keystone.common package¶
Subpackages¶
- keystone.common.cache package
- keystone.common.environment package
- keystone.common.kvs package
- keystone.common.ldap package
- keystone.common.sql package
- Subpackages
- keystone.common.sql.migrate_repo package
- Subpackages
- keystone.common.sql.migrate_repo.versions package
- Submodules
- keystone.common.sql.migrate_repo.versions.001_add_initial_tables module
- keystone.common.sql.migrate_repo.versions.002_token_id_hash module
- keystone.common.sql.migrate_repo.versions.003_token_valid module
- keystone.common.sql.migrate_repo.versions.004_undo_token_id_hash module
- keystone.common.sql.migrate_repo.versions.005_set_utf8_character_set module
- keystone.common.sql.migrate_repo.versions.006_add_policy_table module
- keystone.common.sql.migrate_repo.versions.007_add_domain_tables module
- keystone.common.sql.migrate_repo.versions.008_create_default_domain module
- keystone.common.sql.migrate_repo.versions.009_normalize_identity module
- keystone.common.sql.migrate_repo.versions.010_normalize_identity_migration module
- keystone.common.sql.migrate_repo.versions.011_endpoints_v3 module
- keystone.common.sql.migrate_repo.versions.012_populate_endpoint_type module
- keystone.common.sql.migrate_repo.versions.013_drop_legacy_endpoints module
- keystone.common.sql.migrate_repo.versions.014_add_group_tables module
- keystone.common.sql.migrate_repo.versions.015_tenant_to_project module
- keystone.common.sql.migrate_repo.versions.016_normalize_domain_ids module
- keystone.common.sql.migrate_repo.versions.017_membership_role module
- keystone.common.sql.migrate_repo.versions.018_add_trust_tables module
- keystone.common.sql.migrate_repo.versions.019_fixup_role module
- keystone.common.sql.migrate_repo.versions.020_migrate_metadata_table_roles module
- keystone.common.sql.migrate_repo.versions.021_add_trust_to_token module
- keystone.common.sql.migrate_repo.versions.022_move_legacy_endpoint_id module
- keystone.common.sql.migrate_repo.versions.023_drop_credential_constraints module
- keystone.common.sql.migrate_repo.versions.024_add_index_to_expires module
- keystone.common.sql.migrate_repo.versions.025_add_index_to_valid module
- keystone.common.sql.migrate_repo.versions.026_drop_user_group_constraints module
- keystone.common.sql.migrate_repo.versions.027_set_engine_mysql_innodb module
- keystone.common.sql.migrate_repo.versions.028_fixup_group_metadata module
- keystone.common.sql.migrate_repo.versions.029_update_assignment_metadata module
- keystone.common.sql.migrate_repo.versions.030_drop_credential_constraint_sqlite module
- keystone.common.sql.migrate_repo.versions.031_drop_credential_indexes module
- keystone.common.sql.migrate_repo.versions.032_username_length module
- keystone.common.sql.migrate_repo.versions.033_migrate_ec2credentials_table_credentials module
- keystone.common.sql.migrate_repo.versions.034_add_default_project_id_column_to_user module
- keystone.common.sql.migrate_repo.versions.035_add_compound_revoked_token_index module
- keystone.common.sql.migrate_repo.versions.036_token_drop_valid_index module
- keystone.common.sql.migrate_repo.versions.037_add_region_table module
- keystone.common.sql.migrate_repo.versions.038_add_assignment_table module
- keystone.common.sql.migrate_repo.versions.039_grant_to_assignment module
- keystone.common.sql.migrate_repo.versions.040_drop_grant_tables module
- keystone.common.sql.migrate_repo.versions.041_add_remaining_uses_count_to_trusts module
- keystone.common.sql.migrate_repo.versions.042_endpoint_enabled module
- keystone.common.sql.migrate_repo.versions.043_fixup_region_description module
- keystone.common.sql.migrate_repo.versions.044_service_enabled module
- Module contents
- keystone.common.sql.migrate_repo.versions package
- Submodules
- keystone.common.sql.migrate_repo.manage module
- Module contents
- Subpackages
- keystone.common.sql.migrate_repo package
- Submodules
- keystone.common.sql.core module
- keystone.common.sql.migration_helpers module
- Module contents
- Subpackages
Submodules¶
keystone.common.authorization module¶
keystone.common.base64utils module¶
keystone.common.config module¶
keystone.common.controller module¶
keystone.common.dependency module¶
keystone.common.driver_hints module¶
- class keystone.common.driver_hints.Hints[source]¶
Bases: list
Encapsulate driver hints for listing entities.
Hints are modifiers that affect the return of entities from a list_<entities> operation. They are typically passed to a driver to give direction as to what filtering, pagination or list limiting actions are being requested.
It is optional for a driver to action some or all of the list hints, but any filters that it does satisfy must be marked as such by calling removing the filter from the list.
A Hint object is a list of dicts, initially of type ‘filter’ or ‘limit’, although other types may be added in the future. The list can be enumerated directly, or by using the filters() method which will guarantee to only return filters.
- filters()[source]¶
Iterate over all unsatisfied filters.
Each filter term consists of:
name: the name of the attribute being matched
value: the value against which it is being matched
- comparator: the operation, which can be one of equals,
startswith or endswith
- case_sensitive: whether any comparison should take account of
case
type: will always be ‘filter’
keystone.common.extension module¶
- keystone.common.extension.register_admin_extension(url_prefix, extension_data)[source]¶
Register extension with collection of admin extensions.
Extensions register the information here that will show up in the /extensions page as a way to indicate that the extension is active.
- url_prefix: unique key for the extension that will appear in the
- urls generated by the extension.
- extension_data is a dictionary. The expected fields are:
- ‘name’: short, human readable name of the extension ‘namespace’: xml namespace ‘alias’: identifier for the extension ‘updated’: date the extension was last updated ‘description’: text description of the extension ‘links’: hyperlinks to documents describing the extension
keystone.common.manager module¶
- class keystone.common.manager.Manager(driver_name)[source]¶
Bases: object
Base class for intermediary request layer.
The Manager layer exists to support additional logic that applies to all or some of the methods exposed by a service that are not specific to the HTTP interface.
It also provides a stable entry point to dynamic backends.
An example of a probable use case is logging all the calls.
- keystone.common.manager.response_truncated(f)[source]¶
Truncate the list returned by the wrapped function.
This is designed to wrap Manager list_{entity} methods to ensure that any list limits that are defined are passed to the driver layer. If a hints list is provided, the wrapper will insert the relevant limit into the hints so that the underlying driver call can try and honor it. If the driver does truncate the response, it will update the ‘truncated’ attribute in the ‘limit’ entry in the hints list, which enables the caller of this function to know if truncation has taken place. If, however, the driver layer is unable to perform truncation, the ‘limit’ entry is simply left in the hints list for the caller to handle.
A _get_list_limit() method is required to be present in the object class hierarchy, which returns the limit for this backend to which we will truncate.
If a hints list is not provided in the arguments of the wrapped call then any limits set in the config file are ignored. This allows internal use of such wrapped methods where the entire data set is needed as input for the calculations of some other API (e.g. get role assignments for a given project).
keystone.common.models module¶
Base model for keystone internal services
Unless marked otherwise, all fields are strings.
- class keystone.common.models.Domain[source]¶
Bases: keystone.common.models.Model
Domain object.
- Required keys:
- id name
Optional keys:
description enabled (bool, default True)- optional_keys = ('description', 'enabled')¶
- required_keys = ('id', 'name')¶
- class keystone.common.models.Endpoint[source]¶
Bases: keystone.common.models.Model
Endpoint object
- Required keys:
- id region service_id
- Optional keys:
- internalurl publicurl adminurl
- optional_keys = ('internalurl', 'publicurl', 'adminurl')¶
- required_keys = ('id', 'region', 'service_id')¶
- class keystone.common.models.Group[source]¶
Bases: keystone.common.models.Model
Group object.
- Required keys:
- id name domain_id
Optional keys:
description- optional_keys = ('description',)¶
- required_keys = ('id', 'name', 'domain_id')¶
- class keystone.common.models.Project[source]¶
Bases: keystone.common.models.Model
Project object.
- Required keys:
- id name domain_id
- Optional Keys:
- description enabled (bool, default True)
- optional_keys = ('description', 'enabled')¶
- required_keys = ('id', 'name', 'domain_id')¶
- class keystone.common.models.Role[source]¶
Bases: keystone.common.models.Model
Role object.
- Required keys:
- id name
- optional_keys = ()¶
- required_keys = ('id', 'name')¶
- class keystone.common.models.Service[source]¶
Bases: keystone.common.models.Model
Service object.
- Required keys:
- id type name
Optional keys:
- optional_keys = ()¶
- required_keys = ('id', 'type', 'name')¶
- class keystone.common.models.Token[source]¶
Bases: keystone.common.models.Model
Token object.
- Required keys:
- id expires (datetime)
- Optional keys:
- user tenant metadata trust_id
- optional_keys = ('extra',)¶
- required_keys = ('id', 'expires')¶
- class keystone.common.models.Trust[source]¶
Bases: keystone.common.models.Model
Trust object.
- Required keys:
- id trustor_user_id trustee_user_id project_id
- optional_keys = ('expires_at',)¶
- required_keys = ('id', 'trustor_user_id', 'trustee_user_id', 'project_id')¶
- class keystone.common.models.User[source]¶
Bases: keystone.common.models.Model
User object.
- Required keys:
- id name domain_id
- Optional keys:
- password description email enabled (bool, default True) default_project_id
- optional_keys = ('password', 'description', 'email', 'enabled', 'default_project_id')¶
- required_keys = ('id', 'name', 'domain_id')¶