diff options
Diffstat (limited to 'keystone-moon/keystone/trust/schema.py')
-rw-r--r-- | keystone-moon/keystone/trust/schema.py | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/keystone-moon/keystone/trust/schema.py b/keystone-moon/keystone/trust/schema.py new file mode 100644 index 00000000..087cd1e9 --- /dev/null +++ b/keystone-moon/keystone/trust/schema.py @@ -0,0 +1,46 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from keystone.common import validation +from keystone.common.validation import parameter_types + + +_trust_properties = { + 'trustor_user_id': parameter_types.id_string, + 'trustee_user_id': parameter_types.id_string, + 'impersonation': parameter_types.boolean, + 'project_id': validation.nullable(parameter_types.id_string), + 'remaining_uses': { + 'type': ['integer', 'null'], + 'minimum': 1 + }, + 'expires_at': { + 'type': ['null', 'string'] + }, + 'allow_redelegation': { + 'type': ['boolean', 'null'] + }, + 'redelegation_count': { + 'type': ['integer', 'null'], + 'minimum': 0 + }, + # TODO(lbragstad): Need to find a better way to do this. We should be + # checking that a role is a list of IDs and/or names. + 'roles': validation.add_array_type(parameter_types.id_string) +} + +trust_create = { + 'type': 'object', + 'properties': _trust_properties, + 'required': ['trustor_user_id', 'trustee_user_id', 'impersonation'], + 'additionalProperties': True +} |