Pass initiator to Manager as a kwarg
Keystone's various Manager classes typically handle the sending of a notification. In order to send the notification an `initiator` is needed. All Manager CRUD methods typically ask for this as a kwarg since it's not required in all cases. Most of the controller layers pass the initiator value as a positional argument. This commit makes it so the controller passes it as a kwarg since that's how the Manager class method signature describes it. Change-Id: Ic805f6ea2767c9c5cf01aa04ad554773b9cc8c39
This commit is contained in:
parent
9117e45d6e
commit
86229b3e75
|
@ -107,13 +107,13 @@ class Role(controller.V2Controller):
|
||||||
role['id'] = role_id
|
role['id'] = role_id
|
||||||
role_ref = self.role_api.create_role(role_id,
|
role_ref = self.role_api.create_role(role_id,
|
||||||
role,
|
role,
|
||||||
request.audit_initiator)
|
initiator=request.audit_initiator)
|
||||||
return {'role': role_ref}
|
return {'role': role_ref}
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_deprecated
|
||||||
def delete_role(self, request, role_id):
|
def delete_role(self, request, role_id):
|
||||||
self.assert_admin(request)
|
self.assert_admin(request)
|
||||||
self.role_api.delete_role(role_id, request.audit_initiator)
|
self.role_api.delete_role(role_id, initiator=request.audit_initiator)
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_deprecated
|
||||||
def get_roles(self, request):
|
def get_roles(self, request):
|
||||||
|
@ -399,7 +399,7 @@ class RoleV3(controller.V3Controller):
|
||||||
ref = self._normalize_dict(role)
|
ref = self._normalize_dict(role)
|
||||||
ref = self.role_api.create_role(ref['id'],
|
ref = self.role_api.create_role(ref['id'],
|
||||||
ref,
|
ref,
|
||||||
request.audit_initiator)
|
initiator=request.audit_initiator)
|
||||||
return RoleV3.wrap_member(request.context_dict, ref)
|
return RoleV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
def _list_roles(self, request, filters):
|
def _list_roles(self, request, filters):
|
||||||
|
@ -413,11 +413,13 @@ class RoleV3(controller.V3Controller):
|
||||||
|
|
||||||
def _update_role(self, request, role_id, role):
|
def _update_role(self, request, role_id, role):
|
||||||
self._require_matching_id(role_id, role)
|
self._require_matching_id(role_id, role)
|
||||||
ref = self.role_api.update_role(role_id, role, request.audit_initiator)
|
ref = self.role_api.update_role(
|
||||||
|
role_id, role, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
return RoleV3.wrap_member(request.context_dict, ref)
|
return RoleV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
def _delete_role(self, request, role_id):
|
def _delete_role(self, request, role_id):
|
||||||
self.role_api.delete_role(role_id, request.audit_initiator)
|
self.role_api.delete_role(role_id, initiator=request.audit_initiator)
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def build_driver_hints(cls, request, supported_filters):
|
def build_driver_hints(cls, request, supported_filters):
|
||||||
|
|
|
@ -50,7 +50,9 @@ class Service(controller.V2Controller):
|
||||||
@controller.v2_deprecated
|
@controller.v2_deprecated
|
||||||
def delete_service(self, request, service_id):
|
def delete_service(self, request, service_id):
|
||||||
self.assert_admin(request)
|
self.assert_admin(request)
|
||||||
self.catalog_api.delete_service(service_id, request.audit_initiator)
|
self.catalog_api.delete_service(
|
||||||
|
service_id, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_deprecated
|
||||||
def create_service(self, request, OS_KSADM_service):
|
def create_service(self, request, OS_KSADM_service):
|
||||||
|
@ -60,7 +62,7 @@ class Service(controller.V2Controller):
|
||||||
service_ref = OS_KSADM_service.copy()
|
service_ref = OS_KSADM_service.copy()
|
||||||
service_ref['id'] = service_id
|
service_ref['id'] = service_id
|
||||||
new_service_ref = self.catalog_api.create_service(
|
new_service_ref = self.catalog_api.create_service(
|
||||||
service_id, service_ref, request.audit_initiator)
|
service_id, service_ref, initiator=request.audit_initiator)
|
||||||
return {'OS-KSADM:service': new_service_ref}
|
return {'OS-KSADM:service': new_service_ref}
|
||||||
|
|
||||||
|
|
||||||
|
@ -150,7 +152,9 @@ class Endpoint(controller.V2Controller):
|
||||||
self.catalog_api.get_region(endpoint['region'])
|
self.catalog_api.get_region(endpoint['region'])
|
||||||
except exception.RegionNotFound:
|
except exception.RegionNotFound:
|
||||||
region = dict(id=endpoint['region'])
|
region = dict(id=endpoint['region'])
|
||||||
self.catalog_api.create_region(region, request.audit_initiator)
|
self.catalog_api.create_region(
|
||||||
|
region, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
legacy_endpoint_ref = endpoint.copy()
|
legacy_endpoint_ref = endpoint.copy()
|
||||||
|
|
||||||
|
@ -176,7 +180,7 @@ class Endpoint(controller.V2Controller):
|
||||||
endpoint_ref['region_id'] = endpoint_ref.pop('region')
|
endpoint_ref['region_id'] = endpoint_ref.pop('region')
|
||||||
self.catalog_api.create_endpoint(endpoint_ref['id'],
|
self.catalog_api.create_endpoint(endpoint_ref['id'],
|
||||||
endpoint_ref,
|
endpoint_ref,
|
||||||
request.audit_initiator)
|
initiator=request.audit_initiator)
|
||||||
|
|
||||||
legacy_endpoint_ref['id'] = legacy_endpoint_id
|
legacy_endpoint_ref['id'] = legacy_endpoint_id
|
||||||
return {'endpoint': legacy_endpoint_ref}
|
return {'endpoint': legacy_endpoint_ref}
|
||||||
|
@ -189,8 +193,10 @@ class Endpoint(controller.V2Controller):
|
||||||
deleted_at_least_one = False
|
deleted_at_least_one = False
|
||||||
for endpoint in self.catalog_api.list_endpoints():
|
for endpoint in self.catalog_api.list_endpoints():
|
||||||
if endpoint['legacy_endpoint_id'] == endpoint_id:
|
if endpoint['legacy_endpoint_id'] == endpoint_id:
|
||||||
self.catalog_api.delete_endpoint(endpoint['id'],
|
self.catalog_api.delete_endpoint(
|
||||||
request.audit_initiator)
|
endpoint['id'],
|
||||||
|
initiator=request.audit_initiator
|
||||||
|
)
|
||||||
deleted_at_least_one = True
|
deleted_at_least_one = True
|
||||||
|
|
||||||
if not deleted_at_least_one:
|
if not deleted_at_least_one:
|
||||||
|
@ -225,7 +231,9 @@ class RegionV3(controller.V3Controller):
|
||||||
if not ref.get('id'):
|
if not ref.get('id'):
|
||||||
ref = self._assign_unique_id(ref)
|
ref = self._assign_unique_id(ref)
|
||||||
|
|
||||||
ref = self.catalog_api.create_region(ref, request.audit_initiator)
|
ref = self.catalog_api.create_region(
|
||||||
|
ref, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
return wsgi.render_response(
|
return wsgi.render_response(
|
||||||
RegionV3.wrap_member(request.context_dict, ref),
|
RegionV3.wrap_member(request.context_dict, ref),
|
||||||
status=(http_client.CREATED,
|
status=(http_client.CREATED,
|
||||||
|
@ -250,13 +258,14 @@ class RegionV3(controller.V3Controller):
|
||||||
self._require_matching_id(region_id, region)
|
self._require_matching_id(region_id, region)
|
||||||
ref = self.catalog_api.update_region(region_id,
|
ref = self.catalog_api.update_region(region_id,
|
||||||
region,
|
region,
|
||||||
request.audit_initiator)
|
initiator=request.audit_initiator)
|
||||||
return RegionV3.wrap_member(request.context_dict, ref)
|
return RegionV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def delete_region(self, request, region_id):
|
def delete_region(self, request, region_id):
|
||||||
return self.catalog_api.delete_region(region_id,
|
return self.catalog_api.delete_region(
|
||||||
request.audit_initiator)
|
region_id, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
@dependency.requires('catalog_api')
|
@dependency.requires('catalog_api')
|
||||||
|
@ -272,9 +281,9 @@ class ServiceV3(controller.V3Controller):
|
||||||
def create_service(self, request, service):
|
def create_service(self, request, service):
|
||||||
validation.lazy_validate(schema.service_create, service)
|
validation.lazy_validate(schema.service_create, service)
|
||||||
ref = self._assign_unique_id(self._normalize_dict(service))
|
ref = self._assign_unique_id(self._normalize_dict(service))
|
||||||
ref = self.catalog_api.create_service(ref['id'],
|
ref = self.catalog_api.create_service(
|
||||||
ref,
|
ref['id'], ref, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
return ServiceV3.wrap_member(request.context_dict, ref)
|
return ServiceV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.filterprotected('type', 'name')
|
@controller.filterprotected('type', 'name')
|
||||||
|
@ -294,15 +303,16 @@ class ServiceV3(controller.V3Controller):
|
||||||
def update_service(self, request, service_id, service):
|
def update_service(self, request, service_id, service):
|
||||||
validation.lazy_validate(schema.service_update, service)
|
validation.lazy_validate(schema.service_update, service)
|
||||||
self._require_matching_id(service_id, service)
|
self._require_matching_id(service_id, service)
|
||||||
ref = self.catalog_api.update_service(service_id,
|
ref = self.catalog_api.update_service(
|
||||||
service,
|
service_id, service, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
return ServiceV3.wrap_member(request.context_dict, ref)
|
return ServiceV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def delete_service(self, request, service_id):
|
def delete_service(self, request, service_id):
|
||||||
return self.catalog_api.delete_service(service_id,
|
return self.catalog_api.delete_service(
|
||||||
request.audit_initiator)
|
service_id, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
@dependency.requires('catalog_api')
|
@dependency.requires('catalog_api')
|
||||||
|
@ -345,7 +355,9 @@ class EndpointV3(controller.V3Controller):
|
||||||
self.catalog_api.get_region(endpoint['region_id'])
|
self.catalog_api.get_region(endpoint['region_id'])
|
||||||
except exception.RegionNotFound:
|
except exception.RegionNotFound:
|
||||||
region = dict(id=endpoint['region_id'])
|
region = dict(id=endpoint['region_id'])
|
||||||
self.catalog_api.create_region(region, request.audit_initiator)
|
self.catalog_api.create_region(
|
||||||
|
region, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
return endpoint
|
return endpoint
|
||||||
|
|
||||||
|
@ -355,9 +367,9 @@ class EndpointV3(controller.V3Controller):
|
||||||
utils.check_endpoint_url(endpoint['url'])
|
utils.check_endpoint_url(endpoint['url'])
|
||||||
ref = self._assign_unique_id(self._normalize_dict(endpoint))
|
ref = self._assign_unique_id(self._normalize_dict(endpoint))
|
||||||
ref = self._validate_endpoint_region(ref, request)
|
ref = self._validate_endpoint_region(ref, request)
|
||||||
ref = self.catalog_api.create_endpoint(ref['id'],
|
ref = self.catalog_api.create_endpoint(
|
||||||
ref,
|
ref['id'], ref, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
return EndpointV3.wrap_member(request.context_dict, ref)
|
return EndpointV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.filterprotected('interface', 'service_id', 'region_id')
|
@controller.filterprotected('interface', 'service_id', 'region_id')
|
||||||
|
@ -381,15 +393,16 @@ class EndpointV3(controller.V3Controller):
|
||||||
endpoint = self._validate_endpoint_region(endpoint.copy(),
|
endpoint = self._validate_endpoint_region(endpoint.copy(),
|
||||||
request)
|
request)
|
||||||
|
|
||||||
ref = self.catalog_api.update_endpoint(endpoint_id,
|
ref = self.catalog_api.update_endpoint(
|
||||||
endpoint,
|
endpoint_id, endpoint, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
return EndpointV3.wrap_member(request.context_dict, ref)
|
return EndpointV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def delete_endpoint(self, request, endpoint_id):
|
def delete_endpoint(self, request, endpoint_id):
|
||||||
return self.catalog_api.delete_endpoint(endpoint_id,
|
return self.catalog_api.delete_endpoint(
|
||||||
request.audit_initiator)
|
endpoint_id, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
@dependency.requires('catalog_api', 'resource_api')
|
@dependency.requires('catalog_api', 'resource_api')
|
||||||
|
|
|
@ -77,7 +77,10 @@ class User(controller.V2Controller):
|
||||||
# The manager layer will generate the unique ID for users
|
# The manager layer will generate the unique ID for users
|
||||||
user_ref = self._normalize_domain_id(request, user.copy())
|
user_ref = self._normalize_domain_id(request, user.copy())
|
||||||
new_user_ref = self.v3_to_v2_user(
|
new_user_ref = self.v3_to_v2_user(
|
||||||
self.identity_api.create_user(user_ref, request.audit_initiator))
|
self.identity_api.create_user(
|
||||||
|
user_ref, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
)
|
||||||
|
|
||||||
if default_project_id is not None:
|
if default_project_id is not None:
|
||||||
self.assignment_api.add_user_to_project(default_project_id,
|
self.assignment_api.add_user_to_project(default_project_id,
|
||||||
|
@ -111,9 +114,9 @@ class User(controller.V2Controller):
|
||||||
# user update.
|
# user update.
|
||||||
self.resource_api.get_project(default_project_id)
|
self.resource_api.get_project(default_project_id)
|
||||||
|
|
||||||
user_ref = self.identity_api.update_user(user_id,
|
user_ref = self.identity_api.update_user(
|
||||||
user,
|
user_id, user, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
user_ref = self.v3_to_v2_user(user_ref)
|
user_ref = self.v3_to_v2_user(user_ref)
|
||||||
|
|
||||||
# If 'tenantId' is in either ref, we might need to add or remove the
|
# If 'tenantId' is in either ref, we might need to add or remove the
|
||||||
|
@ -159,7 +162,9 @@ class User(controller.V2Controller):
|
||||||
@controller.v2_deprecated
|
@controller.v2_deprecated
|
||||||
def delete_user(self, request, user_id):
|
def delete_user(self, request, user_id):
|
||||||
self.assert_admin(request)
|
self.assert_admin(request)
|
||||||
self.identity_api.delete_user(user_id, request.audit_initiator)
|
self.identity_api.delete_user(
|
||||||
|
user_id, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_deprecated
|
||||||
def set_user_enabled(self, request, user_id, user):
|
def set_user_enabled(self, request, user_id, user):
|
||||||
|
@ -211,7 +216,9 @@ class UserV3(controller.V3Controller):
|
||||||
# The manager layer will generate the unique ID for users
|
# The manager layer will generate the unique ID for users
|
||||||
ref = self._normalize_dict(user)
|
ref = self._normalize_dict(user)
|
||||||
ref = self._normalize_domain_id(request, ref)
|
ref = self._normalize_domain_id(request, ref)
|
||||||
ref = self.identity_api.create_user(ref, request.audit_initiator)
|
ref = self.identity_api.create_user(
|
||||||
|
ref, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
return UserV3.wrap_member(request.context_dict, ref)
|
return UserV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.filterprotected('domain_id', 'enabled', 'name')
|
@controller.filterprotected('domain_id', 'enabled', 'name')
|
||||||
|
@ -237,9 +244,9 @@ class UserV3(controller.V3Controller):
|
||||||
self._require_matching_id(user_id, user)
|
self._require_matching_id(user_id, user)
|
||||||
self._require_matching_domain_id(
|
self._require_matching_domain_id(
|
||||||
user_id, user, self.identity_api.get_user)
|
user_id, user, self.identity_api.get_user)
|
||||||
ref = self.identity_api.update_user(user_id,
|
ref = self.identity_api.update_user(
|
||||||
user,
|
user_id, user, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
return UserV3.wrap_member(request.context_dict, ref)
|
return UserV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
|
@ -249,9 +256,9 @@ class UserV3(controller.V3Controller):
|
||||||
|
|
||||||
@controller.protected(callback=_check_user_and_group_protection)
|
@controller.protected(callback=_check_user_and_group_protection)
|
||||||
def add_user_to_group(self, request, user_id, group_id):
|
def add_user_to_group(self, request, user_id, group_id):
|
||||||
self.identity_api.add_user_to_group(user_id,
|
self.identity_api.add_user_to_group(
|
||||||
group_id,
|
user_id, group_id, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
|
|
||||||
@controller.protected(callback=_check_user_and_group_protection)
|
@controller.protected(callback=_check_user_and_group_protection)
|
||||||
def check_user_in_group(self, request, user_id, group_id):
|
def check_user_in_group(self, request, user_id, group_id):
|
||||||
|
@ -259,13 +266,15 @@ class UserV3(controller.V3Controller):
|
||||||
|
|
||||||
@controller.protected(callback=_check_user_and_group_protection)
|
@controller.protected(callback=_check_user_and_group_protection)
|
||||||
def remove_user_from_group(self, request, user_id, group_id):
|
def remove_user_from_group(self, request, user_id, group_id):
|
||||||
self.identity_api.remove_user_from_group(user_id,
|
self.identity_api.remove_user_from_group(
|
||||||
group_id,
|
user_id, group_id, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def delete_user(self, request, user_id):
|
def delete_user(self, request, user_id):
|
||||||
return self.identity_api.delete_user(user_id, request.audit_initiator)
|
return self.identity_api.delete_user(
|
||||||
|
user_id, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def change_password(self, request, user_id, user):
|
def change_password(self, request, user_id, user):
|
||||||
|
@ -305,7 +314,9 @@ class GroupV3(controller.V3Controller):
|
||||||
# The manager layer will generate the unique ID for groups
|
# The manager layer will generate the unique ID for groups
|
||||||
ref = self._normalize_dict(group)
|
ref = self._normalize_dict(group)
|
||||||
ref = self._normalize_domain_id(request, ref)
|
ref = self._normalize_domain_id(request, ref)
|
||||||
ref = self.identity_api.create_group(ref, request.audit_initiator)
|
ref = self.identity_api.create_group(
|
||||||
|
ref, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
return GroupV3.wrap_member(request.context_dict, ref)
|
return GroupV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.filterprotected('domain_id', 'name')
|
@controller.filterprotected('domain_id', 'name')
|
||||||
|
@ -332,11 +343,13 @@ class GroupV3(controller.V3Controller):
|
||||||
self._require_matching_id(group_id, group)
|
self._require_matching_id(group_id, group)
|
||||||
self._require_matching_domain_id(
|
self._require_matching_domain_id(
|
||||||
group_id, group, self.identity_api.get_group)
|
group_id, group, self.identity_api.get_group)
|
||||||
ref = self.identity_api.update_group(group_id,
|
ref = self.identity_api.update_group(
|
||||||
group,
|
group_id, group, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
return GroupV3.wrap_member(request.context_dict, ref)
|
return GroupV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def delete_group(self, request, group_id):
|
def delete_group(self, request, group_id):
|
||||||
self.identity_api.delete_group(group_id, request.audit_initiator)
|
self.identity_api.delete_group(
|
||||||
|
group_id, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
|
@ -65,8 +65,9 @@ class ConsumerCrudV3(controller.V3Controller):
|
||||||
def create_consumer(self, request, consumer):
|
def create_consumer(self, request, consumer):
|
||||||
validation.lazy_validate(schema.consumer_create, consumer)
|
validation.lazy_validate(schema.consumer_create, consumer)
|
||||||
ref = self._assign_unique_id(self._normalize_dict(consumer))
|
ref = self._assign_unique_id(self._normalize_dict(consumer))
|
||||||
consumer_ref = self.oauth_api.create_consumer(ref,
|
consumer_ref = self.oauth_api.create_consumer(
|
||||||
request.audit_initiator)
|
ref, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
return ConsumerCrudV3.wrap_member(request.context_dict, consumer_ref)
|
return ConsumerCrudV3.wrap_member(request.context_dict, consumer_ref)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
|
@ -74,9 +75,9 @@ class ConsumerCrudV3(controller.V3Controller):
|
||||||
validation.lazy_validate(schema.consumer_update, consumer)
|
validation.lazy_validate(schema.consumer_update, consumer)
|
||||||
self._require_matching_id(consumer_id, consumer)
|
self._require_matching_id(consumer_id, consumer)
|
||||||
ref = self._normalize_dict(consumer)
|
ref = self._normalize_dict(consumer)
|
||||||
ref = self.oauth_api.update_consumer(consumer_id,
|
ref = self.oauth_api.update_consumer(
|
||||||
ref,
|
consumer_id, ref, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
return ConsumerCrudV3.wrap_member(request.context_dict, ref)
|
return ConsumerCrudV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
|
@ -95,7 +96,9 @@ class ConsumerCrudV3(controller.V3Controller):
|
||||||
payload = {'user_id': user_token_ref.user_id,
|
payload = {'user_id': user_token_ref.user_id,
|
||||||
'consumer_id': consumer_id}
|
'consumer_id': consumer_id}
|
||||||
_emit_user_oauth_consumer_token_invalidate(payload)
|
_emit_user_oauth_consumer_token_invalidate(payload)
|
||||||
self.oauth_api.delete_consumer(consumer_id, request.audit_initiator)
|
self.oauth_api.delete_consumer(
|
||||||
|
consumer_id, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
@dependency.requires('oauth_api')
|
@dependency.requires('oauth_api')
|
||||||
|
@ -140,9 +143,9 @@ class AccessTokenCrudV3(controller.V3Controller):
|
||||||
consumer_id = access_token['consumer_id']
|
consumer_id = access_token['consumer_id']
|
||||||
payload = {'user_id': user_id, 'consumer_id': consumer_id}
|
payload = {'user_id': user_id, 'consumer_id': consumer_id}
|
||||||
_emit_user_oauth_consumer_token_invalidate(payload)
|
_emit_user_oauth_consumer_token_invalidate(payload)
|
||||||
return self.oauth_api.delete_access_token(user_id,
|
return self.oauth_api.delete_access_token(
|
||||||
access_token_id,
|
user_id, access_token_id, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def _get_user_id(entity):
|
def _get_user_id(entity):
|
||||||
|
@ -252,7 +255,7 @@ class OAuthControllerV3(controller.V3Controller):
|
||||||
consumer_id,
|
consumer_id,
|
||||||
requested_project_id,
|
requested_project_id,
|
||||||
request_token_duration,
|
request_token_duration,
|
||||||
request.audit_initiator)
|
initiator=request.audit_initiator)
|
||||||
|
|
||||||
result = ('oauth_token=%(key)s&oauth_token_secret=%(secret)s'
|
result = ('oauth_token=%(key)s&oauth_token_secret=%(secret)s'
|
||||||
% {'key': token_ref['id'],
|
% {'key': token_ref['id'],
|
||||||
|
@ -340,9 +343,11 @@ class OAuthControllerV3(controller.V3Controller):
|
||||||
raise exception.Unauthorized(message=msg)
|
raise exception.Unauthorized(message=msg)
|
||||||
|
|
||||||
access_token_duration = CONF.oauth1.access_token_duration
|
access_token_duration = CONF.oauth1.access_token_duration
|
||||||
token_ref = self.oauth_api.create_access_token(request_token_id,
|
token_ref = self.oauth_api.create_access_token(
|
||||||
access_token_duration,
|
request_token_id,
|
||||||
request.audit_initiator)
|
access_token_duration,
|
||||||
|
initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
result = ('oauth_token=%(key)s&oauth_token_secret=%(secret)s'
|
result = ('oauth_token=%(key)s&oauth_token_secret=%(secret)s'
|
||||||
% {'key': token_ref['id'],
|
% {'key': token_ref['id'],
|
||||||
|
|
|
@ -27,9 +27,9 @@ class PolicyV3(controller.V3Controller):
|
||||||
def create_policy(self, request, policy):
|
def create_policy(self, request, policy):
|
||||||
validation.lazy_validate(schema.policy_create, policy)
|
validation.lazy_validate(schema.policy_create, policy)
|
||||||
ref = self._assign_unique_id(self._normalize_dict(policy))
|
ref = self._assign_unique_id(self._normalize_dict(policy))
|
||||||
ref = self.policy_api.create_policy(ref['id'],
|
ref = self.policy_api.create_policy(
|
||||||
ref,
|
ref['id'], ref, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
return PolicyV3.wrap_member(request.context_dict, ref)
|
return PolicyV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.filterprotected('type')
|
@controller.filterprotected('type')
|
||||||
|
@ -47,12 +47,13 @@ class PolicyV3(controller.V3Controller):
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def update_policy(self, request, policy_id, policy):
|
def update_policy(self, request, policy_id, policy):
|
||||||
validation.lazy_validate(schema.policy_update, policy)
|
validation.lazy_validate(schema.policy_update, policy)
|
||||||
ref = self.policy_api.update_policy(policy_id,
|
ref = self.policy_api.update_policy(
|
||||||
policy,
|
policy_id, policy, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
return PolicyV3.wrap_member(request.context_dict, ref)
|
return PolicyV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def delete_policy(self, request, policy_id):
|
def delete_policy(self, request, policy_id):
|
||||||
return self.policy_api.delete_policy(policy_id,
|
return self.policy_api.delete_policy(
|
||||||
request.audit_initiator)
|
policy_id, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
|
@ -96,7 +96,7 @@ class Tenant(controller.V2Controller):
|
||||||
tenant = self.resource_api.create_project(
|
tenant = self.resource_api.create_project(
|
||||||
tenant_ref['id'],
|
tenant_ref['id'],
|
||||||
self._normalize_domain_id(request, tenant_ref),
|
self._normalize_domain_id(request, tenant_ref),
|
||||||
request.audit_initiator)
|
initiator=request.audit_initiator)
|
||||||
return {'tenant': self.v3_to_v2_project(tenant)}
|
return {'tenant': self.v3_to_v2_project(tenant)}
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_deprecated
|
||||||
|
@ -106,14 +106,17 @@ class Tenant(controller.V2Controller):
|
||||||
self._assert_not_is_domain_project(tenant_id)
|
self._assert_not_is_domain_project(tenant_id)
|
||||||
|
|
||||||
tenant_ref = self.resource_api.update_project(
|
tenant_ref = self.resource_api.update_project(
|
||||||
tenant_id, tenant, request.audit_initiator)
|
tenant_id, tenant, initiator=request.audit_initiator)
|
||||||
return {'tenant': self.v3_to_v2_project(tenant_ref)}
|
return {'tenant': self.v3_to_v2_project(tenant_ref)}
|
||||||
|
|
||||||
@controller.v2_deprecated
|
@controller.v2_deprecated
|
||||||
def delete_project(self, request, tenant_id):
|
def delete_project(self, request, tenant_id):
|
||||||
self.assert_admin(request)
|
self.assert_admin(request)
|
||||||
self._assert_not_is_domain_project(tenant_id)
|
self._assert_not_is_domain_project(tenant_id)
|
||||||
self.resource_api.delete_project(tenant_id, request.audit_initiator)
|
self.resource_api.delete_project(
|
||||||
|
tenant_id,
|
||||||
|
initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
@dependency.requires('resource_api')
|
@dependency.requires('resource_api')
|
||||||
|
@ -129,9 +132,9 @@ class DomainV3(controller.V3Controller):
|
||||||
def create_domain(self, request, domain):
|
def create_domain(self, request, domain):
|
||||||
validation.lazy_validate(schema.domain_create, domain)
|
validation.lazy_validate(schema.domain_create, domain)
|
||||||
ref = self._assign_unique_id(self._normalize_dict(domain))
|
ref = self._assign_unique_id(self._normalize_dict(domain))
|
||||||
ref = self.resource_api.create_domain(ref['id'],
|
ref = self.resource_api.create_domain(
|
||||||
ref,
|
ref['id'], ref, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
return DomainV3.wrap_member(request.context_dict, ref)
|
return DomainV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.filterprotected('enabled', 'name')
|
@controller.filterprotected('enabled', 'name')
|
||||||
|
@ -150,15 +153,16 @@ class DomainV3(controller.V3Controller):
|
||||||
def update_domain(self, request, domain_id, domain):
|
def update_domain(self, request, domain_id, domain):
|
||||||
validation.lazy_validate(schema.domain_update, domain)
|
validation.lazy_validate(schema.domain_update, domain)
|
||||||
self._require_matching_id(domain_id, domain)
|
self._require_matching_id(domain_id, domain)
|
||||||
ref = self.resource_api.update_domain(domain_id,
|
ref = self.resource_api.update_domain(
|
||||||
domain,
|
domain_id, domain, initiator=request.audit_initiator
|
||||||
request.audit_initiator)
|
)
|
||||||
return DomainV3.wrap_member(request.context_dict, ref)
|
return DomainV3.wrap_member(request.context_dict, ref)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def delete_domain(self, request, domain_id):
|
def delete_domain(self, request, domain_id):
|
||||||
return self.resource_api.delete_domain(domain_id,
|
return self.resource_api.delete_domain(
|
||||||
request.audit_initiator)
|
domain_id, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
@dependency.requires('domain_config_api')
|
@dependency.requires('domain_config_api')
|
||||||
|
|
|
@ -136,10 +136,13 @@ class TrustV3(controller.V3Controller):
|
||||||
trust['expires_at'] = self._parse_expiration_date(
|
trust['expires_at'] = self._parse_expiration_date(
|
||||||
trust.get('expires_at'))
|
trust.get('expires_at'))
|
||||||
trust_id = uuid.uuid4().hex
|
trust_id = uuid.uuid4().hex
|
||||||
new_trust = self.trust_api.create_trust(trust_id, trust,
|
new_trust = self.trust_api.create_trust(
|
||||||
normalized_roles,
|
trust_id,
|
||||||
redelegated_trust,
|
trust,
|
||||||
request.audit_initiator)
|
normalized_roles,
|
||||||
|
redelegated_trust,
|
||||||
|
initiator=request.audit_initiator
|
||||||
|
)
|
||||||
self._fill_in_roles(request.context_dict, new_trust)
|
self._fill_in_roles(request.context_dict, new_trust)
|
||||||
return TrustV3.wrap_member(request.context_dict, new_trust)
|
return TrustV3.wrap_member(request.context_dict, new_trust)
|
||||||
|
|
||||||
|
@ -224,7 +227,9 @@ class TrustV3(controller.V3Controller):
|
||||||
not request.context.is_admin):
|
not request.context.is_admin):
|
||||||
raise exception.Forbidden()
|
raise exception.Forbidden()
|
||||||
|
|
||||||
self.trust_api.delete_trust(trust_id, request.audit_initiator)
|
self.trust_api.delete_trust(
|
||||||
|
trust_id, initiator=request.audit_initiator
|
||||||
|
)
|
||||||
|
|
||||||
@controller.protected()
|
@controller.protected()
|
||||||
def list_roles_for_trust(self, request, trust_id):
|
def list_roles_for_trust(self, request, trust_id):
|
||||||
|
|
Loading…
Reference in New Issue