Merge "Limited use trusts"
This commit is contained in:
commit
507af4c0f4
|
@ -40,6 +40,14 @@ class TrustTests(utils.TestCase, utils.CrudTests):
|
||||||
ref['impersonation'] = False
|
ref['impersonation'] = False
|
||||||
super(TrustTests, self).test_create(ref=ref)
|
super(TrustTests, self).test_create(ref=ref)
|
||||||
|
|
||||||
|
def test_create_limited_uses(self):
|
||||||
|
ref = self.new_ref()
|
||||||
|
ref['trustor_user_id'] = uuid.uuid4().hex
|
||||||
|
ref['trustee_user_id'] = uuid.uuid4().hex
|
||||||
|
ref['impersonation'] = False
|
||||||
|
ref['remaining_uses'] = 5
|
||||||
|
super(TrustTests, self).test_create(ref=ref)
|
||||||
|
|
||||||
def test_create_roles(self):
|
def test_create_roles(self):
|
||||||
ref = self.new_ref()
|
ref = self.new_ref()
|
||||||
ref['trustor_user_id'] = uuid.uuid4().hex
|
ref['trustor_user_id'] = uuid.uuid4().hex
|
||||||
|
|
|
@ -37,7 +37,7 @@ class TrustManager(base.CrudManager):
|
||||||
|
|
||||||
def create(self, trustee_user, trustor_user, role_names=None,
|
def create(self, trustee_user, trustor_user, role_names=None,
|
||||||
project=None, impersonation=False, expires_at=None,
|
project=None, impersonation=False, expires_at=None,
|
||||||
**kwargs):
|
remaining_uses=None, **kwargs):
|
||||||
"""Create a Trust.
|
"""Create a Trust.
|
||||||
:param string trustee_user: user who is capable of consuming the trust
|
:param string trustee_user: user who is capable of consuming the trust
|
||||||
:param string trustor_user: user who's authorization is being delegated
|
:param string trustor_user: user who's authorization is being delegated
|
||||||
|
@ -45,6 +45,9 @@ class TrustManager(base.CrudManager):
|
||||||
:param string project: project which the trustor is delegating
|
:param string project: project which the trustor is delegating
|
||||||
:param boolean impersonation: enable explicit impersonation
|
:param boolean impersonation: enable explicit impersonation
|
||||||
:param datetime.datetime expires_at: expiry time
|
:param datetime.datetime expires_at: expiry time
|
||||||
|
:param integer remaining_uses: how many times this trust can be used
|
||||||
|
to generate a token. None means
|
||||||
|
unlimited tokens.
|
||||||
"""
|
"""
|
||||||
# Convert role_names list into list-of-dict API format
|
# Convert role_names list into list-of-dict API format
|
||||||
if role_names:
|
if role_names:
|
||||||
|
@ -62,6 +65,7 @@ class TrustManager(base.CrudManager):
|
||||||
expires_at=expires_str,
|
expires_at=expires_str,
|
||||||
impersonation=impersonation,
|
impersonation=impersonation,
|
||||||
project_id=base.getid(project),
|
project_id=base.getid(project),
|
||||||
|
remaining_uses=remaining_uses,
|
||||||
roles=roles,
|
roles=roles,
|
||||||
trustee_user_id=base.getid(trustee_user),
|
trustee_user_id=base.getid(trustee_user),
|
||||||
trustor_user_id=base.getid(trustor_user),
|
trustor_user_id=base.getid(trustor_user),
|
||||||
|
|
Loading…
Reference in New Issue