diff options
author | asteroide <thomas.duval@orange.com> | 2015-12-02 09:49:33 +0100 |
---|---|---|
committer | asteroide <thomas.duval@orange.com> | 2015-12-02 10:25:15 +0100 |
commit | 7a5a0e4df646d46476ec7a9fcdedd638e8781f6e (patch) | |
tree | 54eecd1210e4fb5db2b14edeac1df601da7698e2 /keystone-moon | |
parent | 8d7b0ffa8e7a7bb09686d8f25176c364d5b6aa0e (diff) |
Update keystone to the branch stable/liberty.
Change-Id: I7cce62ae4b4cbca525a7b9499285455bdd04993e
Diffstat (limited to 'keystone-moon')
91 files changed, 1980 insertions, 951 deletions
diff --git a/keystone-moon/doc/source/configuration.rst b/keystone-moon/doc/source/configuration.rst index 96491660..574b26be 100644 --- a/keystone-moon/doc/source/configuration.rst +++ b/keystone-moon/doc/source/configuration.rst @@ -1637,9 +1637,9 @@ have been created. They are enabled by setting their respective flags to True. Then the attributes ``user_enabled_emulation_dn`` and ``project_enabled_emulation_dn`` may be set to specify how the enabled users and projects (tenants) are selected. These attributes work by using a -``groupOfNames`` and adding whichever users or projects (tenants) that you want -enabled to the respective group. For example, this will mark any user who is a -member of ``enabled_users`` as enabled: +``groupOfNames`` entry and adding whichever users or projects (tenants) that +you want enabled to the respective group with the ``member`` attribute. For +example, this will mark any user who is a member of ``enabled_users`` as enabled: .. code-block:: ini @@ -1651,6 +1651,12 @@ The default values for user and project (tenant) enabled emulation DN is ``cn=enabled_users,$user_tree_dn`` and ``cn=enabled_tenants,$project_tree_dn`` respectively. +If a different LDAP schema is used for group membership, it is possible to use +the ``group_objectclass`` and ``group_member_attribute`` attributes to +determine membership in the enabled emulation group by setting the +``user_enabled_emulation_use_group_config`` and +``project_enabled_emulation_use_group_config`` attributes to True. + Secure Connection ----------------- diff --git a/keystone-moon/etc/keystone.conf.sample b/keystone-moon/etc/keystone.conf.sample index 9c76fc0d..8e5ea13b 100644 --- a/keystone-moon/etc/keystone.conf.sample +++ b/keystone-moon/etc/keystone.conf.sample @@ -760,8 +760,8 @@ # A list of trusted dashboard hosts. Before accepting a Single Sign-On request # to return a token, the origin host must be a member of the trusted_dashboard # list. This configuration option may be repeated for multiple values. For -# example: trusted_dashboard=http://acme.com/auth/websso -# trusted_dashboard=http://beta.com/auth/websso (multi valued) +# example: trusted_dashboard=http://acme.com trusted_dashboard=http://beta.com +# (multi valued) #trusted_dashboard = # Location of Single Sign-On callback handler, will return a token to a trusted @@ -1019,6 +1019,10 @@ # (string value) #user_enabled_emulation_dn = <None> +# Use the "group_member_attribute" and "group_objectclass" settings to +# determine membership in the emulated enabled group. (boolean value) +#user_enabled_emulation_use_group_config = false + # List of additional LDAP attributes used for mapping additional attribute # mappings for users. Attribute mapping format is <ldap_attr>:<user_attr>, # where ldap_attr is the attribute in the LDAP entry and user_attr is the @@ -1118,6 +1122,10 @@ # Its value may be silently ignored in the future. #project_enabled_emulation_dn = <None> +# Use the "group_member_attribute" and "group_objectclass" settings to +# determine membership in the emulated enabled group. (boolean value) +#project_enabled_emulation_use_group_config = false + # Additional attribute mappings for projects. Attribute mapping format is # <ldap_attr>:<user_attr>, where ldap_attr is the attribute in the LDAP entry # and user_attr is the Identity API attribute. (list value) diff --git a/keystone-moon/keystone/assignment/controllers.py b/keystone-moon/keystone/assignment/controllers.py index d33dce70..bbaf9437 100644 --- a/keystone-moon/keystone/assignment/controllers.py +++ b/keystone-moon/keystone/assignment/controllers.py @@ -108,13 +108,15 @@ class Role(controller.V2Controller): role_id = uuid.uuid4().hex role['id'] = role_id - role_ref = self.role_api.create_role(role_id, role) + initiator = notifications._get_request_audit_info(context) + role_ref = self.role_api.create_role(role_id, role, initiator) return {'role': role_ref} @controller.v2_deprecated def delete_role(self, context, role_id): self.assert_admin(context) - self.role_api.delete_role(role_id) + initiator = notifications._get_request_audit_info(context) + self.role_api.delete_role(role_id, initiator) @controller.v2_deprecated def get_roles(self, context): diff --git a/keystone-moon/keystone/catalog/controllers.py b/keystone-moon/keystone/catalog/controllers.py index 92046e8a..e14b268a 100644 --- a/keystone-moon/keystone/catalog/controllers.py +++ b/keystone-moon/keystone/catalog/controllers.py @@ -47,7 +47,8 @@ class Service(controller.V2Controller): @controller.v2_deprecated def delete_service(self, context, service_id): self.assert_admin(context) - self.catalog_api.delete_service(service_id) + initiator = notifications._get_request_audit_info(context) + self.catalog_api.delete_service(service_id, initiator) @controller.v2_deprecated def create_service(self, context, OS_KSADM_service): @@ -55,8 +56,9 @@ class Service(controller.V2Controller): service_id = uuid.uuid4().hex service_ref = OS_KSADM_service.copy() service_ref['id'] = service_id + initiator = notifications._get_request_audit_info(context) new_service_ref = self.catalog_api.create_service( - service_id, service_ref) + service_id, service_ref, initiator) return {'OS-KSADM:service': new_service_ref} @@ -68,25 +70,59 @@ class Endpoint(controller.V2Controller): """Merge matching v3 endpoint refs into legacy refs.""" self.assert_admin(context) legacy_endpoints = {} + v3_endpoints = {} for endpoint in self.catalog_api.list_endpoints(): - if not endpoint.get('legacy_endpoint_id'): - # endpoints created in v3 should not appear on the v2 API + if not endpoint.get('legacy_endpoint_id'): # pure v3 endpoint + # tell endpoints apart by the combination of + # service_id and region_id. + # NOTE(muyu): in theory, it's possible that there are more than + # one endpoint of one service, one region and one interface, + # but in practice, it makes no sense because only one will be + # used. + key = (endpoint['service_id'], endpoint['region_id']) + v3_endpoints.setdefault(key, []).append(endpoint) + else: # legacy endpoint + if endpoint['legacy_endpoint_id'] not in legacy_endpoints: + legacy_ep = endpoint.copy() + legacy_ep['id'] = legacy_ep.pop('legacy_endpoint_id') + legacy_ep.pop('interface') + legacy_ep.pop('url') + legacy_ep['region'] = legacy_ep.pop('region_id') + + legacy_endpoints[endpoint['legacy_endpoint_id']] = ( + legacy_ep) + else: + legacy_ep = ( + legacy_endpoints[endpoint['legacy_endpoint_id']]) + + # add the legacy endpoint with an interface url + legacy_ep['%surl' % endpoint['interface']] = endpoint['url'] + + # convert collected v3 endpoints into v2 endpoints + for endpoints in v3_endpoints.values(): + legacy_ep = {} + # For v3 endpoints in the same group, contents of extra attributes + # can be different, which may cause confusion if a random one is + # used. So only necessary attributes are used here. + # It's different for legacy v2 endpoints, which are created + # with the same "extra" value when being migrated. + for key in ('service_id', 'enabled'): + legacy_ep[key] = endpoints[0][key] + legacy_ep['region'] = endpoints[0]['region_id'] + for endpoint in endpoints: + # Public URL is required for v2 endpoints, so the generated v2 + # endpoint uses public endpoint's id as its id, which can also + # be an indicator whether a public v3 endpoint is present. + # It's safe to do so is also because that there is no v2 API to + # get an endpoint by endpoint ID. + if endpoint['interface'] == 'public': + legacy_ep['id'] = endpoint['id'] + legacy_ep['%surl' % endpoint['interface']] = endpoint['url'] + + # this means there is no public URL of this group of v3 endpoints + if 'id' not in legacy_ep: continue - - # is this is a legacy endpoint we haven't indexed yet? - if endpoint['legacy_endpoint_id'] not in legacy_endpoints: - legacy_ep = endpoint.copy() - legacy_ep['id'] = legacy_ep.pop('legacy_endpoint_id') - legacy_ep.pop('interface') - legacy_ep.pop('url') - legacy_ep['region'] = legacy_ep.pop('region_id') - - legacy_endpoints[endpoint['legacy_endpoint_id']] = legacy_ep - else: - legacy_ep = legacy_endpoints[endpoint['legacy_endpoint_id']] - - # add the legacy endpoint with an interface url - legacy_ep['%surl' % endpoint['interface']] = endpoint['url'] + legacy_endpoints[legacy_ep['id']] = legacy_ep return {'endpoints': list(legacy_endpoints.values())} @controller.v2_deprecated @@ -148,11 +184,12 @@ class Endpoint(controller.V2Controller): def delete_endpoint(self, context, endpoint_id): """Delete up to three v3 endpoint refs based on a legacy ref ID.""" self.assert_admin(context) + initiator = notifications._get_request_audit_info(context) deleted_at_least_one = False for endpoint in self.catalog_api.list_endpoints(): if endpoint['legacy_endpoint_id'] == endpoint_id: - self.catalog_api.delete_endpoint(endpoint['id']) + self.catalog_api.delete_endpoint(endpoint['id'], initiator) deleted_at_least_one = True if not deleted_at_least_one: diff --git a/keystone-moon/keystone/common/config.py b/keystone-moon/keystone/common/config.py index fcf05abe..4ba740fe 100644 --- a/keystone-moon/keystone/common/config.py +++ b/keystone-moon/keystone/common/config.py @@ -668,6 +668,10 @@ FILE_OPTIONS = { cfg.StrOpt('user_enabled_emulation_dn', help='DN of the group entry to hold enabled users when ' 'using enabled emulation.'), + cfg.BoolOpt('user_enabled_emulation_use_group_config', default=False, + help='Use the "group_member_attribute" and ' + '"group_objectclass" settings to determine ' + 'membership in the emulated enabled group.'), cfg.ListOpt('user_additional_attribute_mapping', default=[], help='List of additional LDAP attributes used for mapping ' @@ -759,6 +763,11 @@ FILE_OPTIONS = { deprecated_for_removal=True, help='DN of the group entry to hold enabled projects when ' 'using enabled emulation.'), + cfg.BoolOpt('project_enabled_emulation_use_group_config', + default=False, + help='Use the "group_member_attribute" and ' + '"group_objectclass" settings to determine ' + 'membership in the emulated enabled group.'), cfg.ListOpt('project_additional_attribute_mapping', deprecated_opts=[cfg.DeprecatedOpt( 'tenant_additional_attribute_mapping', group='ldap')], @@ -1191,6 +1200,7 @@ FILE_OPTIONS = { default='policy_root', help='Local directory where Root IntraExtension configuration is stored.'), ] + } diff --git a/keystone-moon/keystone/common/ldap/core.py b/keystone-moon/keystone/common/ldap/core.py index 0bb3830c..6386ae2a 100644 --- a/keystone-moon/keystone/common/ldap/core.py +++ b/keystone-moon/keystone/common/ldap/core.py @@ -1771,19 +1771,23 @@ class BaseLdap(object): class EnabledEmuMixIn(BaseLdap): """Emulates boolean 'enabled' attribute if turned on. - Creates groupOfNames holding all enabled objects of this class, all missing + Creates a group holding all enabled objects of this class, all missing objects are considered disabled. Options: * $name_enabled_emulation - boolean, on/off - * $name_enabled_emulation_dn - DN of that groupOfNames, default is + * $name_enabled_emulation_dn - DN of that group, default is cn=enabled_${name}s,${tree_dn} + * $name_enabled_emulation_use_group_config - boolean, on/off Where ${name}s is the plural of self.options_name ('users' or 'tenants'), ${tree_dn} is self.tree_dn. """ + DEFAULT_GROUP_OBJECTCLASS = 'groupOfNames' + DEFAULT_MEMBER_ATTRIBUTE = 'member' + def __init__(self, conf): super(EnabledEmuMixIn, self).__init__(conf) enabled_emulation = '%s_enabled_emulation' % self.options_name @@ -1791,6 +1795,18 @@ class EnabledEmuMixIn(BaseLdap): enabled_emulation_dn = '%s_enabled_emulation_dn' % self.options_name self.enabled_emulation_dn = getattr(conf.ldap, enabled_emulation_dn) + + use_group_config = ('%s_enabled_emulation_use_group_config' % + self.options_name) + self.use_group_config = getattr(conf.ldap, use_group_config) + + if not self.use_group_config: + self.member_attribute = self.DEFAULT_MEMBER_ATTRIBUTE + self.group_objectclass = self.DEFAULT_GROUP_OBJECTCLASS + else: + self.member_attribute = conf.ldap.group_member_attribute + self.group_objectclass = conf.ldap.group_objectclass + if not self.enabled_emulation_dn: naming_attr_name = 'cn' naming_attr_value = 'enabled_%ss' % self.options_name @@ -1807,7 +1823,7 @@ class EnabledEmuMixIn(BaseLdap): def _get_enabled(self, object_id, conn): dn = self._id_to_dn(object_id) - query = '(member=%s)' % dn + query = '(%s=%s)' % (self.member_attribute, dn) try: enabled_value = conn.search_s(self.enabled_emulation_dn, ldap.SCOPE_BASE, @@ -1821,13 +1837,14 @@ class EnabledEmuMixIn(BaseLdap): with self.get_connection() as conn: if not self._get_enabled(object_id, conn): modlist = [(ldap.MOD_ADD, - 'member', + self.member_attribute, [self._id_to_dn(object_id)])] try: conn.modify_s(self.enabled_emulation_dn, modlist) except ldap.NO_SUCH_OBJECT: - attr_list = [('objectClass', ['groupOfNames']), - ('member', [self._id_to_dn(object_id)]), + attr_list = [('objectClass', [self.group_objectclass]), + (self.member_attribute, + [self._id_to_dn(object_id)]), self.enabled_emulation_naming_attr] if self.use_dumb_member: attr_list[1][1].append(self.dumb_member) @@ -1835,7 +1852,7 @@ class EnabledEmuMixIn(BaseLdap): def _remove_enabled(self, object_id): modlist = [(ldap.MOD_DELETE, - 'member', + self.member_attribute, [self._id_to_dn(object_id)])] with self.get_connection() as conn: try: diff --git a/keystone-moon/keystone/contrib/federation/migrate_repo/versions/007_add_remote_id_table.py b/keystone-moon/keystone/contrib/federation/migrate_repo/versions/007_add_remote_id_table.py index cd571245..77012aad 100644 --- a/keystone-moon/keystone/contrib/federation/migrate_repo/versions/007_add_remote_id_table.py +++ b/keystone-moon/keystone/contrib/federation/migrate_repo/versions/007_add_remote_id_table.py @@ -32,7 +32,9 @@ def upgrade(migrate_engine): remote_id_table.create(migrate_engine, checkfirst=True) - select = orm.sql.select([idp_table.c.id, idp_table.c.remote_id]) + select = orm.sql.select([idp_table.c.id, idp_table.c.remote_id]).where( + idp_table.c.remote_id.isnot(None)) + for identity in migrate_engine.execute(select): remote_idp_entry = {'idp_id': identity.id, 'remote_id': identity.remote_id} diff --git a/keystone-moon/keystone/identity/controllers.py b/keystone-moon/keystone/identity/controllers.py index 7a6a642a..0ec38190 100644 --- a/keystone-moon/keystone/identity/controllers.py +++ b/keystone-moon/keystone/identity/controllers.py @@ -82,8 +82,9 @@ class User(controller.V2Controller): # The manager layer will generate the unique ID for users user_ref = self._normalize_domain_id(context, user.copy()) + initiator = notifications._get_request_audit_info(context) new_user_ref = self.v3_to_v2_user( - self.identity_api.create_user(user_ref)) + self.identity_api.create_user(user_ref, initiator)) if default_project_id is not None: self.assignment_api.add_user_to_project(default_project_id, @@ -120,8 +121,9 @@ class User(controller.V2Controller): # user update. self.resource_api.get_project(default_project_id) + initiator = notifications._get_request_audit_info(context) user_ref = self.v3_to_v2_user( - self.identity_api.update_user(user_id, user)) + self.identity_api.update_user(user_id, user, initiator)) # If 'tenantId' is in either ref, we might need to add or remove the # user from a project. @@ -166,7 +168,8 @@ class User(controller.V2Controller): @controller.v2_deprecated def delete_user(self, context, user_id): self.assert_admin(context) - self.identity_api.delete_user(user_id) + initiator = notifications._get_request_audit_info(context) + self.identity_api.delete_user(user_id, initiator) @controller.v2_deprecated def set_user_enabled(self, context, user_id, user): diff --git a/keystone-moon/keystone/locale/de/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/de/LC_MESSAGES/keystone-log-critical.po index 0403952d..a9cfc70a 100644 --- a/keystone-moon/keystone/locale/de/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/de/LC_MESSAGES/keystone-log-critical.po @@ -3,21 +3,22 @@ # This file is distributed under the same license as the keystone project. # # Translators: +# OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: Keystone\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-08-06 06:28+0000\n" -"PO-Revision-Date: 2014-08-31 15:19+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" +"PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: German (http://www.transifex.com/openstack/keystone/language/" -"de/)\n" +"Language-Team: German\n" "Language: de\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" +"Generated-By: Babel 2.0\n" +"X-Generator: Zanata 3.7.1\n" #, python-format msgid "Unable to open template file %s" diff --git a/keystone-moon/keystone/locale/de/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/de/LC_MESSAGES/keystone.po index 1b2f1094..6f860754 100644 --- a/keystone-moon/keystone/locale/de/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/de/LC_MESSAGES/keystone.po @@ -10,18 +10,18 @@ # Tom Cocozzello <tjcocozz@us.ibm.com>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: German (http://www.transifex.com/openstack/keystone/language/" -"de/)\n" +"Language: de\n" +"Language-Team: German\n" "Plural-Forms: nplurals=2; plural=(n != 1)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(detail)s" diff --git a/keystone-moon/keystone/locale/el/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/el/LC_MESSAGES/keystone-log-critical.po index 1dffb340..90f983b2 100644 --- a/keystone-moon/keystone/locale/el/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/el/LC_MESSAGES/keystone-log-critical.po @@ -4,21 +4,22 @@ # # Translators: # Efstathios Iosifidis <iefstathios@gmail.com>, 2015 +# OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: Keystone\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-08 06:08+0000\n" -"PO-Revision-Date: 2015-09-05 13:09+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" +"PO-Revision-Date: 2015-09-05 01:09+0000\n" "Last-Translator: Efstathios Iosifidis <iefstathios@gmail.com>\n" -"Language-Team: Greek (http://www.transifex.com/openstack/keystone/language/" -"el/)\n" +"Language-Team: Greek\n" "Language: el\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" +"Generated-By: Babel 2.0\n" +"X-Generator: Zanata 3.7.1\n" #, python-format msgid "Unable to open template file %s" diff --git a/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone-log-critical.po index 99590953..5576d065 100644 --- a/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone-log-critical.po @@ -6,19 +6,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: English (Australia) (http://www.transifex.com/openstack/" -"keystone/language/en_AU/)\n" +"Language-Team: English (Australia)\n" "Language: en-AU\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" #, python-format diff --git a/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone-log-error.po b/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone-log-error.po index 7fd91ea1..141e7ec1 100644 --- a/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone-log-error.po +++ b/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone-log-error.po @@ -6,19 +6,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-06-26 05:13+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: English (Australia) (http://www.transifex.com/openstack/" -"keystone/language/en_AU/)\n" +"Language-Team: English (Australia)\n" "Language: en-AU\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" msgid "" diff --git a/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone.po index dca5aa9b..f290a110 100644 --- a/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/en_AU/LC_MESSAGES/keystone.po @@ -4,20 +4,21 @@ # # Translators: # Tom Fifield <tom@openstack.org>, 2013 +# OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: Keystone\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-08-06 06:28+0000\n" -"PO-Revision-Date: 2015-08-04 18:01+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" +"PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: English (Australia) (http://www.transifex.com/openstack/" -"keystone/language/en_AU/)\n" +"Language: en_AU\n" +"Language-Team: English (Australia)\n" "Plural-Forms: nplurals=2; plural=(n != 1)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(property_name)s cannot be less than %(min_length)s characters." diff --git a/keystone-moon/keystone/locale/es/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/es/LC_MESSAGES/keystone-log-critical.po index 336c5d33..9b93b5ed 100644 --- a/keystone-moon/keystone/locale/es/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/es/LC_MESSAGES/keystone-log-critical.po @@ -3,21 +3,22 @@ # This file is distributed under the same license as the keystone project. # # Translators: +# OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: Keystone\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-08-06 06:28+0000\n" -"PO-Revision-Date: 2014-08-31 15:19+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" +"PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Spanish (http://www.transifex.com/openstack/keystone/language/" -"es/)\n" +"Language-Team: Spanish\n" "Language: es\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" +"Generated-By: Babel 2.0\n" +"X-Generator: Zanata 3.7.1\n" #, python-format msgid "Unable to open template file %s" diff --git a/keystone-moon/keystone/locale/es/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/es/LC_MESSAGES/keystone.po index 70752350..46520ca7 100644 --- a/keystone-moon/keystone/locale/es/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/es/LC_MESSAGES/keystone.po @@ -13,18 +13,18 @@ # Tom Cocozzello <tjcocozz@us.ibm.com>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Spanish (http://www.transifex.com/openstack/keystone/language/" -"es/)\n" +"Language: es\n" +"Language-Team: Spanish\n" "Plural-Forms: nplurals=2; plural=(n != 1)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(detail)s" diff --git a/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-critical.po index 8657e66a..5967192b 100644 --- a/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-critical.po @@ -3,21 +3,22 @@ # This file is distributed under the same license as the keystone project. # # Translators: +# OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: Keystone\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-08-06 06:28+0000\n" -"PO-Revision-Date: 2014-08-31 15:19+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" +"PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: French (http://www.transifex.com/openstack/keystone/language/" -"fr/)\n" +"Language-Team: French\n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" +"Generated-By: Babel 2.0\n" +"X-Generator: Zanata 3.7.1\n" #, python-format msgid "Unable to open template file %s" diff --git a/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-error.po b/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-error.po index 5ddd639a..0339cacd 100644 --- a/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-error.po +++ b/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-error.po @@ -8,19 +8,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-06-26 05:13+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: French (http://www.transifex.com/openstack/keystone/language/" -"fr/)\n" +"Language-Team: French\n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" #, python-format diff --git a/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-info.po b/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-info.po index 08cee0e0..37ef89ea 100644 --- a/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-info.po +++ b/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-info.po @@ -6,21 +6,22 @@ # Bruno Cornec <bruno.cornec@hp.com>, 2014 # Maxime COQUEREL <max.coquerel@gmail.com>, 2014 # Andrew Melim <nokostya.translation@gmail.com>, 2014 +# OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: Keystone\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-08-06 06:28+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-08-01 06:26+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: French (http://www.transifex.com/openstack/keystone/language/" -"fr/)\n" +"Language-Team: French\n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" +"Generated-By: Babel 2.0\n" +"X-Generator: Zanata 3.7.1\n" #, python-format msgid "" diff --git a/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-warning.po b/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-warning.po index d2fddf29..6eb07830 100644 --- a/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-warning.po +++ b/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone-log-warning.po @@ -5,21 +5,22 @@ # Translators: # Bruno Cornec <bruno.cornec@hp.com>, 2014 # Maxime COQUEREL <max.coquerel@gmail.com>, 2014 +# OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: Keystone\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-08-06 06:28+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-07-29 06:04+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: French (http://www.transifex.com/openstack/keystone/language/" -"fr/)\n" +"Language-Team: French\n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" +"Generated-By: Babel 2.0\n" +"X-Generator: Zanata 3.7.1\n" #, python-format msgid "%s is not a dogpile.proxy.ProxyBackend" diff --git a/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone.po index b2aff55b..9fb2b2ec 100644 --- a/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/fr/LC_MESSAGES/keystone.po @@ -12,18 +12,18 @@ # Tom Cocozzello <tjcocozz@us.ibm.com>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: French (http://www.transifex.com/openstack/keystone/language/" -"fr/)\n" +"Language: fr\n" +"Language-Team: French\n" "Plural-Forms: nplurals=2; plural=(n > 1)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(detail)s" diff --git a/keystone-moon/keystone/locale/hu/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/hu/LC_MESSAGES/keystone-log-critical.po index 102329f6..b45fc0d3 100644 --- a/keystone-moon/keystone/locale/hu/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/hu/LC_MESSAGES/keystone-log-critical.po @@ -3,21 +3,22 @@ # This file is distributed under the same license as the keystone project. # # Translators: +# OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: Keystone\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-08-06 06:28+0000\n" -"PO-Revision-Date: 2014-08-31 15:19+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" +"PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Hungarian (http://www.transifex.com/openstack/keystone/" -"language/hu/)\n" +"Language-Team: Hungarian\n" "Language: hu\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" +"Generated-By: Babel 2.0\n" +"X-Generator: Zanata 3.7.1\n" #, python-format msgid "Unable to open template file %s" diff --git a/keystone-moon/keystone/locale/it/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/it/LC_MESSAGES/keystone-log-critical.po index db15042f..317cdc85 100644 --- a/keystone-moon/keystone/locale/it/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/it/LC_MESSAGES/keystone-log-critical.po @@ -3,21 +3,22 @@ # This file is distributed under the same license as the keystone project. # # Translators: +# OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: Keystone\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-08-06 06:28+0000\n" -"PO-Revision-Date: 2014-08-31 15:19+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" +"PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Italian (http://www.transifex.com/openstack/keystone/language/" -"it/)\n" +"Language-Team: Italian\n" "Language: it\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" +"Generated-By: Babel 2.0\n" +"X-Generator: Zanata 3.7.1\n" #, python-format msgid "Unable to open template file %s" diff --git a/keystone-moon/keystone/locale/it/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/it/LC_MESSAGES/keystone.po index 085f3b34..e60a6d8c 100644 --- a/keystone-moon/keystone/locale/it/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/it/LC_MESSAGES/keystone.po @@ -7,18 +7,18 @@ # Tom Cocozzello <tjcocozz@us.ibm.com>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Italian (http://www.transifex.com/openstack/keystone/language/" -"it/)\n" +"Language: it\n" +"Language-Team: Italian\n" "Plural-Forms: nplurals=2; plural=(n != 1)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(detail)s" diff --git a/keystone-moon/keystone/locale/ja/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/ja/LC_MESSAGES/keystone-log-critical.po index e5ec3075..9337f92f 100644 --- a/keystone-moon/keystone/locale/ja/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/ja/LC_MESSAGES/keystone-log-critical.po @@ -3,21 +3,22 @@ # This file is distributed under the same license as the keystone project. # # Translators: +# Akihiro Motoki <amotoki@gmail.com>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: Keystone\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-08-06 06:28+0000\n" -"PO-Revision-Date: 2014-08-31 15:19+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" +"PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Japanese (http://www.transifex.com/openstack/keystone/" -"language/ja/)\n" +"Language-Team: Japanese\n" "Language: ja\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=1; plural=0;\n" +"Generated-By: Babel 2.0\n" +"X-Generator: Zanata 3.7.1\n" #, python-format msgid "Unable to open template file %s" diff --git a/keystone-moon/keystone/locale/ja/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/ja/LC_MESSAGES/keystone.po index 639a2438..541eda96 100644 --- a/keystone-moon/keystone/locale/ja/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/ja/LC_MESSAGES/keystone.po @@ -4,22 +4,21 @@ # # Translators: # Tomoyuki KATO <tomo@dream.daynight.jp>, 2012-2013 -# OpenStack Infra <zanata@openstack.org>, 2015. #zanata -# Tom Cocozzello <tjcocozz@us.ibm.com>, 2015. #zanata +# Akihiro Motoki <amotoki@gmail.com>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" -"PO-Revision-Date: 2015-09-03 12:54+0000\n" -"Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Japanese (http://www.transifex.com/openstack/keystone/" -"language/ja/)\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" +"PO-Revision-Date: 2015-09-27 10:27+0000\n" +"Last-Translator: Akihiro Motoki <amotoki@gmail.com>\n" +"Language: ja\n" +"Language-Team: Japanese\n" "Plural-Forms: nplurals=1; plural=0\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(detail)s" @@ -34,7 +33,7 @@ msgstr "" #, python-format msgid "%(host)s is not a trusted dashboard host" -msgstr "%(host)s ã¯ãƒˆãƒ©ã‚¹ãƒ†ãƒƒãƒ‰ãƒ»ãƒ€ãƒƒã‚·ãƒ¥ãƒœãƒ¼ãƒ‰ãƒ»ãƒ›ã‚¹ãƒˆã§ã¯ã‚ã‚Šã¾ã›ã‚“" +msgstr "%(host)s ã¯ä¿¡é ¼ã•ã‚ŒãŸãƒ€ãƒƒã‚·ãƒ¥ãƒœãƒ¼ãƒ‰ãƒ›ã‚¹ãƒˆã§ã¯ã‚ã‚Šã¾ã›ã‚“" #, python-format msgid "%(message)s %(amendment)s" @@ -45,13 +44,13 @@ msgid "" "%(mod_name)s doesn't provide database migrations. The migration repository " "path at %(path)s doesn't exist or isn't a directory." msgstr "" -"%(mod_name)s ã¯ãƒ‡ãƒ¼ã‚¿ãƒ™ãƒ¼ã‚¹ãƒ»ãƒžã‚¤ã‚°ãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã‚’æä¾›ã—ã¦ã„ã¾ã›ã‚“。%(path)s ã®" -"マイグレーション・リãƒã‚¸ãƒˆãƒªãƒ¼ãƒ»ãƒ‘スã¯å˜åœ¨ã—ãªã„ã‹ã€ã¾ãŸã¯ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªãƒ¼ã§ã¯" -"ã‚ã‚Šã¾ã›ã‚“。" +"%(mod_name)s ã¯ãƒ‡ãƒ¼ã‚¿ãƒ™ãƒ¼ã‚¹ãƒžã‚¤ã‚°ãƒ¬ãƒ¼ã‚·ãƒ§ãƒ³ã‚’æä¾›ã—ã¦ã„ã¾ã›ã‚“。%(path)s ã®ãƒž" +"イグレーションリãƒã‚¸ãƒˆãƒªãƒ¼ã®ãƒ‘スãŒå˜åœ¨ã—ãªã„ã‹ã€ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªãƒ¼ã§ã¯ãªã„ã‹ã®ã„" +"ãšã‚Œã‹ã§ã™ã€‚" #, python-format msgid "%(property_name)s cannot be less than %(min_length)s characters." -msgstr "%(property_name)s 㯠%(min_length)s æ–‡å—よりå°ã•ãã§ãã¾ã›ã‚“。" +msgstr "%(property_name)s 㯠%(min_length)s æ–‡å—よりçŸãã§ãã¾ã›ã‚“。" #, python-format msgid "%(property_name)s is not a %(display_expected_type)s" @@ -59,11 +58,11 @@ msgstr "%(property_name)s ㌠%(display_expected_type)s ã§ã¯ã‚ã‚Šã¾ã›ã‚“。 #, python-format msgid "%(property_name)s should not be greater than %(max_length)s characters." -msgstr "%(property_name)s 㯠%(max_length)s æ–‡å—より大ããã§ãã¾ã›ã‚“。" +msgstr "%(property_name)s 㯠%(max_length)s æ–‡å—より長ãã§ãã¾ã›ã‚“。" #, python-format msgid "%s cannot be empty." -msgstr "%s ã¯ç©ºã«ã§ãã¾ã›ã‚“。" +msgstr "%s ã¯ç©ºã«ã¯ã§ãã¾ã›ã‚“。" #, python-format msgid "%s extension does not exist." @@ -71,55 +70,55 @@ msgstr "%s æ‹¡å¼µãŒå˜åœ¨ã—ã¾ã›ã‚“。" #, python-format msgid "%s field is required and cannot be empty" -msgstr "%s フィールドã¯å¿…é ˆãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã§ã‚ã‚‹ãŸã‚ã€ç©ºã«ã§ãã¾ã›ã‚“" +msgstr "フィールド %s ã¯å¿…é ˆãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã§ã‚ã‚‹ãŸã‚ã€ç©ºã«ã§ãã¾ã›ã‚“" #, python-format msgid "%s field(s) cannot be empty" -msgstr "%s フィールドを空ã«ã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“" +msgstr "フィールド %s を空ã«ã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“" msgid "(Disable debug mode to suppress these details.)" -msgstr "(ã“れらã®è©³ç´°ã‚’抑制ã™ã‚‹ã«ã¯ã€ãƒ‡ãƒãƒƒã‚°ãƒ»ãƒ¢ãƒ¼ãƒ‰ã‚’無効ã«ã—ã¾ã™ã€‚)" +msgstr "(ã“れらã®è©³ç´°å‡ºåŠ›ã‚’抑制ã™ã‚‹ã«ã¯ã€ãƒ‡ãƒãƒƒã‚°ãƒ¢ãƒ¼ãƒ‰ã‚’無効ã«ã—ã¾ã™ã€‚)" msgid "--all option cannot be mixed with other options" msgstr "--all オプションを他ã®ã‚ªãƒ—ションã¨çµ„ã¿åˆã‚ã›ã¦ä½¿ç”¨ã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“" msgid "A project-scoped token is required to produce a service catalog." msgstr "" -"サービス・カタãƒã‚°ã‚’生æˆã™ã‚‹ã«ã¯ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«ã‚¹ã‚³ãƒ¼ãƒ—宣言ã•ã‚ŒãŸãƒˆãƒ¼ã‚¯ãƒ³ãŒ" +"サービスカタãƒã‚°ã‚’生æˆã™ã‚‹ã«ã¯ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«ã‚¹ã‚³ãƒ¼ãƒ—ãŒè¨å®šã•ã‚ŒãŸãƒˆãƒ¼ã‚¯ãƒ³ãŒ" "å¿…è¦ã§ã™ã€‚" msgid "Access token is expired" -msgstr "アクセス・トークンã®æœ‰åŠ¹æœŸé™ãŒåˆ‡ã‚Œã¦ã„ã¾ã™" +msgstr "アクセストークンã®æœ‰åŠ¹æœŸé™ãŒåˆ‡ã‚Œã¦ã„ã¾ã™" msgid "Access token not found" -msgstr "アクセス・トークンãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" +msgstr "アクセストークンãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" msgid "Additional authentications steps required." msgstr "è¿½åŠ èªè¨¼æ‰‹é †ãŒå¿…è¦ã§ã™ã€‚" msgid "An unexpected error occurred when retrieving domain configs" -msgstr "ドメイン構æˆã®å–å¾—ä¸ã«äºˆæœŸã—ãªã„エラーãŒç™ºç”Ÿã—ã¾ã—ãŸ" +msgstr "ドメインè¨å®šã®å–å¾—ä¸ã«äºˆæœŸã—ãªã„エラーãŒç™ºç”Ÿã—ã¾ã—ãŸ" #, python-format msgid "An unexpected error occurred when trying to store %s" -msgstr "%s ã‚’ä¿ç®¡ã—よã†ã¨è©¦ã¿ã¦ã„ã‚‹ã¨ãã«ã€äºˆæœŸã—ãªã„エラーãŒç™ºç”Ÿã—ã¾ã—ãŸ" +msgstr "%s ã®ä¿å˜ä¸ã«äºˆæœŸã—ãªã„エラーãŒç™ºç”Ÿã—ã¾ã—ãŸ" msgid "An unexpected error prevented the server from fulfilling your request." -msgstr "予期ã—ãªã„エラーãŒç™ºç”Ÿã—ãŸãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ã¯è¦æ±‚を満ãŸã™ã“ã¨ãŒ" +msgstr "予期ã—ãªã„エラーãŒç™ºç”Ÿã—ãŸãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ãŒè¦æ±‚を完了ã§ãã¾ã›ã‚“ã§ã—ãŸã€‚" #, python-format msgid "" "An unexpected error prevented the server from fulfilling your request: " "%(exception)s" msgstr "" -"予期ã—ãªã„エラーãŒç™ºç”Ÿã—ãŸãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ã¯è¦æ±‚を満ãŸã™ã“ã¨ãŒã§ãã¾ã›ã‚“ã§ã—" -"ãŸ: %(exception)s" +"予期ã—ãªã„エラーãŒç™ºç”Ÿã—ãŸãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ãŒè¦æ±‚を完了ã§ãã¾ã›ã‚“ã§ã—ãŸ: " +"%(exception)s" msgid "An unhandled exception has occurred: Could not find metadata." -msgstr "未処ç†ä¾‹å¤–ãŒç™ºç”Ÿã—ã¾ã—ãŸã€‚メタデータãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚" +msgstr "処ç†ã§ããªã„例外ãŒç™ºç”Ÿã—ã¾ã—ãŸã€‚メタデータãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚" msgid "At least one option must be provided" -msgstr "オプションを少ãªãã¨ã‚‚ 1 ã¤ã¯æŒ‡å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™" +msgstr "å°‘ãªãã¨ã‚‚ 1 ã¤ã¯ã‚ªãƒ—ションを指定ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™" msgid "At least one option must be provided, use either --all or --domain-name" msgstr "" @@ -127,7 +126,7 @@ msgstr "" "name を使用ã—ã¦ãã ã•ã„" msgid "At least one role should be specified." -msgstr "å°‘ãªãã¨ã‚‚ 1 ã¤ã®å½¹å‰²ã‚’指定ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚" +msgstr "å°‘ãªãã¨ã‚‚ 1 ã¤ã®ãƒãƒ¼ãƒ«ã‚’指定ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚" msgid "Attempted to authenticate with an unsupported method." msgstr "サãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ãªã„メソッドを使用ã—ã¦èªè¨¼ã‚’è¡ŒãŠã†ã¨ã—ã¾ã—ãŸã€‚" @@ -140,7 +139,7 @@ msgstr "" "証を使用ã—ã¦ãã ã•ã„" msgid "Authentication plugin error." -msgstr "èªè¨¼ãƒ—ラグイン・エラー。" +msgstr "èªè¨¼ãƒ—ラグインエラー。" msgid "Cannot authorize a request token with a token issued via delegation." msgstr "" @@ -154,6 +153,7 @@ msgstr "%(option_name)s %(attr)s を変更ã§ãã¾ã›ã‚“" msgid "Cannot change Domain ID" msgstr "ドメイン ID を変更ã§ãã¾ã›ã‚“" +#, fuzzy msgid "Cannot change consumer secret" msgstr "コンシューマーã®ç§˜å¯†ã‚’変更ã§ãã¾ã›ã‚“" @@ -163,7 +163,7 @@ msgstr "ユーザー ID を変更ã§ãã¾ã›ã‚“" msgid "Cannot change user name" msgstr "ユーザーåを変更ã§ãã¾ã›ã‚“" -#, python-format +#, fuzzy, python-format msgid "Cannot create project with parent: %(project_id)s" msgstr "親をæŒã¤ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã‚’作æˆã§ãã¾ã›ã‚“: %(project_id)s" @@ -184,44 +184,48 @@ msgstr "証明書 %(cert_file)s ã‚’é–‹ãã“ã¨ãŒã§ãã¾ã›ã‚“。ç†ç”±: %(re msgid "Cannot remove role that has not been granted, %s" msgstr "許å¯ã•ã‚Œã¦ã„ãªã„ãƒãƒ¼ãƒ«ã‚’削除ã§ãã¾ã›ã‚“ã€%s" +#, fuzzy msgid "" "Cannot truncate a driver call without hints list as first parameter after " "self " msgstr "" -"セルフã®å¾Œã«æœ€åˆã®ãƒ‘ラメーターã¨ã—ã¦ãƒ’ント・リストãªã—ã§ãƒ‰ãƒ©ã‚¤ãƒãƒ¼å‘¼ã³å‡ºã—ã‚’" -"切りæ¨ã¦ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“" +"セルフã®å¾Œã«æœ€åˆã®ãƒ‘ラメーターã¨ã—ã¦ãƒ’ントリストãªã—ã§ãƒ‰ãƒ©ã‚¤ãƒãƒ¼å‘¼ã³å‡ºã—を切" +"ã‚Šæ¨ã¦ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“" msgid "" "Cannot use parents_as_list and parents_as_ids query params at the same time." msgstr "" -"照会パラメーター parents_as_list 㨠parents_as_ids を併用ã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›" -"ん。" +"å•ã„åˆã‚ã›ãƒ‘ラメーター parents_as_list 㨠parents_as_ids ã‚’åŒæ™‚ã«ä½¿ç”¨ã™ã‚‹ã“ã¨" +"ã¯ã§ãã¾ã›ã‚“。" msgid "" "Cannot use subtree_as_list and subtree_as_ids query params at the same time." msgstr "" -"照会パラメーター subtree_as_list 㨠subtree_as_ids を併用ã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›" -"ん。" +"å•ã„åˆã‚ã›ãƒ‘ラメーター subtree_as_list 㨠subtree_as_ids ã‚’åŒæ™‚ã«ä½¿ç”¨ã™ã‚‹ã“ã¨" +"ã¯ã§ãã¾ã›ã‚“。" +#, fuzzy msgid "" "Combining effective and group filter will always result in an empty list." msgstr "" -"有効フィルターã¨ã‚°ãƒ«ãƒ¼ãƒ—・フィルターã®çµ„ã¿åˆã‚ã›ã¯å¸¸ã«ç©ºã®ãƒªã‚¹ãƒˆã«ãªã‚Šã¾ã™ã€‚" +"有効フィルターã¨ã‚°ãƒ«ãƒ¼ãƒ—フィルターã®çµ„ã¿åˆã‚ã›ã¯å¸¸ã«ç©ºã®ãƒªã‚¹ãƒˆã«ãªã‚Šã¾ã™ã€‚" +#, fuzzy msgid "" "Combining effective, domain and inherited filters will always result in an " "empty list." msgstr "" -"有効フィルターã€ãƒ‰ãƒ¡ã‚¤ãƒ³ãƒ»ãƒ•ã‚£ãƒ«ã‚¿ãƒ¼ã€ãŠã‚ˆã³ç¶™æ‰¿ãƒ•ã‚£ãƒ«ã‚¿ãƒ¼ã®çµ„ã¿åˆã‚ã›ã¯å¸¸ã«" -"空ã®ãƒªã‚¹ãƒˆã«ãªã‚Šã¾ã™ã€‚" +"有効フィルターã€ãƒ‰ãƒ¡ã‚¤ãƒ³ãƒ•ã‚£ãƒ«ã‚¿ãƒ¼ã€ãŠã‚ˆã³ç¶™æ‰¿ãƒ•ã‚£ãƒ«ã‚¿ãƒ¼ã®çµ„ã¿åˆã‚ã›ã¯å¸¸ã«ç©º" +"ã®ãƒªã‚¹ãƒˆã«ãªã‚Šã¾ã™ã€‚" #, python-format msgid "Conflict occurred attempting to store %(type)s - %(details)s" -msgstr "%(type)s ã‚’ä¿ç®¡ã™ã‚‹ã¨ãã«ç«¶åˆãŒç™ºç”Ÿã—ã¾ã—㟠- %(details)s" +msgstr "%(type)s ã‚’ä¿å˜ã™ã‚‹ã¨ãã«ç«¶åˆãŒç™ºç”Ÿã—ã¾ã—㟠- %(details)s" #, python-format msgid "Conflicting region IDs specified: \"%(url_id)s\" != \"%(ref_id)s\"" -msgstr "矛盾ã™ã‚‹é ˜åŸŸ ID ãŒæŒ‡å®šã•ã‚Œã¾ã—ãŸ: \"%(url_id)s\" != \"%(ref_id)s\"" +msgstr "" +"矛盾ã™ã‚‹ãƒªãƒ¼ã‚¸ãƒ§ãƒ³ ID ãŒæŒ‡å®šã•ã‚Œã¾ã—ãŸ: \"%(url_id)s\" != \"%(ref_id)s\"" msgid "Consumer not found" msgstr "コンシューマーãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" @@ -230,44 +234,45 @@ msgstr "コンシューマーãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" msgid "" "Could not change immutable attribute(s) '%(attributes)s' in target %(target)s" msgstr "" -"ターゲット %(target)s ã§ä¸å¤‰ã®å±žæ€§ '%(attributes)s' を変更ã§ãã¾ã›ã‚“ã§ã—ãŸ" +"ターゲット %(target)s ã®å¤‰æ›´ä¸å¯ã®å±žæ€§ '%(attributes)s' を変更ã§ãã¾ã›ã‚“ã§ã—" +"ãŸ" #, python-format msgid "" "Could not find %(group_or_option)s in domain configuration for domain " "%(domain_id)s" msgstr "" -"%(group_or_option)s ãŒãƒ‰ãƒ¡ã‚¤ãƒ³ %(domain_id)s ã®ãƒ‰ãƒ¡ã‚¤ãƒ³æ§‹æˆã«è¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§" +"%(group_or_option)s ãŒãƒ‰ãƒ¡ã‚¤ãƒ³ %(domain_id)s ã®ãƒ‰ãƒ¡ã‚¤ãƒ³è¨å®šã«è¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§" "ã—ãŸ" #, python-format msgid "Could not find Endpoint Group: %(endpoint_group_id)s" -msgstr "エンドãƒã‚¤ãƒ³ãƒˆãƒ»ã‚°ãƒ«ãƒ¼ãƒ—ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(endpoint_group_id)s" +msgstr "エンドãƒã‚¤ãƒ³ãƒˆã‚°ãƒ«ãƒ¼ãƒ— %(endpoint_group_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" msgid "Could not find Identity Provider identifier in environment" -msgstr "Identity Provider ID ãŒç’°å¢ƒå†…ã«è¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" +msgstr "Identity Provider ID ãŒç’°å¢ƒæƒ…å ±å†…ã«è¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find Identity Provider: %(idp_id)s" -msgstr "ID プãƒãƒã‚¤ãƒ€ãƒ¼ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(idp_id)s" +msgstr "ID プãƒãƒã‚¤ãƒ€ãƒ¼ %(idp_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find Service Provider: %(sp_id)s" -msgstr "サービス・プãƒãƒã‚¤ãƒ€ãƒ¼ %(sp_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" +msgstr "サービスプãƒãƒã‚¤ãƒ€ãƒ¼ %(sp_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" -#, python-format +#, fuzzy, python-format msgid "Could not find credential: %(credential_id)s" msgstr "è³‡æ ¼æƒ…å ±ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(credential_id)s" #, python-format msgid "Could not find domain: %(domain_id)s" -msgstr "ドメインãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(domain_id)s" +msgstr "ドメイン %(domain_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find endpoint: %(endpoint_id)s" -msgstr "エンドãƒã‚¤ãƒ³ãƒˆãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(endpoint_id)s" +msgstr "エンドãƒã‚¤ãƒ³ãƒˆ %(endpoint_id)sãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" -#, python-format +#, fuzzy, python-format msgid "" "Could not find federated protocol %(protocol_id)s for Identity Provider: " "%(idp_id)s" @@ -277,69 +282,70 @@ msgstr "" #, python-format msgid "Could not find group: %(group_id)s" -msgstr "グループãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(group_id)s" +msgstr "グループ %(group_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find mapping: %(mapping_id)s" -msgstr "マッピングãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(mapping_id)s" +msgstr "マッピング %(mapping_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" msgid "Could not find policy association" msgstr "ãƒãƒªã‚·ãƒ¼é–¢é€£ä»˜ã‘ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find policy: %(policy_id)s" -msgstr "ãƒãƒªã‚·ãƒ¼ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(policy_id)s" +msgstr "ãƒãƒªã‚·ãƒ¼ %(policy_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find project: %(project_id)s" -msgstr "プãƒã‚¸ã‚§ã‚¯ãƒˆãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(project_id)s" +msgstr "プãƒã‚¸ã‚§ã‚¯ãƒˆ %(project_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find region: %(region_id)s" -msgstr "é ˜åŸŸãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(region_id)s" +msgstr "リージョン %(region_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" msgid "Could not find role" -msgstr "役割ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" +msgstr "ãƒãƒ¼ãƒ«ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "" "Could not find role assignment with role: %(role_id)s, user or group: " "%(actor_id)s, project or domain: %(target_id)s" msgstr "" -"役割 %(role_id)s ã‚’æŒã¤å‰²ã‚Šå½“ã¦ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚ユーザーã¾ãŸã¯ã‚°ãƒ«ãƒ¼" -"プ: %(actor_id)sã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¾ãŸã¯ãƒ‰ãƒ¡ã‚¤ãƒ³: %(target_id)s" +"ãƒãƒ¼ãƒ« %(role_id)s ã‚’æŒã¤å‰²ã‚Šå½“ã¦ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚ユーザーã¾ãŸã¯ã‚°ãƒ«ãƒ¼" +"プ㯠%(actor_id)s ã§ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¾ãŸã¯ãƒ‰ãƒ¡ã‚¤ãƒ³ãŒ %(target_id)s ã§ã™" #, python-format msgid "Could not find role: %(role_id)s" -msgstr "役割ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(role_id)s" +msgstr "ãƒãƒ¼ãƒ« %(role_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find service: %(service_id)s" -msgstr "サービスãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(service_id)s" +msgstr "サービス %(service_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find token: %(token_id)s" -msgstr "トークンãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(token_id)s" +msgstr "トークン %(token_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find trust: %(trust_id)s" -msgstr "トラストãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(trust_id)s" +msgstr "トラスト %(trust_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find user: %(user_id)s" -msgstr "ユーザーãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(user_id)s" +msgstr "ユーザー %(user_id)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ:" #, python-format msgid "Could not find version: %(version)s" -msgstr "ãƒãƒ¼ã‚¸ãƒ§ãƒ³ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(version)s" +msgstr "ãƒãƒ¼ã‚¸ãƒ§ãƒ³ %(version)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" #, python-format msgid "Could not find: %(target)s" -msgstr "見ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ: %(target)s" +msgstr "%(target)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" msgid "Could not validate the access token" -msgstr "アクセス・トークンを検証ã§ãã¾ã›ã‚“ã§ã—ãŸ" +msgstr "アクセストークンを検証ã§ãã¾ã›ã‚“ã§ã—ãŸ" +#, fuzzy msgid "Credential belongs to another user" msgstr "è³‡æ ¼æƒ…å ±ãŒåˆ¥ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å±žã—ã¦ã„ã¾ã™" @@ -349,7 +355,8 @@ msgstr "/domains/%s/config ã®ãƒ‡ãƒ¼ã‚¿ãƒ™ãƒ¼ã‚¹" msgid "" "Disabling an entity where the 'enable' attribute is ignored by configuration." -msgstr "「enableã€å±žæ€§ãŒæ§‹æˆã«ã‚ˆã£ã¦ç„¡è¦–ã•ã‚Œã¦ã„るエンティティーを無効化ä¸ã€‚" +msgstr "" +"「enableã€å±žæ€§ãŒè¨å®šã«ã‚ˆã£ã¦ç„¡è¦–ã•ã‚Œã¦ã„るエンティティーを無効化ä¸ã§ã™ã€‚" #, python-format msgid "Domain (%s)" @@ -365,24 +372,24 @@ msgstr "ドメイン㫠%s ã¨ã„ㆠID を付ã‘ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“" #, python-format msgid "Domain is disabled: %s" -msgstr "ドメインãŒç„¡åŠ¹åŒ–ã•ã‚Œã¦ã„ã¾ã™: %s" +msgstr "ドメイン %s ãŒç„¡åŠ¹ã«ãªã£ã¦ã„ã¾ã™" msgid "Domain metadata not supported by LDAP" -msgstr "ドメイン・メタデータ㯠LDAP ã§ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¾ã›ã‚“" +msgstr "ドメインメタデータ㯠LDAP ã§ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¾ã›ã‚“" msgid "Domain scoped token is not supported" -msgstr "ドメインをスコープã«ã—ãŸãƒˆãƒ¼ã‚¯ãƒ³ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¾ã›ã‚“" +msgstr "ドメインをスコープã«ã—ãŸãƒˆãƒ¼ã‚¯ãƒ³ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã›ã‚“" #, python-format msgid "" "Domain: %(domain)s already has a configuration defined - ignoring file: " "%(file)s." msgstr "" -"ドメイン %(domain)s ã«ã¯æ—¢ã«æ§‹æˆãŒã‚ã‚Šã¾ã™ - ファイル %(file)s ã¯ç„¡è¦–ã•ã‚Œã¾" -"ã™ã€‚" +"ドメイン %(domain)s ã«ã¯æ—¢ã«å®šç¾©ã•ã‚ŒãŸè¨å®šãŒã‚ã‚Šã¾ã™ã€‚ファイル %(file)s ã¯ç„¡" +"視ã•ã‚Œã¾ã™ã€‚" msgid "Domains are read-only against LDAP" -msgstr "ドメイン㌠LDAP ã«å¯¾ã—ã¦èªã¿å–り専用ã§ã™" +msgstr "LDAP ã®å ´åˆã¯ãƒ‰ãƒ¡ã‚¤ãƒ³ã¯èªã¿å–り専用ã§ã™" msgid "Duplicate Entry" msgstr "é‡è¤‡ã™ã‚‹é …ç›®" @@ -404,37 +411,37 @@ msgstr "「有効ã€ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯ãƒ–ール値ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“ #, python-format msgid "Endpoint %(endpoint_id)s not found in project %(project_id)s" msgstr "" -"エンドãƒã‚¤ãƒ³ãƒˆ %(endpoint_id)s ã¯ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆ %(project_id)s ã«è¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" +"エンドãƒã‚¤ãƒ³ãƒˆ %(endpoint_id)s ãŒãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆ %(project_id)s ã«è¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" msgid "Endpoint Group Project Association not found" -msgstr "エンドãƒã‚¤ãƒ³ãƒˆãƒ»ã‚°ãƒ«ãƒ¼ãƒ—・プãƒã‚¸ã‚§ã‚¯ãƒˆé–¢é€£ä»˜ã‘ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" +msgstr "エンドãƒã‚¤ãƒ³ãƒˆã‚°ãƒ«ãƒ¼ãƒ—ã¨ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®é–¢é€£ä»˜ã‘ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" msgid "Ensure configuration option idp_entity_id is set." -msgstr "構æˆã‚ªãƒ—ション idp_entity_id ãŒè¨å®šã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’確èªã—ã¦ãã ã•ã„。" +msgstr "è¨å®šã‚ªãƒ—ション idp_entity_id ãŒè¨å®šã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’確èªã—ã¦ãã ã•ã„。" msgid "Ensure configuration option idp_sso_endpoint is set." msgstr "" -"構æˆã‚ªãƒ—ション idp_sso_endpoint ãŒè¨å®šã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’確èªã—ã¦ãã ã•ã„。" +"è¨å®šã‚ªãƒ—ション idp_sso_endpoint ãŒè¨å®šã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’確èªã—ã¦ãã ã•ã„。" #, python-format msgid "" "Error parsing configuration file for domain: %(domain)s, file: %(file)s." msgstr "" -"構æˆãƒ•ã‚¡ã‚¤ãƒ«ã®æ§‹æ–‡è§£æžã‚¨ãƒ©ãƒ¼ã€‚ドメイン: %(domain)sã€ãƒ•ã‚¡ã‚¤ãƒ«: %(file)s。" +"ドメイン: %(domain)sã€ãƒ•ã‚¡ã‚¤ãƒ«: %(file)s ã®è¨å®šãƒ•ã‚¡ã‚¤ãƒ«ã®æ§‹æ–‡è§£æžã‚¨ãƒ©ãƒ¼ã€‚" #, python-format msgid "Error while reading metadata file, %(reason)s" -msgstr "メタデータ・ファイルã®èªã¿å–ã‚Šä¸ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ã¾ã—ãŸã€‚%(reason)s" +msgstr "メタデータファイルã®èªã¿å–ã‚Šä¸ã«ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ã¾ã—ãŸã€‚%(reason)s" #, python-format msgid "Expected dict or list: %s" -msgstr "期待ã•ã‚Œã‚‹è¾žæ›¸ã¾ãŸã¯ä¸€è¦§: %s" +msgstr "期待ã•ã‚Œã‚‹è¾žæ›¸ã¾ãŸã¯ãƒªã‚¹ãƒˆ: %s" msgid "" "Expected signing certificates are not available on the server. Please check " "Keystone configuration." msgstr "" -"予期ã•ã‚ŒãŸç½²å証明書ãŒã‚µãƒ¼ãƒãƒ¼ã«ã‚ã‚Šã¾ã›ã‚“。Keystone ã®æ§‹æˆã‚’確èªã—ã¦ãã ã•" +"想定ã•ã‚ŒãŸç½²å証明書ãŒã‚µãƒ¼ãƒãƒ¼ã«ã‚ã‚Šã¾ã›ã‚“。Keystone ã®è¨å®šã‚’確èªã—ã¦ãã ã•" "ã„。" #, python-format @@ -443,17 +450,18 @@ msgid "" "with the request since it is either malformed or otherwise incorrect. The " "client is assumed to be in error." msgstr "" -"%(target)s 㧠%(attribute)s ãŒæ¤œå‡ºã•ã‚Œã‚‹ã“ã¨ãŒäºˆæœŸã•ã‚Œã¦ã„ã¾ã™ã€‚è¦æ±‚ã®å½¢å¼ãŒ" -"誤ã£ã¦ã„ã‚‹ã‹ã€ã¾ãŸã¯è¦æ±‚ãŒæ£ã—ããªã„ãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ã¯è¦æ±‚ã«å¾“ã†ã“ã¨ãŒã§ãã¾ã›" -"ã‚“ã§ã—ãŸã€‚クライアントã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ã¦ã„ã‚‹ã¨è¦‹ãªã•ã‚Œã¾ã™ã€‚" +"%(target)s ã« %(attribute)s ãŒã‚ã‚‹ã“ã¨ãŒæƒ³å®šã•ã‚Œã¦ã„ã¾ã™ã€‚è¦æ±‚ã®å½¢å¼ãŒä¸æ£ã‚‚" +"ã—ãã¯æ£ã—ããªã„ãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ã¯è¦æ±‚ã«å¿œã˜ã‚‹ã“ã¨ãŒã§ãã¾ã›ã‚“ã§ã—ãŸã€‚クライア" +"ントã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ã¦ã„ã‚‹ã¨è€ƒãˆã‚‰ã‚Œã¾ã™ã€‚" #, python-format msgid "Failed to start the %(name)s server" -msgstr "%(name)s サーãƒãƒ¼ã®å§‹å‹•ã«å¤±æ•—ã—ã¾ã—ãŸ" +msgstr "%(name)s サーãƒãƒ¼ã®èµ·å‹•ã«å¤±æ•—ã—ã¾ã—ãŸ" msgid "Failed to validate token" msgstr "トークンã®æ¤œè¨¼ã«å¤±æ•—ã—ã¾ã—ãŸ" +#, fuzzy msgid "Federation token is expired" msgstr "連åˆãƒˆãƒ¼ã‚¯ãƒ³ã®æœ‰åŠ¹æœŸé™ãŒåˆ‡ã‚Œã¦ã„ã¾ã™" @@ -462,33 +470,33 @@ msgid "" "Field \"remaining_uses\" is set to %(value)s while it must not be set in " "order to redelegate a trust" msgstr "" -"フィールド「remaining_usesã€ãŒ %(value)s ã«è¨å®šã•ã‚Œã¦ã„ã¾ã™ãŒã€ãƒˆãƒ©ã‚¹ãƒˆã‚’å†å§”" -"ä»»ã™ã‚‹ã«ã¯ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã‚’è¨å®šã—ã¦ã¯ãªã‚Šã¾ã›ã‚“" +"フィールド \"remaining_uses\" 㯠%(value)s ã«ãªã£ã¦ã„ã¾ã™ãŒã€ãƒˆãƒ©ã‚¹ãƒˆã‚’å†å§”ä»»" +"ã™ã‚‹ã«ã¯ã“ã®ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ãŒè¨å®šã•ã‚Œã¦ã„ã¦ã¯ãªã‚Šã¾ã›ã‚“" msgid "Found invalid token: scoped to both project and domain." msgstr "" -"無効ãªãƒˆãƒ¼ã‚¯ãƒ³ãŒè¦‹ã¤ã‹ã‚Šã¾ã—ãŸ: プãƒã‚¸ã‚§ã‚¯ãƒˆã¨ãƒ‰ãƒ¡ã‚¤ãƒ³ã®ä¸¡æ–¹ã«ã‚¹ã‚³ãƒ¼ãƒ—宣言ã•" -"ã‚Œã¦ã„ã¾ã™ã€‚" +"無効ãªãƒˆãƒ¼ã‚¯ãƒ³ãŒè¦‹ã¤ã‹ã‚Šã¾ã—ãŸ: スコープãŒãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã¨ãƒ‰ãƒ¡ã‚¤ãƒ³ã®ä¸¡æ–¹ã«å¯¾ã—" +"ã¦è¨å®šã•ã‚Œã¦ã„ã¾ã™ã€‚" #, python-format msgid "Group %(group)s is not supported for domain specific configurations" -msgstr "ドメイン固有ã®æ§‹æˆã§ã¯ã‚°ãƒ«ãƒ¼ãƒ— %(group)s ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¾ã›ã‚“" +msgstr "ドメイン固有ã®è¨å®šã§ã¯ã‚°ãƒ«ãƒ¼ãƒ— %(group)s ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¾ã›ã‚“" #, python-format msgid "" "Group %(group_id)s returned by mapping %(mapping_id)s was not found in the " "backend." msgstr "" -"マッピング %(mapping_id)s ã«ã‚ˆã£ã¦è¿”ã•ã‚ŒãŸã‚°ãƒ«ãƒ¼ãƒ— %(group_id)s ãŒãƒãƒƒã‚¯ã‚¨ãƒ³" -"ドã«è¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚" +"マッピング %(mapping_id)s ãŒè¿”ã—ãŸã‚°ãƒ«ãƒ¼ãƒ— %(group_id)s ãŒãƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰ã«ã‚ã‚Š" +"ã¾ã›ã‚“ã§ã—ãŸã€‚" #, python-format msgid "" "Group membership across backend boundaries is not allowed, group in question " "is %(group_id)s, user is %(user_id)s" msgstr "" -"ãƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰å¢ƒç•Œã‚’越ãˆã‚‹ã‚°ãƒ«ãƒ¼ãƒ—・メンãƒãƒ¼ã‚·ãƒƒãƒ—ã¯è¨±å¯ã•ã‚Œã¾ã›ã‚“。å•é¡Œã¨ãªã£" -"ã¦ã„るグループ㯠%(group_id)sã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ %(user_id)s ã§ã™" +"ãƒãƒƒã‚¯ã‚¨ãƒ³ãƒ‰å¢ƒç•Œã‚’ã¾ãŸãグループメンãƒãƒ¼ã‚·ãƒƒãƒ—ã¯è¨±å¯ã•ã‚Œã¦ã„ã¾ã›ã‚“。å•é¡Œã¨" +"ãªã£ã¦ã„るグループ㯠%(group_id)sã€ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯ %(user_id)s ã§ã™" #, python-format msgid "ID attribute %(id_attr)s not found in LDAP object %(dn)s" @@ -498,6 +506,7 @@ msgstr "ID 属性 %(id_attr)s ㌠LDAP オブジェクト %(dn)s ã«è¦‹ã¤ã‹ã‚Š msgid "Identity Provider %(idp)s is disabled" msgstr "ID プãƒãƒã‚¤ãƒ€ãƒ¼ %(idp)s ã¯ç„¡åŠ¹ã«ãªã£ã¦ã„ã¾ã™" +#, fuzzy msgid "" "Incoming identity provider identifier not included among the accepted " "identifiers." @@ -506,30 +515,33 @@ msgstr "ç€ä¿¡ ID プãƒãƒã‚¤ãƒ€ãƒ¼ ID ãŒå—諾 ID ã«å«ã¾ã‚Œã¦ã„ã¾ã›ã‚“ #, python-format msgid "Invalid LDAP TLS certs option: %(option)s. Choose one of: %(options)s" msgstr "" -"LDAP TLS 証明書オプション %(option)s ãŒç„¡åŠ¹ã§ã™ã€‚以下ã®ã„ãšã‚Œã‹ã‚’é¸æŠžã—ã¦ãã " -"ã•ã„: %(options)s" +"無効㪠LDAP TLS 証明書オプション %(option)s ã§ã™ã€‚ %(options)s ã®ã„ãšã‚Œã‹ã‚’é¸" +"択ã—ã¦ãã ã•ã„" #, python-format msgid "Invalid LDAP TLS_AVAIL option: %s. TLS not available" -msgstr "無効㪠LDAP TLS_AVAIL オプション: %s。TLS ãŒåˆ©ç”¨ã§ãã¾ã›ã‚“。" +msgstr "無効㪠LDAP TLS_AVAIL オプション %s ã§ã™ã€‚TLS ãŒåˆ©ç”¨ã§ãã¾ã›ã‚“。" #, python-format msgid "Invalid LDAP deref option: %(option)s. Choose one of: %(options)s" msgstr "" -"LDAP deref オプションãŒç„¡åŠ¹ã§ã™: %(option)s。%(options)s ã®ã„ãšã‚Œã‹ã‚’é¸æŠžã—ã¦" -"ãã ã•ã„" +"無効㪠LDAP deref オプション %(option)s ã§ã™ã€‚%(options)s ã®ã„ãšã‚Œã‹ã‚’é¸æŠžã—" +"ã¦ãã ã•ã„" #, python-format msgid "Invalid LDAP scope: %(scope)s. Choose one of: %(options)s" -msgstr "無効㪠LDAP 範囲: %(scope)s。次ã®ã©ã‚Œã‹ã‚’é¸ã‚“ã§ãã ã•ã„: %(options)s" +msgstr "" +"無効㪠LDAP スコープ %(scope)s ã§ã™ã€‚ %(options)s ã®ã„ãšã‚Œã‹ã‚’é¸ã‚“ã§ãã ã•" +"ã„: " msgid "Invalid TLS / LDAPS combination" -msgstr "無効㪠TLS / LDAPS ã®çµ„ã¿åˆã‚ã›" +msgstr "無効㪠TLS / LDAPS ã®çµ„ã¿åˆã‚ã›ã§ã™" #, python-format msgid "Invalid audit info data type: %(data)s (%(type)s)" -msgstr "無効ãªç›£æŸ»æƒ…å ±ãƒ‡ãƒ¼ã‚¿ãƒ»ã‚¿ã‚¤ãƒ—: %(data)s (%(type)s)" +msgstr "無効ãªç›£æŸ»æƒ…å ±ãƒ‡ãƒ¼ã‚¿ã‚¿ã‚¤ãƒ— %(data)s (%(type)s) ã§ã™" +#, fuzzy msgid "Invalid blob in credential" msgstr "è³‡æ ¼æƒ…å ±å†…ã® blob ãŒç„¡åŠ¹ã§ã™" @@ -538,17 +550,18 @@ msgid "" "Invalid domain name: %(domain)s found in config file name: %(file)s - " "ignoring this file." msgstr "" -"無効ãªãƒ‰ãƒ¡ã‚¤ãƒ³ãƒ»ãƒãƒ¼ãƒ %(domain)s ãŒæ§‹æˆãƒ•ã‚¡ã‚¤ãƒ«å %(file)s ã«è¦‹ã¤ã‹ã‚Šã¾ã—㟠" -"- ã“ã®ãƒ•ã‚¡ã‚¤ãƒ«ã¯ç„¡è¦–ã•ã‚Œã¾ã™ã€‚" +"無効ãªãƒ‰ãƒ¡ã‚¤ãƒ³å %(domain)s ãŒè¨å®šãƒ•ã‚¡ã‚¤ãƒ«å %(file)s ã«è¦‹ã¤ã‹ã‚Šã¾ã—ãŸã€‚ã“ã®" +"ファイルã¯ç„¡è¦–ã•ã‚Œã¾ã™ã€‚" #, python-format msgid "Invalid domain specific configuration: %(reason)s" -msgstr "ドメイン固有ã®æ§‹æˆãŒç„¡åŠ¹ã§ã™: %(reason)s" +msgstr "無効ãªãƒ‰ãƒ¡ã‚¤ãƒ³å›ºæœ‰ã®è¨å®šã§ã™: %(reason)s" #, python-format msgid "Invalid input for field '%(path)s'. The value is '%(value)s'." msgstr "フィールド '%(path)s' ã®å…¥åŠ›ãŒç„¡åŠ¹ã§ã™ã€‚値㯠'%(value)s' ã§ã™ã€‚" +#, fuzzy msgid "Invalid limit value" msgstr "制é™å€¤ãŒç„¡åŠ¹ã§ã™" @@ -585,13 +598,13 @@ msgid "Invalid user / password" msgstr "ユーザー/パスワードãŒç„¡åŠ¹ã§ã™" msgid "Invalid username or password" -msgstr "無効ãªãƒ¦ãƒ¼ã‚¶ãƒ¼åã¾ãŸã¯ãƒ‘スワード" +msgstr "無効ãªãƒ¦ãƒ¼ã‚¶ãƒ¼åã‹ãƒ‘スワード" #, python-format msgid "KVS region %s is already configured. Cannot reconfigure." msgstr "KVS é ˜åŸŸ %s ã¯æ—¢ã«æ§‹æˆã•ã‚Œã¦ã„ã¾ã™ã€‚å†æ§‹æˆã¯ã§ãã¾ã›ã‚“。" -#, python-format +#, fuzzy, python-format msgid "Key Value Store not configured: %s" msgstr "ã‚ー値ストアãŒæ§‹æˆã•ã‚Œã¦ã„ã¾ã›ã‚“: %s" @@ -609,19 +622,18 @@ msgstr "LDAP %s ã®æ›´æ–°" #, python-format msgid "Lock Timeout occurred for key, %(target)s" -msgstr "ã‚ー %(target)s ã«ã¤ã„ã¦ãƒãƒƒã‚¯ãƒ»ã‚¿ã‚¤ãƒ アウトãŒç™ºç”Ÿã—ã¾ã—ãŸ" +msgstr "ã‚ー %(target)s ã«ã¤ã„ã¦ãƒãƒƒã‚¯ã‚¿ã‚¤ãƒ アウトãŒç™ºç”Ÿã—ã¾ã—ãŸ" #, python-format msgid "Lock key must match target key: %(lock)s != %(target)s" msgstr "" -"ãƒãƒƒã‚¯ãƒ»ã‚ーãŒã‚¿ãƒ¼ã‚²ãƒƒãƒˆãƒ»ã‚ーã¨ä¸€è‡´ã—ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“: %(lock)s != " -"%(target)s" +"ãƒãƒƒã‚¯ã‚ーã¯ã‚¿ãƒ¼ã‚²ãƒƒãƒˆã‚ーã¨ä¸€è‡´ã—ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“: %(lock)s != %(target)s" #, python-format msgid "Malformed endpoint URL (%(endpoint)s), see ERROR log for details." msgstr "" -"エンドãƒã‚¤ãƒ³ãƒˆ URL (%(endpoint)s) ã®å½¢å¼ãŒæ£ã—ãã‚ã‚Šã¾ã›ã‚“。詳ã—ãã¯ã‚¨ãƒ©ãƒ¼ãƒ»" -"ãƒã‚°ã‚’å‚ç…§ã—ã¦ãã ã•ã„。" +"エンドãƒã‚¤ãƒ³ãƒˆ URL (%(endpoint)s) ã®å½¢å¼ãŒæ£ã—ãã‚ã‚Šã¾ã›ã‚“。詳ã—ãã¯ã‚¨ãƒ©ãƒ¼ãƒ" +"ã‚°ã‚’å‚ç…§ã—ã¦ãã ã•ã„。" msgid "Marker could not be found" msgstr "マーカーãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" @@ -639,38 +651,39 @@ msgid "Method not callable: %s" msgstr "メソッドãŒå‘¼ã³å‡ºã—å¯èƒ½ã§ã¯ã‚ã‚Šã¾ã›ã‚“: %s" msgid "Missing entity ID from environment" -msgstr "環境ã«ã‚¨ãƒ³ãƒ†ã‚£ãƒ†ã‚£ãƒ¼ ID ãŒã‚ã‚Šã¾ã›ã‚“" +msgstr "ç’°å¢ƒæƒ…å ±ã«ã‚¨ãƒ³ãƒ†ã‚£ãƒ†ã‚£ãƒ¼ ID ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" msgid "" "Modifying \"redelegation_count\" upon redelegation is forbidden. Omitting " "this parameter is advised." msgstr "" -"å†å§”任時ã®ã€Œredelegation_countã€ã®å¤‰æ›´ã¯ç¦æ¢ã•ã‚Œã¦ã„ã¾ã™ã€‚ã“ã®ãƒ‘ラメーターを" -"çœç•¥ã—ã¦ãã ã•ã„。" +"å†å§”任時ã®ã€Œredelegation_countã€ã®å¤‰æ›´ã¯ç¦æ¢ã•ã‚Œã¦ã„ã¾ã™ã€‚ã“ã®ãƒ‘ラメーターã¯" +"指定ã—ãªã„ã§ãã ã•ã„。" msgid "Multiple domains are not supported" msgstr "複数ã®ãƒ‰ãƒ¡ã‚¤ãƒ³ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã›ã‚“" msgid "Must be called within an active lock context." -msgstr "アクティブ・ãƒãƒƒã‚¯ãƒ»ã‚³ãƒ³ãƒ†ã‚スト内ã§å‘¼ã³å‡ºã•ã‚Œãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。" +msgstr "アクティブãªãƒãƒƒã‚¯ã‚³ãƒ³ãƒ†ã‚スト内ã§å‘¼ã³å‡ºã•ã‚Œãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。" msgid "Must specify either domain or project" msgstr "ドメインã¾ãŸã¯ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®ã„ãšã‚Œã‹ã‚’指定ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™" msgid "Name field is required and cannot be empty" -msgstr "「åå‰ã€ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯å¿…é ˆãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã§ã‚ã‚‹ãŸã‚ã€ç©ºã«ã§ãã¾ã›ã‚“" +msgstr "「åå‰ã€ãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã¯å¿…é ˆãƒ•ã‚£ãƒ¼ãƒ«ãƒ‰ã§ã‚ã‚Šã€ç©ºã«ã§ãã¾ã›ã‚“" msgid "" "No Authorization headers found, cannot proceed with OAuth related calls, if " "running under HTTPd or Apache, ensure WSGIPassAuthorization is set to On." msgstr "" -"許å¯ãƒ˜ãƒƒãƒ€ãƒ¼ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“。OAuth 関連呼ã³å‡ºã—を続行ã§ãã¾ã›ã‚“。HTTPd ã¾ãŸ" -"㯠Apache ã®ä¸‹ã§å®Ÿè¡Œã—ã¦ã„ã‚‹å ´åˆã¯ã€WSGIPassAuthorization ㌠On ã«è¨å®šã•ã‚Œã¦" -"ã„ã‚‹ã“ã¨ã‚’確èªã—ã¦ãã ã•ã„。" +"èªå¯ã«ä½¿ç”¨ã™ã‚‹ãƒ˜ãƒƒãƒ€ãƒ¼ãŒè¦‹ã¤ã‹ã‚‰ãšã€OAuth 関連ã®å‘¼ã³å‡ºã—を続行ã§ãã¾ã›ã‚“。" +"HTTPd ã¾ãŸã¯ Apache ã®ä¸‹ã§å®Ÿè¡Œã—ã¦ã„ã‚‹å ´åˆã¯ã€WSGIPassAuthorization ㌠On ã«" +"è¨å®šã•ã‚Œã¦ã„ã‚‹ã“ã¨ã‚’確èªã—ã¦ãã ã•ã„。" msgid "No authenticated user" msgstr "èªè¨¼ã•ã‚Œã¦ã„ãªã„ユーザー" +#, fuzzy msgid "" "No encryption keys found; run keystone-manage fernet_setup to bootstrap one." msgstr "" @@ -678,38 +691,38 @@ msgstr "" "ã‚’è¡Œã£ã¦ãã ã•ã„。" msgid "No options specified" -msgstr "オプション指定ãªã—" +msgstr "オプションãŒæŒ‡å®šã•ã‚Œã¦ã„ã¾ã›ã‚“" #, python-format msgid "No policy is associated with endpoint %(endpoint_id)s." msgstr "" "エンドãƒã‚¤ãƒ³ãƒˆ %(endpoint_id)s ã«é–¢é€£ä»˜ã‘られã¦ã„ã‚‹ãƒãƒªã‚·ãƒ¼ã¯ã‚ã‚Šã¾ã›ã‚“。" -#, python-format +#, fuzzy, python-format msgid "No remaining uses for trust: %(trust_id)s" -msgstr "トラストã«ã¯ä½¿ç”¨ãŒæ®‹ã£ã¦ã„ã¾ã›ã‚“: %(trust_id)s" +msgstr "トラスト %(trust_id)s ã«ã¯ä½¿ç”¨ãŒæ®‹ã£ã¦ã„ã¾ã›ã‚“" msgid "Non-default domain is not supported" -msgstr "標準以外ã®ãƒ‰ãƒ¡ã‚¤ãƒ³ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¾ã›ã‚“" +msgstr "デフォルト以外ã®ãƒ‰ãƒ¡ã‚¤ãƒ³ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¾ã›ã‚“" msgid "One of the trust agents is disabled or deleted" -msgstr "トラスト・エージェント㮠1 ã¤ãŒç„¡åŠ¹åŒ–ã¾ãŸã¯å‰Šé™¤ã•ã‚Œã¦ã„ã¾ã™" +msgstr "トラストエージェント㮠1 ã¤ãŒç„¡åŠ¹ã«ãªã£ã¦ã„ã‚‹ã‹å‰Šé™¤ã•ã‚Œã¦ã„ã¾ã™" #, python-format msgid "" "Option %(option)s found with no group specified while checking domain " "configuration request" msgstr "" -"ドメイン構æˆè¦æ±‚ã®æ¤œæŸ»ä¸ã«ã‚ªãƒ—ション %(option)s ã«ã‚°ãƒ«ãƒ¼ãƒ—ãŒæŒ‡å®šã•ã‚Œã¦ã„ãªã„" -"ã“ã¨ãŒæ¤œå‡ºã•ã‚Œã¾ã—ãŸ" +"ドメインè¨å®šè¦æ±‚ã®æ¤œæŸ»ä¸ã«ã€ã‚°ãƒ«ãƒ¼ãƒ—ãŒæŒ‡å®šã•ã‚Œã¦ã„ãªã„オプション %(option)s " +"ãŒè¦‹ã¤ã‹ã‚Šã¾ã—ãŸ" #, python-format msgid "" "Option %(option)s in group %(group)s is not supported for domain specific " "configurations" msgstr "" -"ドメイン固有ã®æ§‹æˆã§ã¯ã‚°ãƒ«ãƒ¼ãƒ— %(group)s 内ã®ã‚ªãƒ—ション %(option)s ã¯ã‚µãƒãƒ¼ãƒˆ" -"ã•ã‚Œã¦ã„ã¾ã›ã‚“" +"ドメイン固有ã®è¨å®šã§ã¯ã‚°ãƒ«ãƒ¼ãƒ— %(group)s ã®ã‚ªãƒ—ション %(option)s ã¯ã‚µãƒãƒ¼ãƒˆã•" +"ã‚Œã¦ã„ã¾ã›ã‚“" #, python-format msgid "Project (%s)" @@ -717,7 +730,7 @@ msgstr "プãƒã‚¸ã‚§ã‚¯ãƒˆ (%s)" #, python-format msgid "Project is disabled: %s" -msgstr "プãƒã‚¸ã‚§ã‚¯ãƒˆãŒç„¡åŠ¹åŒ–ã•ã‚Œã¦ã„ã¾ã™: %s" +msgstr "プãƒã‚¸ã‚§ã‚¯ãƒˆ %s ãŒç„¡åŠ¹ã«ãªã£ã¦ã„ã¾ã™" msgid "Redelegation allowed for delegated by trust only" msgstr "å†å§”ä»»ã¯ãƒˆãƒ©ã‚¹ãƒˆã«ã‚ˆã‚‹å§”ä»»ã«ã®ã¿è¨±å¯ã•ã‚Œã¾ã™" @@ -731,7 +744,7 @@ msgstr "" "%(max_count)d] を超ãˆã¦ã„ã¾ã™" msgid "Request Token does not have an authorizing user id" -msgstr "è¦æ±‚トークンã«è¨±å¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ ID ãŒå«ã¾ã‚Œã¦ã„ã¾ã›ã‚“" +msgstr "è¦æ±‚ã•ã‚ŒãŸãƒˆãƒ¼ã‚¯ãƒ³ã«è¨±å¯ãƒ¦ãƒ¼ã‚¶ãƒ¼ ID ãŒå«ã¾ã‚Œã¦ã„ã¾ã›ã‚“" #, python-format msgid "" @@ -739,10 +752,11 @@ msgid "" "server could not comply with the request because the attribute size is " "invalid (too large). The client is assumed to be in error." msgstr "" -"è¦æ±‚属性 %(attribute)s 㯠%(size)i 以下ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。属性ã®ã‚µã‚¤ã‚ºãŒç„¡" -"効ã§ã‚ã‚‹ (大ãã™ãŽã‚‹) ãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ã¯è¦æ±‚ã«å¾“ã†ã“ã¨ãŒã§ãã¾ã›ã‚“ã§ã—ãŸã€‚クラ" -"イアントã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ã¦ã„ã‚‹ã¨è¦‹ãªã•ã‚Œã¾ã™ã€‚" +"è¦æ±‚ã•ã‚ŒãŸå±žæ€§ %(attribute)s ã®ã‚µã‚¤ã‚ºã¯ %(size)i 以下ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。属" +"性ã®ã‚µã‚¤ã‚ºãŒç„¡åŠ¹ã§ã‚ã‚‹ (大ãã™ãŽã‚‹) ãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ã¯è¦æ±‚ã«å¿œã˜ã‚‹ã“ã¨ãŒã§ãã¾" +"ã›ã‚“ã§ã—ãŸã€‚クライアントã§ã‚¨ãƒ©ãƒ¼ãŒç™ºç”Ÿã—ã¦ã„ã‚‹ã¨è€ƒãˆã‚‰ã‚Œã¾ã™ã€‚" +#, fuzzy msgid "Request must have an origin query parameter" msgstr "è¦æ±‚ã«ã¯èµ·ç‚¹ç…§ä¼šãƒ‘ラメーターãŒå¿…è¦ã§ã™" @@ -750,7 +764,7 @@ msgid "Request token is expired" msgstr "è¦æ±‚トークンã®æœ‰åŠ¹æœŸé™ãŒåˆ‡ã‚Œã¦ã„ã¾ã™" msgid "Request token not found" -msgstr "è¦æ±‚トークンãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" +msgstr "è¦æ±‚ã•ã‚ŒãŸãƒˆãƒ¼ã‚¯ãƒ³ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" msgid "Requested expiration time is more than redelegated trust can provide" msgstr "è¦æ±‚ã•ã‚ŒãŸæœ‰åŠ¹æœŸé™ã¯å†å§”ä»»ã•ã‚ŒãŸãƒˆãƒ©ã‚¹ãƒˆãŒæä¾›å¯èƒ½ãªæœŸé–“を超ãˆã¦ã„ã¾ã™" @@ -760,8 +774,8 @@ msgid "" "Requested redelegation depth of %(requested_count)d is greater than allowed " "%(max_count)d" msgstr "" -"%(requested_count)d ã®è¦æ±‚ã•ã‚ŒãŸå†å§”ä»»ã®æ·±ã•ãŒã€è¨±å¯ã•ã‚ŒãŸ %(max_count)d を超" -"ãˆã¦ã„ã¾ã™" +"è¦æ±‚ã•ã‚ŒãŸå†å§”ä»»ã®æ·±ã• %(requested_count)d ãŒã€è¨±å¯ã•ã‚ŒãŸä¸Šé™ %(max_count)d " +"を超ãˆã¦ã„ã¾ã™" #, python-format msgid "Role %s not found" @@ -774,23 +788,23 @@ msgid "" msgstr "" "eventlet を介ã—㟠keystone ã®å®Ÿè¡Œã¯ Kilo 以é™ã§ã¯æŽ¨å¥¨ã•ã‚Œã¦ãŠã‚‰ãšã€WSGI サー" "ãƒãƒ¼ (mod_wsgi ãªã©) ã§ã®å®Ÿè¡ŒãŒæŽ¨å¥¨ã•ã‚Œã¦ã„ã¾ã™ã€‚eventlet 下ã§ã® keystone ã®" -"サãƒãƒ¼ãƒˆã¯ã€ŒMã€-リリースã§å‰Šé™¤ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚" +"サãƒãƒ¼ãƒˆã¯ã€ŒMã€ãƒªãƒªãƒ¼ã‚¹ã§å‰Šé™¤ã•ã‚Œã‚‹äºˆå®šã§ã™ã€‚" msgid "Scoping to both domain and project is not allowed" -msgstr "ドメインã¨ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®ä¸¡æ–¹ã‚’スコープã¨ã™ã‚‹ã“ã¨ã¯è¨±å¯ã•ã‚Œã¾ã›ã‚“" +msgstr "ドメインã¨ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®ä¸¡æ–¹ã«ã‚¹ã‚³ãƒ¼ãƒ—ã‚’è¨å®šã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“" msgid "Scoping to both domain and trust is not allowed" -msgstr "ドメインã¨ãƒˆãƒ©ã‚¹ãƒˆã®ä¸¡æ–¹ã‚’スコープã¨ã™ã‚‹ã“ã¨ã¯è¨±å¯ã•ã‚Œã¾ã›ã‚“" +msgstr "ドメインã¨ãƒˆãƒ©ã‚¹ãƒˆã®ä¸¡æ–¹ã«ã‚¹ã‚³ãƒ¼ãƒ—ã‚’è¨å®šã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“" msgid "Scoping to both project and trust is not allowed" -msgstr "プãƒã‚¸ã‚§ã‚¯ãƒˆã¨ãƒˆãƒ©ã‚¹ãƒˆã®ä¸¡æ–¹ã‚’スコープã¨ã™ã‚‹ã“ã¨ã¯è¨±å¯ã•ã‚Œã¾ã›ã‚“" +msgstr "プãƒã‚¸ã‚§ã‚¯ãƒˆã¨ãƒˆãƒ©ã‚¹ãƒˆã®ä¸¡æ–¹ã«ã‚¹ã‚³ãƒ¼ãƒ—ã‚’è¨å®šã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“" #, python-format msgid "Service Provider %(sp)s is disabled" -msgstr "サービス・プãƒãƒã‚¤ãƒ€ãƒ¼ %(sp)s ã¯ç„¡åŠ¹ã«ãªã£ã¦ã„ã¾ã™" +msgstr "サービスプãƒãƒã‚¤ãƒ€ãƒ¼ %(sp)s ã¯ç„¡åŠ¹ã«ãªã£ã¦ã„ã¾ã™" msgid "Some of requested roles are not in redelegated trust" -msgstr "è¦æ±‚ã•ã‚ŒãŸå½¹å‰²ã®ä¸€éƒ¨ãŒå†å§”ä»»ã•ã‚ŒãŸãƒˆãƒ©ã‚¹ãƒˆå†…ã«ã‚ã‚Šã¾ã›ã‚“" +msgstr "è¦æ±‚ã•ã‚ŒãŸãƒãƒ¼ãƒ«ã®ä¸€éƒ¨ãŒå†å§”ä»»ã•ã‚ŒãŸãƒˆãƒ©ã‚¹ãƒˆå†…ã«ã‚ã‚Šã¾ã›ã‚“" msgid "Specify a domain or project, not both" msgstr "ドメインã‹ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã‚’指定ã—ã¦ãã ã•ã„。両方ã¯æŒ‡å®šã—ãªã„ã§ãã ã•ã„" @@ -809,27 +823,28 @@ msgid "" "String length exceeded.The length of string '%(string)s' exceeded the limit " "of column %(type)s(CHAR(%(length)d))." msgstr "" -"ストリングã®é•·ã•ã‚’超ãˆã¾ã—ãŸã€‚ストリング %(string)s' ã®é•·ã•ãŒåˆ— " -"%(type)s(CHAR(%(length)d)) ã®åˆ¶é™ã‚’超ãˆã¾ã—ãŸã€‚" +"æ–‡å—列ãŒé•·éŽãŽã¾ã™ã€‚æ–‡å—列 %(string)s' ã®é•·ã•ãŒåˆ— %(type)s(CHAR(%(length)d)) " +"ã®åˆ¶é™ã‚’超ãˆã¾ã—ãŸã€‚" msgid "The --all option cannot be used with the --domain-name option" msgstr "--all オプションを --domain-name オプションã¨ä½µç”¨ã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“" #, python-format msgid "The Keystone configuration file %(config_file)s could not be found." -msgstr "Keystone 構æˆãƒ•ã‚¡ã‚¤ãƒ« %(config_file)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚" +msgstr "Keystone è¨å®šãƒ•ã‚¡ã‚¤ãƒ« %(config_file)s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚" #, python-format msgid "" "The Keystone domain-specific configuration has specified more than one SQL " "driver (only one is permitted): %(source)s." msgstr "" -"keystone ドメイン固有構æˆã§è¤‡æ•°ã® SQL ドライãƒãƒ¼ãŒæŒ‡å®šã•ã‚Œã¦ã„ã¾ã™ (1 ã¤ã®ã¿" -"許å¯): %(source)s。" +"keystone ドメイン固有è¨å®šã§è¤‡æ•°ã® SQL ドライãƒãƒ¼ãŒæŒ‡å®šã•ã‚Œã¦ã„ã¾ã™ (1 ã¤ã—ã‹" +"指定ã§ãã¾ã›ã‚“): %(source)s。" msgid "The action you have requested has not been implemented." msgstr "è¦æ±‚ã—ãŸã‚¢ã‚¯ã‚·ãƒ§ãƒ³ã¯å®Ÿè£…ã•ã‚Œã¦ã„ã¾ã›ã‚“。" +#, fuzzy msgid "The authenticated user should match the trustor." msgstr "èªè¨¼ãƒ¦ãƒ¼ã‚¶ãƒ¼ã¯å§”託者ã¨ä¸€è‡´ã—ã¦ã„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚" @@ -838,8 +853,8 @@ msgid "" "server does not use PKI tokens otherwise this is the result of " "misconfiguration." msgstr "" -"è¦æ±‚ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ãŒã‚ã‚Šã¾ã›ã‚“。ã“ã®ã‚µãƒ¼ãƒãƒ¼ã§ã¯ PKI トークンãŒä½¿ç”¨ã•ã‚Œãªã„ã‹ã€" -"ã¾ãŸã¯çµæžœçš„ã«æ§‹æˆãŒæ£ã—ããªã„ã“ã¨ãŒè€ƒãˆã‚‰ã‚Œã¾ã™ã€‚ " +"è¦æ±‚ã•ã‚ŒãŸè¨¼æ˜Žæ›¸ãŒã‚ã‚Šã¾ã›ã‚“。ã“ã®ã‚µãƒ¼ãƒãƒ¼ã§ã¯ PKI トークンãŒä½¿ç”¨ã•ã‚Œã¦ã„ãªã„" +"ã‹ã€ãã†ã§ãªã„å ´åˆã¯è¨å®šãŒé–“é•ã£ã¦ã„ã‚‹ã¨è€ƒãˆã‚‰ã‚Œã¾ã™ã€‚ " #, python-format msgid "" @@ -847,7 +862,7 @@ msgid "" "not comply with the request because the password is invalid." msgstr "" "パスワードã®é•·ã•ã¯ %(size)i 以下ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。パスワードãŒç„¡åŠ¹ã§ã‚ã‚‹" -"ãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ã¯è¦æ±‚ã«å¾“ã†ã“ã¨ãŒã§ãã¾ã›ã‚“ã§ã—ãŸã€‚" +"ãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ã¯è¦æ±‚ã«å¿œã˜ã‚‹ã“ã¨ãŒã§ãã¾ã›ã‚“ã§ã—ãŸã€‚" msgid "The request you have made requires authentication." msgstr "実行ã•ã‚ŒãŸè¦æ±‚ã«ã¯èªè¨¼ãŒå¿…è¦ã§ã™ã€‚" @@ -869,38 +884,40 @@ msgstr "è¦æ±‚ã—ãŸã‚µãƒ¼ãƒ“スã¯ç¾åœ¨ã“ã®ã‚µãƒ¼ãƒãƒ¼ã§ã¯ä½¿ç”¨ã§ãã¾ msgid "" "The specified parent region %(parent_region_id)s would create a circular " "region hierarchy." -msgstr "指定ã•ã‚ŒãŸè¦ªé ˜åŸŸ %(parent_region_id)s ã¯å¾ªç’°é ˜åŸŸéšŽå±¤ã‚’作æˆã—ã¾ã™ã€‚" +msgstr "" +"指定ã•ã‚ŒãŸè¦ªãƒªãƒ¼ã‚¸ãƒ§ãƒ³ %(parent_region_id)s ã§ã¯ã€ãƒªãƒ¼ã‚¸ãƒ§ãƒ³éšŽå±¤æ§‹é€ ã§ãƒ«ãƒ¼ãƒ—" +"ãŒç™ºç”Ÿã—ã¦ã—ã¾ã„ã¾ã™ã€‚" #, python-format msgid "" "The value of group %(group)s specified in the config should be a dictionary " "of options" msgstr "" -"構æˆã§æŒ‡å®šã•ã‚ŒãŸã‚°ãƒ«ãƒ¼ãƒ— %(group)s ã®å€¤ã¯ã‚ªãƒ—ションã®ãƒ‡ã‚£ã‚¯ã‚·ãƒ§ãƒŠãƒªãƒ¼ã«ã™ã‚‹å¿…" -"è¦ãŒã‚ã‚Šã¾ã™" +"è¨å®šã§æŒ‡å®šã•ã‚ŒãŸã‚°ãƒ«ãƒ¼ãƒ— %(group)s ã®å€¤ã¯ã‚ªãƒ—ションã®è¾žæ›¸ã«ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™" msgid "There should not be any non-oauth parameters" -msgstr "éž oauth パラメーターãŒå˜åœ¨ã—ã¦ã„ã¦ã¯ãªã‚Šã¾ã›ã‚“" +msgstr "oauth 関連以外ã®ãƒ‘ラメーターãŒå«ã¾ã‚Œã¦ã„ã¦ã¯ã„ã‘ã¾ã›ã‚“" -#, python-format +#, fuzzy, python-format msgid "This is not a recognized Fernet payload version: %s" -msgstr "ã“ã‚Œã¯èªè˜ã•ã‚ŒãŸ Fernet ペイãƒãƒ¼ãƒ‰ãƒ»ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã§ã¯ã‚ã‚Šã¾ã›ã‚“: %s" +msgstr "ã“ã‚Œã¯èªè˜ã•ã‚ŒãŸ Fernet ペイãƒãƒ¼ãƒ‰ãƒãƒ¼ã‚¸ãƒ§ãƒ³ã§ã¯ã‚ã‚Šã¾ã›ã‚“: %s" +#, fuzzy msgid "" "This is not a v2.0 Fernet token. Use v3 for trust, domain, or federated " "tokens." msgstr "" -"ã“れ㯠v2.0 Fernet トークンã§ã¯ã‚ã‚Šã¾ã›ã‚“。トラスト・トークンã€ãƒ‰ãƒ¡ã‚¤ãƒ³ãƒ»ãƒˆãƒ¼" -"クンã€ã¾ãŸã¯çµ±åˆãƒˆãƒ¼ã‚¯ãƒ³ã«ã¯ v3 を使用ã—ã¦ãã ã•ã„。" +"ã“れ㯠v2.0 Fernet トークンã§ã¯ã‚ã‚Šã¾ã›ã‚“。トラストトークンã€ãƒ‰ãƒ¡ã‚¤ãƒ³ãƒˆãƒ¼ã‚¯" +"ンã€ã¾ãŸã¯çµ±åˆãƒˆãƒ¼ã‚¯ãƒ³ã«ã¯ v3 を使用ã—ã¦ãã ã•ã„。" msgid "" "Timestamp not in expected format. The server could not comply with the " "request since it is either malformed or otherwise incorrect. The client is " "assumed to be in error." msgstr "" -"タイム・スタンプãŒã€äºˆæœŸã•ã‚ŒãŸå½¢å¼ã«ãªã£ã¦ã„ã¾ã›ã‚“。è¦æ±‚ã®å½¢å¼ãŒèª¤ã£ã¦ã„ã‚‹" -"ã‹ã€ã¾ãŸã¯è¦æ±‚ãŒæ£ã—ããªã„ãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ã¯è¦æ±‚ã«å¿œã˜ã‚‹ã“ã¨ãŒã§ãã¾ã›ã‚“ã§ã—" -"ãŸã€‚クライアントã¯ã‚¨ãƒ©ãƒ¼ã«ãªã£ã¦ã„ã‚‹ã¨ã¿ãªã•ã‚Œã¾ã™ã€‚" +"タイムスタンプãŒæƒ³å®šã•ã‚ŒãŸå½¢å¼ã«ãªã£ã¦ã„ã¾ã›ã‚“。è¦æ±‚ã®å½¢å¼ãŒä¸æ£ã‚‚ã—ãã¯æ£ã—" +"ããªã„ãŸã‚ã€ã‚µãƒ¼ãƒãƒ¼ã¯è¦æ±‚ã«å¿œã˜ã‚‹ã“ã¨ãŒã§ãã¾ã›ã‚“ã§ã—ãŸã€‚クライアントã§ã‚¨" +"ラーãŒç™ºç”Ÿã—ã¦ã„ã‚‹ã¨è€ƒãˆã‚‰ã‚Œã¾ã™ã€‚" #, python-format msgid "" @@ -908,8 +925,8 @@ msgid "" "the specific domain, i.e.: keystone-manage domain_config_upload --domain-" "name %s" msgstr "" -"ã“ã®ã‚¨ãƒ©ãƒ¼ã«é–¢ã™ã‚‹è©³ç´°ã‚’å¾—ã‚‹ã«ã¯ã€æ¬¡ã®ã‚ˆã†ã«ã€ç‰¹å®šãƒ‰ãƒ¡ã‚¤ãƒ³ã«å¯¾ã—ã¦ã“ã®ã‚³ãƒžãƒ³" -"ドをå†å®Ÿè¡Œã—ã¦ãã ã•ã„: keystone-manage domain_config_upload --domain-name %s" +"ã“ã®ã‚¨ãƒ©ãƒ¼ã«é–¢ã™ã‚‹è©³ç´°ã‚’å¾—ã‚‹ã«ã¯ã€ç‰¹å®šãƒ‰ãƒ¡ã‚¤ãƒ³ã«å¯¾ã—ã¦ã“ã®ã‚³ãƒžãƒ³ãƒ‰ã‚’å†å®Ÿè¡Œã—" +"ã¦ãã ã•ã„: keystone-manage domain_config_upload --domain-name %s" msgid "Token belongs to another user" msgstr "トークンãŒåˆ¥ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å±žã—ã¦ã„ã¾ã™" @@ -917,9 +934,11 @@ msgstr "トークンãŒåˆ¥ã®ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«å±žã—ã¦ã„ã¾ã™" msgid "Token does not belong to specified tenant." msgstr "トークンãŒæŒ‡å®šã•ã‚ŒãŸãƒ†ãƒŠãƒ³ãƒˆã«æ‰€å±žã—ã¦ã„ã¾ã›ã‚“。" +#, fuzzy msgid "Trustee has no delegated roles." -msgstr "å—託者ã«å§”ä»»ã•ã‚ŒãŸå½¹å‰²ãŒã‚ã‚Šã¾ã›ã‚“。" +msgstr "å—託者ã«å§”ä»»ã•ã‚ŒãŸãƒãƒ¼ãƒ«ãŒã‚ã‚Šã¾ã›ã‚“。" +#, fuzzy msgid "Trustor is disabled." msgstr "委託者ã¯ç„¡åŠ¹ã§ã™ã€‚" @@ -928,50 +947,51 @@ msgid "" "Trying to update group %(group)s, so that, and only that, group must be " "specified in the config" msgstr "" -"グループ %(group)s ã‚’æ›´æ–°ã—よã†ã¨ã—ã¦ã„ã‚‹ãŸã‚ã€ãã®ã‚ªãƒ—ションã®ã¿ã‚’構æˆã§æŒ‡å®š" -"ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™" +"グループ %(group)s ã‚’æ›´æ–°ã—よã†ã¨ã—ã¦ã„ã¾ã™ãŒã€ãã®å ´åˆã¯è¨å®šã§ã‚°ãƒ«ãƒ¼ãƒ—ã®ã¿ã‚’" +"指定ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™" #, python-format msgid "" "Trying to update option %(option)s in group %(group)s, but config provided " "contains option %(option_other)s instead" msgstr "" -"グループ %(group)s 内ã®ã‚ªãƒ—ション %(option)s ã‚’æ›´æ–°ã—よã†ã¨ã—ã¦ã„ã¾ã™ãŒã€æŒ‡å®š" -"ã•ã‚ŒãŸæ§‹æˆã«ã¯ä»£ã‚ã‚Šã«ã‚ªãƒ—ション %(option_other)s ãŒå«ã¾ã‚Œã¦ã„ã¾ã™" +"グループ %(group)s ã®ã‚ªãƒ—ション %(option)s ã‚’æ›´æ–°ã—よã†ã¨ã—ã¾ã—ãŸãŒã€æŒ‡å®šã•ã‚Œ" +"ãŸè¨å®šã«ã¯ä»£ã‚ã‚Šã«ã‚ªãƒ—ション %(option_other)s ãŒå«ã¾ã‚Œã¦ã„ã¾ã™" #, python-format msgid "" "Trying to update option %(option)s in group %(group)s, so that, and only " "that, option must be specified in the config" msgstr "" -"グループ %(group)s 内ã®ã‚ªãƒ—ション %(option)s ã‚’æ›´æ–°ã—よã†ã¨ã—ã¦ã„ã‚‹ãŸã‚ã€ãã®" -"オプションã®ã¿ã‚’構æˆã§æŒ‡å®šã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™" +"グループ %(group)s ã®ã‚ªãƒ—ション %(option)s ã‚’æ›´æ–°ã—よã†ã¨ã—ã¦ã„ã¾ã™ãŒã€ãã®å ´" +"åˆã¯è¨å®šã§ã‚ªãƒ—ションã®ã¿ã‚’指定ã™ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™" msgid "" "Unable to access the keystone database, please check it is configured " "correctly." msgstr "" -"keystone データベースã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã¾ã›ã‚“。ã“ã®ãƒ‡ãƒ¼ã‚¿ãƒ™ãƒ¼ã‚¹ãŒæ£ã—ã構æˆã•ã‚Œã¦" +"keystone データベースã«ã‚¢ã‚¯ã‚»ã‚¹ã§ãã¾ã›ã‚“。ã“ã®ãƒ‡ãƒ¼ã‚¿ãƒ™ãƒ¼ã‚¹ãŒæ£ã—ãè¨å®šã•ã‚Œã¦" "ã„ã‚‹ã‹ã©ã†ã‹ã‚’確èªã—ã¦ãã ã•ã„。" -#, python-format +#, fuzzy, python-format msgid "Unable to consume trust %(trust_id)s, unable to acquire lock." -msgstr "トラスト %(trust_id)s を使用ã§ããšã€ãƒãƒƒã‚¯ã‚’å–å¾—ã§ãã¾ã›ã‚“。" +msgstr "トラスト %(trust_id)s を消費ã§ããšã€ãƒãƒƒã‚¯ã‚’å–å¾—ã§ãã¾ã›ã‚“。" #, python-format msgid "" "Unable to delete region %(region_id)s because it or its child regions have " "associated endpoints." msgstr "" -"é ˜åŸŸ %(region_id)s ã¾ãŸã¯ãã®åé ˜åŸŸã«ã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆãŒé–¢é€£ä»˜ã‘られã¦ã„ã‚‹ãŸã‚ã€" -"ã“ã®é ˜åŸŸã‚’削除ã§ãã¾ã›ã‚“。" +"リージョン %(region_id)s ã¾ãŸã¯ãã®åリージョンãŒã‚¨ãƒ³ãƒ‰ãƒã‚¤ãƒ³ãƒˆã«é–¢é€£ä»˜ã‘られ" +"ã¦ã„ã‚‹ãŸã‚ã€ã“ã®ãƒªãƒ¼ã‚¸ãƒ§ãƒ³ã‚’削除ã§ãã¾ã›ã‚“。" #, python-format msgid "Unable to find valid groups while using mapping %(mapping_id)s" msgstr "" -"マッピング %(mapping_id)s ã®ä½¿ç”¨ä¸ã«æœ‰åŠ¹ãªã‚°ãƒ«ãƒ¼ãƒ—ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" +"マッピング %(mapping_id)s を使用ã™ã‚‹éš›ã«ã€æœ‰åŠ¹ãªã‚°ãƒ«ãƒ¼ãƒ—ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—" +"ãŸ" -#, python-format +#, fuzzy, python-format msgid "" "Unable to get a connection from pool id %(id)s after %(seconds)s seconds." msgstr "" @@ -979,13 +999,13 @@ msgstr "" #, python-format msgid "Unable to locate domain config directory: %s" -msgstr "ドメイン構æˆãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªãƒ¼ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“: %s" +msgstr "ドメインè¨å®šãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªãƒ¼ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“: %s" #, python-format msgid "Unable to lookup user %s" msgstr "ユーザー %s を検索ã§ãã¾ã›ã‚“" -#, python-format +#, fuzzy, python-format msgid "" "Unable to reconcile identity attribute %(attribute)s as it has conflicting " "values %(new)s and %(old)s" @@ -1000,12 +1020,12 @@ msgid "" "%(reason)s" msgstr "" "SAML アサーションã«ç½²åã§ãã¾ã›ã‚“。ã“ã®ã‚µãƒ¼ãƒãƒ¼ã« xmlsec1 ãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ«ã•ã‚Œ" -"ã¦ã„ãªã„ã‹ã€èª¤ã£ãŸæ§‹æˆã«ã‚ˆã‚‹çµæžœã¨è€ƒãˆã‚‰ã‚Œã¾ã™ã€‚ç†ç”±: %(reason)s" +"ã¦ã„ãªã„ã‹ã€è¨å®šãŒèª¤ã£ã¦ã„ã‚‹ãŸã‚ã¨è€ƒãˆã‚‰ã‚Œã¾ã™ã€‚ç†ç”±: %(reason)s" msgid "Unable to sign token." msgstr "トークンã«ç½²åã§ãã¾ã›ã‚“。" -#, python-format +#, fuzzy, python-format msgid "Unexpected assignment type encountered, %s" msgstr "無効ãªå‰²ã‚Šå½“ã¦ã‚¿ã‚¤ãƒ— %s ãŒæ¤œå‡ºã•ã‚Œã¾ã—ãŸ" @@ -1014,10 +1034,10 @@ msgid "" "Unexpected combination of grant attributes - User: %(user_id)s, Group: " "%(group_id)s, Project: %(project_id)s, Domain: %(domain_id)s" msgstr "" -"èªå¯å±žæ€§ (ユーザー: %(user_id)sã€ã‚°ãƒ«ãƒ¼ãƒ—: %(group_id)sã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆ: " -"%(project_id)sã€ãƒ‰ãƒ¡ã‚¤ãƒ³: %(domain_id)s) ã®çµ„ã¿åˆã‚ã›ãŒæ£ã—ãã‚ã‚Šã¾ã›ã‚“。" +"èªå¯å±žæ€§ ã®çµ„ã¿åˆã‚ã› (ユーザー: %(user_id)sã€ã‚°ãƒ«ãƒ¼ãƒ—: %(group_id)sã€ãƒ—ãƒ" +"ジェクト: %(project_id)sã€ãƒ‰ãƒ¡ã‚¤ãƒ³: %(domain_id)s) ãŒæ£ã—ãã‚ã‚Šã¾ã›ã‚“。" -#, python-format +#, fuzzy, python-format msgid "Unexpected status requested for JSON Home response, %s" msgstr "JSON ホーム応ç”ã«å¯¾ã—ã¦äºˆæœŸã—ãªã„状æ³ãŒè¦æ±‚ã•ã‚Œã¾ã—ãŸã€‚%s" @@ -1026,23 +1046,23 @@ msgstr "ä¸æ˜Žãªã‚¿ãƒ¼ã‚²ãƒƒãƒˆ" #, python-format msgid "Unknown domain '%(name)s' specified by --domain-name" -msgstr "ä¸æ˜Žãªãƒ‰ãƒ¡ã‚¤ãƒ³ '%(name)s' ㌠--domain-name ã«ã‚ˆã£ã¦æŒ‡å®šã•ã‚Œã¾ã—ãŸ" +msgstr "ä¸æ˜Žãªãƒ‰ãƒ¡ã‚¤ãƒ³ '%(name)s' ㌠--domain-name ã§æŒ‡å®šã•ã‚Œã¾ã—ãŸ" #, python-format msgid "Unknown token version %s" -msgstr "トークン・ãƒãƒ¼ã‚¸ãƒ§ãƒ³ %s ã¯ä¸æ˜Žã§ã™" +msgstr "トークンãƒãƒ¼ã‚¸ãƒ§ãƒ³ %s ã¯ä¸æ˜Žã§ã™" #, python-format msgid "Unregistered dependency: %(name)s for %(targets)s" -msgstr "未登録ã®ä¾å˜é–¢ä¿‚: %(targets)s ã® %(name)s" +msgstr "未登録ã®ä¾å˜é–¢ä¿‚: %(targets)s ã«å¯¾ã™ã‚‹ %(name)s" msgid "Update of `parent_id` is not allowed." -msgstr "「parent_idã€ã®æ›´æ–°ã¯è¨±å¯ã•ã‚Œã¦ã„ã¾ã›ã‚“。" +msgstr "\"parent_id\" ã®æ›´æ–°ã¯è¨±å¯ã•ã‚Œã¦ã„ã¾ã›ã‚“。" msgid "Use a project scoped token when attempting to create a SAML assertion" msgstr "" -"SAML アサーションã®ä½œæˆã‚’試ã¿ã‚‹ã¨ãã¯ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆç¯„囲トークンを使用ã—ã¦ãã " -"ã•ã„。" +"SAML アサーションã®ä½œæˆã‚’è¡Œã†ã¨ãã¯ã€ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã«ã‚¹ã‚³ãƒ¼ãƒ—ãŒè¨å®šã•ã‚ŒãŸãƒˆãƒ¼ã‚¯" +"ンを使用ã—ã¦ãã ã•ã„" #, python-format msgid "User %(u_id)s is unauthorized for tenant %(t_id)s" @@ -1051,19 +1071,19 @@ msgstr "ユーザー %(u_id)s ã¯ãƒ†ãƒŠãƒ³ãƒˆ %(t_id)s ã®ã‚¢ã‚¯ã‚»ã‚¹æ¨©é™ãŒã #, python-format msgid "User %(user_id)s already has role %(role_id)s in tenant %(tenant_id)s" msgstr "" -"ユーザー %(user_id)s ã«ã¯æ—¢ã«å½¹å‰² %(role_id)s ãŒãƒ†ãƒŠãƒ³ãƒˆ %(tenant_id)s ã«ã‚ã‚Š" -"ã¾ã™" +"ユーザー %(user_id)s ã«ã¯ã™ã§ã«ãƒ†ãƒŠãƒ³ãƒˆ %(tenant_id)s ã§ãƒãƒ¼ãƒ« %(role_id)s ãŒ" +"割り当ã¦ã‚‰ã‚Œã¦ã„ã¾ã™ã€‚" #, python-format msgid "User %(user_id)s has no access to domain %(domain_id)s" msgstr "" -"ユーザー %(user_id)s ã«ã¯ãƒ‰ãƒ¡ã‚¤ãƒ³ %(domain_id)s ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹æ¨©é™ãŒã‚ã‚Šã¾ã›ã‚“" +"ユーザー %(user_id)s ã¯ãƒ‰ãƒ¡ã‚¤ãƒ³ %(domain_id)s ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹æ¨©é™ãŒã‚ã‚Šã¾ã›ã‚“" #, python-format msgid "User %(user_id)s has no access to project %(project_id)s" msgstr "" -"ユーザー %(user_id)s ã«ã¯ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆ %(project_id)s ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹æ¨©é™ãŒã‚ã‚Šã¾" -"ã›ã‚“" +"ユーザー %(user_id)s ã¯ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆ %(project_id)s ã¸ã®ã‚¢ã‚¯ã‚»ã‚¹æ¨©é™ãŒã‚ã‚Šã¾ã›" +"ã‚“" #, python-format msgid "User %(user_id)s is already a member of group %(group_id)s" @@ -1078,20 +1098,21 @@ msgstr "ユーザー ID ãŒä¸€è‡´ã—ã¾ã›ã‚“" #, python-format msgid "User is disabled: %s" -msgstr "ユーザーãŒç„¡åŠ¹åŒ–ã•ã‚Œã¦ã„ã¾ã™: %s" +msgstr "ユーザーãŒç„¡åŠ¹ã«ãªã£ã¦ã„ã¾ã™: %s" msgid "User is not a member of the requested project" msgstr "ユーザーã¯ã€è¦æ±‚ã•ã‚ŒãŸãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã®ãƒ¡ãƒ³ãƒãƒ¼ã§ã¯ã‚ã‚Šã¾ã›ã‚“" +#, fuzzy msgid "User is not a trustee." msgstr "ユーザーã¯å—託者ã§ã¯ã‚ã‚Šã¾ã›ã‚“。" msgid "User not found" -msgstr "ユーザーãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸ" +msgstr "ユーザーãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“" -#, python-format +#, fuzzy, python-format msgid "User type %s not supported" -msgstr "ユーザー・タイプ %s ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã›ã‚“" +msgstr "ユーザー型 %s ã¯ã‚µãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã›ã‚“" msgid "You are not authorized to perform the requested action." msgstr "è¦æ±‚ã•ã‚ŒãŸã‚¢ã‚¯ã‚·ãƒ§ãƒ³ã‚’実行ã™ã‚‹è¨±å¯ãŒã‚ã‚Šã¾ã›ã‚“。" @@ -1109,30 +1130,34 @@ msgstr "`key_mangler` オプションã¯é–¢æ•°å‚ç…§ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã msgid "any options" msgstr "ä»»æ„ã®ã‚ªãƒ—ション" +#, fuzzy msgid "auth_type is not Negotiate" msgstr "auth_type ã¯æŠ˜è¡ã•ã‚Œã¦ã„ã¾ã›ã‚“" msgid "authorizing user does not have role required" -msgstr "許å¯ã‚’与ãˆã‚‹ãƒ¦ãƒ¼ã‚¶ãƒ¼ã«ã€å¿…è¦ãªå½¹å‰²ãŒã‚ã‚Šã¾ã›ã‚“" +msgstr "ユーザーをèªå¯ã™ã‚‹ã®ã«å¿…è¦ãªãƒãƒ¼ãƒ«ãŒã‚ã‚Šã¾ã›ã‚“" +#, fuzzy msgid "cache_collection name is required" msgstr "cache_collection name ã¯å¿…é ˆã§ã™" #, python-format msgid "cannot create a project in a branch containing a disabled project: %s" msgstr "" -"無効ãªãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã‚’å«ã‚€ãƒ–ランãƒã«ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã‚’作æˆã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“: %s" +"無効ã«ãªã£ã¦ã„るプãƒã‚¸ã‚§ã‚¯ãƒˆã‚’å«ã‚€ãƒ–ランãƒã«ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã‚’作æˆã™ã‚‹ã“ã¨ã¯ã§ã" +"ã¾ã›ã‚“: %s" msgid "cannot create a project within a different domain than its parents." -msgstr "親ã¨ã¯åˆ¥ã®ãƒ‰ãƒ¡ã‚¤ãƒ³å†…ã«ãƒ—ãƒã‚¸ã‚§ã‚¯ãƒˆã‚’作æˆã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“。" +msgstr "プãƒã‚¸ã‚§ã‚¯ãƒˆã¯è¦ªã¨ã¯åˆ¥ã®ãƒ‰ãƒ¡ã‚¤ãƒ³å†…ã«ã¯ä½œæˆã§ãã¾ã›ã‚“。" msgid "cannot delete a domain that is enabled, please disable it first." msgstr "" -"有効ãªãƒ‰ãƒ¡ã‚¤ãƒ³ã¯å‰Šé™¤ã§ãã¾ã›ã‚“。最åˆã«æœ‰åŠ¹ãªãƒ‰ãƒ¡ã‚¤ãƒ³ã‚’無効ã«ã—ã¦ãã ã•ã„。" +"有効ã«ãªã£ã¦ã„るドメインã¯å‰Šé™¤ã§ãã¾ã›ã‚“。最åˆã«ãã®ãƒ‰ãƒ¡ã‚¤ãƒ³ã‚’無効ã«ã—ã¦ãã " +"ã•ã„。" #, python-format msgid "cannot delete the project %s since it is not a leaf in the hierarchy." -msgstr "プãƒã‚¸ã‚§ã‚¯ãƒˆ %s ã¯éšŽå±¤å†…ã®ãƒªãƒ¼ãƒ•ã§ã¯ãªã„ãŸã‚ã€å‰Šé™¤ã§ãã¾ã›ã‚“。" +msgstr "プãƒã‚¸ã‚§ã‚¯ãƒˆ %s ã¯éšŽå±¤å†…ã®æœ«ç«¯ã§ã¯ãªã„ãŸã‚ã€å‰Šé™¤ã§ãã¾ã›ã‚“。" #, python-format msgid "cannot disable project %s since its subtree contains enabled projects" @@ -1142,8 +1167,9 @@ msgstr "" #, python-format msgid "cannot enable project %s since it has disabled parents" -msgstr "プãƒã‚¸ã‚§ã‚¯ãƒˆ %s ã¯ç„¡åŠ¹ã«ãªã£ã¦ã„る親をå«ã‚€ãŸã‚ã€æœ‰åŠ¹ã«ã§ãã¾ã›ã‚“" +msgstr "親ãŒç„¡åŠ¹ã«ãªã£ã¦ã„るプãƒã‚¸ã‚§ã‚¯ãƒˆ %s ã¯æœ‰åŠ¹ã«ã§ãã¾ã›ã‚“" +#, fuzzy msgid "database db_name is required" msgstr "database db_name ã¯å¿…é ˆã§ã™" @@ -1151,7 +1177,7 @@ msgid "db_hosts value is required" msgstr "db_hosts 値ã¯å¿…é ˆã§ã™" msgid "delete the default domain" -msgstr "デフォルト・ドメインを削除ã—ã¦ãã ã•ã„" +msgstr "デフォルトドメインを削除ã—ã¦ãã ã•ã„" #, python-format msgid "group %(group)s" @@ -1161,8 +1187,8 @@ msgid "" "idp_contact_type must be one of: [technical, other, support, administrative " "or billing." msgstr "" -"idp_contact_type 㯠technicalã€otherã€supportã€administrativeã€ã¾ãŸã¯ " -"billing ã®ã„ãšã‚Œã‹ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。" +"idp_contact_type 㯠technicalã€otherã€supportã€administrativeã€billing ã®ã„ãš" +"ã‚Œã‹ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“。" msgid "integer value expected for mongo_ttl_seconds" msgstr "mongo_ttl_seconds ã«ã¯æ•´æ•°å€¤ãŒå¿…è¦ã§ã™" @@ -1183,23 +1209,28 @@ msgstr "使用å¯èƒ½ãª SSL サãƒãƒ¼ãƒˆãŒã‚ã‚Šã¾ã›ã‚“" #, python-format msgid "option %(option)s in group %(group)s" -msgstr "グループ %(group)s 内ã®ã‚ªãƒ—ション %(option)s" +msgstr "グループ %(group)s ã®ã‚ªãƒ—ション %(option)s" +#, fuzzy msgid "pad must be single character" msgstr "埋ã‚è¾¼ã¿ã¯å˜ä¸€æ–‡å—ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“" +#, fuzzy msgid "padded base64url text must be multiple of 4 characters" msgstr "埋ã‚è¾¼ã¾ã‚ŒãŸ base64url テã‚スト㯠4 ã®å€æ•°ã®æ–‡å—æ•°ã§ãªã‘ã‚Œã°ãªã‚Šã¾ã›ã‚“" msgid "provided consumer key does not match stored consumer key" -msgstr "指定ã•ã‚ŒãŸã‚³ãƒ³ã‚·ãƒ¥ãƒ¼ãƒžãƒ¼éµã¯ä¿ç®¡æ¸ˆã¿ã‚³ãƒ³ã‚·ãƒ¥ãƒ¼ãƒžãƒ¼éµã¨ä¸€è‡´ã—ã¾ã›ã‚“" +msgstr "" +"指定ã•ã‚ŒãŸã‚³ãƒ³ã‚·ãƒ¥ãƒ¼ãƒžãƒ¼éµã¯ä¿å˜ã•ã‚Œã¦ã„るコンシューマーéµã¨ä¸€è‡´ã—ã¾ã›ã‚“" msgid "provided request key does not match stored request key" -msgstr "指定ã•ã‚ŒãŸè¦æ±‚éµã¯ä¿ç®¡æ¸ˆã¿è¦æ±‚éµã¨ä¸€è‡´ã—ã¾ã›ã‚“" +msgstr "指定ã•ã‚ŒãŸè¦æ±‚éµã¯ä¿ç®¡ã•ã‚Œã¦ã„ã‚‹è¦æ±‚éµã¨ä¸€è‡´ã—ã¾ã›ã‚“" +#, fuzzy msgid "provided verifier does not match stored verifier" -msgstr "指定ã•ã‚ŒãŸãƒ™ãƒªãƒ•ã‚¡ã‚¤ãƒ¤ãƒ¼ã¯ä¿ç®¡æ¸ˆã¿ãƒ™ãƒªãƒ•ã‚¡ã‚¤ãƒ¤ãƒ¼ã¨ä¸€è‡´ã—ã¾ã›ã‚“" +msgstr "指定ã•ã‚ŒãŸãƒ™ãƒªãƒ•ã‚¡ã‚¤ãƒ¤ãƒ¼ã¯ä¿å˜ã•ã‚Œã¦ã„るベリファイヤーã¨ä¸€è‡´ã—ã¾ã›ã‚“" +#, fuzzy msgid "region not type dogpile.cache.CacheRegion" msgstr "é ˜åŸŸã®ã‚¿ã‚¤ãƒ—㌠dogpile.cache.CacheRegion ã§ã¯ã‚ã‚Šã¾ã›ã‚“" @@ -1210,45 +1241,43 @@ msgid "remaining_uses must not be set if redelegation is allowed" msgstr "å†å§”ä»»ãŒè¨±å¯ã•ã‚Œã¦ã„ã‚‹å ´åˆã¯ remaining_uses ã‚’è¨å®šã—ã¦ã¯ãªã‚Šã¾ã›ã‚“" msgid "replicaset_name required when use_replica is True" -msgstr "use_replica ㌠TRUE ã®å ´åˆã¯ replicaset_name ãŒå¿…è¦ã§ã™" +msgstr "use_replica ㌠True ã®å ´åˆã¯ replicaset_name ãŒå¿…è¦ã§ã™" #, python-format msgid "" "request to update group %(group)s, but config provided contains group " "%(group_other)s instead" msgstr "" -"グループ %(group)s ã®æ›´æ–°ã‚’è¦æ±‚ã—ã¾ã—ãŸãŒã€æŒ‡å®šã•ã‚ŒãŸæ§‹æˆã«ã¯ä»£ã‚ã‚Šã«ã‚°ãƒ«ãƒ¼" +"グループ %(group)s ã®æ›´æ–°ã‚’è¦æ±‚ã—ã¾ã—ãŸãŒã€æŒ‡å®šã•ã‚ŒãŸè¨å®šã«ã¯ä»£ã‚ã‚Šã«ã‚°ãƒ«ãƒ¼" "プ %(group_other)s ãŒå«ã¾ã‚Œã¦ã„ã¾ã™" msgid "rescope a scoped token" -msgstr "スコープ宣言ã•ã‚ŒãŸãƒˆãƒ¼ã‚¯ãƒ³ã‚’å†ã‚¹ã‚³ãƒ¼ãƒ—宣言ã—ã¾ã™" +msgstr "スコープãŒè¨å®šã•ã‚ŒãŸãƒˆãƒ¼ã‚¯ãƒ³ã®ã‚¹ã‚³ãƒ¼ãƒ—ã‚’è¨å®šã—ç›´ã—ã¾ã™" -#, python-format +#, fuzzy, python-format msgid "text is multiple of 4, but pad \"%s\" occurs before 2nd to last char" msgstr "" "テã‚スト㯠4 ã®å€æ•°ã§ã™ãŒã€æœ€å¾Œã‹ã‚‰2 ã¤ç›®ã®æ–‡å—ã®å‰ã«åŸ‹ã‚込㿠\"%s\" ã‚ã‚Šã¾ã™" -#, python-format +#, fuzzy, python-format msgid "text is multiple of 4, but pad \"%s\" occurs before non-pad last char" msgstr "" "テã‚スト㯠4 ã®å€æ•°ã§ã™ãŒã€åŸ‹ã‚è¾¼ã¿ã§ã¯ãªã„最後ã®æ–‡å—ã®å‰ã«åŸ‹ã‚込㿠\"%s\" ã‚" "ã‚Šã¾ã™" -#, python-format +#, fuzzy, python-format msgid "text is not a multiple of 4, but contains pad \"%s\"" msgstr "テã‚スト㯠4 ã®å€æ•°ã§ã¯ã‚ã‚Šã¾ã›ã‚“ãŒã€åŸ‹ã‚込㿠\"%s\" ãŒå«ã¾ã‚Œã¦ã„ã¾ã™" #, python-format msgid "tls_cacertdir %s not found or is not a directory" msgstr "" -"tls_cacertdir %s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚ã¾ãŸã¯ã€ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã§ã¯ã‚ã‚Šã¾ã›ã‚“。" +"tls_cacertdir %s ãŒè¦‹ã¤ã‹ã‚‰ãªã„ã€ã‚‚ã—ãã¯ã€ãƒ‡ã‚£ãƒ¬ã‚¯ãƒˆãƒªã§ã¯ã‚ã‚Šã¾ã›ã‚“。" #, python-format msgid "tls_cacertfile %s not found or is not a file" -msgstr "" -"tls_cacertfile %s ãŒè¦‹ã¤ã‹ã‚Šã¾ã›ã‚“ã§ã—ãŸã€‚ã¾ãŸã¯ã€ãƒ•ã‚¡ã‚¤ãƒ«ã§ã¯ã‚ã‚Šã¾ã›ã‚“。" +msgstr "tls_cacertfile %s ãŒè¦‹ã¤ã‹ã‚‰ãªã„ã€ã‚‚ã—ãã¯ã€ãƒ•ã‚¡ã‚¤ãƒ«ã§ã¯ã‚ã‚Šã¾ã›ã‚“。" #, python-format msgid "token reference must be a KeystoneToken type, got: %s" -msgstr "" -"トークンå‚照㯠KeystoneToken タイプã§ã‚ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚%s ã‚’å—ã‘å–ã‚Šã¾ã—ãŸ" +msgstr "トークンå‚照㯠KeystoneToken åž‹ã§ã‚ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚%s ã‚’å—ä¿¡ã—ã¾ã—ãŸ" diff --git a/keystone-moon/keystone/locale/keystone-log-warning.pot b/keystone-moon/keystone/locale/keystone-log-warning.pot index c591d798..3beb3a24 100644 --- a/keystone-moon/keystone/locale/keystone-log-warning.pot +++ b/keystone-moon/keystone/locale/keystone-log-warning.pot @@ -6,16 +6,16 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.0.0rc2.dev1\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-10-01 06:09+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #: keystone/exception.py:48 msgid "missing exception kwargs (programmer error)" diff --git a/keystone-moon/keystone/locale/keystone.pot b/keystone-moon/keystone/locale/keystone.pot index 64eab4ed..ce32fa88 100644 --- a/keystone-moon/keystone/locale/keystone.pot +++ b/keystone-moon/keystone/locale/keystone.pot @@ -6,16 +6,16 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.0.0rc2.dev1\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-10-01 06:09+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #: keystone/exception.py:78 #, python-format diff --git a/keystone-moon/keystone/locale/ko_KR/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/ko_KR/LC_MESSAGES/keystone-log-critical.po index ae6dc845..d7739156 100644 --- a/keystone-moon/keystone/locale/ko_KR/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/ko_KR/LC_MESSAGES/keystone-log-critical.po @@ -6,19 +6,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Korean (Korea) (http://www.transifex.com/openstack/keystone/" -"language/ko_KR/)\n" +"Language-Team: Korean (South Korea)\n" "Language: ko-KR\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=1; plural=0;\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" #, python-format diff --git a/keystone-moon/keystone/locale/ko_KR/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/ko_KR/LC_MESSAGES/keystone.po index f6e0fab8..123379ce 100644 --- a/keystone-moon/keystone/locale/ko_KR/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/ko_KR/LC_MESSAGES/keystone.po @@ -8,18 +8,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Korean (Korea) (http://www.transifex.com/openstack/keystone/" -"language/ko_KR/)\n" +"Language: ko_KR\n" +"Language-Team: Korean (South Korea)\n" "Plural-Forms: nplurals=1; plural=0\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(detail)s" diff --git a/keystone-moon/keystone/locale/pl_PL/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/pl_PL/LC_MESSAGES/keystone-log-critical.po index 0d4ec217..c57f0c55 100644 --- a/keystone-moon/keystone/locale/pl_PL/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/pl_PL/LC_MESSAGES/keystone-log-critical.po @@ -6,20 +6,19 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Polish (Poland) (http://www.transifex.com/openstack/keystone/" -"language/pl_PL/)\n" +"Language-Team: Polish (Poland)\n" "Language: pl-PL\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 " "|| n%100>=20) ? 1 : 2);\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" #, python-format diff --git a/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone-log-critical.po index cda7507a..f3b25b5e 100644 --- a/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone-log-critical.po @@ -6,19 +6,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Portuguese (Brazil) (http://www.transifex.com/openstack/" -"keystone/language/pt_BR/)\n" +"Language-Team: Portuguese (Brazil)\n" "Language: pt-BR\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" #, python-format diff --git a/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone-log-error.po b/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone-log-error.po index f56ca03e..2302f6a9 100644 --- a/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone-log-error.po +++ b/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone-log-error.po @@ -6,19 +6,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-06-26 05:13+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Portuguese (Brazil) (http://www.transifex.com/openstack/" -"keystone/language/pt_BR/)\n" +"Language-Team: Portuguese (Brazil)\n" "Language: pt-BR\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" msgid "" diff --git a/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone.po index 9adc7d82..8bda14f0 100644 --- a/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/pt_BR/LC_MESSAGES/keystone.po @@ -10,18 +10,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Portuguese (Brazil) (http://www.transifex.com/openstack/" -"keystone/language/pt_BR/)\n" +"Language: pt_BR\n" +"Language-Team: Portuguese (Brazil)\n" "Plural-Forms: nplurals=2; plural=(n > 1)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(detail)s" diff --git a/keystone-moon/keystone/locale/ru/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/ru/LC_MESSAGES/keystone-log-critical.po index 4ec0cb4b..9435231b 100644 --- a/keystone-moon/keystone/locale/ru/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/ru/LC_MESSAGES/keystone-log-critical.po @@ -3,23 +3,24 @@ # This file is distributed under the same license as the keystone project. # # Translators: +# OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: Keystone\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-08-06 06:28+0000\n" -"PO-Revision-Date: 2014-08-31 15:19+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" +"PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Russian (http://www.transifex.com/openstack/keystone/language/" -"ru/)\n" +"Language-Team: Russian\n" "Language: ru\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=4; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<12 || n%100>14) ? 1 : n%10==0 || (n%10>=5 && n%10<=9) || (n" "%100>=11 && n%100<=14)? 2 : 3);\n" +"Generated-By: Babel 2.0\n" +"X-Generator: Zanata 3.7.1\n" #, python-format msgid "Unable to open template file %s" diff --git a/keystone-moon/keystone/locale/ru/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/ru/LC_MESSAGES/keystone.po index 31b8e98d..1188d316 100644 --- a/keystone-moon/keystone/locale/ru/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/ru/LC_MESSAGES/keystone.po @@ -9,20 +9,20 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Russian (http://www.transifex.com/openstack/keystone/language/" -"ru/)\n" +"Language: ru\n" +"Language-Team: Russian\n" "Plural-Forms: nplurals=4; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<12 || n%100>14) ? 1 : n%10==0 || (n%10>=5 && n%10<=9) || (n" "%100>=11 && n%100<=14)? 2 : 3)\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(detail)s" diff --git a/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-critical.po index 78c74c70..4c59ad09 100644 --- a/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-critical.po @@ -6,19 +6,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-08-04 01:49+0000\n" "Last-Translator: Ä°ÅŸbaran Akçayır <isbaran@gmail.com>\n" -"Language-Team: Turkish (Turkey) (http://www.transifex.com/openstack/keystone/" -"language/tr_TR/)\n" +"Language-Team: Turkish (Turkey)\n" "Language: tr-TR\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=1; plural=0;\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" #, python-format diff --git a/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-error.po b/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-error.po index dd35769a..de599919 100644 --- a/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-error.po +++ b/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-error.po @@ -6,19 +6,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-08-04 01:50+0000\n" "Last-Translator: Ä°ÅŸbaran Akçayır <isbaran@gmail.com>\n" -"Language-Team: Turkish (Turkey) (http://www.transifex.com/openstack/keystone/" -"language/tr_TR/)\n" +"Language-Team: Turkish (Turkey)\n" "Language: tr-TR\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=1; plural=0;\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" msgid "Cannot retrieve Authorization headers" diff --git a/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-info.po b/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-info.po index 65f66f3b..a3451130 100644 --- a/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-info.po +++ b/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-info.po @@ -6,19 +6,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-08-04 01:49+0000\n" "Last-Translator: Ä°ÅŸbaran Akçayır <isbaran@gmail.com>\n" -"Language-Team: Turkish (Turkey) (http://www.transifex.com/openstack/keystone/" -"language/tr_TR/)\n" +"Language-Team: Turkish (Turkey)\n" "Language: tr-TR\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=1; plural=0;\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" #, python-format diff --git a/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-warning.po b/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-warning.po index d15319e2..aeae0585 100644 --- a/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-warning.po +++ b/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone-log-warning.po @@ -6,19 +6,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Turkish (Turkey) (http://www.transifex.com/openstack/keystone/" -"language/tr_TR/)\n" +"Language-Team: Turkish (Turkey)\n" "Language: tr-TR\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=1; plural=0;\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" #, python-format diff --git a/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone.po index 5a378314..3ded8a93 100644 --- a/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/tr_TR/LC_MESSAGES/keystone.po @@ -9,18 +9,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Turkish (Turkey) (http://www.transifex.com/openstack/keystone/" -"language/tr_TR/)\n" +"Language: tr_TR\n" +"Language-Team: Turkish (Turkey)\n" "Plural-Forms: nplurals=1; plural=0\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(detail)s" diff --git a/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-critical.po index 9f87b4ea..44dbbe37 100644 --- a/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-critical.po @@ -6,19 +6,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Chinese (China) (http://www.transifex.com/openstack/keystone/" -"language/zh_CN/)\n" +"Language-Team: Chinese (China)\n" "Language: zh-CN\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=1; plural=0;\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" #, python-format diff --git a/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-error.po b/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-error.po index 6017737b..791681d7 100644 --- a/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-error.po +++ b/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-error.po @@ -8,19 +8,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-06-26 05:13+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Chinese (China) (http://www.transifex.com/openstack/keystone/" -"language/zh_CN/)\n" +"Language-Team: Chinese (China)\n" "Language: zh-CN\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=1; plural=0;\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" msgid "Cannot retrieve Authorization headers" diff --git a/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-info.po b/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-info.po index 46a6fa21..8a756333 100644 --- a/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-info.po +++ b/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone-log-info.po @@ -7,19 +7,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-08-01 06:26+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Chinese (China) (http://www.transifex.com/openstack/keystone/" -"language/zh_CN/)\n" +"Language-Team: Chinese (China)\n" "Language: zh-CN\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=1; plural=0;\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" #, python-format diff --git a/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone.po index 2a970c85..6479984c 100644 --- a/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/zh_CN/LC_MESSAGES/keystone.po @@ -11,18 +11,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Chinese (China) (http://www.transifex.com/openstack/keystone/" -"language/zh_CN/)\n" +"Language: zh_Hans_CN\n" +"Language-Team: Chinese (China)\n" "Plural-Forms: nplurals=1; plural=0\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(detail)s" diff --git a/keystone-moon/keystone/locale/zh_TW/LC_MESSAGES/keystone-log-critical.po b/keystone-moon/keystone/locale/zh_TW/LC_MESSAGES/keystone-log-critical.po index fda12669..0b7082e0 100644 --- a/keystone-moon/keystone/locale/zh_TW/LC_MESSAGES/keystone-log-critical.po +++ b/keystone-moon/keystone/locale/zh_TW/LC_MESSAGES/keystone-log-critical.po @@ -6,19 +6,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 8.0.0.0b4.dev56\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-21 06:08+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2014-08-31 03:19+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Chinese (Taiwan) (http://www.transifex.com/openstack/keystone/" -"language/zh_TW/)\n" +"Language-Team: Chinese (Taiwan)\n" "Language: zh-TW\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" "Plural-Forms: nplurals=1; plural=0;\n" +"Generated-By: Babel 2.0\n" "X-Generator: Zanata 3.7.1\n" #, python-format diff --git a/keystone-moon/keystone/locale/zh_TW/LC_MESSAGES/keystone.po b/keystone-moon/keystone/locale/zh_TW/LC_MESSAGES/keystone.po index 7a51b29a..0c01497a 100644 --- a/keystone-moon/keystone/locale/zh_TW/LC_MESSAGES/keystone.po +++ b/keystone-moon/keystone/locale/zh_TW/LC_MESSAGES/keystone.po @@ -7,18 +7,18 @@ # OpenStack Infra <zanata@openstack.org>, 2015. #zanata msgid "" msgstr "" -"Project-Id-Version: keystone 9.0.0.dev14\n" +"Project-Id-Version: keystone 8.0.1.dev11\n" "Report-Msgid-Bugs-To: https://bugs.launchpad.net/keystone\n" -"POT-Creation-Date: 2015-09-24 06:09+0000\n" +"POT-Creation-Date: 2015-11-05 06:13+0000\n" "PO-Revision-Date: 2015-09-03 12:54+0000\n" "Last-Translator: openstackjenkins <jenkins@openstack.org>\n" -"Language-Team: Chinese (Taiwan) (http://www.transifex.com/openstack/keystone/" -"language/zh_TW/)\n" +"Language: zh_Hant_TW\n" +"Language-Team: Chinese (Taiwan)\n" "Plural-Forms: nplurals=1; plural=0\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" -"Generated-By: Babel 2.0\n" +"Generated-By: Babel 2.1.1\n" #, python-format msgid "%(detail)s" diff --git a/keystone-moon/keystone/resource/controllers.py b/keystone-moon/keystone/resource/controllers.py index 60c4e025..4fbeb715 100644 --- a/keystone-moon/keystone/resource/controllers.py +++ b/keystone-moon/keystone/resource/controllers.py @@ -90,9 +90,11 @@ class Tenant(controller.V2Controller): self.assert_admin(context) tenant_ref['id'] = tenant_ref.get('id', uuid.uuid4().hex) + initiator = notifications._get_request_audit_info(context) tenant = self.resource_api.create_project( tenant_ref['id'], - self._normalize_domain_id(context, tenant_ref)) + self._normalize_domain_id(context, tenant_ref), + initiator) return {'tenant': self.v3_to_v2_project(tenant)} @controller.v2_deprecated @@ -104,15 +106,17 @@ class Tenant(controller.V2Controller): clean_tenant = tenant.copy() clean_tenant.pop('domain_id', None) clean_tenant.pop('is_domain', None) + initiator = notifications._get_request_audit_info(context) tenant_ref = self.resource_api.update_project( - tenant_id, clean_tenant) + tenant_id, clean_tenant, initiator) return {'tenant': self.v3_to_v2_project(tenant_ref)} @controller.v2_deprecated def delete_project(self, context, tenant_id): self.assert_admin(context) self._assert_not_is_domain_project(tenant_id) - self.resource_api.delete_project(tenant_id) + initiator = notifications._get_request_audit_info(context) + self.resource_api.delete_project(tenant_id, initiator) @dependency.requires('resource_api') diff --git a/keystone-moon/keystone/resource/core.py b/keystone-moon/keystone/resource/core.py index 6015107d..6891c572 100644 --- a/keystone-moon/keystone/resource/core.py +++ b/keystone-moon/keystone/resource/core.py @@ -841,6 +841,7 @@ class DomainConfigManager(manager.Manager): 'user_attribute_ignore', 'user_default_project_id_attribute', 'user_allow_create', 'user_allow_update', 'user_allow_delete', 'user_enabled_emulation', 'user_enabled_emulation_dn', + 'user_enabled_emulation_use_group_config', 'user_additional_attribute_mapping', 'group_tree_dn', 'group_filter', 'group_objectclass', 'group_id_attribute', 'group_name_attribute', 'group_member_attribute', diff --git a/keystone-moon/keystone/tests/unit/common/test_notifications.py b/keystone-moon/keystone/tests/unit/common/test_notifications.py index ec087c41..1ad8d50d 100644 --- a/keystone-moon/keystone/tests/unit/common/test_notifications.py +++ b/keystone-moon/keystone/tests/unit/common/test_notifications.py @@ -279,6 +279,16 @@ class BaseNotificationTest(test_v3.RestfulTestCase): self.assertEqual(event_type, audit['event_type']) self.assertTrue(audit['send_notification_called']) + def _assert_initiator_data_is_set(self, operation, resource_type, typeURI): + self.assertTrue(len(self._audits) > 0) + audit = self._audits[-1] + payload = audit['payload'] + self.assertEqual(self.user_id, payload['initiator']['id']) + self.assertEqual(self.project_id, payload['initiator']['project_id']) + self.assertEqual(typeURI, payload['target']['typeURI']) + action = '%s.%s' % (operation, resource_type) + self.assertEqual(action, payload['action']) + def _assert_notify_not_sent(self, resource_id, operation, resource_type, public=True): unexpected = { @@ -633,11 +643,154 @@ class CADFNotificationsForEntities(NotificationsForEntities): resource_id = resp.result.get('domain').get('id') self._assert_last_audit(resource_id, CREATED_OPERATION, 'domain', cadftaxonomy.SECURITY_DOMAIN) - self.assertTrue(len(self._audits) > 0) - audit = self._audits[-1] - payload = audit['payload'] - self.assertEqual(self.user_id, payload['initiator']['id']) - self.assertEqual(self.project_id, payload['initiator']['project_id']) + self._assert_initiator_data_is_set(CREATED_OPERATION, + 'domain', + cadftaxonomy.SECURITY_DOMAIN) + + +class V2Notifications(BaseNotificationTest): + + def setUp(self): + super(V2Notifications, self).setUp() + self.config_fixture.config(notification_format='cadf') + + def test_user(self): + token = self.get_scoped_token() + resp = self.admin_request( + method='POST', + path='/v2.0/users', + body={ + 'user': { + 'name': uuid.uuid4().hex, + 'password': uuid.uuid4().hex, + 'enabled': True, + }, + }, + token=token, + ) + user_id = resp.result.get('user').get('id') + self._assert_initiator_data_is_set(CREATED_OPERATION, + 'user', + cadftaxonomy.SECURITY_ACCOUNT_USER) + # test for delete user + self.admin_request( + method='DELETE', + path='/v2.0/users/%s' % user_id, + token=token, + ) + self._assert_initiator_data_is_set(DELETED_OPERATION, + 'user', + cadftaxonomy.SECURITY_ACCOUNT_USER) + + def test_role(self): + token = self.get_scoped_token() + resp = self.admin_request( + method='POST', + path='/v2.0/OS-KSADM/roles', + body={ + 'role': { + 'name': uuid.uuid4().hex, + 'description': uuid.uuid4().hex, + }, + }, + token=token, + ) + role_id = resp.result.get('role').get('id') + self._assert_initiator_data_is_set(CREATED_OPERATION, + 'role', + cadftaxonomy.SECURITY_ROLE) + # test for delete role + self.admin_request( + method='DELETE', + path='/v2.0/OS-KSADM/roles/%s' % role_id, + token=token, + ) + self._assert_initiator_data_is_set(DELETED_OPERATION, + 'role', + cadftaxonomy.SECURITY_ROLE) + + def test_service_and_endpoint(self): + token = self.get_scoped_token() + resp = self.admin_request( + method='POST', + path='/v2.0/OS-KSADM/services', + body={ + 'OS-KSADM:service': { + 'name': uuid.uuid4().hex, + 'type': uuid.uuid4().hex, + 'description': uuid.uuid4().hex, + }, + }, + token=token, + ) + service_id = resp.result.get('OS-KSADM:service').get('id') + self._assert_initiator_data_is_set(CREATED_OPERATION, + 'service', + cadftaxonomy.SECURITY_SERVICE) + resp = self.admin_request( + method='POST', + path='/v2.0/endpoints', + body={ + 'endpoint': { + 'region': uuid.uuid4().hex, + 'service_id': service_id, + 'publicurl': uuid.uuid4().hex, + 'adminurl': uuid.uuid4().hex, + 'internalurl': uuid.uuid4().hex, + }, + }, + token=token, + ) + endpoint_id = resp.result.get('endpoint').get('id') + self._assert_initiator_data_is_set(CREATED_OPERATION, + 'endpoint', + cadftaxonomy.SECURITY_ENDPOINT) + # test for delete endpoint + self.admin_request( + method='DELETE', + path='/v2.0/endpoints/%s' % endpoint_id, + token=token, + ) + self._assert_initiator_data_is_set(DELETED_OPERATION, + 'endpoint', + cadftaxonomy.SECURITY_ENDPOINT) + # test for delete service + self.admin_request( + method='DELETE', + path='/v2.0/OS-KSADM/services/%s' % service_id, + token=token, + ) + self._assert_initiator_data_is_set(DELETED_OPERATION, + 'service', + cadftaxonomy.SECURITY_SERVICE) + + def test_project(self): + token = self.get_scoped_token() + resp = self.admin_request( + method='POST', + path='/v2.0/tenants', + body={ + 'tenant': { + 'name': uuid.uuid4().hex, + 'description': uuid.uuid4().hex, + 'enabled': True + }, + }, + token=token, + ) + project_id = resp.result.get('tenant').get('id') + self._assert_initiator_data_is_set(CREATED_OPERATION, + 'project', + cadftaxonomy.SECURITY_PROJECT) + # test for delete project + self.admin_request( + method='DELETE', + path='/v2.0/tenants/%s' % project_id, + token=token, + ) + self._assert_initiator_data_is_set(DELETED_OPERATION, + 'project', + cadftaxonomy.SECURITY_PROJECT) class TestEventCallbacks(test_v3.RestfulTestCase): diff --git a/keystone-moon/keystone/tests/unit/rest.py b/keystone-moon/keystone/tests/unit/rest.py index da24019f..35b47e2b 100644 --- a/keystone-moon/keystone/tests/unit/rest.py +++ b/keystone-moon/keystone/tests/unit/rest.py @@ -114,7 +114,7 @@ class RestfulTestCase(unit.TestCase): example:: - self.assertResponseStatus(response, http_client.NO_CONTENT) + self.assertResponseStatus(response, 204) """ self.assertEqual( response.status_code, diff --git a/keystone-moon/keystone/tests/unit/test_associate_project_endpoint_extension.py b/keystone-moon/keystone/tests/unit/test_associate_project_endpoint_extension.py index 4c574549..24fc82dd 100644 --- a/keystone-moon/keystone/tests/unit/test_associate_project_endpoint_extension.py +++ b/keystone-moon/keystone/tests/unit/test_associate_project_endpoint_extension.py @@ -48,7 +48,8 @@ class EndpointFilterCRUDTestCase(TestExtensionCase): Valid endpoint and project id test case. """ - self.put(self.default_request_url) + self.put(self.default_request_url, + expected_status=204) def test_create_endpoint_project_association_with_invalid_project(self): """PUT OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} @@ -81,7 +82,8 @@ class EndpointFilterCRUDTestCase(TestExtensionCase): """ self.put(self.default_request_url, - body={'project_id': self.default_domain_project_id}) + body={'project_id': self.default_domain_project_id}, + expected_status=204) def test_check_endpoint_project_association(self): """HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} @@ -89,11 +91,13 @@ class EndpointFilterCRUDTestCase(TestExtensionCase): Valid project and endpoint id test case. """ - self.put(self.default_request_url) + self.put(self.default_request_url, + expected_status=204) self.head('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': self.default_domain_project_id, - 'endpoint_id': self.endpoint_id}) + 'endpoint_id': self.endpoint_id}, + expected_status=204) def test_check_endpoint_project_association_with_invalid_project(self): """HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} @@ -165,7 +169,8 @@ class EndpointFilterCRUDTestCase(TestExtensionCase): """ r = self.get('/OS-EP-FILTER/endpoints/%(endpoint_id)s/projects' % - {'endpoint_id': self.endpoint_id}) + {'endpoint_id': self.endpoint_id}, + expected_status=200) self.assertValidProjectListResponse(r, expected_length=0) def test_list_projects_associated_with_invalid_endpoint(self): @@ -188,7 +193,8 @@ class EndpointFilterCRUDTestCase(TestExtensionCase): self.delete('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': self.default_domain_project_id, - 'endpoint_id': self.endpoint_id}) + 'endpoint_id': self.endpoint_id}, + expected_status=204) def test_remove_endpoint_project_association_with_invalid_project(self): """DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} @@ -220,26 +226,26 @@ class EndpointFilterCRUDTestCase(TestExtensionCase): self.put(self.default_request_url) association_url = ('/OS-EP-FILTER/endpoints/%(endpoint_id)s/projects' % {'endpoint_id': self.endpoint_id}) - r = self.get(association_url) + r = self.get(association_url, expected_status=200) self.assertValidProjectListResponse(r, expected_length=1) self.delete('/projects/%(project_id)s' % { 'project_id': self.default_domain_project_id}) - r = self.get(association_url) + r = self.get(association_url, expected_status=200) self.assertValidProjectListResponse(r, expected_length=0) def test_endpoint_project_association_cleanup_when_endpoint_deleted(self): self.put(self.default_request_url) association_url = '/OS-EP-FILTER/projects/%(project_id)s/endpoints' % { 'project_id': self.default_domain_project_id} - r = self.get(association_url) + r = self.get(association_url, expected_status=200) self.assertValidEndpointListResponse(r, expected_length=1) self.delete('/endpoints/%(endpoint_id)s' % { 'endpoint_id': self.endpoint_id}) - r = self.get(association_url) + r = self.get(association_url, expected_status=200) self.assertValidEndpointListResponse(r, expected_length=0) @@ -270,7 +276,8 @@ class EndpointFilterTokenRequestTestCase(TestExtensionCase): self.put('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': project['id'], - 'endpoint_id': self.endpoint_id}) + 'endpoint_id': self.endpoint_id}, + expected_status=204) # attempt to authenticate without requesting a project auth_data = self.build_authentication_request( @@ -290,7 +297,8 @@ class EndpointFilterTokenRequestTestCase(TestExtensionCase): self.put('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': self.project['id'], - 'endpoint_id': self.endpoint_id}) + 'endpoint_id': self.endpoint_id}, + expected_status=204) auth_data = self.build_authentication_request( user_id=self.user['id'], @@ -310,7 +318,8 @@ class EndpointFilterTokenRequestTestCase(TestExtensionCase): self.put('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': self.project['id'], - 'endpoint_id': self.endpoint_id}) + 'endpoint_id': self.endpoint_id}, + expected_status=204) auth_data = self.build_authentication_request( user_id=self.user['id'], @@ -329,7 +338,8 @@ class EndpointFilterTokenRequestTestCase(TestExtensionCase): self.put('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': self.project['id'], - 'endpoint_id': self.endpoint_id}) + 'endpoint_id': self.endpoint_id}, + expected_status=204) # create a second temporary endpoint self.endpoint_id2 = uuid.uuid4().hex @@ -343,7 +353,8 @@ class EndpointFilterTokenRequestTestCase(TestExtensionCase): self.put('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': self.project['id'], - 'endpoint_id': self.endpoint_id2}) + 'endpoint_id': self.endpoint_id2}, + expected_status=204) # remove the temporary reference # this will create inconsistency in the endpoint filter table @@ -369,7 +380,8 @@ class EndpointFilterTokenRequestTestCase(TestExtensionCase): self.put('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': self.project['id'], - 'endpoint_id': self.endpoint_id}) + 'endpoint_id': self.endpoint_id}, + expected_status=204) # Add a disabled endpoint to the default project. @@ -387,7 +399,8 @@ class EndpointFilterTokenRequestTestCase(TestExtensionCase): self.put('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': self.project['id'], - 'endpoint_id': disabled_endpoint_id}) + 'endpoint_id': disabled_endpoint_id}, + expected_status=204) # Authenticate to get token with catalog auth_data = self.build_authentication_request( @@ -416,11 +429,13 @@ class EndpointFilterTokenRequestTestCase(TestExtensionCase): self.put('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': self.project['id'], - 'endpoint_id': endpoint_id1}) + 'endpoint_id': endpoint_id1}, + expected_status=204) self.put('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': self.project['id'], - 'endpoint_id': endpoint_id2}) + 'endpoint_id': endpoint_id2}, + expected_status=204) # there should be only two endpoints in token catalog auth_data = self.build_authentication_request( @@ -439,7 +454,8 @@ class EndpointFilterTokenRequestTestCase(TestExtensionCase): self.put('/OS-EP-FILTER/projects/%(project_id)s' '/endpoints/%(endpoint_id)s' % { 'project_id': self.project['id'], - 'endpoint_id': self.endpoint_id}) + 'endpoint_id': self.endpoint_id}, + expected_status=204) auth_data = self.build_authentication_request( user_id=self.user['id'], @@ -622,7 +638,7 @@ class EndpointGroupCRUDTestCase(TestExtensionCase): self.DEFAULT_ENDPOINT_GROUP_URL, self.DEFAULT_ENDPOINT_GROUP_BODY) url = '/OS-EP-FILTER/endpoint_groups/%(endpoint_group_id)s' % { 'endpoint_group_id': endpoint_group_id} - self.head(url, expected_status=http_client.OK) + self.head(url, expected_status=200) def test_check_invalid_endpoint_group(self): """HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id} @@ -816,7 +832,7 @@ class EndpointGroupCRUDTestCase(TestExtensionCase): self.project_id) url = self._get_project_endpoint_group_url( endpoint_group_id, self.project_id) - self.head(url, expected_status=http_client.OK) + self.head(url, expected_status=200) def test_check_endpoint_group_to_project_with_invalid_project_id(self): """Test HEAD with an invalid endpoint group and project association.""" diff --git a/keystone-moon/keystone/tests/unit/test_backend.py b/keystone-moon/keystone/tests/unit/test_backend.py index d3b51edd..302fc2c2 100644 --- a/keystone-moon/keystone/tests/unit/test_backend.py +++ b/keystone-moon/keystone/tests/unit/test_backend.py @@ -4671,7 +4671,7 @@ class TokenTests(object): def test_list_revoked_tokens_for_multiple_tokens(self): self.check_list_revoked_tokens([self.delete_token() - for x in range(2)]) + for x in six.moves.range(2)]) def test_flush_expired_token(self): token_id = uuid.uuid4().hex diff --git a/keystone-moon/keystone/tests/unit/test_backend_ldap.py b/keystone-moon/keystone/tests/unit/test_backend_ldap.py index 808922a7..d96ec376 100644 --- a/keystone-moon/keystone/tests/unit/test_backend_ldap.py +++ b/keystone-moon/keystone/tests/unit/test_backend_ldap.py @@ -21,7 +21,6 @@ import ldap import mock from oslo_config import cfg import pkg_resources -from six.moves import http_client from six.moves import range from testtools import matchers @@ -2182,6 +2181,26 @@ class LDAPIdentityEnabledEmulation(LDAPIdentity): self.skipTest( "Enabled emulation conflicts with enabled mask") + def test_user_enabled_use_group_config(self): + self.config_fixture.config( + group='ldap', + user_enabled_emulation_use_group_config=True, + group_member_attribute='uniqueMember', + group_objectclass='groupOfUniqueNames') + self.ldapdb.clear() + self.load_backends() + self.load_fixtures(default_fixtures) + + # Create a user and ensure they are enabled. + user1 = {'name': u'fäké1', 'enabled': True, + 'domain_id': CONF.identity.default_domain_id} + user_ref = self.identity_api.create_user(user1) + self.assertIs(True, user_ref['enabled']) + + # Get a user and ensure they are enabled. + user_ref = self.identity_api.get_user(user_ref['id']) + self.assertIs(True, user_ref['enabled']) + def test_user_enabled_invert(self): self.config_fixture.config(group='ldap', user_enabled_invert=True, user_enabled_default=False) @@ -2487,7 +2506,7 @@ class BaseMultiLDAPandSQLIdentity(object): self.identity_api._get_domain_driver_and_entity_id( user['id'])) - if expected_status == http_client.OK: + if expected_status == 200: ref = driver.get_user(entity_id) ref = self.identity_api._set_domain_id_and_mapping( ref, domain_id, driver, map.EntityType.USER) @@ -2661,23 +2680,21 @@ class MultiLDAPandSQLIdentity(BaseLDAPIdentity, unit.SQLDriverOverrides, check_user = self.check_user check_user(self.users['user0'], - self.domains['domain_default']['id'], http_client.OK) + self.domains['domain_default']['id'], 200) for domain in [self.domains['domain1']['id'], self.domains['domain2']['id'], self.domains['domain3']['id'], self.domains['domain4']['id']]: check_user(self.users['user0'], domain, exception.UserNotFound) - check_user(self.users['user1'], self.domains['domain1']['id'], - http_client.OK) + check_user(self.users['user1'], self.domains['domain1']['id'], 200) for domain in [self.domains['domain_default']['id'], self.domains['domain2']['id'], self.domains['domain3']['id'], self.domains['domain4']['id']]: check_user(self.users['user1'], domain, exception.UserNotFound) - check_user(self.users['user2'], self.domains['domain2']['id'], - http_client.OK) + check_user(self.users['user2'], self.domains['domain2']['id'], 200) for domain in [self.domains['domain_default']['id'], self.domains['domain1']['id'], self.domains['domain3']['id'], @@ -2687,14 +2704,10 @@ class MultiLDAPandSQLIdentity(BaseLDAPIdentity, unit.SQLDriverOverrides, # domain3 and domain4 share the same backend, so you should be # able to see user3 and user4 from either. - check_user(self.users['user3'], self.domains['domain3']['id'], - http_client.OK) - check_user(self.users['user3'], self.domains['domain4']['id'], - http_client.OK) - check_user(self.users['user4'], self.domains['domain3']['id'], - http_client.OK) - check_user(self.users['user4'], self.domains['domain4']['id'], - http_client.OK) + check_user(self.users['user3'], self.domains['domain3']['id'], 200) + check_user(self.users['user3'], self.domains['domain4']['id'], 200) + check_user(self.users['user4'], self.domains['domain3']['id'], 200) + check_user(self.users['user4'], self.domains['domain4']['id'], 200) for domain in [self.domains['domain_default']['id'], self.domains['domain1']['id'], @@ -3151,12 +3164,12 @@ class DomainSpecificLDAPandSQLIdentity( # driver, but won't find it via any other domain driver self.check_user(self.users['user0'], - self.domains['domain_default']['id'], http_client.OK) + self.domains['domain_default']['id'], 200) self.check_user(self.users['user0'], self.domains['domain1']['id'], exception.UserNotFound) self.check_user(self.users['user1'], - self.domains['domain1']['id'], http_client.OK) + self.domains['domain1']['id'], 200) self.check_user(self.users['user1'], self.domains['domain_default']['id'], exception.UserNotFound) diff --git a/keystone-moon/keystone/tests/unit/test_catalog.py b/keystone-moon/keystone/tests/unit/test_catalog.py index 85acfedf..ada2de43 100644 --- a/keystone-moon/keystone/tests/unit/test_catalog.py +++ b/keystone-moon/keystone/tests/unit/test_catalog.py @@ -53,8 +53,7 @@ class V2CatalogTestCase(rest.RestfulTestCase): """Applicable only to JSON.""" return r.result['access']['token']['id'] - def _endpoint_create(self, expected_status=http_client.OK, - service_id=SERVICE_FIXTURE, + def _endpoint_create(self, expected_status=200, service_id=SERVICE_FIXTURE, publicurl='http://localhost:8080', internalurl='http://localhost:8080', adminurl='http://localhost:8080'): @@ -77,6 +76,18 @@ class V2CatalogTestCase(rest.RestfulTestCase): body=body) return body, r + def _region_create(self): + region_id = uuid.uuid4().hex + self.catalog_api.create_region({'id': region_id}) + return region_id + + def _service_create(self): + service_id = uuid.uuid4().hex + service = unit.new_service_ref() + service['id'] = service_id + self.catalog_api.create_service(service_id, service) + return service_id + def test_endpoint_create(self): req_body, response = self._endpoint_create() self.assertIn('endpoint', response.result) @@ -84,6 +95,78 @@ class V2CatalogTestCase(rest.RestfulTestCase): for field, value in req_body['endpoint'].items(): self.assertEqual(response.result['endpoint'][field], value) + def test_pure_v3_endpoint_with_publicurl_visible_from_v2(self): + """Test pure v3 endpoint can be fetched via v2 API. + + For those who are using v2 APIs, endpoints created by v3 API should + also be visible as there are no differences about the endpoints + except the format or the internal implementation. + And because public url is required for v2 API, so only the v3 endpoints + of the service which has the public interface endpoint will be + converted into v2 endpoints. + """ + region_id = self._region_create() + service_id = self._service_create() + # create a v3 endpoint with three interfaces + body = { + 'endpoint': unit.new_endpoint_ref(service_id, + default_region_id=region_id) + } + for interface in catalog.controllers.INTERFACES: + body['endpoint']['interface'] = interface + self.admin_request(method='POST', + token=self.get_scoped_token(), + path='/v3/endpoints', + expected_status=http_client.CREATED, + body=body) + + r = self.admin_request(token=self.get_scoped_token(), + path='/v2.0/endpoints') + # v3 endpoints having public url can be fetched via v2.0 API + self.assertEqual(1, len(r.result['endpoints'])) + v2_endpoint = r.result['endpoints'][0] + self.assertEqual(service_id, v2_endpoint['service_id']) + # check urls just in case. + # This is not the focus of this test, so no different urls are used. + self.assertEqual(body['endpoint']['url'], v2_endpoint['publicurl']) + self.assertEqual(body['endpoint']['url'], v2_endpoint['adminurl']) + self.assertEqual(body['endpoint']['url'], v2_endpoint['internalurl']) + self.assertNotIn('name', v2_endpoint) + + v3_endpoint = self.catalog_api.get_endpoint(v2_endpoint['id']) + # it's the v3 public endpoint's id as the generated v2 endpoint + self.assertEqual('public', v3_endpoint['interface']) + self.assertEqual(service_id, v3_endpoint['service_id']) + + def test_pure_v3_endpoint_without_publicurl_invisible_from_v2(self): + """Test pure v3 endpoint without public url can't be fetched via v2 API. + + V2 API will return endpoints created by v3 API, but because public url + is required for v2 API, so v3 endpoints without public url will be + ignored. + """ + region_id = self._region_create() + service_id = self._service_create() + # create a v3 endpoint without public interface + body = { + 'endpoint': unit.new_endpoint_ref(service_id, + default_region_id=region_id) + } + for interface in catalog.controllers.INTERFACES: + if interface == 'public': + continue + body['endpoint']['interface'] = interface + self.admin_request(method='POST', + token=self.get_scoped_token(), + path='/v3/endpoints', + expected_status=http_client.CREATED, + body=body) + + r = self.admin_request(token=self.get_scoped_token(), + path='/v2.0/endpoints') + # v3 endpoints without public url won't be fetched via v2.0 API + self.assertEqual(0, len(r.result['endpoints'])) + def test_endpoint_create_with_null_adminurl(self): req_body, response = self._endpoint_create(adminurl=None) self.assertIsNone(req_body['endpoint']['adminurl']) @@ -126,7 +209,7 @@ class V2CatalogTestCase(rest.RestfulTestCase): valid_url = 'http://127.0.0.1:8774/v1.1/$(tenant_id)s' # baseline tests that all valid URLs works - self._endpoint_create(expected_status=http_client.OK, + self._endpoint_create(expected_status=200, publicurl=valid_url, internalurl=valid_url, adminurl=valid_url) diff --git a/keystone-moon/keystone/tests/unit/test_cert_setup.py b/keystone-moon/keystone/tests/unit/test_cert_setup.py index 47a99810..769e7c8e 100644 --- a/keystone-moon/keystone/tests/unit/test_cert_setup.py +++ b/keystone-moon/keystone/tests/unit/test_cert_setup.py @@ -17,7 +17,6 @@ import os import shutil import mock -from six.moves import http_client from testtools import matchers from keystone.common import environment @@ -114,13 +113,11 @@ class CertSetupTestCase(rest.RestfulTestCase): # requests don't have some of the normal information signing_resp = self.request(self.public_app, '/v2.0/certificates/signing', - method='GET', - expected_status=http_client.OK) + method='GET', expected_status=200) cacert_resp = self.request(self.public_app, '/v2.0/certificates/ca', - method='GET', - expected_status=http_client.OK) + method='GET', expected_status=200) with open(CONF.signing.certfile) as f: self.assertEqual(f.read(), signing_resp.text) @@ -136,7 +133,7 @@ class CertSetupTestCase(rest.RestfulTestCase): for accept in [None, 'text/html', 'application/json', 'text/xml']: headers = {'Accept': accept} if accept else {} resp = self.request(self.public_app, path, method='GET', - expected_status=http_client.OK, + expected_status=200, headers=headers) self.assertEqual('text/html', resp.content_type) @@ -149,7 +146,7 @@ class CertSetupTestCase(rest.RestfulTestCase): def test_failure(self): for path in ['/v2.0/certificates/signing', '/v2.0/certificates/ca']: self.request(self.public_app, path, method='GET', - expected_status=http_client.INTERNAL_SERVER_ERROR) + expected_status=500) def test_pki_certs_rebuild(self): self.test_create_pki_certs() diff --git a/keystone-moon/keystone/tests/unit/test_contrib_simple_cert.py b/keystone-moon/keystone/tests/unit/test_contrib_simple_cert.py index b241b41b..8664e2c3 100644 --- a/keystone-moon/keystone/tests/unit/test_contrib_simple_cert.py +++ b/keystone-moon/keystone/tests/unit/test_contrib_simple_cert.py @@ -12,8 +12,6 @@ import uuid -from six.moves import http_client - from keystone.tests.unit import test_v3 @@ -33,7 +31,7 @@ class TestSimpleCert(BaseTestCase): method='GET', path=path, headers={'Accept': content_type}, - expected_status=http_client.OK) + expected_status=200) self.assertEqual(content_type, response.content_type.lower()) self.assertIn('---BEGIN', response.body) @@ -56,4 +54,4 @@ class TestSimpleCert(BaseTestCase): self.request(app=self.public_app, method='GET', path=path, - expected_status=http_client.INTERNAL_SERVER_ERROR) + expected_status=500) diff --git a/keystone-moon/keystone/tests/unit/test_policy.py b/keystone-moon/keystone/tests/unit/test_policy.py index b2f0e525..686e2b70 100644 --- a/keystone-moon/keystone/tests/unit/test_policy.py +++ b/keystone-moon/keystone/tests/unit/test_policy.py @@ -16,10 +16,8 @@ import json import os -import mock from oslo_policy import policy as common_policy import six -from six.moves.urllib import request as urlrequest from testtools import matchers from keystone import exception @@ -118,28 +116,6 @@ class PolicyTestCase(BasePolicyTestCase): action = "example:allowed" rules.enforce(self.credentials, action, self.target) - def test_enforce_http_true(self): - - def fakeurlopen(url, post_data): - return six.StringIO("True") - - action = "example:get_http" - target = {} - with mock.patch.object(urlrequest, 'urlopen', fakeurlopen): - result = rules.enforce(self.credentials, action, target) - self.assertTrue(result) - - def test_enforce_http_false(self): - - def fakeurlopen(url, post_data): - return six.StringIO("False") - - action = "example:get_http" - target = {} - with mock.patch.object(urlrequest, 'urlopen', fakeurlopen): - self.assertRaises(exception.ForbiddenAction, rules.enforce, - self.credentials, action, target) - def test_templatized_enforcement(self): target_mine = {'project_id': 'fake'} target_not_mine = {'project_id': 'another'} diff --git a/keystone-moon/keystone/tests/unit/test_sql_migrate_extensions.py b/keystone-moon/keystone/tests/unit/test_sql_migrate_extensions.py index 87b3d48d..f498fe94 100644 --- a/keystone-moon/keystone/tests/unit/test_sql_migrate_extensions.py +++ b/keystone-moon/keystone/tests/unit/test_sql_migrate_extensions.py @@ -180,6 +180,7 @@ class FederationExtension(test_sql_upgrade.SqlMigrateBase): self.federation_protocol = 'federation_protocol' self.service_provider = 'service_provider' self.mapping = 'mapping' + self.remote_id_table = 'idp_remote_ids' def repo_package(self): return federation @@ -310,6 +311,68 @@ class FederationExtension(test_sql_upgrade.SqlMigrateBase): self.assertEqual('', sp.auth_url) self.assertEqual('', sp.sp_url) + def test_propagate_remote_id_to_separate_column(self): + """Make sure empty remote_id is not propagated. + Test scenario: + - Upgrade database to version 6 where identity_provider table has a + remote_id column + - Add 3 identity provider objects, where idp1 and idp2 have valid + remote_id parameter set, and idp3 has it empty (None). + - Upgrade database to version 7 and expect migration scripts to + properly move data rom identity_provider.remote_id column into + separate table idp_remote_ids. + - In the idp_remote_ids table expect to find entries for idp1 and idp2 + and not find anything for idp3 (identitified by idp's id) + + """ + session = self.Session() + idp1 = {'id': uuid.uuid4().hex, + 'remote_id': uuid.uuid4().hex, + 'description': uuid.uuid4().hex, + 'enabled': True} + idp2 = {'id': uuid.uuid4().hex, + 'remote_id': uuid.uuid4().hex, + 'description': uuid.uuid4().hex, + 'enabled': True} + idp3 = {'id': uuid.uuid4().hex, + 'remote_id': None, + 'description': uuid.uuid4().hex, + 'enabled': True} + self.upgrade(6, repository=self.repo_path) + self.assertTableColumns(self.identity_provider, + ['id', 'description', 'enabled', 'remote_id']) + + self.insert_dict(session, self.identity_provider, idp1) + self.insert_dict(session, self.identity_provider, idp2) + self.insert_dict(session, self.identity_provider, idp3) + + session.close() + self.upgrade(7, repository=self.repo_path) + + self.assertTableColumns(self.identity_provider, + ['id', 'description', 'enabled']) + remote_id_table = sqlalchemy.Table(self.remote_id_table, + self.metadata, + autoload=True) + + session = self.Session() + self.metadata.clear() + + idp = session.query(remote_id_table).filter( + remote_id_table.c.idp_id == idp1['id'])[0] + self.assertEqual(idp1['remote_id'], idp.remote_id) + + idp = session.query(remote_id_table).filter( + remote_id_table.c.idp_id == idp2['id'])[0] + self.assertEqual(idp2['remote_id'], idp.remote_id) + + idp = session.query(remote_id_table).filter( + remote_id_table.c.idp_id == idp3['id']) + # NOTE(marek-denis): As idp3 had empty 'remote_id' attribute we expect + # not to find it in the 'remote_id_table' table, hence count should be + # 0.real + self.assertEqual(0, idp.count()) + def test_add_relay_state_column(self): self.upgrade(8, repository=self.repo_path) self.assertTableColumns(self.service_provider, diff --git a/keystone-moon/keystone/tests/unit/test_v2.py b/keystone-moon/keystone/tests/unit/test_v2.py index 99b5a897..acdfca5f 100644 --- a/keystone-moon/keystone/tests/unit/test_v2.py +++ b/keystone-moon/keystone/tests/unit/test_v2.py @@ -132,7 +132,7 @@ class CoreApiTests(object): 'tenantId': self.tenant_bar['id'], }, }, - expected_status=http_client.OK) + expected_status=200) self.assertValidAuthenticationResponse(r, require_service_catalog=True) def test_authenticate_unscoped(self): @@ -147,7 +147,7 @@ class CoreApiTests(object): }, }, }, - expected_status=http_client.OK) + expected_status=200) self.assertValidAuthenticationResponse(r) def test_get_tenants_for_token(self): @@ -234,7 +234,7 @@ class CoreApiTests(object): 'token_id': token, }, token=token, - expected_status=http_client.OK) + expected_status=200) def test_endpoints(self): token = self.get_scoped_token() @@ -370,7 +370,7 @@ class CoreApiTests(object): }, }, token=token, - expected_status=http_client.OK) + expected_status=200) def test_error_response(self): """This triggers assertValidErrorResponse by convention.""" @@ -459,7 +459,7 @@ class CoreApiTests(object): }, }, token=token, - expected_status=http_client.OK) + expected_status=200) user_id = self._get_user_id(r.result) @@ -470,7 +470,7 @@ class CoreApiTests(object): 'user_id': user_id }, token=token, - expected_status=http_client.OK) + expected_status=200) self.assertEqual(CONF.member_role_name, self._get_role_name(r.result)) # Create a new tenant @@ -485,7 +485,7 @@ class CoreApiTests(object): }, }, token=token, - expected_status=http_client.OK) + expected_status=200) project_id = self._get_project_id(r.result) @@ -501,7 +501,7 @@ class CoreApiTests(object): }, }, token=token, - expected_status=http_client.OK) + expected_status=200) # 'member_role' should be in new_tenant r = self.admin_request( @@ -510,7 +510,7 @@ class CoreApiTests(object): 'user_id': user_id }, token=token, - expected_status=http_client.OK) + expected_status=200) self.assertEqual('_member_', self._get_role_name(r.result)) # 'member_role' should not be in tenant_bar any more @@ -520,7 +520,7 @@ class CoreApiTests(object): 'user_id': user_id }, token=token, - expected_status=http_client.OK) + expected_status=200) self.assertNoRoles(r.result) def test_update_user_with_invalid_tenant(self): @@ -539,7 +539,7 @@ class CoreApiTests(object): }, }, token=token, - expected_status=http_client.OK) + expected_status=200) user_id = self._get_user_id(r.result) # Update user with an invalid tenant @@ -571,7 +571,7 @@ class CoreApiTests(object): }, }, token=token, - expected_status=http_client.OK) + expected_status=200) user_id = self._get_user_id(r.result) # Update user with an invalid tenant @@ -604,7 +604,7 @@ class CoreApiTests(object): }, }, token=token, - expected_status=http_client.OK) + expected_status=200) user_id = self._get_user_id(r.result) @@ -615,7 +615,7 @@ class CoreApiTests(object): 'user_id': user_id }, token=token, - expected_status=http_client.OK) + expected_status=200) self.assertEqual(CONF.member_role_name, self._get_role_name(r.result)) # Update user's tenant with old tenant id @@ -630,7 +630,7 @@ class CoreApiTests(object): }, }, token=token, - expected_status=http_client.OK) + expected_status=200) # 'member_role' should still be in tenant_bar r = self.admin_request( @@ -639,7 +639,7 @@ class CoreApiTests(object): 'user_id': user_id }, token=token, - expected_status=http_client.OK) + expected_status=200) self.assertEqual('_member_', self._get_role_name(r.result)) def test_authenticating_a_user_with_no_password(self): @@ -721,7 +721,7 @@ class LegacyV2UsernameTests(object): path='/v2.0/users', token=token, body=body, - expected_status=http_client.OK) + expected_status=200) def test_create_with_extra_username(self): """The response for creating a user will contain the extra fields.""" @@ -772,7 +772,7 @@ class LegacyV2UsernameTests(object): 'enabled': enabled, }, }, - expected_status=http_client.OK) + expected_status=200) self.assertValidUserResponse(r) @@ -802,7 +802,7 @@ class LegacyV2UsernameTests(object): 'enabled': enabled, }, }, - expected_status=http_client.OK) + expected_status=200) self.assertValidUserResponse(r) @@ -881,7 +881,7 @@ class LegacyV2UsernameTests(object): 'enabled': enabled, }, }, - expected_status=http_client.OK) + expected_status=200) self.assertValidUserResponse(r) @@ -911,7 +911,7 @@ class LegacyV2UsernameTests(object): 'enabled': enabled, }, }, - expected_status=http_client.OK) + expected_status=200) self.assertValidUserResponse(r) @@ -931,7 +931,7 @@ class LegacyV2UsernameTests(object): 'enabled': True, }, }, - expected_status=http_client.OK) + expected_status=200) self.assertValidUserResponse(r) @@ -956,7 +956,7 @@ class LegacyV2UsernameTests(object): 'enabled': enabled, }, }, - expected_status=http_client.OK) + expected_status=200) self.assertValidUserResponse(r) @@ -1200,7 +1200,7 @@ class V2TestCase(RestfulTestCase, CoreApiTests, LegacyV2UsernameTests): method='GET', path='/v2.0/tokens/revoked', token=token, - expected_status=http_client.OK) + expected_status=200) self.assertValidRevocationListResponse(r) def assertValidRevocationListResponse(self, response): @@ -1231,7 +1231,7 @@ class V2TestCase(RestfulTestCase, CoreApiTests, LegacyV2UsernameTests): method='GET', path='/v2.0/tokens/revoked', token=token1, - expected_status=http_client.OK) + expected_status=200) signed_text = r.result['signed'] data_json = cms.cms_verify(signed_text, CONF.signing.certfile, @@ -1333,7 +1333,7 @@ class V2TestCase(RestfulTestCase, CoreApiTests, LegacyV2UsernameTests): }, }, }, - expected_status=http_client.OK) + expected_status=200) # ensure password doesn't leak user_id = r.result['user']['id'] @@ -1341,7 +1341,7 @@ class V2TestCase(RestfulTestCase, CoreApiTests, LegacyV2UsernameTests): method='GET', path='/v2.0/users/%s' % user_id, token=token, - expected_status=http_client.OK) + expected_status=200) self.assertNotIn('OS-KSADM:password', r.result['user']) def test_updating_a_user_with_an_OSKSADM_password(self): @@ -1360,7 +1360,7 @@ class V2TestCase(RestfulTestCase, CoreApiTests, LegacyV2UsernameTests): }, }, token=token, - expected_status=http_client.OK) + expected_status=200) # successfully authenticate self.public_request( @@ -1374,7 +1374,7 @@ class V2TestCase(RestfulTestCase, CoreApiTests, LegacyV2UsernameTests): }, }, }, - expected_status=http_client.OK) + expected_status=200) class RevokeApiTestCase(V2TestCase): @@ -1436,7 +1436,7 @@ class TestFernetTokenProviderV2(RestfulTestCase): method='GET', path=path, token=admin_token, - expected_status=http_client.OK) + expected_status=200) def test_authenticate_scoped_token(self): project_ref = self.new_project_ref() @@ -1466,7 +1466,7 @@ class TestFernetTokenProviderV2(RestfulTestCase): method='GET', path=path, token=admin_token, - expected_status=http_client.OK) + expected_status=200) def test_token_authentication_and_validation(self): """Test token authentication for Fernet token provider. @@ -1491,7 +1491,7 @@ class TestFernetTokenProviderV2(RestfulTestCase): } } }, - expected_status=http_client.OK) + expected_status=200) token_id = self._get_token_id(r) path = ('/v2.0/tokens/%s?belongsTo=%s' % (token_id, project_ref['id'])) @@ -1500,7 +1500,7 @@ class TestFernetTokenProviderV2(RestfulTestCase): method='GET', path=path, token=CONF.admin_token, - expected_status=http_client.OK) + expected_status=200) def test_rescoped_tokens_maintain_original_expiration(self): project_ref = self.new_project_ref() @@ -1522,7 +1522,7 @@ class TestFernetTokenProviderV2(RestfulTestCase): }, # NOTE(lbragstad): This test may need to be refactored if Keystone # decides to disallow rescoping using a scoped token. - expected_status=http_client.OK) + expected_status=200) original_token = resp.result['access']['token']['id'] original_expiration = resp.result['access']['token']['expires'] @@ -1537,7 +1537,7 @@ class TestFernetTokenProviderV2(RestfulTestCase): } } }, - expected_status=http_client.OK) + expected_status=200) rescoped_token = resp.result['access']['token']['id'] rescoped_expiration = resp.result['access']['token']['expires'] self.assertNotEqual(original_token, rescoped_token) diff --git a/keystone-moon/keystone/tests/unit/test_v2_keystoneclient.py b/keystone-moon/keystone/tests/unit/test_v2_keystoneclient.py index 8d6d9eb7..2a3fad86 100644 --- a/keystone-moon/keystone/tests/unit/test_v2_keystoneclient.py +++ b/keystone-moon/keystone/tests/unit/test_v2_keystoneclient.py @@ -1137,7 +1137,7 @@ class ClientDrivenTestCase(unit.TestCase): credentials, signature = self._generate_default_user_ec2_credentials() credentials['signature'] = signature resp, token = self._send_ec2_auth_request(credentials) - self.assertEqual(http_client.OK, resp.status_code) + self.assertEqual(200, resp.status_code) self.assertIn('access', token) def test_ec2_auth_success_trust(self): @@ -1169,7 +1169,7 @@ class ClientDrivenTestCase(unit.TestCase): cred.access, cred.secret) credentials['signature'] = signature resp, token = self._send_ec2_auth_request(credentials) - self.assertEqual(http_client.OK, resp.status_code) + self.assertEqual(200, resp.status_code) self.assertEqual(trust_id, token['access']['trust']['id']) # TODO(shardy) we really want to check the roles and trustee # but because of where the stubbing happens we don't seem to diff --git a/keystone-moon/keystone/tests/unit/test_v3.py b/keystone-moon/keystone/tests/unit/test_v3.py index 7afe6ad8..32c5e295 100644 --- a/keystone-moon/keystone/tests/unit/test_v3.py +++ b/keystone-moon/keystone/tests/unit/test_v3.py @@ -18,7 +18,6 @@ import uuid from oslo_config import cfg from oslo_serialization import jsonutils from oslo_utils import timeutils -from six.moves import http_client from testtools import matchers from keystone import auth @@ -412,7 +411,7 @@ class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase, r = self.v3_authenticate_token(auth) return r.headers.get('X-Subject-Token') - def v3_authenticate_token(self, auth, expected_status=http_client.CREATED): + def v3_authenticate_token(self, auth, expected_status=201): return self.admin_request(method='POST', path='/v3/auth/tokens', body=auth, @@ -441,31 +440,42 @@ class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase, return self.admin_request(path=path, token=token, **kwargs) - def get(self, path, expected_status=http_client.OK, **kwargs): - return self.v3_request(path, method='GET', - expected_status=expected_status, **kwargs) + def get(self, path, **kwargs): + r = self.v3_request(method='GET', path=path, **kwargs) + if 'expected_status' not in kwargs: + self.assertResponseStatus(r, 200) + return r - def head(self, path, expected_status=http_client.NO_CONTENT, **kwargs): - r = self.v3_request(path, method='HEAD', - expected_status=expected_status, **kwargs) + def head(self, path, **kwargs): + r = self.v3_request(method='HEAD', path=path, **kwargs) + if 'expected_status' not in kwargs: + self.assertResponseStatus(r, 204) self.assertEqual('', r.body) return r - def post(self, path, expected_status=http_client.CREATED, **kwargs): - return self.v3_request(path, method='POST', - expected_status=expected_status, **kwargs) + def post(self, path, **kwargs): + r = self.v3_request(method='POST', path=path, **kwargs) + if 'expected_status' not in kwargs: + self.assertResponseStatus(r, 201) + return r - def put(self, path, expected_status=http_client.NO_CONTENT, **kwargs): - return self.v3_request(path, method='PUT', - expected_status=expected_status, **kwargs) + def put(self, path, **kwargs): + r = self.v3_request(method='PUT', path=path, **kwargs) + if 'expected_status' not in kwargs: + self.assertResponseStatus(r, 204) + return r - def patch(self, path, expected_status=http_client.OK, **kwargs): - return self.v3_request(path, method='PATCH', - expected_status=expected_status, **kwargs) + def patch(self, path, **kwargs): + r = self.v3_request(method='PATCH', path=path, **kwargs) + if 'expected_status' not in kwargs: + self.assertResponseStatus(r, 200) + return r - def delete(self, path, expected_status=http_client.NO_CONTENT, **kwargs): - return self.v3_request(path, method='DELETE', - expected_status=expected_status, **kwargs) + def delete(self, path, **kwargs): + r = self.v3_request(method='DELETE', path=path, **kwargs) + if 'expected_status' not in kwargs: + self.assertResponseStatus(r, 204) + return r def assertValidErrorResponse(self, r): resp = r.result diff --git a/keystone-moon/keystone/tests/unit/test_v3_assignment.py b/keystone-moon/keystone/tests/unit/test_v3_assignment.py index f22e9f2b..6b15b1c3 100644 --- a/keystone-moon/keystone/tests/unit/test_v3_assignment.py +++ b/keystone-moon/keystone/tests/unit/test_v3_assignment.py @@ -363,13 +363,14 @@ class AssignmentTestCase(test_v3.RestfulTestCase, # validates the returned token and it should be valid. self.head('/auth/tokens', headers={'x-subject-token': subject_token}, - expected_status=http_client.OK) + expected_status=200) # now disable the domain self.domain['enabled'] = False url = "/domains/%(domain_id)s" % {'domain_id': self.domain['id']} self.patch(url, - body={'domain': {'enabled': False}}) + body={'domain': {'enabled': False}}, + expected_status=200) # validates the same token again and it should be 'not found' # as the domain has already been disabled. @@ -511,7 +512,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase, ref = self.new_project_ref(domain_id=self.domain_id, is_domain=True) self.post('/projects', body={'project': ref}, - expected_status=http_client.NOT_IMPLEMENTED) + expected_status=501) @utils.wip('waiting for projects acting as domains implementation') def test_create_project_without_parent_id_and_without_domain_id(self): @@ -1289,9 +1290,9 @@ class AssignmentTestCase(test_v3.RestfulTestCase, member_url = ('%(collection_url)s/%(role_id)s' % { 'collection_url': collection_url, 'role_id': self.role_id}) - self.put(member_url) + self.put(member_url, expected_status=204) # Check the user has the role assigned - self.head(member_url) + self.head(member_url, expected_status=204) return member_url, user_ref def test_delete_user_before_removing_role_assignment_succeeds(self): @@ -1300,7 +1301,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase, # Delete the user from identity backend self.identity_api.driver.delete_user(user['id']) # Clean up the role assignment - self.delete(member_url) + self.delete(member_url, expected_status=204) # Make sure the role is gone self.head(member_url, expected_status=http_client.NOT_FOUND) @@ -1343,7 +1344,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase, # validates the returned token; it should be valid. self.head('/auth/tokens', headers={'x-subject-token': token}, - expected_status=http_client.OK) + expected_status=200) # revokes the grant from group on project. self.assignment_api.delete_grant(role_id=self.role['id'], @@ -1868,7 +1869,7 @@ class RoleAssignmentBaseTestCase(test_v3.RestfulTestCase, self.default_user_id = self.user_ids[0] self.default_group_id = self.group_ids[0] - def get_role_assignments(self, expected_status=http_client.OK, **filters): + def get_role_assignments(self, expected_status=200, **filters): """Returns the result from querying role assignment API + queried URL. Calls GET /v3/role_assignments?<params> and returns its result, where diff --git a/keystone-moon/keystone/tests/unit/test_v3_auth.py b/keystone-moon/keystone/tests/unit/test_v3_auth.py index 496a75c0..d53a85df 100644 --- a/keystone-moon/keystone/tests/unit/test_v3_auth.py +++ b/keystone-moon/keystone/tests/unit/test_v3_auth.py @@ -384,8 +384,9 @@ class TokenAPITests(object): v2_token = r.result['access']['token']['id'] # Delete the v2 token using v3. - self.delete( + resp = self.delete( '/auth/tokens', headers={'X-Subject-Token': v2_token}) + self.assertEqual(resp.status_code, 204) # Attempting to use the deleted token on v2 should fail. self.admin_request( @@ -405,8 +406,7 @@ class TokenAPITests(object): self.assertEqual(expires, r.result['token']['expires_at']) def test_check_token(self): - self.head('/auth/tokens', headers=self.headers, - expected_status=http_client.OK) + self.head('/auth/tokens', headers=self.headers, expected_status=200) def test_validate_token(self): r = self.get('/auth/tokens', headers=self.headers) @@ -655,13 +655,11 @@ class TestTokenRevokeSelfAndAdmin(test_v3.RestfulTestCase): password=self.userAdminA['password'], domain_name=self.domainA['name'])) - self.head('/auth/tokens', headers=headers, - expected_status=http_client.OK, + self.head('/auth/tokens', headers=headers, expected_status=200, token=adminA_token) - self.head('/auth/tokens', headers=headers, - expected_status=http_client.OK, + self.head('/auth/tokens', headers=headers, expected_status=200, token=user_token) - self.delete('/auth/tokens', headers=headers, + self.delete('/auth/tokens', headers=headers, expected_status=204, token=user_token) # invalid X-Auth-Token and invalid X-Subject-Token self.head('/auth/tokens', headers=headers, @@ -695,13 +693,11 @@ class TestTokenRevokeSelfAndAdmin(test_v3.RestfulTestCase): password=self.userAdminA['password'], domain_name=self.domainA['name'])) - self.head('/auth/tokens', headers=headers, - expected_status=http_client.OK, + self.head('/auth/tokens', headers=headers, expected_status=200, token=adminA_token) - self.head('/auth/tokens', headers=headers, - expected_status=http_client.OK, + self.head('/auth/tokens', headers=headers, expected_status=200, token=user_token) - self.delete('/auth/tokens', headers=headers, + self.delete('/auth/tokens', headers=headers, expected_status=204, token=adminA_token) # invalid X-Auth-Token and invalid X-Subject-Token self.head('/auth/tokens', headers=headers, @@ -868,10 +864,10 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # confirm both tokens are valid self.head('/auth/tokens', headers={'X-Subject-Token': unscoped_token}, - expected_status=http_client.OK) + expected_status=200) self.head('/auth/tokens', headers={'X-Subject-Token': scoped_token}, - expected_status=http_client.OK) + expected_status=200) # create a new role role = self.new_role_ref() @@ -887,10 +883,10 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # both tokens should remain valid self.head('/auth/tokens', headers={'X-Subject-Token': unscoped_token}, - expected_status=http_client.OK) + expected_status=200) self.head('/auth/tokens', headers={'X-Subject-Token': scoped_token}, - expected_status=http_client.OK) + expected_status=200) def test_deleting_user_grant_revokes_token(self): """Test deleting a user grant revokes token. @@ -910,7 +906,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # Confirm token is valid self.head('/auth/tokens', headers={'X-Subject-Token': token}, - expected_status=http_client.OK) + expected_status=200) # Delete the grant, which should invalidate the token grant_url = ( '/projects/%(project_id)s/users/%(user_id)s/' @@ -1012,19 +1008,19 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # Confirm tokens are valid self.head('/auth/tokens', headers={'X-Subject-Token': tokenA}, - expected_status=http_client.OK) + expected_status=200) self.head('/auth/tokens', headers={'X-Subject-Token': tokenB}, - expected_status=http_client.OK) + expected_status=200) self.head('/auth/tokens', headers={'X-Subject-Token': tokenC}, - expected_status=http_client.OK) + expected_status=200) self.head('/auth/tokens', headers={'X-Subject-Token': tokenD}, - expected_status=http_client.OK) + expected_status=200) self.head('/auth/tokens', headers={'X-Subject-Token': tokenE}, - expected_status=http_client.OK) + expected_status=200) # Delete the role, which should invalidate the tokens role_url = '/roles/%s' % self.role1['id'] @@ -1047,7 +1043,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # ...but the one using role2 is still valid self.head('/auth/tokens', headers={'X-Subject-Token': tokenC}, - expected_status=http_client.OK) + expected_status=200) def test_domain_user_role_assignment_maintains_token(self): """Test user-domain role assignment maintains existing token. @@ -1067,7 +1063,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # Confirm token is valid self.head('/auth/tokens', headers={'X-Subject-Token': token}, - expected_status=http_client.OK) + expected_status=200) # Assign a role, which should not affect the token grant_url = ( '/domains/%(domain_id)s/users/%(user_id)s/' @@ -1078,7 +1074,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): self.put(grant_url) self.head('/auth/tokens', headers={'X-Subject-Token': token}, - expected_status=http_client.OK) + expected_status=200) def test_disabling_project_revokes_token(self): token = self.get_requested_token( @@ -1090,7 +1086,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # confirm token is valid self.head('/auth/tokens', headers={'X-Subject-Token': token}, - expected_status=http_client.OK) + expected_status=200) # disable the project, which should invalidate the token self.patch( @@ -1118,7 +1114,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # confirm token is valid self.head('/auth/tokens', headers={'X-Subject-Token': token}, - expected_status=http_client.OK) + expected_status=200) # delete the project, which should invalidate the token self.delete( @@ -1167,13 +1163,13 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # Confirm tokens are valid self.head('/auth/tokens', headers={'X-Subject-Token': token1}, - expected_status=http_client.OK) + expected_status=200) self.head('/auth/tokens', headers={'X-Subject-Token': token2}, - expected_status=http_client.OK) + expected_status=200) self.head('/auth/tokens', headers={'X-Subject-Token': token3}, - expected_status=http_client.OK) + expected_status=200) # Delete the group grant, which should invalidate the # tokens for user1 and user2 grant_url = ( @@ -1213,7 +1209,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # Confirm token is valid self.head('/auth/tokens', headers={'X-Subject-Token': token}, - expected_status=http_client.OK) + expected_status=200) # Delete the grant, which should invalidate the token grant_url = ( '/domains/%(domain_id)s/groups/%(group_id)s/' @@ -1224,7 +1220,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): self.put(grant_url) self.head('/auth/tokens', headers={'X-Subject-Token': token}, - expected_status=http_client.OK) + expected_status=200) def test_group_membership_changes_revokes_token(self): """Test add/removal to/from group revokes token. @@ -1254,10 +1250,10 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # Confirm tokens are valid self.head('/auth/tokens', headers={'X-Subject-Token': token1}, - expected_status=http_client.OK) + expected_status=200) self.head('/auth/tokens', headers={'X-Subject-Token': token2}, - expected_status=http_client.OK) + expected_status=200) # Remove user1 from group1, which should invalidate # the token self.delete('/groups/%(group_id)s/users/%(user_id)s' % { @@ -1269,14 +1265,14 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # But user2's token should still be valid self.head('/auth/tokens', headers={'X-Subject-Token': token2}, - expected_status=http_client.OK) + expected_status=200) # Adding user2 to a group should not invalidate token self.put('/groups/%(group_id)s/users/%(user_id)s' % { 'group_id': self.group2['id'], 'user_id': self.user2['id']}) self.head('/auth/tokens', headers={'X-Subject-Token': token2}, - expected_status=http_client.OK) + expected_status=200) def test_removing_role_assignment_does_not_affect_other_users(self): """Revoking a role from one user should not affect other users.""" @@ -1320,7 +1316,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # authorization for the second user should still succeed self.head('/auth/tokens', headers={'X-Subject-Token': user3_token}, - expected_status=http_client.OK) + expected_status=200) self.v3_authenticate_token( self.build_authentication_request( user_id=self.user3['id'], @@ -1370,7 +1366,8 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): token = self.get_v2_token() self.delete('/auth/tokens', - headers={'X-Subject-Token': token}) + headers={'X-Subject-Token': token}, + expected_status=204) self.head('/auth/tokens', headers={'X-Subject-Token': token}, @@ -1400,7 +1397,8 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # revoke the project-scoped token. self.delete('/auth/tokens', - headers={'X-Subject-Token': project_scoped_token}) + headers={'X-Subject-Token': project_scoped_token}, + expected_status=204) # The project-scoped token is invalidated. self.head('/auth/tokens', @@ -1410,16 +1408,17 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # The unscoped token should still be valid. self.head('/auth/tokens', headers={'X-Subject-Token': unscoped_token}, - expected_status=http_client.OK) + expected_status=200) # The domain-scoped token should still be valid. self.head('/auth/tokens', headers={'X-Subject-Token': domain_scoped_token}, - expected_status=http_client.OK) + expected_status=200) # revoke the domain-scoped token. self.delete('/auth/tokens', - headers={'X-Subject-Token': domain_scoped_token}) + headers={'X-Subject-Token': domain_scoped_token}, + expected_status=204) # The domain-scoped token is invalid. self.head('/auth/tokens', @@ -1429,7 +1428,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # The unscoped token should still be valid. self.head('/auth/tokens', headers={'X-Subject-Token': unscoped_token}, - expected_status=http_client.OK) + expected_status=200) def test_revoke_token_from_token_v2(self): # Test that a scoped token can be requested from an unscoped token, @@ -1447,7 +1446,8 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # revoke the project-scoped token. self.delete('/auth/tokens', - headers={'X-Subject-Token': project_scoped_token}) + headers={'X-Subject-Token': project_scoped_token}, + expected_status=204) # The project-scoped token is invalidated. self.head('/auth/tokens', @@ -1457,7 +1457,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase): # The unscoped token should still be valid. self.head('/auth/tokens', headers={'X-Subject-Token': unscoped_token}, - expected_status=http_client.OK) + expected_status=200) class TestTokenRevokeByAssignment(TestTokenRevokeById): @@ -1501,7 +1501,7 @@ class TestTokenRevokeByAssignment(TestTokenRevokeById): # authorization for the projectA should still succeed self.head('/auth/tokens', headers={'X-Subject-Token': other_project_token}, - expected_status=http_client.OK) + expected_status=200) # while token for the projectB should not self.head('/auth/tokens', headers={'X-Subject-Token': project_token}, @@ -1563,24 +1563,27 @@ class TestTokenRevokeApi(TestTokenRevokeById): def test_revoke_token(self): scoped_token = self.get_scoped_token() headers = {'X-Subject-Token': scoped_token} - response = self.get('/auth/tokens', headers=headers).json_body['token'] + response = self.get('/auth/tokens', headers=headers, + expected_status=200).json_body['token'] - self.delete('/auth/tokens', headers=headers) + self.delete('/auth/tokens', headers=headers, expected_status=204) self.head('/auth/tokens', headers=headers, expected_status=http_client.NOT_FOUND) - events_response = self.get('/OS-REVOKE/events').json_body + events_response = self.get('/OS-REVOKE/events', + expected_status=200).json_body self.assertValidRevokedTokenResponse(events_response, audit_id=response['audit_ids'][0]) def test_revoke_v2_token(self): token = self.get_v2_token() headers = {'X-Subject-Token': token} - response = self.get('/auth/tokens', - headers=headers).json_body['token'] - self.delete('/auth/tokens', headers=headers) + response = self.get('/auth/tokens', headers=headers, + expected_status=200).json_body['token'] + self.delete('/auth/tokens', headers=headers, expected_status=204) self.head('/auth/tokens', headers=headers, expected_status=http_client.NOT_FOUND) - events_response = self.get('/OS-REVOKE/events').json_body + events_response = self.get('/OS-REVOKE/events', + expected_status=200).json_body self.assertValidRevokedTokenResponse( events_response, @@ -1592,24 +1595,28 @@ class TestTokenRevokeApi(TestTokenRevokeById): def test_list_delete_project_shows_in_event_list(self): self.role_data_fixtures() - events = self.get('/OS-REVOKE/events').json_body['events'] + events = self.get('/OS-REVOKE/events', + expected_status=200).json_body['events'] self.assertEqual([], events) self.delete( '/projects/%(project_id)s' % {'project_id': self.projectA['id']}) - events_response = self.get('/OS-REVOKE/events').json_body + events_response = self.get('/OS-REVOKE/events', + expected_status=200).json_body self.assertValidDeletedProjectResponse(events_response, self.projectA['id']) def test_disable_domain_shows_in_event_list(self): - events = self.get('/OS-REVOKE/events').json_body['events'] + events = self.get('/OS-REVOKE/events', + expected_status=200).json_body['events'] self.assertEqual([], events) disable_body = {'domain': {'enabled': False}} self.patch( '/domains/%(project_id)s' % {'project_id': self.domainA['id']}, body=disable_body) - events = self.get('/OS-REVOKE/events').json_body + events = self.get('/OS-REVOKE/events', + expected_status=200).json_body self.assertDomainInList(events, self.domainA['id']) @@ -1639,7 +1646,8 @@ class TestTokenRevokeApi(TestTokenRevokeById): def test_list_delete_token_shows_in_event_list(self): self.role_data_fixtures() - events = self.get('/OS-REVOKE/events').json_body['events'] + events = self.get('/OS-REVOKE/events', + expected_status=200).json_body['events'] self.assertEqual([], events) scoped_token = self.get_scoped_token() @@ -1653,17 +1661,15 @@ class TestTokenRevokeApi(TestTokenRevokeById): response.json_body['token'] headers3 = {'X-Subject-Token': response.headers['X-Subject-Token']} - self.head('/auth/tokens', headers=headers, - expected_status=http_client.OK) - self.head('/auth/tokens', headers=headers2, - expected_status=http_client.OK) - self.head('/auth/tokens', headers=headers3, - expected_status=http_client.OK) + self.head('/auth/tokens', headers=headers, expected_status=200) + self.head('/auth/tokens', headers=headers2, expected_status=200) + self.head('/auth/tokens', headers=headers3, expected_status=200) - self.delete('/auth/tokens', headers=headers) + self.delete('/auth/tokens', headers=headers, expected_status=204) # NOTE(ayoung): not deleting token3, as it should be deleted # by previous - events_response = self.get('/OS-REVOKE/events').json_body + events_response = self.get('/OS-REVOKE/events', + expected_status=200).json_body events = events_response['events'] self.assertEqual(1, len(events)) self.assertEventDataInList( @@ -1671,32 +1677,32 @@ class TestTokenRevokeApi(TestTokenRevokeById): audit_id=token2['audit_ids'][1]) self.head('/auth/tokens', headers=headers, expected_status=http_client.NOT_FOUND) - self.head('/auth/tokens', headers=headers2, - expected_status=http_client.OK) - self.head('/auth/tokens', headers=headers3, - expected_status=http_client.OK) + self.head('/auth/tokens', headers=headers2, expected_status=200) + self.head('/auth/tokens', headers=headers3, expected_status=200) def test_list_with_filter(self): self.role_data_fixtures() - events = self.get('/OS-REVOKE/events').json_body['events'] + events = self.get('/OS-REVOKE/events', + expected_status=200).json_body['events'] self.assertEqual(0, len(events)) scoped_token = self.get_scoped_token() headers = {'X-Subject-Token': scoped_token} auth = self.build_authentication_request(token=scoped_token) headers2 = {'X-Subject-Token': self.get_requested_token(auth)} - self.delete('/auth/tokens', headers=headers) - self.delete('/auth/tokens', headers=headers2) + self.delete('/auth/tokens', headers=headers, expected_status=204) + self.delete('/auth/tokens', headers=headers2, expected_status=204) - events = self.get('/OS-REVOKE/events').json_body['events'] + events = self.get('/OS-REVOKE/events', + expected_status=200).json_body['events'] self.assertEqual(2, len(events)) future = utils.isotime(timeutils.utcnow() + datetime.timedelta(seconds=1000)) - events = self.get('/OS-REVOKE/events?since=%s' % (future) - ).json_body['events'] + events = self.get('/OS-REVOKE/events?since=%s' % (future), + expected_status=200).json_body['events'] self.assertEqual(0, len(events)) @@ -3106,7 +3112,8 @@ class TestTrustChain(test_v3.RestfulTestCase): def test_delete_trust_cascade(self): self.assert_user_authenticate(self.user_chain[0]) self.delete('/OS-TRUST/trusts/%(trust_id)s' % { - 'trust_id': self.trust_chain[0]['id']}) + 'trust_id': self.trust_chain[0]['id']}, + expected_status=204) headers = {'X-Subject-Token': self.last_token} self.head('/auth/tokens', headers=headers, @@ -3116,10 +3123,12 @@ class TestTrustChain(test_v3.RestfulTestCase): def test_delete_broken_chain(self): self.assert_user_authenticate(self.user_chain[0]) self.delete('/OS-TRUST/trusts/%(trust_id)s' % { - 'trust_id': self.trust_chain[1]['id']}) + 'trust_id': self.trust_chain[1]['id']}, + expected_status=204) self.delete('/OS-TRUST/trusts/%(trust_id)s' % { - 'trust_id': self.trust_chain[0]['id']}) + 'trust_id': self.trust_chain[0]['id']}, + expected_status=204) def test_trustor_roles_revoked(self): self.assert_user_authenticate(self.user_chain[0]) @@ -3214,7 +3223,8 @@ class TestTrustAuth(test_v3.RestfulTestCase): # make sure the trust exists trust = self.assertValidTrustResponse(r, ref) r = self.get( - '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}) + '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}, + expected_status=200) # get a token for the trustee auth_data = self.build_authentication_request( user_id=self.trustee_user['id'], @@ -3232,7 +3242,8 @@ class TestTrustAuth(test_v3.RestfulTestCase): trust = self._initialize_test_consume_trust(2) # check decremented value r = self.get( - '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}) + '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}, + expected_status=200) trust = r.result.get('trust') self.assertIsNotNone(trust) self.assertEqual(1, trust['remaining_uses']) @@ -3310,7 +3321,8 @@ class TestTrustAuth(test_v3.RestfulTestCase): trust = self.assertValidTrustResponse(r, ref) r = self.get( - '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}) + '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}, + expected_status=200) auth_data = self.build_authentication_request( user_id=self.trustee_user['id'], password=self.trustee_user['password']) @@ -3321,7 +3333,8 @@ class TestTrustAuth(test_v3.RestfulTestCase): trust_id=trust['id']) r = self.v3_authenticate_token(auth_data) r = self.get( - '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}) + '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}, + expected_status=200) trust = r.result.get('trust') self.assertIsNone(trust['remaining_uses']) @@ -3335,27 +3348,30 @@ class TestTrustAuth(test_v3.RestfulTestCase): trust = self.assertValidTrustResponse(r, ref) r = self.get( - '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}) + '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}, + expected_status=200) self.assertValidTrustResponse(r, ref) # validate roles on the trust r = self.get( '/OS-TRUST/trusts/%(trust_id)s/roles' % { - 'trust_id': trust['id']}) + 'trust_id': trust['id']}, + expected_status=200) roles = self.assertValidRoleListResponse(r, self.role) self.assertIn(self.role['id'], [x['id'] for x in roles]) self.head( '/OS-TRUST/trusts/%(trust_id)s/roles/%(role_id)s' % { 'trust_id': trust['id'], 'role_id': self.role['id']}, - expected_status=http_client.OK) + expected_status=200) r = self.get( '/OS-TRUST/trusts/%(trust_id)s/roles/%(role_id)s' % { 'trust_id': trust['id'], - 'role_id': self.role['id']}) + 'role_id': self.role['id']}, + expected_status=200) self.assertValidRoleResponse(r, self.role) - r = self.get('/OS-TRUST/trusts') + r = self.get('/OS-TRUST/trusts', expected_status=200) self.assertValidTrustListResponse(r, trust) # trusts are immutable @@ -3365,7 +3381,8 @@ class TestTrustAuth(test_v3.RestfulTestCase): expected_status=http_client.NOT_FOUND) self.delete( - '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}) + '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}, + expected_status=204) self.get( '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']}, @@ -3554,7 +3571,7 @@ class TestTrustAuth(test_v3.RestfulTestCase): path = '/v2.0/tokens/%s' % (token) self.admin_request( path=path, token=CONF.admin_token, - method='GET', expected_status=http_client.OK) + method='GET', expected_status=200) def test_exercise_trust_scoped_token_without_impersonation(self): ref = self.new_trust_ref( @@ -3758,7 +3775,8 @@ class TestTrustAuth(test_v3.RestfulTestCase): expected_status=http_client.FORBIDDEN) def assertTrustTokensRevoked(self, trust_id): - revocation_response = self.get('/OS-REVOKE/events') + revocation_response = self.get('/OS-REVOKE/events', + expected_status=200) revocation_events = revocation_response.json_body['events'] found = False for event in revocation_events: @@ -3787,7 +3805,8 @@ class TestTrustAuth(test_v3.RestfulTestCase): r, self.trustee_user) trust_token = r.headers['X-Subject-Token'] self.delete('/OS-TRUST/trusts/%(trust_id)s' % { - 'trust_id': trust_id}) + 'trust_id': trust_id}, + expected_status=204) headers = {'X-Subject-Token': trust_token} self.head('/auth/tokens', headers=headers, expected_status=http_client.NOT_FOUND) @@ -3814,7 +3833,7 @@ class TestTrustAuth(test_v3.RestfulTestCase): user_id=self.trustee_user['id'], password=self.trustee_user['password'], trust_id=trust['id']) - self.v3_authenticate_token(auth_data) + self.v3_authenticate_token(auth_data, expected_status=201) self.disable_user(self.user) @@ -3842,7 +3861,7 @@ class TestTrustAuth(test_v3.RestfulTestCase): user_id=self.trustee_user['id'], password=self.trustee_user['password'], trust_id=trust['id']) - self.v3_authenticate_token(auth_data) + self.v3_authenticate_token(auth_data, expected_status=201) self.disable_user(self.trustee_user) @@ -3867,7 +3886,8 @@ class TestTrustAuth(test_v3.RestfulTestCase): trust = self.assertValidTrustResponse(r, ref) self.delete('/OS-TRUST/trusts/%(trust_id)s' % { - 'trust_id': trust['id']}) + 'trust_id': trust['id']}, + expected_status=204) self.get('/OS-TRUST/trusts/%(trust_id)s' % { 'trust_id': trust['id']}, @@ -3897,19 +3917,19 @@ class TestTrustAuth(test_v3.RestfulTestCase): r = self.post('/OS-TRUST/trusts', body={'trust': ref}) self.assertValidTrustResponse(r, ref) - r = self.get('/OS-TRUST/trusts') + r = self.get('/OS-TRUST/trusts', expected_status=200) trusts = r.result['trusts'] self.assertEqual(3, len(trusts)) self.assertValidTrustListResponse(r) r = self.get('/OS-TRUST/trusts?trustor_user_id=%s' % - self.user_id) + self.user_id, expected_status=200) trusts = r.result['trusts'] self.assertEqual(3, len(trusts)) self.assertValidTrustListResponse(r) r = self.get('/OS-TRUST/trusts?trustee_user_id=%s' % - self.user_id) + self.user_id, expected_status=200) trusts = r.result['trusts'] self.assertEqual(0, len(trusts)) @@ -3935,11 +3955,13 @@ class TestTrustAuth(test_v3.RestfulTestCase): trust_token = r.headers.get('X-Subject-Token') self.get('/OS-TRUST/trusts?trustor_user_id=%s' % - self.user_id, token=trust_token) + self.user_id, expected_status=200, + token=trust_token) self.assertValidUserResponse( self.patch('/users/%s' % self.trustee_user['id'], - body={'user': {'password': uuid.uuid4().hex}})) + body={'user': {'password': uuid.uuid4().hex}}, + expected_status=200)) self.get('/OS-TRUST/trusts?trustor_user_id=%s' % self.user_id, expected_status=http_client.UNAUTHORIZED, @@ -3971,13 +3993,14 @@ class TestTrustAuth(test_v3.RestfulTestCase): 'trust_id': trust['id'], 'role_id': self.role['id']}, auth=auth_data, - expected_status=http_client.OK) + expected_status=200) r = self.get( '/OS-TRUST/trusts/%(trust_id)s/roles/%(role_id)s' % { 'trust_id': trust['id'], 'role_id': self.role['id']}, - auth=auth_data) + auth=auth_data, + expected_status=200) self.assertValidRoleResponse(r, self.role) def test_do_not_consume_remaining_uses_when_get_token_fails(self): @@ -4022,7 +4045,7 @@ class TestAPIProtectionWithoutAuthContextMiddleware(test_v3.RestfulTestCase): 'query_string': {}, 'environment': {}} r = auth_controller.validate_token(context) - self.assertEqual(http_client.OK, r.status_code) + self.assertEqual(200, r.status_code) class TestAuthContext(unit.TestCase): @@ -4082,7 +4105,9 @@ class TestAuthSpecificData(test_v3.RestfulTestCase): def test_get_catalog_project_scoped_token(self): """Call ``GET /auth/catalog`` with a project-scoped token.""" - r = self.get('/auth/catalog') + r = self.get( + '/auth/catalog', + expected_status=200) self.assertValidCatalogResponse(r) def test_get_catalog_domain_scoped_token(self): @@ -4116,7 +4141,7 @@ class TestAuthSpecificData(test_v3.RestfulTestCase): expected_status=http_client.UNAUTHORIZED) def test_get_projects_project_scoped_token(self): - r = self.get('/auth/projects') + r = self.get('/auth/projects', expected_status=200) self.assertThat(r.json['projects'], matchers.HasLength(1)) self.assertValidProjectListResponse(r) @@ -4124,7 +4149,7 @@ class TestAuthSpecificData(test_v3.RestfulTestCase): self.put(path='/domains/%s/users/%s/roles/%s' % ( self.domain['id'], self.user['id'], self.role['id'])) - r = self.get('/auth/domains') + r = self.get('/auth/domains', expected_status=200) self.assertThat(r.json['domains'], matchers.HasLength(1)) self.assertValidDomainListResponse(r) @@ -4135,7 +4160,7 @@ class TestFernetTokenProvider(test_v3.RestfulTestCase): self.useFixture(ksfixtures.KeyRepository(self.config_fixture)) def _make_auth_request(self, auth_data): - resp = self.post('/auth/tokens', body=auth_data) + resp = self.post('/auth/tokens', body=auth_data, expected_status=201) token = resp.headers.get('X-Subject-Token') self.assertLess(len(token), 255) return token @@ -4167,13 +4192,13 @@ class TestFernetTokenProvider(test_v3.RestfulTestCase): trust_id=trust['id']) return self._make_auth_request(auth_data) - def _validate_token(self, token, expected_status=http_client.OK): + def _validate_token(self, token, expected_status=200): return self.get( '/auth/tokens', headers={'X-Subject-Token': token}, expected_status=expected_status) - def _revoke_token(self, token, expected_status=http_client.NO_CONTENT): + def _revoke_token(self, token, expected_status=204): return self.delete( '/auth/tokens', headers={'X-Subject-Token': token}, @@ -4547,8 +4572,7 @@ class TestAuthFernetTokenProvider(TestAuth): self.admin_app.extra_environ.update({'REMOTE_USER': remote_user, 'AUTH_TYPE': 'Negotiate'}) # Bind not current supported by Fernet, see bug 1433311. - self.v3_authenticate_token(auth_data, - expected_status=http_client.NOT_IMPLEMENTED) + self.v3_authenticate_token(auth_data, expected_status=501) def test_v2_v3_bind_token_intermix(self): self.config_fixture.config(group='token', bind='kerberos') @@ -4563,7 +4587,7 @@ class TestAuthFernetTokenProvider(TestAuth): self.admin_request(path='/v2.0/tokens', method='POST', body=body, - expected_status=http_client.NOT_IMPLEMENTED) + expected_status=501) def test_auth_with_bind_token(self): self.config_fixture.config(group='token', bind=['kerberos']) @@ -4573,5 +4597,4 @@ class TestAuthFernetTokenProvider(TestAuth): self.admin_app.extra_environ.update({'REMOTE_USER': remote_user, 'AUTH_TYPE': 'Negotiate'}) # Bind not current supported by Fernet, see bug 1433311. - self.v3_authenticate_token(auth_data, - expected_status=http_client.NOT_IMPLEMENTED) + self.v3_authenticate_token(auth_data, expected_status=501) diff --git a/keystone-moon/keystone/tests/unit/test_v3_catalog.py b/keystone-moon/keystone/tests/unit/test_v3_catalog.py index 0d82390d..c536169a 100644 --- a/keystone-moon/keystone/tests/unit/test_v3_catalog.py +++ b/keystone-moon/keystone/tests/unit/test_v3_catalog.py @@ -36,7 +36,7 @@ class CatalogTestCase(test_v3.RestfulTestCase): r = self.put( '/regions/%s' % region_id, body={'region': ref}, - expected_status=http_client.CREATED) + expected_status=201) self.assertValidRegionResponse(r, ref) # Double-check that the region ID was kept as-is and not # populated with a UUID, as is the case with POST /v3/regions @@ -49,7 +49,7 @@ class CatalogTestCase(test_v3.RestfulTestCase): r = self.put( '/regions/%s' % region_id, body={'region': ref}, - expected_status=http_client.CREATED) + expected_status=201) self.assertValidRegionResponse(r, ref) # Double-check that the region ID was kept as-is and not # populated with a UUID, as is the case with POST /v3/regions @@ -60,7 +60,7 @@ class CatalogTestCase(test_v3.RestfulTestCase): ref = dict(description="my region") self.put( '/regions/myregion', - body={'region': ref}, expected_status=http_client.CREATED) + body={'region': ref}, expected_status=201) # Create region again with duplicate id self.put( '/regions/myregion', @@ -86,7 +86,9 @@ class CatalogTestCase(test_v3.RestfulTestCase): ref = self.new_region_ref() ref['id'] = '' - r = self.post('/regions', body={'region': ref}) + r = self.post( + '/regions', + body={'region': ref}, expected_status=201) self.assertValidRegionResponse(r, ref) self.assertNotEmpty(r.result['region'].get('id')) @@ -98,7 +100,10 @@ class CatalogTestCase(test_v3.RestfulTestCase): del ref['id'] # let the service define the ID - r = self.post('/regions', body={'region': ref}) + r = self.post( + '/regions', + body={'region': ref}, + expected_status=201) self.assertValidRegionResponse(r, ref) def test_create_region_without_description(self): @@ -107,7 +112,10 @@ class CatalogTestCase(test_v3.RestfulTestCase): del ref['description'] - r = self.post('/regions', body={'region': ref}) + r = self.post( + '/regions', + body={'region': ref}, + expected_status=201) # Create the description in the reference to compare to since the # response should now have a description, even though we didn't send # it with the original reference. @@ -127,10 +135,16 @@ class CatalogTestCase(test_v3.RestfulTestCase): ref1['description'] = region_desc ref2['description'] = region_desc - resp1 = self.post('/regions', body={'region': ref1}) + resp1 = self.post( + '/regions', + body={'region': ref1}, + expected_status=201) self.assertValidRegionResponse(resp1, ref1) - resp2 = self.post('/regions', body={'region': ref2}) + resp2 = self.post( + '/regions', + body={'region': ref2}, + expected_status=201) self.assertValidRegionResponse(resp2, ref2) def test_create_regions_without_descriptions(self): @@ -145,9 +159,15 @@ class CatalogTestCase(test_v3.RestfulTestCase): del ref1['description'] ref2['description'] = None - resp1 = self.post('/regions', body={'region': ref1}) + resp1 = self.post( + '/regions', + body={'region': ref1}, + expected_status=201) - resp2 = self.post('/regions', body={'region': ref2}) + resp2 = self.post( + '/regions', + body={'region': ref2}, + expected_status=201) # Create the descriptions in the references to compare to since the # responses should now have descriptions, even though we didn't send # a description with the original references. @@ -211,14 +231,16 @@ class CatalogTestCase(test_v3.RestfulTestCase): """Call ``PATCH /regions/{region_id}``.""" region_ref = self.new_region_ref() - resp = self.post('/regions', body={'region': region_ref}) + resp = self.post('/regions', body={'region': region_ref}, + expected_status=201) region_updates = { # update with something that's not the description 'parent_region_id': self.region_id, } resp = self.patch('/regions/%s' % region_ref['id'], - body={'region': region_updates}) + body={'region': region_updates}, + expected_status=200) # NOTE(dstanek): Keystone should keep the original description. self.assertEqual(region_ref['description'], @@ -591,7 +613,7 @@ class CatalogTestCase(test_v3.RestfulTestCase): ref = self.new_endpoint_ref(service_id=self.service_id) ref["region"] = uuid.uuid4().hex ref.pop('region_id') - self.post('/endpoints', body={'endpoint': ref}) + self.post('/endpoints', body={'endpoint': ref}, expected_status=201) # Make sure the region is created self.get('/regions/%(region_id)s' % { 'region_id': ref["region"]}) @@ -600,7 +622,7 @@ class CatalogTestCase(test_v3.RestfulTestCase): """EndpointV3 allows to creates the endpoint without region.""" ref = self.new_endpoint_ref(service_id=self.service_id) ref.pop('region_id') - self.post('/endpoints', body={'endpoint': ref}) + self.post('/endpoints', body={'endpoint': ref}, expected_status=201) def test_create_endpoint_with_empty_url(self): """Call ``POST /endpoints``.""" @@ -756,7 +778,9 @@ class CatalogTestCase(test_v3.RestfulTestCase): ref = self.new_endpoint_ref(self.service_id) ref['url'] = valid_url - self.post('/endpoints', body={'endpoint': ref}) + self.post('/endpoints', + body={'endpoint': ref}, + expected_status=201) def test_endpoint_create_with_invalid_url(self): """Test the invalid cases: substitutions is not exactly right. diff --git a/keystone-moon/keystone/tests/unit/test_v3_credential.py b/keystone-moon/keystone/tests/unit/test_v3_credential.py index cf504b00..dd8cf2dd 100644 --- a/keystone-moon/keystone/tests/unit/test_v3_credential.py +++ b/keystone-moon/keystone/tests/unit/test_v3_credential.py @@ -382,7 +382,7 @@ class TestCredentialEc2(CredentialBaseTestCase): r = self.post( '/ec2tokens', body={'ec2Credentials': sig_ref}, - expected_status=http_client.OK) + expected_status=200) self.assertValidTokenResponse(r) def test_ec2_credential_signature_validate(self): diff --git a/keystone-moon/keystone/tests/unit/test_v3_domain_config.py b/keystone-moon/keystone/tests/unit/test_v3_domain_config.py index 3f7af87d..701cd3cf 100644 --- a/keystone-moon/keystone/tests/unit/test_v3_domain_config.py +++ b/keystone-moon/keystone/tests/unit/test_v3_domain_config.py @@ -40,7 +40,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): url = '/domains/%(domain_id)s/config' % { 'domain_id': self.domain['id']} r = self.put(url, body={'config': self.config}, - expected_status=http_client.CREATED) + expected_status=201) res = self.domain_config_api.get_config(self.domain['id']) self.assertEqual(self.config, r.result['config']) self.assertEqual(self.config, res) @@ -50,11 +50,11 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): self.put('/domains/%(domain_id)s/config' % { 'domain_id': self.domain['id']}, body={'config': self.config}, - expected_status=http_client.CREATED) + expected_status=201) self.put('/domains/%(domain_id)s/config' % { 'domain_id': self.domain['id']}, body={'config': self.config}, - expected_status=http_client.OK) + expected_status=200) def test_delete_config(self): """Call ``DELETE /domains{domain_id}/config``.""" @@ -80,7 +80,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): 'domain_id': self.domain['id']} r = self.get(url) self.assertEqual(self.config, r.result['config']) - self.head(url, expected_status=http_client.OK) + self.head(url, expected_status=200) def test_get_config_by_group(self): """Call ``GET & HEAD /domains{domain_id}/config/{group}``.""" @@ -89,7 +89,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): 'domain_id': self.domain['id']} r = self.get(url) self.assertEqual({'ldap': self.config['ldap']}, r.result['config']) - self.head(url, expected_status=http_client.OK) + self.head(url, expected_status=200) def test_get_config_by_option(self): """Call ``GET & HEAD /domains{domain_id}/config/{group}/{option}``.""" @@ -99,7 +99,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): r = self.get(url) self.assertEqual({'url': self.config['ldap']['url']}, r.result['config']) - self.head(url, expected_status=http_client.OK) + self.head(url, expected_status=200) def test_get_non_existant_config(self): """Call ``GET /domains{domain_id}/config when no config defined``.""" diff --git a/keystone-moon/keystone/tests/unit/test_v3_endpoint_policy.py b/keystone-moon/keystone/tests/unit/test_v3_endpoint_policy.py index b0c8256e..3423d2d8 100644 --- a/keystone-moon/keystone/tests/unit/test_v3_endpoint_policy.py +++ b/keystone-moon/keystone/tests/unit/test_v3_endpoint_policy.py @@ -53,14 +53,12 @@ class EndpointPolicyTestCase(test_v3.RestfulTestCase): url, expected_status=http_client.NOT_FOUND) - self.put(url) + self.put(url, expected_status=204) # test that the new resource is accessible. - self.assert_head_and_get_return_same_response( - url, - expected_status=http_client.NO_CONTENT) + self.assert_head_and_get_return_same_response(url, expected_status=204) - self.delete(url) + self.delete(url, expected_status=204) # test that the deleted resource is no longer accessible self.assert_head_and_get_return_same_response( @@ -101,16 +99,18 @@ class EndpointPolicyTestCase(test_v3.RestfulTestCase): self.put('/policies/%(policy_id)s/OS-ENDPOINT-POLICY' '/endpoints/%(endpoint_id)s' % { 'policy_id': self.policy['id'], - 'endpoint_id': self.endpoint['id']}) + 'endpoint_id': self.endpoint['id']}, + expected_status=204) self.head('/endpoints/%(endpoint_id)s/OS-ENDPOINT-POLICY' '/policy' % { 'endpoint_id': self.endpoint['id']}, - expected_status=http_client.OK) + expected_status=200) r = self.get('/endpoints/%(endpoint_id)s/OS-ENDPOINT-POLICY' '/policy' % { - 'endpoint_id': self.endpoint['id']}) + 'endpoint_id': self.endpoint['id']}, + expected_status=200) self.assertValidPolicyResponse(r, ref=self.policy) def test_list_endpoints_for_policy(self): @@ -119,11 +119,13 @@ class EndpointPolicyTestCase(test_v3.RestfulTestCase): self.put('/policies/%(policy_id)s/OS-ENDPOINT-POLICY' '/endpoints/%(endpoint_id)s' % { 'policy_id': self.policy['id'], - 'endpoint_id': self.endpoint['id']}) + 'endpoint_id': self.endpoint['id']}, + expected_status=204) r = self.get('/policies/%(policy_id)s/OS-ENDPOINT-POLICY' '/endpoints' % { - 'policy_id': self.policy['id']}) + 'policy_id': self.policy['id']}, + expected_status=200) self.assertValidEndpointListResponse(r, ref=self.endpoint) self.assertThat(r.result.get('endpoints'), matchers.HasLength(1)) @@ -133,8 +135,8 @@ class EndpointPolicyTestCase(test_v3.RestfulTestCase): 'policy_id': self.policy['id'], 'endpoint_id': self.endpoint['id']} - self.put(url) - self.head(url) + self.put(url, expected_status=204) + self.head(url, expected_status=204) self.delete('/endpoints/%(endpoint_id)s' % { 'endpoint_id': self.endpoint['id']}) @@ -148,8 +150,8 @@ class EndpointPolicyTestCase(test_v3.RestfulTestCase): 'service_id': self.service['id'], 'region_id': self.region['id']} - self.put(url) - self.head(url) + self.put(url, expected_status=204) + self.head(url, expected_status=204) self.delete('/regions/%(region_id)s' % { 'region_id': self.region['id']}) @@ -163,8 +165,8 @@ class EndpointPolicyTestCase(test_v3.RestfulTestCase): 'service_id': self.service['id'], 'region_id': self.region['id']} - self.put(url) - self.head(url) + self.put(url, expected_status=204) + self.head(url, expected_status=204) self.delete('/services/%(service_id)s' % { 'service_id': self.service['id']}) @@ -177,8 +179,8 @@ class EndpointPolicyTestCase(test_v3.RestfulTestCase): 'policy_id': self.policy['id'], 'service_id': self.service['id']} - self.put(url) - self.get(url, expected_status=http_client.NO_CONTENT) + self.put(url, expected_status=204) + self.get(url, expected_status=204) self.delete('/policies/%(policy_id)s' % { 'policy_id': self.policy['id']}) @@ -191,8 +193,8 @@ class EndpointPolicyTestCase(test_v3.RestfulTestCase): 'policy_id': self.policy['id'], 'service_id': self.service['id']} - self.put(url) - self.get(url, expected_status=http_client.NO_CONTENT) + self.put(url, expected_status=204) + self.get(url, expected_status=204) self.delete('/services/%(service_id)s' % { 'service_id': self.service['id']}) diff --git a/keystone-moon/keystone/tests/unit/test_v3_federation.py b/keystone-moon/keystone/tests/unit/test_v3_federation.py index 5717e67b..4d7dcaab 100644 --- a/keystone-moon/keystone/tests/unit/test_v3_federation.py +++ b/keystone-moon/keystone/tests/unit/test_v3_federation.py @@ -815,7 +815,7 @@ class FederatedIdentityProviderTests(FederationTests): if body is None: body = self._http_idp_input() resp = self.put(url, body={'identity_provider': body}, - expected_status=http_client.CREATED) + expected_status=201) return resp def _http_idp_input(self, **kwargs): @@ -1027,7 +1027,7 @@ class FederatedIdentityProviderTests(FederationTests): url = self.base_url(suffix=uuid.uuid4().hex) body = self._http_idp_input() self.put(url, body={'identity_provider': body}, - expected_status=http_client.CREATED) + expected_status=201) self.put(url, body={'identity_provider': body}, expected_status=http_client.CONFLICT) @@ -1084,7 +1084,7 @@ class FederatedIdentityProviderTests(FederationTests): idp_url = self.base_url(suffix=idp_id) # assign protocol to IdP - kwargs = {'expected_status': http_client.CREATED} + kwargs = {'expected_status': 201} resp, idp_id, proto = self._assign_protocol_to_idp( url=url, idp_id=idp_id, @@ -1179,7 +1179,7 @@ class FederatedIdentityProviderTests(FederationTests): def test_assign_protocol_to_idp(self): """Assign a protocol to existing IdP.""" - self._assign_protocol_to_idp(expected_status=http_client.CREATED) + self._assign_protocol_to_idp(expected_status=201) def test_protocol_composite_pk(self): """Test whether Keystone let's add two entities with identical @@ -1193,7 +1193,7 @@ class FederatedIdentityProviderTests(FederationTests): """ url = self.base_url(suffix='%(idp_id)s/protocols/%(protocol_id)s') - kwargs = {'expected_status': http_client.CREATED} + kwargs = {'expected_status': 201} self._assign_protocol_to_idp(proto='saml2', url=url, **kwargs) @@ -1209,7 +1209,7 @@ class FederatedIdentityProviderTests(FederationTests): """ url = self.base_url(suffix='%(idp_id)s/protocols/%(protocol_id)s') - kwargs = {'expected_status': http_client.CREATED} + kwargs = {'expected_status': 201} resp, idp_id, proto = self._assign_protocol_to_idp(proto='saml2', url=url, **kwargs) kwargs = {'expected_status': http_client.CONFLICT} @@ -1235,8 +1235,7 @@ class FederatedIdentityProviderTests(FederationTests): def test_get_protocol(self): """Create and later fetch protocol tied to IdP.""" - resp, idp_id, proto = self._assign_protocol_to_idp( - expected_status=http_client.CREATED) + resp, idp_id, proto = self._assign_protocol_to_idp(expected_status=201) proto_id = self._fetch_attribute_from_response(resp, 'protocol')['id'] url = "%s/protocols/%s" % (idp_id, proto_id) url = self.base_url(suffix=url) @@ -1255,14 +1254,12 @@ class FederatedIdentityProviderTests(FederationTests): Compare input and output id sets. """ - resp, idp_id, proto = self._assign_protocol_to_idp( - expected_status=http_client.CREATED) + resp, idp_id, proto = self._assign_protocol_to_idp(expected_status=201) iterations = random.randint(0, 16) protocol_ids = [] for _ in range(iterations): - resp, _, proto = self._assign_protocol_to_idp( - idp_id=idp_id, - expected_status=http_client.CREATED) + resp, _, proto = self._assign_protocol_to_idp(idp_id=idp_id, + expected_status=201) proto_id = self._fetch_attribute_from_response(resp, 'protocol') proto_id = proto_id['id'] protocol_ids.append(proto_id) @@ -1281,8 +1278,7 @@ class FederatedIdentityProviderTests(FederationTests): def test_update_protocols_attribute(self): """Update protocol's attribute.""" - resp, idp_id, proto = self._assign_protocol_to_idp( - expected_status=http_client.CREATED) + resp, idp_id, proto = self._assign_protocol_to_idp(expected_status=201) new_mapping_id = uuid.uuid4().hex url = "%s/protocols/%s" % (idp_id, proto) @@ -1303,8 +1299,7 @@ class FederatedIdentityProviderTests(FederationTests): """ url = self.base_url(suffix='/%(idp_id)s/' 'protocols/%(protocol_id)s') - resp, idp_id, proto = self._assign_protocol_to_idp( - expected_status=http_client.CREATED) + resp, idp_id, proto = self._assign_protocol_to_idp(expected_status=201) url = url % {'idp_id': idp_id, 'protocol_id': proto} self.delete(url) @@ -1345,7 +1340,7 @@ class MappingCRUDTests(FederationTests): url = self.MAPPING_URL + uuid.uuid4().hex resp = self.put(url, body={'mapping': mapping_fixtures.MAPPING_LARGE}, - expected_status=http_client.CREATED) + expected_status=201) return resp def _get_id_from_response(self, resp): @@ -1362,7 +1357,7 @@ class MappingCRUDTests(FederationTests): resp = self.get(url) entities = resp.result.get('mappings') self.assertIsNotNone(entities) - self.assertResponseStatus(resp, http_client.OK) + self.assertResponseStatus(resp, 200) self.assertValidListLinks(resp.result.get('links')) self.assertEqual(1, len(entities)) @@ -1372,7 +1367,7 @@ class MappingCRUDTests(FederationTests): mapping_id = self._get_id_from_response(resp) url = url % {'mapping_id': str(mapping_id)} resp = self.delete(url) - self.assertResponseStatus(resp, http_client.NO_CONTENT) + self.assertResponseStatus(resp, 204) self.get(url, expected_status=http_client.NOT_FOUND) def test_mapping_get(self): @@ -1976,8 +1971,7 @@ class FederatedTokenTests(FederationTests, FederatedSetupMixin): token_id, 'project', self.project_all['id']) - self.v3_authenticate_token( - scoped_token, expected_status=http_client.INTERNAL_SERVER_ERROR) + self.v3_authenticate_token(scoped_token, expected_status=500) def test_lists_with_missing_group_in_backend(self): """Test a mapping that points to a group that does not exist @@ -2529,7 +2523,7 @@ class SAMLGenerationTests(FederationTests): self.sp = self.sp_ref() url = '/OS-FEDERATION/service_providers/' + self.SERVICE_PROVDIER_ID self.put(url, body={'service_provider': self.sp}, - expected_status=http_client.CREATED) + expected_status=201) def test_samlize_token_values(self): """Test the SAML generator produces a SAML object. @@ -2763,7 +2757,7 @@ class SAMLGenerationTests(FederationTests): return_value=self.signed_assertion): http_response = self.post(self.SAML_GENERATION_ROUTE, body=body, response_content_type='text/xml', - expected_status=http_client.OK) + expected_status=200) response = etree.fromstring(http_response.result) issuer = response[0] @@ -2879,7 +2873,7 @@ class SAMLGenerationTests(FederationTests): return_value=self.signed_assertion): http_response = self.post(self.ECP_GENERATION_ROUTE, body=body, response_content_type='text/xml', - expected_status=http_client.OK) + expected_status=200) env_response = etree.fromstring(http_response.result) header = env_response[0] @@ -3079,13 +3073,13 @@ class IdPMetadataGenerationTests(FederationTests): self.generator.generate_metadata) def test_get_metadata_with_no_metadata_file_configured(self): - self.get(self.METADATA_URL, - expected_status=http_client.INTERNAL_SERVER_ERROR) + self.get(self.METADATA_URL, expected_status=500) def test_get_metadata(self): self.config_fixture.config( group='saml', idp_metadata_path=XMLDIR + '/idp_saml2_metadata.xml') - r = self.get(self.METADATA_URL, response_content_type='text/xml') + r = self.get(self.METADATA_URL, response_content_type='text/xml', + expected_status=200) self.assertEqual('text/xml', r.headers.get('Content-Type')) reference_file = _load_xml('idp_saml2_metadata.xml') @@ -3108,7 +3102,7 @@ class ServiceProviderTests(FederationTests): self.SP_REF = self.sp_ref() self.SERVICE_PROVIDER = self.put( url, body={'service_provider': self.SP_REF}, - expected_status=http_client.CREATED).result + expected_status=201).result def sp_ref(self): ref = { @@ -3127,7 +3121,7 @@ class ServiceProviderTests(FederationTests): def test_get_service_provider(self): url = self.base_url(suffix=self.SERVICE_PROVIDER_ID) - resp = self.get(url) + resp = self.get(url, expected_status=200) self.assertValidEntity(resp.result['service_provider'], keys_to_check=self.SP_KEYS) @@ -3139,7 +3133,7 @@ class ServiceProviderTests(FederationTests): url = self.base_url(suffix=uuid.uuid4().hex) sp = self.sp_ref() resp = self.put(url, body={'service_provider': sp}, - expected_status=http_client.CREATED) + expected_status=201) self.assertValidEntity(resp.result['service_provider'], keys_to_check=self.SP_KEYS) @@ -3149,7 +3143,7 @@ class ServiceProviderTests(FederationTests): sp = self.sp_ref() del sp['relay_state_prefix'] resp = self.put(url, body={'service_provider': sp}, - expected_status=http_client.CREATED) + expected_status=201) sp_result = resp.result['service_provider'] self.assertEqual(CONF.saml.relay_state_prefix, sp_result['relay_state_prefix']) @@ -3161,7 +3155,7 @@ class ServiceProviderTests(FederationTests): non_default_prefix = uuid.uuid4().hex sp['relay_state_prefix'] = non_default_prefix resp = self.put(url, body={'service_provider': sp}, - expected_status=http_client.CREATED) + expected_status=201) sp_result = resp.result['service_provider'] self.assertEqual(non_default_prefix, sp_result['relay_state_prefix']) @@ -3188,8 +3182,7 @@ class ServiceProviderTests(FederationTests): } for id, sp in ref_service_providers.items(): url = self.base_url(suffix=id) - self.put(url, body={'service_provider': sp}, - expected_status=http_client.CREATED) + self.put(url, body={'service_provider': sp}, expected_status=201) # Insert ids into service provider object, we will compare it with # responses from server and those include 'id' attribute. @@ -3216,14 +3209,15 @@ class ServiceProviderTests(FederationTests): """ new_sp_ref = self.sp_ref() url = self.base_url(suffix=self.SERVICE_PROVIDER_ID) - resp = self.patch(url, body={'service_provider': new_sp_ref}) + resp = self.patch(url, body={'service_provider': new_sp_ref}, + expected_status=200) patch_result = resp.result new_sp_ref['id'] = self.SERVICE_PROVIDER_ID self.assertValidEntity(patch_result['service_provider'], ref=new_sp_ref, keys_to_check=self.SP_KEYS) - resp = self.get(url) + resp = self.get(url, expected_status=200) get_result = resp.result self.assertDictEqual(patch_result['service_provider'], @@ -3261,14 +3255,15 @@ class ServiceProviderTests(FederationTests): non_default_prefix = uuid.uuid4().hex new_sp_ref['relay_state_prefix'] = non_default_prefix url = self.base_url(suffix=self.SERVICE_PROVIDER_ID) - resp = self.patch(url, body={'service_provider': new_sp_ref}) + resp = self.patch(url, body={'service_provider': new_sp_ref}, + expected_status=200) sp_result = resp.result['service_provider'] self.assertEqual(non_default_prefix, sp_result['relay_state_prefix']) def test_delete_service_provider(self): url = self.base_url(suffix=self.SERVICE_PROVIDER_ID) - self.delete(url) + self.delete(url, expected_status=204) def test_delete_service_provider_404(self): url = self.base_url(suffix=uuid.uuid4().hex) diff --git a/keystone-moon/keystone/tests/unit/test_v3_identity.py b/keystone-moon/keystone/tests/unit/test_v3_identity.py index 3d424cea..5a8e4fd5 100644 --- a/keystone-moon/keystone/tests/unit/test_v3_identity.py +++ b/keystone-moon/keystone/tests/unit/test_v3_identity.py @@ -295,17 +295,18 @@ class IdentityTestCase(test_v3.RestfulTestCase): old_password_auth = self.build_authentication_request( user_id=user_ref['id'], password=password) - r = self.v3_authenticate_token(old_password_auth) + r = self.v3_authenticate_token(old_password_auth, expected_status=201) old_token = r.headers.get('X-Subject-Token') # auth as user with a token should work before a password change old_token_auth = self.build_authentication_request(token=old_token) - self.v3_authenticate_token(old_token_auth) + self.v3_authenticate_token(old_token_auth, expected_status=201) # administrative password reset new_password = uuid.uuid4().hex self.patch('/users/%s' % user_ref['id'], - body={'user': {'password': new_password}}) + body={'user': {'password': new_password}}, + expected_status=200) # auth as user with original password should not work after change self.v3_authenticate_token(old_password_auth, @@ -319,7 +320,7 @@ class IdentityTestCase(test_v3.RestfulTestCase): new_password_auth = self.build_authentication_request( user_id=user_ref['id'], password=new_password) - self.v3_authenticate_token(new_password_auth) + self.v3_authenticate_token(new_password_auth, expected_status=201) def test_update_user_domain_id(self): """Call ``PATCH /users/{user_id}`` with domain_id.""" @@ -370,7 +371,7 @@ class IdentityTestCase(test_v3.RestfulTestCase): # Confirm token is valid for now self.head('/auth/tokens', headers={'X-Subject-Token': token}, - expected_status=http_client.OK) + expected_status=200) # Now delete the user self.delete('/users/%(user_id)s' % { @@ -473,7 +474,8 @@ class IdentityTestCase(test_v3.RestfulTestCase): # administrative password reset new_password = uuid.uuid4().hex self.patch('/users/%s' % user_ref['id'], - body={'user': {'password': new_password}}) + body={'user': {'password': new_password}}, + expected_status=200) self.assertNotIn(password, log_fix.output) self.assertNotIn(new_password, log_fix.output) @@ -559,8 +561,7 @@ class UserSelfServiceChangingPasswordsTestCase(test_v3.RestfulTestCase): password = self.user_ref['password'] self.user_ref = self.identity_api.create_user(self.user_ref) self.user_ref['password'] = password - self.token = self.get_request_token(self.user_ref['password'], - http_client.CREATED) + self.token = self.get_request_token(self.user_ref['password'], 201) def get_request_token(self, password, expected_status): auth_data = self.build_authentication_request( @@ -580,16 +581,16 @@ class UserSelfServiceChangingPasswordsTestCase(test_v3.RestfulTestCase): def test_changing_password(self): # original password works token_id = self.get_request_token(self.user_ref['password'], - expected_status=http_client.CREATED) + expected_status=201) # original token works old_token_auth = self.build_authentication_request(token=token_id) - self.v3_authenticate_token(old_token_auth) + self.v3_authenticate_token(old_token_auth, expected_status=201) # change password new_password = uuid.uuid4().hex self.change_password(password=new_password, original_password=self.user_ref['password'], - expected_status=http_client.NO_CONTENT) + expected_status=204) # old password fails self.get_request_token(self.user_ref['password'], @@ -600,8 +601,7 @@ class UserSelfServiceChangingPasswordsTestCase(test_v3.RestfulTestCase): expected_status=http_client.NOT_FOUND) # new password works - self.get_request_token(new_password, - expected_status=http_client.CREATED) + self.get_request_token(new_password, expected_status=201) def test_changing_password_with_missing_original_password_fails(self): r = self.change_password(password=uuid.uuid4().hex, @@ -640,7 +640,7 @@ class UserSelfServiceChangingPasswordsTestCase(test_v3.RestfulTestCase): new_password = uuid.uuid4().hex self.change_password(password=new_password, original_password=self.user_ref['password'], - expected_status=http_client.NO_CONTENT) + expected_status=204) self.assertNotIn(self.user_ref['password'], log_fix.output) self.assertNotIn(new_password, log_fix.output) diff --git a/keystone-moon/keystone/tests/unit/test_v3_oauth1.py b/keystone-moon/keystone/tests/unit/test_v3_oauth1.py index 3a0d481c..8794a426 100644 --- a/keystone-moon/keystone/tests/unit/test_v3_oauth1.py +++ b/keystone-moon/keystone/tests/unit/test_v3_oauth1.py @@ -140,7 +140,7 @@ class ConsumerCRUDTests(OAuth1Tests): consumer = self._create_single_consumer() consumer_id = consumer['id'] resp = self.delete(self.CONSUMER_URL + '/%s' % consumer_id) - self.assertResponseStatus(resp, http_client.NO_CONTENT) + self.assertResponseStatus(resp, 204) def test_consumer_get(self): consumer = self._create_single_consumer() @@ -262,7 +262,7 @@ class OAuthFlowTests(OAuth1Tests): url = self._authorize_request_token(request_key) body = {'roles': [{'id': self.role_id}]} - resp = self.put(url, body=body, expected_status=http_client.OK) + resp = self.put(url, body=body, expected_status=200) self.verifier = resp.result['token']['oauth_verifier'] self.assertTrue(all(i in core.VERIFIER_CHARS for i in self.verifier)) self.assertEqual(8, len(self.verifier)) @@ -357,7 +357,7 @@ class AccessTokenCRUDTests(OAuthFlowTests): resp = self.delete('/users/%(user)s/OS-OAUTH1/access_tokens/%(auth)s' % {'user': self.user_id, 'auth': self.access_token.key}) - self.assertResponseStatus(resp, http_client.NO_CONTENT) + self.assertResponseStatus(resp, 204) # List access_token should be 0 resp = self.get('/users/%(user_id)s/OS-OAUTH1/access_tokens' @@ -400,7 +400,7 @@ class AuthTokenTests(OAuthFlowTests): resp = self.delete('/users/%(user)s/OS-OAUTH1/access_tokens/%(auth)s' % {'user': self.user_id, 'auth': self.access_token.key}) - self.assertResponseStatus(resp, http_client.NO_CONTENT) + self.assertResponseStatus(resp, 204) # Check Keystone Token no longer exists headers = {'X-Subject-Token': self.keystone_token_id, @@ -415,7 +415,7 @@ class AuthTokenTests(OAuthFlowTests): consumer_id = self.consumer['key'] resp = self.delete('/OS-OAUTH1/consumers/%(consumer_id)s' % {'consumer_id': consumer_id}) - self.assertResponseStatus(resp, http_client.NO_CONTENT) + self.assertResponseStatus(resp, 204) # List access_token should be 0 resp = self.get('/users/%(user_id)s/OS-OAUTH1/access_tokens' @@ -645,7 +645,7 @@ class MaliciousOAuth1Tests(OAuth1Tests): url = self._authorize_request_token(request_key) body = {'roles': [{'id': self.role_id}]} - resp = self.put(url, body=body, expected_status=http_client.OK) + resp = self.put(url, body=body, expected_status=200) verifier = resp.result['token']['oauth_verifier'] self.assertIsNotNone(verifier) @@ -719,7 +719,7 @@ class MaliciousOAuth1Tests(OAuth1Tests): url = self._authorize_request_token(request_key) body = {'roles': [{'id': self.role_id}]} - resp = self.put(url, body=body, expected_status=http_client.OK) + resp = self.put(url, body=body, expected_status=200) self.verifier = resp.result['token']['oauth_verifier'] self.request_token.set_verifier(self.verifier) @@ -753,8 +753,7 @@ class MaliciousOAuth1Tests(OAuth1Tests): # NOTE(stevemar): To simulate this error, we remove the Authorization # header from the post request. del headers['Authorization'] - self.post(endpoint, headers=headers, - expected_status=http_client.INTERNAL_SERVER_ERROR) + self.post(endpoint, headers=headers, expected_status=500) class OAuthNotificationTests(OAuth1Tests, @@ -830,7 +829,7 @@ class OAuthNotificationTests(OAuth1Tests, url = self._authorize_request_token(request_key) body = {'roles': [{'id': self.role_id}]} - resp = self.put(url, body=body, expected_status=http_client.OK) + resp = self.put(url, body=body, expected_status=200) self.verifier = resp.result['token']['oauth_verifier'] self.assertTrue(all(i in core.VERIFIER_CHARS for i in self.verifier)) self.assertEqual(8, len(self.verifier)) @@ -859,7 +858,7 @@ class OAuthNotificationTests(OAuth1Tests, resp = self.delete('/users/%(user)s/OS-OAUTH1/access_tokens/%(auth)s' % {'user': self.user_id, 'auth': self.access_token.key}) - self.assertResponseStatus(resp, http_client.NO_CONTENT) + self.assertResponseStatus(resp, 204) # Test to ensure the delete access token notification is sent self._assert_notify_sent(access_key, diff --git a/keystone-moon/keystone/tests/unit/test_v3_protection.py b/keystone-moon/keystone/tests/unit/test_v3_protection.py index 296e1d4b..9922ae5e 100644 --- a/keystone-moon/keystone/tests/unit/test_v3_protection.py +++ b/keystone-moon/keystone/tests/unit/test_v3_protection.py @@ -461,8 +461,7 @@ class IdentityTestPolicySample(test_v3.RestfulTestCase): token = self.get_requested_token(auth) self.head('/auth/tokens', token=token, - headers={'X-Subject-Token': token}, - expected_status=http_client.OK) + headers={'X-Subject-Token': token}, expected_status=200) def test_user_check_user_token(self): # A user can check one of their own tokens. @@ -475,8 +474,7 @@ class IdentityTestPolicySample(test_v3.RestfulTestCase): token2 = self.get_requested_token(auth) self.head('/auth/tokens', token=token1, - headers={'X-Subject-Token': token2}, - expected_status=http_client.OK) + headers={'X-Subject-Token': token2}, expected_status=200) def test_user_check_other_user_token_rejected(self): # A user cannot check another user's token. @@ -512,8 +510,7 @@ class IdentityTestPolicySample(test_v3.RestfulTestCase): user_token = self.get_requested_token(user_auth) self.head('/auth/tokens', token=admin_token, - headers={'X-Subject-Token': user_token}, - expected_status=http_client.OK) + headers={'X-Subject-Token': user_token}, expected_status=200) def test_user_revoke_same_token(self): # Given a non-admin user token, the token can be used to revoke @@ -686,8 +683,7 @@ class IdentityTestv3CloudPolicySample(test_v3.RestfulTestCase, # Return the expected return codes for APIs with and without data # with any specified status overriding the normal values if expected_status is None: - return (http_client.OK, http_client.CREATED, - http_client.NO_CONTENT) + return (200, 201, 204) else: return (expected_status, expected_status, expected_status) @@ -1054,7 +1050,7 @@ class IdentityTestv3CloudPolicySample(test_v3.RestfulTestCase, password=self.domain_admin_user['password'], domain_id=self.domainA['id']) entity_url = '/domains/%s' % self.domainA['id'] - self.get(entity_url, auth=self.auth) + self.get(entity_url, auth=self.auth, expected_status=200) def test_list_user_credentials(self): self.credential_user = self.new_credential_ref(self.just_a_user['id']) @@ -1186,8 +1182,7 @@ class IdentityTestv3CloudPolicySample(test_v3.RestfulTestCase, token = self.get_requested_token(auth) self.head('/auth/tokens', token=token, - headers={'X-Subject-Token': token}, - expected_status=http_client.OK) + headers={'X-Subject-Token': token}, expected_status=200) def test_user_check_user_token(self): # A user can check one of their own tokens. @@ -1200,8 +1195,7 @@ class IdentityTestv3CloudPolicySample(test_v3.RestfulTestCase, token2 = self.get_requested_token(auth) self.head('/auth/tokens', token=token1, - headers={'X-Subject-Token': token2}, - expected_status=http_client.OK) + headers={'X-Subject-Token': token2}, expected_status=200) def test_user_check_other_user_token_rejected(self): # A user cannot check another user's token. @@ -1237,8 +1231,7 @@ class IdentityTestv3CloudPolicySample(test_v3.RestfulTestCase, user_token = self.get_requested_token(user_auth) self.head('/auth/tokens', token=admin_token, - headers={'X-Subject-Token': user_token}, - expected_status=http_client.OK) + headers={'X-Subject-Token': user_token}, expected_status=200) def test_user_revoke_same_token(self): # Given a non-admin user token, the token can be used to revoke diff --git a/keystone-moon/keystone/tests/unit/test_versions.py b/keystone-moon/keystone/tests/unit/test_versions.py index fc8051b2..40814588 100644 --- a/keystone-moon/keystone/tests/unit/test_versions.py +++ b/keystone-moon/keystone/tests/unit/test_versions.py @@ -751,7 +751,7 @@ class VersionTestCase(unit.TestCase): def test_public_version_v2(self): client = TestClient(self.public_app) resp = client.get('/v2.0/') - self.assertEqual(http_client.OK, resp.status_int) + self.assertEqual(200, resp.status_int) data = jsonutils.loads(resp.body) expected = v2_VERSION_RESPONSE self._paste_in_port(expected['version'], @@ -762,7 +762,7 @@ class VersionTestCase(unit.TestCase): def test_admin_version_v2(self): client = TestClient(self.admin_app) resp = client.get('/v2.0/') - self.assertEqual(http_client.OK, resp.status_int) + self.assertEqual(200, resp.status_int) data = jsonutils.loads(resp.body) expected = v2_VERSION_RESPONSE self._paste_in_port(expected['version'], @@ -775,7 +775,7 @@ class VersionTestCase(unit.TestCase): for app in (self.public_app, self.admin_app): client = TestClient(app) resp = client.get('/v2.0/') - self.assertEqual(http_client.OK, resp.status_int) + self.assertEqual(200, resp.status_int) data = jsonutils.loads(resp.body) expected = v2_VERSION_RESPONSE self._paste_in_port(expected['version'], 'http://localhost/v2.0/') @@ -784,7 +784,7 @@ class VersionTestCase(unit.TestCase): def test_public_version_v3(self): client = TestClient(self.public_app) resp = client.get('/v3/') - self.assertEqual(http_client.OK, resp.status_int) + self.assertEqual(200, resp.status_int) data = jsonutils.loads(resp.body) expected = v3_VERSION_RESPONSE self._paste_in_port(expected['version'], @@ -796,7 +796,7 @@ class VersionTestCase(unit.TestCase): def test_admin_version_v3(self): client = TestClient(self.admin_app) resp = client.get('/v3/') - self.assertEqual(http_client.OK, resp.status_int) + self.assertEqual(200, resp.status_int) data = jsonutils.loads(resp.body) expected = v3_VERSION_RESPONSE self._paste_in_port(expected['version'], @@ -809,7 +809,7 @@ class VersionTestCase(unit.TestCase): for app in (self.public_app, self.admin_app): client = TestClient(app) resp = client.get('/v3/') - self.assertEqual(http_client.OK, resp.status_int) + self.assertEqual(200, resp.status_int) data = jsonutils.loads(resp.body) expected = v3_VERSION_RESPONSE self._paste_in_port(expected['version'], 'http://localhost/v3/') @@ -824,7 +824,7 @@ class VersionTestCase(unit.TestCase): # request to /v3 should pass resp = client.get('/v3/') - self.assertEqual(http_client.OK, resp.status_int) + self.assertEqual(200, resp.status_int) data = jsonutils.loads(resp.body) expected = v3_VERSION_RESPONSE self._paste_in_port(expected['version'], @@ -857,7 +857,7 @@ class VersionTestCase(unit.TestCase): # request to /v2.0 should pass resp = client.get('/v2.0/') - self.assertEqual(http_client.OK, resp.status_int) + self.assertEqual(200, resp.status_int) data = jsonutils.loads(resp.body) expected = v2_VERSION_RESPONSE self._paste_in_port(expected['version'], diff --git a/keystone-moon/keystone/tests/unit/test_wsgi.py b/keystone-moon/keystone/tests/unit/test_wsgi.py index 2a5cb386..ed4c67d6 100644 --- a/keystone-moon/keystone/tests/unit/test_wsgi.py +++ b/keystone-moon/keystone/tests/unit/test_wsgi.py @@ -112,16 +112,15 @@ class ApplicationTest(BaseWSGITest): resp = wsgi.render_response(body=data) self.assertEqual('200 OK', resp.status) - self.assertEqual(http_client.OK, resp.status_int) + self.assertEqual(200, resp.status_int) self.assertEqual(body, resp.body) self.assertEqual('X-Auth-Token', resp.headers.get('Vary')) self.assertEqual(str(len(body)), resp.headers.get('Content-Length')) def test_render_response_custom_status(self): - resp = wsgi.render_response( - status=(http_client.NOT_IMPLEMENTED, 'Not Implemented')) + resp = wsgi.render_response(status=(501, 'Not Implemented')) self.assertEqual('501 Not Implemented', resp.status) - self.assertEqual(http_client.NOT_IMPLEMENTED, resp.status_int) + self.assertEqual(501, resp.status_int) def test_successful_require_attribute(self): app = FakeAttributeCheckerApp() @@ -173,14 +172,14 @@ class ApplicationTest(BaseWSGITest): def test_render_response_no_body(self): resp = wsgi.render_response() self.assertEqual('204 No Content', resp.status) - self.assertEqual(http_client.NO_CONTENT, resp.status_int) + self.assertEqual(204, resp.status_int) self.assertEqual(b'', resp.body) self.assertEqual('0', resp.headers.get('Content-Length')) self.assertIsNone(resp.headers.get('Content-Type')) def test_render_response_head_with_body(self): resp = wsgi.render_response({'id': uuid.uuid4().hex}, method='HEAD') - self.assertEqual(http_client.OK, resp.status_int) + self.assertEqual(200, resp.status_int) self.assertEqual(b'', resp.body) self.assertNotEqual(resp.headers.get('Content-Length'), '0') self.assertEqual('application/json', resp.headers.get('Content-Type')) diff --git a/keystone-moon/keystone/tests/unit/token/test_fernet_provider.py b/keystone-moon/keystone/tests/unit/token/test_fernet_provider.py index 5f74b430..bfb590db 100644 --- a/keystone-moon/keystone/tests/unit/token/test_fernet_provider.py +++ b/keystone-moon/keystone/tests/unit/token/test_fernet_provider.py @@ -16,13 +16,17 @@ import hashlib import os import uuid +import msgpack from oslo_utils import timeutils +from six.moves import urllib from keystone.common import config from keystone.common import utils +from keystone.contrib.federation import constants as federation_constants from keystone import exception from keystone.tests import unit from keystone.tests.unit import ksfixtures +from keystone.tests.unit.ksfixtures import database from keystone.token import provider from keystone.token.providers import fernet from keystone.token.providers.fernet import token_formatters @@ -57,7 +61,156 @@ class TestFernetTokenProvider(unit.TestCase): uuid.uuid4().hex) +class TestValidate(unit.TestCase): + def setUp(self): + super(TestValidate, self).setUp() + self.useFixture(ksfixtures.KeyRepository(self.config_fixture)) + self.useFixture(database.Database()) + self.load_backends() + + def config_overrides(self): + super(TestValidate, self).config_overrides() + self.config_fixture.config(group='token', provider='fernet') + + def test_validate_v3_token_simple(self): + # Check the fields in the token result when use validate_v3_token + # with a simple token. + + domain_ref = unit.new_domain_ref() + domain_ref = self.resource_api.create_domain(domain_ref['id'], + domain_ref) + + user_ref = unit.new_user_ref(domain_ref['id']) + user_ref = self.identity_api.create_user(user_ref) + + method_names = ['password'] + token_id, token_data_ = self.token_provider_api.issue_v3_token( + user_ref['id'], method_names) + + token_data = self.token_provider_api.validate_v3_token(token_id) + token = token_data['token'] + self.assertIsInstance(token['audit_ids'], list) + self.assertIsInstance(token['expires_at'], str) + self.assertEqual({}, token['extras']) + self.assertIsInstance(token['issued_at'], str) + self.assertEqual(method_names, token['methods']) + exp_user_info = { + 'id': user_ref['id'], + 'name': user_ref['name'], + 'domain': { + 'id': domain_ref['id'], + 'name': domain_ref['name'], + }, + } + self.assertEqual(exp_user_info, token['user']) + + def test_validate_v3_token_federated_info(self): + # Check the user fields in the token result when use validate_v3_token + # when the token has federated info. + + domain_ref = unit.new_domain_ref() + domain_ref = self.resource_api.create_domain(domain_ref['id'], + domain_ref) + + user_ref = unit.new_user_ref(domain_ref['id']) + user_ref = self.identity_api.create_user(user_ref) + + method_names = ['mapped'] + + group_ids = [uuid.uuid4().hex, ] + identity_provider = uuid.uuid4().hex + protocol = uuid.uuid4().hex + auth_context = { + 'user_id': user_ref['id'], + 'group_ids': group_ids, + federation_constants.IDENTITY_PROVIDER: identity_provider, + federation_constants.PROTOCOL: protocol, + } + token_id, token_data_ = self.token_provider_api.issue_v3_token( + user_ref['id'], method_names, auth_context=auth_context) + + token_data = self.token_provider_api.validate_v3_token(token_id) + token = token_data['token'] + exp_user_info = { + 'id': user_ref['id'], + 'name': user_ref['id'], + 'domain': {'id': CONF.federation.federated_domain_name, + 'name': CONF.federation.federated_domain_name, }, + federation_constants.FEDERATION: { + 'groups': [{'id': group_id} for group_id in group_ids], + 'identity_provider': {'id': identity_provider, }, + 'protocol': {'id': protocol, }, + }, + } + self.assertEqual(exp_user_info, token['user']) + + def test_validate_v3_token_trust(self): + # Check the trust fields in the token result when use validate_v3_token + # when the token has trust info. + + domain_ref = unit.new_domain_ref() + domain_ref = self.resource_api.create_domain(domain_ref['id'], + domain_ref) + + user_ref = unit.new_user_ref(domain_ref['id']) + user_ref = self.identity_api.create_user(user_ref) + + trustor_user_ref = unit.new_user_ref(domain_ref['id']) + trustor_user_ref = self.identity_api.create_user(trustor_user_ref) + + project_ref = unit.new_project_ref(domain_id=domain_ref['id']) + project_ref = self.resource_api.create_project(project_ref['id'], + project_ref) + + role_ref = unit.new_role_ref() + role_ref = self.role_api.create_role(role_ref['id'], role_ref) + + self.assignment_api.create_grant( + role_ref['id'], user_id=user_ref['id'], + project_id=project_ref['id']) + + self.assignment_api.create_grant( + role_ref['id'], user_id=trustor_user_ref['id'], + project_id=project_ref['id']) + + trustor_user_id = trustor_user_ref['id'] + trustee_user_id = user_ref['id'] + trust_ref = unit.new_trust_ref( + trustor_user_id, trustee_user_id, project_id=project_ref['id'], + role_ids=[role_ref['id'], ]) + trust_ref = self.trust_api.create_trust(trust_ref['id'], trust_ref, + trust_ref['roles']) + + method_names = ['password'] + + token_id, token_data_ = self.token_provider_api.issue_v3_token( + user_ref['id'], method_names, project_id=project_ref['id'], + trust=trust_ref) + + token_data = self.token_provider_api.validate_v3_token(token_id) + token = token_data['token'] + exp_trust_info = { + 'id': trust_ref['id'], + 'impersonation': False, + 'trustee_user': {'id': user_ref['id'], }, + 'trustor_user': {'id': trustor_user_ref['id'], }, + } + self.assertEqual(exp_trust_info, token['OS-TRUST:trust']) + + def test_validate_v3_token_validation_error_exc(self): + # When the token format isn't recognized, TokenNotFound is raised. + + # A uuid string isn't a valid fernet token. + token_id = uuid.uuid4().hex + self.assertRaises(exception.TokenNotFound, + self.token_provider_api.validate_v3_token, token_id) + + class TestTokenFormatter(unit.TestCase): + def setUp(self): + super(TestTokenFormatter, self).setUp() + self.useFixture(ksfixtures.KeyRepository(self.config_fixture)) + def test_restore_padding(self): # 'a' will result in '==' padding, 'aa' will result in '=' padding, and # 'aaa' will result in no padding. @@ -73,6 +226,39 @@ class TestTokenFormatter(unit.TestCase): ) self.assertEqual(encoded_string, encoded_str_with_padding_restored) + def test_legacy_padding_validation(self): + first_value = uuid.uuid4().hex + second_value = uuid.uuid4().hex + payload = (first_value, second_value) + msgpack_payload = msgpack.packb(payload) + + # NOTE(lbragstad): This method perserves the way that keystone used to + # percent encode the tokens, prior to bug #1491926. + def legacy_pack(payload): + tf = token_formatters.TokenFormatter() + encrypted_payload = tf.crypto.encrypt(payload) + + # the encrypted_payload is returned with padding appended + self.assertTrue(encrypted_payload.endswith('=')) + + # using urllib.parse.quote will percent encode the padding, like + # keystone did in Kilo. + percent_encoded_payload = urllib.parse.quote(encrypted_payload) + + # ensure that the padding was actaully percent encoded + self.assertTrue(percent_encoded_payload.endswith('%3D')) + return percent_encoded_payload + + token_with_legacy_padding = legacy_pack(msgpack_payload) + tf = token_formatters.TokenFormatter() + + # demonstrate the we can validate a payload that has been percent + # encoded with the Fernet logic that existed in Kilo + serialized_payload = tf.unpack(token_with_legacy_padding) + returned_payload = msgpack.unpackb(serialized_payload) + self.assertEqual(first_value, returned_payload[0]) + self.assertEqual(second_value, returned_payload[1]) + class TestPayloads(unit.TestCase): def test_uuid_hex_to_byte_conversions(self): @@ -204,8 +390,7 @@ class TestPayloads(unit.TestCase): self.assertEqual(exp_audit_ids, audit_ids) self.assertEqual(exp_trust_id, trust_id) - def test_unscoped_payload_with_non_uuid_user_id(self): - exp_user_id = 'someNonUuidUserId' + def _test_unscoped_payload_with_user_id(self, exp_user_id): exp_methods = ['password'] exp_expires_at = utils.isotime(timeutils.utcnow(), subsecond=True) exp_audit_ids = [provider.random_urlsafe_str()] @@ -221,30 +406,15 @@ class TestPayloads(unit.TestCase): self.assertEqual(exp_expires_at, expires_at) self.assertEqual(exp_audit_ids, audit_ids) - def test_project_scoped_payload_with_non_uuid_user_id(self): - exp_user_id = 'someNonUuidUserId' - exp_methods = ['password'] - exp_project_id = uuid.uuid4().hex - exp_expires_at = utils.isotime(timeutils.utcnow(), subsecond=True) - exp_audit_ids = [provider.random_urlsafe_str()] - - payload = token_formatters.ProjectScopedPayload.assemble( - exp_user_id, exp_methods, exp_project_id, exp_expires_at, - exp_audit_ids) - - (user_id, methods, project_id, expires_at, audit_ids) = ( - token_formatters.ProjectScopedPayload.disassemble(payload)) + def test_unscoped_payload_with_non_uuid_user_id(self): + self._test_unscoped_payload_with_user_id('someNonUuidUserId') - self.assertEqual(exp_user_id, user_id) - self.assertEqual(exp_methods, methods) - self.assertEqual(exp_project_id, project_id) - self.assertEqual(exp_expires_at, expires_at) - self.assertEqual(exp_audit_ids, audit_ids) + def test_unscoped_payload_with_16_char_non_uuid_user_id(self): + self._test_unscoped_payload_with_user_id('0123456789abcdef') - def test_project_scoped_payload_with_non_uuid_project_id(self): - exp_user_id = uuid.uuid4().hex + def _test_project_scoped_payload_with_ids(self, exp_user_id, + exp_project_id): exp_methods = ['password'] - exp_project_id = 'someNonUuidProjectId' exp_expires_at = utils.isotime(timeutils.utcnow(), subsecond=True) exp_audit_ids = [provider.random_urlsafe_str()] @@ -261,8 +431,15 @@ class TestPayloads(unit.TestCase): self.assertEqual(exp_expires_at, expires_at) self.assertEqual(exp_audit_ids, audit_ids) - def test_domain_scoped_payload_with_non_uuid_user_id(self): - exp_user_id = 'someNonUuidUserId' + def test_project_scoped_payload_with_non_uuid_user_id(self): + self._test_project_scoped_payload_with_ids('someNonUuidUserId', + 'someNonUuidProjectId') + + def test_project_scoped_payload_with_16_char_non_uuid_user_id(self): + self._test_project_scoped_payload_with_ids('0123456789abcdef', + '0123456789abcdef') + + def _test_domain_scoped_payload_with_user_id(self, exp_user_id): exp_methods = ['password'] exp_domain_id = uuid.uuid4().hex exp_expires_at = utils.isotime(timeutils.utcnow(), subsecond=True) @@ -281,32 +458,14 @@ class TestPayloads(unit.TestCase): self.assertEqual(exp_expires_at, expires_at) self.assertEqual(exp_audit_ids, audit_ids) - def test_trust_scoped_payload_with_non_uuid_user_id(self): - exp_user_id = 'someNonUuidUserId' - exp_methods = ['password'] - exp_project_id = uuid.uuid4().hex - exp_expires_at = utils.isotime(timeutils.utcnow(), subsecond=True) - exp_audit_ids = [provider.random_urlsafe_str()] - exp_trust_id = uuid.uuid4().hex - - payload = token_formatters.TrustScopedPayload.assemble( - exp_user_id, exp_methods, exp_project_id, exp_expires_at, - exp_audit_ids, exp_trust_id) - - (user_id, methods, project_id, expires_at, audit_ids, trust_id) = ( - token_formatters.TrustScopedPayload.disassemble(payload)) + def test_domain_scoped_payload_with_non_uuid_user_id(self): + self._test_domain_scoped_payload_with_user_id('nonUuidUserId') - self.assertEqual(exp_user_id, user_id) - self.assertEqual(exp_methods, methods) - self.assertEqual(exp_project_id, project_id) - self.assertEqual(exp_expires_at, expires_at) - self.assertEqual(exp_audit_ids, audit_ids) - self.assertEqual(exp_trust_id, trust_id) + def test_domain_scoped_payload_with_16_char_non_uuid_user_id(self): + self._test_domain_scoped_payload_with_user_id('0123456789abcdef') - def test_trust_scoped_payload_with_non_uuid_project_id(self): - exp_user_id = uuid.uuid4().hex + def _test_trust_scoped_payload_with_ids(self, exp_user_id, exp_project_id): exp_methods = ['password'] - exp_project_id = 'someNonUuidProjectId' exp_expires_at = utils.isotime(timeutils.utcnow(), subsecond=True) exp_audit_ids = [provider.random_urlsafe_str()] exp_trust_id = uuid.uuid4().hex @@ -325,12 +484,19 @@ class TestPayloads(unit.TestCase): self.assertEqual(exp_audit_ids, audit_ids) self.assertEqual(exp_trust_id, trust_id) - def test_federated_payload_with_non_uuid_ids(self): - exp_user_id = 'someNonUuidUserId' + def test_trust_scoped_payload_with_non_uuid_user_id(self): + self._test_trust_scoped_payload_with_ids('someNonUuidUserId', + 'someNonUuidProjectId') + + def test_trust_scoped_payload_with_16_char_non_uuid_user_id(self): + self._test_trust_scoped_payload_with_ids('0123456789abcdef', + '0123456789abcdef') + + def _test_federated_payload_with_ids(self, exp_user_id, exp_group_id): exp_methods = ['password'] exp_expires_at = utils.isotime(timeutils.utcnow(), subsecond=True) exp_audit_ids = [provider.random_urlsafe_str()] - exp_federated_info = {'group_ids': [{'id': 'someNonUuidGroupId'}], + exp_federated_info = {'group_ids': [{'id': exp_group_id}], 'idp_id': uuid.uuid4().hex, 'protocol_id': uuid.uuid4().hex} @@ -352,6 +518,14 @@ class TestPayloads(unit.TestCase): self.assertEqual(exp_federated_info['protocol_id'], federated_info['protocol_id']) + def test_federated_payload_with_non_uuid_ids(self): + self._test_federated_payload_with_ids('someNonUuidUserId', + 'someNonUuidGroupId') + + def test_federated_payload_with_16_char_non_uuid_ids(self): + self._test_federated_payload_with_ids('0123456789abcdef', + '0123456789abcdef') + def test_federated_project_scoped_payload(self): exp_user_id = 'someNonUuidUserId' exp_methods = ['token'] diff --git a/keystone-moon/keystone/token/providers/fernet/core.py b/keystone-moon/keystone/token/providers/fernet/core.py index 1bbacb03..a71c375b 100644 --- a/keystone-moon/keystone/token/providers/fernet/core.py +++ b/keystone-moon/keystone/token/providers/fernet/core.py @@ -167,7 +167,9 @@ class Provider(common.BaseProvider): 'user': { federation_constants.FEDERATION: federated_info, 'id': user_id, - 'name': user_id + 'name': user_id, + 'domain': {'id': CONF.federation.federated_domain_name, + 'name': CONF.federation.federated_domain_name, }, } } diff --git a/keystone-moon/keystone/token/providers/fernet/token_formatters.py b/keystone-moon/keystone/token/providers/fernet/token_formatters.py index f0b6271d..dbfee6dd 100644 --- a/keystone-moon/keystone/token/providers/fernet/token_formatters.py +++ b/keystone-moon/keystone/token/providers/fernet/token_formatters.py @@ -22,6 +22,7 @@ from oslo_log import log from oslo_utils import timeutils import six from six.moves import map +from six.moves import urllib from keystone.auth import plugins as auth_plugins from keystone.common import utils as ks_utils @@ -73,8 +74,19 @@ class TokenFormatter(object): """Unpack a token, and validate the payload.""" token = six.binary_type(token) - # Restore padding on token before decoding it - token = TokenFormatter.restore_padding(token) + # TODO(lbragstad): Restore padding on token before decoding it. + # Initially in Kilo, Fernet tokens were returned to the user with + # padding appended to the token. Later in Liberty this padding was + # removed and restored in the Fernet provider. The following if + # statement ensures that we can validate tokens with and without token + # padding, in the event of an upgrade and the tokens that are issued + # throughout the upgrade. Remove this if statement when Mitaka opens + # for development and exclusively use the restore_padding() class + # method. + if token.endswith('%3D'): + token = urllib.parse.unquote(token) + else: + token = TokenFormatter.restore_padding(token) try: return self.crypto.decrypt(token) @@ -338,15 +350,16 @@ class BasePayload(object): """Attempt to convert value to bytes or return value. :param value: value to attempt to convert to bytes - :returns: uuid value in bytes or value + :returns: tuple containing boolean indicating whether user_id was + stored as bytes and uuid value as bytes or the original value """ try: - return cls.convert_uuid_hex_to_bytes(value) + return (True, cls.convert_uuid_hex_to_bytes(value)) except ValueError: # this might not be a UUID, depending on the situation (i.e. # federation) - return value + return (False, value) @classmethod def attempt_convert_uuid_bytes_to_hex(cls, value): @@ -392,7 +405,9 @@ class UnscopedPayload(BasePayload): audit_ids """ - user_id = cls.attempt_convert_uuid_bytes_to_hex(payload[0]) + (is_stored_as_bytes, user_id) = payload[0] + if is_stored_as_bytes: + user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) expires_at_str = cls._convert_int_to_time_string(payload[2]) audit_ids = list(map(provider.base64_encode, payload[3])) @@ -438,7 +453,9 @@ class DomainScopedPayload(BasePayload): expires_at_str, and audit_ids """ - user_id = cls.attempt_convert_uuid_bytes_to_hex(payload[0]) + (is_stored_as_bytes, user_id) = payload[0] + if is_stored_as_bytes: + user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) try: domain_id = cls.convert_uuid_bytes_to_hex(payload[2]) @@ -486,9 +503,13 @@ class ProjectScopedPayload(BasePayload): expires_at_str, and audit_ids """ - user_id = cls.attempt_convert_uuid_bytes_to_hex(payload[0]) + (is_stored_as_bytes, user_id) = payload[0] + if is_stored_as_bytes: + user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) - project_id = cls.attempt_convert_uuid_bytes_to_hex(payload[2]) + (is_stored_as_bytes, project_id) = payload[2] + if is_stored_as_bytes: + project_id = cls.attempt_convert_uuid_bytes_to_hex(project_id) expires_at_str = cls._convert_int_to_time_string(payload[3]) audit_ids = list(map(provider.base64_encode, payload[4])) @@ -532,9 +553,13 @@ class TrustScopedPayload(BasePayload): expires_at_str, audit_ids, and trust_id """ - user_id = cls.attempt_convert_uuid_bytes_to_hex(payload[0]) + (is_stored_as_bytes, user_id) = payload[0] + if is_stored_as_bytes: + user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) - project_id = cls.attempt_convert_uuid_bytes_to_hex(payload[2]) + (is_stored_as_bytes, project_id) = payload[2] + if is_stored_as_bytes: + project_id = cls.attempt_convert_uuid_bytes_to_hex(project_id) expires_at_str = cls._convert_int_to_time_string(payload[3]) audit_ids = list(map(provider.base64_encode, payload[4])) trust_id = cls.convert_uuid_bytes_to_hex(payload[5]) @@ -552,7 +577,9 @@ class FederatedUnscopedPayload(BasePayload): @classmethod def unpack_group_id(cls, group_id_in_bytes): - group_id = cls.attempt_convert_uuid_bytes_to_hex(group_id_in_bytes) + (is_stored_as_bytes, group_id) = group_id_in_bytes + if is_stored_as_bytes: + group_id = cls.attempt_convert_uuid_bytes_to_hex(group_id) return {'id': group_id} @classmethod @@ -596,10 +623,14 @@ class FederatedUnscopedPayload(BasePayload): """ - user_id = cls.attempt_convert_uuid_bytes_to_hex(payload[0]) + (is_stored_as_bytes, user_id) = payload[0] + if is_stored_as_bytes: + user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) group_ids = list(map(cls.unpack_group_id, payload[2])) - idp_id = cls.attempt_convert_uuid_bytes_to_hex(payload[3]) + (is_stored_as_bytes, idp_id) = payload[3] + if is_stored_as_bytes: + idp_id = cls.attempt_convert_uuid_bytes_to_hex(idp_id) protocol_id = payload[4] expires_at_str = cls._convert_int_to_time_string(payload[5]) audit_ids = list(map(provider.base64_encode, payload[6])) @@ -653,11 +684,17 @@ class FederatedScopedPayload(FederatedUnscopedPayload): group IDs """ - user_id = cls.attempt_convert_uuid_bytes_to_hex(payload[0]) + (is_stored_as_bytes, user_id) = payload[0] + if is_stored_as_bytes: + user_id = cls.attempt_convert_uuid_bytes_to_hex(user_id) methods = auth_plugins.convert_integer_to_method_list(payload[1]) - scope_id = cls.attempt_convert_uuid_bytes_to_hex(payload[2]) + (is_stored_as_bytes, scope_id) = payload[2] + if is_stored_as_bytes: + scope_id = cls.attempt_convert_uuid_bytes_to_hex(scope_id) group_ids = list(map(cls.unpack_group_id, payload[3])) - idp_id = cls.attempt_convert_uuid_bytes_to_hex(payload[4]) + (is_stored_as_bytes, idp_id) = payload[4] + if is_stored_as_bytes: + idp_id = cls.attempt_convert_uuid_bytes_to_hex(idp_id) protocol_id = payload[5] expires_at_str = cls._convert_int_to_time_string(payload[6]) audit_ids = list(map(provider.base64_encode, payload[7])) diff --git a/keystone-moon/releasenotes/notes/.placeholder b/keystone-moon/releasenotes/notes/.placeholder new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/keystone-moon/releasenotes/notes/.placeholder diff --git a/keystone-moon/releasenotes/notes/deprecations-c4afc19dc5324b9c.yaml b/keystone-moon/releasenotes/notes/deprecations-c4afc19dc5324b9c.yaml new file mode 100644 index 00000000..0c1c4f11 --- /dev/null +++ b/keystone-moon/releasenotes/notes/deprecations-c4afc19dc5324b9c.yaml @@ -0,0 +1,19 @@ +--- +other: + - Running keystone in eventlet remains deprecated and will be removed in the + Mitaka release. + - Using LDAP as the resource backend, i.e for projects and domains, is now + deprecated and will be removed in the Mitaka release. + - Using the full path to the driver class is deprecated in favor of using + the entrypoint. In the Mitaka release, the entrypoint must be used. + - In the [resource] and [role] sections of the ``keystone.conf`` file, not + specifying the driver and using the assignment driver is deprecated. In + the Mitaka release, the resource and role drivers will default to the SQL + driver. + - In ``keystone-paste.ini``, using ``paste.filter_factory`` is deprecated in + favor of the "use" directive, specifying an entrypoint. + - Not specifying a domain during a create user, group or project call, which + relied on falling back to the default domain, is now deprecated and will + be removed in the N release. + - Certain deprecated methods from the assignment manager were removed in + favor of the same methods in the [resource] and [role] manager. diff --git a/keystone-moon/releasenotes/notes/new_features-e33d793d8a5ca76a.yaml b/keystone-moon/releasenotes/notes/new_features-e33d793d8a5ca76a.yaml new file mode 100644 index 00000000..06e1db2c --- /dev/null +++ b/keystone-moon/releasenotes/notes/new_features-e33d793d8a5ca76a.yaml @@ -0,0 +1,21 @@ +--- +features: + - > + **Experimental** - Domain specific configuration options can be stored in + SQL instead of configuration files, using the new REST APIs. + - > + **Experimental** - Keystone now supports tokenless authorization with + X.509 SSL client certificate. + - Configuring per-Identity Provider WebSSO is now supported. + - > + ``openstack_user_domain`` and ``openstack_project_domain`` attributes were + added to SAML assertion in order to map user and project domains, + respectively. + - The credentials list call can now have its results filtered by credential + type. + - Support was improved for out-of-tree drivers by defining stable driver + interfaces. + - Several features were hardened, including Fernet tokens, federation, + domain specific configurations from database and role assignments. + - Certain variables in ``keystone.conf`` now have options, which determine + if the user's setting is valid. diff --git a/keystone-moon/releasenotes/notes/upgrade_notes-ca81f5d531ab3522.yaml b/keystone-moon/releasenotes/notes/upgrade_notes-ca81f5d531ab3522.yaml new file mode 100644 index 00000000..be8282ce --- /dev/null +++ b/keystone-moon/releasenotes/notes/upgrade_notes-ca81f5d531ab3522.yaml @@ -0,0 +1,31 @@ +--- +upgrade: + - The EC2 token middleware, deprecated in Juno, is no longer available in + keystone. It has been moved to the keystonemiddleware package. + - The ``compute_port`` configuration option, deprecated in Juno, is no longer + available. + - The XML middleware stub has been removed, so references to it must be + removed from the ``keystone-paste.ini`` configuration file. + - stats_monitoring and stats_reporting paste filters have been removed, so + references to it must be removed from the ``keystone-paste.ini`` + configuration file. + - The external authentication plugins ExternalDefault, ExternalDomain, + LegacyDefaultDomain, and LegacyDomain, deprecated in Icehouse, are no + longer available. + - The ``keystone.conf`` file now references entrypoint names for drivers. + For example, the drivers are now specified as "sql", "ldap", "uuid", + rather than the full module path. See the sample configuration file for + other examples. + - We now expose entrypoints for the ``keystone-manage`` command instead of a + file. + - Schema downgrades via ``keystone-manage db_sync`` are no longer supported. + Only upgrades are supported. + - Features that were "extensions" in previous releases (OAuth delegation, + Federated Identity support, Endpoint Policy, etc) are now enabled by + default. + - A new ``secure_proxy_ssl_header`` configuration option is available when + running keystone behind a proxy. + - Several configuration options have been deprecated, renamed, or moved to + new sections in the ``keystone.conf`` file. + - Domain name information can now be used in policy rules with the attribute + ``domain_name``. diff --git a/keystone-moon/releasenotes/source/_static/.placeholder b/keystone-moon/releasenotes/source/_static/.placeholder new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/keystone-moon/releasenotes/source/_static/.placeholder diff --git a/keystone-moon/releasenotes/source/_templates/.placeholder b/keystone-moon/releasenotes/source/_templates/.placeholder new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/keystone-moon/releasenotes/source/_templates/.placeholder diff --git a/keystone-moon/releasenotes/source/conf.py b/keystone-moon/releasenotes/source/conf.py new file mode 100644 index 00000000..6df2e041 --- /dev/null +++ b/keystone-moon/releasenotes/source/conf.py @@ -0,0 +1,275 @@ +# -*- coding: utf-8 -*- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Keystone Release Notes documentation build configuration file, created by +# sphinx-quickstart on Tue Nov 3 17:40:50 2015. +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# sys.path.insert(0, os.path.abspath('.')) + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +extensions = [ + 'oslosphinx', + 'reno.sphinxext', +] + +# Add any paths that contain templates here, relative to this directory. +templates_path = ['_templates'] + +# The suffix of source filenames. +source_suffix = '.rst' + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +project = u'Keystone Release Notes' +copyright = u'2015, Keystone Developers' + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The short X.Y version. +import pbr.version +keystone_version = pbr.version.VersionInfo('keystone') +# The full version, including alpha/beta/rc tags. +release = keystone_version.version_string_with_vcs() +# The short X.Y version. +version = keystone_version.canonical_version_string() + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = [] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = 'default' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# html_theme_options = {} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# "<project> v<release> documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +html_static_path = ['_static'] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# html_last_updated_fmt = '%b %d, %Y' + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a <link> tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Output file base name for HTML help builder. +htmlhelp_basename = 'KeystoneReleaseNotesdoc' + + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + + # Additional stuff for the LaTeX preamble. + # 'preamble': '', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ('index', 'KeystoneReleaseNotes.tex', + u'Keystone Release Notes Documentation', + u'Keystone Developers', 'manual'), +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ('index', 'keystonereleasenotes', u'Keystone Release Notes Documentation', + [u'Keystone Developers'], 1) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ('index', 'KeystoneReleaseNotes', u'Keystone Release Notes Documentation', + u'Keystone Developers', 'KeystoneReleaseNotes', + 'Identity, Authentication and Access Management for OpenStack.', + 'Miscellaneous'), +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False diff --git a/keystone-moon/releasenotes/source/index.rst b/keystone-moon/releasenotes/source/index.rst new file mode 100644 index 00000000..9139d688 --- /dev/null +++ b/keystone-moon/releasenotes/source/index.rst @@ -0,0 +1,9 @@ +======================== + Keystone Release Notes +======================== + +.. toctree:: + :maxdepth: 1 + + liberty + unreleased diff --git a/keystone-moon/releasenotes/source/liberty.rst b/keystone-moon/releasenotes/source/liberty.rst new file mode 100644 index 00000000..36217be8 --- /dev/null +++ b/keystone-moon/releasenotes/source/liberty.rst @@ -0,0 +1,6 @@ +============================== + Liberty Series Release Notes +============================== + +.. release-notes:: + :branch: origin/stable/liberty diff --git a/keystone-moon/releasenotes/source/unreleased.rst b/keystone-moon/releasenotes/source/unreleased.rst new file mode 100644 index 00000000..cd22aabc --- /dev/null +++ b/keystone-moon/releasenotes/source/unreleased.rst @@ -0,0 +1,5 @@ +============================== + Current Series Release Notes +============================== + +.. release-notes:: diff --git a/keystone-moon/requirements.txt b/keystone-moon/requirements.txt index 555a148f..8bc177b1 100644 --- a/keystone-moon/requirements.txt +++ b/keystone-moon/requirements.txt @@ -16,12 +16,12 @@ SQLAlchemy<1.1.0,>=0.9.9 sqlalchemy-migrate>=0.9.6 stevedore>=1.5.0 # Apache-2.0 passlib>=1.6 -python-keystoneclient>=1.6.0 -keystonemiddleware>=2.0.0 +python-keystoneclient!=1.8.0,>=1.6.0 +keystonemiddleware!=2.4.0,>=2.0.0 oslo.concurrency>=2.3.0 # Apache-2.0 oslo.config>=2.3.0 # Apache-2.0 oslo.context>=0.2.0 # Apache-2.0 -oslo.messaging!=1.17.0,!=1.17.1,>=1.16.0 # Apache-2.0 +oslo.messaging!=1.17.0,!=1.17.1,!=2.6.0,!=2.6.1,!=2.7.0,!=2.8.0,!=2.8.1,!=2.9.0,>=1.16.0 # Apache-2.0 oslo.db>=2.4.1 # Apache-2.0 oslo.i18n>=1.5.0 # Apache-2.0 oslo.log>=1.8.0 # Apache-2.0 @@ -29,7 +29,7 @@ oslo.middleware>=2.8.0 # Apache-2.0 oslo.policy>=0.5.0 # Apache-2.0 oslo.serialization>=1.4.0 # Apache-2.0 oslo.service>=0.7.0 # Apache-2.0 -oslo.utils>=2.0.0 # Apache-2.0 +oslo.utils!=2.6.0,>=2.0.0 # Apache-2.0 oauthlib>=0.6 pysaml2>=2.4.0 dogpile.cache>=0.5.4 diff --git a/keystone-moon/setup.cfg b/keystone-moon/setup.cfg index c40aa3b8..7788537e 100644 --- a/keystone-moon/setup.cfg +++ b/keystone-moon/setup.cfg @@ -1,6 +1,5 @@ [metadata] name = keystone -version = 9.0.0 summary = OpenStack Identity description-file = README.rst @@ -171,18 +170,6 @@ keystone.revoke = kvs = keystone.contrib.revoke.backends.kvs:Revoke sql = keystone.contrib.revoke.backends.sql:Revoke -keystone.moon.configuration = - ram = keystone.contrib.moon.backends.memory:ConfigurationConnector - -keystone.moon.intraextension = - sql = keystone.contrib.moon.backends.sql:IntraExtensionConnector - -keystone.moon.log = - flat = keystone.contrib.moon.backends.flat:LogConnector - -keystone.moon.tenant = - sql = keystone.contrib.moon.backends.sql:TenantConnector - oslo.config.opts = keystone = keystone.common.config:list_opts keystone.notifications = keystone.notifications:list_opts @@ -196,7 +183,6 @@ paste.filter_factory = ec2_extension = keystone.contrib.ec2:Ec2Extension.factory ec2_extension_v3 = keystone.contrib.ec2:Ec2ExtensionV3.factory federation_extension = keystone.contrib.federation.routers:FederationExtension.factory - moon_extension = keystone.contrib.moon.routers:Routers.factory json_body = keystone.middleware:JsonBodyMiddleware.factory oauth1_extension = keystone.contrib.oauth1.routers:OAuth1Extension.factory request_id = oslo_middleware:RequestId.factory diff --git a/keystone-moon/test-requirements.txt b/keystone-moon/test-requirements.txt index a027613f..f10b9929 100644 --- a/keystone-moon/test-requirements.txt +++ b/keystone-moon/test-requirements.txt @@ -29,8 +29,9 @@ testtools>=1.4.0 # For documentation oslosphinx>=2.5.0 # Apache-2.0 +reno>=0.1.1 # Apache2 tempest-lib>=0.8.0 # Functional tests. -requests>=2.5.2 +requests!=2.8.0,>=2.5.2 diff --git a/keystone-moon/tox.ini b/keystone-moon/tox.ini index 0d249105..af1d9b82 100644 --- a/keystone-moon/tox.ini +++ b/keystone-moon/tox.ini @@ -1,7 +1,7 @@ [tox] minversion = 1.6 skipsdist = True -envlist = py27,py34,pep8,docs,genconfig +envlist = py27,py34,pep8,docs,genconfig,releasenotes [testenv] usedevelop = True @@ -97,6 +97,9 @@ commands= bash -c "rm -rf doc/source/api" python setup.py build_sphinx +[testenv:releasenotes] +commands = sphinx-build -a -E -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html + [testenv:genconfig] commands = oslo-config-generator --config-file=config-generator/keystone.conf |