def __init__(self, id=None, token=None, user=None, tenant_id=None, service_catalog=None, tenant_name=None, roles=None, authorized_tenants=None, endpoint=None, enabled=False, services_region=None, user_domain_id=None, user_domain_name=None, domain_id=None, domain_name=None, project_id=None, project_name=None, is_federated=False, unscoped_token=None): self.id = id self.pk = id self.token = token self.username = user self.user_domain_id = user_domain_id self.user_domain_name = user_domain_name self.domain_id = domain_id self.domain_name = domain_name self.project_id = project_id or tenant_id self.project_name = project_name or tenant_name self.service_catalog = service_catalog self._services_region = ( services_region or utils.default_services_region(service_catalog) ) self.roles = roles or [] self.endpoint = endpoint self.enabled = enabled self._authorized_tenants = authorized_tenants self.is_federated = is_federated # Unscoped token is used for listing user's project that works # for both federated and keystone user. self.unscoped_token = unscoped_token # List of variables to be deprecated. self.tenant_id = self.project_id self.tenant_name = self.project_name
def create_user_from_token(request, token, endpoint, services_region=None): # if the region is provided, use that, otherwise use the preferred region svc_region = services_region or \ utils.default_services_region(token.serviceCatalog, request) return User( id=token.user['id'], token=token, user=token.user['name'], password_expires_at=token.user['password_expires_at'], user_domain_id=token.user_domain_id, # We need to consider already logged-in users with an old # version of Token without user_domain_name. user_domain_name=getattr(token, 'user_domain_name', None), project_id=token.project['id'], project_name=token.project['name'], domain_id=token.domain['id'], domain_name=token.domain['name'], enabled=True, service_catalog=token.serviceCatalog, roles=token.roles, endpoint=endpoint, services_region=svc_region, is_federated=getattr(token, 'is_federated', False), unscoped_token=getattr(token, 'unscoped_token', request.session.get('unscoped_token')))
def create_user_from_token(request, token, endpoint, services_region=None): # if the region is provided, use that, otherwise use the preferred region default_service_regions = getattr(settings, 'DEFAULT_SERVICE_REGIONS', {}) default_service_region = default_service_regions.get(endpoint) svc_region = services_region or \ utils.default_services_region(token.serviceCatalog, request, selected_region=default_service_region) return User(id=token.user['id'], token=token, user=token.user['name'], password_expires_at=token.user['password_expires_at'], user_domain_id=token.user_domain_id, # We need to consider already logged-in users with an old # version of Token without user_domain_name. user_domain_name=getattr(token, 'user_domain_name', None), project_id=token.project['id'], project_name=token.project['name'], domain_id=token.domain['id'], domain_name=token.domain['name'], enabled=True, service_catalog=token.serviceCatalog, roles=token.roles, endpoint=endpoint, services_region=svc_region, is_federated=getattr(token, 'is_federated', False), unscoped_token=getattr(token, 'unscoped_token', request.session.get('unscoped_token')))
def __init__(self, id=None, token=None, user=None, tenant_id=None, service_catalog=None, tenant_name=None, roles=None, authorized_tenants=None, endpoint=None, enabled=False, services_region=None, user_domain_id=None, user_domain_name=None, domain_id=None, domain_name=None, project_id=None, project_name=None, is_federated=False, unscoped_token=None, password=None, password_expires_at=None, system_scoped=False): self.id = id self.pk = id self.token = token self.keystone_user_id = id self.username = user self.user_domain_id = user_domain_id self.user_domain_name = user_domain_name self.domain_id = domain_id self.domain_name = domain_name self.project_id = project_id or tenant_id self.project_name = project_name or tenant_name self.system_scoped = system_scoped self.service_catalog = service_catalog self._services_region = ( services_region or utils.default_services_region(service_catalog)) self.roles = roles or [] self.endpoint = endpoint self.enabled = enabled self._authorized_tenants = authorized_tenants self.is_federated = is_federated self.password_expires_at = password_expires_at self._is_system_user = None # Unscoped token is used for listing user's project that works # for both federated and keystone user. self.unscoped_token = unscoped_token # List of variables to be deprecated. self.tenant_id = self.project_id self.tenant_name = self.project_name # Required by AbstractBaseUser self.password = None
def test_default_services_region_precedence(self): request = client.RequestFactory().get('fake') # Cookie is valid, so should be region source request.COOKIES['services_region'] = "RegionTwo" default_region = utils.default_services_region( FAKE_CATALOG, request=request, ks_endpoint='http://example.com') self.assertEqual("RegionTwo", default_region) # Cookie is invalid, so ks_endpoint is source request.COOKIES['services_region'] = "Not_valid_region" default_region = utils.default_services_region( FAKE_CATALOG, request=request, ks_endpoint='http://example.com') self.assertEqual("RegionThree", default_region) # endpoint and cookie are invalid, so source is "*" key default_region = utils.default_services_region( FAKE_CATALOG, request=request, ks_endpoint='not_a_match') self.assertEqual("RegionFour", default_region)
def create_user_from_token(request, token, endpoint, services_region=None): # if the region is provided, use that, otherwise use the preferred region svc_region = services_region or \ utils.default_services_region(token.serviceCatalog, request) return User(id=token.user['id'], token=token, user=token.user['name'], user_domain_id=token.user_domain_id, # We need to consider already logged-in users with an old # version of Token without user_domain_name. user_domain_name=getattr(token, 'user_domain_name', None), project_id=token.project['id'], project_name=token.project['name'], domain_id=token.domain['id'], domain_name=token.domain['name'], enabled=True, service_catalog=token.serviceCatalog, roles=token.roles, endpoint=endpoint, services_region=svc_region)
def create_user_from_token(request, token, endpoint, services_region=None): # if the region is provided, use that, otherwise use the preferred region svc_region = services_region or utils.default_services_region(token.serviceCatalog, request) return User( id=token.user["id"], token=token, user=token.user["name"], user_domain_id=token.user_domain_id, # We need to consider already logged-in users with an old # version of Token without user_domain_name. user_domain_name=getattr(token, "user_domain_name", None), project_id=token.project["id"], project_name=token.project["name"], domain_id=token.domain["id"], domain_name=token.domain["name"], enabled=True, service_catalog=token.serviceCatalog, roles=token.roles, endpoint=endpoint, services_region=svc_region, is_federated=getattr(token, "is_federated", False), unscoped_token=getattr(token, "unscoped_token", request.session.get("unscoped_token")), )
def test_default_services_region_fallback(self): # Test that first region found in catalog is returned default_region = utils.default_services_region(FAKE_CATALOG) self.assertEqual("RegionOne", default_region)