This commit is part of a series to retire the Packaging Deb
project. Step 2 is to remove all content from the project
repos, replacing it with a README notification where to find
ongoing work, and how to recover the repo if needed at some
future point (as in
https://docs.openstack.org/infra/manual/drivers.html#retiring-a-project).
Change-Id: I338ace932cd0e20dd0bfdb69c783c7c831c0baf9
In case DEFAULT_SERVICE_REGIONS setting in Horizon config is specified
(on a per-endpoint basis), use it instead of a value stored in
cookies. This value is still checked for sanity, i.e. it should be
present in Keystone service catalog.
Change-Id: Ia4787b56db7ce7787bd8aac21b5c0ec8a95a6f09
Related-Bug: #1506825
Closes-Bug: #1703390
Current hacking check actually does not check attribute-level
imports. We can safely drop import_exceptions from tox.ini.
Also drops noqa to guard import exceptions from the same reason.
Change-Id: I4e37931a7bfb0aa7867d027125ffcf66e414cf08
Recently the support for domain drop-down menu at login was merged
into django_openstack_auth and the corresponding settings docs were
merged into horizon. This commit migrates the settings docs from
horizon as we recently moved django_openstack_auth settings into
the in-tree docuemnt.
Change-Id: Idc84a2535c1918079c6dcba09aef9110cf9be7df
On clouds that use domain-specific Identity configuration[1], a user
must provide both their username and domain in order to log into
horizon. Without this patch, users must be aware of their domain's name
and enter it into a text box at login. This is sensible on public
clouds, because supplying potential domains to an unauthenticated user
exposes too much information about other customers and makes potential
attacks easier. On private clouds, however, it is a hinderance to
usability. For example, when migrating from a single-domain
configuration to a multi-domain configuration, users must now guess or
be informed of their domain in order to enter it in the text box. As
another example, when keystone domains are mapped to Active Directory
domains, the user may not be used to having to know their AD domains and
would prefer to select a likely one based on their geographical location
or department from a dropdown menu.
This patch adds support for a new config option,
"OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN" for enabling a dropdown menu
instead of a textbox when MULTIDOMAIN_SUPPORT is enabled. The dropdown
is disabled by default. If enabled, choices for domains to display and
submit are configured in "OPENSTACK_KEYSTONE_DOMAIN_CHOICES". It is not
possible to dynamically generate a list of domains before the user has
authenticated and this would be a huge security hole if this was
possible. Requiring the admin to statically set the domain list allows
them to hide private domains like the service users domain.
[1] https://docs.openstack.org/developer/keystone/configuration.html#domain-specific-drivers
Change-Id: Ie0a7e36b9975342fab81ddebb87880608d3ef187
Needed-By: I71d64182524d1f54745d9e42347b3a605fa2a920
Previously most (not all) openstack_auth configuration options
are documented in the horizon documentation.
It would be nice if we have the config reference in the same repo
so that we can easily manage the contents.
Horizon document will be updated to refer to this.
Change-Id: Ie1986a77bc5d69e27ae52f3b59377a41c3462e2b
* Populate doc build timestamp
* Fix the title of reference/user.rst as openstackdocstheme does not
handle a title string with backquoted string in the nav icons.
* Remove unnecessary build configurations (manpage, latex, texinfo)
* Remove the heading "Indices and tables" in index.rst.
It simplifies the toc of the top page.
Change-Id: If35bd99ee203105418ea49eb921b2d6d428e0187
Starting in Django 1.7, standalone scripts, such as a sphinx build
require that django.setup() be called first. See:
https://docs.djangoproject.com/en/1.8/releases/1.7/#standalone-scripts
This should be added to the horizon/docs/source/conf.py
setenv DJANGO_SETTINGS_MODULE for docs env in tox.ini
is no longer needed as it is configured in doc/source/conf.py.
Change-Id: I910dae37770ab9767689918a0c61b78d9c56115a
* doc/source/conf.py: html_static_path pointed to nonexisting dir
* Fix indent error in python codes
* Insert blank lines before starting code block
* Enable warning-is-error in setup.cfg to prevent future warnings
* 'all_files' should be 'all-files' in setup.cfg
Change-Id: I7c5bc31be9c95ec78f18f895014a03cb003d7e04
A new attribute was added to keystone user response, that will allow
us to warn users if their passwords are about to expire.
This will be configured in the local_settings.py file
Implements blueprint: password-expires-validation
Change-Id: Id66aa1c9596f8db8d07f63f3feb5166cb723a8e1