diff options
Diffstat (limited to 'keystone-moon/keystone/resource')
| -rw-r--r-- | keystone-moon/keystone/resource/backends/ldap.py | 7 | ||||
| -rw-r--r-- | keystone-moon/keystone/resource/backends/sql.py | 2 | ||||
| -rw-r--r-- | keystone-moon/keystone/resource/config_backends/sql.py | 35 | ||||
| -rw-r--r-- | keystone-moon/keystone/resource/core.py | 106 |
4 files changed, 122 insertions, 28 deletions
diff --git a/keystone-moon/keystone/resource/backends/ldap.py b/keystone-moon/keystone/resource/backends/ldap.py index 43684035..566adc5d 100644 --- a/keystone-moon/keystone/resource/backends/ldap.py +++ b/keystone-moon/keystone/resource/backends/ldap.py @@ -16,6 +16,7 @@ import uuid from oslo_config import cfg from oslo_log import log +from oslo_log import versionutils from keystone.common import clean from keystone.common import driver_hints @@ -31,7 +32,11 @@ CONF = cfg.CONF LOG = log.getLogger(__name__) -class Resource(resource.Driver): +class Resource(resource.ResourceDriverV8): + @versionutils.deprecated( + versionutils.deprecated.LIBERTY, + remove_in=+1, + what='ldap resource') def __init__(self): super(Resource, self).__init__() self.LDAP_URL = CONF.ldap.url diff --git a/keystone-moon/keystone/resource/backends/sql.py b/keystone-moon/keystone/resource/backends/sql.py index 3a0d8cea..59bab372 100644 --- a/keystone-moon/keystone/resource/backends/sql.py +++ b/keystone-moon/keystone/resource/backends/sql.py @@ -24,7 +24,7 @@ CONF = cfg.CONF LOG = log.getLogger(__name__) -class Resource(keystone_resource.Driver): +class Resource(keystone_resource.ResourceDriverV8): def default_assignment_driver(self): return 'sql' diff --git a/keystone-moon/keystone/resource/config_backends/sql.py b/keystone-moon/keystone/resource/config_backends/sql.py index e54bf22b..7c296074 100644 --- a/keystone-moon/keystone/resource/config_backends/sql.py +++ b/keystone-moon/keystone/resource/config_backends/sql.py @@ -42,7 +42,13 @@ class SensitiveConfig(sql.ModelBase, sql.ModelDictMixin): return d -class DomainConfig(resource.DomainConfigDriver): +class ConfigRegister(sql.ModelBase, sql.ModelDictMixin): + __tablename__ = 'config_register' + type = sql.Column(sql.String(64), primary_key=True) + domain_id = sql.Column(sql.String(64), nullable=False) + + +class DomainConfig(resource.DomainConfigDriverV8): def choose_table(self, sensitive): if sensitive: @@ -117,3 +123,30 @@ class DomainConfig(resource.DomainConfigDriver): if option: query = query.filter_by(option=option) query.delete(False) + + def obtain_registration(self, domain_id, type): + try: + with sql.transaction() as session: + ref = ConfigRegister(type=type, domain_id=domain_id) + session.add(ref) + return True + except sql.DBDuplicateEntry: + pass + return False + + def read_registration(self, type): + with sql.transaction() as session: + ref = session.query(ConfigRegister).get(type) + if not ref: + raise exception.ConfigRegistrationNotFound() + return ref.domain_id + + def release_registration(self, domain_id, type=None): + """Silently delete anything registered for the domain specified.""" + + with sql.transaction() as session: + query = session.query(ConfigRegister) + if type: + query = query.filter_by(type=type) + query = query.filter_by(domain_id=domain_id) + query.delete(False) diff --git a/keystone-moon/keystone/resource/core.py b/keystone-moon/keystone/resource/core.py index ca69b729..6015107d 100644 --- a/keystone-moon/keystone/resource/core.py +++ b/keystone-moon/keystone/resource/core.py @@ -118,7 +118,7 @@ class Manager(manager.Manager): def assert_domain_enabled(self, domain_id, domain=None): """Assert the Domain is enabled. - :raise AssertionError if domain is disabled. + :raise AssertionError: if domain is disabled. """ if domain is None: domain = self.get_domain(domain_id) @@ -133,7 +133,7 @@ class Manager(manager.Manager): If config's option is empty the default hardcoded value 'Federated' will be used. - :raise AssertionError if domain named match the value in the config. + :raise AssertionError: if domain named match the value in the config. """ # NOTE(marek-denis): We cannot create this attribute in the __init__ as @@ -149,7 +149,7 @@ class Manager(manager.Manager): def assert_project_enabled(self, project_id, project=None): """Assert the project is enabled and its associated domain is enabled. - :raise AssertionError if the project or domain is disabled. + :raise AssertionError: if the project or domain is disabled. """ if project is None: project = self.get_project(project_id) @@ -460,6 +460,7 @@ class Manager(manager.Manager): # Delete any database stored domain config self.domain_config_api.delete_config_options(domain_id) self.domain_config_api.delete_config_options(domain_id, sensitive=True) + self.domain_config_api.release_registration(domain_id) # TODO(henry-nash): Although the controller will ensure deletion of # all users & groups within the domain (which will cause all # assignments for those users/groups to also be deleted), there @@ -541,7 +542,7 @@ class Manager(manager.Manager): @six.add_metaclass(abc.ABCMeta) -class Driver(object): +class ResourceDriverV8(object): def _get_list_limit(self): return CONF.resource.list_limit or CONF.list_limit @@ -551,7 +552,8 @@ class Driver(object): """Get a tenant by name. :returns: tenant_ref - :raises: keystone.exception.ProjectNotFound + :raises keystone.exception.ProjectNotFound: if a project with the + tenant_name does not exist within the domain """ raise exception.NotImplemented() # pragma: no cover @@ -561,7 +563,8 @@ class Driver(object): def create_domain(self, domain_id, domain): """Creates a new domain. - :raises: keystone.exception.Conflict + :raises keystone.exception.Conflict: if the domain_id or domain name + already exists """ raise exception.NotImplemented() # pragma: no cover @@ -597,7 +600,7 @@ class Driver(object): """Get a domain by ID. :returns: domain_ref - :raises: keystone.exception.DomainNotFound + :raises keystone.exception.DomainNotFound: if domain_id does not exist """ raise exception.NotImplemented() # pragma: no cover @@ -607,7 +610,8 @@ class Driver(object): """Get a domain by name. :returns: domain_ref - :raises: keystone.exception.DomainNotFound + :raises keystone.exception.DomainNotFound: if domain_name does not + exist """ raise exception.NotImplemented() # pragma: no cover @@ -616,8 +620,8 @@ class Driver(object): def update_domain(self, domain_id, domain): """Updates an existing domain. - :raises: keystone.exception.DomainNotFound, - keystone.exception.Conflict + :raises keystone.exception.DomainNotFound: if domain_id does not exist + :raises keystone.exception.Conflict: if domain name already exists """ raise exception.NotImplemented() # pragma: no cover @@ -626,7 +630,7 @@ class Driver(object): def delete_domain(self, domain_id): """Deletes an existing domain. - :raises: keystone.exception.DomainNotFound + :raises keystone.exception.DomainNotFound: if domain_id does not exist """ raise exception.NotImplemented() # pragma: no cover @@ -636,7 +640,8 @@ class Driver(object): def create_project(self, project_id, project): """Creates a new project. - :raises: keystone.exception.Conflict + :raises keystone.exception.Conflict: if project_id or project name + already exists """ raise exception.NotImplemented() # pragma: no cover @@ -698,7 +703,8 @@ class Driver(object): """Get a project by ID. :returns: project_ref - :raises: keystone.exception.ProjectNotFound + :raises keystone.exception.ProjectNotFound: if project_id does not + exist """ raise exception.NotImplemented() # pragma: no cover @@ -707,8 +713,9 @@ class Driver(object): def update_project(self, project_id, project): """Updates an existing project. - :raises: keystone.exception.ProjectNotFound, - keystone.exception.Conflict + :raises keystone.exception.ProjectNotFound: if project_id does not + exist + :raises keystone.exception.Conflict: if project name already exists """ raise exception.NotImplemented() # pragma: no cover @@ -717,7 +724,8 @@ class Driver(object): def delete_project(self, project_id): """Deletes an existing project. - :raises: keystone.exception.ProjectNotFound + :raises keystone.exception.ProjectNotFound: if project_id does not + exist """ raise exception.NotImplemented() # pragma: no cover @@ -730,7 +738,8 @@ class Driver(object): project. :returns: a list of project_refs or an empty list. - :raises: keystone.exception.ProjectNotFound + :raises keystone.exception.ProjectNotFound: if project_id does not + exist """ raise exception.NotImplemented() @@ -744,7 +753,8 @@ class Driver(object): this project. :returns: a list of project_refs or an empty list - :raises: keystone.exception.ProjectNotFound + :raises keystone.exception.ProjectNotFound: if project_id does not + exist """ raise exception.NotImplemented() @@ -756,7 +766,8 @@ class Driver(object): :param project_id: the driver will check if this project is a leaf in the hierarchy. - :raises: keystone.exception.ProjectNotFound + :raises keystone.exception.ProjectNotFound: if project_id does not + exist """ raise exception.NotImplemented() @@ -796,6 +807,9 @@ class Driver(object): raise exception.DomainNotFound(domain_id=domain_id) +Driver = manager.create_legacy_driver(ResourceDriverV8) + + MEMOIZE_CONFIG = cache.get_memoization_decorator(section='domain_config') @@ -1272,7 +1286,7 @@ class DomainConfigManager(manager.Manager): @six.add_metaclass(abc.ABCMeta) -class DomainConfigDriver(object): +class DomainConfigDriverV8(object): """Interface description for a Domain Config driver.""" @abc.abstractmethod @@ -1287,7 +1301,7 @@ class DomainConfigDriver(object): :param sensitive: whether the option is sensitive :returns: dict containing group, option and value - :raises: keystone.exception.Conflict + :raises keystone.exception.Conflict: when the option already exists """ raise exception.NotImplemented() # pragma: no cover @@ -1302,8 +1316,8 @@ class DomainConfigDriver(object): :param sensitive: whether the option is sensitive :returns: dict containing group, option and value - :raises: keystone.exception.DomainConfigNotFound: the option doesn't - exist. + :raises keystone.exception.DomainConfigNotFound: the option doesn't + exist. """ raise exception.NotImplemented() # pragma: no cover @@ -1336,8 +1350,8 @@ class DomainConfigDriver(object): :param sensitive: whether the option is sensitive :returns: dict containing updated group, option and value - :raises: keystone.exception.DomainConfigNotFound: the option doesn't - exist. + :raises keystone.exception.DomainConfigNotFound: the option doesn't + exist. """ raise exception.NotImplemented() # pragma: no cover @@ -1359,3 +1373,45 @@ class DomainConfigDriver(object): """ raise exception.NotImplemented() # pragma: no cover + + @abc.abstractmethod + def obtain_registration(self, domain_id, type): + """Try and register this domain to use the type specified. + + :param domain_id: the domain required + :param type: type of registration + :returns: True if the domain was registered, False otherwise. Failing + to register means that someone already has it (which could + even be the domain being requested). + + """ + raise exception.NotImplemented() # pragma: no cover + + @abc.abstractmethod + def read_registration(self, type): + """Get the domain ID of who is registered to use this type. + + :param type: type of registration + :returns: domain_id of who is registered. + :raises: keystone.exception.ConfigRegistrationNotFound: nobody is + registered. + + """ + raise exception.NotImplemented() # pragma: no cover + + @abc.abstractmethod + def release_registration(self, domain_id, type=None): + """Release registration if it is held by the domain specified. + + If the specified domain is registered for this domain then free it, + if it is not then do nothing - no exception is raised. + + :param domain_id: the domain in question + :param type: type of registration, if None then all registrations + for this domain will be freed + + """ + raise exception.NotImplemented() # pragma: no cover + + +DomainConfigDriver = manager.create_legacy_driver(DomainConfigDriverV8) |