob.
-
-        :raises keystone.exception.PolicyNotFound: If the policy doesn't exist.
-
-        """
-        raise exception.NotImplemented()  # pragma: no cover
-
-    @abc.abstractmethod
-    def update_policy(self, policy_id, policy):
-        """Update a policy blob.
-
-        :raises keystone.exception.PolicyNotFound: If the policy doesn't exist.
-
-        """
-        raise exception.NotImplemented()  # pragma: no cover
-
-    @abc.abstractmethod
-    def delete_policy(self, policy_id):
-        """Remove a policy blob.
-
-        :raises keystone.exception.PolicyNotFound: If the policy doesn't exist.
-
-        """
-        raise exception.NotImplemented()  # pragma: no cover
-
-
-Driver = manager.create_legacy_driver(PolicyDriverV8)
diff --git a/keystone-moon/keystone/policy/routers.py b/keystone-moon/keystone/policy/routers.py
deleted file mode 100644
index 5daadc81..00000000
--- a/keystone-moon/keystone/policy/routers.py
+++ /dev/null
@@ -1,24 +0,0 @@
-# Copyright 2012 OpenStack Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-from keystone.common import router
-from keystone.common import wsgi
-from keystone.policy import controllers
-
-
-class Routers(wsgi.RoutersBase):
-
-    def append_v3_routers(self, mapper, routers):
-        policy_controller = controllers.PolicyV3()
-        routers.append(router.Router(policy_controller, 'policies', 'policy',
-                                     resource_descriptions=self.v3_resources))
diff --git a/keystone-moon/keystone/policy/schema.py b/keystone-moon/keystone/policy/schema.py
deleted file mode 100644
index 512c4ce7..00000000
--- a/keystone-moon/keystone/policy/schema.py
+++ /dev/null
@@ -1,36 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-
-_policy_properties = {
-    'blob': {
-        'type': 'string'
-    },
-    'type': {
-        'type': 'string',
-        'maxLength': 255
-    }
-}
-
-policy_create = {
-    'type': 'object',
-    'properties': _policy_properties,
-    'required': ['blob', 'type'],
-    'additionalProperties': True
-}
-
-policy_update = {
-    'type': 'object',
-    'properties': _policy_properties,
-    'minProperties': 1,
-    'additionalProperties': True
-}
author	RHE <rebirthmonkey@gmail.com>	2017-11-24 13:54:26 +0100
committer	RHE <rebirthmonkey@gmail.com>	2017-11-24 13:54:26 +0100
commit	920a49cfa055733d575282973e23558c33087a4a (patch)
tree	d371dab34efa5028600dad2e7ca58063626e7ba4 /keystone-moon/keystone/policy
parent	ef3eefca70d8abb4a00dafb9419ad32738e934b2 (diff)