common Package

authorization Module

base64utils Module

config Module

controller Module

dependency Module

driver_hints Module

class keystone.common.driver_hints.Hints[source]

Bases: object

Encapsulate driver hints for listing entities.

Hints are modifiers that affect the return of entities from a list_<entities> operation. They are typically passed to a driver to give direction as to what filtering, pagination or list limiting actions are being requested.

It is optional for a driver to action some or all of the list hints, but any filters that it does satisfy must be marked as such by calling removing the filter from the list.

A Hint object contains filters, which is a list of dicts that can be accessed publicly. Also it contains a dict called limit, which will indicate the amount of data we want to limit our listing to.

Each filter term consists of:

  • name: the name of the attribute being matched

  • value: the value against which it is being matched

  • comparator: the operation, which can be one of equals,

    startswith or endswith

  • case_sensitive: whether any comparison should take account of

    case

  • type: will always be ‘filter’

add_filter(name, value, comparator='equals', case_sensitive=False)[source]

Adds a filter to the filters list, which is publicly accessible.

get_exact_filter_by_name(name)[source]

Return a filter key and value if exact filter exists for name.

set_limit(limit, truncated=False)[source]

Set a limit to indicate the list should be truncated.

extension Module

keystone.common.extension.register_admin_extension(url_prefix, extension_data)[source]

Register extension with collection of admin extensions.

Extensions register the information here that will show up in the /extensions page as a way to indicate that the extension is active.

url_prefix: unique key for the extension that will appear in the
urls generated by the extension.
extension_data is a dictionary. The expected fields are:
‘name’: short, human readable name of the extension ‘namespace’: xml namespace ‘alias’: identifier for the extension ‘updated’: date the extension was last updated ‘description’: text description of the extension ‘links’: hyperlinks to documents describing the extension
keystone.common.extension.register_public_extension(url_prefix, extension_data)[source]

Same as register_admin_extension but for public extensions.

json_home Module

class keystone.common.json_home.Parameters[source]

Bases: object

Relationships for Common parameters.

DOMAIN_ID = 'http://docs.openstack.org/api/openstack-identity/3/param/domain_id'
ENDPOINT_ID = 'http://docs.openstack.org/api/openstack-identity/3/param/endpoint_id'
GROUP_ID = 'http://docs.openstack.org/api/openstack-identity/3/param/group_id'
POLICY_ID = 'http://docs.openstack.org/api/openstack-identity/3/param/policy_id'
PROJECT_ID = 'http://docs.openstack.org/api/openstack-identity/3/param/project_id'
REGION_ID = 'http://docs.openstack.org/api/openstack-identity/3/param/region_id'
ROLE_ID = 'http://docs.openstack.org/api/openstack-identity/3/param/role_id'
SERVICE_ID = 'http://docs.openstack.org/api/openstack-identity/3/param/service_id'
USER_ID = 'http://docs.openstack.org/api/openstack-identity/3/param/user_id'
keystone.common.json_home.build_v3_extension_parameter_relation(extension_name, extension_version, parameter_name)[source]
keystone.common.json_home.build_v3_extension_resource_relation(extension_name, extension_version, resource_name)[source]
keystone.common.json_home.build_v3_parameter_relation(parameter_name)[source]
keystone.common.json_home.build_v3_resource_relation(resource_name)[source]
keystone.common.json_home.translate_urls(json_home, new_prefix)[source]

Given a JSON Home document, sticks new_prefix on each of the urls.

manager Module

class keystone.common.manager.Manager(driver_name)[source]

Bases: object

Base class for intermediary request layer.

The Manager layer exists to support additional logic that applies to all or some of the methods exposed by a service that are not specific to the HTTP interface.

It also provides a stable entry point to dynamic backends.

An example of a probable use case is logging all the calls.

keystone.common.manager.response_truncated(f)[source]

Truncate the list returned by the wrapped function.

This is designed to wrap Manager list_{entity} methods to ensure that any list limits that are defined are passed to the driver layer. If a hints list is provided, the wrapper will insert the relevant limit into the hints so that the underlying driver call can try and honor it. If the driver does truncate the response, it will update the ‘truncated’ attribute in the ‘limit’ entry in the hints list, which enables the caller of this function to know if truncation has taken place. If, however, the driver layer is unable to perform truncation, the ‘limit’ entry is simply left in the hints list for the caller to handle.

A _get_list_limit() method is required to be present in the object class hierarchy, which returns the limit for this backend to which we will truncate.

If a hints list is not provided in the arguments of the wrapped call then any limits set in the config file are ignored. This allows internal use of such wrapped methods where the entire data set is needed as input for the calculations of some other API (e.g. get role assignments for a given project).

models Module

Base model for keystone internal services

Unless marked otherwise, all fields are strings.

class keystone.common.models.Domain[source]

Bases: keystone.common.models.Model

Domain object.

Required keys:
id name

Optional keys:

description enabled (bool, default True)
optional_keys = ('description', 'enabled')
required_keys = ('id', 'name')
class keystone.common.models.Endpoint[source]

Bases: keystone.common.models.Model

Endpoint object

Required keys:
id region service_id
Optional keys:
internalurl publicurl adminurl
optional_keys = ('internalurl', 'publicurl', 'adminurl')
required_keys = ('id', 'region', 'service_id')
class keystone.common.models.Group[source]

Bases: keystone.common.models.Model

Group object.

Required keys:
id name domain_id

Optional keys:

description
optional_keys = ('description',)
required_keys = ('id', 'name', 'domain_id')
class keystone.common.models.Model[source]

Bases: dict

Base model class.

known_keys[source]
class keystone.common.models.Project[source]

Bases: keystone.common.models.Model

Project object.

Required keys:
id name domain_id
Optional Keys:
description enabled (bool, default True)
optional_keys = ('description', 'enabled')
required_keys = ('id', 'name', 'domain_id')
class keystone.common.models.Role[source]

Bases: keystone.common.models.Model

Role object.

Required keys:
id name
optional_keys = ()
required_keys = ('id', 'name')
class keystone.common.models.Service[source]

Bases: keystone.common.models.Model

Service object.

Required keys:
id type name

Optional keys:

optional_keys = ()
required_keys = ('id', 'type', 'name')
class keystone.common.models.Token[source]

Bases: keystone.common.models.Model

Token object.

Required keys:
id expires (datetime)
Optional keys:
user tenant metadata trust_id
optional_keys = ('extra',)
required_keys = ('id', 'expires')
class keystone.common.models.Trust[source]

Bases: keystone.common.models.Model

Trust object.

Required keys:
id trustor_user_id trustee_user_id project_id
optional_keys = ('expires_at',)
required_keys = ('id', 'trustor_user_id', 'trustee_user_id', 'project_id')
class keystone.common.models.User[source]

Bases: keystone.common.models.Model

User object.

Required keys:
id name domain_id
Optional keys:
password description email enabled (bool, default True) default_project_id
optional_keys = ('password', 'description', 'email', 'enabled', 'default_project_id')
required_keys = ('id', 'name', 'domain_id')

openssl Module

pemutils Module

router Module

serializer Module

utils Module

wsgi Module