def test_get_version_path(self):
sot = identity_service.IdentityService()
self.assertEqual('v3', sot.get_version_path('v2'))
sot = identity_service.IdentityService(version='v2')
self.assertEqual('v2', sot.get_version_path('v3'))
sot = identity_service.IdentityService(version='v2.1')
self.assertEqual('v2.1', sot.get_version_path('v3'))
sot = identity_service.IdentityService(version='')
self.assertEqual('', sot.get_version_path('v3'))
class Domain(resource.Resource):
resource_key = 'domain'
resources_key = 'domains'
base_path = '/domains'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_get = True
allow_update = True
allow_delete = True
allow_list = True
patch_update = True
# Properties
#: The description of this domain. *Type: string*
description = resource.Body('description')
#: Setting this attribute to ``False`` prevents users from authorizing
#: against this domain or any projects owned by this domain, and prevents
#: users owned by this domain from authenticating or receiving any other
#: authorization. Additionally, all pre-existing tokens applicable
#: to the above entities are immediately invalidated.
#: Re-enabling a domain does not re-enable pre-existing tokens.
#: *Type: bool*
is_enabled = resource.Body('enabled', type=bool)
#: The globally unique name of this domain. *Type: string*
name = resource.Body('name')
#: The links related to the domain resource.
links = resource.Body('links')
class Credential(resource.Resource):
resource_key = 'credential'
resources_key = 'credentials'
base_path = '/credentials'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_get = True
allow_update = True
allow_delete = True
allow_list = True
patch_update = True
# Properties
#: Arbitrary blob of the credential data, to be parsed according to the
#: ``type``. *Type: string*
blob = resource.Body('blob')
#: References a project ID which limits the scope the credential applies
#: to. This attribute is **mandatory** if the credential type is ``ec2``.
#: *Type: string*
project_id = resource.Body('project_id')
#: Representing the credential type, such as ``ec2`` or ``cert``.
#: A specific implementation may determine the list of supported types.
#: *Type: string*
type = resource.Body('type')
#: References the user ID which owns the credential. *Type: string*
user_id = resource.Body('user_id')
class Region(resource.Resource):
resource_key = 'region'
resources_key = 'regions'
base_path = '/regions'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_get = True
allow_update = True
allow_delete = True
allow_list = True
patch_update = True
# Properties
#: User-facing description of the region. *Type: string*
description = resource.Body('description')
#: The links for the region resource.
links = resource.Body('links', type=dict)
#: ID of parent region, if any. *Type: string*
parent_region_id = resource.Body('parent_region_id')
#: ID of region, if any. *Type: string*
id = resource.Body('id')
#: Type of region. *Type: string*
type = resource.Body('type')
#: Type of locales.
locales = resource.Body('locales', type=dict)
class Policy(resource.Resource):
resource_key = 'policy'
resources_key = 'policies'
base_path = '/policies'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_get = True
allow_update = True
allow_delete = True
allow_list = True
update_method = 'PATCH'
# Properties
#: The policy rule set itself, as a serialized blob. *Type: string*
blob = resource.Body('blob')
#: The links for the policy resource.
links = resource.Body('links')
#: The ID for the project.
project_id = resource.Body('project_id')
#: The MIME Media Type of the serialized policy blob. *Type: string*
type = resource.Body('type')
#: The ID of the user who owns the policy
user_id = resource.Body('user_id')
class Group(resource.Resource):
resource_key = 'group'
resources_key = 'groups'
base_path = '/groups'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_get = True
allow_update = True
allow_delete = True
allow_list = True
update_method = 'PATCH'
_query_mapping = resource.QueryParameters(
'domain_id', 'name',
)
# Properties
#: The description of this group. *Type: string*
description = resource.Body('description')
#: References the domain ID which owns the group; if a domain ID is not
#: specified by the client, the Identity service implementation will
#: default it to the domain ID to which the client's token is scoped.
#: *Type: string*
domain_id = resource.Body('domain_id')
#: Unique group name, within the owning domain. *Type: string*
name = resource.Body('name')
class Role(resource.Resource):
resource_key = 'role'
resources_key = 'roles'
base_path = '/roles'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_get = True
allow_update = True
allow_delete = True
allow_list = True
put_create = True
_query_mapping = resource.QueryParameters('name', 'domain_id')
# Properties
#: References the domain ID which owns the role; if a domain ID is not
#: specified by the client, the Identity service implementation will
#: default it to the domain ID to which the client's token is scoped.
#: *Type: string*
domain_id = resource.Body('domain_id')
#: Unique role name, within the owning domain. *Type: string*
name = resource.Body('name')
#: The links for the service resource.
links = resource.Body('links')
class Extension(resource.Resource):
resource_key = 'extension'
resources_key = 'extensions'
base_path = '/extensions'
service = identity_service.IdentityService()
# capabilities
allow_list = True
# Properties
#: A unique identifier, which will be used for accessing the extension
#: through a dedicated url ``/extensions/*alias*``. The extension
#: alias uniquely identifies an extension and is prefixed by a vendor
#: identifier. *Type: string*
alias = resource.prop('alias')
#: A description of the extension. *Type: string*
description = resource.prop('description')
#: Links to the documentation in various format. *Type: string*
links = resource.prop('links')
#: The name of the extension. *Type: string*
name = resource.prop('name')
#: The second unique identifier of the extension after the alias.
#: It is usually a URL which will be used. Example:
#: "http://docs.openstack.org/identity/api/ext/s3tokens/v1.0"
#: *Type: string*
namespace = resource.prop('namespace')
#: The last time the extension has been modified (update date).
#: *Type: date*
updated = resource.prop('updated')
@classmethod
def list(cls, session, **params):
resp = session.get(cls.base_path, service=cls.service, params=params)
for data in resp.body[cls.resources_key]['values']:
yield cls.existing(**data)
def __init__(self, plugins=None):
"""User preference for each service.
:param list plugins: List of entry point namespaces to load.
Create a new :class:`~openstack.profile.Profile`
object with no preferences defined, but knowledge of the services.
Services are identified by their service type, e.g.: 'identity',
'compute', etc.
"""
self._preferences = {}
self._services = {}
self._add_service(cluster_service.ClusterService())
self._add_service(compute_service.ComputeService())
self._add_service(database_service.DatabaseService())
self._add_service(identity_service.IdentityService())
self._add_service(image_service.ImageService())
self._add_service(metric_service.MetricService())
self._add_service(network_service.NetworkService())
self._add_service(object_store_service.ObjectStoreService())
self._add_service(orchestration_service.OrchestrationService())
self._add_service(key_management_service.KeyManagementService())
self._add_service(telemetry_service.TelemetryService())
self._add_service(block_store_service.BlockStoreService())
self._add_service(message_service.MessageService())
if plugins:
for plugin in plugins:
self._load_plugin(plugin)
self.service_names = sorted(self._services.keys())
def __init__(self, plugins=None):
"""User preference for each service.
:param plugins: List of entry point namespaces to load.
Create a new :class:`~openstack.profile.Profile`
object with no preferences defined, but knowledge of the services.
Services are identified by their service type, e.g.: 'identity',
'compute', etc.
"""
self._services = {}
self._add_service(baremetal_service.BaremetalService(version="v1"))
self._add_service(
block_storage_service.BlockStorageService(version="v2"))
self._add_service(clustering_service.ClusteringService(version="v1"))
self._add_service(compute_service.ComputeService(version="v2"))
self._add_service(database_service.DatabaseService(version="v1"))
self._add_service(identity_service.IdentityService(version="v3"))
self._add_service(image_service.ImageService(version="v2"))
self._add_service(key_manager_service.KeyManagerService(version="v1"))
self._add_service(lb_service.LoadBalancerService(version="v2"))
self._add_service(message_service.MessageService(version="v1"))
self._add_service(network_service.NetworkService(version="v2"))
self._add_service(
object_store_service.ObjectStoreService(version="v1"))
self._add_service(
orchestration_service.OrchestrationService(version="v1"))
self._add_service(workflow_service.WorkflowService(version="v2"))
self.service_keys = sorted(self._services.keys())
class RoleAssignment(resource.Resource):
resource_key = 'role_assignment'
resources_key = 'role_assignments'
base_path = '/role_assignments'
service = identity_service.IdentityService()
# capabilities
allow_list = True
_query_mapping = resource.QueryParameters('group_id', 'role_id',
'scope_domain_id',
'scope_project_id', 'user_id',
'effective', 'include_names',
'include_subtree')
# Properties
#: The links for the service resource.
links = resource.Body('links')
#: The role (dictionary contains only id) *Type: dict*
role = resource.Body('role', type=dict)
#: The scope (either domain or group dictionary contains id) *Type: dict*
scope = resource.Body('scope', type=dict)
#: The user (dictionary contains only id) *Type: dict*
user = resource.Body('user', type=dict)
#: The group (dictionary contains only id) *Type: dict*
group = resource.Body('group', type=dict)
class PasswordConfig(resource2.Resource):
resource_key = 'config'
resources_key = None
base_path = '/domains'
service = identity_service.IdentityService()
allow_get = True
#: The endpoints of the catalog.
security_compliance = resource2.Body('security_compliance')
#: The type of the catalog.
password_regex = resource2.Body('password_regex')
#: The regex description of the password config
password_regex_description = resource2.Body('password_regex_description')
def get(self, session, domain_id):
endpoint_override = self.service.get_endpoint_override()
uri = utils.urljoin(self.base_path, domain_id, 'config',
'security_compliance')
response = session.get(uri,
endpoint_filter=self.service,
endpoint_override=endpoint_override)
self._translate_response(response)
return self
def get_by_option(self, session, domain_id, option):
endpoint_override = self.service.get_endpoint_override()
uri = utils.urljoin(self.base_path, domain_id, 'config',
'security_compliance', option)
response = session.get(uri,
endpoint_filter=self.service,
endpoint_override=endpoint_override)
self._translate_response(response)
return self
class Project(resource.Resource):
resource_key = 'project'
resources_key = 'projects'
base_path = '/projects'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_retrieve = True
allow_update = True
allow_delete = True
allow_list = True
patch_update = True
# Properties
#: The description of the project. *Type: string*
description = resource.prop('description')
#: References the domain ID which owns the project; if a domain ID is not
#: specified by the client, the Identity service implementation will
#: default it to the domain ID to which the client's token is scoped.
#: *Type: string*
domain_id = resource.prop('domain_id')
#: Setting this attribute to ``False`` prevents users from authorizing
#: against this project. Additionally, all pre-existing tokens authorized
#: for the project are immediately invalidated. Re-enabling a project
#: does not re-enable pre-existing tokens. *Type: bool*
enabled = resource.prop('enabled', type=bool)
#: Unique project name, within the owning domain. *Type: string*
name = resource.prop('name')
class Version(resource.Resource):
resource_key = 'version'
service = identity_service.IdentityService()
# capabilities
allow_get = True
# Properties
#: The media_types of version. *Type: list*
media_types = resource.Body('media-types', type=list)
#: The status of version. *Type: string*
status = resource.Body('status')
#: The updated of version. *Type: string*
updated = resource.Body('updated')
#: The updated of version. *Type: dict*
links = resource.Body('links', type=dict)
#: The id of version. *Type: id*
id = resource.Body('id')
def get_version3_of_keystone(self, session):
endpoint_override = self.service.get_endpoint_override()
endpoint = session.get_endpoint(service_type=self.service.service_type)
response = session.get(url=endpoint,
endpoint_filter=self.service,
endpoint_override=endpoint_override)
self._translate_response(response)
return self
def __init__(self, plugins=None):
"""User preference for each service.
:param plugins: List of entry point namespaces to load.
Create a new :class:`~openstack.profile.Profile`
object with no preferences defined, but knowledge of the services.
Services are identified by their service type, e.g.: 'identity',
'compute', etc.
"""
self._services = {}
self._add_service(anti_ddos_service.AntiDDosService(version="v1"))
self._add_service(block_store_service.BlockStoreService(version="v2"))
self._add_service(compute_service.ComputeService(version="v2"))
self._add_service(cts_service.CTSService(version="v1"))
self._add_service(dms_service.DMSService(version="v1"))
self._add_service(identity_service.IdentityService(version="v3"))
self._add_service(image_service.ImageService(version="v2"))
self._add_service(kms_service.KMSService(version="v1"))
self._add_service(maas_service.MaaSService(version="v1"))
self._add_service(network_service.NetworkService(version="v2.0"))
self._add_service(
orchestration_service.OrchestrationService(version="v1"))
self._add_service(smn_service.SMNService(version="v2"))
# QianBiao.NG HuaWei Services
self._add_service(dns_service.DNSService(version="v2"))
self._add_service(cloud_eye_service.CloudEyeService(version="v1"))
ass = auto_scaling_service.AutoScalingService(version="v1")
self._add_service(ass)
vbs_v2 = volume_backup_service.VolumeBackupService(version="v2")
self._add_service(vbs_v2)
self._add_service(map_reduce_service.MapReduceService(version="v1"))
self._add_service(evs_service.EvsServiceV2_1(version='v2.1'))
self._add_service(evs_service.EvsService(version='v2'))
self._add_service(ecs_service.EcsService(version='v1'))
self._add_service(ecs_service.EcsServiceV1_1(version='v1.1'))
self._add_service(vpc_service.VpcService(version='v2.0'))
self._add_service(bms_service.BmsService(version='v1'))
self._add_service(lb_service.LoadBalancerService(version='v1'))
# not support below service
# self._add_service(message_service.MessageService(version="v1"))
# self._add_service(cluster_service.ClusterService(version="v1"))
# self._add_service(database_service.DatabaseService(version="v1"))
# self._add_service(alarm_service.AlarmService(version="v2"))
# self._add_service(bare_metal_service.BareMetalService(version="v1"))
# self._add_service(key_manager_service.KeyManagerService(version="v1"))
# self._add_service(
# object_store_service.ObjectStoreService(version="v1"))
self._add_service(rds_service.RDSService(version="v1"))
self._add_service(cdn_service.CDNService(version='v1'))
# self._add_service(rds_os_service.RDSService(version="v1"))
# self._add_service(telemetry_service.TelemetryService(version="v2"))
# self._add_service(workflow_service.WorkflowService(version="v2"))
if plugins:
for plugin in plugins:
self._load_plugin(plugin)
self.service_keys = sorted(self._services.keys())
class Service(resource.Resource):
resource_key = 'service'
resources_key = 'services'
base_path = '/services'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_get = True
allow_update = True
allow_delete = True
allow_list = True
patch_update = True
# Properties
#: User-facing description of the service. *Type: string*
description = resource.Body('description')
#: Setting this value to ``False`` prevents the service and
#: its endpoints from appearing in the service catalog. *Type: bool*
is_enabled = resource.Body('enabled', type=bool)
#: The links for the service resource.
links = resource.Body('links')
#: User-facing name of the service. *Type: string*
name = resource.Body('name')
#: Describes the API implemented by the service. The following values are
#: recognized within the OpenStack ecosystem: ``compute``, ``image``,
#: ``ec2``, ``identity``, ``volume``, ``network``. To support non-core and
#: future projects, the value should not be validated against this list.
#: *Type: string*
type = resource.Body('type')
class User(resource.Resource):
resource_key = 'user'
resources_key = 'users'
base_path = '/users'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_fetch = True
allow_commit = True
allow_delete = True
allow_list = True
commit_method = 'PATCH'
_query_mapping = resource.QueryParameters(
'domain_id',
'name',
'password_expires_at',
is_enabled='enabled',
)
# Properties
#: References the user's default project ID against which to authorize,
#: if the API user does not explicitly specify one when creating a token.
#: Setting this attribute does not grant any actual authorization on the
#: project, and is merely provided for the user's convenience.
#: Therefore, the referenced project does not need to exist within the
#: user's domain.
#:
#: *New in version 3.1* If the user does not have authorization to
#: their default project, the default project will be ignored at token
#: creation. *Type: string*
default_project_id = resource.Body('default_project_id')
#: The description of this user. *Type: string*
description = resource.Body('description')
#: References the domain ID which owns the user; if a domain ID is not
#: specified by the client, the Identity service implementation will
#: default it to the domain ID to which the client's token is scoped.
#: *Type: string*
domain_id = resource.Body('domain_id')
#: The email of this user. *Type: string*
email = resource.Body('email')
#: Setting this value to ``False`` prevents the user from authenticating or
#: receiving authorization. Additionally, all pre-existing tokens held by
#: the user are immediately invalidated. Re-enabling a user does not
#: re-enable pre-existing tokens. *Type: bool*
is_enabled = resource.Body('enabled', type=bool)
#: The links for the user resource.
links = resource.Body('links')
#: Unique user name, within the owning domain. *Type: string*
name = resource.Body('name')
#: The default form of credential used during authentication.
#: *Type: string*
password = resource.Body('password')
#: The date and time when the password expires. The time zone is UTC.
#: A None value means the password never expires.
#: This is a response object attribute, not valid for requests.
#: *New in version 3.7*
password_expires_at = resource.Body('password_expires_at')
def run_session(opts):
argument = opts.argument
if argument is None:
raise Exception("A path argument must be specified")
sess = make_session(opts)
filtration = identity_service.IdentityService()
print("Session: %s" % sess)
print(sess.get(argument, service=filtration).text)
return
def __init__(self):
"""Preferences for each service.
Create a new :class:`~openstack.profile.Profile`
object with no preferences defined, but knowledge of the services.
Services are identified by their service type, e.g.: 'identity',
'compute', etc.
"""
self._preferences = {}
self._services = {}
"""
NOTE(thowe): We should probably do something more clever here rather
than brute force create all the services. Maybe use entry points
or something, but I'd like to leave that work for another commit.
"""
serv = cluster_service.ClusterService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = compute_service.ComputeService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = database_service.DatabaseService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = identity_service.IdentityService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = image_service.ImageService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = metric_service.MetricService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = network_service.NetworkService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = object_store_service.ObjectStoreService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = orchestration_service.OrchestrationService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = keystore_service.KeystoreService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = telemetry_service.TelemetryService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = block_store_service.BlockStoreService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
serv = message_service.MessageService()
serv.set_visibility(None)
self._services[serv.service_type] = serv
self.service_names = sorted(self._services.keys())
def test_regular_service(self):
sot = identity_service.IdentityService()
self.assertEqual('identity', sot.service_type)
self.assertEqual('public', sot.interface)
self.assertIsNone(sot.region)
self.assertIsNone(sot.service_name)
self.assertEqual(2, len(sot.valid_versions))
self.assertEqual('v3', sot.valid_versions[0].module)
self.assertEqual('v3', sot.valid_versions[0].path)
self.assertEqual('v2', sot.valid_versions[1].module)
self.assertEqual('v2', sot.valid_versions[1].path)
def test_get_versions(self):
sot = catalog.ServiceCatalog(common.TEST_SERVICE_CATALOG_V3)
service = compute_service.ComputeService()
self.assertEqual(['v1.1', 'v1', 'v2.0'], sot.get_versions(service))
service = identity_service.IdentityService()
self.assertEqual(['v1.1'], sot.get_versions(service))
service = image_service.ImageService()
self.assertEqual(['v2'], sot.get_versions(service))
service = network_service.NetworkService()
self.assertEqual(None, sot.get_versions(service))
service = object_store_service.ObjectStoreService()
self.assertEqual([], sot.get_versions(service))
class UserProject(Project):
resource_key = 'project'
resources_key = 'projects'
base_path = '/users/%(user_id)s/projects'
service = identity_service.IdentityService()
# capabilities
allow_create = False
allow_get = False
allow_update = False
allow_delete = False
allow_list = True
class Policy(resource.Resource):
resource_key = 'policy'
resources_key = 'policies'
base_path = '/policies'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_retrieve = True
allow_update = True
allow_delete = True
allow_list = True
# Properties
blob = resource.prop('blob')
type = resource.prop('type')
class Role(resource.Resource):
resource_key = 'role'
resources_key = 'roles'
base_path = '/OS-KSADM/roles'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_retrieve = True
allow_update = True
allow_delete = True
allow_list = True
# Properties
description = resource.prop('description')
name = resource.prop('name')
enabled = resource.prop('enabled', type=format.BoolStr)
class Group(resource.Resource):
resource_key = 'group'
resources_key = 'groups'
base_path = '/groups'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_retrieve = True
allow_update = True
allow_delete = True
allow_list = True
# Properties
description = resource.prop('description')
domain_id = resource.prop('domain_id')
name = resource.prop('name')
class User(resource.Resource):
resource_key = 'user'
resources_key = 'users'
base_path = '/users'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_retrieve = True
allow_update = True
allow_delete = True
allow_list = True
patch_update = True
# Properties
#: References the user's default project ID against which to authorize,
#: if the API user does not explicitly specify one when creating a token.
#: Setting this attribute does not grant any actual authorization on the
#: project, and is merely provided for the user's convenience.
#: Therefore, the referenced project does not need to exist within the
#: user's domain.
#:
#: *New in version 3.1* If the user does not have authorization to
#: their default project, the default project will be ignored at token
#: creation. *Type: string*
default_project_id = resource.prop('default_project_id')
#: The description of this user. *Type: string*
description = resource.prop('description')
#: References the domain ID which owns the user; if a domain ID is not
#: specified by the client, the Identity service implementation will
#: default it to the domain ID to which the client's token is scoped.
#: *Type: string*
domain_id = resource.prop('domain_id')
#: The email of this user. *Type: string*
email = resource.prop('email')
#: Setting this value to ``False`` prevents the user from authenticating or
#: receiving authorization. Additionally, all pre-existing tokens held by
#: the user are immediately invalidated. Re-enabling a user does not
#: re-enable pre-existing tokens. *Type: bool*
enabled = resource.prop('enabled', type=bool)
#: Unique user name, within the owning domain. *Type: string*
name = resource.prop('name')
#: The default form of credential used during authentication.
#: *Type: string*
password = resource.prop('password')
class Endpoint(resource.Resource):
resource_key = 'endpoint'
resources_key = 'endpoints'
base_path = '/endpoints'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_get = True
allow_update = True
allow_delete = True
allow_list = True
patch_update = True
_query_mapping = resource.QueryParameters('interface', 'service_id')
# Properties
#: Describes the interface of the endpoint according to one of the
#: following values:
#:
#: - `public`: intended for consumption by end users, generally on a
#: publicly available network interface
#: - `internal`: not intended for consumption by end users, generally on an
#: unmetered internal network interface
#: - `admin`: intended only for consumption by those needing administrative
#: access to the service, generally on a secure network interface
#:
#: *Type: string*
interface = resource.Body('interface')
#: Setting this value to ``False`` prevents the endpoint from appearing
#: in the service catalog. *Type: bool*
is_enabled = resource.Body('enabled', type=bool)
#: The links for the region resource.
links = resource.Body('links', type=dict)
#: Represents the containing region ID of the service endpoint.
#: *New in v3.2* *Type: string*
region_id = resource.Body('region_id')
#: References the service ID to which the endpoint belongs. *Type: string*
service_id = resource.Body('service_id')
#: Fully qualified URL of the service endpoint. *Type: string*
url = resource.Body('url')
#: The id of the endpoint. *Type: string*
id = resource.Body('id')
#: The region of the endpoint. *Type: string*
region = resource.Body('region')
class RoleProjectGroupAssignment(resource.Resource):
resource_key = 'role'
resources_key = 'roles'
base_path = '/projects/%(project_id)s/groups/%(group_id)s/roles'
service = identity_service.IdentityService()
# capabilities
allow_list = True
# Properties
#: name of the role *Type: string*
name = resource.Body('name')
#: The links for the service resource.
links = resource.Body('links')
#: The ID of the project to list assignment from. *Type: string*
project_id = resource.URI('project_id')
#: The ID of the group to list assignment from. *Type: string*
group_id = resource.URI('group_id')
class Project(resource.Resource):
resource_key = 'project'
resources_key = 'projects'
base_path = '/projects'
service = identity_service.IdentityService()
# capabilities
allow_create = True
allow_retrieve = True
allow_update = True
allow_delete = True
allow_list = True
# Properties
description = resource.prop('description')
domain_id = resource.prop('domain_id')
enabled = resource.prop('enabled', type=bool)
name = resource.prop('name')
class RoleDomainUserAssignment(resource.Resource):
resource_key = 'role'
resources_key = 'roles'
base_path = '/domains/%(domain_id)s/users/%(user_id)s/roles'
service = identity_service.IdentityService()
# capabilities
allow_list = True
# Properties
#: name of the role *Type: string*
name = resource.Body('name')
#: The links for the service resource.
links = resource.Body('links')
#: The ID of the domain to list assignment from. *Type: string*
domain_id = resource.URI('domain_id')
#: The ID of the user to list assignment from. *Type: string*
user_id = resource.URI('user_id')
