From 920a49cfa055733d575282973e23558c33087a4a Mon Sep 17 00:00:00 2001 From: RHE Date: Fri, 24 Nov 2017 13:54:26 +0100 Subject: remove keystone-moon Change-Id: I80d7c9b669f19d5f6607e162de8e0e55c2f80fdd Signed-off-by: RHE --- keystone-moon/keystone/catalog/__init__.py | 16 - .../keystone/catalog/backends/__init__.py | 0 keystone-moon/keystone/catalog/backends/kvs.py | 154 ---- keystone-moon/keystone/catalog/backends/sql.py | 572 ------------- .../keystone/catalog/backends/templated.py | 298 ------- keystone-moon/keystone/catalog/controllers.py | 615 -------------- keystone-moon/keystone/catalog/core.py | 894 --------------------- keystone-moon/keystone/catalog/routers.py | 182 ----- keystone-moon/keystone/catalog/schema.py | 119 --- 9 files changed, 2850 deletions(-) delete mode 100644 keystone-moon/keystone/catalog/__init__.py delete mode 100644 keystone-moon/keystone/catalog/backends/__init__.py delete mode 100644 keystone-moon/keystone/catalog/backends/kvs.py delete mode 100644 keystone-moon/keystone/catalog/backends/sql.py delete mode 100644 keystone-moon/keystone/catalog/backends/templated.py delete mode 100644 keystone-moon/keystone/catalog/controllers.py delete mode 100644 keystone-moon/keystone/catalog/core.py delete mode 100644 keystone-moon/keystone/catalog/routers.py delete mode 100644 keystone-moon/keystone/catalog/schema.py (limited to 'keystone-moon/keystone/catalog') diff --git a/keystone-moon/keystone/catalog/__init__.py b/keystone-moon/keystone/catalog/__init__.py deleted file mode 100644 index 29f297d6..00000000 --- a/keystone-moon/keystone/catalog/__init__.py +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright 2012 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -from keystone.catalog import controllers # noqa -from keystone.catalog.core import * # noqa diff --git a/keystone-moon/keystone/catalog/backends/__init__.py b/keystone-moon/keystone/catalog/backends/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/keystone-moon/keystone/catalog/backends/kvs.py b/keystone-moon/keystone/catalog/backends/kvs.py deleted file mode 100644 index fe975d9d..00000000 --- a/keystone-moon/keystone/catalog/backends/kvs.py +++ /dev/null @@ -1,154 +0,0 @@ -# Copyright 2012 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - - -from keystone import catalog -from keystone.common import driver_hints -from keystone.common import kvs - - -class Catalog(kvs.Base, catalog.CatalogDriverV8): - # Public interface - def get_catalog(self, user_id, tenant_id): - return self.db.get('catalog-%s-%s' % (tenant_id, user_id)) - - # region crud - - def _delete_child_regions(self, region_id, root_region_id): - """Delete all child regions. - - Recursively delete any region that has the supplied region - as its parent. - """ - children = [r for r in self.list_regions(driver_hints.Hints()) - if r['parent_region_id'] == region_id] - for child in children: - if child['id'] == root_region_id: - # Hit a circular region hierarchy - return - self._delete_child_regions(child['id'], root_region_id) - self._delete_region(child['id']) - - def _check_parent_region(self, region_ref): - """Raise a NotFound if the parent region does not exist. - - If the region_ref has a specified parent_region_id, check that - the parent exists, otherwise, raise a NotFound. - """ - parent_region_id = region_ref.get('parent_region_id') - if parent_region_id is not None: - # This will raise NotFound if the parent doesn't exist, - # which is the behavior we want. - self.get_region(parent_region_id) - - def create_region(self, region): - region_id = region['id'] - region.setdefault('parent_region_id') - self._check_parent_region(region) - self.db.set('region-%s' % region_id, region) - region_list = set(self.db.get('region_list', [])) - region_list.add(region_id) - self.db.set('region_list', list(region_list)) - return region - - def list_regions(self, hints): - return [self.get_region(x) for x in self.db.get('region_list', [])] - - def get_region(self, region_id): - return self.db.get('region-%s' % region_id) - - def update_region(self, region_id, region): - self._check_parent_region(region) - old_region = self.get_region(region_id) - old_region.update(region) - self._ensure_no_circle_in_hierarchical_regions(old_region) - self.db.set('region-%s' % region_id, old_region) - return old_region - - def _delete_region(self, region_id): - self.db.delete('region-%s' % region_id) - region_list = set(self.db.get('region_list', [])) - region_list.remove(region_id) - self.db.set('region_list', list(region_list)) - - def delete_region(self, region_id): - self._delete_child_regions(region_id, region_id) - self._delete_region(region_id) - - # service crud - - def create_service(self, service_id, service): - self.db.set('service-%s' % service_id, service) - service_list = set(self.db.get('service_list', [])) - service_list.add(service_id) - self.db.set('service_list', list(service_list)) - return service - - def list_services(self, hints): - return [self.get_service(x) for x in self.db.get('service_list', [])] - - def get_service(self, service_id): - return self.db.get('service-%s' % service_id) - - def update_service(self, service_id, service): - old_service = self.get_service(service_id) - old_service.update(service) - self.db.set('service-%s' % service_id, old_service) - return old_service - - def delete_service(self, service_id): - # delete referencing endpoints - for endpoint_id in self.db.get('endpoint_list', []): - if self.get_endpoint(endpoint_id)['service_id'] == service_id: - self.delete_endpoint(endpoint_id) - - self.db.delete('service-%s' % service_id) - service_list = set(self.db.get('service_list', [])) - service_list.remove(service_id) - self.db.set('service_list', list(service_list)) - - # endpoint crud - - def create_endpoint(self, endpoint_id, endpoint): - self.db.set('endpoint-%s' % endpoint_id, endpoint) - endpoint_list = set(self.db.get('endpoint_list', [])) - endpoint_list.add(endpoint_id) - self.db.set('endpoint_list', list(endpoint_list)) - return endpoint - - def list_endpoints(self, hints): - return [self.get_endpoint(x) for x in self.db.get('endpoint_list', [])] - - def get_endpoint(self, endpoint_id): - return self.db.get('endpoint-%s' % endpoint_id) - - def update_endpoint(self, endpoint_id, endpoint): - if endpoint.get('region_id') is not None: - self.get_region(endpoint['region_id']) - - old_endpoint = self.get_endpoint(endpoint_id) - old_endpoint.update(endpoint) - self.db.set('endpoint-%s' % endpoint_id, old_endpoint) - return old_endpoint - - def delete_endpoint(self, endpoint_id): - self.db.delete('endpoint-%s' % endpoint_id) - endpoint_list = set(self.db.get('endpoint_list', [])) - endpoint_list.remove(endpoint_id) - self.db.set('endpoint_list', list(endpoint_list)) - - # Private interface - def _create_catalog(self, user_id, tenant_id, data): - self.db.set('catalog-%s-%s' % (tenant_id, user_id), data) - return data diff --git a/keystone-moon/keystone/catalog/backends/sql.py b/keystone-moon/keystone/catalog/backends/sql.py deleted file mode 100644 index bd92f107..00000000 --- a/keystone-moon/keystone/catalog/backends/sql.py +++ /dev/null @@ -1,572 +0,0 @@ -# Copyright 2012 OpenStack Foundation -# Copyright 2012 Canonical Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -import itertools - -from oslo_config import cfg -import sqlalchemy -from sqlalchemy.sql import true - -from keystone import catalog -from keystone.catalog import core -from keystone.common import driver_hints -from keystone.common import sql -from keystone import exception -from keystone.i18n import _ - - -CONF = cfg.CONF - - -class Region(sql.ModelBase, sql.DictBase): - __tablename__ = 'region' - attributes = ['id', 'description', 'parent_region_id'] - id = sql.Column(sql.String(255), primary_key=True) - description = sql.Column(sql.String(255), nullable=False) - # NOTE(jaypipes): Right now, using an adjacency list model for - # storing the hierarchy of regions is fine, since - # the API does not support any kind of querying for - # more complex hierarchical queries such as "get me only - # the regions that are subchildren of this region", etc. - # If, in the future, such queries are needed, then it - # would be possible to add in columns to this model for - # "left" and "right" and provide support for a nested set - # model. - parent_region_id = sql.Column(sql.String(255), nullable=True) - extra = sql.Column(sql.JsonBlob()) - endpoints = sqlalchemy.orm.relationship("Endpoint", backref="region") - - -class Service(sql.ModelBase, sql.DictBase): - __tablename__ = 'service' - attributes = ['id', 'type', 'enabled'] - id = sql.Column(sql.String(64), primary_key=True) - type = sql.Column(sql.String(255)) - enabled = sql.Column(sql.Boolean, nullable=False, default=True, - server_default=sqlalchemy.sql.expression.true()) - extra = sql.Column(sql.JsonBlob()) - endpoints = sqlalchemy.orm.relationship("Endpoint", backref="service") - - -class Endpoint(sql.ModelBase, sql.DictBase): - __tablename__ = 'endpoint' - attributes = ['id', 'interface', 'region_id', 'service_id', 'url', - 'legacy_endpoint_id', 'enabled'] - id = sql.Column(sql.String(64), primary_key=True) - legacy_endpoint_id = sql.Column(sql.String(64)) - interface = sql.Column(sql.String(8), nullable=False) - region_id = sql.Column(sql.String(255), - sql.ForeignKey('region.id', - ondelete='RESTRICT'), - nullable=True, - default=None) - service_id = sql.Column(sql.String(64), - sql.ForeignKey('service.id'), - nullable=False) - url = sql.Column(sql.Text(), nullable=False) - enabled = sql.Column(sql.Boolean, nullable=False, default=True, - server_default=sqlalchemy.sql.expression.true()) - extra = sql.Column(sql.JsonBlob()) - - -class Catalog(catalog.CatalogDriverV8): - # Regions - def list_regions(self, hints): - with sql.session_for_read() as session: - regions = session.query(Region) - regions = sql.filter_limit_query(Region, regions, hints) - return [s.to_dict() for s in list(regions)] - - def _get_region(self, session, region_id): - ref = session.query(Region).get(region_id) - if not ref: - raise exception.RegionNotFound(region_id=region_id) - return ref - - def _delete_child_regions(self, session, region_id, root_region_id): - """Delete all child regions. - - Recursively delete any region that has the supplied region - as its parent. - """ - children = session.query(Region).filter_by(parent_region_id=region_id) - for child in children: - if child.id == root_region_id: - # Hit a circular region hierarchy - return - self._delete_child_regions(session, child.id, root_region_id) - session.delete(child) - - def _check_parent_region(self, session, region_ref): - """Raise a NotFound if the parent region does not exist. - - If the region_ref has a specified parent_region_id, check that - the parent exists, otherwise, raise a NotFound. - """ - parent_region_id = region_ref.get('parent_region_id') - if parent_region_id is not None: - # This will raise NotFound if the parent doesn't exist, - # which is the behavior we want. - self._get_region(session, parent_region_id) - - def _has_endpoints(self, session, region, root_region): - if region.endpoints is not None and len(region.endpoints) > 0: - return True - - q = session.query(Region) - q = q.filter_by(parent_region_id=region.id) - for child in q.all(): - if child.id == root_region.id: - # Hit a circular region hierarchy - return False - if self._has_endpoints(session, child, root_region): - return True - return False - - def get_region(self, region_id): - with sql.session_for_read() as session: - return self._get_region(session, region_id).to_dict() - - def delete_region(self, region_id): - with sql.session_for_write() as session: - ref = self._get_region(session, region_id) - if self._has_endpoints(session, ref, ref): - raise exception.RegionDeletionError(region_id=region_id) - self._delete_child_regions(session, region_id, region_id) - session.delete(ref) - - @sql.handle_conflicts(conflict_type='region') - def create_region(self, region_ref): - with sql.session_for_write() as session: - self._check_parent_region(session, region_ref) - region = Region.from_dict(region_ref) - session.add(region) - return region.to_dict() - - def update_region(self, region_id, region_ref): - with sql.session_for_write() as session: - self._check_parent_region(session, region_ref) - ref = self._get_region(session, region_id) - old_dict = ref.to_dict() - old_dict.update(region_ref) - self._ensure_no_circle_in_hierarchical_regions(old_dict) - new_region = Region.from_dict(old_dict) - for attr in Region.attributes: - if attr != 'id': - setattr(ref, attr, getattr(new_region, attr)) - return ref.to_dict() - - # Services - @driver_hints.truncated - def list_services(self, hints): - with sql.session_for_read() as session: - services = session.query(Service) - services = sql.filter_limit_query(Service, services, hints) - return [s.to_dict() for s in list(services)] - - def _get_service(self, session, service_id): - ref = session.query(Service).get(service_id) - if not ref: - raise exception.ServiceNotFound(service_id=service_id) - return ref - - def get_service(self, service_id): - with sql.session_for_read() as session: - return self._get_service(session, service_id).to_dict() - - def delete_service(self, service_id): - with sql.session_for_write() as session: - ref = self._get_service(session, service_id) - session.query(Endpoint).filter_by(service_id=service_id).delete() - session.delete(ref) - - def create_service(self, service_id, service_ref): - with sql.session_for_write() as session: - service = Service.from_dict(service_ref) - session.add(service) - return service.to_dict() - - def update_service(self, service_id, service_ref): - with sql.session_for_write() as session: - ref = self._get_service(session, service_id) - old_dict = ref.to_dict() - old_dict.update(service_ref) - new_service = Service.from_dict(old_dict) - for attr in Service.attributes: - if attr != 'id': - setattr(ref, attr, getattr(new_service, attr)) - ref.extra = new_service.extra - return ref.to_dict() - - # Endpoints - def create_endpoint(self, endpoint_id, endpoint_ref): - new_endpoint = Endpoint.from_dict(endpoint_ref) - with sql.session_for_write() as session: - session.add(new_endpoint) - return new_endpoint.to_dict() - - def delete_endpoint(self, endpoint_id): - with sql.session_for_write() as session: - ref = self._get_endpoint(session, endpoint_id) - session.delete(ref) - - def _get_endpoint(self, session, endpoint_id): - try: - return session.query(Endpoint).filter_by(id=endpoint_id).one() - except sql.NotFound: - raise exception.EndpointNotFound(endpoint_id=endpoint_id) - - def get_endpoint(self, endpoint_id): - with sql.session_for_read() as session: - return self._get_endpoint(session, endpoint_id).to_dict() - - @driver_hints.truncated - def list_endpoints(self, hints): - with sql.session_for_read() as session: - endpoints = session.query(Endpoint) - endpoints = sql.filter_limit_query(Endpoint, endpoints, hints) - return [e.to_dict() for e in list(endpoints)] - - def update_endpoint(self, endpoint_id, endpoint_ref): - with sql.session_for_write() as session: - ref = self._get_endpoint(session, endpoint_id) - old_dict = ref.to_dict() - old_dict.update(endpoint_ref) - new_endpoint = Endpoint.from_dict(old_dict) - for attr in Endpoint.attributes: - if attr != 'id': - setattr(ref, attr, getattr(new_endpoint, attr)) - ref.extra = new_endpoint.extra - return ref.to_dict() - - def get_catalog(self, user_id, tenant_id): - """Retrieve and format the V2 service catalog. - - :param user_id: The id of the user who has been authenticated for - creating service catalog. - :param tenant_id: The id of the project. 'tenant_id' will be None - in the case this being called to create a catalog to go in a - domain scoped token. In this case, any endpoint that requires - a tenant_id as part of their URL will be skipped (as would a whole - service if, as a consequence, it has no valid endpoints). - - :returns: A nested dict representing the service catalog or an - empty dict. - - """ - substitutions = dict( - itertools.chain(CONF.items(), CONF.eventlet_server.items())) - substitutions.update({'user_id': user_id}) - silent_keyerror_failures = [] - if tenant_id: - substitutions.update({ - 'tenant_id': tenant_id, - 'project_id': tenant_id - }) - else: - silent_keyerror_failures = ['tenant_id', 'project_id', ] - - with sql.session_for_read() as session: - endpoints = (session.query(Endpoint). - options(sql.joinedload(Endpoint.service)). - filter(Endpoint.enabled == true()).all()) - - catalog = {} - - for endpoint in endpoints: - if not endpoint.service['enabled']: - continue - try: - formatted_url = core.format_url( - endpoint['url'], substitutions, - silent_keyerror_failures=silent_keyerror_failures) - if formatted_url is not None: - url = formatted_url - else: - continue - except exception.MalformedEndpoint: - continue # this failure is already logged in format_url() - - region = endpoint['region_id'] - service_type = endpoint.service['type'] - default_service = { - 'id': endpoint['id'], - 'name': endpoint.service.extra.get('name', ''), - 'publicURL': '' - } - catalog.setdefault(region, {}) - catalog[region].setdefault(service_type, default_service) - interface_url = '%sURL' % endpoint['interface'] - catalog[region][service_type][interface_url] = url - - return catalog - - def get_v3_catalog(self, user_id, tenant_id): - """Retrieve and format the current V3 service catalog. - - :param user_id: The id of the user who has been authenticated for - creating service catalog. - :param tenant_id: The id of the project. 'tenant_id' will be None in - the case this being called to create a catalog to go in a domain - scoped token. In this case, any endpoint that requires a - tenant_id as part of their URL will be skipped. - - :returns: A list representing the service catalog or an empty list - - """ - d = dict( - itertools.chain(CONF.items(), CONF.eventlet_server.items())) - d.update({'user_id': user_id}) - silent_keyerror_failures = [] - if tenant_id: - d.update({ - 'tenant_id': tenant_id, - 'project_id': tenant_id, - }) - else: - silent_keyerror_failures = ['tenant_id', 'project_id', ] - - with sql.session_for_read() as session: - services = (session.query(Service).filter( - Service.enabled == true()).options( - sql.joinedload(Service.endpoints)).all()) - - def make_v3_endpoints(endpoints): - for endpoint in (ep.to_dict() - for ep in endpoints if ep.enabled): - del endpoint['service_id'] - del endpoint['legacy_endpoint_id'] - del endpoint['enabled'] - endpoint['region'] = endpoint['region_id'] - try: - formatted_url = core.format_url( - endpoint['url'], d, - silent_keyerror_failures=silent_keyerror_failures) - if formatted_url: - endpoint['url'] = formatted_url - else: - continue - except exception.MalformedEndpoint: - # this failure is already logged in format_url() - continue - - yield endpoint - - # TODO(davechen): If there is service with no endpoints, we should - # skip the service instead of keeping it in the catalog, - # see bug #1436704. - def make_v3_service(svc): - eps = list(make_v3_endpoints(svc.endpoints)) - service = {'endpoints': eps, 'id': svc.id, 'type': svc.type} - service['name'] = svc.extra.get('name', '') - return service - - return [make_v3_service(svc) for svc in services] - - @sql.handle_conflicts(conflict_type='project_endpoint') - def add_endpoint_to_project(self, endpoint_id, project_id): - with sql.session_for_write() as session: - endpoint_filter_ref = ProjectEndpoint(endpoint_id=endpoint_id, - project_id=project_id) - session.add(endpoint_filter_ref) - - def _get_project_endpoint_ref(self, session, endpoint_id, project_id): - endpoint_filter_ref = session.query(ProjectEndpoint).get( - (endpoint_id, project_id)) - if endpoint_filter_ref is None: - msg = _('Endpoint %(endpoint_id)s not found in project ' - '%(project_id)s') % {'endpoint_id': endpoint_id, - 'project_id': project_id} - raise exception.NotFound(msg) - return endpoint_filter_ref - - def check_endpoint_in_project(self, endpoint_id, project_id): - with sql.session_for_read() as session: - self._get_project_endpoint_ref(session, endpoint_id, project_id) - - def remove_endpoint_from_project(self, endpoint_id, project_id): - with sql.session_for_write() as session: - endpoint_filter_ref = self._get_project_endpoint_ref( - session, endpoint_id, project_id) - session.delete(endpoint_filter_ref) - - def list_endpoints_for_project(self, project_id): - with sql.session_for_read() as session: - query = session.query(ProjectEndpoint) - query = query.filter_by(project_id=project_id) - endpoint_filter_refs = query.all() - return [ref.to_dict() for ref in endpoint_filter_refs] - - def list_projects_for_endpoint(self, endpoint_id): - with sql.session_for_read() as session: - query = session.query(ProjectEndpoint) - query = query.filter_by(endpoint_id=endpoint_id) - endpoint_filter_refs = query.all() - return [ref.to_dict() for ref in endpoint_filter_refs] - - def delete_association_by_endpoint(self, endpoint_id): - with sql.session_for_write() as session: - query = session.query(ProjectEndpoint) - query = query.filter_by(endpoint_id=endpoint_id) - query.delete(synchronize_session=False) - - def delete_association_by_project(self, project_id): - with sql.session_for_write() as session: - query = session.query(ProjectEndpoint) - query = query.filter_by(project_id=project_id) - query.delete(synchronize_session=False) - - def create_endpoint_group(self, endpoint_group_id, endpoint_group): - with sql.session_for_write() as session: - endpoint_group_ref = EndpointGroup.from_dict(endpoint_group) - session.add(endpoint_group_ref) - return endpoint_group_ref.to_dict() - - def _get_endpoint_group(self, session, endpoint_group_id): - endpoint_group_ref = session.query(EndpointGroup).get( - endpoint_group_id) - if endpoint_group_ref is None: - raise exception.EndpointGroupNotFound( - endpoint_group_id=endpoint_group_id) - return endpoint_group_ref - - def get_endpoint_group(self, endpoint_group_id): - with sql.session_for_read() as session: - endpoint_group_ref = self._get_endpoint_group(session, - endpoint_group_id) - return endpoint_group_ref.to_dict() - - def update_endpoint_group(self, endpoint_group_id, endpoint_group): - with sql.session_for_write() as session: - endpoint_group_ref = self._get_endpoint_group(session, - endpoint_group_id) - old_endpoint_group = endpoint_group_ref.to_dict() - old_endpoint_group.update(endpoint_group) - new_endpoint_group = EndpointGroup.from_dict(old_endpoint_group) - for attr in EndpointGroup.mutable_attributes: - setattr(endpoint_group_ref, attr, - getattr(new_endpoint_group, attr)) - return endpoint_group_ref.to_dict() - - def delete_endpoint_group(self, endpoint_group_id): - with sql.session_for_write() as session: - endpoint_group_ref = self._get_endpoint_group(session, - endpoint_group_id) - self._delete_endpoint_group_association_by_endpoint_group( - session, endpoint_group_id) - session.delete(endpoint_group_ref) - - def get_endpoint_group_in_project(self, endpoint_group_id, project_id): - with sql.session_for_read() as session: - ref = self._get_endpoint_group_in_project(session, - endpoint_group_id, - project_id) - return ref.to_dict() - - @sql.handle_conflicts(conflict_type='project_endpoint_group') - def add_endpoint_group_to_project(self, endpoint_group_id, project_id): - with sql.session_for_write() as session: - # Create a new Project Endpoint group entity - endpoint_group_project_ref = ProjectEndpointGroupMembership( - endpoint_group_id=endpoint_group_id, project_id=project_id) - session.add(endpoint_group_project_ref) - - def _get_endpoint_group_in_project(self, session, - endpoint_group_id, project_id): - endpoint_group_project_ref = session.query( - ProjectEndpointGroupMembership).get((endpoint_group_id, - project_id)) - if endpoint_group_project_ref is None: - msg = _('Endpoint Group Project Association not found') - raise exception.NotFound(msg) - else: - return endpoint_group_project_ref - - def list_endpoint_groups(self): - with sql.session_for_read() as session: - query = session.query(EndpointGroup) - endpoint_group_refs = query.all() - return [e.to_dict() for e in endpoint_group_refs] - - def list_endpoint_groups_for_project(self, project_id): - with sql.session_for_read() as session: - query = session.query(ProjectEndpointGroupMembership) - query = query.filter_by(project_id=project_id) - endpoint_group_refs = query.all() - return [ref.to_dict() for ref in endpoint_group_refs] - - def remove_endpoint_group_from_project(self, endpoint_group_id, - project_id): - with sql.session_for_write() as session: - endpoint_group_project_ref = self._get_endpoint_group_in_project( - session, endpoint_group_id, project_id) - session.delete(endpoint_group_project_ref) - - def list_projects_associated_with_endpoint_group(self, endpoint_group_id): - with sql.session_for_read() as session: - query = session.query(ProjectEndpointGroupMembership) - query = query.filter_by(endpoint_group_id=endpoint_group_id) - endpoint_group_refs = query.all() - return [ref.to_dict() for ref in endpoint_group_refs] - - def _delete_endpoint_group_association_by_endpoint_group( - self, session, endpoint_group_id): - query = session.query(ProjectEndpointGroupMembership) - query = query.filter_by(endpoint_group_id=endpoint_group_id) - query.delete() - - def delete_endpoint_group_association_by_project(self, project_id): - with sql.session_for_write() as session: - query = session.query(ProjectEndpointGroupMembership) - query = query.filter_by(project_id=project_id) - query.delete() - - -class ProjectEndpoint(sql.ModelBase, sql.ModelDictMixin): - """project-endpoint relationship table.""" - - __tablename__ = 'project_endpoint' - attributes = ['endpoint_id', 'project_id'] - endpoint_id = sql.Column(sql.String(64), - primary_key=True, - nullable=False) - project_id = sql.Column(sql.String(64), - primary_key=True, - nullable=False) - - -class EndpointGroup(sql.ModelBase, sql.ModelDictMixin): - """Endpoint Groups table.""" - - __tablename__ = 'endpoint_group' - attributes = ['id', 'name', 'description', 'filters'] - mutable_attributes = frozenset(['name', 'description', 'filters']) - id = sql.Column(sql.String(64), primary_key=True) - name = sql.Column(sql.String(255), nullable=False) - description = sql.Column(sql.Text, nullable=True) - filters = sql.Column(sql.JsonBlob(), nullable=False) - - -class ProjectEndpointGroupMembership(sql.ModelBase, sql.ModelDictMixin): - """Project to Endpoint group relationship table.""" - - __tablename__ = 'project_endpoint_group' - attributes = ['endpoint_group_id', 'project_id'] - endpoint_group_id = sql.Column(sql.String(64), - sql.ForeignKey('endpoint_group.id'), - nullable=False) - project_id = sql.Column(sql.String(64), nullable=False) - __table_args__ = (sql.PrimaryKeyConstraint('endpoint_group_id', - 'project_id'),) diff --git a/keystone-moon/keystone/catalog/backends/templated.py b/keystone-moon/keystone/catalog/backends/templated.py deleted file mode 100644 index 2e80fd32..00000000 --- a/keystone-moon/keystone/catalog/backends/templated.py +++ /dev/null @@ -1,298 +0,0 @@ -# Copyright 2012 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -import itertools -import os.path - -from oslo_config import cfg -from oslo_log import log -import six - -from keystone.catalog import core -from keystone import exception -from keystone.i18n import _LC - - -LOG = log.getLogger(__name__) - -CONF = cfg.CONF - - -def parse_templates(template_lines): - o = {} - for line in template_lines: - if ' = ' not in line: - continue - - k, v = line.strip().split(' = ') - if not k.startswith('catalog.'): - continue - - parts = k.split('.') - - region = parts[1] - # NOTE(termie): object-store insists on having a dash - service = parts[2].replace('_', '-') - key = parts[3] - - region_ref = o.get(region, {}) - service_ref = region_ref.get(service, {}) - service_ref[key] = v - - region_ref[service] = service_ref - o[region] = region_ref - - return o - - -class Catalog(core.Driver): - """A backend that generates endpoints for the Catalog based on templates. - - It is usually configured via config entries that look like: - - catalog.$REGION.$SERVICE.$key = $value - - and is stored in a similar looking hierarchy. Where a value can contain - values to be interpolated by standard python string interpolation that look - like (the % is replaced by a $ due to paste attempting to interpolate on - its own: - - http://localhost:$(public_port)s/ - - When expanding the template it will pass in a dict made up of the conf - instance plus a few additional key-values, notably tenant_id and user_id. - - It does not care what the keys and values are but it is worth noting that - keystone_compat will expect certain keys to be there so that it can munge - them into the output format keystone expects. These keys are: - - name - the name of the service, most likely repeated for all services of - the same type, across regions. - - adminURL - the url of the admin endpoint - - publicURL - the url of the public endpoint - - internalURL - the url of the internal endpoint - - """ - - def __init__(self, templates=None): - super(Catalog, self).__init__() - if templates: - self.templates = templates - else: - template_file = CONF.catalog.template_file - if not os.path.exists(template_file): - template_file = CONF.find_file(template_file) - self._load_templates(template_file) - - def _load_templates(self, template_file): - try: - with open(template_file) as f: - self.templates = parse_templates(f) - except IOError: - LOG.critical(_LC('Unable to open template file %s'), template_file) - raise - - # region crud - - def create_region(self, region_ref): - raise exception.NotImplemented() - - def list_regions(self, hints): - return [{'id': region_id, 'description': '', 'parent_region_id': ''} - for region_id in self.templates] - - def get_region(self, region_id): - if region_id in self.templates: - return {'id': region_id, 'description': '', 'parent_region_id': ''} - raise exception.RegionNotFound(region_id=region_id) - - def update_region(self, region_id, region_ref): - raise exception.NotImplemented() - - def delete_region(self, region_id): - raise exception.NotImplemented() - - # service crud - - def create_service(self, service_id, service_ref): - raise exception.NotImplemented() - - def _list_services(self, hints): - for region_ref in six.itervalues(self.templates): - for service_type, service_ref in six.iteritems(region_ref): - yield { - 'id': service_type, - 'enabled': True, - 'name': service_ref.get('name', ''), - 'description': service_ref.get('description', ''), - 'type': service_type, - } - - def list_services(self, hints): - return list(self._list_services(hints=None)) - - def get_service(self, service_id): - for service in self._list_services(hints=None): - if service['id'] == service_id: - return service - raise exception.ServiceNotFound(service_id=service_id) - - def update_service(self, service_id, service_ref): - raise exception.NotImplemented() - - def delete_service(self, service_id): - raise exception.NotImplemented() - - # endpoint crud - - def create_endpoint(self, endpoint_id, endpoint_ref): - raise exception.NotImplemented() - - def _list_endpoints(self): - for region_id, region_ref in six.iteritems(self.templates): - for service_type, service_ref in six.iteritems(region_ref): - for key in service_ref: - if key.endswith('URL'): - interface = key[:-3] - endpoint_id = ('%s-%s-%s' % - (region_id, service_type, interface)) - yield { - 'id': endpoint_id, - 'service_id': service_type, - 'interface': interface, - 'url': service_ref[key], - 'legacy_endpoint_id': None, - 'region_id': region_id, - 'enabled': True, - } - - def list_endpoints(self, hints): - return list(self._list_endpoints()) - - def get_endpoint(self, endpoint_id): - for endpoint in self._list_endpoints(): - if endpoint['id'] == endpoint_id: - return endpoint - raise exception.EndpointNotFound(endpoint_id=endpoint_id) - - def update_endpoint(self, endpoint_id, endpoint_ref): - raise exception.NotImplemented() - - def delete_endpoint(self, endpoint_id): - raise exception.NotImplemented() - - def get_catalog(self, user_id, tenant_id): - """Retrieve and format the V2 service catalog. - - :param user_id: The id of the user who has been authenticated for - creating service catalog. - :param tenant_id: The id of the project. 'tenant_id' will be None in - the case this being called to create a catalog to go in a domain - scoped token. In this case, any endpoint that requires a tenant_id - as part of their URL will be skipped. - - :returns: A nested dict representing the service catalog or an - empty dict. - - """ - substitutions = dict( - itertools.chain(CONF.items(), CONF.eventlet_server.items())) - substitutions.update({'user_id': user_id}) - silent_keyerror_failures = [] - if tenant_id: - substitutions.update({ - 'tenant_id': tenant_id, - 'project_id': tenant_id, - }) - else: - silent_keyerror_failures = ['tenant_id', 'project_id', ] - - catalog = {} - # TODO(davechen): If there is service with no endpoints, we should - # skip the service instead of keeping it in the catalog. - # see bug #1436704. - for region, region_ref in self.templates.items(): - catalog[region] = {} - for service, service_ref in region_ref.items(): - service_data = {} - try: - for k, v in service_ref.items(): - formatted_value = core.format_url( - v, substitutions, - silent_keyerror_failures=silent_keyerror_failures) - if formatted_value: - service_data[k] = formatted_value - except exception.MalformedEndpoint: - continue # this failure is already logged in format_url() - catalog[region][service] = service_data - - return catalog - - def add_endpoint_to_project(self, endpoint_id, project_id): - raise exception.NotImplemented() - - def remove_endpoint_from_project(self, endpoint_id, project_id): - raise exception.NotImplemented() - - def check_endpoint_in_project(self, endpoint_id, project_id): - raise exception.NotImplemented() - - def list_endpoints_for_project(self, project_id): - raise exception.NotImplemented() - - def list_projects_for_endpoint(self, endpoint_id): - raise exception.NotImplemented() - - def delete_association_by_endpoint(self, endpoint_id): - raise exception.NotImplemented() - - def delete_association_by_project(self, project_id): - raise exception.NotImplemented() - - def create_endpoint_group(self, endpoint_group): - raise exception.NotImplemented() - - def get_endpoint_group(self, endpoint_group_id): - raise exception.NotImplemented() - - def update_endpoint_group(self, endpoint_group_id, endpoint_group): - raise exception.NotImplemented() - - def delete_endpoint_group(self, endpoint_group_id): - raise exception.NotImplemented() - - def add_endpoint_group_to_project(self, endpoint_group_id, project_id): - raise exception.NotImplemented() - - def get_endpoint_group_in_project(self, endpoint_group_id, project_id): - raise exception.NotImplemented() - - def list_endpoint_groups(self): - raise exception.NotImplemented() - - def list_endpoint_groups_for_project(self, project_id): - raise exception.NotImplemented() - - def list_projects_associated_with_endpoint_group(self, endpoint_group_id): - raise exception.NotImplemented() - - def remove_endpoint_group_from_project(self, endpoint_group_id, - project_id): - raise exception.NotImplemented() - - def delete_endpoint_group_association_by_project(self, project_id): - raise exception.NotImplemented() diff --git a/keystone-moon/keystone/catalog/controllers.py b/keystone-moon/keystone/catalog/controllers.py deleted file mode 100644 index fc64c922..00000000 --- a/keystone-moon/keystone/catalog/controllers.py +++ /dev/null @@ -1,615 +0,0 @@ -# Copyright 2012 OpenStack Foundation -# Copyright 2012 Canonical Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -import uuid - -import six - -from keystone.catalog import core -from keystone.catalog import schema -from keystone.common import controller -from keystone.common import dependency -from keystone.common import validation -from keystone.common import wsgi -from keystone import exception -from keystone.i18n import _ -from keystone import notifications -from keystone import resource - - -INTERFACES = ['public', 'internal', 'admin'] - - -@dependency.requires('catalog_api') -class Service(controller.V2Controller): - - @controller.v2_deprecated - def get_services(self, context): - self.assert_admin(context) - service_list = self.catalog_api.list_services() - return {'OS-KSADM:services': service_list} - - @controller.v2_deprecated - def get_service(self, context, service_id): - self.assert_admin(context) - service_ref = self.catalog_api.get_service(service_id) - return {'OS-KSADM:service': service_ref} - - @controller.v2_deprecated - def delete_service(self, context, service_id): - self.assert_admin(context) - initiator = notifications._get_request_audit_info(context) - self.catalog_api.delete_service(service_id, initiator) - - @controller.v2_deprecated - def create_service(self, context, OS_KSADM_service): - self.assert_admin(context) - service_id = uuid.uuid4().hex - service_ref = OS_KSADM_service.copy() - service_ref['id'] = service_id - initiator = notifications._get_request_audit_info(context) - new_service_ref = self.catalog_api.create_service( - service_id, service_ref, initiator) - return {'OS-KSADM:service': new_service_ref} - - -@dependency.requires('catalog_api') -class Endpoint(controller.V2Controller): - - @controller.v2_deprecated - def get_endpoints(self, context): - """Merge matching v3 endpoint refs into legacy refs.""" - self.assert_admin(context) - legacy_endpoints = {} - v3_endpoints = {} - for endpoint in self.catalog_api.list_endpoints(): - if not endpoint.get('legacy_endpoint_id'): # pure v3 endpoint - # tell endpoints apart by the combination of - # service_id and region_id. - # NOTE(muyu): in theory, it's possible that there are more than - # one endpoint of one service, one region and one interface, - # but in practice, it makes no sense because only one will be - # used. - key = (endpoint['service_id'], endpoint['region_id']) - v3_endpoints.setdefault(key, []).append(endpoint) - else: # legacy endpoint - if endpoint['legacy_endpoint_id'] not in legacy_endpoints: - legacy_ep = endpoint.copy() - legacy_ep['id'] = legacy_ep.pop('legacy_endpoint_id') - legacy_ep.pop('interface') - legacy_ep.pop('url') - legacy_ep['region'] = legacy_ep.pop('region_id') - - legacy_endpoints[endpoint['legacy_endpoint_id']] = ( - legacy_ep) - else: - legacy_ep = ( - legacy_endpoints[endpoint['legacy_endpoint_id']]) - - # add the legacy endpoint with an interface url - legacy_ep['%surl' % endpoint['interface']] = endpoint['url'] - - # convert collected v3 endpoints into v2 endpoints - for endpoints in v3_endpoints.values(): - legacy_ep = {} - # For v3 endpoints in the same group, contents of extra attributes - # can be different, which may cause confusion if a random one is - # used. So only necessary attributes are used here. - # It's different for legacy v2 endpoints, which are created - # with the same "extra" value when being migrated. - for key in ('service_id', 'enabled'): - legacy_ep[key] = endpoints[0][key] - legacy_ep['region'] = endpoints[0]['region_id'] - for endpoint in endpoints: - # Public URL is required for v2 endpoints, so the generated v2 - # endpoint uses public endpoint's id as its id, which can also - # be an indicator whether a public v3 endpoint is present. - # It's safe to do so is also because that there is no v2 API to - # get an endpoint by endpoint ID. - if endpoint['interface'] == 'public': - legacy_ep['id'] = endpoint['id'] - legacy_ep['%surl' % endpoint['interface']] = endpoint['url'] - - # this means there is no public URL of this group of v3 endpoints - if 'id' not in legacy_ep: - continue - legacy_endpoints[legacy_ep['id']] = legacy_ep - return {'endpoints': list(legacy_endpoints.values())} - - @controller.v2_deprecated - def create_endpoint(self, context, endpoint): - """Create three v3 endpoint refs based on a legacy ref.""" - self.assert_admin(context) - - # according to the v2 spec publicurl is mandatory - self._require_attribute(endpoint, 'publicurl') - # service_id is necessary - self._require_attribute(endpoint, 'service_id') - - # we should check publicurl, adminurl, internalurl - # if invalid, we should raise an exception to reject - # the request - for interface in INTERFACES: - interface_url = endpoint.get(interface + 'url') - if interface_url: - core.check_endpoint_url(interface_url) - - initiator = notifications._get_request_audit_info(context) - - if endpoint.get('region') is not None: - try: - self.catalog_api.get_region(endpoint['region']) - except exception.RegionNotFound: - region = dict(id=endpoint['region']) - self.catalog_api.create_region(region, initiator) - - legacy_endpoint_ref = endpoint.copy() - - urls = {} - for i in INTERFACES: - # remove all urls so they aren't persisted them more than once - url = '%surl' % i - if endpoint.get(url): - # valid urls need to be persisted - urls[i] = endpoint.pop(url) - elif url in endpoint: - # null or empty urls can be discarded - endpoint.pop(url) - legacy_endpoint_ref.pop(url) - - legacy_endpoint_id = uuid.uuid4().hex - for interface, url in urls.items(): - endpoint_ref = endpoint.copy() - endpoint_ref['id'] = uuid.uuid4().hex - endpoint_ref['legacy_endpoint_id'] = legacy_endpoint_id - endpoint_ref['interface'] = interface - endpoint_ref['url'] = url - endpoint_ref['region_id'] = endpoint_ref.pop('region') - self.catalog_api.create_endpoint(endpoint_ref['id'], endpoint_ref, - initiator) - - legacy_endpoint_ref['id'] = legacy_endpoint_id - return {'endpoint': legacy_endpoint_ref} - - @controller.v2_deprecated - def delete_endpoint(self, context, endpoint_id): - """Delete up to three v3 endpoint refs based on a legacy ref ID.""" - self.assert_admin(context) - initiator = notifications._get_request_audit_info(context) - - deleted_at_least_one = False - for endpoint in self.catalog_api.list_endpoints(): - if endpoint['legacy_endpoint_id'] == endpoint_id: - self.catalog_api.delete_endpoint(endpoint['id'], initiator) - deleted_at_least_one = True - - if not deleted_at_least_one: - raise exception.EndpointNotFound(endpoint_id=endpoint_id) - - -@dependency.requires('catalog_api') -class RegionV3(controller.V3Controller): - collection_name = 'regions' - member_name = 'region' - - def create_region_with_id(self, context, region_id, region): - """Create a region with a user-specified ID. - - This method is unprotected because it depends on ``self.create_region`` - to enforce policy. - """ - if 'id' in region and region_id != region['id']: - raise exception.ValidationError( - _('Conflicting region IDs specified: ' - '"%(url_id)s" != "%(ref_id)s"') % { - 'url_id': region_id, - 'ref_id': region['id']}) - region['id'] = region_id - return self.create_region(context, region) - - @controller.protected() - @validation.validated(schema.region_create, 'region') - def create_region(self, context, region): - ref = self._normalize_dict(region) - - if not ref.get('id'): - ref = self._assign_unique_id(ref) - - initiator = notifications._get_request_audit_info(context) - ref = self.catalog_api.create_region(ref, initiator) - return wsgi.render_response( - RegionV3.wrap_member(context, ref), - status=(201, 'Created')) - - @controller.filterprotected('parent_region_id') - def list_regions(self, context, filters): - hints = RegionV3.build_driver_hints(context, filters) - refs = self.catalog_api.list_regions(hints) - return RegionV3.wrap_collection(context, refs, hints=hints) - - @controller.protected() - def get_region(self, context, region_id): - ref = self.catalog_api.get_region(region_id) - return RegionV3.wrap_member(context, ref) - - @controller.protected() - @validation.validated(schema.region_update, 'region') - def update_region(self, context, region_id, region): - self._require_matching_id(region_id, region) - initiator = notifications._get_request_audit_info(context) - ref = self.catalog_api.update_region(region_id, region, initiator) - return RegionV3.wrap_member(context, ref) - - @controller.protected() - def delete_region(self, context, region_id): - initiator = notifications._get_request_audit_info(context) - return self.catalog_api.delete_region(region_id, initiator) - - -@dependency.requires('catalog_api') -class ServiceV3(controller.V3Controller): - collection_name = 'services' - member_name = 'service' - - def __init__(self): - super(ServiceV3, self).__init__() - self.get_member_from_driver = self.catalog_api.get_service - - @controller.protected() - @validation.validated(schema.service_create, 'service') - def create_service(self, context, service): - ref = self._assign_unique_id(self._normalize_dict(service)) - initiator = notifications._get_request_audit_info(context) - ref = self.catalog_api.create_service(ref['id'], ref, initiator) - return ServiceV3.wrap_member(context, ref) - - @controller.filterprotected('type', 'name') - def list_services(self, context, filters): - hints = ServiceV3.build_driver_hints(context, filters) - refs = self.catalog_api.list_services(hints=hints) - return ServiceV3.wrap_collection(context, refs, hints=hints) - - @controller.protected() - def get_service(self, context, service_id): - ref = self.catalog_api.get_service(service_id) - return ServiceV3.wrap_member(context, ref) - - @controller.protected() - @validation.validated(schema.service_update, 'service') - def update_service(self, context, service_id, service): - self._require_matching_id(service_id, service) - initiator = notifications._get_request_audit_info(context) - ref = self.catalog_api.update_service(service_id, service, initiator) - return ServiceV3.wrap_member(context, ref) - - @controller.protected() - def delete_service(self, context, service_id): - initiator = notifications._get_request_audit_info(context) - return self.catalog_api.delete_service(service_id, initiator) - - -@dependency.requires('catalog_api') -class EndpointV3(controller.V3Controller): - collection_name = 'endpoints' - member_name = 'endpoint' - - def __init__(self): - super(EndpointV3, self).__init__() - self.get_member_from_driver = self.catalog_api.get_endpoint - - @classmethod - def filter_endpoint(cls, ref): - if 'legacy_endpoint_id' in ref: - ref.pop('legacy_endpoint_id') - ref['region'] = ref['region_id'] - return ref - - @classmethod - def wrap_member(cls, context, ref): - ref = cls.filter_endpoint(ref) - return super(EndpointV3, cls).wrap_member(context, ref) - - def _validate_endpoint_region(self, endpoint, context=None): - """Ensure the region for the endpoint exists. - - If 'region_id' is used to specify the region, then we will let the - manager/driver take care of this. If, however, 'region' is used, - then for backward compatibility, we will auto-create the region. - - """ - if (endpoint.get('region_id') is None and - endpoint.get('region') is not None): - # To maintain backward compatibility with clients that are - # using the v3 API in the same way as they used the v2 API, - # create the endpoint region, if that region does not exist - # in keystone. - endpoint['region_id'] = endpoint.pop('region') - try: - self.catalog_api.get_region(endpoint['region_id']) - except exception.RegionNotFound: - region = dict(id=endpoint['region_id']) - initiator = notifications._get_request_audit_info(context) - self.catalog_api.create_region(region, initiator) - - return endpoint - - @controller.protected() - @validation.validated(schema.endpoint_create, 'endpoint') - def create_endpoint(self, context, endpoint): - core.check_endpoint_url(endpoint['url']) - ref = self._assign_unique_id(self._normalize_dict(endpoint)) - ref = self._validate_endpoint_region(ref, context) - initiator = notifications._get_request_audit_info(context) - ref = self.catalog_api.create_endpoint(ref['id'], ref, initiator) - return EndpointV3.wrap_member(context, ref) - - @controller.filterprotected('interface', 'service_id', 'region_id') - def list_endpoints(self, context, filters): - hints = EndpointV3.build_driver_hints(context, filters) - refs = self.catalog_api.list_endpoints(hints=hints) - return EndpointV3.wrap_collection(context, refs, hints=hints) - - @controller.protected() - def get_endpoint(self, context, endpoint_id): - ref = self.catalog_api.get_endpoint(endpoint_id) - return EndpointV3.wrap_member(context, ref) - - @controller.protected() - @validation.validated(schema.endpoint_update, 'endpoint') - def update_endpoint(self, context, endpoint_id, endpoint): - self._require_matching_id(endpoint_id, endpoint) - - endpoint = self._validate_endpoint_region(endpoint.copy(), context) - - initiator = notifications._get_request_audit_info(context) - ref = self.catalog_api.update_endpoint(endpoint_id, endpoint, - initiator) - return EndpointV3.wrap_member(context, ref) - - @controller.protected() - def delete_endpoint(self, context, endpoint_id): - initiator = notifications._get_request_audit_info(context) - return self.catalog_api.delete_endpoint(endpoint_id, initiator) - - -@dependency.requires('catalog_api', 'resource_api') -class EndpointFilterV3Controller(controller.V3Controller): - - def __init__(self): - super(EndpointFilterV3Controller, self).__init__() - notifications.register_event_callback( - notifications.ACTIONS.deleted, 'project', - self._on_project_or_endpoint_delete) - notifications.register_event_callback( - notifications.ACTIONS.deleted, 'endpoint', - self._on_project_or_endpoint_delete) - - def _on_project_or_endpoint_delete(self, service, resource_type, operation, - payload): - project_or_endpoint_id = payload['resource_info'] - if resource_type == 'project': - self.catalog_api.delete_association_by_project( - project_or_endpoint_id) - else: - self.catalog_api.delete_association_by_endpoint( - project_or_endpoint_id) - - @controller.protected() - def add_endpoint_to_project(self, context, project_id, endpoint_id): - """Establishes an association between an endpoint and a project.""" - # NOTE(gyee): we just need to make sure endpoint and project exist - # first. We don't really care whether if project is disabled. - # The relationship can still be established even with a disabled - # project as there are no security implications. - self.catalog_api.get_endpoint(endpoint_id) - self.resource_api.get_project(project_id) - self.catalog_api.add_endpoint_to_project(endpoint_id, - project_id) - - @controller.protected() - def check_endpoint_in_project(self, context, project_id, endpoint_id): - """Verifies endpoint is currently associated with given project.""" - self.catalog_api.get_endpoint(endpoint_id) - self.resource_api.get_project(project_id) - self.catalog_api.check_endpoint_in_project(endpoint_id, - project_id) - - @controller.protected() - def list_endpoints_for_project(self, context, project_id): - """List all endpoints currently associated with a given project.""" - self.resource_api.get_project(project_id) - filtered_endpoints = self.catalog_api.list_endpoints_for_project( - project_id) - - return EndpointV3.wrap_collection( - context, [v for v in six.itervalues(filtered_endpoints)]) - - @controller.protected() - def remove_endpoint_from_project(self, context, project_id, endpoint_id): - """Remove the endpoint from the association with given project.""" - self.catalog_api.remove_endpoint_from_project(endpoint_id, - project_id) - - @controller.protected() - def list_projects_for_endpoint(self, context, endpoint_id): - """Return a list of projects associated with the endpoint.""" - self.catalog_api.get_endpoint(endpoint_id) - refs = self.catalog_api.list_projects_for_endpoint(endpoint_id) - - projects = [self.resource_api.get_project( - ref['project_id']) for ref in refs] - return resource.controllers.ProjectV3.wrap_collection(context, - projects) - - -@dependency.requires('catalog_api', 'resource_api') -class EndpointGroupV3Controller(controller.V3Controller): - collection_name = 'endpoint_groups' - member_name = 'endpoint_group' - - VALID_FILTER_KEYS = ['service_id', 'region_id', 'interface'] - - def __init__(self): - super(EndpointGroupV3Controller, self).__init__() - - @classmethod - def base_url(cls, context, path=None): - """Construct a path and pass it to V3Controller.base_url method.""" - path = '/OS-EP-FILTER/' + cls.collection_name - return super(EndpointGroupV3Controller, cls).base_url(context, - path=path) - - @controller.protected() - @validation.validated(schema.endpoint_group_create, 'endpoint_group') - def create_endpoint_group(self, context, endpoint_group): - """Creates an Endpoint Group with the associated filters.""" - ref = self._assign_unique_id(self._normalize_dict(endpoint_group)) - self._require_attribute(ref, 'filters') - self._require_valid_filter(ref) - ref = self.catalog_api.create_endpoint_group(ref['id'], ref) - return EndpointGroupV3Controller.wrap_member(context, ref) - - def _require_valid_filter(self, endpoint_group): - filters = endpoint_group.get('filters') - for key in six.iterkeys(filters): - if key not in self.VALID_FILTER_KEYS: - raise exception.ValidationError( - attribute=self._valid_filter_keys(), - target='endpoint_group') - - def _valid_filter_keys(self): - return ' or '.join(self.VALID_FILTER_KEYS) - - @controller.protected() - def get_endpoint_group(self, context, endpoint_group_id): - """Retrieve the endpoint group associated with the id if exists.""" - ref = self.catalog_api.get_endpoint_group(endpoint_group_id) - return EndpointGroupV3Controller.wrap_member( - context, ref) - - @controller.protected() - @validation.validated(schema.endpoint_group_update, 'endpoint_group') - def update_endpoint_group(self, context, endpoint_group_id, - endpoint_group): - """Update fixed values and/or extend the filters.""" - if 'filters' in endpoint_group: - self._require_valid_filter(endpoint_group) - ref = self.catalog_api.update_endpoint_group(endpoint_group_id, - endpoint_group) - return EndpointGroupV3Controller.wrap_member( - context, ref) - - @controller.protected() - def delete_endpoint_group(self, context, endpoint_group_id): - """Delete endpoint_group.""" - self.catalog_api.delete_endpoint_group(endpoint_group_id) - - @controller.protected() - def list_endpoint_groups(self, context): - """List all endpoint groups.""" - refs = self.catalog_api.list_endpoint_groups() - return EndpointGroupV3Controller.wrap_collection( - context, refs) - - @controller.protected() - def list_endpoint_groups_for_project(self, context, project_id): - """List all endpoint groups associated with a given project.""" - return EndpointGroupV3Controller.wrap_collection( - context, - self.catalog_api.get_endpoint_groups_for_project(project_id)) - - @controller.protected() - def list_projects_associated_with_endpoint_group(self, - context, - endpoint_group_id): - """List all projects associated with endpoint group.""" - endpoint_group_refs = (self.catalog_api. - list_projects_associated_with_endpoint_group( - endpoint_group_id)) - projects = [] - for endpoint_group_ref in endpoint_group_refs: - project = self.resource_api.get_project( - endpoint_group_ref['project_id']) - if project: - projects.append(project) - return resource.controllers.ProjectV3.wrap_collection(context, - projects) - - @controller.protected() - def list_endpoints_associated_with_endpoint_group(self, - context, - endpoint_group_id): - """List all the endpoints filtered by a specific endpoint group.""" - filtered_endpoints = (self.catalog_api. - get_endpoints_filtered_by_endpoint_group( - endpoint_group_id)) - return EndpointV3.wrap_collection(context, filtered_endpoints) - - -@dependency.requires('catalog_api', 'resource_api') -class ProjectEndpointGroupV3Controller(controller.V3Controller): - collection_name = 'project_endpoint_groups' - member_name = 'project_endpoint_group' - - def __init__(self): - super(ProjectEndpointGroupV3Controller, self).__init__() - notifications.register_event_callback( - notifications.ACTIONS.deleted, 'project', - self._on_project_delete) - - def _on_project_delete(self, service, resource_type, - operation, payload): - project_id = payload['resource_info'] - (self.catalog_api. - delete_endpoint_group_association_by_project( - project_id)) - - @controller.protected() - def get_endpoint_group_in_project(self, context, endpoint_group_id, - project_id): - """Retrieve the endpoint group associated with the id if exists.""" - self.resource_api.get_project(project_id) - self.catalog_api.get_endpoint_group(endpoint_group_id) - ref = self.catalog_api.get_endpoint_group_in_project( - endpoint_group_id, project_id) - return ProjectEndpointGroupV3Controller.wrap_member( - context, ref) - - @controller.protected() - def add_endpoint_group_to_project(self, context, endpoint_group_id, - project_id): - """Creates an association between an endpoint group and project.""" - self.resource_api.get_project(project_id) - self.catalog_api.get_endpoint_group(endpoint_group_id) - self.catalog_api.add_endpoint_group_to_project( - endpoint_group_id, project_id) - - @controller.protected() - def remove_endpoint_group_from_project(self, context, endpoint_group_id, - project_id): - """Remove the endpoint group from associated project.""" - self.resource_api.get_project(project_id) - self.catalog_api.get_endpoint_group(endpoint_group_id) - self.catalog_api.remove_endpoint_group_from_project( - endpoint_group_id, project_id) - - @classmethod - def _add_self_referential_link(cls, context, ref): - url = ('/OS-EP-FILTER/endpoint_groups/%(endpoint_group_id)s' - '/projects/%(project_id)s' % { - 'endpoint_group_id': ref['endpoint_group_id'], - 'project_id': ref['project_id']}) - ref.setdefault('links', {}) - ref['links']['self'] = url diff --git a/keystone-moon/keystone/catalog/core.py b/keystone-moon/keystone/catalog/core.py deleted file mode 100644 index 384a9b2b..00000000 --- a/keystone-moon/keystone/catalog/core.py +++ /dev/null @@ -1,894 +0,0 @@ -# Copyright 2012 OpenStack Foundation -# Copyright 2012 Canonical Ltd. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -"""Main entry point into the Catalog service.""" - -import abc -import itertools - -from oslo_cache import core as oslo_cache -from oslo_config import cfg -from oslo_log import log -import six - -from keystone.common import cache -from keystone.common import dependency -from keystone.common import driver_hints -from keystone.common import manager -from keystone.common import utils -from keystone import exception -from keystone.i18n import _ -from keystone.i18n import _LE -from keystone import notifications - - -CONF = cfg.CONF -LOG = log.getLogger(__name__) -WHITELISTED_PROPERTIES = [ - 'tenant_id', 'project_id', 'user_id', - 'public_bind_host', 'admin_bind_host', - 'compute_host', 'admin_port', 'public_port', - 'public_endpoint', 'admin_endpoint', ] - -# This is a general cache region for catalog administration (CRUD operations). -MEMOIZE = cache.get_memoization_decorator(group='catalog') - -# This builds a discrete cache region dedicated to complete service catalogs -# computed for a given user + project pair. Any write operation to create, -# modify or delete elements of the service catalog should invalidate this -# entire cache region. -COMPUTED_CATALOG_REGION = oslo_cache.create_region() -MEMOIZE_COMPUTED_CATALOG = cache.get_memoization_decorator( - group='catalog', - region=COMPUTED_CATALOG_REGION) - - -def format_url(url, substitutions, silent_keyerror_failures=None): - """Formats a user-defined URL with the given substitutions. - - :param string url: the URL to be formatted - :param dict substitutions: the dictionary used for substitution - :param list silent_keyerror_failures: keys for which we should be silent - if there is a KeyError exception on substitution attempt - :returns: a formatted URL - - """ - substitutions = utils.WhiteListedItemFilter( - WHITELISTED_PROPERTIES, - substitutions) - allow_keyerror = silent_keyerror_failures or [] - try: - result = url.replace('$(', '%(') % substitutions - except AttributeError: - LOG.error(_LE('Malformed endpoint - %(url)r is not a string'), - {"url": url}) - raise exception.MalformedEndpoint(endpoint=url) - except KeyError as e: - if not e.args or e.args[0] not in allow_keyerror: - LOG.error(_LE("Malformed endpoint %(url)s - unknown key " - "%(keyerror)s"), - {"url": url, - "keyerror": e}) - raise exception.MalformedEndpoint(endpoint=url) - else: - result = None - except TypeError as e: - LOG.error(_LE("Malformed endpoint '%(url)s'. The following type error " - "occurred during string substitution: %(typeerror)s"), - {"url": url, - "typeerror": e}) - raise exception.MalformedEndpoint(endpoint=url) - except ValueError as e: - LOG.error(_LE("Malformed endpoint %s - incomplete format " - "(are you missing a type notifier ?)"), url) - raise exception.MalformedEndpoint(endpoint=url) - return result - - -def check_endpoint_url(url): - """Check substitution of url. - - The invalid urls are as follows: - urls with substitutions that is not in the whitelist - - Check the substitutions in the URL to make sure they are valid - and on the whitelist. - - :param str url: the URL to validate - :rtype: None - :raises keystone.exception.URLValidationError: if the URL is invalid - """ - # check whether the property in the path is exactly the same - # with that in the whitelist below - substitutions = dict(zip(WHITELISTED_PROPERTIES, itertools.repeat(''))) - try: - url.replace('$(', '%(') % substitutions - except (KeyError, TypeError, ValueError): - raise exception.URLValidationError(url) - - -@dependency.provider('catalog_api') -@dependency.requires('resource_api') -class Manager(manager.Manager): - """Default pivot point for the Catalog backend. - - See :mod:`keystone.common.manager.Manager` for more details on how this - dynamically calls the backend. - - """ - - driver_namespace = 'keystone.catalog' - - _ENDPOINT = 'endpoint' - _SERVICE = 'service' - _REGION = 'region' - - def __init__(self): - super(Manager, self).__init__(CONF.catalog.driver) - - def create_region(self, region_ref, initiator=None): - # Check duplicate ID - try: - self.get_region(region_ref['id']) - except exception.RegionNotFound: # nosec - # A region with the same id doesn't exist already, good. - pass - else: - msg = _('Duplicate ID, %s.') % region_ref['id'] - raise exception.Conflict(type='region', details=msg) - - # NOTE(lbragstad,dstanek): The description column of the region - # database cannot be null. So if the user doesn't pass in a - # description or passes in a null description then set it to an - # empty string. - if region_ref.get('description') is None: - region_ref['description'] = '' - try: - ret = self.driver.create_region(region_ref) - except exception.NotFound: - parent_region_id = region_ref.get('parent_region_id') - raise exception.RegionNotFound(region_id=parent_region_id) - - notifications.Audit.created(self._REGION, ret['id'], initiator) - COMPUTED_CATALOG_REGION.invalidate() - return ret - - @MEMOIZE - def get_region(self, region_id): - try: - return self.driver.get_region(region_id) - except exception.NotFound: - raise exception.RegionNotFound(region_id=region_id) - - def update_region(self, region_id, region_ref, initiator=None): - # NOTE(lbragstad,dstanek): The description column of the region - # database cannot be null. So if the user passes in a null - # description set it to an empty string. - if 'description' in region_ref and region_ref['description'] is None: - region_ref['description'] = '' - ref = self.driver.update_region(region_id, region_ref) - notifications.Audit.updated(self._REGION, region_id, initiator) - self.get_region.invalidate(self, region_id) - COMPUTED_CATALOG_REGION.invalidate() - return ref - - def delete_region(self, region_id, initiator=None): - try: - ret = self.driver.delete_region(region_id) - notifications.Audit.deleted(self._REGION, region_id, initiator) - self.get_region.invalidate(self, region_id) - COMPUTED_CATALOG_REGION.invalidate() - return ret - except exception.NotFound: - raise exception.RegionNotFound(region_id=region_id) - - @manager.response_truncated - def list_regions(self, hints=None): - return self.driver.list_regions(hints or driver_hints.Hints()) - - def create_service(self, service_id, service_ref, initiator=None): - service_ref.setdefault('enabled', True) - service_ref.setdefault('name', '') - ref = self.driver.create_service(service_id, service_ref) - notifications.Audit.created(self._SERVICE, service_id, initiator) - COMPUTED_CATALOG_REGION.invalidate() - return ref - - @MEMOIZE - def get_service(self, service_id): - try: - return self.driver.get_service(service_id) - except exception.NotFound: - raise exception.ServiceNotFound(service_id=service_id) - - def update_service(self, service_id, service_ref, initiator=None): - ref = self.driver.update_service(service_id, service_ref) - notifications.Audit.updated(self._SERVICE, service_id, initiator) - self.get_service.invalidate(self, service_id) - COMPUTED_CATALOG_REGION.invalidate() - return ref - - def delete_service(self, service_id, initiator=None): - try: - endpoints = self.list_endpoints() - ret = self.driver.delete_service(service_id) - notifications.Audit.deleted(self._SERVICE, service_id, initiator) - self.get_service.invalidate(self, service_id) - for endpoint in endpoints: - if endpoint['service_id'] == service_id: - self.get_endpoint.invalidate(self, endpoint['id']) - COMPUTED_CATALOG_REGION.invalidate() - return ret - except exception.NotFound: - raise exception.ServiceNotFound(service_id=service_id) - - @manager.response_truncated - def list_services(self, hints=None): - return self.driver.list_services(hints or driver_hints.Hints()) - - def _assert_region_exists(self, region_id): - try: - if region_id is not None: - self.get_region(region_id) - except exception.RegionNotFound: - raise exception.ValidationError(attribute='endpoint region_id', - target='region table') - - def _assert_service_exists(self, service_id): - try: - if service_id is not None: - self.get_service(service_id) - except exception.ServiceNotFound: - raise exception.ValidationError(attribute='endpoint service_id', - target='service table') - - def create_endpoint(self, endpoint_id, endpoint_ref, initiator=None): - self._assert_region_exists(endpoint_ref.get('region_id')) - self._assert_service_exists(endpoint_ref['service_id']) - ref = self.driver.create_endpoint(endpoint_id, endpoint_ref) - - notifications.Audit.created(self._ENDPOINT, endpoint_id, initiator) - COMPUTED_CATALOG_REGION.invalidate() - return ref - - def update_endpoint(self, endpoint_id, endpoint_ref, initiator=None): - self._assert_region_exists(endpoint_ref.get('region_id')) - self._assert_service_exists(endpoint_ref.get('service_id')) - ref = self.driver.update_endpoint(endpoint_id, endpoint_ref) - notifications.Audit.updated(self._ENDPOINT, endpoint_id, initiator) - self.get_endpoint.invalidate(self, endpoint_id) - COMPUTED_CATALOG_REGION.invalidate() - return ref - - def delete_endpoint(self, endpoint_id, initiator=None): - try: - ret = self.driver.delete_endpoint(endpoint_id) - notifications.Audit.deleted(self._ENDPOINT, endpoint_id, initiator) - self.get_endpoint.invalidate(self, endpoint_id) - COMPUTED_CATALOG_REGION.invalidate() - return ret - except exception.NotFound: - raise exception.EndpointNotFound(endpoint_id=endpoint_id) - - @MEMOIZE - def get_endpoint(self, endpoint_id): - try: - return self.driver.get_endpoint(endpoint_id) - except exception.NotFound: - raise exception.EndpointNotFound(endpoint_id=endpoint_id) - - @manager.response_truncated - def list_endpoints(self, hints=None): - return self.driver.list_endpoints(hints or driver_hints.Hints()) - - @MEMOIZE_COMPUTED_CATALOG - def get_catalog(self, user_id, tenant_id): - try: - return self.driver.get_catalog(user_id, tenant_id) - except exception.NotFound: - raise exception.NotFound('Catalog not found for user and tenant') - - @MEMOIZE_COMPUTED_CATALOG - def get_v3_catalog(self, user_id, tenant_id): - return self.driver.get_v3_catalog(user_id, tenant_id) - - def add_endpoint_to_project(self, endpoint_id, project_id): - self.driver.add_endpoint_to_project(endpoint_id, project_id) - COMPUTED_CATALOG_REGION.invalidate() - - def remove_endpoint_from_project(self, endpoint_id, project_id): - self.driver.remove_endpoint_from_project(endpoint_id, project_id) - COMPUTED_CATALOG_REGION.invalidate() - - def add_endpoint_group_to_project(self, endpoint_group_id, project_id): - self.driver.add_endpoint_group_to_project( - endpoint_group_id, project_id) - COMPUTED_CATALOG_REGION.invalidate() - - def remove_endpoint_group_from_project(self, endpoint_group_id, - project_id): - self.driver.remove_endpoint_group_from_project( - endpoint_group_id, project_id) - COMPUTED_CATALOG_REGION.invalidate() - - def get_endpoint_groups_for_project(self, project_id): - # recover the project endpoint group memberships and for each - # membership recover the endpoint group - self.resource_api.get_project(project_id) - try: - refs = self.list_endpoint_groups_for_project(project_id) - endpoint_groups = [self.get_endpoint_group( - ref['endpoint_group_id']) for ref in refs] - return endpoint_groups - except exception.EndpointGroupNotFound: - return [] - - def get_endpoints_filtered_by_endpoint_group(self, endpoint_group_id): - endpoints = self.list_endpoints() - filters = self.get_endpoint_group(endpoint_group_id)['filters'] - filtered_endpoints = [] - - for endpoint in endpoints: - is_candidate = True - for key, value in filters.items(): - if endpoint[key] != value: - is_candidate = False - break - if is_candidate: - filtered_endpoints.append(endpoint) - return filtered_endpoints - - def list_endpoints_for_project(self, project_id): - """List all endpoints associated with a project. - - :param project_id: project identifier to check - :type project_id: string - :returns: a list of endpoint ids or an empty list. - - """ - refs = self.driver.list_endpoints_for_project(project_id) - filtered_endpoints = {} - for ref in refs: - try: - endpoint = self.get_endpoint(ref['endpoint_id']) - filtered_endpoints.update({ref['endpoint_id']: endpoint}) - except exception.EndpointNotFound: - # remove bad reference from association - self.remove_endpoint_from_project(ref['endpoint_id'], - project_id) - - # need to recover endpoint_groups associated with project - # then for each endpoint group return the endpoints. - endpoint_groups = self.get_endpoint_groups_for_project(project_id) - for endpoint_group in endpoint_groups: - endpoint_refs = self.get_endpoints_filtered_by_endpoint_group( - endpoint_group['id']) - # now check if any endpoints for current endpoint group are not - # contained in the list of filtered endpoints - for endpoint_ref in endpoint_refs: - if endpoint_ref['id'] not in filtered_endpoints: - filtered_endpoints[endpoint_ref['id']] = endpoint_ref - - return filtered_endpoints - - -@six.add_metaclass(abc.ABCMeta) -class CatalogDriverV8(object): - """Interface description for the Catalog driver.""" - - def _get_list_limit(self): - return CONF.catalog.list_limit or CONF.list_limit - - def _ensure_no_circle_in_hierarchical_regions(self, region_ref): - if region_ref.get('parent_region_id') is None: - return - - root_region_id = region_ref['id'] - parent_region_id = region_ref['parent_region_id'] - - while parent_region_id: - # NOTE(wanghong): check before getting parent region can ensure no - # self circle - if parent_region_id == root_region_id: - raise exception.CircularRegionHierarchyError( - parent_region_id=parent_region_id) - parent_region = self.get_region(parent_region_id) - parent_region_id = parent_region.get('parent_region_id') - - @abc.abstractmethod - def create_region(self, region_ref): - """Creates a new region. - - :raises keystone.exception.Conflict: If the region already exists. - :raises keystone.exception.RegionNotFound: If the parent region - is invalid. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def list_regions(self, hints): - """List all regions. - - :param hints: contains the list of filters yet to be satisfied. - Any filters satisfied here will be removed so that - the caller will know if any filters remain. - - :returns: list of region_refs or an empty list. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def get_region(self, region_id): - """Get region by id. - - :returns: region_ref dict - :raises keystone.exception.RegionNotFound: If the region doesn't exist. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def update_region(self, region_id, region_ref): - """Update region by id. - - :returns: region_ref dict - :raises keystone.exception.RegionNotFound: If the region doesn't exist. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def delete_region(self, region_id): - """Deletes an existing region. - - :raises keystone.exception.RegionNotFound: If the region doesn't exist. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def create_service(self, service_id, service_ref): - """Creates a new service. - - :raises keystone.exception.Conflict: If a duplicate service exists. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def list_services(self, hints): - """List all services. - - :param hints: contains the list of filters yet to be satisfied. - Any filters satisfied here will be removed so that - the caller will know if any filters remain. - - :returns: list of service_refs or an empty list. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def get_service(self, service_id): - """Get service by id. - - :returns: service_ref dict - :raises keystone.exception.ServiceNotFound: If the service doesn't - exist. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def update_service(self, service_id, service_ref): - """Update service by id. - - :returns: service_ref dict - :raises keystone.exception.ServiceNotFound: If the service doesn't - exist. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def delete_service(self, service_id): - """Deletes an existing service. - - :raises keystone.exception.ServiceNotFound: If the service doesn't - exist. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def create_endpoint(self, endpoint_id, endpoint_ref): - """Creates a new endpoint for a service. - - :raises keystone.exception.Conflict: If a duplicate endpoint exists. - :raises keystone.exception.ServiceNotFound: If the service doesn't - exist. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def get_endpoint(self, endpoint_id): - """Get endpoint by id. - - :returns: endpoint_ref dict - :raises keystone.exception.EndpointNotFound: If the endpoint doesn't - exist. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def list_endpoints(self, hints): - """List all endpoints. - - :param hints: contains the list of filters yet to be satisfied. - Any filters satisfied here will be removed so that - the caller will know if any filters remain. - - :returns: list of endpoint_refs or an empty list. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def update_endpoint(self, endpoint_id, endpoint_ref): - """Get endpoint by id. - - :returns: endpoint_ref dict - :raises keystone.exception.EndpointNotFound: If the endpoint doesn't - exist. - :raises keystone.exception.ServiceNotFound: If the service doesn't - exist. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def delete_endpoint(self, endpoint_id): - """Deletes an endpoint for a service. - - :raises keystone.exception.EndpointNotFound: If the endpoint doesn't - exist. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def get_catalog(self, user_id, tenant_id): - """Retrieve and format the current service catalog. - - Example:: - - { 'RegionOne': - {'compute': { - 'adminURL': u'http://host:8774/v1.1/tenantid', - 'internalURL': u'http://host:8774/v1.1/tenant_id', - 'name': 'Compute Service', - 'publicURL': u'http://host:8774/v1.1/tenantid'}, - 'ec2': { - 'adminURL': 'http://host:8773/services/Admin', - 'internalURL': 'http://host:8773/services/Cloud', - 'name': 'EC2 Service', - 'publicURL': 'http://host:8773/services/Cloud'}} - - :returns: A nested dict representing the service catalog or an - empty dict. - :raises keystone.exception.NotFound: If the endpoint doesn't exist. - - """ - raise exception.NotImplemented() # pragma: no cover - - def get_v3_catalog(self, user_id, tenant_id): - """Retrieve and format the current V3 service catalog. - - The default implementation builds the V3 catalog from the V2 catalog. - - Example:: - - [ - { - "endpoints": [ - { - "interface": "public", - "id": "--endpoint-id--", - "region": "RegionOne", - "url": "http://external:8776/v1/--project-id--" - }, - { - "interface": "internal", - "id": "--endpoint-id--", - "region": "RegionOne", - "url": "http://internal:8776/v1/--project-id--" - }], - "id": "--service-id--", - "type": "volume" - }] - - :returns: A list representing the service catalog or an empty list - :raises keystone.exception.NotFound: If the endpoint doesn't exist. - - """ - v2_catalog = self.get_catalog(user_id, tenant_id) - v3_catalog = [] - - for region_name, region in v2_catalog.items(): - for service_type, service in region.items(): - service_v3 = { - 'type': service_type, - 'endpoints': [] - } - - for attr, value in service.items(): - # Attributes that end in URL are interfaces. In the V2 - # catalog, these are internalURL, publicURL, and adminURL. - # For example, .publicURL= in the V2 - # catalog becomes the V3 interface for the service: - # { 'interface': 'public', 'url': '', 'region': - # 'region: '' } - if attr.endswith('URL'): - v3_interface = attr[:-len('URL')] - service_v3['endpoints'].append({ - 'interface': v3_interface, - 'region': region_name, - 'url': value, - }) - continue - - # Other attributes are copied to the service. - service_v3[attr] = value - - v3_catalog.append(service_v3) - - return v3_catalog - - @abc.abstractmethod - def add_endpoint_to_project(self, endpoint_id, project_id): - """Create an endpoint to project association. - - :param endpoint_id: identity of endpoint to associate - :type endpoint_id: string - :param project_id: identity of the project to be associated with - :type project_id: string - :raises: keystone.exception.Conflict: If the endpoint was already - added to project. - :returns: None. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def remove_endpoint_from_project(self, endpoint_id, project_id): - """Removes an endpoint to project association. - - :param endpoint_id: identity of endpoint to remove - :type endpoint_id: string - :param project_id: identity of the project associated with - :type project_id: string - :raises keystone.exception.NotFound: If the endpoint was not found - in the project. - :returns: None. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def check_endpoint_in_project(self, endpoint_id, project_id): - """Checks if an endpoint is associated with a project. - - :param endpoint_id: identity of endpoint to check - :type endpoint_id: string - :param project_id: identity of the project associated with - :type project_id: string - :raises keystone.exception.NotFound: If the endpoint was not found - in the project. - :returns: None. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def list_endpoints_for_project(self, project_id): - """List all endpoints associated with a project. - - :param project_id: identity of the project to check - :type project_id: string - :returns: a list of identity endpoint ids or an empty list. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def list_projects_for_endpoint(self, endpoint_id): - """List all projects associated with an endpoint. - - :param endpoint_id: identity of endpoint to check - :type endpoint_id: string - :returns: a list of projects or an empty list. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def delete_association_by_endpoint(self, endpoint_id): - """Removes all the endpoints to project association with endpoint. - - :param endpoint_id: identity of endpoint to check - :type endpoint_id: string - :returns: None - - """ - raise exception.NotImplemented() - - @abc.abstractmethod - def delete_association_by_project(self, project_id): - """Removes all the endpoints to project association with project. - - :param project_id: identity of the project to check - :type project_id: string - :returns: None - - """ - raise exception.NotImplemented() - - @abc.abstractmethod - def create_endpoint_group(self, endpoint_group): - """Create an endpoint group. - - :param endpoint_group: endpoint group to create - :type endpoint_group: dictionary - :raises: keystone.exception.Conflict: If a duplicate endpoint group - already exists. - :returns: an endpoint group representation. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def get_endpoint_group(self, endpoint_group_id): - """Get an endpoint group. - - :param endpoint_group_id: identity of endpoint group to retrieve - :type endpoint_group_id: string - :raises keystone.exception.NotFound: If the endpoint group was not - found. - :returns: an endpoint group representation. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def update_endpoint_group(self, endpoint_group_id, endpoint_group): - """Update an endpoint group. - - :param endpoint_group_id: identity of endpoint group to retrieve - :type endpoint_group_id: string - :param endpoint_group: A full or partial endpoint_group - :type endpoint_group: dictionary - :raises keystone.exception.NotFound: If the endpoint group was not - found. - :returns: an endpoint group representation. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def delete_endpoint_group(self, endpoint_group_id): - """Delete an endpoint group. - - :param endpoint_group_id: identity of endpoint group to delete - :type endpoint_group_id: string - :raises keystone.exception.NotFound: If the endpoint group was not - found. - :returns: None. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def add_endpoint_group_to_project(self, endpoint_group_id, project_id): - """Adds an endpoint group to project association. - - :param endpoint_group_id: identity of endpoint to associate - :type endpoint_group_id: string - :param project_id: identity of project to associate - :type project_id: string - :raises keystone.exception.Conflict: If the endpoint group was already - added to the project. - :returns: None. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def get_endpoint_group_in_project(self, endpoint_group_id, project_id): - """Get endpoint group to project association. - - :param endpoint_group_id: identity of endpoint group to retrieve - :type endpoint_group_id: string - :param project_id: identity of project to associate - :type project_id: string - :raises keystone.exception.NotFound: If the endpoint group to the - project association was not found. - :returns: a project endpoint group representation. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def list_endpoint_groups(self): - """List all endpoint groups. - - :returns: None. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def list_endpoint_groups_for_project(self, project_id): - """List all endpoint group to project associations for a project. - - :param project_id: identity of project to associate - :type project_id: string - :returns: None. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def list_projects_associated_with_endpoint_group(self, endpoint_group_id): - """List all projects associated with endpoint group. - - :param endpoint_group_id: identity of endpoint to associate - :type endpoint_group_id: string - :returns: None. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def remove_endpoint_group_from_project(self, endpoint_group_id, - project_id): - """Remove an endpoint to project association. - - :param endpoint_group_id: identity of endpoint to associate - :type endpoint_group_id: string - :param project_id: identity of project to associate - :type project_id: string - :raises keystone.exception.NotFound: If endpoint group project - association was not found. - :returns: None. - - """ - raise exception.NotImplemented() # pragma: no cover - - @abc.abstractmethod - def delete_endpoint_group_association_by_project(self, project_id): - """Remove endpoint group to project associations. - - :param project_id: identity of the project to check - :type project_id: string - :returns: None - - """ - raise exception.NotImplemented() # pragma: no cover - -Driver = manager.create_legacy_driver(CatalogDriverV8) diff --git a/keystone-moon/keystone/catalog/routers.py b/keystone-moon/keystone/catalog/routers.py deleted file mode 100644 index 8c6e96f0..00000000 --- a/keystone-moon/keystone/catalog/routers.py +++ /dev/null @@ -1,182 +0,0 @@ -# Copyright 2012 OpenStack Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -import functools - -from keystone.catalog import controllers -from keystone.common import json_home -from keystone.common import router -from keystone.common import wsgi - - -build_resource_relation = functools.partial( - json_home.build_v3_extension_resource_relation, - extension_name='OS-EP-FILTER', extension_version='1.0') - -build_parameter_relation = functools.partial( - json_home.build_v3_extension_parameter_relation, - extension_name='OS-EP-FILTER', extension_version='1.0') - -ENDPOINT_GROUP_PARAMETER_RELATION = build_parameter_relation( - parameter_name='endpoint_group_id') - - -class Routers(wsgi.RoutersBase): - """API for the keystone catalog. - - The API Endpoint Filter looks like:: - - PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} - GET /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} - HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} - DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} - GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects - GET /OS-EP-FILTER/projects/{project_id}/endpoints - GET /OS-EP-FILTER/projects/{project_id}/endpoint_groups - - GET /OS-EP-FILTER/endpoint_groups - POST /OS-EP-FILTER/endpoint_groups - GET /OS-EP-FILTER/endpoint_groups/{endpoint_group_id} - HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id} - PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group_id} - DELETE /OS-EP-FILTER/endpoint_groups/{endpoint_group_id} - - GET /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}/projects - GET /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}/endpoints - - PUT /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects/ - {project_id} - GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects/ - {project_id} - HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects/ - {project_id} - DELETE /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects/ - {project_id} - - """ - - PATH_PREFIX = '/OS-EP-FILTER' - PATH_PROJECT_ENDPOINT = '/projects/{project_id}/endpoints/{endpoint_id}' - PATH_ENDPOINT_GROUPS = '/endpoint_groups/{endpoint_group_id}' - PATH_ENDPOINT_GROUP_PROJECTS = PATH_ENDPOINT_GROUPS + ( - '/projects/{project_id}') - - def append_v3_routers(self, mapper, routers): - regions_controller = controllers.RegionV3() - endpoint_filter_controller = controllers.EndpointFilterV3Controller() - endpoint_group_controller = controllers.EndpointGroupV3Controller() - project_endpoint_group_controller = ( - controllers.ProjectEndpointGroupV3Controller()) - routers.append(router.Router(regions_controller, - 'regions', 'region', - resource_descriptions=self.v3_resources)) - - # Need to add an additional route to support PUT /regions/{region_id} - mapper.connect( - '/regions/{region_id}', - controller=regions_controller, - action='create_region_with_id', - conditions=dict(method=['PUT'])) - - routers.append(router.Router(controllers.ServiceV3(), - 'services', 'service', - resource_descriptions=self.v3_resources)) - routers.append(router.Router(controllers.EndpointV3(), - 'endpoints', 'endpoint', - resource_descriptions=self.v3_resources)) - - self._add_resource( - mapper, endpoint_filter_controller, - path=self.PATH_PREFIX + '/endpoints/{endpoint_id}/projects', - get_action='list_projects_for_endpoint', - rel=build_resource_relation(resource_name='endpoint_projects'), - path_vars={ - 'endpoint_id': json_home.Parameters.ENDPOINT_ID, - }) - self._add_resource( - mapper, endpoint_filter_controller, - path=self.PATH_PREFIX + self.PATH_PROJECT_ENDPOINT, - get_head_action='check_endpoint_in_project', - put_action='add_endpoint_to_project', - delete_action='remove_endpoint_from_project', - rel=build_resource_relation(resource_name='project_endpoint'), - path_vars={ - 'endpoint_id': json_home.Parameters.ENDPOINT_ID, - 'project_id': json_home.Parameters.PROJECT_ID, - }) - self._add_resource( - mapper, endpoint_filter_controller, - path=self.PATH_PREFIX + '/projects/{project_id}/endpoints', - get_action='list_endpoints_for_project', - rel=build_resource_relation(resource_name='project_endpoints'), - path_vars={ - 'project_id': json_home.Parameters.PROJECT_ID, - }) - self._add_resource( - mapper, endpoint_group_controller, - path=self.PATH_PREFIX + '/projects/{project_id}/endpoint_groups', - get_action='list_endpoint_groups_for_project', - rel=build_resource_relation( - resource_name='project_endpoint_groups'), - path_vars={ - 'project_id': json_home.Parameters.PROJECT_ID, - }) - self._add_resource( - mapper, endpoint_group_controller, - path=self.PATH_PREFIX + '/endpoint_groups', - get_action='list_endpoint_groups', - post_action='create_endpoint_group', - rel=build_resource_relation(resource_name='endpoint_groups')) - self._add_resource( - mapper, endpoint_group_controller, - path=self.PATH_PREFIX + self.PATH_ENDPOINT_GROUPS, - get_head_action='get_endpoint_group', - patch_action='update_endpoint_group', - delete_action='delete_endpoint_group', - rel=build_resource_relation(resource_name='endpoint_group'), - path_vars={ - 'endpoint_group_id': ENDPOINT_GROUP_PARAMETER_RELATION - }) - self._add_resource( - mapper, project_endpoint_group_controller, - path=self.PATH_PREFIX + self.PATH_ENDPOINT_GROUP_PROJECTS, - get_head_action='get_endpoint_group_in_project', - put_action='add_endpoint_group_to_project', - delete_action='remove_endpoint_group_from_project', - rel=build_resource_relation( - resource_name='endpoint_group_to_project_association'), - path_vars={ - 'project_id': json_home.Parameters.PROJECT_ID, - 'endpoint_group_id': ENDPOINT_GROUP_PARAMETER_RELATION - }) - self._add_resource( - mapper, endpoint_group_controller, - path=self.PATH_PREFIX + self.PATH_ENDPOINT_GROUPS + ( - '/projects'), - get_action='list_projects_associated_with_endpoint_group', - rel=build_resource_relation( - resource_name='projects_associated_with_endpoint_group'), - path_vars={ - 'endpoint_group_id': ENDPOINT_GROUP_PARAMETER_RELATION - }) - self._add_resource( - mapper, endpoint_group_controller, - path=self.PATH_PREFIX + self.PATH_ENDPOINT_GROUPS + ( - '/endpoints'), - get_action='list_endpoints_associated_with_endpoint_group', - rel=build_resource_relation( - resource_name='endpoints_in_endpoint_group'), - path_vars={ - 'endpoint_group_id': ENDPOINT_GROUP_PARAMETER_RELATION - }) diff --git a/keystone-moon/keystone/catalog/schema.py b/keystone-moon/keystone/catalog/schema.py deleted file mode 100644 index b9643131..00000000 --- a/keystone-moon/keystone/catalog/schema.py +++ /dev/null @@ -1,119 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -from keystone.common import validation -from keystone.common.validation import parameter_types - - -_region_properties = { - 'description': { - 'type': ['string', 'null'], - }, - # NOTE(lbragstad): Regions use ID differently. The user can specify the ID - # or it will be generated automatically. - 'id': { - 'type': 'string' - }, - 'parent_region_id': { - 'type': ['string', 'null'] - } -} - -region_create = { - 'type': 'object', - 'properties': _region_properties, - 'additionalProperties': True - # NOTE(lbragstad): No parameters are required for creating regions. -} - -region_update = { - 'type': 'object', - 'properties': _region_properties, - 'minProperties': 1, - 'additionalProperties': True -} - -_service_properties = { - 'enabled': parameter_types.boolean, - 'name': parameter_types.name, - 'type': { - 'type': 'string', - 'minLength': 1, - 'maxLength': 255 - } -} - -service_create = { - 'type': 'object', - 'properties': _service_properties, - 'required': ['type'], - 'additionalProperties': True, -} - -service_update = { - 'type': 'object', - 'properties': _service_properties, - 'minProperties': 1, - 'additionalProperties': True -} - -_endpoint_properties = { - 'enabled': parameter_types.boolean, - 'interface': { - 'type': 'string', - 'enum': ['admin', 'internal', 'public'] - }, - 'region_id': { - 'type': 'string' - }, - 'region': { - 'type': 'string' - }, - 'service_id': { - 'type': 'string' - }, - 'url': parameter_types.url -} - -endpoint_create = { - 'type': 'object', - 'properties': _endpoint_properties, - 'required': ['interface', 'service_id', 'url'], - 'additionalProperties': True -} - -endpoint_update = { - 'type': 'object', - 'properties': _endpoint_properties, - 'minProperties': 1, - 'additionalProperties': True -} - -_endpoint_group_properties = { - 'description': validation.nullable(parameter_types.description), - 'filters': { - 'type': 'object' - }, - 'name': parameter_types.name -} - -endpoint_group_create = { - 'type': 'object', - 'properties': _endpoint_group_properties, - 'required': ['name', 'filters'] -} - -endpoint_group_update = { - 'type': 'object', - 'properties': _endpoint_group_properties, - 'minProperties': 1 -} -- cgit 1.2.3-korg