diff options
Diffstat (limited to 'keystone-moon/keystone/assignment')
5 files changed, 17 insertions, 8 deletions
diff --git a/keystone-moon/keystone/assignment/backends/ldap.py b/keystone-moon/keystone/assignment/backends/ldap.py index 4ca66c4d..b52dc46e 100644 --- a/keystone-moon/keystone/assignment/backends/ldap.py +++ b/keystone-moon/keystone/assignment/backends/ldap.py @@ -31,11 +31,11 @@ CONF = cfg.CONF LOG = log.getLogger(__name__) -class Assignment(assignment.Driver): +class Assignment(assignment.AssignmentDriverV8): @versionutils.deprecated( versionutils.deprecated.KILO, remove_in=+2, - what='ldap') + what='ldap assignment') def __init__(self): super(Assignment, self).__init__() self.LDAP_URL = CONF.ldap.url diff --git a/keystone-moon/keystone/assignment/backends/sql.py b/keystone-moon/keystone/assignment/backends/sql.py index 89ff64b5..e249ba34 100644 --- a/keystone-moon/keystone/assignment/backends/sql.py +++ b/keystone-moon/keystone/assignment/backends/sql.py @@ -49,7 +49,7 @@ class AssignmentType(object): raise exception.AssignmentTypeCalculationError(**locals()) -class Assignment(keystone_assignment.Driver): +class Assignment(keystone_assignment.AssignmentDriverV8): def default_role_driver(self): return 'sql' diff --git a/keystone-moon/keystone/assignment/core.py b/keystone-moon/keystone/assignment/core.py index a001e6b1..a510c3c1 100644 --- a/keystone-moon/keystone/assignment/core.py +++ b/keystone-moon/keystone/assignment/core.py @@ -381,7 +381,10 @@ class Manager(manager.Manager): self.driver.remove_role_from_user_and_project(user_id, project_id, role_id) - self.identity_api.emit_invalidate_user_token_persistence(user_id) + if project_id: + self._emit_invalidate_grant_token_persistence(user_id, project_id) + else: + self.identity_api.emit_invalidate_user_token_persistence(user_id) self.revoke_api.revoke_by_grant(role_id, user_id=user_id, project_id=project_id) @@ -911,7 +914,7 @@ class Manager(manager.Manager): @six.add_metaclass(abc.ABCMeta) -class Driver(object): +class AssignmentDriverV8(object): def _role_to_dict(self, role_id, inherited): role_dict = {'id': role_id} @@ -1158,6 +1161,9 @@ class Driver(object): raise exception.NotImplemented() # pragma: no cover +Driver = manager.create_legacy_driver(AssignmentDriverV8) + + @dependency.provider('role_api') @dependency.requires('assignment_api') class RoleManager(manager.Manager): @@ -1219,7 +1225,7 @@ class RoleManager(manager.Manager): @six.add_metaclass(abc.ABCMeta) -class RoleDriver(object): +class RoleDriverV8(object): def _get_list_limit(self): return CONF.role.list_limit or CONF.list_limit @@ -1287,3 +1293,6 @@ class RoleDriver(object): """ raise exception.NotImplemented() # pragma: no cover + + +RoleDriver = manager.create_legacy_driver(RoleDriverV8) diff --git a/keystone-moon/keystone/assignment/role_backends/ldap.py b/keystone-moon/keystone/assignment/role_backends/ldap.py index d5a06a4c..6e5e038e 100644 --- a/keystone-moon/keystone/assignment/role_backends/ldap.py +++ b/keystone-moon/keystone/assignment/role_backends/ldap.py @@ -27,7 +27,7 @@ CONF = cfg.CONF LOG = log.getLogger(__name__) -class Role(assignment.RoleDriver): +class Role(assignment.RoleDriverV8): def __init__(self): super(Role, self).__init__() diff --git a/keystone-moon/keystone/assignment/role_backends/sql.py b/keystone-moon/keystone/assignment/role_backends/sql.py index f19d1827..3c707aa8 100644 --- a/keystone-moon/keystone/assignment/role_backends/sql.py +++ b/keystone-moon/keystone/assignment/role_backends/sql.py @@ -15,7 +15,7 @@ from keystone.common import sql from keystone import exception -class Role(assignment.RoleDriver): +class Role(assignment.RoleDriverV8): @sql.handle_conflicts(conflict_type='role') def create_role(self, role_id, role): |