diff options
| -rw-r--r-- | keystone/common/models.py | 4 | ||||
| -rw-r--r-- | keystone/contrib/ec2/core.py | 6 | ||||
| -rw-r--r-- | keystone/exception.py | 6 | ||||
| -rw-r--r-- | keystone/identity/backends/kvs.py | 14 | ||||
| -rw-r--r-- | keystone/identity/backends/ldap/core.py | 76 | ||||
| -rw-r--r-- | keystone/identity/backends/sql.py | 61 | ||||
| -rw-r--r-- | keystone/identity/controllers.py | 2 | ||||
| -rw-r--r-- | keystone/identity/core.py | 19 | ||||
| -rw-r--r-- | keystone/token/controllers.py | 4 | ||||
| -rw-r--r-- | keystone/token/core.py | 2 | ||||
| -rw-r--r-- | tests/test_backend.py | 24 | ||||
| -rw-r--r-- | tests/test_backend_kvs.py | 2 | ||||
| -rw-r--r-- | tests/test_backend_ldap.py | 4 | ||||
| -rw-r--r-- | tests/test_backend_sql.py | 4 |
14 files changed, 113 insertions, 115 deletions
diff --git a/keystone/common/models.py b/keystone/common/models.py index 6312e38c..72818111 100644 --- a/keystone/common/models.py +++ b/keystone/common/models.py @@ -116,8 +116,8 @@ class Group(Model): optional_keys = ('domain_id', 'description') -class Tenant(Model): - """Tenant object. +class Project(Model): + """Project object. Required keys: id diff --git a/keystone/contrib/ec2/core.py b/keystone/contrib/ec2/core.py index baef0bd9..94e51a22 100644 --- a/keystone/contrib/ec2/core.py +++ b/keystone/contrib/ec2/core.py @@ -334,12 +334,12 @@ class Ec2Controller(controller.V2Controller): """Ensure a valid tenant id. :param context: standard context - :param user_id: expected credential owner - :raises exception.UserNotFound: on failure + :param tenant_id: expected tenant + :raises exception.ProjectNotFound: on failure """ tenant_ref = self.identity_api.get_tenant( context=context, tenant_id=tenant_id) if not tenant_ref: - raise exception.TenantNotFound(tenant_id=tenant_id) + raise exception.ProjectNotFound(project_id=tenant_id) diff --git a/keystone/exception.py b/keystone/exception.py index 2787e064..fe978061 100644 --- a/keystone/exception.py +++ b/keystone/exception.py @@ -143,11 +143,7 @@ class DomainNotFound(NotFound): """Could not find domain: %(domain_id)s""" -class TenantNotFound(NotFound): - """Could not find tenant: %(tenant_id)s""" - - -class ProjectNotFound(TenantNotFound): +class ProjectNotFound(NotFound): """Could not find project: %(project_id)s""" diff --git a/keystone/identity/backends/kvs.py b/keystone/identity/backends/kvs.py index 3c0a0c40..674d24ca 100644 --- a/keystone/identity/backends/kvs.py +++ b/keystone/identity/backends/kvs.py @@ -49,7 +49,7 @@ class Identity(kvs.Base, identity.Driver): try: tenant_ref = self.get_tenant(tenant_id) metadata_ref = self.get_metadata(user_id, tenant_id) - except exception.TenantNotFound: + except exception.ProjectNotFound: tenant_ref = None metadata_ref = {} except exception.MetadataNotFound: @@ -61,7 +61,7 @@ class Identity(kvs.Base, identity.Driver): try: return self.db.get('tenant-%s' % tenant_id) except exception.NotFound: - raise exception.TenantNotFound(tenant_id=tenant_id) + raise exception.ProjectNotFound(project_id=tenant_id) def get_tenants(self): tenant_keys = filter(lambda x: x.startswith("tenant-"), self.db.keys()) @@ -71,7 +71,7 @@ class Identity(kvs.Base, identity.Driver): try: return self.db.get('tenant_name-%s' % tenant_name) except exception.NotFound: - raise exception.TenantNotFound(tenant_id=tenant_name) + raise exception.ProjectNotFound(project_id=tenant_name) def get_tenant_users(self, tenant_id): self.get_tenant(tenant_id) @@ -287,7 +287,7 @@ class Identity(kvs.Base, identity.Driver): tenant['name'] = clean.tenant_name(tenant['name']) try: self.get_tenant(tenant_id) - except exception.TenantNotFound: + except exception.ProjectNotFound: pass else: msg = 'Duplicate ID, %s.' % tenant_id @@ -295,7 +295,7 @@ class Identity(kvs.Base, identity.Driver): try: self.get_tenant_by_name(tenant['name']) - except exception.TenantNotFound: + except exception.ProjectNotFound: pass else: msg = 'Duplicate name, %s.' % tenant['name'] @@ -319,7 +319,7 @@ class Identity(kvs.Base, identity.Driver): try: old_tenant = self.db.get('tenant-%s' % tenant_id) except exception.NotFound: - raise exception.TenantNotFound(tenant_id=tenant_id) + raise exception.ProjectNotFound(project_id=tenant_id) new_tenant = old_tenant.copy() new_tenant.update(tenant) new_tenant['id'] = tenant_id @@ -332,7 +332,7 @@ class Identity(kvs.Base, identity.Driver): try: old_tenant = self.db.get('tenant-%s' % tenant_id) except exception.NotFound: - raise exception.TenantNotFound(tenant_id=tenant_id) + raise exception.ProjectNotFound(project_id=tenant_id) self.db.delete('tenant_name-%s' % old_tenant['name']) self.db.delete('tenant-%s' % tenant_id) diff --git a/keystone/identity/backends/ldap/core.py b/keystone/identity/backends/ldap/core.py index 175ff02c..0d4a54c1 100644 --- a/keystone/identity/backends/ldap/core.py +++ b/keystone/identity/backends/ldap/core.py @@ -41,7 +41,7 @@ class Identity(identity.Driver): self.suffix = CONF.ldap.suffix self.user = UserApi(CONF) - self.tenant = TenantApi(CONF) + self.tenant = ProjectApi(CONF) self.role = RoleApi(CONF) self.group = GroupApi(CONF) @@ -89,7 +89,7 @@ class Identity(identity.Driver): # TODO(termie): this should probably be made into a # get roles call metadata_ref = self.get_metadata(user_id, tenant_id) - except exception.TenantNotFound: + except exception.ProjectNotFound: tenant_ref = None metadata_ref = {} except exception.MetadataNotFound: @@ -101,7 +101,7 @@ class Identity(identity.Driver): try: return self.tenant.get(tenant_id) except exception.NotFound: - raise exception.TenantNotFound(tenant_id=tenant_id) + raise exception.ProjectNotFound(project_id=tenant_id) def get_tenants(self): return self.tenant.get_all() @@ -110,7 +110,7 @@ class Identity(identity.Driver): try: return self.tenant.get_by_name(tenant_name) except exception.NotFound: - raise exception.TenantNotFound(tenant_id=tenant_name) + raise exception.ProjectNotFound(project_id=tenant_name) def _get_user(self, user_id): try: @@ -240,7 +240,7 @@ class Identity(identity.Driver): try: return self.tenant.delete(tenant_id) except ldap.NO_SUCH_OBJECT: - raise exception.TenantNotFound(tenant_id=tenant_id) + raise exception.ProjectNotFound(project_id=tenant_id) def delete_user(self, user_id): try: @@ -307,7 +307,7 @@ class ApiShim(object): @property def tenant(self): if not self._tenant: - self._tenant = TenantApi(self.conf) + self._tenant = ProjectApi(self.conf) return self._tenant @property @@ -332,7 +332,7 @@ class ApiShimMixin(object): return self.api.role @property - def tenant_api(self): + def project_api(self): return self.api.tenant @property @@ -412,7 +412,7 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin): values = super(UserApi, self).create(values) tenant_id = values.get('tenant_id') if tenant_id is not None: - self.tenant_api.add_user(values['tenant_id'], values['id']) + self.project_api.add_user(values['tenant_id'], values['id']) return values def update(self, id, values): @@ -431,9 +431,9 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin): else: if old_obj.get('tenant_id') != new_tenant: if old_obj['tenant_id']: - self.tenant_api.remove_user(old_obj['tenant_id'], id) + self.project_api.remove_user(old_obj['tenant_id'], id) if new_tenant: - self.tenant_api.add_user(new_tenant, id) + self.project_api.add_user(new_tenant, id) values = utils.hash_ldap_user_password(values) if self.enabled_mask: @@ -444,7 +444,7 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin): def delete(self, id): user = self.get(id) if hasattr(user, 'tenant_id'): - self.tenant_api.remove_user(user.tenant_id, id) + self.project_api.remove_user(user.tenant_id, id) super(UserApi, self).delete(id) @@ -469,8 +469,8 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin): def get_by_tenant(self, user_id, tenant_id): user_dn = self._id_to_dn(user_id) user = self.get(user_id) - tenant = self.tenant_api._ldap_get(tenant_id, - '(member=%s)' % (user_dn,)) + tenant = self.project_api._ldap_get(tenant_id, + '(member=%s)' % (user_dn,)) if tenant is not None: return user else: @@ -491,12 +491,12 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin): def users_get_by_tenant_get_page(self, tenant_id, role_id, marker, limit): return self._get_page(marker, limit, - self.tenant_api.get_users(tenant_id, role_id)) + self.project_api.get_users(tenant_id, role_id)) def users_get_by_tenant_get_page_markers(self, tenant_id, role_id, marker, limit): return self._get_page_markers( - marker, limit, self.tenant_api.get_users(tenant_id, role_id)) + marker, limit, self.project_api.get_users(tenant_id, role_id)) def check_password(self, user_id, password): user = self.get(user_id) @@ -504,7 +504,7 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin): # TODO(termie): turn this into a data object and move logic to driver -class TenantApi(common_ldap.BaseLdap, ApiShimMixin): +class ProjectApi(common_ldap.BaseLdap, ApiShimMixin): DEFAULT_OU = 'ou=Groups' DEFAULT_STRUCTURAL_CLASSES = [] DEFAULT_OBJECTCLASS = 'groupOfNames' @@ -516,10 +516,10 @@ class TenantApi(common_ldap.BaseLdap, ApiShimMixin): 'description': 'desc', 'tenantId': 'cn', 'enabled': 'enabled'} - model = models.Tenant + model = models.Project def __init__(self, conf): - super(TenantApi, self).__init__(conf) + super(ProjectApi, self).__init__(conf) self.api = ApiShim(conf) self.attribute_mapping['name'] = conf.ldap.tenant_name_attribute self.attribute_mapping['description'] = conf.ldap.tenant_desc_attribute @@ -530,11 +530,11 @@ class TenantApi(common_ldap.BaseLdap, ApiShimMixin): or self.DEFAULT_ATTRIBUTE_IGNORE) def get(self, id, filter=None): - """Replaces exception.NotFound with exception.TenantNotFound.""" + """Replaces exception.NotFound with exception.ProjectNotFound.""" try: - return super(TenantApi, self).get(id, filter) + return super(ProjectApi, self).get(id, filter) except exception.NotFound: - raise exception.TenantNotFound(tenant_id=id) + raise exception.ProjectNotFound(project_id=id) def get_by_name(self, name, filter=None): # pylint: disable=W0221,W0613 search_filter = ('(%s=%s)' @@ -544,14 +544,14 @@ class TenantApi(common_ldap.BaseLdap, ApiShimMixin): try: return tenants[0] except IndexError: - raise exception.TenantNotFound(tenant_id=name) + raise exception.ProjectNotFound(project_id=name) def create(self, values): self.affirm_unique(values) data = values.copy() if data.get('id') is None: data['id'] = uuid.uuid4().hex - return super(TenantApi, self).create(data) + return super(ProjectApi, self).create(data) def get_user_tenants(self, user_id): """Returns list of tenants a user has access to @@ -625,20 +625,20 @@ class TenantApi(common_ldap.BaseLdap, ApiShimMixin): def delete(self, id): if self.subtree_delete_enabled: - super(TenantApi, self).deleteTree(id) + super(ProjectApi, self).deleteTree(id) else: self.role_api.roles_delete_subtree_by_tenant(id) - super(TenantApi, self).delete(id) + super(ProjectApi, self).delete(id) def update(self, id, values): try: old_obj = self.get(id) except exception.NotFound: - raise exception.TenantNotFound(tenant_id=id) + raise exception.ProjectNotFound(project_id=id) if old_obj['name'] != values['name']: msg = 'Changing Name not supported by LDAP' raise exception.NotImplemented(message=msg) - super(TenantApi, self).update(id, values, old_obj) + super(ProjectApi, self).update(id, values, old_obj) class UserRoleAssociation(object): @@ -672,7 +672,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin): attribute_mapping = {'name': 'cn', #'serviceId': 'service_id', } - model = models.Tenant + model = models.Role def __init__(self, conf): super(RoleApi, self).__init__(conf) @@ -713,7 +713,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin): else: return '%s=%s,%s' % (self.id_attr, ldap.dn.escape_dn_chars(role_id), - self.tenant_api._id_to_dn(tenant_id)) + self.project_api._id_to_dn(tenant_id)) def get(self, id, filter=None): model = super(RoleApi, self).get(id, filter) @@ -803,7 +803,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin): def get_role_assignments(self, tenant_id): conn = self.get_connection() query = '(objectClass=%s)' % self.object_class - tenant_dn = self.tenant_api._id_to_dn(tenant_id) + tenant_dn = self.project_api._id_to_dn(tenant_id) try: roles = conn.search_s(tenant_dn, ldap.SCOPE_ONELEVEL, query) @@ -844,7 +844,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin): self.member_attribute, user_dn) if tenant_id is not None: - tenant_dn = self.tenant_api._id_to_dn(tenant_id) + tenant_dn = self.project_api._id_to_dn(tenant_id) try: roles = conn.search_s(tenant_dn, ldap.SCOPE_ONELEVEL, query) except ldap.NO_SUCH_OBJECT: @@ -860,7 +860,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin): tenant_id=tenant_id)) else: try: - roles = conn.search_s(self.tenant_api.tree_dn, + roles = conn.search_s(self.project_api.tree_dn, ldap.SCOPE_SUBTREE, query) except ldap.NO_SUCH_OBJECT: @@ -911,7 +911,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin): if tenant_id is None: all_roles += self.list_global_roles_for_user(user_id) else: - for tenant in self.tenant_api.get_all(): + for tenant in self.project_api.get_all(): all_roles += self.list_tenant_roles_for_user(user_id, tenant['id']) return self._get_page(marker, limit, all_roles) @@ -921,7 +921,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin): if tenant_id is None: all_roles = self.list_global_roles_for_user(user_id) else: - for tenant in self.tenant_api.get_all(): + for tenant in self.project_api.get_all(): all_roles += self.list_tenant_roles_for_user(user_id, tenant['id']) return self._get_page_markers(marker, limit, all_roles) @@ -956,7 +956,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin): tenant_id = None if tenant_dns is not None: for tenant_dn in tenant_dns: - tenant_id = self.tenant_api._dn_to_id(tenant_dn) + tenant_id = self.project_api._dn_to_id(tenant_dn) role_id = self._dn_to_id(role_dn) res.append(UserRoleAssociation( id=self._create_ref(role_id, tenant_id, user_id), @@ -968,7 +968,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin): def roles_delete_subtree_by_tenant(self, tenant_id): conn = self.get_connection() query = '(objectClass=%s)' % self.object_class - tenant_dn = self.tenant_api._id_to_dn(tenant_id) + tenant_dn = self.project_api._id_to_dn(tenant_id) try: roles = conn.search_s(tenant_dn, ldap.SCOPE_ONELEVEL, query) for role_dn, _ in roles: @@ -987,7 +987,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin): user_dn) if tenant_id is not None: - tenant_dn = self.tenant_api._id_to_dn(tenant_id) + tenant_dn = self.project_api._id_to_dn(tenant_id) try: roles = conn.search_s(tenant_dn, ldap.SCOPE_ONELEVEL, query) except ldap.NO_SUCH_OBJECT: @@ -1040,7 +1040,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin): conn = self.get_connection() query = '(&(objectClass=%s)(%s=%s))' % (self.object_class, self.id_attr, id) - tenant_dn = self.tenant_api.tree_dn + tenant_dn = self.project_api.tree_dn try: for role_dn, _ in conn.search_s(tenant_dn, ldap.SCOPE_SUBTREE, diff --git a/keystone/identity/backends/sql.py b/keystone/identity/backends/sql.py index 0d477fd0..76ee3cb8 100644 --- a/keystone/identity/backends/sql.py +++ b/keystone/identity/backends/sql.py @@ -80,7 +80,7 @@ class Domain(sql.ModelBase, sql.DictBase): # TODO(dolph): rename to Project -class Tenant(sql.ModelBase, sql.DictBase): +class Project(sql.ModelBase, sql.DictBase): __tablename__ = 'project' attributes = ['id', 'name'] id = sql.Column(sql.String(64), primary_key=True) @@ -139,8 +139,8 @@ class GroupDomainGrant(sql.ModelBase, BaseGrant): # TODO(dolph): ... do we need this table? -class UserTenantMembership(sql.ModelBase, sql.DictBase): - """Tenant membership join table.""" +class UserProjectMembership(sql.ModelBase, sql.DictBase): + """Project membership join table.""" __tablename__ = 'user_project_membership' user_id = sql.Column(sql.String(64), sql.ForeignKey('user.id'), @@ -207,7 +207,7 @@ class Identity(sql.Base, identity.Driver): try: tenant_ref = self.get_tenant(tenant_id) metadata_ref = self.get_metadata(user_id, tenant_id) - except exception.TenantNotFound: + except exception.ProjectNotFound: tenant_ref = None metadata_ref = {} except exception.MetadataNotFound: @@ -217,24 +217,24 @@ class Identity(sql.Base, identity.Driver): def get_tenant(self, tenant_id): session = self.get_session() - tenant_ref = session.query(Tenant).filter_by(id=tenant_id).first() + tenant_ref = session.query(Project).filter_by(id=tenant_id).first() if tenant_ref is None: - raise exception.TenantNotFound(tenant_id=tenant_id) + raise exception.ProjectNotFound(project_id=tenant_id) return tenant_ref.to_dict() def get_tenant_by_name(self, tenant_name): session = self.get_session() - tenant_ref = session.query(Tenant).filter_by(name=tenant_name).first() + tenant_ref = session.query(Project).filter_by(name=tenant_name).first() if not tenant_ref: - raise exception.TenantNotFound(tenant_id=tenant_name) + raise exception.ProjectNotFound(project_id=tenant_name) return tenant_ref.to_dict() def get_tenant_users(self, tenant_id): session = self.get_session() self.get_tenant(tenant_id) query = session.query(User) - query = query.join(UserTenantMembership) - query = query.filter(UserTenantMembership.tenant_id == tenant_id) + query = query.join(UserProjectMembership) + query = query.filter(UserProjectMembership.tenant_id == tenant_id) user_refs = query.all() return [identity.filter_user(user_ref.to_dict()) for user_ref in user_refs] @@ -371,7 +371,7 @@ class Identity(sql.Base, identity.Driver): session = self.get_session() self.get_tenant(tenant_id) self.get_user(user_id) - query = session.query(UserTenantMembership) + query = session.query(UserProjectMembership) query = query.filter_by(user_id=user_id) query = query.filter_by(tenant_id=tenant_id) rv = query.first() @@ -379,15 +379,15 @@ class Identity(sql.Base, identity.Driver): return with session.begin(): - session.add(UserTenantMembership(user_id=user_id, - tenant_id=tenant_id)) + session.add(UserProjectMembership(user_id=user_id, + tenant_id=tenant_id)) session.flush() def remove_user_from_tenant(self, tenant_id, user_id): session = self.get_session() self.get_tenant(tenant_id) self.get_user(user_id) - query = session.query(UserTenantMembership) + query = session.query(UserProjectMembership) query = query.filter_by(user_id=user_id) query = query.filter_by(tenant_id=tenant_id) membership_ref = query.first() @@ -399,13 +399,13 @@ class Identity(sql.Base, identity.Driver): def get_tenants(self): session = self.get_session() - tenant_refs = session.query(Tenant).all() + tenant_refs = session.query(Project).all() return [tenant_ref.to_dict() for tenant_ref in tenant_refs] def get_tenants_for_user(self, user_id): session = self.get_session() self.get_user(user_id) - query = session.query(UserTenantMembership) + query = session.query(UserProjectMembership) query = query.filter_by(user_id=user_id) membership_refs = query.all() return [x.tenant_id for x in membership_refs] @@ -466,7 +466,7 @@ class Identity(sql.Base, identity.Driver): tenant['name'] = clean.tenant_name(tenant['name']) session = self.get_session() with session.begin(): - tenant_ref = Tenant.from_dict(tenant) + tenant_ref = Project.from_dict(tenant) session.add(tenant_ref) session.flush() return tenant_ref.to_dict() @@ -479,15 +479,15 @@ class Identity(sql.Base, identity.Driver): tenant['name'] = clean.tenant_name(tenant['name']) try: - tenant_ref = session.query(Tenant).filter_by(id=tenant_id).one() + tenant_ref = session.query(Project).filter_by(id=tenant_id).one() except sql.NotFound: - raise exception.TenantNotFound(tenant_id=tenant_id) + raise exception.ProjectNotFound(project_id=tenant_id) with session.begin(): old_tenant_dict = tenant_ref.to_dict() for k in tenant: old_tenant_dict[k] = tenant[k] - new_tenant = Tenant.from_dict(old_tenant_dict) + new_tenant = Project.from_dict(old_tenant_dict) tenant_ref.name = new_tenant.name tenant_ref.extra = new_tenant.extra session.flush() @@ -497,12 +497,12 @@ class Identity(sql.Base, identity.Driver): session = self.get_session() try: - tenant_ref = session.query(Tenant).filter_by(id=tenant_id).one() + tenant_ref = session.query(Project).filter_by(id=tenant_id).one() except sql.NotFound: - raise exception.TenantNotFound(tenant_id=tenant_id) + raise exception.ProjectNotFound(project_id=tenant_id) with session.begin(): - q = session.query(UserTenantMembership) + q = session.query(UserProjectMembership) q = q.filter_by(tenant_id=tenant_id) q.delete(False) @@ -514,8 +514,9 @@ class Identity(sql.Base, identity.Driver): q = q.filter_by(project_id=tenant_id) q.delete(False) - if not session.query(Tenant).filter_by(id=tenant_id).delete(False): - raise exception.TenantNotFound(tenant_id=tenant_id) + delete_query = session.query(Project).filter_by(id=tenant_id) + if not delete_query.delete(False): + raise exception.ProjectNotFound(project_id=tenant_id) session.delete(tenant_ref) session.flush() @@ -642,14 +643,14 @@ class Identity(sql.Base, identity.Driver): def update_project(self, project_id, project): session = self.get_session() with session.begin(): - ref = session.query(Tenant).filter_by(id=project_id).first() + ref = session.query(Project).filter_by(id=project_id).first() if ref is None: - raise exception.TenantNotFound(project_id=project_id) + raise exception.ProjectNotFound(project_id=project_id) old_dict = ref.to_dict() for k in project: old_dict[k] = project[k] - new_project = Tenant.from_dict(old_dict) - for attr in Tenant.attributes: + new_project = Project.from_dict(old_dict) + for attr in Project.attributes: if attr != 'id': setattr(ref, attr, getattr(new_project, attr)) ref.extra = new_project.extra @@ -804,7 +805,7 @@ class Identity(sql.Base, identity.Driver): raise exception.UserNotFound(user_id=user_id) with session.begin(): - q = session.query(UserTenantMembership) + q = session.query(UserProjectMembership) q = q.filter_by(user_id=user_id) q.delete(False) diff --git a/keystone/identity/controllers.py b/keystone/identity/controllers.py index 0ae54202..1d4a1a58 100644 --- a/keystone/identity/controllers.py +++ b/keystone/identity/controllers.py @@ -178,7 +178,7 @@ class User(controller.V2Controller): tenant_id = user.get('tenantId', None) if (tenant_id is not None and self.identity_api.get_tenant(context, tenant_id) is None): - raise exception.TenantNotFound(tenant_id=tenant_id) + raise exception.ProjectNotFound(project_id=tenant_id) user_id = uuid.uuid4().hex user_ref = user.copy() user_ref['id'] = user_id diff --git a/keystone/identity/core.py b/keystone/identity/core.py index fa9c089c..73541a9a 100644 --- a/keystone/identity/core.py +++ b/keystone/identity/core.py @@ -76,7 +76,7 @@ class Driver(object): """Get a tenant by id. :returns: tenant_ref - :raises: keystone.exception.TenantNotFound + :raises: keystone.exception.ProjectNotFound """ raise exception.NotImplemented() @@ -85,7 +85,7 @@ class Driver(object): """Get a tenant by name. :returns: tenant_ref - :raises: keystone.exception.TenantNotFound + :raises: keystone.exception.ProjectNotFound """ raise exception.NotImplemented() @@ -102,7 +102,7 @@ class Driver(object): def add_user_to_tenant(self, tenant_id, user_id): """Add user to a tenant without an explicit role relationship. - :raises: keystone.exception.TenantNotFound, + :raises: keystone.exception.ProjectNotFound, keystone.exception.UserNotFound """ @@ -111,7 +111,7 @@ class Driver(object): def remove_user_from_tenant(self, tenant_id, user_id): """Remove user from a tenant without an explicit role relationship. - :raises: keystone.exception.TenantNotFound, + :raises: keystone.exception.ProjectNotFound, keystone.exception.UserNotFound """ @@ -153,7 +153,7 @@ class Driver(object): :returns: a list of role ids. :raises: keystone.exception.UserNotFound, - keystone.exception.TenantNotFound + keystone.exception.ProjectNotFound """ raise exception.NotImplemented() @@ -162,7 +162,7 @@ class Driver(object): """Add a role to a user within given tenant. :raises: keystone.exception.UserNotFound, - keystone.exception.TenantNotFound, + keystone.exception.ProjectNotFound, keystone.exception.RoleNotFound """ raise exception.NotImplemented() @@ -171,7 +171,7 @@ class Driver(object): """Remove a role from a user within given tenant. :raises: keystone.exception.UserNotFound, - keystone.exception.TenantNotFound, + keystone.exception.ProjectNotFound, keystone.exception.RoleNotFound """ @@ -189,7 +189,8 @@ class Driver(object): def update_tenant(self, tenant_id, tenant): """Updates an existing tenant. - :raises: keystone.exception.TenantNotFound, keystone.exception.Conflict + :raises: keystone.exception.ProjectNotFound, + keystone.exception.Conflict """ raise exception.NotImplemented() @@ -197,7 +198,7 @@ class Driver(object): def delete_tenant(self, tenant_id): """Deletes an existing tenant. - :raises: keystone.exception.TenantNotFound + :raises: keystone.exception.ProjectNotFound """ raise exception.NotImplemented() diff --git a/keystone/token/controllers.py b/keystone/token/controllers.py index a2015695..d9759404 100644 --- a/keystone/token/controllers.py +++ b/keystone/token/controllers.py @@ -329,7 +329,7 @@ class Auth(controller.V2Controller): tenant_ref = self.identity_api.get_tenant_by_name( context=context, tenant_name=tenant_name) tenant_id = tenant_ref['id'] - except exception.TenantNotFound as e: + except exception.ProjectNotFound as e: raise exception.Unauthorized(e) return tenant_id @@ -347,7 +347,7 @@ class Auth(controller.V2Controller): try: tenant_ref = self.identity_api.get_tenant(context=context, tenant_id=tenant_id) - except exception.TenantNotFound as e: + except exception.ProjectNotFound as e: exception.Unauthorized(e) return tenant_ref diff --git a/keystone/token/core.py b/keystone/token/core.py index e8da9f1d..68bd94cd 100644 --- a/keystone/token/core.py +++ b/keystone/token/core.py @@ -147,6 +147,6 @@ class Driver(object): """Invalidates all tokens held by a user (optionally for a tenant). :raises: keystone.exception.UserNotFound, - keystone.exception.TenantNotFound + keystone.exception.ProjectNotFound """ raise exception.NotImplemented() diff --git a/tests/test_backend.py b/tests/test_backend.py index 9e0bffff..672a8ffc 100644 --- a/tests/test_backend.py +++ b/tests/test_backend.py @@ -111,7 +111,7 @@ class IdentityTests(object): self.assertDictEqual(tenant_ref, self.tenant_bar) def test_get_tenant_404(self): - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.get_tenant, tenant_id=uuid.uuid4().hex) @@ -121,12 +121,12 @@ class IdentityTests(object): self.assertDictEqual(tenant_ref, self.tenant_bar) def test_get_tenant_by_name_404(self): - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.get_tenant, tenant_id=uuid.uuid4().hex) def test_get_tenant_users_404(self): - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.get_tenant_users, tenant_id=uuid.uuid4().hex) @@ -307,7 +307,7 @@ class IdentityTests(object): self.identity_api.update_tenant('fake1', tenant) tenant_ref = self.identity_api.get_tenant('fake1') self.assertEqual(tenant_ref['id'], 'fake1') - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.get_tenant, 'fake2') @@ -347,7 +347,7 @@ class IdentityTests(object): uuid.uuid4().hex, self.tenant_bar['id']) - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.get_roles_for_user_and_tenant, self.user_foo['id'], uuid.uuid4().hex) @@ -359,7 +359,7 @@ class IdentityTests(object): self.tenant_bar['id'], 'keystone_admin') - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.add_role_to_user_and_tenant, self.user_foo['id'], uuid.uuid4().hex, @@ -417,7 +417,7 @@ class IdentityTests(object): user_id=uuid.uuid4().hex, project_id=self.tenant_bar['id']) - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.list_grants, user_id=self.user_foo['id'], project_id=uuid.uuid4().hex) @@ -429,7 +429,7 @@ class IdentityTests(object): project_id=self.tenant_bar['id'], role_id='keystone_admin') - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.create_grant, user_id=self.user_foo['id'], project_id=uuid.uuid4().hex, @@ -596,7 +596,7 @@ class IdentityTests(object): self.assertIn(self.tenant_bar['id'], tenants) def test_add_user_to_tenant_404(self): - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.add_user_to_tenant, uuid.uuid4().hex, self.user_foo['id']) @@ -615,7 +615,7 @@ class IdentityTests(object): self.assertNotIn(self.tenant_bar['id'], tenants) def test_remove_user_from_tenant_404(self): - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.remove_user_from_tenant, uuid.uuid4().hex, self.user_foo['id']) @@ -636,13 +636,13 @@ class IdentityTests(object): uuid.uuid4().hex) def test_update_tenant_404(self): - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.update_tenant, uuid.uuid4().hex, dict()) def test_delete_tenant_404(self): - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.delete_tenant, uuid.uuid4().hex) diff --git a/tests/test_backend_kvs.py b/tests/test_backend_kvs.py index d3c79e70..dd8a28a2 100644 --- a/tests/test_backend_kvs.py +++ b/tests/test_backend_kvs.py @@ -54,7 +54,7 @@ class KvsCatalog(test.TestCase, test_backend.CatalogTests): def test_get_catalog_404(self): # FIXME(dolph): this test should be moved up to test_backend - # FIXME(dolph): exceptions should be UserNotFound and TenantNotFound + # FIXME(dolph): exceptions should be UserNotFound and ProjectNotFound self.assertRaises(exception.NotFound, self.catalog_api.get_catalog, uuid.uuid4().hex, diff --git a/tests/test_backend_ldap.py b/tests/test_backend_ldap.py index b8c0fbe7..ca74a3e8 100644 --- a/tests/test_backend_ldap.py +++ b/tests/test_backend_ldap.py @@ -131,7 +131,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests): self.identity_api.update_tenant('fake1', tenant) self.identity_api.delete_tenant('fake1') - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.get_tenant, 'fake1') @@ -226,7 +226,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests): CONF.ldap.tenant_filter = '(CN=DOES_NOT_MATCH)' self.identity_api = identity_ldap.Identity() - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.get_tenant, self.tenant_bar['id']) diff --git a/tests/test_backend_sql.py b/tests/test_backend_sql.py index cff7788c..e8ccc98e 100644 --- a/tests/test_backend_sql.py +++ b/tests/test_backend_sql.py @@ -96,10 +96,10 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests): self.identity_api.create_tenant, tenant['id'], tenant) - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.get_tenant, tenant['id']) - self.assertRaises(exception.TenantNotFound, + self.assertRaises(exception.ProjectNotFound, self.identity_api.get_tenant_by_name, tenant['name']) |