summaryrefslogtreecommitdiffstats
path: root/keystone/policy
Commit message (Collapse)AuthorAgeFilesLines
* Stop passing context to managers (bug 1194938)Dolph Mathews2013-06-282-8/+8
| | | | | | | We don't have a use case for passing the request context to the manager layer, so this patch removes a bunch of cruft. Change-Id: Ic6435782c4c9f32e38c7800172645cc1af23ea09
* Merge "Add <version> arg to keystone-manage db_sync"Jenkins2013-05-301-2/+2
|\
| * Add <version> arg to keystone-manage db_syncBrian Waldon2013-05-281-2/+2
| | | | | | | | | | | | | | This optional <version> argument allows a client of db_sync to indicate to which database version to upgrade or downgrade. Change-Id: I3ccf45eb572a3897e5d3bc5bd17566493a55f393
* | imports not in alphabetical order (flake8 H306)Dolph Mathews2013-05-241-1/+1
|/ | | | Change-Id: I0f6c5fc27b0bb2da553e9345a8ac4949ce46e685
* consistent i18n placeholders (flake8 H701, H702, H703)Dolph Mathews2013-05-231-1/+3
| | | | | | | | | | | - eliminates ambiguously defined keywords in i18n strings which may become incorrectly ordered in a corresponding translation. - ensures formatting operations occur outside of i18n calls - use bare multiline string concatenation instead of 'ab' + \n 'cd' - eliminates an 'empty localization string' (passing a variable to i18n function) Change-Id: I0d78b978cc730e5fb892b80dfacaaf6687cd80be
* Satisfy flake8 import rules F401 and F403Dolph Mathews2013-05-231-0/+1
| | | | | | | | - Removed unused imports - Ignore wildcard and unused imports from core modules (and avoid wildcard imports otherwise) to __init__ modules Change-Id: Ie2e5f61ae37481f5d248788cfd83dc92ffddbd91
* get SQL refs from session (bp sql-query-get)Dolph Mathews2013-05-201-3/+3
| | | | Change-Id: I2200e33868d50bb69089f3108a5a4c061afccd6e
* Removed unused importsDolph Mathews2013-04-161-2/+0
| | | | Change-Id: Ief6534ee25a83027979d92c9ce3a92e0ea28c07c
* Move handle_conflicts decorator into sqlAdam Young2013-02-251-15/+2
| | | | Change-Id: I7ed923592e94f96be5226745224b981c3a3ac161
* Pass query filter attributes to policy engineHenry Nash2013-02-211-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | | With the v3 api, there will be cases when a cloud provider will want to be able to protect apis by matching items in the query filter string. A classic case would be: GET /users?domain_id=mydomain The change augments the v3 controller protection wrapper with one that will also pass in filter parameters. Since this filter list also equates to the filter_by_attribute code that the subsequent api call will make, the filterprotection wrapper passes the filter list into the api call, allowing the code body to not have to re-specify the same list. This also has the consequency of fixing all the missing filter_by_attribute statements in the current code base. Some tests cannot yet be run due to dependency on completion of v3/auth Fixes Bug #1126048 Fixes Bug #1101240 Change-Id: Ibd9867f6eed585414671bbab774df95b8acdf6a5
* Update the Keystone policy engine to the latest openstack commonHenry Nash2013-02-191-16/+14
| | | | | | Fixes Bug #1126037 Change-Id: I246bc9c0c2eb0f4af97c11588c80e4bcea06e747
* Relational API linksDolph Mathews2013-02-071-4/+7
| | | | | | | | | | | | | | | - Adds a self-relational link to both individual API entities and collections. - Adds null previous/next links to collections to support pagination in the future. - Temporarily disables pagination (fixes bug 1079661), as the client doesn't currently support or expect it. We probably need to return all results by default unless the client requests a limited resultset anyway. - Expands test coverage for granting roles to users & groups in projects & domains. Change-Id: Ib5d6d39f5e1eb673c3285ef0b98603c5d375de75
* Fixes import order nitsZhongyue Luo2013-01-112-2/+2
| | | | Change-Id: I5a527e0f5010171a202de5894d124d213d22a073
* Driver registryDolph Mathews2012-12-212-2/+4
| | | | | | | | | Uses automatic dependency injection to provide controllers with driver interfaces (identity_api, token_api, etc). See tests/test_injection.py for a self-contained example. Change-Id: I255087de534292fbf57a45b19f97488f831f607c
* Merge "module refactoring"Jenkins2012-12-182-0/+23
|\
| * module refactoringAdam Young2012-12-172-0/+23
| | | | | | | | | | | | | | | | | | Distributes the functionality of service.py into the modules. Moves ComposableRouters into the modules. The routers and controllers now have short names. The controllers get their APIs via the base class. Change-Id: I87404b80ea9800d6792f97a7a3a64fe839065c1c
* | Test drivers return HTTP 501 Not ImplementedDolph Mathews2012-12-121-1/+1
|/ | | | Change-Id: I4cd21022593e6b4c3965edd00ecea01a00584516
* Merge "Bug 1075090 -- Fixing log messages in python source code to support ↵Jenkins2012-12-051-1/+1
|\ | | | | | | internationalization."
| * Bug 1075090 -- Fixing log messages in python source code to support ↵Nachiappan VR N2012-12-041-1/+1
| | | | | | | | | | | | internationalization. Change-Id: I6b50abaa82effad8feaaac8d85086ca8b5d42590
* | Only 'import *' from 'core' modulesDolph Mathews2012-12-053-32/+49
|/ | | | | | | | - Renamed identity.controllers.* and identity.routers.* since they now occopy unique namespaces (thanks ayoung!) - Moved catalog and policy controllers into their own respective modules Change-Id: Ib9e277355e0eac15d4d218785c816b718b493b5b
* Utilize policy.json by default (bug 1043758)Dolph Mathews2012-11-201-14/+0
| | | | Change-Id: I03daf10aa4f689fe323e39537c312d1e783db313
* Wrap v3 API with RBAC (bug 1023943)Dolph Mathews2012-11-201-6/+5
| | | | Change-Id: Ie77be83054ea88bb0860260e1750196ac5ded650
* Merge "tweaking docs to fix link to wiki Keystone page"Jenkins2012-11-201-8/+8
|\
| * tweaking docs to fix link to wiki Keystone pageJoe Heck2012-11-101-8/+8
| | | | | | | | | | | | | | | | updated docstrings to remove two errors reformatted front page header to be consistent added links to autogenerated python documentation Change-Id: I59fddc12ff458bbd0102a40d4d85903ab6bd6394
* | v3 PoliciesDolph Mathews2012-11-192-13/+106
|/ | | | | | | | - v3 policy (bp rbac-keystone-api) - v3 policy tests (bug 1023935) - v3 policy implementation (bug 1023939) Change-Id: I163fbb67726c295fe9ed09b68cd18d2273345d29
* Merge remote-tracking branch 'origin/feature/keystone-v3' into HEADDolph Mathews2012-11-021-0/+100
|\ | | | | | | | | | | | | | | Conflicts: keystone/catalog/core.py keystone/identity/core.py Change-Id: Id47b9dd9c4da811d13454b539f78b751d40ed87d
| * Identity API v3 Config, Routers, ControllersDolph Mathews2012-09-051-0/+100
| | | | | | | | | | | | | | | | | | Provides configuration to deploy the v3 API identically across both: http://[...]:5000/v3/ http://[...]:35357/v3/ Change-Id: I97c5a2f7a84e3fca0adaea020697f958e04f5753
* | mistake in doc stringmonsterxx032012-08-241-1/+1
|/ | | | | | mistake target to object in doc string of keystone/policy/backends/rules.py Change-Id: I6a4711d142d3ecec3c44423af21d2438a4696d8c
* Reorder imports by full module pathZhongyue Luo2012-06-202-4/+4
| | | | | | | | Fixes bug #1013441 Sort imports by lexicographical order of full module path Change-Id: I60231d87618466426dc7bfac7bb0644a0dbd079a
* PEP8 fixesDolph Mathews2012-06-181-3/+3
| | | | Change-Id: I0989396691eb31d9008c016e64f2c197f8c7e48c
* Use ConfigOpts.find_file() to locate policy.jsonMark McLoughlin2012-05-031-1/+5
| | | | | | | | Use cfg's new helper method to find policy config file. The basic behavior is "look alongside the config file" with a fall back to the standard default config paths. Change-Id: Ic2a7187378eab9c9066118132465280993778a5e
* Removed SimpleMatch 'shim'; updated readmeDolph Mathews2012-05-031-23/+0
| | | | Change-Id: I34fcc8d7233e58024c4e173867f8f41f9d2b9f4c
* Wrapped unexpected exceptions (bug 955411)Dolph Mathews2012-03-201-1/+1
| | | | | | | | | | | - Replaced all webob.exc's (outside of middleware) with keystone.exception's - Raised 409 Conflict when creating/updating existing user/tenant ID/names (bug 955464) - Raised 501 Not Implemented for user-role-add w/o tenant_id (bug 955548) Change-Id: I9f16cac502c20dd35a6b8da778e85bf3d9cfae49
* Merge "Refactor keystone.common.logging use (bug 948224)"Jenkins2012-03-201-1/+1
|\
| * Refactor keystone.common.logging use (bug 948224)Dolph Mathews2012-03-141-1/+1
| | | | | | | | Change-Id: I01b2b5748a2524273bb8c2b734ab22415652f739
* | Merge "docstring cleanup to remove sphinx warnings"Jenkins2012-03-191-2/+4
|\ \
| * | docstring cleanup to remove sphinx warningsJoe Heck2012-03-141-2/+4
| |/ | | | | | | Change-Id: Icfc273f2466f48307d2addd22b70f1759d23fd97
* / Properly return 501 for unsupported Catalog callsAdam Gandelman2012-03-141-1/+2
|/ | | | | | | | | | | | | | | | | Similar to the other APIs, this creates a Driver class that describes expected functionality of the catalog driver and raises NotImplemented accordingly. NotImplementedError()'s are caught and returned as proper 501s instead of AttributeErrors. Also fixes some inconsistent paramters names in the sql backend. Fixes bug 954087 Update: Convert usage of NotImplementedError() to new keystone.exception.NotImplemented() for all unimplemented driver actions. Change-Id: I69d8e21a6f651e69b724ec5ed5784645bad80c00
* Added license header (bug 929663)Dolph Mathews2012-03-091-0/+16
| | | | Change-Id: Ia36a22f2d6bba411e4fad81ea2d6fa1f0465a733
* port common policy code to keystonetermie2012-03-083-18/+118
| | | | | | | | keystone.common.policy is copied from nova leave simple backend in as a shim until devstack stops referencing it Change-Id: Ibd579cfeb99465706d525b6565818a2d8f5f3b7c
* Added Apache 2.0 License information.Monty Taylor2012-02-152-0/+28
| | | | | | Fixes bug 932819 Change-Id: I58e0c2ad704e2e8ff1924a01791694a5e02a154b
* Fixes role checking for admin checkVishvananda Ishaya2012-02-101-1/+3
| | | | Change-Id: I6afe52033996b56aa38033017e0ce2f37c471592
* minor docstring update for new locationsJoe Heck2012-02-021-1/+1
|
* get docs workingtermie2012-01-191-3/+0
|
* fix some importstermie2012-01-182-1/+2
|
* split up the services and kvs backendstermie2012-01-181-1/+1
|
* establish basic structuretermie2012-01-184-0/+45
generated by cgit (git 2.34.1) at 2024-09-24 04:13:37 +0000