summaryrefslogtreecommitdiffstats
path: root/keystone
Commit message (Collapse)AuthorAgeFilesLines
* Clean hacking errors in advance of hacking updateMonty Taylor2013-08-154-10/+15
| | | | | | | | The next patch syncs with global requirements, including an update to hacking. These fixes align the codebase with those new rules. Change-Id: I16e5a4ffa877fb46d2fb28d881642185c801b628
* Merge "Set wsgi startup log level to INFO"Jenkins2013-08-161-4/+4
|\
| * Set wsgi startup log level to INFOEdward Hope-Morley2013-08-061-4/+4
| | | | | | | | | | | | | | | | | | | | | | Sets wsgi startup log to INFO so that it is still visible when log level is raised above DEBUG. Co-authored-by: Kanami Akama <k-akama@intellilink.co.jp> Fixes: bug #1208778 Change-Id: I977f4ac6fc5e11710922dc607d5ce23a0cc74237
* | Merge "Remove unused import"Jenkins2013-08-161-1/+0
|\ \
| * | Remove unused importWu Wenxiang2013-08-151-1/+0
| | | | | | | | | | | | | | | | | | | | | In file: keystone/contrib/access/core.py, webob module was never used after imported in the module, removing it make codes more clean. Change-Id: I00725e3408c743489693bf6de66254c790dddb24
* | | Merge "Increase length of username in DB"Jenkins2013-08-166-7/+75
|\ \ \
| * | | Increase length of username in DBAlvaro Lopez Garcia2013-08-156-7/+75
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Length of username in database may be too short for X.509 DNs and 255 seems a sane value for it. Fixes bug #1081932 Change-Id: Ie8f696845ea15d37cf13f3fe7978b22deac798b0
* | | | Merge "Cleaned up pluggable auth docs"Jenkins2013-08-152-34/+40
|\ \ \ \ | |/ / / |/| | |
| * | | Cleaned up pluggable auth docsJoe Duhamel2013-08-152-34/+40
| | | | | | | | | | | | | | | | Change-Id: Iee859f13078287348211b54e3aeda704be6d8f20
* | | | Merge "Refactor Keystone to use unified logging from Oslo"Jenkins2013-08-1541-76/+71
|\ \ \ \ | |/ / / |/| | |
| * | | Refactor Keystone to use unified logging from OsloLance Bragstad2013-08-1541-76/+71
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Modifications to use log from /keystone/openstack/common/log.py instead of /keystone/common/logging.py. This change also includes some refactoring to remove the WriteableLogger class from common/wsgi.py since that is already included in the unified logging sync from Oslo. This also moves fail_gracefully from /keystone/common/logging.py to service.py as it is only used within that module. blueprint unified-logging-in-keystone Change-Id: I24b319bd6cfe5e345ea903196188f2394f4ef102
* | | Merge "Revoke user tokens when disabling/delete a project"Jenkins2013-08-154-0/+127
|\ \ \
| * | | Revoke user tokens when disabling/delete a projectChmouel Boudjnah2013-08-154-0/+127
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | - Revoke tokens scoped to all users from a project when disabling or deleting the project. - Tests provided by Dolph. Closes-Bug: #1179955 Change-Id: I8ab4713d513b26ced6c37ed026cec9e2df78a5e9 Signed-off-by: Chmouel Boudjnah <chmouel@enovance.com>
* | | Fix test_user_enable_attribute_mask so it actually testsBrant Knudson2013-08-152-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | test_user_enable_attribute_mask wasn't actually testing user_enable_attribute_mask because it didn't reload the backend after changing the config value. Change-Id: I9fa6bebe0c4b3d2afc1eb53867cf217b046b0210 Related-Bug: #1210175
* | | Do not skip test_user_enable_attribute_mask in _ldap_livetestBrant Knudson2013-08-151-3/+0
| | | | | | | | | | | | | | | | | | | | | This test is usable with OpenLDAP and is useful for validation. Change-Id: Ie4da746a17d2ca545eb1125c1e7249620f0efbc0 Related-Bug: #1210175
* | | Skip test_create_unicode_user_name in _ldap_livetestBrant Knudson2013-08-151-0/+3
|/ / | | | | | | | | | | | | | | | | Live LDAP tests were not passing because this test doesn't work. This is being addressed with a different bug. Change-Id: Ic01aa505d867c1de30e2a1ed7c79ff1478e213ef Related-Bug: #1172106 Related-Bug: #1210175
* | Move 'tests' directory into 'keystone' packageSascha Peilicke2013-08-1477-2/+20374
| | | | | | | | | | | | | | | | | | | | | | Similar to a range of other components (e.g. glance,nova,...) and recent reviews by Monty. Running individual tests can be done like this: ./run_tests.sh keystone.tests.test_drivers Change-Id: I2482a48322150e5eb09b703326a94d8283f1c75b
* | Merge "Sync notifier module from Oslo"Jenkins2013-08-1434-6/+7351
|\ \
| * | Sync notifier module from OsloLance Bragstad2013-08-1334-6/+7351
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Pull in the common notifier from Oslo-incubator into Keystone. This only introduces the notifier module and it's dependencies. This change is standalone and doesn't contain any code to implementation notifications, just the initial sync. blueprint notifications Change-Id: If62d6012a92e944f3196dd20e6cdd3236e7ecae2
* | | Initial implementation of unified-loggingLance Bragstad2013-08-131-91/+8
|/ / | | | | | | | | | | | | | | | | | | | | | | This is the base implementation of a unified logging solution for Keystone from Oslo-incubator. More work is still needed to refactor the rest of Keystone such that it is completely dependent on the implementation from Oslo and not the older keystone/common/logging.py implementation, this is also noted in keystone/common/config.py. blueprint unified-logging-in-keystone Change-Id: I711cbac8edd887c52114fb13327e37124ea86737
* | Merge "Make pki_setup work with OpenSSL 0.9.x"Jenkins2013-08-131-12/+24
|\ \
| * | Make pki_setup work with OpenSSL 0.9.xDirk Mueller2013-08-071-12/+24
| |/ | | | | | | | | | | | | | | | | | | | | | | Support for "default" in default_md was only added in "recent" OpenSSL versions. Use sha1 (which is what "default" maps to anyway) for older openssl versions. Also sync the generated openssl config file with the defaults from OpenSSL 1.0 and newer. Fixes: LP Bug #1209249 Change-Id: I4ba79dbfdfc2df81cfb0f1edde23d3fbc1384637
* | Merge "Drop extra credential indexes"Jenkins2013-08-132-5/+40
|\ \
| * | Drop extra credential indexesElena Ezhova2013-08-122-5/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | For mysql ForeignKey constraints were removed but the fields stayed as indexes. This migration drops them. bp db-sync-models-with-migrations Change-Id: I3baeac4047cd65ac5d7733ba909c45d0874f17d8
* | | Merge "Sync models with migrations"Jenkins2013-08-125-10/+19
|\| |
| * | Sync models with migrationsElena Ezhova2013-08-125-10/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch syncs models with migrations for: -Endpoint -CredentialModel -TokenModel -TrustModel No actual schema change is taking place, this patch just corrects errors in the model definitions. Made class Index avaliable in keystone.common.sql.core partially implements bp db-sync-models-with-migrations Change-Id: I52f5c455360b65a2d5d884bbbec078dca6d34451
* | | Merge "Abstract out attribute_ignore assigning in LDAP driver"Jenkins2013-08-103-12/+4
|\ \ \
| * | | Abstract out attribute_ignore assigning in LDAP driverElena Ezhova2013-08-063-12/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is used to avoid code duplication in keystone/identity/ backends/ldap.py. All changes are fully covered by test_*option_ name*_attribute_ignore() in test_backend_ldap.py. bp refactor-ldap-driver Change-Id: Ia0fc0b3d4a92416dcd65ddb49b3b0bf9a0777363
* | | | Merge "Create default role on demand"Jenkins2013-08-101-3/+17
|\ \ \ \
| * | | | Create default role on demandAdam Young2013-08-061-3/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When adding a user to a project, if the default role is missing, create it. Bug 1176270 Change-Id: Id972ccf9c132c362a0b85049d248530dc2d56d54
* | | | | Merge "Abstract out attribute_mapping filling in LDAP driver."Jenkins2013-08-093-34/+19
|\ \ \ \ \ | | |/ / / | |/| | |
| * | | | Abstract out attribute_mapping filling in LDAP driver.Elena Ezhova2013-08-053-34/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | bp refactor-ldap-driver Change-Id: I4b3bb2900b54f046b05d68f15fb6e35b324ca9f7
* | | | | Sync unified logging solution from OsloLance Bragstad2013-08-096-40/+935
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit introduces a unified logging strategy from oslo-incubator in an attempt to standardize logging in Keystone similar to other OpenStack projects (Nova, Quantum, etc.). This commit only introduces oslo-incubator/openstack/common/log.py and it's dependencies. Implementation of this logging solution will be purposed later. blueprint unified-logging-in-keystone Change-Id: I860c0f0e935fcd7b4c4886ffd54bf22f2cf4cbb3
* | | | | Configurable max password length (bug 1175906)Dolph Mathews2013-08-083-12/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | DocImpact Change-Id: I1b1de8f7e07afe8af8a5cbb83de7f935cea04670
* | | | | Merge "Fix select n+1 issue in keystone catalog"Jenkins2013-08-082-40/+35
|\ \ \ \ \
| * | | | | Fix select n+1 issue in keystone catalogRoman Verchikov2013-08-072-40/+35
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | keystone.catalog.backends.sql.get_catalog() and get_v3_catalog() methods generate N+1 select statements for each endpoint. Use sqlalchemy's eager load to generate single select statement instead of generating N+1 select statents for each endpoint. Given change does not modify DB schema and is runtime-only, since it's a one-to-many relationship. Change-Id: Ia72b8603fc13f01696771f6116b320364bd50f51 Fixes: bug #1206725
* | | | | Merge "extension migrations"Jenkins2013-08-077-20/+146
|\ \ \ \ \ | |_|_|_|/ |/| | | |
| * | | | extension migrationsAdam Young2013-08-067-20/+146
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow each of the extensions to have their own sql migration repository instead of mixing them into the common repo. db_sync must be called explicitly on the extension. In the past, it was assumed that only migrations for backends backed in sql would be run. In practice, however, all of the migrations were run every time. The code has been modified to reflect this. Adds parameter --extension to the cli for db_sync and db_version to test out the migrations bin/keystone-manage db_sync --extension example will migrate to version 1 and bin/keystone-manage db_sync --extension example 0 will migrate it back to 0 to check the version bin/keystone-manage db_version --extension example blueprint multiple-sql-migrate-repos DocImpact Change-Id: I6852d75bde6506c535fa3d74537e3c1bbd6578d8
* | | | | Merge "remove swift dependency of s3 middleware"Jenkins2013-08-061-4/+52
|\ \ \ \ \
| * | | | | remove swift dependency of s3 middlewareKun Huang2013-08-021-4/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In middleware/s3_token.py, here only use swift for a logger and path split functionality. We should remove swift dependency by using new codes. fixes bug #1178738 Change-Id: Icc2648720e220a873d1fb8e9961d777ceabef70b
* | | | | | Merge "Raise max header size to accommodate large tokens."Jenkins2013-08-061-0/+3
|\ \ \ \ \ \
| * | | | | | Raise max header size to accommodate large tokens.Chmouel Boudjnah2013-08-021-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Fixes bug: #1190149 Change-Id: Icdf56d65b9c5caa46571320f02233ac4a8a2e171
* | | | | | | Merge "Handle json data when migrating role metadata."Jenkins2013-08-061-3/+1
|\ \ \ \ \ \ \ | |_|_|_|/ / / |/| | | | | |
| * | | | | | Handle json data when migrating role metadata.Mark J. Washenberger2013-07-311-3/+1
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes bug 1206257 Change-Id: Ia522e023a2d66ec25bc909db12d358f7c0ee6952
* | | | | | Merge "Imported Translations from Transifex"OpenStack Jenkins2013-08-0240-1225/+22144
|\ \ \ \ \ \
| * | | | | | Imported Translations from TransifexOpenStack Jenkins2013-08-0240-1225/+22144
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | Change-Id: I0bbee55edd38f41ed2f32c56a6d17795b81a2f05
* | | | | | Merge "Remove kwargs from manager calls where not needed."Jenkins2013-08-024-13/+8
|\ \ \ \ \ \
| * | | | | | Remove kwargs from manager calls where not needed.Morgan Fainberg2013-08-014-13/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch removes the use of kwargs from manager calls where not required. Dogpile.cache (the targeted caching library) does not support kwargs out of the box with its cache-key-generator. This change allows us to support the default cache-key-generator; while it is possible to create a new cache-key-generator function, there are many possible edge-cases to deal with when making cache invalidation calls (ensuring the arguments are the same) as well as possible performance implications (depending on the depth of method introspection needed to determine how to invalidate the cache). As an added bonus, this change brings the code touched more in-line with the rest of keystone where most manager/driver calls do not use kwargs unless absolutley required. blueprint: caching-layer-for-driver-calls Change-Id: I035c976314fb48f657661f681f7c1760d3c547a6
* | | | | | | Merge "Clean up use of token_provider manager in tests"Jenkins2013-08-021-1/+6
|\ \ \ \ \ \ \ | |_|/ / / / / |/| | | | | |
| * | | | | | Clean up use of token_provider manager in testsBrant Knudson2013-08-011-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With 19081b834991d263d84c761dcf422a8c9faf40a1, the token_provider is created in load_backends() so it doesn't have to be created by the tests. This makes the tests using token_provider_api consistent with how other backends are used in the tests. This change only affects unit tests. Change-Id: I9c05c7876bd14fb28e77fe1e49dd509a2a1cb788
generated by cgit (git 2.34.1) at 2024-06-08 15:56:10 +0000