"Fossies" - the Fresh Open Source Software Archive

Member "keystone-18.0.0/keystone/identity/schema.py" (14 Oct 2020, 3792 Bytes) of package /linux/misc/openstack/keystone-18.0.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Python source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. For more information about "schema.py" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 17.0.0_vs_18.0.0.

    1 # Licensed under the Apache License, Version 2.0 (the "License"); you may
    2 # not use this file except in compliance with the License. You may obtain
    3 # a copy of the License at
    4 #
    5 # http://www.apache.org/licenses/LICENSE-2.0
    6 #
    7 # Unless required by applicable law or agreed to in writing, software
    8 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
    9 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
   10 # License for the specific language governing permissions and limitations
   11 # under the License.
   12 
   13 from keystone.common import validation
   14 from keystone.common.validation import parameter_types
   15 import keystone.conf
   16 from keystone.identity.backends import resource_options as ro
   17 
   18 
   19 CONF = keystone.conf.CONF
   20 
   21 
   22 _identity_name = {
   23     'type': 'string',
   24     'minLength': 1,
   25     'maxLength': 255,
   26     'pattern': r'[\S]+'
   27 }
   28 
   29 # Schema for Identity v3 API
   30 
   31 _user_properties = {
   32     'default_project_id': validation.nullable(parameter_types.id_string),
   33     'description': validation.nullable(parameter_types.description),
   34     'domain_id': parameter_types.id_string,
   35     'enabled': parameter_types.boolean,
   36     'federated': {
   37         'type': 'array',
   38         'items':
   39             {
   40                 'type': 'object',
   41                 'properties': {
   42                     'idp_id': {'type': 'string'},
   43                     'protocols': {
   44                         'type': 'array',
   45                         'items':
   46                             {
   47                                 'type': 'object',
   48                                 'properties': {
   49                                     'protocol_id': {'type': 'string'},
   50                                     'unique_id': {'type': 'string'}
   51                                 },
   52                                 'required': ['protocol_id', 'unique_id']
   53                             },
   54                         'minItems': 1
   55                     }
   56                 },
   57                 'required': ['idp_id', 'protocols']
   58             },
   59     },
   60     'name': _identity_name,
   61     'password': {
   62         'type': ['string', 'null']
   63     },
   64     'options': ro.USER_OPTIONS_REGISTRY.json_schema
   65 }
   66 
   67 # TODO(notmorgan): Provide a mechanism for options to supply real jsonschema
   68 # validation based upon the option object and the option validator(s)
   69 user_create = {
   70     'type': 'object',
   71     'properties': _user_properties,
   72     'required': ['name'],
   73     'options': {
   74         'type': 'object'
   75     },
   76     'additionalProperties': True
   77 }
   78 
   79 user_update = {
   80     'type': 'object',
   81     'properties': _user_properties,
   82     'minProperties': 1,
   83     'options': {
   84         'type': 'object'
   85     },
   86     'additionalProperties': True
   87 }
   88 
   89 _group_properties = {
   90     'description': validation.nullable(parameter_types.description),
   91     'domain_id': parameter_types.id_string,
   92     'name': _identity_name
   93 }
   94 
   95 group_create = {
   96     'type': 'object',
   97     'properties': _group_properties,
   98     'required': ['name'],
   99     'additionalProperties': True
  100 }
  101 
  102 group_update = {
  103     'type': 'object',
  104     'properties': _group_properties,
  105     'minProperties': 1,
  106     'additionalProperties': True
  107 }
  108 
  109 _password_change_properties = {
  110     'original_password': {
  111         'type': 'string'
  112     },
  113     'password': {
  114         'type': 'string'
  115     }
  116 }
  117 if getattr(CONF, 'strict_password_check', None):
  118     _password_change_properties['password']['maxLength'] = \
  119         CONF.identity.max_password_length
  120 
  121 if getattr(CONF, 'security_compliance', None):
  122     if getattr(CONF.security_compliance, 'password_regex', None):
  123         _password_change_properties['password']['pattern'] = \
  124             CONF.security_compliance.password_regex
  125 
  126 password_change = {
  127     'type': 'object',
  128     'properties': _password_change_properties,
  129     'required': ['original_password', 'password'],
  130     'additionalProperties': False
  131 }