diff options
Diffstat (limited to 'keystone/token')
-rw-r--r-- | keystone/token/controllers.py | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/keystone/token/controllers.py b/keystone/token/controllers.py index e9296216..a7fcbb2c 100644 --- a/keystone/token/controllers.py +++ b/keystone/token/controllers.py @@ -18,7 +18,7 @@ DEFAULT_DOMAIN_ID = CONF.identity.default_domain_id class ExternalAuthNotApplicable(Exception): - """External authentication is not applicable""" + """External authentication is not applicable.""" pass @@ -396,7 +396,7 @@ class Auth(controller.V2Controller): return domain_id def _get_project_ref(self, context, user_id, tenant_id): - """Returns the tenant_ref for the user's tenant""" + """Returns the tenant_ref for the user's tenant.""" tenant_ref = None if tenant_id: tenants = self.identity_api.get_projects_for_user(context, user_id) @@ -415,7 +415,7 @@ class Auth(controller.V2Controller): def _get_metadata_ref(self, context, user_id=None, tenant_id=None, domain_id=None, group_id=None): - """Returns metadata_ref for a user or group in a tenant or domain""" + """Returns metadata_ref for a user or group in a tenant or domain.""" metadata_ref = {} if (user_id or group_id) and (tenant_id or domain_id): @@ -429,7 +429,7 @@ class Auth(controller.V2Controller): def _get_group_metadata_ref(self, context, user_id, tenant_id=None, domain_id=None): - """Return any metadata for this project/domain due to group grants""" + """Return any metadata for this project/domain due to group grants.""" group_refs = self.identity_api.list_groups_for_user(context=context, user_id=user_id) metadata_ref = {} @@ -441,9 +441,10 @@ class Auth(controller.V2Controller): return metadata_ref def _append_roles(self, metadata, additional_metadata): - """ - Update the roles in metadata to be the union of the roles from - both of the passed metadatas + """Add additional roles to the roles in metadata. + + The final set of roles represents the union of existing roles and + additional roles. """ first = set(metadata.get('roles', [])) @@ -470,7 +471,7 @@ class Auth(controller.V2Controller): return data def _assert_default_domain(self, context, token_ref): - """ Make sure we are operating on default domain only. """ + """Make sure we are operating on default domain only.""" if token_ref.get('token_data'): # this is a V3 token msg = _('Non-default domain is not supported') |