From 939881b77fa1ad8546101dc5b8aed126e0127179 Mon Sep 17 00:00:00 2001 From: Lance Bragstad Date: Fri, 10 Mar 2017 17:20:38 +0000 Subject: [PATCH] Don't persist revocation events when deleting a role This is no longer needed since the token provider API will rebuild the token context at validation time. The revocation event is not needed and we no longer need to store it. Change-Id: I91315f620534974ab1102d693fbdff45e4ae8887 partial-bug: 1671887 --- keystone/revoke/core.py | 6 ------ 1 file changed, 6 deletions(-) diff --git a/keystone/revoke/core.py b/keystone/revoke/core.py index 7b206a9add..9441b901c8 100644 --- a/keystone/revoke/core.py +++ b/keystone/revoke/core.py @@ -82,11 +82,6 @@ class Manager(manager.Manager): payload): self.revoke_by_user(payload['resource_info']) - def _role_callback(self, service, resource_type, operation, - payload): - self.revoke( - revoke_model.RevokeEvent(role_id=payload['resource_info'])) - def _project_callback(self, service, resource_type, operation, payload): self.revoke( @@ -119,7 +114,6 @@ class Manager(manager.Manager): notifications.ACTIONS.deleted: [ ['OS-TRUST:trust', self._trust_callback], ['OS-OAUTH1:consumer', self._consumer_callback], - ['role', self._role_callback], ['user', self._user_callback], ['project', self._project_callback], ['role_assignment', self._role_assignment_callback]