python-keystoneclient/keystoneclient/v3/credentials.py

# Copyright 2011 OpenStack Foundation
# Copyright 2011 Nebula, Inc.
# All Rights Reserved.
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.

from keystoneclient import base


class Credential(base.Resource):
    """Represents an Identity credential.

    Attributes:
        * id: a uuid that identifies the credential
        * user_id: user ID to which credential belongs
        * type: the type of credential
        * blob: the text that represents the credential
        * project_id: project ID which limits the scope of the credential

    """

    pass


class CredentialManager(base.CrudManager):
    """Manager class for manipulating Identity credentials."""

    resource_class = Credential
    collection_key = 'credentials'
    key = 'credential'

    def create(self, user, type, blob, project=None, **kwargs):
        """Create a credential.

        :param user: the user to which the credential belongs
        :type user: str or :class:`keystoneclient.v3.users.User`
        :param str type: the type of the credential, valid values are:
                         ``ec2``, ``cert`` or ``totp``
        :param str blob: the arbitrary blob of the credential data, to be
                         parsed according to the type
        :param project: the project which limits the scope of the credential,
                        this attribbute is mandatory if the credential type is
                        ec2
        :type project: str or :class:`keystoneclient.v3.projects.Project`
        :param kwargs: any other attribute provided will be passed to the
                       server

        :returns: the created credential
        :rtype: :class:`keystoneclient.v3.credentials.Credential`

        """
        return super(CredentialManager, self).create(
            user_id=base.getid(user),
            type=type,
            blob=blob,
            project_id=base.getid(project),
            **kwargs)

    def get(self, credential):
        """Retrieve a credential.

        :param credential: the credential to be retrieved from the server
        :type credential: str or
                          :class:`keystoneclient.v3.credentials.Credential`

        :returns: the specified credential
        :rtype: :class:`keystoneclient.v3.credentials.Credential`

        """
        return super(CredentialManager, self).get(
            credential_id=base.getid(credential))

    def list(self, **kwargs):
        """List credentials.

        :param kwargs: If user_id or type is specified then credentials
                       will be filtered accordingly.

        :returns: a list of credentials
        :rtype: list of :class:`keystoneclient.v3.credentials.Credential`

        """
        return super(CredentialManager, self).list(**kwargs)

    def update(self, credential, user, type=None, blob=None, project=None,
               **kwargs):
        """Update a credential.

        :param credential: the credential to be updated on the server
        :type credential: str or
                         :class:`keystoneclient.v3.credentials.Credential`
        :param user: the new user to which the credential belongs
        :type user: str or :class:`keystoneclient.v3.users.User`
        :param str type: the new type of the credential, valid values are:
                         ``ec2``, ``cert`` or ``totp``
        :param str blob: the new blob of the credential data
                          and may be removed in the future release.
        :param project: the new project which limits the scope of the
                        credential, this attribute is mandatory if the
                        credential type is ec2
        :type project: str or :class:`keystoneclient.v3.projects.Project`
        :param kwargs: any other attribute provided will be passed to the
                       server

        :returns: the updated credential
        :rtype: :class:`keystoneclient.v3.credentials.Credential`

        """
        return super(CredentialManager, self).update(
            credential_id=base.getid(credential),
            user_id=base.getid(user),
            type=type,
            blob=blob,
            project_id=base.getid(project),
            **kwargs)

    def delete(self, credential):
        """Delete a credential.

        :param credential: the credential to be deleted
        :type credential: str or
                          :class:`keystoneclient.v3.credentials.Credential`

        :returns: response object with 204 status
        :rtype: :class:`requests.models.Response`

        """
        return super(CredentialManager, self).delete(
            credential_id=base.getid(credential))