def load_backends(): # Configure and build the cache cache.configure_cache_region(cache.REGION) # Ensure that the identity driver is created before the assignment manager. # The default assignment driver is determined by the identity driver, so # the identity driver must be available to the assignment manager. _IDENTITY_API = identity.Manager() DRIVERS = dict(assignment_api=assignment.Manager(), catalog_api=catalog.Manager(), credential_api=credential.Manager(), endpoint_filter_api=endpoint_filter.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=_IDENTITY_API, policy_api=policy.Manager(), token_api=token.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) auth.controllers.load_auth_methods() return DRIVERS
def load_backends(): # Configure and build the cache cache.configure_cache() cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION) # Ensure that the identity driver is created before the assignment manager # and that the assignment driver is created before the resource manager. # The default resource driver depends on assignment, which in turn # depends on identity - hence we need to ensure the chain is available. _IDENTITY_API = identity.Manager() _ASSIGNMENT_API = assignment.Manager() DRIVERS = dict(assignment_api=_ASSIGNMENT_API, catalog_api=catalog.Manager(), credential_api=credential.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=_IDENTITY_API, oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) auth.controllers.load_auth_methods() return DRIVERS
def main(): def validate_options(): # NOTE(henry-nash); It would be nice to use the argparse automated # checking for this validation, but the only way I can see doing # that is to make the default (i.e. if no optional parameters # are specified) to purge all mappings - and that sounds too # dangerous as a default. So we use it in a slightly # unconventional way, where all parameters are optional, but you # must specify at least one. if (CONF.command.all is False and CONF.command.domain_name is None and CONF.command.public_id is None and CONF.command.local_id is None and CONF.command.type is None): raise ValueError(_('At least one option must be provided')) if (CONF.command.all is True and (CONF.command.domain_name is not None or CONF.command.public_id is not None or CONF.command.local_id is not None or CONF.command.type is not None)): raise ValueError( _('--all option cannot be mixed with ' 'other options')) def get_domain_id(name): try: identity.Manager() # init assignment manager to avoid KeyError in resource.core assignment.Manager() resource_manager = resource.Manager() return resource_manager.get_domain_by_name(name)['id'] except KeyError: raise ValueError( _("Unknown domain '%(name)s' specified by " "--domain-name") % {'name': name}) validate_options() # Now that we have validated the options, we know that at least one # option has been specified, and if it was the --all option then this # was the only option specified. # # The mapping dict is used to filter which mappings are purged, so # leaving it empty means purge them all mapping = {} if CONF.command.domain_name is not None: mapping['domain_id'] = get_domain_id(CONF.command.domain_name) if CONF.command.public_id is not None: mapping['public_id'] = CONF.command.public_id if CONF.command.local_id is not None: mapping['local_id'] = CONF.command.local_id if CONF.command.type is not None: mapping['type'] = CONF.command.type mapping_manager = identity.MappingManager() mapping_manager.purge_mappings(mapping)
def load_backends(): # Configure and build the cache cache.configure_cache() cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION) cache.apply_invalidation_patch( region=catalog.COMPUTED_CATALOG_REGION, region_name=catalog.COMPUTED_CATALOG_REGION.name) cache.configure_cache(region=assignment.COMPUTED_ASSIGNMENTS_REGION) cache.apply_invalidation_patch( region=assignment.COMPUTED_ASSIGNMENTS_REGION, region_name=assignment.COMPUTED_ASSIGNMENTS_REGION.name) cache.configure_cache(region=revoke.REVOKE_REGION) cache.apply_invalidation_patch(region=revoke.REVOKE_REGION, region_name=revoke.REVOKE_REGION.name) cache.configure_cache(region=token.provider.TOKENS_REGION) cache.configure_cache(region=identity.ID_MAPPING_REGION) cache.apply_invalidation_patch(region=identity.ID_MAPPING_REGION, region_name=identity.ID_MAPPING_REGION.name) # Ensure that the identity driver is created before the assignment manager # and that the assignment driver is created before the resource manager. # The default resource driver depends on assignment, which in turn # depends on identity - hence we need to ensure the chain is available. # TODO(morganfainberg): In "O" release move _IDENTITY_API to be directly # instantiated in the DRIVERS dict once assignment driver being selected # based upon [identity]/driver is removed. _IDENTITY_API = identity.Manager() _ASSIGNMENT_API = assignment.Manager() DRIVERS = dict( assignment_api=_ASSIGNMENT_API, catalog_api=catalog.Manager(), credential_api=credential.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=_IDENTITY_API, shadow_users_api=identity.ShadowUsersManager(), oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) auth.controllers.load_auth_methods() return DRIVERS
def load_backends(): # Configure and build the cache cache.configure_cache() cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION) cache.apply_invalidation_patch( region=catalog.COMPUTED_CATALOG_REGION, region_name=catalog.COMPUTED_CATALOG_REGION.name) cache.configure_cache(region=assignment.COMPUTED_ASSIGNMENTS_REGION) cache.apply_invalidation_patch( region=assignment.COMPUTED_ASSIGNMENTS_REGION, region_name=assignment.COMPUTED_ASSIGNMENTS_REGION.name) # Ensure that the assignment driver is created before the resource manager. # The default resource driver depends on assignment. _ASSIGNMENT_API = assignment.Manager() DRIVERS = dict(assignment_api=_ASSIGNMENT_API, catalog_api=catalog.Manager(), credential_api=credential.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=identity.Manager(), oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) auth.controllers.load_auth_methods() return DRIVERS
def load_backends(): # Configure and build the cache cache.configure_cache() cache.configure_cache(region=catalog.COMPUTED_CATALOG_REGION) cache.configure_cache(region=assignment.COMPUTED_ASSIGNMENTS_REGION) cache.configure_cache(region=revoke.REVOKE_REGION) cache.configure_cache(region=token.provider.TOKENS_REGION) cache.configure_cache(region=identity.ID_MAPPING_REGION) cache.configure_invalidation_region() # NOTE(knikolla): The assignment manager must be instantiated before the # resource manager. The current dictionary ordering ensures that. DRIVERS = dict(assignment_api=assignment.Manager(), catalog_api=catalog.Manager(), credential_api=credential.Manager(), credential_provider_api=credential.provider.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=identity.Manager(), shadow_users_api=identity.ShadowUsersManager(), oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager()) auth.core.load_auth_methods() return DRIVERS
def load_backends(): # Configure and build the cache cache.configure_cache_region(cache.REGION) # Ensure that the identity driver is created before the assignment manager. # The default assignment driver is determined by the identity driver, so # the identity driver must be available to the assignment manager. _IDENTITY_API = identity.Manager() DRIVERS = dict( assignment_api=assignment.Manager(), catalog_api=catalog.Manager(), credential_api=credential.Manager(), domain_config_api=resource.DomainConfigManager(), endpoint_filter_api=endpoint_filter.Manager(), endpoint_policy_api=endpoint_policy.Manager(), federation_api=federation.Manager(), id_generator_api=identity.generator.Manager(), id_mapping_api=identity.MappingManager(), identity_api=_IDENTITY_API, oauth_api=oauth1.Manager(), policy_api=policy.Manager(), resource_api=resource.Manager(), revoke_api=revoke.Manager(), role_api=assignment.RoleManager(), token_api=token.persistence.Manager(), trust_api=trust.Manager(), token_provider_api=token.provider.Manager(), # admin_api=moon.AdminManager(), # authz_api=moon.AuthzManager() ) auth.controllers.load_auth_methods() return DRIVERS