class RoleAssignment(sql.ModelBase, sql.DictBase):
__tablename__ = 'assignment'
attributes = ['type', 'actor_id', 'target_id', 'role_id', 'inherited']
# NOTE(henry-nash): Postgres requires a name to be defined for an Enum
type = sql.Column(
sql.Enum(AssignmentType.USER_PROJECT, AssignmentType.GROUP_PROJECT,
AssignmentType.USER_DOMAIN, AssignmentType.GROUP_DOMAIN,
name='type'),
nullable=False)
actor_id = sql.Column(sql.String(64), nullable=False)
target_id = sql.Column(sql.String(64), nullable=False)
role_id = sql.Column(sql.String(64), nullable=False)
inherited = sql.Column(sql.Boolean, default=False, nullable=False)
__table_args__ = (
sql.PrimaryKeyConstraint('type', 'actor_id', 'target_id', 'role_id',
'inherited'),
sql.Index('ix_actor_id', 'actor_id'),
)
def to_dict(self):
"""Override parent method with a simpler implementation.
RoleAssignment doesn't have non-indexed 'extra' attributes, so the
parent implementation is not applicable.
"""
return dict(self.items())
class IDMapping(sql.ModelBase, sql.ModelDictMixin):
__tablename__ = 'id_mapping'
public_id = sql.Column(sql.String(64), primary_key=True)
domain_id = sql.Column(sql.String(64), nullable=False)
local_id = sql.Column(sql.String(64), nullable=False)
# NOTE(henry-nash): Postgres requires a name to be defined for an Enum
entity_type = sql.Column(sql.Enum(identity_mapping.EntityType.USER,
identity_mapping.EntityType.GROUP,
name='entity_type'),
nullable=False)
# Unique constraint to ensure you can't store more than one mapping to the
# same underlying values
__table_args__ = (sql.UniqueConstraint('domain_id', 'local_id',
'entity_type'), )
# License for the specific language governing permissions and limitations
# under the License.
import uuid
from keystone.common import sql
from keystone.contrib import oauth2
from keystone import exception
#from keystone.i18n import _
from keystone.openstack.common.gettextutils import _
try:
from oslo.utils import timeutils
except ImportError:
from keystone.openstack.common import timeutils
# TODO(garcianavalon) configuration options
VALID_RESPONSE_TYPES = sql.Enum('code', 'token')
VALID_CLIENT_TYPES = sql.Enum('confidential')
VALID_GRANT_TYPES = sql.Enum('authorization_code')
class Consumer(sql.ModelBase, sql.DictBase):
__tablename__ = 'consumer_oauth2'
attributes = [
'id', 'name', 'description', 'secret', 'client_type', 'redirect_uris',
'grant_type', 'response_type', 'scopes', 'extra'
]
__table_args__ = {'extend_existing': True}
id = sql.Column(sql.String(64), primary_key=True, nullable=False)
name = sql.Column(sql.String(64), nullable=False)
description = sql.Column(sql.Text(), nullable=True)
secret = sql.Column(sql.String(128), nullable=False)
