diff options
| author | Dolph Mathews <dolph.mathews@gmail.com> | 2013-03-21 11:45:03 -0500 |
|---|---|---|
| committer | Dolph Mathews <dolph.mathews@gmail.com> | 2013-03-21 13:44:15 -0500 |
| commit | 63b8a82b31fbfa09b539d0a56cdcc942fe2b9ebd (patch) | |
| tree | 26c163451431d2d71b250892eb681bfa05f3c8d9 /keystone | |
| parent | 4b8cab7b3753ba3de9f93175636858555d575be6 (diff) | |
| download | keystone-63b8a82b31fbfa09b539d0a56cdcc942fe2b9ebd.tar.gz keystone-63b8a82b31fbfa09b539d0a56cdcc942fe2b9ebd.tar.xz keystone-63b8a82b31fbfa09b539d0a56cdcc942fe2b9ebd.zip | |
Move trusts to extension
Change-Id: I32b32fc5df8d8483ae8e99067f0655c13c6f520b
Diffstat (limited to 'keystone')
| -rw-r--r-- | keystone/auth/controllers.py | 9 | ||||
| -rw-r--r-- | keystone/auth/token_factory.py | 2 | ||||
| -rw-r--r-- | keystone/trust/routers.py | 14 |
3 files changed, 13 insertions, 12 deletions
diff --git a/keystone/auth/controllers.py b/keystone/auth/controllers.py index 66ff6230..1ab9de03 100644 --- a/keystone/auth/controllers.py +++ b/keystone/auth/controllers.py @@ -171,9 +171,9 @@ class AuthInfo(object): return if sum(['project' in self.auth['scope'], 'domain' in self.auth['scope'], - 'trust' in self.auth['scope']]) != 1: + 'RH-TRUST:trust' in self.auth['scope']]) != 1: raise exception.ValidationError( - attribute='project, domain, or trust', + attribute='project, domain, or RH-TRUST:trust', target='scope') if 'project' in self.auth['scope']: @@ -182,10 +182,11 @@ class AuthInfo(object): elif 'domain' in self.auth['scope']: domain_ref = self._lookup_domain(self.auth['scope']['domain']) self._scope_data = (domain_ref['id'], None, None) - elif 'trust' in self.auth['scope']: + elif 'RH-TRUST:trust' in self.auth['scope']: if not CONF.trust.enabled: raise exception.Forbidden('Trusts are disabled.') - trust_ref = self._lookup_trust(self.auth['scope']['trust']) + trust_ref = self._lookup_trust( + self.auth['scope']['RH-TRUST:trust']) #TODO ayoung when trusts support domain, Fill in domain data here if 'project_id' in trust_ref: project_ref = self._lookup_project( diff --git a/keystone/auth/token_factory.py b/keystone/auth/token_factory.py index c16d88dd..430c442a 100644 --- a/keystone/auth/token_factory.py +++ b/keystone/auth/token_factory.py @@ -114,7 +114,7 @@ class TokenDataHelper(object): raise exception.Forbidden() if trust['impersonation']: user_ref = trustor_user_ref - token_data['trust'] = ( + token_data['RH-TRUST:trust'] = ( { 'id': trust['id'], 'trustor_user': {'id': trust['trustor_user_id']}, diff --git a/keystone/trust/routers.py b/keystone/trust/routers.py index b1378628..9f9ce3e5 100644 --- a/keystone/trust/routers.py +++ b/keystone/trust/routers.py @@ -22,37 +22,37 @@ from keystone.common import router def append_v3_routers(mapper, routers): trust_controller = controllers.TrustV3() - mapper.connect('/trusts', + mapper.connect('/RH-TRUST/trusts', controller=trust_controller, action='create_trust', conditions=dict(method=['POST'])) - mapper.connect('/trusts', + mapper.connect('/RH-TRUST/trusts', controller=trust_controller, action='list_trusts', conditions=dict(method=['GET'])) - mapper.connect('/trusts/{trust_id}', + mapper.connect('/RH-TRUST/trusts/{trust_id}', controller=trust_controller, action='delete_trust', conditions=dict(method=['DELETE'])) - mapper.connect('/trusts/{trust_id}', + mapper.connect('/RH-TRUST/trusts/{trust_id}', controller=trust_controller, action='get_trust', conditions=dict(method=['GET'])) - mapper.connect('/trusts/{trust_id}/roles', + mapper.connect('/RH-TRUST/trusts/{trust_id}/roles', controller=trust_controller, action='list_roles_for_trust', conditions=dict(method=['GET'])) - mapper.connect('/trusts/{trust_id}/roles/{role_id}', + mapper.connect('/RH-TRUST/trusts/{trust_id}/roles/{role_id}', controller=trust_controller, action='check_role_for_trust', conditions=dict(method=['HEAD'])) - mapper.connect('/trusts/{trust_id}/roles/{role_id}', + mapper.connect('/RH-TRUST/trusts/{trust_id}/roles/{role_id}', controller=trust_controller, action='get_role_for_trust', conditions=dict(method=['GET'])) |