diff options
| author | termie <github@anarkystic.com> | 2012-01-19 12:41:08 -0800 |
|---|---|---|
| committer | termie <github@anarkystic.com> | 2012-01-19 12:41:08 -0800 |
| commit | 781feaf6a8efb015db1be732f025c2d4339ab656 (patch) | |
| tree | ee7d3d4d44e483a9f472560e4b6107c191137ef7 | |
| parent | 89c378c2400d697059b3e5d81f65814424604c05 (diff) | |
add some docs that got overwritten last night
| -rw-r--r-- | keystone/identity/backends/kvs.py | 3 | ||||
| -rw-r--r-- | keystone/identity/backends/sql.py | 3 | ||||
| -rw-r--r-- | keystone/identity/core.py | 143 |
3 files changed, 147 insertions, 2 deletions
diff --git a/keystone/identity/backends/kvs.py b/keystone/identity/backends/kvs.py index ffdfb4f8..19b5d220 100644 --- a/keystone/identity/backends/kvs.py +++ b/keystone/identity/backends/kvs.py @@ -1,9 +1,10 @@ # vim: tabstop=4 shiftwidth=4 softtabstop=4 +from keystone import identity from keystone.common import kvs -class Identity(kvs.Base): +class Identity(kvs.Base, identity.Driver): # Public interface def authenticate(self, user_id=None, tenant_id=None, password=None): """Authenticate based on a user, tenant and password. diff --git a/keystone/identity/backends/sql.py b/keystone/identity/backends/sql.py index 634d895f..b2a3ffad 100644 --- a/keystone/identity/backends/sql.py +++ b/keystone/identity/backends/sql.py @@ -1,5 +1,6 @@ # vim: tabstop=4 shiftwidth=4 softtabstop=4 +from keystone import identity from keystone.common import sql from keystone.common.sql import migration @@ -83,7 +84,7 @@ class UserTenantMembership(sql.ModelBase, sql.DictBase): primary_key=True) -class Identity(sql.Base): +class Identity(sql.Base, identity.Driver): # Internal interface to manage the database def db_sync(self): migration.db_sync() diff --git a/keystone/identity/core.py b/keystone/identity/core.py index 14409513..9452b909 100644 --- a/keystone/identity/core.py +++ b/keystone/identity/core.py @@ -34,6 +34,149 @@ class Manager(manager.Manager): super(Manager, self).__init__(CONF.identity.driver) +class Driver(object): + """Interface description for an Identity driver.""" + + def authenticate(self, user_id=None, tenant_id=None, password=None): + """Authenticate a given user, tenant and password. + + Returns: (user, tenant, metadata). + + """ + raise NotImplementedError() + + def get_tenant(self, tenant_id): + """Get a tenant by id. + + Returns: tenant_ref or None. + + """ + raise NotImplementedError() + + def get_tenant_by_name(self, tenant_name): + """Get a tenant by name. + + Returns: tenant_ref or None. + + """ + raise NotImplementedError() + + def get_user(self, user_id): + """Get a user by id. + + Returns: user_ref or None. + + """ + raise NotImplementedError() + + def get_user_by_name(self, user_name): + """Get a user by name. + + Returns: user_ref or None. + + """ + raise NotImplementedError() + + def get_role(self, role_id): + """Get a role by id. + + Returns: role_ref or None. + + """ + raise NotImplementedError() + + def list_users(self): + """List all users in the system. + + NOTE(termie): I'd prefer if this listed only the users for a given + tenant. + + Returns: a list of user_refs or an empty list. + + """ + raise NotImplementedError() + + def list_roles(self): + """List all roles in the system. + + Returns: a list of role_refs or an empty list. + + """ + raise NotImplementedError() + + # NOTE(termie): six calls below should probably be exposed by the api + # more clearly when the api redesign happens + def add_user_to_tenant(self, tenant_id, user_id): + raise NotImplementedError() + + def remove_user_from_tenant(self, tenant_id, user_id): + raise NotImplementedError() + + def get_tenants_for_user(self, user_id): + """Get the tenants associated with a given user. + + Returns: a list of tenant ids. + + """ + raise NotImplementedError() + + def get_roles_for_user_and_tenant(self, user_id, tenant_id): + """Get the roles associated with a user within given tenant. + + Returns: a list of role ids. + + """ + raise NotImplementedError() + + def add_role_for_user_and_tenant(self, user_id, tenant_id, role_id): + """Add a role to a user within given tenant.""" + raise NotImplementedError() + + def remove_role_from_user_and_tenant(self, user_id, tenant_id, role_id): + """Remove a role from a user within given tenant.""" + raise NotImplementedError() + + # user crud + def create_user(self, user_id, user): + raise NotImplementedError() + + def update_user(self, user_id, user): + raise NotImplementedError() + + def delete_user(self, user_id): + raise NotImplementedError() + + # tenant crud + def create_tenant(self, tenant_id, tenant): + raise NotImplementedError() + + def update_tenant(self, tenant_id, tenant): + raise NotImplementedError() + + def delete_tenant(self, tenant_id, tenant): + raise NotImplementedError() + + # metadata crud + def create_metadata(self, user_id, tenant_id, metadata): + raise NotImplementedError() + + def update_metadata(self, user_id, tenant_id, metadata): + raise NotImplementedError() + + def delete_metadata(self, user_id, tenant_id, metadata): + raise NotImplementedError() + + # role crud + def create_role(self, role_id, role): + raise NotImplementedError() + + def update_role(self, role_id, role): + raise NotImplementedError() + + def delete_role(self, role_id): + raise NotImplementedError() + + class PublicRouter(wsgi.ComposableRouter): def add_routes(self, mapper): tenant_controller = TenantController() |