"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "keystone/assignment/backends/sql.py" between
keystone-17.0.0.tar.gz and keystone-18.0.0.tar.gz

About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Victoria" series (latest release).

sql.py  (keystone-17.0.0):sql.py  (keystone-18.0.0)
skipping to change at line 79 skipping to change at line 79
q = session.query(RoleAssignment.role_id) q = session.query(RoleAssignment.role_id)
q = q.filter(RoleAssignment.actor_id == (user_id or group_id)) q = q.filter(RoleAssignment.actor_id == (user_id or group_id))
q = q.filter(RoleAssignment.target_id == (project_id or domain_id)) q = q.filter(RoleAssignment.target_id == (project_id or domain_id))
q = q.filter(RoleAssignment.inherited == inherited_to_projects) q = q.filter(RoleAssignment.inherited == inherited_to_projects)
return [x.role_id for x in q.all()] return [x.role_id for x in q.all()]
def _build_grant_filter(self, session, role_id, user_id, group_id, def _build_grant_filter(self, session, role_id, user_id, group_id,
domain_id, project_id, inherited_to_projects): domain_id, project_id, inherited_to_projects):
q = session.query(RoleAssignment) q = session.query(RoleAssignment)
q = q.filter_by(actor_id=user_id or group_id) q = q.filter_by(actor_id=user_id or group_id)
q = q.filter_by(target_id=project_id or domain_id) if domain_id:
q = q.filter_by(target_id=domain_id).filter(
(RoleAssignment.type == AssignmentType.USER_DOMAIN) |
(RoleAssignment.type == AssignmentType.GROUP_DOMAIN))
else:
q = q.filter_by(target_id=project_id).filter(
(RoleAssignment.type == AssignmentType.USER_PROJECT) |
(RoleAssignment.type == AssignmentType.GROUP_PROJECT))
q = q.filter_by(role_id=role_id) q = q.filter_by(role_id=role_id)
q = q.filter_by(inherited=inherited_to_projects) q = q.filter_by(inherited=inherited_to_projects)
return q return q
def check_grant_role_id(self, role_id, user_id=None, group_id=None, def check_grant_role_id(self, role_id, user_id=None, group_id=None,
domain_id=None, project_id=None, domain_id=None, project_id=None,
inherited_to_projects=False): inherited_to_projects=False):
with sql.session_for_read() as session: with sql.session_for_read() as session:
try: try:
q = self._build_grant_filter( q = self._build_grant_filter(
 End of changes. 1 change blocks. 
1 lines changed or deleted 8 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)