def test_class_is_properly_deprecated(self, mock_reporter): Driver = manager.create_legacy_driver(catalog.CatalogDriverV8) # NOTE(dstanek): I want to subvert the requirement for this # class to implement all of the abstractmethods. Driver.__abstractmethods__ = set() impl = Driver() details = { 'as_of': 'Liberty', 'what': 'keystone.catalog.core.Driver', 'in_favor_of': 'keystone.catalog.core.CatalogDriverV8', 'remove_in': 'N', } mock_reporter.assert_called_with(mock.ANY, mock.ANY, details) self.assertIsInstance(impl, catalog.CatalogDriverV8)
def test_class_is_properly_deprecated(self, mock_reporter): Driver = manager.create_legacy_driver(catalog.CatalogDriverV8) # NOTE(dstanek): I want to subvert the requirement for this # class to implement all of the abstract methods. Driver.__abstractmethods__ = set() impl = Driver() details = { 'as_of': 'Liberty', 'what': 'keystone.catalog.core.Driver', 'in_favor_of': 'keystone.catalog.core.CatalogDriverV8', 'remove_in': 'N', } mock_reporter.assert_called_with(mock.ANY, mock.ANY, details) self.assertIsInstance(impl, catalog.CatalogDriverV8)
@abc.abstractmethod def remove_endpoint_group_from_project(self, endpoint_group_id, project_id): """Remove an endpoint to project association. :param endpoint_group_id: identity of endpoint to associate :type endpoint_group_id: string :param project_id: identity of project to associate :type project_id: string :raises keystone.exception.NotFound: If endpoint group project association was not found. :returns: None. """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def delete_endpoint_group_association_by_project(self, project_id): """Remove endpoint group to project associations. :param project_id: identity of the project to check :type project_id: string :returns: None """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(CatalogDriverV8)
service_v3 = { 'type': service_type, 'endpoints': [] } for attr, value in service.items(): # Attributes that end in URL are interfaces. In the V2 # catalog, these are internalURL, publicURL, and adminURL. # For example, <region_name>.publicURL=<URL> in the V2 # catalog becomes the V3 interface for the service: # { 'interface': 'public', 'url': '<URL>', 'region': # 'region: '<region_name>' } if attr.endswith('URL'): v3_interface = attr[:-len('URL')] service_v3['endpoints'].append({ 'interface': v3_interface, 'region': region_name, 'url': value, }) continue # Other attributes are copied to the service. service_v3[attr] = value v3_catalog.append(service_v3) return v3_catalog Driver = manager.create_legacy_driver(CatalogDriverV8)
:type service_id: string :returns: None """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def delete_association_by_region(self, region_id): """Removes all the policy associations with the specific region. :param region_id: identity of endpoint to check :type region_id: string :returns: None """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def delete_association_by_policy(self, policy_id): """Removes all the policy associations with the specific policy. :param policy_id: identity of endpoint to check :type policy_id: string :returns: None """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(EndpointPolicyDriverV8)
:type sp: dict :returns: sp_ref :rtype: dict :raises keystone.exception.ServiceProviderNotFound: If the service provider doesn't exist. """ raise exception.NotImplemented() # pragma: no cover def get_enabled_service_providers(self): """List enabled service providers for Service Catalog Service Provider in a catalog contains three attributes: ``id``, ``auth_url``, ``sp_url``, where: - id is a unique, user defined identifier for service provider object - auth_url is an authentication URL of remote Keystone - sp_url a URL accessible at the remote service provider where SAML assertion is transmitted. :returns: list of dictionaries with enabled service providers :rtype: list of dicts """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(FederationDriverV8)
:param user_id: identity of the user :type user_id: string :param tenant_id: identity of the tenant :type tenant_id: string :param trust_id: identity of the trust :type trust_id: string :param consumer_id: identity of the consumer :type consumer_id: string :returns: list of token_id's """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def list_revoked_tokens(self): """Returns a list of all revoked tokens :returns: list of token_id's """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def flush_expired_tokens(self): """Archive or delete tokens that have expired. """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(TokenDriverV8)
raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def list_trusts(self): raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def list_trusts_for_trustee(self, trustee): raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def list_trusts_for_trustor(self, trustor): raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def delete_trust(self, trust_id): raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def consume_use(self, trust_id): """Consume one use when a trust was created with a limitation on its uses, provided there are still uses available. :raises: keystone.exception.TrustUseLimitReached, keystone.exception.TrustNotFound """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(TrustDriverV8)
@abc.abstractmethod def authorize_request_token(self, request_token_id, user_id, role_ids): """Authorize request token. :param request_token_id: the id of the request token, to be authorized :type request_token_id: string :param user_id: the id of the authorizing user :type user_id: string :param role_ids: list of role ids to authorize :type role_ids: list :returns: verifier """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def create_access_token(self, request_id, access_token_duration): """Create access token. :param request_id: the id of the request token, to be deleted :type request_id: string :param access_token_duration: duration of an access token :type access_token_duration: string :returns: access_token_ref """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(Oauth1DriverV8)
@versionutils.deprecated( versionutils.deprecated.NEWTON, what='keystone.federation.FederationDriverV8', in_favor_of='keystone.federation.backends.base.FederationDriverV8', remove_in=+1) class FederationDriverV8(base.FederationDriverV8): pass @versionutils.deprecated( versionutils.deprecated.NEWTON, what='keystone.federation.FederationDriverV9', in_favor_of='keystone.federation.backends.base.FederationDriverV9', remove_in=+1) class FederationDriverV9(base.FederationDriverV9): pass @versionutils.deprecated( versionutils.deprecated.NEWTON, what='keystone.federation.V9FederationWrapperForV8Driver', in_favor_of=( 'keystone.federation.backends.base.V9FederationWrapperForV8Driver'), remove_in=+1) class V9FederationWrapperForV8Driver(base.V9FederationWrapperForV8Driver): pass Driver = manager.create_legacy_driver(base.FederationDriverV8)
:raises: keystone.exception.RoleNotFound """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def delete_group_assignments(self, group_id): """Deletes all assignments for a group. :raises: keystone.exception.RoleNotFound """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(AssignmentDriverV8) @dependency.provider('role_api') @dependency.requires('assignment_api') class RoleManager(manager.Manager): """Default pivot point for the Role backend.""" driver_namespace = 'keystone.role' _ROLE = 'role' def __init__(self): # If there is a specific driver specified for role, then use it. # Otherwise retrieve the driver type from the assignment driver. role_driver = CONF.role.driver
raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def remove_endpoint_group_from_project(self, endpoint_group_id, project_id): """Remove an endpoint to project association. :param endpoint_group_id: identity of endpoint to associate :type endpoint_group_id: string :param project_id: identity of project to associate :type project_id: string :raises: exception.NotFound :returns: None. """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def delete_endpoint_group_association_by_project(self, project_id): """Remove endpoint group to project associations. :param project_id: identity of the project to check :type project_id: string :returns: None """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(EndpointFilterDriverV8)
return self.driver.create_credential(credential_id, credential) def _validate_credential_update(self, credential_id, credential): # ec2 credentials require a "project_id" to be functional. Before we # update, check the case where a non-ec2 credential changes its type # to be "ec2", but has no associated "project_id", either in the # request or already set in the database if (credential.get('type', '').lower() == 'ec2' and not credential.get('project_id')): existing_cred = self.get_credential(credential_id) if not existing_cred['project_id']: raise exception.ValidationError(attribute='project_id', target='credential') def update_credential(self, credential_id, credential): """Update an existing credential.""" self._validate_credential_update(credential_id, credential) return self.driver.update_credential(credential_id, credential) @versionutils.deprecated( versionutils.deprecated.NEWTON, what='keystone.credential.CredentialDriverV8', in_favor_of='keystone.credential.backends.base.CredentialDriverV8', remove_in=+1) class AuthMethodHandler(base.CredentialDriverV8): pass Driver = manager.create_legacy_driver(base.CredentialDriverV8)
:param user_id: identity of the user :type user_id: string :param tenant_id: identity of the tenant :type tenant_id: string :param trust_id: identity of the trust :type trust_id: string :param consumer_id: identity of the consumer :type consumer_id: string :returns: list of token_id's """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def list_revoked_tokens(self): """Returns a list of all revoked tokens :returns: list of token_id's """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def flush_expired_tokens(self): """Archive or delete tokens that have expired.""" raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(TokenDriverV8)
:type service_id: string :returns: None """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def delete_association_by_region(self, region_id): """Remove all the policy associations with the specific region. :param region_id: identity of endpoint to check :type region_id: string :returns: None """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def delete_association_by_policy(self, policy_id): """Remove all the policy associations with the specific policy. :param policy_id: identity of endpoint to check :type policy_id: string :returns: None """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(EndpointPolicyDriverV8)
@six.add_metaclass(abc.ABCMeta) class RevokeDriverV8(object): """Interface for recording and reporting revocation events.""" @abc.abstractmethod def list_events(self, last_fetch=None): """return the revocation events, as a list of objects :param last_fetch: Time of last fetch. Return all events newer. :returns: A list of keystone.revoke.model.RevokeEvent newer than `last_fetch.` If no last_fetch is specified, returns all events for tokens issued after the expiration cutoff. """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def revoke(self, event): """register a revocation event :param event: An instance of keystone.revoke.model.RevocationEvent """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(RevokeDriverV8)
""" raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def delete_credentials_for_project(self, project_id): """Deletes all credentials for a project.""" self._delete_credentials(lambda cr: cr["project_id"] == project_id) @abc.abstractmethod def delete_credentials_for_user(self, user_id): """Deletes all credentials for a user.""" self._delete_credentials(lambda cr: cr["user_id"] == user_id) def _delete_credentials(self, match_fn): """Do the actual credential deletion work (default implementation). :param match_fn: function that takes a credential dict as the parameter and returns true or false if the identifier matches the credential dict. """ for cr in self.list_credentials(): if match_fn(cr): try: self.credential_api.delete_credential(cr["id"]) except exception.CredentialNotFound: LOG.debug("Deletion of credential is not required: %s", cr["id"]) Driver = manager.create_legacy_driver(CredentialDriverV8)
role_id=role_id)) def check_token(self, token_values): """Check the values from a token against the revocation list. :param token_values: dictionary of values from a token, normalized for differences between v2 and v3. The checked values are a subset of the attributes of model.TokenEvent :raises keystone.exception.TokenNotFound: If the token is invalid. """ if revoke_model.is_revoked(self.list_events(), token_values): raise exception.TokenNotFound(_('Failed to validate token')) def revoke(self, event): self.driver.revoke(event) REVOKE_REGION.invalidate() @versionutils.deprecated( versionutils.deprecated.NEWTON, what='keystone.revoke.RevokeDriverV8', in_favor_of='keystone.revoke.backends.base.RevokeDriverV8', remove_in=+1) class RevokeDriverV8(base.RevokeDriverV8): pass Driver = manager.create_legacy_driver(base.RevokeDriverV8)
def list_trusts(self): raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def list_trusts_for_trustee(self, trustee): raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def list_trusts_for_trustor(self, trustor): raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def delete_trust(self, trust_id): raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def consume_use(self, trust_id): """Consume one use of a trust. One use of a trust is consumed when the trust was created with a limitation on its uses, provided there are still uses available. :raises keystone.exception.TrustUseLimitReached: If no remaining uses for trust. :raises keystone.exception.TrustNotFound: If the trust doesn't exist. """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(TrustDriverV8)
raise exception.PolicyNotFound(policy_id=policy_id) notifications.Audit.updated(self._POLICY, policy_id, initiator) return ref @manager.response_truncated def list_policies(self, hints=None): # NOTE(henry-nash): Since the advantage of filtering or list limiting # of policies at the driver level is minimal, we leave this to the # caller. return self.driver.list_policies() def delete_policy(self, policy_id, initiator=None): try: ret = self.driver.delete_policy(policy_id) except exception.NotFound: raise exception.PolicyNotFound(policy_id=policy_id) notifications.Audit.deleted(self._POLICY, policy_id, initiator) return ret @versionutils.deprecated( versionutils.deprecated.NEWTON, what='keystone.policy.PolicyDriverV8', in_favor_of='keystone.policy.backends.base.PolicyDriverV8', remove_in=+1) class PolicyDriverV8(base.PolicyDriverV8): pass Driver = manager.create_legacy_driver(base.PolicyDriverV8)
@abc.abstractmethod def get_policy(self, policy_id): """Retrieve a specific policy blob. :raises: keystone.exception.PolicyNotFound """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def update_policy(self, policy_id, policy): """Update a policy blob. :raises: keystone.exception.PolicyNotFound """ raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def delete_policy(self, policy_id): """Remove a policy blob. :raises: keystone.exception.PolicyNotFound """ raise exception.NotImplemented() # pragma: no cover Driver = manager.create_legacy_driver(PolicyDriverV8)