def list_users(self, hints):
with sql.session_for_read() as session:
query = session.query(model.User).outerjoin(model.LocalUser)
query, hints = self._create_password_expires_query(session, query,
hints)
user_refs = sql.filter_limit_query(model.User, query, hints)
return [base.filter_user(x.to_dict()) for x in user_refs]
def list_groups_for_user(self, user_id, hints):
session = sql.get_session()
self.get_user(user_id)
query = session.query(Group).join(UserGroupMembership)
query = query.filter(UserGroupMembership.user_id == user_id)
query = sql.filter_limit_query(Group, query, hints)
return [g.to_dict() for g in query]
def list_application_credentials_for_user(self, user_id, hints):
with sql.session_for_read() as session:
query = session.query(ApplicationCredentialModel)
query = sql.filter_limit_query(ApplicationCredentialModel, query,
hints)
app_creds = query.filter_by(user_id=user_id)
return [self._to_dict(ref) for ref in app_creds]
def get_federated_users(self, hints):
with sql.session_for_read() as session:
query = session.query(model.User).outerjoin(model.LocalUser)
query = query.filter(model.User.id == model.FederatedUser.user_id)
query = self._update_query_with_federated_statements(hints, query)
user_refs = sql.filter_limit_query(model.User, query, hints)
return [identity_base.filter_user(x.to_dict()) for x in user_refs]
def list_groups_for_user(self, user_id, hints):
with sql.session_for_read() as session:
self.get_user(user_id)
query = session.query(model.Group).join(model.UserGroupMembership)
query = query.filter(model.UserGroupMembership.user_id == user_id)
query = sql.filter_limit_query(model.Group, query, hints)
return [g.to_dict() for g in query]
def list_users_in_group(self, group_id, hints):
session = sql.get_session()
self.get_group(group_id)
query = session.query(User).join(UserGroupMembership)
query = query.filter(UserGroupMembership.group_id == group_id)
query = sql.filter_limit_query(User, query, hints)
return [identity.filter_user(u.to_dict()) for u in query]
def list_users_in_group(self, group_id, hints):
with sql.session_for_read() as session:
self.get_group(group_id)
query = session.query(User).outerjoin(LocalUser)
query = query.join(UserGroupMembership)
query = query.filter(UserGroupMembership.group_id == group_id)
query = sql.filter_limit_query(User, query, hints)
return [identity.filter_user(u.to_dict()) for u in query]
def list_users_in_group(self, group_id, hints):
with sql.session_for_read() as session:
self.get_group(group_id)
query = session.query(model.User).outerjoin(model.LocalUser)
query = query.join(model.UserGroupMembership)
query = query.filter(
model.UserGroupMembership.group_id == group_id)
query, hints = self._create_password_expires_query(session, query,
hints)
query = sql.filter_limit_query(model.User, query, hints)
return [base.filter_user(u.to_dict()) for u in query]
def list_projects(self, hints):
# If there is a filter on domain_id and the value is None, then to
# ensure that the sql filtering works correctly, we need to patch
# the value to be NULL_DOMAIN_ID. This is safe to do here since we
# know we are able to satisfy any filter of this type in the call to
# filter_limit_query() below, which will remove the filter from the
# hints (hence ensuring our substitution is not exposed to the caller).
for f in hints.filters:
if (f['name'] == 'domain_id' and f['value'] is None):
f['value'] = base.NULL_DOMAIN_ID
with sql.session_for_read() as session:
query = session.query(Project)
query = query.filter(Project.id != base.NULL_DOMAIN_ID)
project_refs = sql.filter_limit_query(Project, query, hints)
return [project_ref.to_dict() for project_ref in project_refs]
def list_projects(self, hints):
# If there is a filter on domain_id and the value is None, then to
# ensure that the sql filtering works correctly, we need to patch
# the value to be NULL_DOMAIN_ID. This is safe to do here since we
# know we are able to satisfy any filter of this type in the call to
# filter_limit_query() below, which will remove the filter from the
# hints (hence ensuring our substitution is not exposed to the caller).
for f in hints.filters:
if (f['name'] == 'domain_id' and f['value'] is None):
f['value'] = base.NULL_DOMAIN_ID
with sql.session_for_read() as session:
query = session.query(Project)
query = query.filter(Project.id != base.NULL_DOMAIN_ID)
project_refs = sql.filter_limit_query(Project, query, hints)
return [project_ref.to_dict() for project_ref in project_refs]
def get_federated_users(self, hints):
with sql.session_for_read() as session:
query = session.query(model.User).outerjoin(
model.LocalUser).outerjoin(model.FederatedUser)
query = query.filter(model.User.id == model.FederatedUser.user_id)
query = self._update_query_with_federated_statements(hints, query)
name_filter = None
for filter_ in hints.filters:
if filter_['name'] == 'name':
name_filter = filter_
query = query.filter(model.FederatedUser.display_name ==
name_filter['value'])
break
if name_filter:
hints.filters.remove(name_filter)
user_refs = sql.filter_limit_query(model.User, query, hints)
return [identity_base.filter_user(x.to_dict()) for x in user_refs]
def get_federated_users(self, hints):
with sql.session_for_read() as session:
query = session.query(model.User).outerjoin(
model.LocalUser).outerjoin(model.FederatedUser)
query = query.filter(model.User.id == model.FederatedUser.user_id)
query = self._update_query_with_federated_statements(hints, query)
name_filter = None
for filter_ in hints.filters:
if filter_['name'] == 'name':
name_filter = filter_
query = query.filter(
model.FederatedUser.display_name == name_filter[
'value'])
break
if name_filter:
hints.filters.remove(name_filter)
user_refs = sql.filter_limit_query(model.User, query, hints)
return [identity_base.filter_user(x.to_dict()) for x in user_refs]
def _check_and_fill_registered_limit_id(self, limit):
# Make sure there is a referenced registered limit first. Then add
# the registered limit id to the new created limit.
hints = driver_hints.Hints()
limit_copy = copy.deepcopy(limit)
hints.add_filter('service_id', limit_copy.pop('service_id'))
hints.add_filter('resource_name', limit_copy.pop('resource_name'))
hints.add_filter('region_id', limit_copy.pop('region_id', None))
with sql.session_for_read() as session:
registered_limits = session.query(RegisteredLimitModel)
registered_limits = sql.filter_limit_query(
RegisteredLimitModel, registered_limits, hints)
reg_limits = registered_limits.all()
if not reg_limits:
raise exception.NoLimitReference
limit_copy['registered_limit_id'] = reg_limits[0]['id']
return limit_copy
def list_users(self, hints):
with sql.session_for_read() as session:
query = session.query(model.User).outerjoin(model.LocalUser)
user_refs = sql.filter_limit_query(model.User, query, hints)
return [base.filter_user(x.to_dict()) for x in user_refs]
def list_groups(self, hints):
with sql.session_for_read() as session:
query = session.query(Group)
refs = sql.filter_limit_query(Group, query, hints)
return [ref.to_dict() for ref in refs]
def list_policies(self, hints):
with sql.transaction() as session:
query = session.query(PolicyModel)
policy_refs = sql.filter_limit_query(PolicyModel, query, hints)
return [policy_ref.to_dict() for policy_ref in policy_refs]
def list_roles(self, hints):
with sql.transaction() as session:
query = session.query(Role)
refs = sql.filter_limit_query(Role, query, hints)
return [ref.to_dict() for ref in refs]
def list_regions(self, hints):
session = sql.get_session()
regions = session.query(Region)
regions = sql.filter_limit_query(Region, regions, hints)
return [s.to_dict() for s in list(regions)]
def list_services(self, hints):
session = sql.get_session()
services = session.query(Service)
services = sql.filter_limit_query(Service, services, hints)
return [s.to_dict() for s in list(services)]
def list_idps(self, hints=None):
with sql.session_for_read() as session:
query = session.query(IdentityProviderModel)
idps = sql.filter_limit_query(IdentityProviderModel, query, hints)
idps_list = [idp.to_dict() for idp in idps]
return idps_list
def list_regions(self, hints):
with sql.session_for_read() as session:
regions = session.query(Region)
regions = sql.filter_limit_query(Region, regions, hints)
return [s.to_dict() for s in list(regions)]
def list_endpoints(self, hints):
with sql.session_for_read() as session:
endpoints = session.query(Endpoint)
endpoints = sql.filter_limit_query(Endpoint, endpoints, hints)
return [e.to_dict() for e in list(endpoints)]
def list_services(self, hints):
with sql.session_for_read() as session:
services = session.query(Service)
services = sql.filter_limit_query(Service, services, hints)
return [s.to_dict() for s in list(services)]
def list_credentials(self, hints):
session = sql.get_session()
credentials = session.query(CredentialModel)
credentials = sql.filter_limit_query(CredentialModel, credentials,
hints)
return [s.to_dict() for s in credentials]
def list_users(self, hints):
with sql.session_for_read() as session:
query = session.query(User).outerjoin(LocalUser)
user_refs = sql.filter_limit_query(User, query, hints)
return [identity.filter_user(x.to_dict()) for x in user_refs]
def list_endpoint_groups(self, hints):
with sql.session_for_read() as session:
query = session.query(EndpointGroup)
endpoint_group_refs = sql.filter_limit_query(
EndpointGroup, query, hints)
return [e.to_dict() for e in endpoint_group_refs]
def list_limits(self, hints):
with sql.session_for_read() as session:
query = session.query(LimitModel).outerjoin(RegisteredLimitModel)
limits = sql.filter_limit_query(LimitModel, query, hints)
return [limit.to_dict() for limit in limits]
def list_endpoints(self, hints):
with sql.session_for_read() as session:
endpoints = session.query(Endpoint)
endpoints = sql.filter_limit_query(Endpoint, endpoints, hints)
return [e.to_dict() for e in list(endpoints)]
def list_regions(self, hints):
with sql.session_for_read() as session:
regions = session.query(Region)
regions = sql.filter_limit_query(Region, regions, hints)
return [s.to_dict() for s in list(regions)]
def list_access_rules_for_user(self, user_id, hints):
with sql.session_for_read() as session:
query = session.query(AccessRuleModel).filter_by(user_id=user_id)
refs = sql.filter_limit_query(AccessRuleModel, query, hints)
return [self._access_rule_to_dict(ref) for ref in refs]
def list_sps(self, hints=None):
with sql.session_for_read() as session:
query = session.query(ServiceProviderModel)
sps = sql.filter_limit_query(ServiceProviderModel, query, hints)
sps_list = [sp.to_dict() for sp in sps]
return sps_list
def list_domains(self, hints):
with sql.session_for_read() as session:
query = session.query(Domain)
refs = sql.filter_limit_query(Domain, query, hints)
return [ref.to_dict() for ref in refs]
def list_endpoints(self, hints):
session = sql.get_session()
endpoints = session.query(Endpoint)
endpoints = sql.filter_limit_query(Endpoint, endpoints, hints)
return [e.to_dict() for e in list(endpoints)]
def list_groups(self, hints):
session = sql.get_session()
query = session.query(Group)
refs = sql.filter_limit_query(Group, query, hints)
return [ref.to_dict() for ref in refs]
def list_projects(self, hints):
with sql.transaction() as session:
query = session.query(Project)
project_refs = sql.filter_limit_query(Project, query, hints)
return [project_ref.to_dict() for project_ref in project_refs]
def list_federated_users_info(self, hints=None):
with sql.session_for_read() as session:
query = session.query(model.FederatedUser)
fed_user_refs = sql.filter_limit_query(model.FederatedUser, query,
hints)
return [x.to_dict() for x in fed_user_refs]
def list_rules(self, hints):
with sql.transaction() as session:
query = session.query(RuleModel)
rule_refs = sql.filter_limit_query(RuleModel, query, hints)
return [rule_ref.to_dict() for rule_ref in rule_refs]
def list_credentials(self, hints):
with sql.session_for_read() as session:
credentials = session.query(CredentialModel)
credentials = sql.filter_limit_query(CredentialModel,
credentials, hints)
return [s.to_dict() for s in credentials]
def list_limits(self, hints):
with sql.session_for_read() as session:
limits = session.query(LimitModel)
limits = sql.filter_limit_query(LimitModel, limits, hints)
return [s.to_dict() for s in limits]
def list_credentials(self, hints):
session = sql.get_session()
credentials = session.query(CredentialModel)
credentials = sql.filter_limit_query(CredentialModel,
credentials, hints)
return [s.to_dict() for s in credentials]
def list_roles(self, hints):
with sql.transaction() as session:
query = session.query(Role)
refs = sql.filter_limit_query(Role, query, hints)
return [ref.to_dict() for ref in refs]
def list_endpoints(self, hints):
session = sql.get_session()
endpoints = session.query(Endpoint)
endpoints = sql.filter_limit_query(Endpoint, endpoints, hints)
return [e.to_dict() for e in list(endpoints)]
def list_users(self, hints):
session = sql.get_session()
query = session.query(User)
user_refs = sql.filter_limit_query(User, query, hints)
return [identity.filter_user(x.to_dict()) for x in user_refs]
def list_domains(self, hints):
with sql.session_for_read() as session:
query = session.query(Domain)
refs = sql.filter_limit_query(Domain, query, hints)
return [ref.to_dict() for ref in refs]
def list_groups(self, hints):
with sql.session_for_read() as session:
query = session.query(model.Group)
refs = sql.filter_limit_query(model.Group, query, hints)
return [ref.to_dict() for ref in refs]
def list_roles(self, hints):
with sql.session_for_read() as session:
query = session.query(RoleTable)
refs = sql.filter_limit_query(RoleTable, query, hints)
return [ref.to_dict() for ref in refs]
def list_federated_users_info(self, hints=None):
with sql.session_for_read() as session:
query = session.query(model.FederatedUser)
fed_user_refs = sql.filter_limit_query(model.FederatedUser, query,
hints)
return [x.to_dict() for x in fed_user_refs]
def list_credentials(self, hints):
with sql.session_for_read() as session:
credentials = session.query(CredentialModel)
credentials = sql.filter_limit_query(CredentialModel, credentials,
hints)
return [s.to_dict() for s in credentials]
def list_projects(self, hints):
with sql.transaction() as session:
query = session.query(Project)
project_refs = sql.filter_limit_query(Project, query, hints)
return [project_ref.to_dict() for project_ref in project_refs]
def list_idps(self, hints=None):
with sql.session_for_read() as session:
query = session.query(IdentityProviderModel)
idps = sql.filter_limit_query(IdentityProviderModel, query, hints)
idps_list = [idp.to_dict() for idp in idps]
return idps_list
def list_services(self, hints):
session = sql.get_session()
services = session.query(Service)
services = sql.filter_limit_query(Service, services, hints)
return [s.to_dict() for s in list(services)]
def list_sps(self, hints=None):
with sql.session_for_read() as session:
query = session.query(ServiceProviderModel)
sps = sql.filter_limit_query(ServiceProviderModel, query, hints)
sps_list = [sp.to_dict() for sp in sps]
return sps_list
def list_regions(self, hints):
session = sql.get_session()
regions = session.query(Region)
regions = sql.filter_limit_query(Region, regions, hints)
return [s.to_dict() for s in list(regions)]
def list_services(self, hints):
with sql.session_for_read() as session:
services = session.query(Service)
services = sql.filter_limit_query(Service, services, hints)
return [s.to_dict() for s in list(services)]
