"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "keystone/api/credentials.py" between
keystone-16.0.1.tar.gz and keystone-17.0.0.tar.gz

About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Ussuri" series (latest release).

credentials.py  (keystone-16.0.1):credentials.py  (keystone-17.0.0)
skipping to change at line 16 skipping to change at line 16
# #
# Unless required by applicable law or agreed to in writing, software # Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
# This file handles all flask-restful resources for /v3/credentials # This file handles all flask-restful resources for /v3/credentials
import hashlib import hashlib
import six
import flask import flask
import http.client
from oslo_serialization import jsonutils from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common import provider_api from keystone.common import provider_api
from keystone.common import rbac_enforcer from keystone.common import rbac_enforcer
from keystone.common import validation from keystone.common import validation
import keystone.conf import keystone.conf
from keystone.credential import schema from keystone.credential import schema
from keystone import exception from keystone import exception
from keystone.i18n import _ from keystone.i18n import _
from keystone.server import flask as ks_flask from keystone.server import flask as ks_flask
skipping to change at line 169 skipping to change at line 168
app_cred_id = getattr( app_cred_id = getattr(
self.auth_context['token'], 'application_credential_id', None) self.auth_context['token'], 'application_credential_id', None)
access_token_id = getattr( access_token_id = getattr(
self.auth_context['token'], 'access_token_id', None) self.auth_context['token'], 'access_token_id', None)
ref = self._assign_unique_id( ref = self._assign_unique_id(
self._normalize_dict(credential), self._normalize_dict(credential),
trust_id=trust_id, app_cred_id=app_cred_id, trust_id=trust_id, app_cred_id=app_cred_id,
access_token_id=access_token_id) access_token_id=access_token_id)
ref = PROVIDERS.credential_api.create_credential( ref = PROVIDERS.credential_api.create_credential(
ref['id'], ref, initiator=self.audit_initiator) ref['id'], ref, initiator=self.audit_initiator)
return self.wrap_member(ref), http_client.CREATED return self.wrap_member(ref), http.client.CREATED
def _validate_blob_update_keys(self, credential, ref): def _validate_blob_update_keys(self, credential, ref):
if credential.get('type', '').lower() == 'ec2': if credential.get('type', '').lower() == 'ec2':
new_blob = self._validate_blob_json(ref) new_blob = self._validate_blob_json(ref)
old_blob = credential.get('blob') old_blob = credential.get('blob')
if isinstance(old_blob, six.string_types): if isinstance(old_blob, str):
old_blob = jsonutils.loads(old_blob) old_blob = jsonutils.loads(old_blob)
# if there was a scope set, prevent changing it or unsetting it # if there was a scope set, prevent changing it or unsetting it
for key in ['trust_id', 'app_cred_id', 'access_token_id']: for key in ['trust_id', 'app_cred_id', 'access_token_id']:
if old_blob.get(key) != new_blob.get(key): if old_blob.get(key) != new_blob.get(key):
message = _('%s can not be updated for credential') % key message = _('%s can not be updated for credential') % key
raise exception.ValidationError(message=message) raise exception.ValidationError(message=message)
def patch(self, credential_id): def patch(self, credential_id):
# Update Credential # Update Credential
ENFORCER.enforce_call( ENFORCER.enforce_call(
skipping to change at line 211 skipping to change at line 210
credential_id, credential) credential_id, credential)
return self.wrap_member(ref) return self.wrap_member(ref)
def delete(self, credential_id): def delete(self, credential_id):
# Delete credentials # Delete credentials
ENFORCER.enforce_call( ENFORCER.enforce_call(
action='identity:delete_credential', action='identity:delete_credential',
build_target=_build_target_enforcement build_target=_build_target_enforcement
) )
return (PROVIDERS.credential_api.delete_credential(credential_id, return (PROVIDERS.credential_api.delete_credential(
initiator=self.audit_ credential_id, initiator=self.audit_initiator),
initiator), http.client.NO_CONTENT)
http_client.NO_CONTENT)
class CredentialAPI(ks_flask.APIBase): class CredentialAPI(ks_flask.APIBase):
_name = 'credentials' _name = 'credentials'
_import_name = __name__ _import_name = __name__
resource_mapping = [] resource_mapping = []
resources = [CredentialResource] resources = [CredentialResource]
APIs = (CredentialAPI,) APIs = (CredentialAPI,)
 End of changes. 6 change blocks. 
8 lines changed or deleted 6 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)