diff options
| -rw-r--r-- | keystone/common/controller.py | 7 | ||||
| -rw-r--r-- | keystone/common/ldap/core.py | 43 | ||||
| -rw-r--r-- | keystone/common/ldap/fakeldap.py | 18 | ||||
| -rw-r--r-- | keystone/common/sql/nova.py | 17 | ||||
| -rw-r--r-- | keystone/common/utils.py | 9 | ||||
| -rw-r--r-- | keystone/common/wsgi.py | 5 | ||||
| -rw-r--r-- | keystone/identity/backends/ldap/core.py | 6 | ||||
| -rw-r--r-- | keystone/identity/backends/sql.py | 6 | ||||
| -rw-r--r-- | keystone/policy/backends/rules.py | 4 | ||||
| -rw-r--r-- | tox.ini | 5 |
10 files changed, 70 insertions, 50 deletions
diff --git a/keystone/common/controller.py b/keystone/common/controller.py index ab6b5b53..9c28f081 100644 --- a/keystone/common/controller.py +++ b/keystone/common/controller.py @@ -15,10 +15,9 @@ DEFAULT_DOMAIN_ID = CONF.identity.default_domain_id def _build_policy_check_credentials(self, action, context, kwargs): - - LOG.debug(_('RBAC: Authorizing %s(%s)') % ( - action, - ', '.join(['%s=%s' % (k, kwargs[k]) for k in kwargs]))) + LOG.debug(_('RBAC: Authorizing %(action)s(%(kwargs)s)') % { + 'action': action, + 'kwargs': ', '.join(['%s=%s' % (k, kwargs[k]) for k in kwargs])}) try: token_ref = self.token_api.get_token( diff --git a/keystone/common/ldap/core.py b/keystone/common/ldap/core.py index da3be1df..b9b8d08b 100644 --- a/keystone/common/ldap/core.py +++ b/keystone/common/ldap/core.py @@ -84,17 +84,21 @@ def parse_tls_cert(opt): try: return LDAP_TLS_CERTS[opt] except KeyError: - raise ValueError((_('Invalid LDAP tls certs option: %s. ' - 'Choose one of: ') % - opt) + ', '.join(LDAP_TLS_CERTS.keys())) + raise ValueError(_( + 'Invalid LDAP TLS certs option: %(option). ' + 'Choose one of: %(options)s') % { + 'option': opt, + 'options': ', '.join(LDAP_TLS_CERTS.keys())}) def ldap_scope(scope): try: return LDAP_SCOPES[scope] except KeyError: - raise ValueError(_('Invalid LDAP scope: %s. Choose one of: ' % scope) + - ', '.join(LDAP_SCOPES.keys())) + raise ValueError( + _('Invalid LDAP scope: %(scope)s. Choose one of: %(options)s') % { + 'scope': scope, + 'options': ', '.join(LDAP_SCOPES.keys())}) class BaseLdap(object): @@ -182,9 +186,10 @@ class BaseLdap(object): try: ldap_attr, attr_map = item.split(':') except Exception: - LOG.warn(_('Invalid additional attribute mapping: "%s". ' - 'Format must be ' + - '<ldap_attribute>:<keystone_attribute>') % item) + LOG.warn(_( + 'Invalid additional attribute mapping: "%s". ' + 'Format must be <ldap_attribute>:<keystone_attribute>') + % item) continue if attr_map not in self.attribute_mapping: LOG.warn(_('Invalid additional attribute mapping: "%(item)s". ' @@ -500,16 +505,19 @@ class LdapWrapper(object): if kind != 'userPassword' else ['****']) for kind, values in ldap_attrs] - LOG.debug(_('LDAP add: dn=%s, attrs=%s'), dn, sane_attrs) + LOG.debug(_('LDAP add: dn=%(dn)s, attrs=%(attrs)s') % { + 'dn': dn, 'attrs': sane_attrs}) return self.conn.add_s(dn, ldap_attrs) def search_s(self, dn, scope, query, attrlist=None): if LOG.isEnabledFor(logging.DEBUG): - LOG.debug(_('LDAP search: dn=%s, scope=%s, query=%s, attrs=%s'), - dn, - scope, - query, - attrlist) + LOG.debug(_( + 'LDAP search: dn=%(dn)s, scope=%(scope)s, query=%(query)s, ' + 'attrs=%(attrs)s') % { + 'dn': dn, + 'scope': scope, + 'query': query, + 'attrlist': attrlist}) if self.page_size: res = self.paged_search_s(dn, scope, query, attrlist) else: @@ -573,7 +581,8 @@ class LdapWrapper(object): sane_modlist = [(op, kind, (values if kind != 'userPassword' else ['****'])) for op, kind, values in ldap_modlist] - LOG.debug(_("LDAP modify: dn=%s, modlist=%s"), dn, sane_modlist) + LOG.debug(_('LDAP modify: dn=%(dn)s, modlist=%(modlist)s') % { + 'dn': dn, 'modlist': sane_modlist}) return self.conn.modify_s(dn, ldap_modlist) @@ -582,7 +591,9 @@ class LdapWrapper(object): return self.conn.delete_s(dn) def delete_ext_s(self, dn, serverctrls): - LOG.debug(_("LDAP delete_ext: dn=%s, serverctrls=%s"), dn, serverctrls) + LOG.debug( + _('LDAP delete_ext: dn=%(dn)s, serverctrls=%(serverctrls)s') % { + 'dn': dn, 'serverctrls': serverctrls}) return self.conn.delete_ext_s(dn, serverctrls) def _disable_paging(self): diff --git a/keystone/common/ldap/fakeldap.py b/keystone/common/ldap/fakeldap.py index 56eedee1..f6c95895 100644 --- a/keystone/common/ldap/fakeldap.py +++ b/keystone/common/ldap/fakeldap.py @@ -187,7 +187,8 @@ class FakeLdap(object): raise ldap.SERVER_DOWN key = '%s%s' % (self.__prefix, dn) - LOG.debug(_('FakeLdap add item: dn=%s, attrs=%s'), dn, attrs) + LOG.debug(_('FakeLdap add item: dn=%(dn)s, attrs=%(attrs)s') % { + 'dn': dn, 'attrs': attrs}) if key in self.db: LOG.debug(_('FakeLdap add item failed: dn=%s is' ' already in store.'), dn) @@ -236,7 +237,8 @@ class FakeLdap(object): raise ldap.SERVER_DOWN key = '%s%s' % (self.__prefix, dn) - LOG.debug(_('FakeLdap modify item: dn=%s attrs=%s'), dn, attrs) + LOG.debug(_('FakeLdap modify item: dn=%(dn)s attrs=%(attrs)s') % { + 'dn': dn, 'attrs': attrs}) try: entry = self.db[key] except KeyError: @@ -268,9 +270,10 @@ class FakeLdap(object): try: values.remove(val) except ValueError: - LOG.debug(_('FakeLdap modify item failed:' - ' item has no attribute "%s" with' - ' value "%s" to delete'), k, val) + LOG.debug(_('FakeLdap modify item failed: ' + 'item has no attribute "%(k)s" with ' + 'value "%(v)s" to delete') % { + 'k': k, 'v': val}) raise ldap.NO_SUCH_ATTRIBUTE else: LOG.debug(_('FakeLdap modify item failed: unknown' @@ -293,8 +296,9 @@ class FakeLdap(object): if server_fail: raise ldap.SERVER_DOWN - LOG.debug(_('FakeLdap search at dn=%s scope=%s query=%s'), - dn, SCOPE_NAMES.get(scope, scope), query) + LOG.debug( + _('FakeLdap search at dn=%(dn)s scope=%(scope)s query=%(query)s') % + {'dn': dn, 'scope': SCOPE_NAMES.get(scope, scope), 'query': query}) if scope == ldap.SCOPE_BASE: try: item_dict = self.db['%s%s' % (self.__prefix, dn)] diff --git a/keystone/common/sql/nova.py b/keystone/common/sql/nova.py index 968c542f..7e4d9b37 100644 --- a/keystone/common/sql/nova.py +++ b/keystone/common/sql/nova.py @@ -85,7 +85,8 @@ def _create_memberships(api, memberships, user_map, tenant_map): for membership in memberships: user_id = user_map[membership['user_id']] tenant_id = tenant_map[membership['tenant_id']] - LOG.debug(_('Add user %s to tenant %s') % (user_id, tenant_id)) + LOG.debug(_('Add user %(user_id)s to tenant %(tenant_id)s') % { + 'user_id': user_id, 'tenant_id': tenant_id}) api.add_user_to_project(tenant_id, user_id) @@ -110,8 +111,12 @@ def _assign_roles(api, assignments, role_map, user_map, tenant_map): role_id = role_map[assignment['role']] user_id = user_map[assignment['user_id']] tenant_id = tenant_map[assignment['tenant_id']] - LOG.debug(_('Assign role %s to user %s on tenant %s') % - (role_id, user_id, tenant_id)) + LOG.debug(_( + 'Assign role %(role_id)s to user %(user_id)s on tenant ' + '%(tenant_id)s') % { + 'role_id': role_id, + 'user_id': user_id, + 'tenant_id': tenant_id}) api.add_role_to_user_and_project(user_id, tenant_id, role_id) @@ -125,6 +130,8 @@ def _create_ec2_creds(ec2_api, identity_api, ec2_creds, user_map): 'user_id': user_id, 'tenant_id': tenant_id, } - LOG.debug(_('Creating ec2 cred for user %s and tenant %s') % - (user_id, tenant_id)) + LOG.debug(_( + 'Creating ec2 cred for user %(user_id)s and tenant ' + '%(tenant_id)s') % { + 'user_id': user_id, 'tenant_id': tenant_id}) ec2_api.create_credential(None, cred_dict) diff --git a/keystone/common/utils.py b/keystone/common/utils.py index 13a4cc40..9536cdc7 100644 --- a/keystone/common/utils.py +++ b/keystone/common/utils.py @@ -217,10 +217,6 @@ def hash_signed_token(signed_text): def setup_remote_pydev_debug(): if CONF.pydev_debug_host and CONF.pydev_debug_port: - error_msg = ('Error setting up the debug environment. Verify that the' - ' option --debug-url has the format <host>:<port> and ' - 'that a debugger processes is listening on that port.') - try: try: from pydevd import pydevd @@ -233,7 +229,10 @@ def setup_remote_pydev_debug(): stderrToServer=True) return True except: - LOG.exception(_(error_msg)) + LOG.exception(_( + 'Error setting up the debug environment. Verify that the ' + 'option --debug-url has the format <host>:<port> and that a ' + 'debugger processes is listening on that port.')) raise diff --git a/keystone/common/wsgi.py b/keystone/common/wsgi.py index 4ea05628..a07ae117 100644 --- a/keystone/common/wsgi.py +++ b/keystone/common/wsgi.py @@ -181,8 +181,9 @@ class Application(BaseApplication): try: result = method(context, **params) except exception.Unauthorized as e: - LOG.warning(_("Authorization failed. %s from %s") - % (e, req.environ['REMOTE_ADDR'])) + LOG.warning( + _('Authorization failed. %(exception)s from %(remote_addr)s') % + {'exception': e, 'remote_addr': req.environ['REMOTE_ADDR']}) return render_exception(e) except exception.Error as e: LOG.warning(e) diff --git a/keystone/identity/backends/ldap/core.py b/keystone/identity/backends/ldap/core.py index 907ae235..87e560e0 100644 --- a/keystone/identity/backends/ldap/core.py +++ b/keystone/identity/backends/ldap/core.py @@ -922,9 +922,9 @@ class GroupApi(common_ldap.BaseLdap, ApiShimMixin): self.member_attribute, self.user_api._id_to_dn(user_id))]) except ldap.TYPE_OR_VALUE_EXISTS: - msg = _('User %s is already a member of group %s' - % (user_id, group_id)) - raise exception.Conflict(msg) + raise exception.Conflict(_( + 'User %(user_id)s is already a member of group %(group_id)s') % + {'user_id': user_id, 'group_id': group_id}) def remove_user(self, user_id, group_id): conn = self.get_connection() diff --git a/keystone/identity/backends/sql.py b/keystone/identity/backends/sql.py index 0262d87d..670ebb65 100644 --- a/keystone/identity/backends/sql.py +++ b/keystone/identity/backends/sql.py @@ -421,9 +421,9 @@ class Identity(sql.Base, identity.Driver): metadata_ref = self.get_metadata(user_id, tenant_id) roles = set(metadata_ref.get('roles', [])) if role_id not in roles: - msg = _('Cannot remove role that has not been granted, %s' % - role_id) - raise exception.RoleNotFound(message=msg) + raise exception.RoleNotFound(message=_( + 'Cannot remove role that has not been granted, %s') % + role_id) roles.remove(role_id) metadata_ref['roles'] = list(roles) if len(roles): diff --git a/keystone/policy/backends/rules.py b/keystone/policy/backends/rules.py index aa0228cc..8d1bb0f8 100644 --- a/keystone/policy/backends/rules.py +++ b/keystone/policy/backends/rules.py @@ -90,5 +90,7 @@ def enforce(credentials, action, target, do_raise=True): class Policy(policy.Driver): def enforce(self, credentials, action, target): - LOG.debug(_('enforce %s: %s'), action, credentials) + LOG.debug(_('enforce %(action)s: %(credentials)s') % { + 'action': action, + 'credentials': credentials}) enforce(credentials, action, target) @@ -40,10 +40,7 @@ show-source = true # H402: one line docstring needs punctuation # H403: multi line docstring end on new line # H404: multi line docstring should start with a summary -# H701: empty localization string -# H702: use bare string concatenation instead of +; formatting operation should be outside of localization method call -# H703: multiple positional placeholders -ignore = H201,H301,H302,H304,H306,H401,H402,H403,H404,H701,H702,H703 +ignore = H201,H301,H302,H304,H306,H401,H402,H403,H404 builtins = _ exclude=.venv,.git,.tox,dist,doc,*openstack/common*,*lib/python*,*egg,tools,vendor |