diff options
Diffstat (limited to 'keystone-moon/keystone/resource/backends/ldap.py')
-rw-r--r-- | keystone-moon/keystone/resource/backends/ldap.py | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/keystone-moon/keystone/resource/backends/ldap.py b/keystone-moon/keystone/resource/backends/ldap.py index 434c2b04..43684035 100644 --- a/keystone-moon/keystone/resource/backends/ldap.py +++ b/keystone-moon/keystone/resource/backends/ldap.py @@ -17,7 +17,7 @@ import uuid from oslo_config import cfg from oslo_log import log -from keystone import clean +from keystone.common import clean from keystone.common import driver_hints from keystone.common import ldap as common_ldap from keystone.common import models @@ -47,7 +47,7 @@ class Resource(resource.Driver): self.project = ProjectApi(CONF) def default_assignment_driver(self): - return 'keystone.assignment.backends.ldap.Assignment' + return 'ldap' def _set_default_parent_project(self, ref): """If the parent project ID has not been set, set it to None.""" @@ -60,6 +60,14 @@ class Resource(resource.Driver): else: raise ValueError(_('Expected dict or list: %s') % type(ref)) + def _set_default_is_domain_project(self, ref): + if isinstance(ref, dict): + return dict(ref, is_domain=False) + elif isinstance(ref, list): + return [self._set_default_is_domain_project(x) for x in ref] + else: + raise ValueError(_('Expected dict or list: %s') % type(ref)) + def _validate_parent_project_is_none(self, ref): """If a parent_id different from None was given, raises InvalidProjectException. @@ -69,8 +77,15 @@ class Resource(resource.Driver): if parent_id is not None: raise exception.InvalidParentProject(parent_id) + def _validate_is_domain_field_is_false(self, ref): + is_domain = ref.pop('is_domain', None) + if is_domain: + raise exception.ValidationError(_('LDAP does not support projects ' + 'with is_domain flag enabled')) + def _set_default_attributes(self, project_ref): project_ref = self._set_default_domain(project_ref) + project_ref = self._set_default_is_domain_project(project_ref) return self._set_default_parent_project(project_ref) def get_project(self, tenant_id): @@ -116,8 +131,8 @@ class Resource(resource.Driver): def create_project(self, tenant_id, tenant): self.project.check_allow_create() - tenant = self._validate_default_domain(tenant) self._validate_parent_project_is_none(tenant) + self._validate_is_domain_field_is_false(tenant) tenant['name'] = clean.project_name(tenant['name']) data = tenant.copy() if 'id' not in data or data['id'] is None: @@ -130,6 +145,7 @@ class Resource(resource.Driver): def update_project(self, tenant_id, tenant): self.project.check_allow_update() tenant = self._validate_default_domain(tenant) + self._validate_is_domain_field_is_false(tenant) if 'name' in tenant: tenant['name'] = clean.project_name(tenant['name']) return self._set_default_attributes( |