keystone 負責登錄與權限控管.
這裏整理了python 程式的class 與def 宣告,
由名稱就可大致了解他做了哪些事.
第一部份先顯示\keystone\assignment:
OpenStack Study: keystone
OpenStack Index
\OpenStack\keystone-2014.1\keystone\assignment\backends\kvs.py
class Assignment(kvs.Base, assignment.Driver):def get_project(self, tenant_id):
def _build_project_refs(self):
def list_projects(self, hints):
def list_projects_in_domain(self, domain_id):
def get_project_by_name(self, tenant_name, domain_id):
def list_user_ids_for_project(self, tenant_id):
def _get_metadata(self, user_id=None, tenant_id=None, domain_id=None, group_id=None):
def get_role(self, role_id):
def list_roles(self, hints):
def _list_roles(self):
def list_projects_for_user(self, user_id, group_ids, hints):
def get_roles_for_groups(self, group_ids, project_id=None, domain_id=None):
def list_projects_for_groups(self, group_ids):
def list_domains_for_groups(self, group_ids):
def add_role_to_user_and_project(self, user_id, tenant_id, role_id):
def remove_role_from_user_and_project(self, user_id, tenant_id, role_id):
def list_role_assignments(self):
def create_project(self, tenant_id, tenant):
def update_project(self, tenant_id, tenant):
def delete_project(self, tenant_id):
def _create_metadata(self, user_id, tenant_id, metadata, domain_id=None, group_id=None):
def _update_metadata(self, user_id, tenant_id, metadata, domain_id=None, group_id=None):
def create_role(self, role_id, role):
def update_role(self, role_id, role):
def delete_role(self, role_id):
def create_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def list_grants(self, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def get_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def delete_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def create_domain(self, domain_id, domain):
def list_domains(self, hints):
def get_domain(self, domain_id):
def get_domain_by_name(self, domain_name):
def update_domain(self, domain_id, domain):
def delete_domain(self, domain_id):
def delete_user(self, user_id):
def delete_group(self, group_id):
\OpenStack\keystone-2014.1\keystone\assignment\backends\ldap.py
class Assignment(assignment.Driver):def __init__(self):
def get_project(self, tenant_id):
def list_projects(self, hints):
def list_projects_in_domain(self, domain_id):
def get_project_by_name(self, tenant_name, domain_id):
def create_project(self, tenant_id, tenant):
def update_project(self, tenant_id, tenant):
def _get_metadata(self, user_id=None, tenant_id=None, domain_id=None, group_id=None):
def _get_roles_for_just_user_and_project(user_id, tenant_id):
def _get_roles_for_group_and_project(group_id, project_id):
def get_role(self, role_id):
def list_roles(self, hints):
def list_projects_for_user(self, user_id, group_ids, hints):
def get_roles_for_groups(self, group_ids, project_id=None, domain_id=None):
def list_projects_for_groups(self, group_ids):
def list_domains_for_groups(self, group_ids):
def list_user_ids_for_project(self, tenant_id):
def _subrole_id_to_dn(self, role_id, tenant_id):
def add_role_to_user_and_project(self, user_id, tenant_id, role_id):
def _add_role_to_group_and_project(self, group_id, tenant_id, role_id):
def create_role(self, role_id, role):
def delete_role(self, role_id):
def delete_project(self, tenant_id):
def remove_role_from_user_and_project(self, user_id, tenant_id, role_id):
def _remove_role_from_group_and_project(self, group_id, tenant_id, role_id):
def update_role(self, role_id, role):
def create_domain(self, domain_id, domain):
def get_domain(self, domain_id):
def update_domain(self, domain_id, domain):
def delete_domain(self, domain_id):
def list_domains(self, hints):
def delete_user(self, user_id):
def delete_group(self, group_id):
def create_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def get_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def delete_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def list_grants(self, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def get_domain_by_name(self, domain_name):
def list_role_assignments(self):
class ProjectApi(common_ldap.EnabledEmuMixIn, common_ldap.BaseLdap):
def __init__(self, conf):
def create(self, values):
def get_user_projects(self, user_dn, associations):
def add_user(self, tenant_id, user_dn):
def remove_user(self, tenant_id, user_dn, user_id):
def get_user_dns(self, tenant_id, rolegrants, role_dn=None):
def update(self, project_id, values):
class UserRoleAssociation(object):
def __init__(self, user_dn=None, role_dn=None, tenant_dn=None, *args, **kw):
class GroupRoleAssociation(object):
def __init__(self, group_dn=None, role_dn=None, tenant_dn=None, *args, **kw):
class RoleApi(common_ldap.BaseLdap):
def __init__(self, conf):
def get(self, role_id, role_filter=None):
def create(self, values):
def add_user(self, role_id, role_dn, user_dn, user_id, tenant_id=None):
def delete_user(self, role_dn, user_dn, tenant_dn, user_id, role_id):
def get_role_assignments(self, tenant_dn):
def list_global_roles_for_user(self, user_dn):
def list_project_roles_for_user(self, user_dn, project_subtree):
def roles_delete_subtree_by_project(self, tenant_dn):
def update(self, role_id, role):
def delete(self, role_id, tenant_dn):
def list_role_assignments(self, project_tree_dn):
\OpenStack\keystone-2014.1\keystone\assignment\backends\sql.py
class Assignment(assignment.Driver):def db_sync(self, version=None):
def _get_project(self, session, project_id):
def get_project(self, tenant_id):
def get_project_by_name(self, tenant_name, domain_id):
def list_user_ids_for_project(self, tenant_id):
def _get_metadata(self, user_id=None, tenant_id=None, domain_id=None, group_id=None, session=None):
def create_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def calculate_type(user_id, group_id, project_id, domain_id):
def list_grants(self, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def _build_grant_filter(self, session, role_id, user_id, group_id, domain_id, project_id, inherited_to_projects):
def get_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def delete_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def list_projects(self, hints):
def list_projects_in_domain(self, domain_id):
def list_projects_for_user(self, user_id, group_ids, hints):
def _project_ids_to_dicts(session, ids):
def get_roles_for_groups(self, group_ids, project_id=None, domain_id=None):
def _list_entities_for_groups(self, group_ids, entity):
def list_projects_for_groups(self, group_ids):
def list_domains_for_groups(self, group_ids):
def add_role_to_user_and_project(self, user_id, tenant_id, role_id):
def remove_role_from_user_and_project(self, user_id, tenant_id, role_id):
def list_role_assignments(self):
def denormalize_role(ref):
def create_project(self, tenant_id, tenant):
def update_project(self, tenant_id, tenant):
def delete_project(self, tenant_id):
def create_domain(self, domain_id, domain):
def list_domains(self, hints):
def _get_domain(self, session, domain_id):
def get_domain(self, domain_id):
def get_domain_by_name(self, domain_name):
def update_domain(self, domain_id, domain):
def delete_domain(self, domain_id):
def create_role(self, role_id, role):
def list_roles(self, hints):
def _get_role(self, session, role_id):
def get_role(self, role_id):
def update_role(self, role_id, role):
def delete_role(self, role_id):
def delete_user(self, user_id):
def delete_group(self, group_id):
class Domain(sql.ModelBase, sql.DictBase):
class Project(sql.ModelBase, sql.DictBase):
class Role(sql.ModelBase, sql.DictBase):
class RoleAssignment(sql.ModelBase, sql.DictBase):
def to_dict(self):
\OpenStack\keystone-2014.1\keystone\assignment\backends\__init__.py
\OpenStack\keystone-2014.1\keystone\assignment\controllers.py
class Tenant(controller.V2Controller):def get_all_projects(self, context, **kw):
def get_projects_for_token(self, context, **kw):
def get_project(self, context, tenant_id):
def get_project_by_name(self, context, tenant_name):
def create_project(self, context, tenant):
def update_project(self, context, tenant_id, tenant):
def delete_project(self, context, tenant_id):
def get_project_users(self, context, tenant_id, **kw):
def _format_project_list(self, tenant_refs, **kwargs):
class Role(controller.V2Controller):
def get_user_roles(self, context, user_id, tenant_id=None):
def get_role(self, context, role_id):
def create_role(self, context, role):
def delete_role(self, context, role_id):
def get_roles(self, context):
def add_role_to_user(self, context, user_id, role_id, tenant_id=None):
def remove_role_from_user(self, context, user_id, role_id, tenant_id=None):
def get_role_refs(self, context, user_id):
def create_role_ref(self, context, user_id, role):
def delete_role_ref(self, context, user_id, role_ref_id):
class DomainV3(controller.V3Controller):
def __init__(self):
def create_domain(self, context, domain):
def list_domains(self, context, filters):
def get_domain(self, context, domain_id):
def update_domain(self, context, domain_id, domain):
def delete_domain(self, context, domain_id):
class ProjectV3(controller.V3Controller):
def __init__(self):
def create_project(self, context, project):
def list_projects(self, context, filters):
def list_user_projects(self, context, filters, user_id):
def get_project(self, context, project_id):
def update_project(self, context, project_id, project):
def delete_project(self, context, project_id):
class RoleV3(controller.V3Controller):
def __init__(self):
def create_role(self, context, role):
def list_roles(self, context, filters):
def get_role(self, context, role_id):
def update_role(self, context, role_id, role):
def delete_role(self, context, role_id):
def _require_domain_xor_project(self, domain_id, project_id):
def _require_user_xor_group(self, user_id, group_id):
def _check_if_inherited(self, context):
def _check_grant_protection(self, context, protection, role_id=None, user_id=None, group_id=None, domain_id=None, project_id=None):
def create_grant(self, context, role_id, user_id=None, group_id=None, domain_id=None, project_id=None):
def list_grants(self, context, user_id=None, group_id=None, domain_id=None, project_id=None):
def check_grant(self, context, role_id, user_id=None, group_id=None, domain_id=None, project_id=None):
def revoke_grant(self, context, role_id, user_id=None, group_id=None, domain_id=None, project_id=None):
class RoleAssignmentV3(controller.V3Controller):
def wrap_member(cls, context, ref):
def _format_entity(self, context, entity):
def _expand_indirect_assignments(self, context, refs):
def _get_group_members(ref):
def _build_user_assignment_equivalent_of_group( user, group_id, template):
def _build_project_equivalent_of_user_domain_role( project_id, domain_id, template):
def _build_project_equivalent_of_group_domain_role( user_id, group_id, project_id, domain_id, template):
def _query_filter_is_true(self, filter_value):
def _filter_inherited(self, entry):
def list_role_assignments(self, context, filters):
def get_role_assignment(self, context):
def update_role_assignment(self, context):
def delete_role_assignment(self, context):
\OpenStack\keystone-2014.1\keystone\assignment\core.py
def calc_default_domain():class Manager(manager.Manager):
def __init__(self):
def create_project(self, tenant_id, tenant):
def _disable_project(self, tenant_id):
def update_project(self, tenant_id, tenant):
def delete_project(self, tenant_id):
def get_roles_for_user_and_project(self, user_id, tenant_id):
def _get_group_project_roles(user_id, project_ref):
def _get_user_project_roles(user_id, project_ref):
def get_roles_for_user_and_domain(self, user_id, domain_id):
def _get_group_domain_roles(user_id, domain_id):
def _get_user_domain_roles(user_id, domain_id):
def add_user_to_project(self, tenant_id, user_id):
def remove_user_from_project(self, tenant_id, user_id):
def list_projects_for_user(self, user_id, hints=None):
def get_domain(self, domain_id):
def get_domain_by_name(self, domain_name):
def create_domain(self, domain_id, domain):
def list_domains(self, hints=None):
def _disable_domain(self, domain_id):
def update_domain(self, domain_id, domain):
def delete_domain(self, domain_id):
def _delete_domain_contents(self, domain_id):
def list_projects(self, hints=None):
def list_projects_in_domain(self, domain_id):
def list_user_projects(self, user_id, hints=None):
def get_project(self, project_id):
def get_project_by_name(self, tenant_name, domain_id):
def get_role(self, role_id):
def create_role(self, role_id, role):
def list_roles(self, hints=None):
def update_role(self, role_id, role):
def delete_role(self, role_id):
def list_role_assignments_for_role(self, role_id=None):
def remove_role_from_user_and_project(self, user_id, tenant_id, role_id):
def delete_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def _delete_tokens_for_role(self, role_id):
class Driver(object):
def _role_to_dict(self, role_id, inherited):
def _roles_from_role_dicts(self, dict_list, inherited):
def _add_role_to_role_dicts(self, role_id, inherited, dict_list, allow_existing=True):
def _remove_role_from_role_dicts(self, role_id, inherited, dict_list):
def _get_list_limit(self):
def get_project_by_name(self, tenant_name, domain_id):
def list_user_ids_for_project(self, tenant_id):
def add_role_to_user_and_project(self, user_id, tenant_id, role_id):
def remove_role_from_user_and_project(self, user_id, tenant_id, role_id):
def create_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def list_grants(self, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def get_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def delete_grant(self, role_id, user_id=None, group_id=None, domain_id=None, project_id=None, inherited_to_projects=False):
def list_role_assignments(self):
def create_domain(self, domain_id, domain):
def list_domains(self, hints):
def get_domain(self, domain_id):
def get_domain_by_name(self, domain_name):
def update_domain(self, domain_id, domain):
def delete_domain(self, domain_id):
def create_project(self, project_id, project):
def list_projects(self, hints):
def list_projects_in_domain(self, domain_id):
def list_projects_for_user(self, user_id, group_ids, hints):
def get_roles_for_groups(self, group_ids, project_id=None, domain_id=None):
def list_projects_for_groups(self, group_ids):
def list_domains_for_groups(self, group_ids):
def get_project(self, project_id):
def update_project(self, project_id, project):
def delete_project(self, project_id):
def create_role(self, role_id, role):
def list_roles(self, hints):
def get_role(self, role_id):
def update_role(self, role_id, role):
def delete_role(self, role_id):
def delete_user(self, user_id):
def delete_group(self, group_id):
def _set_default_domain(self, ref):
def _validate_default_domain(self, ref):
def _validate_default_domain_id(self, domain_id):
\OpenStack\keystone-2014.1\keystone\assignment\routers.py
class Public(wsgi.ComposableRouter):def add_routes(self, mapper):
class Admin(wsgi.ComposableRouter):
def add_routes(self, mapper):
def append_v3_routers(mapper, routers):
沒有留言:
張貼留言