keystone  18.0.0
About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Victoria" series (maintained release).
  Fossies Dox: keystone-18.0.0.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

schema.py
Go to the documentation of this file.
1 # Licensed under the Apache License, Version 2.0 (the "License"); you may
2 # not use this file except in compliance with the License. You may obtain
3 # a copy of the License at
4 #
5 # http://www.apache.org/licenses/LICENSE-2.0
6 #
7 # Unless required by applicable law or agreed to in writing, software
8 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
9 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
10 # License for the specific language governing permissions and limitations
11 # under the License.
12 
13 from keystone.common import validation
14 from keystone.common.validation import parameter_types
15 import keystone.conf
16 from keystone.identity.backends import resource_options as ro
17 
18 
19 CONF = keystone.conf.CONF
20 
21 
22 _identity_name = {
23  'type': 'string',
24  'minLength': 1,
25  'maxLength': 255,
26  'pattern': r'[\S]+'
27 }
28 
29 # Schema for Identity v3 API
30 
31 _user_properties = {
32  'default_project_id': validation.nullable(parameter_types.id_string),
33  'description': validation.nullable(parameter_types.description),
34  'domain_id': parameter_types.id_string,
35  'enabled': parameter_types.boolean,
36  'federated': {
37  'type': 'array',
38  'items':
39  {
40  'type': 'object',
41  'properties': {
42  'idp_id': {'type': 'string'},
43  'protocols': {
44  'type': 'array',
45  'items':
46  {
47  'type': 'object',
48  'properties': {
49  'protocol_id': {'type': 'string'},
50  'unique_id': {'type': 'string'}
51  },
52  'required': ['protocol_id', 'unique_id']
53  },
54  'minItems': 1
55  }
56  },
57  'required': ['idp_id', 'protocols']
58  },
59  },
60  'name': _identity_name,
61  'password': {
62  'type': ['string', 'null']
63  },
64  'options': ro.USER_OPTIONS_REGISTRY.json_schema
65 }
66 
67 # TODO(notmorgan): Provide a mechanism for options to supply real jsonschema
68 # validation based upon the option object and the option validator(s)
69 user_create = {
70  'type': 'object',
71  'properties': _user_properties,
72  'required': ['name'],
73  'options': {
74  'type': 'object'
75  },
76  'additionalProperties': True
77 }
78 
79 user_update = {
80  'type': 'object',
81  'properties': _user_properties,
82  'minProperties': 1,
83  'options': {
84  'type': 'object'
85  },
86  'additionalProperties': True
87 }
88 
89 _group_properties = {
90  'description': validation.nullable(parameter_types.description),
91  'domain_id': parameter_types.id_string,
92  'name': _identity_name
93 }
94 
95 group_create = {
96  'type': 'object',
97  'properties': _group_properties,
98  'required': ['name'],
99  'additionalProperties': True
100 }
101 
102 group_update = {
103  'type': 'object',
104  'properties': _group_properties,
105  'minProperties': 1,
106  'additionalProperties': True
107 }
108 
109 _password_change_properties = {
110  'original_password': {
111  'type': 'string'
112  },
113  'password': {
114  'type': 'string'
115  }
116 }
117 if getattr(CONF, 'strict_password_check', None):
118  _password_change_properties['password']['maxLength'] = \
119  CONF.identity.max_password_length
120 
121 if getattr(CONF, 'security_compliance', None):
122  if getattr(CONF.security_compliance, 'password_regex', None):
123  _password_change_properties['password']['pattern'] = \
124  CONF.security_compliance.password_regex
125 
126 password_change = {
127  'type': 'object',
128  'properties': _password_change_properties,
129  'required': ['original_password', 'password'],
130  'additionalProperties': False
131 }
keystone.conf
Definition: __init__.py:1
keystone.common
Definition: __init__.py:1
keystone.identity.backends
Definition: __init__.py:1
keystone.common.validation
Definition: __init__.py:1