openstack/deb-python-django-openstack-auth
Code Issues Proposed changes

Fix H4xx docstring issues

Browse Source 
Completes blueprint openstack-hacking-compliant

Change-Id: Ib286972b65e0e3282db483718421f7f28e8c6cd1
This commit is contained in:
Akihiro Motoki
2014-04-03 06:17:05 +09:00
parent 95dffe082a
commit 58da8b38a9
9 changed files with 43 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
openstack_auth/backend.py
View File

@@ -67,7 +67,7 @@ class KeystoneBackend(object):
def authenticate(self, request=None, username=None, password=None,
user_domain_name=None, auth_url=None):
"""Authenticates a user via the Keystone Identity API. """
"""Authenticates a user via the Keystone Identity API."""
LOG.debug('Beginning user authentication for user "%s".' % username)
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
@@ -170,7 +170,7 @@ class KeystoneBackend(object):
return user
def get_group_permissions(self, user, obj=None):
"""Returns an empty set since Keystone doesn't support "groups". """
"""Returns an empty set since Keystone doesn't support "groups"."""
# Keystone V3 added "groups". The Auth token response includes the
# roles from the user's Group assignment. It should be fine just
# returning an empty set here.
@@ -196,7 +196,7 @@ class KeystoneBackend(object):
return role_perms | service_perms
def has_perm(self, user, perm, obj=None):
"""Returns True if the given user has the specified permission. """
"""Returns True if the given user has the specified permission."""
if not user.is_active:
return False
return perm in self.get_all_permissions(user, obj)

2
openstack_auth/exceptions.py
View File

@@ -13,5 +13,5 @@
class KeystoneAuthException(Exception):
""" Generic error class to identify and catch our own errors. """
"""Generic error class to identify and catch our own errors."""
pass

2
openstack_auth/forms.py
View File

@@ -27,7 +27,7 @@ LOG = logging.getLogger(__name__)
class Login(django_auth_forms.AuthenticationForm):
""" Form used for logging in a user.
"""Form used for logging in a user.
Handles authentication with Keystone by providing the domain name, username
and password. A scoped token is fetched after successful authentication.

4
openstack_auth/tests/data_v2.py
View File

@@ -24,12 +24,12 @@ from keystoneclient.v2_0 import users
class TestDataContainer(object):
""" Arbitrary holder for test data in an object-oriented fashion. """
"""Arbitrary holder for test data in an object-oriented fashion."""
pass
def generate_test_data():
''' Builds a set of test_data data as returned by Keystone V2. '''
'''Builds a set of test_data data as returned by Keystone V2.'''
test_data = TestDataContainer()
keystone_service = {

10
openstack_auth/tests/data_v3.py
View File

@@ -27,13 +27,15 @@ from keystoneclient.v3 import users
class TestDataContainer(object):
""" Arbitrary holder for test data in an object-oriented fashion. """
"""Arbitrary holder for test data in an object-oriented fashion."""
pass
class TestResponse(requests.Response):
""" Class used to wrap requests.Response and provide some
convenience to initialize with a dict """
"""Class used to wrap requests.Response.
It also provides some convenience to initialize with a dict.
"""
def __init__(self, data):
self._text = None
@@ -55,7 +57,7 @@ class TestResponse(requests.Response):
def generate_test_data():
''' Builds a set of test_data data as returned by Keystone V2. '''
'''Builds a set of test_data data as returned by Keystone V2.'''
test_data = TestDataContainer()
keystone_service = {

40
openstack_auth/user.py
View File

@@ -185,7 +185,8 @@ class User(models.AnonymousUser):
return "<%s: %s>" % (self.__class__.__name__, self.username)
def is_token_expired(self):
"""
"""Determine if the token is expired.
Returns ``True`` if the token is expired, ``False`` if not, and
``None`` if there is no token set.
"""
@@ -194,13 +195,14 @@ class User(models.AnonymousUser):
return not utils.check_token_expiration(self.token)
def is_authenticated(self):
""" Checks for a valid token that has not yet expired. """
"""Checks for a valid token that has not yet expired."""
return (self.token is not None and
utils.check_token_expiration(self.token))
def is_anonymous(self):
"""
Returns ``True`` if the user is not authenticated,``False`` otherwise.
"""Return if the user is not authenticated.
Returns ``True`` if not authenticated,``False`` otherwise.
"""
return not self.is_authenticated()
@@ -210,15 +212,15 @@ class User(models.AnonymousUser):
@property
def is_superuser(self):
"""
Evaluates whether this user has admin privileges. Returns
``True`` or ``False``.
"""Evaluates whether this user has admin privileges.
Returns ``True`` or ``False``.
"""
return 'admin' in [role['name'].lower() for role in self.roles]
@property
def authorized_tenants(self):
""" Returns a memoized list of tenants this user may access. """
"""Returns a memoized list of tenants this user may access."""
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
ca_cert = getattr(settings, "OPENSTACK_SSL_CACERT", None)
@@ -243,9 +245,9 @@ class User(models.AnonymousUser):
self._authorized_tenants = tenant_list
def default_services_region(self):
"""
Returns the first endpoint region for first non-identity service
in the service catalog
"""Returns the first endpoint region for first non-identity service.
Extracted from the service catalog.
"""
if self.service_catalog:
for service in self.service_catalog:
@@ -265,9 +267,7 @@ class User(models.AnonymousUser):
@property
def available_services_regions(self):
"""
Returns list of unique region name values found in service catalog
"""
"""Returns list of unique region name values in service catalog."""
regions = []
if self.service_catalog:
for service in self.service_catalog:
@@ -289,10 +289,10 @@ class User(models.AnonymousUser):
# Check for OR'd permission rules, check that user has one of the
# required permission.
def has_a_matching_perm(self, perm_list, obj=None):
"""
Returns True if the user has one of the specified permissions. If
object is passed, it checks if the user has any of the required perms
for this object.
"""Returns True if the user has one of the specified permissions.
If object is passed, it checks if the user has any of the required
perms for this object.
"""
# If there are no permissions to check, just return true
if not perm_list:
@@ -316,8 +316,8 @@ class User(models.AnonymousUser):
# ('openstack.roles.admin', ('openstack.roles.L3-support',
# 'openstack.roles.L2-support'),)
def has_perms(self, perm_list, obj=None):
"""
Returns True if the user has all of the specified permissions.
"""Returns True if the user has all of the specified permissions.
Tuples in the list will possess the required permissions if
the user has a permissions matching one of the elements of
that tuple

7
openstack_auth/utils.py
View File

@@ -60,7 +60,7 @@ def patch_middleware_get_user():
def check_token_expiration(token):
""" Timezone-aware checking of the auth token's expiration timestamp.
"""Timezone-aware checking of the auth token's expiration timestamp.
Returns ``True`` if the token has not yet expired, otherwise ``False``.
"""
@@ -80,10 +80,9 @@ def check_token_expiration(token):
# Added in Django 1.4.3, 1.5b2
# Vendored here for compatibility with old Django versions.
def is_safe_url(url, host=None):
"""
Return ``True`` if the url is a safe redirection (i.e. it doesn't point to
a different host).
"""Return ``True`` if the url is a safe redirection.
The safe redirection means that it doesn't point to a different host.
Always returns ``False`` on an empty url.
"""
if not url:

11
openstack_auth/views.py
View File

@@ -49,7 +49,7 @@ LOG = logging.getLogger(__name__)
@csrf_protect
@never_cache
def login(request):
""" Logs a user in using the :class:`~openstack_auth.forms.Login` form. """
"""Logs a user in using the :class:`~openstack_auth.forms.Login` form."""
# If the user is already authenticated, redirect them to the
# dashboard straight away, unless the 'next' parameter is set as it
# usually indicates requesting access to a page that requires different
@@ -140,7 +140,7 @@ def delete_token(endpoint, token_id):
@login_required
def switch(request, tenant_id, redirect_field_name=auth.REDIRECT_FIELD_NAME):
""" Switches an authenticated user from one project to another. """
"""Switches an authenticated user from one project to another."""
LOG.debug('Switching to tenant %s for user "%s".'
% (tenant_id, request.user.username))
insecure = getattr(settings, 'OPENSTACK_SSL_NO_VERIFY', False)
@@ -188,9 +188,10 @@ def switch(request, tenant_id, redirect_field_name=auth.REDIRECT_FIELD_NAME):
@login_required
def switch_region(request, region_name,
redirect_field_name=auth.REDIRECT_FIELD_NAME):
"""
Switches the non-identity services region that is being managed
for the scoped project.
"""Switches the user's region for all services except Identity service.
The region will be switched if the given region is one of the regions
available for the scoped project. Otherwise the region is not switched.
"""
if region_name in request.user.available_services_regions:
request.session['services_region'] = region_name

3
tox.ini
View File

@@ -41,9 +41,8 @@ downloadcache = ~/cache/pip
[flake8]
builtins = _
exclude = .venv,.git,.tox,dist,doc,*openstack/common*,*lib/python*,*egg,build,panel_template,dash_template,local_settings.py
# H4xx docstrings
# H803 git commit title should not end with period (disabled on purpose, see bug #1236621)
ignore = H4,H803
ignore = H803
[hacking]
import_exceptions = django.conf.settings,