Add default_domain config option.
This commit adds the default-domain config option to limit the login page to only the specifed domain. For use with a single domain environment where users are only given a login. When considering a single domain usecase for users (admin_domain for administration, then example_domain for all other users), it would be handy for users not to input their domain name, but only username and password to login. By setting two lines below, we can create a separate dashboard instance for non-admin users only. OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT=False OPENSTACK_KEYSTONE_DEFAULT_DOMAIN=example_domain However, the current local_settings.py template does not allow that. This change adds the 'default-domain' configuration option which modifies local_policy.py to set the two configuration flags outlined in the bug. If the config option is not set the charm will behave as before, enabling the user to specify the domain at login. This does no validation to ensure the domain exists, so it is up to the user to supply a valid domain name. Closes-Bug: 1712999 Change-Id: I316372ae305a4ba10e4d8ba047f23a317836b960
This commit is contained in:
parent
a69fb96634
commit
780381e6c4
|
@ -79,6 +79,12 @@ options:
|
|||
description: |
|
||||
Default role for Horizon operations that will be created in
|
||||
Keystone upon introduction of an identity-service relation.
|
||||
default-domain:
|
||||
type: string
|
||||
default:
|
||||
description: |
|
||||
Default domain when authenticating with Horizon. Disables the domain
|
||||
field in the login page.
|
||||
dns-ha:
|
||||
type: boolean
|
||||
default: False
|
||||
|
|
|
@ -138,8 +138,9 @@ class IdentityServiceContext(OSContextGenerator):
|
|||
# If using keystone v3 the context is incomplete without the
|
||||
# admin domain id
|
||||
if local_ctxt['api_version'] == '3':
|
||||
local_ctxt['admin_domain_id'] = rdata.get(
|
||||
'admin_domain_id')
|
||||
if not config('default_domain'):
|
||||
local_ctxt['admin_domain_id'] = rdata.get(
|
||||
'admin_domain_id')
|
||||
if not context_complete(local_ctxt):
|
||||
continue
|
||||
|
||||
|
@ -201,6 +202,8 @@ class HorizonContext(OSContextGenerator):
|
|||
"password_retrieve": config("password-retrieve"),
|
||||
'virtualenv': git_pip_venv_dir(projects_yaml)
|
||||
if config('openstack-origin-git') else None,
|
||||
'default_domain': config('default-domain'),
|
||||
'multi_domain': False if config('default-domain') else True
|
||||
}
|
||||
|
||||
return ctxt
|
||||
|
|
|
@ -193,8 +193,8 @@ OPENSTACK_KEYSTONE_DEFAULT_ROLE = "{{ default_role }}"
|
|||
{% if api_version == "3" -%}
|
||||
OPENSTACK_KEYSTONE_URL = "{{ service_protocol }}://%s:{{ service_port }}/v3" % OPENSTACK_HOST
|
||||
OPENSTACK_API_VERSIONS = { "identity": 3, }
|
||||
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
|
||||
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "{{ admin_domain_id }}"
|
||||
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = "{{ multi_domain }}"
|
||||
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "{{ default_domain or admin_domain_id }}"
|
||||
{% else -%}
|
||||
OPENSTACK_KEYSTONE_URL = "{{ service_protocol }}://%s:{{ service_port }}/v2.0" % OPENSTACK_HOST
|
||||
{% endif -%}
|
||||
|
|
|
@ -193,8 +193,8 @@ OPENSTACK_KEYSTONE_DEFAULT_ROLE = "{{ default_role }}"
|
|||
{% if api_version == "3" -%}
|
||||
OPENSTACK_KEYSTONE_URL = "{{ service_protocol }}://%s:{{ service_port }}/v3" % OPENSTACK_HOST
|
||||
OPENSTACK_API_VERSIONS = { "identity": 3, }
|
||||
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
|
||||
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "{{ admin_domain_id }}"
|
||||
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = "{{ multi_domain }}"
|
||||
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "{{ default_domain or admin_domain_id }}"
|
||||
{% else -%}
|
||||
OPENSTACK_KEYSTONE_URL = "{{ service_protocol }}://%s:{{ service_port }}/v2.0" % OPENSTACK_HOST
|
||||
{% endif -%}
|
||||
|
|
|
@ -193,8 +193,8 @@ OPENSTACK_KEYSTONE_DEFAULT_ROLE = "{{ default_role }}"
|
|||
{% if api_version == "3" -%}
|
||||
OPENSTACK_KEYSTONE_URL = "{{ service_protocol }}://%s:{{ service_port }}/v3" % OPENSTACK_HOST
|
||||
OPENSTACK_API_VERSIONS = { "identity": 3, }
|
||||
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
|
||||
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "{{ admin_domain_id }}"
|
||||
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = "{{ multi_domain }}"
|
||||
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "{{ default_domain or admin_domain_id }}"
|
||||
{% else -%}
|
||||
OPENSTACK_KEYSTONE_URL = "{{ service_protocol }}://%s:{{ service_port }}/v2.0" % OPENSTACK_HOST
|
||||
{% endif -%}
|
||||
|
|
|
@ -116,6 +116,31 @@ class TestHorizonContexts(CharmTestCase):
|
|||
"neutron_network_vpn": False,
|
||||
"cinder_backup": False,
|
||||
"password_retrieve": False,
|
||||
"default_domain": None,
|
||||
"multi_domain": True
|
||||
}
|
||||
)
|
||||
|
||||
def test_HorizonContext_default_domain(self):
|
||||
self.test_config.set('default-domain', 'example_domain')
|
||||
self.assertEqual(horizon_contexts.HorizonContext()(),
|
||||
{'compress_offline': True, 'debug': False,
|
||||
'customization_module': '',
|
||||
'default_role': 'Member', 'webroot': '/horizon',
|
||||
'ubuntu_theme': True,
|
||||
'default_theme': None,
|
||||
'virtualenv': None,
|
||||
'secret': 'secret',
|
||||
'support_profile': None,
|
||||
"neutron_network_dvr": False,
|
||||
"neutron_network_l3ha": False,
|
||||
"neutron_network_lb": False,
|
||||
"neutron_network_firewall": False,
|
||||
"neutron_network_vpn": False,
|
||||
"cinder_backup": False,
|
||||
"password_retrieve": False,
|
||||
"default_domain": "example_domain",
|
||||
"multi_domain": False
|
||||
}
|
||||
)
|
||||
|
||||
|
@ -137,6 +162,8 @@ class TestHorizonContexts(CharmTestCase):
|
|||
"neutron_network_vpn": False,
|
||||
"cinder_backup": False,
|
||||
"password_retrieve": False,
|
||||
"default_domain": None,
|
||||
"multi_domain": True
|
||||
}
|
||||
)
|
||||
|
||||
|
@ -158,6 +185,8 @@ class TestHorizonContexts(CharmTestCase):
|
|||
"neutron_network_vpn": False,
|
||||
"cinder_backup": False,
|
||||
"password_retrieve": False,
|
||||
"default_domain": None,
|
||||
"multi_domain": True
|
||||
}
|
||||
)
|
||||
|
||||
|
@ -180,6 +209,8 @@ class TestHorizonContexts(CharmTestCase):
|
|||
"neutron_network_vpn": False,
|
||||
"cinder_backup": False,
|
||||
"password_retrieve": False,
|
||||
"default_domain": None,
|
||||
"multi_domain": True
|
||||
}
|
||||
)
|
||||
|
||||
|
@ -205,6 +236,8 @@ class TestHorizonContexts(CharmTestCase):
|
|||
"neutron_network_vpn": False,
|
||||
"cinder_backup": False,
|
||||
"password_retrieve": False,
|
||||
"default_domain": None,
|
||||
"multi_domain": True
|
||||
}
|
||||
)
|
||||
|
||||
|
@ -226,6 +259,8 @@ class TestHorizonContexts(CharmTestCase):
|
|||
"neutron_network_vpn": False,
|
||||
"cinder_backup": False,
|
||||
"password_retrieve": False,
|
||||
"default_domain": None,
|
||||
"multi_domain": True
|
||||
}
|
||||
)
|
||||
|
||||
|
@ -247,6 +282,8 @@ class TestHorizonContexts(CharmTestCase):
|
|||
"neutron_network_vpn": False,
|
||||
"cinder_backup": False,
|
||||
"password_retrieve": False,
|
||||
"default_domain": None,
|
||||
"multi_domain": True
|
||||
}
|
||||
)
|
||||
|
||||
|
@ -273,6 +310,8 @@ class TestHorizonContexts(CharmTestCase):
|
|||
"neutron_network_vpn": True,
|
||||
"cinder_backup": True,
|
||||
"password_retrieve": False,
|
||||
"default_domain": None,
|
||||
"multi_domain": True
|
||||
}
|
||||
)
|
||||
|
||||
|
@ -294,6 +333,8 @@ class TestHorizonContexts(CharmTestCase):
|
|||
"neutron_network_vpn": False,
|
||||
"cinder_backup": False,
|
||||
"password_retrieve": True,
|
||||
"default_domain": None,
|
||||
"multi_domain": True
|
||||
}
|
||||
)
|
||||
|
||||
|
@ -315,6 +356,8 @@ class TestHorizonContexts(CharmTestCase):
|
|||
"neutron_network_vpn": False,
|
||||
"cinder_backup": False,
|
||||
"password_retrieve": False,
|
||||
"default_domain": None,
|
||||
"multi_domain": True
|
||||
}
|
||||
)
|
||||
|
||||
|
|
Loading…
Reference in New Issue