2b846515f3
This patch supports using domain scoped tokens against keystone v3. Use Cases: Cloud Admin - view and manage identity resources across domains Domain Admin - view and manage identity resources in the domain logged in User - view identity project in the domain logged in Regression: Supports keystone v2 through local_settings.py configuration Supports keystone v3 with multidomain = False Supports keystone v3 with mulitdomain = True Relates to https://review.openstack.org/#/c/141153/ Background on how to test is here https://wiki.openstack.org/wiki/Horizon/DomainWorkFlow Co-Authored-By: Brad Pokorny <Brad_Pokorny@symantec.com> Co-Authored-By: Brian Tully <brian.tully@hp.com> Co-Authored-By: Michael Hagedorn <mike.hagedorn@hp.com> Co-Authored-By: woomatt <matt.wood@hp.com> Partially Implements: blueprint domain-scoped-tokens Closes-Bug: #1413851 Change-Id: Iaa19bfef9b0c70304ff81d083c62b218b2d02479
60 lines
1.9 KiB
Python
60 lines
1.9 KiB
Python
# Copyright 2012 Nebula, Inc.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
from django.conf import settings
|
|
from django import shortcuts
|
|
import django.views.decorators.vary
|
|
|
|
import horizon
|
|
from horizon import base
|
|
from horizon import exceptions
|
|
from horizon import notifications
|
|
|
|
|
|
MESSAGES_PATH = getattr(settings, 'MESSAGES_PATH', None)
|
|
|
|
|
|
def get_user_home(user):
|
|
dashboard = None
|
|
if user.is_superuser:
|
|
try:
|
|
dashboard = horizon.get_dashboard('admin')
|
|
except base.NotRegistered:
|
|
pass
|
|
|
|
if dashboard is None:
|
|
dashboard = horizon.get_default_dashboard()
|
|
|
|
# Domain Admin, Project Admin will default to identity
|
|
if (user.token.project.get('id') is None or
|
|
(user.is_superuser and user.token.project.get('id'))):
|
|
dashboard = horizon.get_dashboard('identity')
|
|
|
|
return dashboard.get_absolute_url()
|
|
|
|
|
|
@django.views.decorators.vary.vary_on_cookie
|
|
def splash(request):
|
|
if not request.user.is_authenticated():
|
|
raise exceptions.NotAuthenticated()
|
|
|
|
response = shortcuts.redirect(horizon.get_user_home(request.user))
|
|
if 'logout_reason' in request.COOKIES:
|
|
response.delete_cookie('logout_reason')
|
|
# Display Message of the Day message from the message files
|
|
# located in MESSAGES_PATH
|
|
if MESSAGES_PATH:
|
|
notifications.process_message_notification(request, MESSAGES_PATH)
|
|
return response
|