aboutsummaryrefslogtreecommitdiffstats
path: root/keystone-moon/keystone/assignment
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon/keystone/assignment')
-rw-r--r--keystone-moon/keystone/assignment/backends/ldap.py4
-rw-r--r--keystone-moon/keystone/assignment/backends/sql.py2
-rw-r--r--keystone-moon/keystone/assignment/core.py15
-rw-r--r--keystone-moon/keystone/assignment/role_backends/ldap.py2
-rw-r--r--keystone-moon/keystone/assignment/role_backends/sql.py2
5 files changed, 17 insertions, 8 deletions
diff --git a/keystone-moon/keystone/assignment/backends/ldap.py b/keystone-moon/keystone/assignment/backends/ldap.py
index 4ca66c4d..b52dc46e 100644
--- a/keystone-moon/keystone/assignment/backends/ldap.py
+++ b/keystone-moon/keystone/assignment/backends/ldap.py
@@ -31,11 +31,11 @@ CONF = cfg.CONF
LOG = log.getLogger(__name__)
-class Assignment(assignment.Driver):
+class Assignment(assignment.AssignmentDriverV8):
@versionutils.deprecated(
versionutils.deprecated.KILO,
remove_in=+2,
- what='ldap')
+ what='ldap assignment')
def __init__(self):
super(Assignment, self).__init__()
self.LDAP_URL = CONF.ldap.url
diff --git a/keystone-moon/keystone/assignment/backends/sql.py b/keystone-moon/keystone/assignment/backends/sql.py
index 89ff64b5..e249ba34 100644
--- a/keystone-moon/keystone/assignment/backends/sql.py
+++ b/keystone-moon/keystone/assignment/backends/sql.py
@@ -49,7 +49,7 @@ class AssignmentType(object):
raise exception.AssignmentTypeCalculationError(**locals())
-class Assignment(keystone_assignment.Driver):
+class Assignment(keystone_assignment.AssignmentDriverV8):
def default_role_driver(self):
return 'sql'
diff --git a/keystone-moon/keystone/assignment/core.py b/keystone-moon/keystone/assignment/core.py
index a001e6b1..a510c3c1 100644
--- a/keystone-moon/keystone/assignment/core.py
+++ b/keystone-moon/keystone/assignment/core.py
@@ -381,7 +381,10 @@ class Manager(manager.Manager):
self.driver.remove_role_from_user_and_project(user_id, project_id,
role_id)
- self.identity_api.emit_invalidate_user_token_persistence(user_id)
+ if project_id:
+ self._emit_invalidate_grant_token_persistence(user_id, project_id)
+ else:
+ self.identity_api.emit_invalidate_user_token_persistence(user_id)
self.revoke_api.revoke_by_grant(role_id, user_id=user_id,
project_id=project_id)
@@ -911,7 +914,7 @@ class Manager(manager.Manager):
@six.add_metaclass(abc.ABCMeta)
-class Driver(object):
+class AssignmentDriverV8(object):
def _role_to_dict(self, role_id, inherited):
role_dict = {'id': role_id}
@@ -1158,6 +1161,9 @@ class Driver(object):
raise exception.NotImplemented() # pragma: no cover
+Driver = manager.create_legacy_driver(AssignmentDriverV8)
+
+
@dependency.provider('role_api')
@dependency.requires('assignment_api')
class RoleManager(manager.Manager):
@@ -1219,7 +1225,7 @@ class RoleManager(manager.Manager):
@six.add_metaclass(abc.ABCMeta)
-class RoleDriver(object):
+class RoleDriverV8(object):
def _get_list_limit(self):
return CONF.role.list_limit or CONF.list_limit
@@ -1287,3 +1293,6 @@ class RoleDriver(object):
"""
raise exception.NotImplemented() # pragma: no cover
+
+
+RoleDriver = manager.create_legacy_driver(RoleDriverV8)
diff --git a/keystone-moon/keystone/assignment/role_backends/ldap.py b/keystone-moon/keystone/assignment/role_backends/ldap.py
index d5a06a4c..6e5e038e 100644
--- a/keystone-moon/keystone/assignment/role_backends/ldap.py
+++ b/keystone-moon/keystone/assignment/role_backends/ldap.py
@@ -27,7 +27,7 @@ CONF = cfg.CONF
LOG = log.getLogger(__name__)
-class Role(assignment.RoleDriver):
+class Role(assignment.RoleDriverV8):
def __init__(self):
super(Role, self).__init__()
diff --git a/keystone-moon/keystone/assignment/role_backends/sql.py b/keystone-moon/keystone/assignment/role_backends/sql.py
index f19d1827..3c707aa8 100644
--- a/keystone-moon/keystone/assignment/role_backends/sql.py
+++ b/keystone-moon/keystone/assignment/role_backends/sql.py
@@ -15,7 +15,7 @@ from keystone.common import sql
from keystone import exception
-class Role(assignment.RoleDriver):
+class Role(assignment.RoleDriverV8):
@sql.handle_conflicts(conflict_type='role')
def create_role(self, role_id, role):