summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | | | | | Merge "Remove an enumerate call"Jenkins2013-07-081-1/+1
|\ \ \ \ \ \ \ \
| * | | | | | | | Remove an enumerate callZhang Chun2013-07-051-1/+1
| | |_|_|/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactor tests/test_backend.py, remove a useless enumerate call in for loop. Change-Id: I1268ce70d40994078343ec3120021c131e52713d
* | | | | | | | Merge "DB2 migration support"Jenkins2013-07-089-40/+194
|\ \ \ \ \ \ \ \
| * | | | | | | | DB2 migration supportBrant Knudson2013-07-019-40/+194
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | DB2 will not allow you to rename a table if it's got a constraint on it (a unique or foreign key constraint). This fix changes the migrations so that the unique or FK constraints are dropped from tables before renaming and then restoring the unique FK constraints. This works for DB2 and other DBMSs that support FK constraints such as MySQL with InnoDB and PostgreSQL. Also, for DB2, give a name to the unique constraints so that they can be manipulated. Fixes bug 1188785 Change-Id: I7cf6ab42084e43d827ed827c64025e61e72a4672
* | | | | | | | | Merge "Implement GET /role_assignment API call"Jenkins2013-07-0811-1/+872
|\ \ \ \ \ \ \ \ \ | |_|_|/ / / / / / |/| | | | | | | |
| * | | | | | | | Implement GET /role_assignment API callHenry Nash2013-07-0311-1/+872
| | |_|/ / / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for the GET /role_assignment call as a first step to making role_assignment a first class entity. This patch also enables v3 collection filtering to match against attributes of entities being returned in the list, using the same dot notation (e.g. user.id) that we already support for policy file checking against filters. Limitations: - The current implementation uses the standard v3 collections wrapper mechanism for filtering. Given the potential numbers of role assignments in a large system, this may have performance and resource impacts. A future improvement would pass the filters into the driver layer to keep the internal assignment processing to a minimum. - The LDAP backend is not currently supported Implements bp get-role-assignments Change-Id: I6ff2ea780e39d7097a88214fbb3ddee1b924c30c
* | | | | | | | Merge "Update paths to pem files in keystone.conf.sample"Jenkins2013-07-061-8/+8
|\ \ \ \ \ \ \ \ | |_|_|_|_|_|_|/ |/| | | | | | |
| * | | | | | | Update paths to pem files in keystone.conf.sampleAlessio Ababilov2013-07-041-8/+8
| | |_|/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Location of *.pem files were changed without synchronization with keystone.conf.sample. Change-Id: I99a61230b06eb43046e543c0d0663c49aa21d558 Fixes: bug #1197743
* | | | | | | Merge "rename quantum to neutron in docs"Jenkins2013-07-051-1/+1
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | |
| * | | | | | rename quantum to neutron in docsMark McClain2013-07-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | implements bug: 1197208 Change-Id: Icb7e7d4212e53cd55281a42fb2cd26b243d79eb8
* | | | | | | Merge "Fix up some trivial license mismatches"Jenkins2013-07-042-2/+3
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | |
| * | | | | | Fix up some trivial license mismatchesDirk Mueller2013-06-262-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In preparation of the Hacking check that would reject those licenses in the future. Change-Id: I2ba5080ed836c62fa54fa2734c2ecd3114639b75
* | | | | | | Merge "Use event.listen() instead of deprecated listeners kwarg"Jenkins2013-07-031-15/+15
|\ \ \ \ \ \ \ | |_|_|_|/ / / |/| | | | | |
| * | | | | | Use event.listen() instead of deprecated listeners kwargAnthony Dodd2013-07-011-15/+15
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The listeners kwarg is deprecated in SQLAlchemy 0.7.0. Use the new event.listen() method instead. Instead of using the original approach of testing whether or not the string 'mysql' is in 'connection_dict.drivername', now we are using a more direct string equality test to ensure that engine.name == 'mysql' before passing it to sql.event.listen(). We've decided to change the name of our ping_listener function to reflect its purpose more accurately. Its name has been changed from "ping_listener" to "mysql_on_checkout". Change-Id: Ib9ef52404e3d474a60cdc82e8fcf8c6a9616bce3 Fixes: bug #1031405
* | | | | | Merge "Install locales for httpd."Jenkins2013-07-031-0/+3
|\ \ \ \ \ \
| * | | | | | Install locales for httpd.Haneef Ali2013-07-011-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Change-Id: Ia5886b98070f3e3b2df4e94bf2a3db7c57bf870e
* | | | | | | Merge "Remove hard tabs and trailing whitespace"Jenkins2013-07-033-25/+25
|\ \ \ \ \ \ \ | |_|_|_|/ / / |/| | | | | |
| * | | | | | Remove hard tabs and trailing whitespaceDolph Mathews2013-06-283-25/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Change-Id: I27f0054f8aca053e0fd31c4b848771438b0f34ac
* | | | | | | Merge "`tox -ecover` failure. Missing entry in tox.ini"Jenkins2013-07-021-1/+2
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | |
| * | | | | | `tox -ecover` failure. Missing entry in tox.iniAnthony Dodd2013-06-271-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `tox -ecover` is failing due to a missing entry in keystone's tox.ini file. In tox.ini the following code appears: ''' [testenv:cover] setenv = NOSE_WITH_COVERAGE=1 NOSE_COVER_HTML=1 NOSE_COVER_HTML_DIR={toxinidir}/cover ''' Adding 'VIRTUAL_ENV={envdir}' to the setenv mapping, as shown below, has resolved the issue on my machine. ''' [testenv:cover] setenv = VIRTUAL_ENV={envdir} NOSE_WITH_COVERAGE=1 NOSE_COVER_HTML=1 NOSE_COVER_HTML_DIR={toxinidir}/cover ''' Change-Id: I3550ac61cdc6389dd239c5ad319d881519b3543d Fixes: bug #1195371
* | | | | | | Add 'application' to keystone.py for WSGILance Bragstad2013-06-291-1/+5
| |_|/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds WSGI application to keystone/httpd/keystone.py, fixing bug 1194494. Change-Id: I921fe1332dc9dd25e917f02f583b5b597cf35c26
* | | | | | Merge "Manager instead of direct driver"Jenkins2013-06-288-264/+228
|\ \ \ \ \ \
| * | | | | | Manager instead of direct driverAdam Young2013-06-288-264/+228
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make calls via the manager as opposed to the drivers in order to support refactoring of common code Bug 1193420 Change-Id: I69117ea755ed7ef3f7d3732fee83cc758927d296
* | | | | | Merge "Clean up keystone-all.rst"Jenkins2013-06-282-26/+33
|\ \ \ \ \ \
| * | | | | | Clean up keystone-all.rstBrant Knudson2013-06-262-26/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change fixes warnings and errors from doc/source/man/keystone-all.rst when generating documentation. Change-Id: Ie33b2600f28c517644730b2371ce34ca2e73b7a5
* | | | | | | Merge "check for constraint before dropping"Jenkins2013-06-281-11/+11
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | |
| * | | | | | check for constraint before droppingAdam Young2013-06-281-11/+11
| | |_|/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Bug 1189633 Change-Id: Ieff57d17f224ec31523bfcce288818a08d64f98a
* | | | | | Stop passing context to managers (bug 1194938)Dolph Mathews2013-06-2826-605/+444
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We don't have a use case for passing the request context to the manager layer, so this patch removes a bunch of cruft. Change-Id: Ic6435782c4c9f32e38c7800172645cc1af23ea09
* | | | | | Merge "Do not raise NEW exceptions"Jenkins2013-06-273-10/+12
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | |
| * | | | | Do not raise NEW exceptionsSergey Vilgelm2013-06-243-10/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Raising NEW exception is bad practice, because we lose TraceBack. So all places like: except SomeException as e: raise e should be replaced by except SomeException: raise If we are doing some other actions before reraising we should store information about exception then do all actions and then reraise it. This is caused by eventlet bug. It lost information about exception if it switch threads. fixes bug 1191730 Change-Id: I8dffc36ba5780911dd57d7161d218d0324af60b3
* | | | | | Merge "Revert environment module usage in middleware."Jenkins2013-06-272-6/+6
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | |
| * | | | | Revert environment module usage in middleware.Jamie Lennox2013-06-262-6/+6
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Devstack is pulling s3_token into the swift pipeline and so depending on keystone.environment is breaking devstack installs. Fixes bug 1193112 Change-Id: Ifd89e542f79a2bee00113e7df676d30da0f05e59
* / | | | LDAP list group users not fail if user entry deletedBrant Knudson2013-06-252-10/+12
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using the LDAP identity backend, if a group member entry doesn't exist in the LDAP server anymore and the group's members are listed using GET /v3/groups/{groupId}/users, Keystone returns 404 Not Found. The server should return all the group members that do exist and ignore the missing members. Fixes bug 1174585 Change-Id: I97b53e3d5a5810aa0818b785e23a1948499b29e8
* | | | Merge "Remove explicit distribute depend."Jenkins2013-06-251-1/+0
|\ \ \ \ | | |/ / | |/| |
| * | | Remove explicit distribute depend.Monty Taylor2013-06-111-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Causes issues with the recent re-merge with setuptools. Advice from upstream is to stop doing explicit depends. Change-Id: I5acb02230226d9842b8524d03f97857863f32932
* | | | Merge "Version response compatible with Folsom"Jenkins2013-06-243-0/+62
|\ \ \ \ | |_|/ / |/| | |
| * | | Version response compatible with FolsomBrant Knudson2013-06-113-0/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change adds <link> elements to the <version id="v2.0"> element in the version response to be compatible with the response given by the Keystone server in the Folsom release. Fixes bug 1187101 Change-Id: Ida71e2dbe3cf432d429fb739e68a83d7e009ca40
* | | | Merge "Consolidate admin_or_owner rule"Jenkins2013-06-231-2/+1
|\ \ \ \
| * | | | Consolidate admin_or_owner ruleGuang Yee2013-06-191-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | admin_or_owner rule has already defined at the beginning for the file. Make use of it. Change-Id: I18f1d96aaba095d05e770b3d564a255659de23ce
* | | | | Merge "wsgi.Middleware factory should use **kwargs"Jenkins2013-06-232-1/+11
|\ \ \ \ \
| * | | | | wsgi.Middleware factory should use **kwargsAlvaro Lopez Garcia2013-06-202-1/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes bug 1190978 Change-Id: Ifb0673b7aab5292c13bf5c86c5cc2de8096f7e3e
* | | | | | Merge "Initialize logging from HTTPD."Jenkins2013-06-231-0/+1
|\ \ \ \ \ \
| * | | | | | Initialize logging from HTTPD.Jamie Lennox2013-06-121-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes bug 1190324 Change-Id: I6031c26c4917bd526c5918d815bff3bd060301c8
* | | | | | | Merge "python WebOb dependency made unpinned."Jenkins2013-06-231-1/+1
|\ \ \ \ \ \ \
| * | | | | | | python WebOb dependency made unpinned.saikrishna2013-06-121-1/+1
| |/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | keystone declares python-webob dependency as ==, which is not a good way of defining dependency. So to support latest dependencies, WebOb is unpinned in requirements.txt Fixes: bug #1180033 Change-Id: I73042cf88baf378c8564abb2394963866082977e
* | | | | | | Merge "Base.get_engine honor allow_global_engine=False"Jenkins2013-06-222-8/+49
|\ \ \ \ \ \ \ | | |_|_|_|_|/ | |/| | | | |
| * | | | | | Base.get_engine honor allow_global_engine=FalseBrant Knudson2013-06-042-8/+49
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change makes it so that get_engine() in keystone.common.sql.core.Base does not return the global engine when allow_global_engine is False. The behavior before could be described like: If get_engine() has never been called with allow_global_engine=True, then if you pass allow_global_engine=False returns a new engine. Otherwise, you always get the global engine (even if allow_global_engine=False) The new behavior is: If get_engine() is called with allow_global_engine=True then it returns the global engine, otherwise it returns a new engine. Change-Id: I756b54d9f3984733f56d09c11b2702c3451102f2
* | | | | | | Merge "Fix link typo in Sphinx doc"Jenkins2013-06-221-1/+1
|\ \ \ \ \ \ \
| * | | | | | | Fix link typo in Sphinx docDirk Mueller2013-06-121-1/+1
| | |/ / / / / | |/| | | | | | | | | | | | | | | | | | | Change-Id: I00667ca171d1be5acdacb472561cbf74baf6a852
* | | | | | | Move identity ldap backend from directory to fileAdam Young2013-06-202-19/+1
| |_|/ / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The LDAP backend for identity was in a subdirectory as opposed to a file due to a clash between the name of the local package and the standard python package both being called ldap. This change makes the ldap backend look like the other backend. The mechanism that fixes it is: from __future__ import absolute_import Change-Id: Id9ee518238ae22e5128351094eb3764a831cc083
generated by cgit (git 2.34.1) at 2025-09-26 18:12:23 +0000