class RoleAssignment(sql.ModelBase, sql.DictBase): __tablename__ = 'assignment' attributes = ['type', 'actor_id', 'target_id', 'role_id', 'inherited'] # NOTE(henry-nash): Postgres requires a name to be defined for an Enum type = sql.Column( sql.Enum(AssignmentType.USER_PROJECT, AssignmentType.GROUP_PROJECT, AssignmentType.USER_DOMAIN, AssignmentType.GROUP_DOMAIN, name='type'), nullable=False) actor_id = sql.Column(sql.String(64), nullable=False) target_id = sql.Column(sql.String(64), nullable=False) role_id = sql.Column(sql.String(64), nullable=False) inherited = sql.Column(sql.Boolean, default=False, nullable=False) __table_args__ = ( sql.PrimaryKeyConstraint('type', 'actor_id', 'target_id', 'role_id', 'inherited'), sql.Index('ix_actor_id', 'actor_id'), ) def to_dict(self): """Override parent method with a simpler implementation. RoleAssignment doesn't have non-indexed 'extra' attributes, so the parent implementation is not applicable. """ return dict(self.items())
class IDMapping(sql.ModelBase, sql.ModelDictMixin): __tablename__ = 'id_mapping' public_id = sql.Column(sql.String(64), primary_key=True) domain_id = sql.Column(sql.String(64), nullable=False) local_id = sql.Column(sql.String(64), nullable=False) # NOTE(henry-nash): Postgres requires a name to be defined for an Enum entity_type = sql.Column(sql.Enum(identity_mapping.EntityType.USER, identity_mapping.EntityType.GROUP, name='entity_type'), nullable=False) # Unique constraint to ensure you can't store more than one mapping to the # same underlying values __table_args__ = (sql.UniqueConstraint('domain_id', 'local_id', 'entity_type'), )
# License for the specific language governing permissions and limitations # under the License. import uuid from keystone.common import sql from keystone.contrib import oauth2 from keystone import exception #from keystone.i18n import _ from keystone.openstack.common.gettextutils import _ try: from oslo.utils import timeutils except ImportError: from keystone.openstack.common import timeutils # TODO(garcianavalon) configuration options VALID_RESPONSE_TYPES = sql.Enum('code', 'token') VALID_CLIENT_TYPES = sql.Enum('confidential') VALID_GRANT_TYPES = sql.Enum('authorization_code') class Consumer(sql.ModelBase, sql.DictBase): __tablename__ = 'consumer_oauth2' attributes = [ 'id', 'name', 'description', 'secret', 'client_type', 'redirect_uris', 'grant_type', 'response_type', 'scopes', 'extra' ] __table_args__ = {'extend_existing': True} id = sql.Column(sql.String(64), primary_key=True, nullable=False) name = sql.Column(sql.String(64), nullable=False) description = sql.Column(sql.Text(), nullable=True) secret = sql.Column(sql.String(128), nullable=False)