openstack/django_openstack_auth
Code Issues Proposed changes

Merge "Cleanup doc warnings and enforce warning-is-error in sphinx"

Browse Source
This commit is contained in:
Jenkins 2017-03-24 17:49:10 +00:00 committed by Gerrit Code Review
commit 27a1b7a312
5 changed files with 29 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/source/conf.py
View File

@ -113,7 +113,7 @@ html_theme = 'default'
# Add any paths that contain custom static files (such as style sheets) here, # Add any paths that contain custom static files (such as style sheets) here,
# relative to this directory. They are copied after the builtin static files, # relative to this directory. They are copied after the builtin static files,
# so a file named "default.css" will overwrite the builtin "default.css". # so a file named "default.css" will overwrite the builtin "default.css".
html_static_path = ['_static'] #html_static_path = []
# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, # If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
# using the given strftime format. # using the given strftime format.

5
openstack_auth/backend.py
View File

@ -68,8 +68,11 @@ class KeystoneBackend(object):
If authenticated, this return the user object based on the user ID If authenticated, this return the user object based on the user ID
and session data. and session data.
Note: this required monkey-patching the ``contrib.auth`` middleware .. note::
This required monkey-patching the ``contrib.auth`` middleware
to make the ``request`` object available to the auth backend class. to make the ``request`` object available to the auth backend class.
""" """
if (hasattr(self, 'request') and if (hasattr(self, 'request') and
user_id == self.request.session["user_id"]): user_id == self.request.session["user_id"]):

9
openstack_auth/user.py
View File

@ -259,7 +259,8 @@ class User(models.AbstractBaseUser, models.AnonymousUser):
def is_token_expired(self, margin=None): def is_token_expired(self, margin=None):
"""Determine if the token is expired. """Determine if the token is expired.
Returns ``True`` if the token is expired, ``False`` if not, and :returns:
``True`` if the token is expired, ``False`` if not, and
``None`` if there is no token set. ``None`` if there is no token set.
:param margin: :param margin:
@ -287,7 +288,7 @@ class User(models.AbstractBaseUser, models.AnonymousUser):
def is_anonymous(self): def is_anonymous(self):
"""Return if the user is not authenticated. """Return if the user is not authenticated.
Returns ``True`` if not authenticated,``False`` otherwise. :returns: ``True`` if not authenticated,``False`` otherwise.
""" """
return deprecation.CallableBool(not self.is_authenticated) return deprecation.CallableBool(not self.is_authenticated)
else: else:
@ -307,7 +308,7 @@ class User(models.AbstractBaseUser, models.AnonymousUser):
def is_anonymous(self, margin=None): def is_anonymous(self, margin=None):
"""Return if the user is not authenticated. """Return if the user is not authenticated.
Returns ``True`` if not authenticated,``False`` otherwise. :returns: ``True`` if not authenticated,``False`` otherwise.
:param margin: :param margin:
A security time margin in seconds before end of an eventual A security time margin in seconds before end of an eventual
@ -327,7 +328,7 @@ class User(models.AbstractBaseUser, models.AnonymousUser):
def is_superuser(self): def is_superuser(self):
"""Evaluates whether this user has admin privileges. """Evaluates whether this user has admin privileges.
Returns ``True`` or ``False``. :returns: ``True`` or ``False``.
""" """
admin_roles = utils.get_admin_roles() admin_roles = utils.get_admin_roles()
user_roles = {role['name'].lower() for role in self.roles} user_roles = {role['name'].lower() for role in self.roles}

18
openstack_auth/utils.py
View File

@ -186,6 +186,7 @@ def get_websso_url(request, auth_url, websso_auth):
:type websso_auth: string :type websso_auth: string
Example of horizon WebSSO setting:: Example of horizon WebSSO setting::
WEBSSO_CHOICES = ( WEBSSO_CHOICES = (
("credentials", "Keystone Credentials"), ("credentials", "Keystone Credentials"),
("oidc", "OpenID Connect"), ("oidc", "OpenID Connect"),
@ -207,12 +208,14 @@ def get_websso_url(request, auth_url, websso_auth):
The value in WEBSSO_IDP_MAPPING is expected to be a tuple formatted as The value in WEBSSO_IDP_MAPPING is expected to be a tuple formatted as
(<idp_id>, <protocol_id>). Using the values found, a IdP/protocol (<idp_id>, <protocol_id>). Using the values found, a IdP/protocol
specific URL will be constructed: specific URL will be constructed:
/auth/OS-FEDERATION/identity_providers/<idp_id> /auth/OS-FEDERATION/identity_providers/<idp_id>
/protocols/<protocol_id>/websso /protocols/<protocol_id>/websso
If no value is found from the WEBSSO_IDP_MAPPING dictionary, it will If no value is found from the WEBSSO_IDP_MAPPING dictionary, it will
treat the value as the global WebSSO protocol <protocol_id> and treat the value as the global WebSSO protocol <protocol_id> and
construct the WebSSO URL by: construct the WebSSO URL by:
/auth/OS-FEDERATION/websso/<protocol_id> /auth/OS-FEDERATION/websso/<protocol_id>
:returns: Keystone WebSSO endpoint. :returns: Keystone WebSSO endpoint.
@ -436,12 +439,14 @@ def using_cookie_backed_sessions():
def get_admin_roles(): def get_admin_roles():
"""Common function for getting the admin roles from settings """Common function for getting the admin roles from settings
Returns: :return:
Set object including all admin roles. Set object including all admin roles.
If there is no role, this will return empty. If there is no role, this will return empty::
{ {
"foo", "bar", "admin" "foo", "bar", "admin"
} }
""" """
admin_roles = {role.lower() for role admin_roles = {role.lower() for role
in getattr(settings, 'OPENSTACK_KEYSTONE_ADMIN_ROLES', in getattr(settings, 'OPENSTACK_KEYSTONE_ADMIN_ROLES',
@ -454,9 +459,10 @@ def get_role_permission(role):
This format is 'openstack.roles.xxx' and 'xxx' is a real role name. This format is 'openstack.roles.xxx' and 'xxx' is a real role name.
Returns: :returns:
String like "openstack.roles.admin" String like "openstack.roles.admin"
If role is None, this will return None. If role is None, this will return None.
""" """
return "openstack.roles.%s" % role.lower() return "openstack.roles.%s" % role.lower()
@ -466,14 +472,16 @@ def get_admin_permissions():
This format is 'openstack.roles.xxx' and 'xxx' is a real role name. This format is 'openstack.roles.xxx' and 'xxx' is a real role name.
Returns: :returns:
Set object including all admin permission. Set object including all admin permission.
If there is no permission, this will return empty. If there is no permission, this will return empty::
{ {
"openstack.roles.foo", "openstack.roles.foo",
"openstack.roles.bar", "openstack.roles.bar",
"openstack.roles.admin" "openstack.roles.admin"
} }
""" """
return {get_role_permission(role) for role in get_admin_roles()} return {get_role_permission(role) for role in get_admin_roles()}

3
setup.cfg
View File

@ -29,7 +29,8 @@ packages =
openstack_auth openstack_auth
[build_sphinx] [build_sphinx]
all_files = 1 all-files = 1
warning-is-error = 1
build-dir = doc/build build-dir = doc/build
source-dir = doc/source source-dir = doc/source