| Commit message (Collapse) | Author | Age | Files | Lines |
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch syncs models with migrations for:
-Endpoint
-CredentialModel
-TokenModel
-TrustModel
No actual schema change is taking place, this patch just corrects errors
in the model definitions.
Made class Index avaliable in keystone.common.sql.core
partially implements bp db-sync-models-with-migrations
Change-Id: I52f5c455360b65a2d5d884bbbec078dca6d34451
|
|/
|
|
|
|
| |
Bug 1183874
Change-Id: I3881e360485c4c1ff6d67aec12d47130c6b0eb70
|
|
|
|
|
|
|
| |
We don't have a use case for passing the request context to the manager
layer, so this patch removes a bunch of cruft.
Change-Id: Ic6435782c4c9f32e38c7800172645cc1af23ea09
|
|
|
|
|
|
|
|
|
| |
- docstring should not start with a space (flake8 H401)
- one line docstring needs punctuation (flake8 H402)
- multi line docstring end on new line (flake8 H403)
- multi line docstring should start with a summary (flake8 H404)
Change-Id: I69b414395930bda739aa01b785ac619fa8bb7d9b
|
|
|
|
| |
Change-Id: I0f6c5fc27b0bb2da553e9345a8ac4949ce46e685
|
|
|
|
|
|
| |
... when evaluating membership in a collection.
Change-Id: I3fd3d5b5d5ea505833be50193b8969f8c4feb135
|
|
|
|
| |
Change-Id: Ic47bdd61d9818f203a88ae16f97c2b61b1c1bd8c
|
|
|
|
|
|
|
|
| |
- Removed unused imports
- Ignore wildcard and unused imports from core modules (and avoid
wildcard imports otherwise) to __init__ modules
Change-Id: Ie2e5f61ae37481f5d248788cfd83dc92ffddbd91
|
|
|
|
| |
Change-Id: I2200e33868d50bb69089f3108a5a4c061afccd6e
|
|\ |
|
| |
| |
| |
| |
| |
| |
| | |
An undefined variable was used in the trust kvs backend, this
fixes it.
Change-Id: I9c25d85ab64afa2bf7639d3fd14a4d6839dacb64
|
|/
|
|
| |
Change-Id: Ief6534ee25a83027979d92c9ce3a92e0ea28c07c
|
|
|
|
|
|
|
|
|
|
|
| |
Change trust extension from RH-TRUST to OS-TRUST so that the namespace
being used is for OpenStack, as opposed to a contributing company. This
is also more consistent with namespacing used in other OpenStack APIs.
Some additional discussion about this is in this thread:
http://lists.openstack.org/pipermail/openstack-dev/2013-March/006876.html
Change-Id: I0fd869abe0f527c899808a4dde19dbd1fb6f32cd
|
|
|
|
| |
Change-Id: I32b32fc5df8d8483ae8e99067f0655c13c6f520b
|
|
|
|
|
|
|
| |
modify "expires" to "expires_at", most of the changes were
already done by Guang-yee, added a pki-token-id test
Change-Id: Ib3f39620db18aaea6b0cb5d0ae9c290afd870605
|
|\ |
|
| |
| |
| |
| | |
Change-Id: I74134bae9abff847d317e0074cae1878cf76aae8
|
|/
|
|
| |
Change-Id: I82f45c1dca4b96c43387640803a006ac2ab61689
|
|
Blueprint trusts
creates a trust. Using a trust, one user (the trustee), can then
create tokens with a subset of another user's (the trustor) roles and
projects.
If the impersonate flag in the trust is set, the token user_id is set
to the trustor's user ID
If the impersonate flag is not set, the token's user_is is set to the
trustee's user ID
check that both trustor and trustee are enabled prior to creating
the trust token.
sql and kvs backends
sql upgrade scripts
unit tests for backends, auth and v3 api
modifications to the trust controller for creating tokens
Authenticates that only user can be trustor in create
Deleting a trust invalidates all tokens created from that trust
Adds the trust id and the id of the trustee to the header of the token
policy rules for trust
This version has a workaround for testing against the KVS version
of the Service catalog
Change-Id: I5745f4d9a4180b59671a143a55ed87019e98ec76
|