openstack/keystone
Code Issues Proposed changes

Tenant to Project in Back ends

Browse Source 
A continuation of the process to convert the term tenant
to project.  These changes should only be visible in the
error messages produced, but should otherwise be
undetectable by calling programs.

Removes the TenantNotFound exception which propagates changes through
the code that calls the backends as well

Change-Id: I998a44bfd6aa85f67d58904bd7af25a56c73d48a
This commit is contained in:
Adam Young 2013-01-25 14:03:13 -05:00
parent ac1ed367f6
commit 31660b119e
14 changed files with 113 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
keystone/common/models.py
View File

@ -116,8 +116,8 @@ class Group(Model):
optional_keys = ('domain_id', 'description')
class Tenant(Model):
"""Tenant object.
class Project(Model):
"""Project object.
Required keys:
id

6
keystone/contrib/ec2/core.py
View File

@ -334,12 +334,12 @@ class Ec2Controller(controller.V2Controller):
"""Ensure a valid tenant id.
:param context: standard context
:param user_id: expected credential owner
:raises exception.UserNotFound: on failure
:param tenant_id: expected tenant
:raises exception.ProjectNotFound: on failure
"""
tenant_ref = self.identity_api.get_tenant(
context=context,
tenant_id=tenant_id)
if not tenant_ref:
raise exception.TenantNotFound(tenant_id=tenant_id)
raise exception.ProjectNotFound(project_id=tenant_id)

6
keystone/exception.py
View File

@ -143,11 +143,7 @@ class DomainNotFound(NotFound):
"""Could not find domain: %(domain_id)s"""
class TenantNotFound(NotFound):
"""Could not find tenant: %(tenant_id)s"""
class ProjectNotFound(TenantNotFound):
class ProjectNotFound(NotFound):
"""Could not find project: %(project_id)s"""

14
keystone/identity/backends/kvs.py
View File

@ -49,7 +49,7 @@ class Identity(kvs.Base, identity.Driver):
try:
tenant_ref = self.get_tenant(tenant_id)
metadata_ref = self.get_metadata(user_id, tenant_id)
except exception.TenantNotFound:
except exception.ProjectNotFound:
tenant_ref = None
metadata_ref = {}
except exception.MetadataNotFound:
@ -61,7 +61,7 @@ class Identity(kvs.Base, identity.Driver):
try:
return self.db.get('tenant-%s' % tenant_id)
except exception.NotFound:
raise exception.TenantNotFound(tenant_id=tenant_id)
raise exception.ProjectNotFound(project_id=tenant_id)
def get_tenants(self):
tenant_keys = filter(lambda x: x.startswith("tenant-"), self.db.keys())
@ -71,7 +71,7 @@ class Identity(kvs.Base, identity.Driver):
try:
return self.db.get('tenant_name-%s' % tenant_name)
except exception.NotFound:
raise exception.TenantNotFound(tenant_id=tenant_name)
raise exception.ProjectNotFound(project_id=tenant_name)
def get_tenant_users(self, tenant_id):
self.get_tenant(tenant_id)
@ -287,7 +287,7 @@ class Identity(kvs.Base, identity.Driver):
tenant['name'] = clean.tenant_name(tenant['name'])
try:
self.get_tenant(tenant_id)
except exception.TenantNotFound:
except exception.ProjectNotFound:
pass
else:
msg = 'Duplicate ID, %s.' % tenant_id
@ -295,7 +295,7 @@ class Identity(kvs.Base, identity.Driver):
try:
self.get_tenant_by_name(tenant['name'])
except exception.TenantNotFound:
except exception.ProjectNotFound:
pass
else:
msg = 'Duplicate name, %s.' % tenant['name']
@ -319,7 +319,7 @@ class Identity(kvs.Base, identity.Driver):
try:
old_tenant = self.db.get('tenant-%s' % tenant_id)
except exception.NotFound:
raise exception.TenantNotFound(tenant_id=tenant_id)
raise exception.ProjectNotFound(project_id=tenant_id)
new_tenant = old_tenant.copy()
new_tenant.update(tenant)
new_tenant['id'] = tenant_id
@ -332,7 +332,7 @@ class Identity(kvs.Base, identity.Driver):
try:
old_tenant = self.db.get('tenant-%s' % tenant_id)
except exception.NotFound:
raise exception.TenantNotFound(tenant_id=tenant_id)
raise exception.ProjectNotFound(project_id=tenant_id)
self.db.delete('tenant_name-%s' % old_tenant['name'])
self.db.delete('tenant-%s' % tenant_id)

76
keystone/identity/backends/ldap/core.py
View File

@ -41,7 +41,7 @@ class Identity(identity.Driver):
self.suffix = CONF.ldap.suffix
self.user = UserApi(CONF)
self.tenant = TenantApi(CONF)
self.tenant = ProjectApi(CONF)
self.role = RoleApi(CONF)
self.group = GroupApi(CONF)
@ -89,7 +89,7 @@ class Identity(identity.Driver):
# TODO(termie): this should probably be made into a
# get roles call
metadata_ref = self.get_metadata(user_id, tenant_id)
except exception.TenantNotFound:
except exception.ProjectNotFound:
tenant_ref = None
metadata_ref = {}
except exception.MetadataNotFound:
@ -101,7 +101,7 @@ class Identity(identity.Driver):
try:
return self.tenant.get(tenant_id)
except exception.NotFound:
raise exception.TenantNotFound(tenant_id=tenant_id)
raise exception.ProjectNotFound(project_id=tenant_id)
def get_tenants(self):
return self.tenant.get_all()
@ -110,7 +110,7 @@ class Identity(identity.Driver):
try:
return self.tenant.get_by_name(tenant_name)
except exception.NotFound:
raise exception.TenantNotFound(tenant_id=tenant_name)
raise exception.ProjectNotFound(project_id=tenant_name)
def _get_user(self, user_id):
try:
@ -240,7 +240,7 @@ class Identity(identity.Driver):
try:
return self.tenant.delete(tenant_id)
except ldap.NO_SUCH_OBJECT:
raise exception.TenantNotFound(tenant_id=tenant_id)
raise exception.ProjectNotFound(project_id=tenant_id)
def delete_user(self, user_id):
try:
@ -307,7 +307,7 @@ class ApiShim(object):
@property
def tenant(self):
if not self._tenant:
self._tenant = TenantApi(self.conf)
self._tenant = ProjectApi(self.conf)
return self._tenant
@property
@ -332,7 +332,7 @@ class ApiShimMixin(object):
return self.api.role
@property
def tenant_api(self):
def project_api(self):
return self.api.tenant
@property
@ -412,7 +412,7 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin):
values = super(UserApi, self).create(values)
tenant_id = values.get('tenant_id')
if tenant_id is not None:
self.tenant_api.add_user(values['tenant_id'], values['id'])
self.project_api.add_user(values['tenant_id'], values['id'])
return values
def update(self, id, values):
@ -431,9 +431,9 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin):
else:
if old_obj.get('tenant_id') != new_tenant:
if old_obj['tenant_id']:
self.tenant_api.remove_user(old_obj['tenant_id'], id)
self.project_api.remove_user(old_obj['tenant_id'], id)
if new_tenant:
self.tenant_api.add_user(new_tenant, id)
self.project_api.add_user(new_tenant, id)
values = utils.hash_ldap_user_password(values)
if self.enabled_mask:
@ -444,7 +444,7 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin):
def delete(self, id):
user = self.get(id)
if hasattr(user, 'tenant_id'):
self.tenant_api.remove_user(user.tenant_id, id)
self.project_api.remove_user(user.tenant_id, id)
super(UserApi, self).delete(id)
@ -469,8 +469,8 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin):
def get_by_tenant(self, user_id, tenant_id):
user_dn = self._id_to_dn(user_id)
user = self.get(user_id)
tenant = self.tenant_api._ldap_get(tenant_id,
'(member=%s)' % (user_dn,))
tenant = self.project_api._ldap_get(tenant_id,
'(member=%s)' % (user_dn,))
if tenant is not None:
return user
else:
@ -491,12 +491,12 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin):
def users_get_by_tenant_get_page(self, tenant_id, role_id, marker, limit):
return self._get_page(marker,
limit,
self.tenant_api.get_users(tenant_id, role_id))
self.project_api.get_users(tenant_id, role_id))
def users_get_by_tenant_get_page_markers(self, tenant_id, role_id, marker,
limit):
return self._get_page_markers(
marker, limit, self.tenant_api.get_users(tenant_id, role_id))
marker, limit, self.project_api.get_users(tenant_id, role_id))
def check_password(self, user_id, password):
user = self.get(user_id)
@ -504,7 +504,7 @@ class UserApi(common_ldap.BaseLdap, ApiShimMixin):
# TODO(termie): turn this into a data object and move logic to driver
class TenantApi(common_ldap.BaseLdap, ApiShimMixin):
class ProjectApi(common_ldap.BaseLdap, ApiShimMixin):
DEFAULT_OU = 'ou=Groups'
DEFAULT_STRUCTURAL_CLASSES = []
DEFAULT_OBJECTCLASS = 'groupOfNames'
@ -516,10 +516,10 @@ class TenantApi(common_ldap.BaseLdap, ApiShimMixin):
'description': 'desc',
'tenantId': 'cn',
'enabled': 'enabled'}
model = models.Tenant
model = models.Project
def __init__(self, conf):
super(TenantApi, self).__init__(conf)
super(ProjectApi, self).__init__(conf)
self.api = ApiShim(conf)
self.attribute_mapping['name'] = conf.ldap.tenant_name_attribute
self.attribute_mapping['description'] = conf.ldap.tenant_desc_attribute
@ -530,11 +530,11 @@ class TenantApi(common_ldap.BaseLdap, ApiShimMixin):
or self.DEFAULT_ATTRIBUTE_IGNORE)
def get(self, id, filter=None):
"""Replaces exception.NotFound with exception.TenantNotFound."""
"""Replaces exception.NotFound with exception.ProjectNotFound."""
try:
return super(TenantApi, self).get(id, filter)
return super(ProjectApi, self).get(id, filter)
except exception.NotFound:
raise exception.TenantNotFound(tenant_id=id)
raise exception.ProjectNotFound(project_id=id)
def get_by_name(self, name, filter=None): # pylint: disable=W0221,W0613
search_filter = ('(%s=%s)'
@ -544,14 +544,14 @@ class TenantApi(common_ldap.BaseLdap, ApiShimMixin):
try:
return tenants[0]
except IndexError:
raise exception.TenantNotFound(tenant_id=name)
raise exception.ProjectNotFound(project_id=name)
def create(self, values):
self.affirm_unique(values)
data = values.copy()
if data.get('id') is None:
data['id'] = uuid.uuid4().hex
return super(TenantApi, self).create(data)
return super(ProjectApi, self).create(data)
def get_user_tenants(self, user_id):
"""Returns list of tenants a user has access to
@ -625,20 +625,20 @@ class TenantApi(common_ldap.BaseLdap, ApiShimMixin):
def delete(self, id):
if self.subtree_delete_enabled:
super(TenantApi, self).deleteTree(id)
super(ProjectApi, self).deleteTree(id)
else:
self.role_api.roles_delete_subtree_by_tenant(id)
super(TenantApi, self).delete(id)
super(ProjectApi, self).delete(id)
def update(self, id, values):
try:
old_obj = self.get(id)
except exception.NotFound:
raise exception.TenantNotFound(tenant_id=id)
raise exception.ProjectNotFound(project_id=id)
if old_obj['name'] != values['name']:
msg = 'Changing Name not supported by LDAP'
raise exception.NotImplemented(message=msg)
super(TenantApi, self).update(id, values, old_obj)
super(ProjectApi, self).update(id, values, old_obj)
class UserRoleAssociation(object):
@ -672,7 +672,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin):
attribute_mapping = {'name': 'cn',
#'serviceId': 'service_id',
}
model = models.Tenant
model = models.Role
def __init__(self, conf):
super(RoleApi, self).__init__(conf)
@ -713,7 +713,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin):
else:
return '%s=%s,%s' % (self.id_attr,
ldap.dn.escape_dn_chars(role_id),
self.tenant_api._id_to_dn(tenant_id))
self.project_api._id_to_dn(tenant_id))
def get(self, id, filter=None):
model = super(RoleApi, self).get(id, filter)
@ -803,7 +803,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin):
def get_role_assignments(self, tenant_id):
conn = self.get_connection()
query = '(objectClass=%s)' % self.object_class
tenant_dn = self.tenant_api._id_to_dn(tenant_id)
tenant_dn = self.project_api._id_to_dn(tenant_id)
try:
roles = conn.search_s(tenant_dn, ldap.SCOPE_ONELEVEL, query)
@ -844,7 +844,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin):
self.member_attribute,
user_dn)
if tenant_id is not None:
tenant_dn = self.tenant_api._id_to_dn(tenant_id)
tenant_dn = self.project_api._id_to_dn(tenant_id)
try:
roles = conn.search_s(tenant_dn, ldap.SCOPE_ONELEVEL, query)
except ldap.NO_SUCH_OBJECT:
@ -860,7 +860,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin):
tenant_id=tenant_id))
else:
try:
roles = conn.search_s(self.tenant_api.tree_dn,
roles = conn.search_s(self.project_api.tree_dn,
ldap.SCOPE_SUBTREE,
query)
except ldap.NO_SUCH_OBJECT:
@ -911,7 +911,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin):
if tenant_id is None:
all_roles += self.list_global_roles_for_user(user_id)
else:
for tenant in self.tenant_api.get_all():
for tenant in self.project_api.get_all():
all_roles += self.list_tenant_roles_for_user(user_id,
tenant['id'])
return self._get_page(marker, limit, all_roles)
@ -921,7 +921,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin):
if tenant_id is None:
all_roles = self.list_global_roles_for_user(user_id)
else:
for tenant in self.tenant_api.get_all():
for tenant in self.project_api.get_all():
all_roles += self.list_tenant_roles_for_user(user_id,
tenant['id'])
return self._get_page_markers(marker, limit, all_roles)
@ -956,7 +956,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin):
tenant_id = None
if tenant_dns is not None:
for tenant_dn in tenant_dns:
tenant_id = self.tenant_api._dn_to_id(tenant_dn)
tenant_id = self.project_api._dn_to_id(tenant_dn)
role_id = self._dn_to_id(role_dn)
res.append(UserRoleAssociation(
id=self._create_ref(role_id, tenant_id, user_id),
@ -968,7 +968,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin):
def roles_delete_subtree_by_tenant(self, tenant_id):
conn = self.get_connection()
query = '(objectClass=%s)' % self.object_class
tenant_dn = self.tenant_api._id_to_dn(tenant_id)
tenant_dn = self.project_api._id_to_dn(tenant_id)
try:
roles = conn.search_s(tenant_dn, ldap.SCOPE_ONELEVEL, query)
for role_dn, _ in roles:
@ -987,7 +987,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin):
user_dn)
if tenant_id is not None:
tenant_dn = self.tenant_api._id_to_dn(tenant_id)
tenant_dn = self.project_api._id_to_dn(tenant_id)
try:
roles = conn.search_s(tenant_dn, ldap.SCOPE_ONELEVEL, query)
except ldap.NO_SUCH_OBJECT:
@ -1040,7 +1040,7 @@ class RoleApi(common_ldap.BaseLdap, ApiShimMixin):
conn = self.get_connection()
query = '(&(objectClass=%s)(%s=%s))' % (self.object_class,
self.id_attr, id)
tenant_dn = self.tenant_api.tree_dn
tenant_dn = self.project_api.tree_dn
try:
for role_dn, _ in conn.search_s(tenant_dn,
ldap.SCOPE_SUBTREE,

61
keystone/identity/backends/sql.py
View File

@ -79,7 +79,7 @@ class Domain(sql.ModelBase, sql.DictBase):
# TODO(dolph): rename to Project
class Tenant(sql.ModelBase, sql.DictBase):
class Project(sql.ModelBase, sql.DictBase):
__tablename__ = 'project'
attributes = ['id', 'name']
id = sql.Column(sql.String(64), primary_key=True)
@ -138,8 +138,8 @@ class GroupDomainGrant(sql.ModelBase, BaseGrant):
# TODO(dolph): ... do we need this table?
class UserTenantMembership(sql.ModelBase, sql.DictBase):
"""Tenant membership join table."""
class UserProjectMembership(sql.ModelBase, sql.DictBase):
"""Project membership join table."""
__tablename__ = 'user_project_membership'
user_id = sql.Column(sql.String(64),
sql.ForeignKey('user.id'),
@ -206,7 +206,7 @@ class Identity(sql.Base, identity.Driver):
try:
tenant_ref = self.get_tenant(tenant_id)
metadata_ref = self.get_metadata(user_id, tenant_id)
except exception.TenantNotFound:
except exception.ProjectNotFound:
tenant_ref = None
metadata_ref = {}
except exception.MetadataNotFound:
@ -216,24 +216,24 @@ class Identity(sql.Base, identity.Driver):
def get_tenant(self, tenant_id):
session = self.get_session()
tenant_ref = session.query(Tenant).filter_by(id=tenant_id).first()
tenant_ref = session.query(Project).filter_by(id=tenant_id).first()
if tenant_ref is None:
raise exception.TenantNotFound(tenant_id=tenant_id)
raise exception.ProjectNotFound(project_id=tenant_id)
return tenant_ref.to_dict()
def get_tenant_by_name(self, tenant_name):
session = self.get_session()
tenant_ref = session.query(Tenant).filter_by(name=tenant_name).first()
tenant_ref = session.query(Project).filter_by(name=tenant_name).first()
if not tenant_ref:
raise exception.TenantNotFound(tenant_id=tenant_name)
raise exception.ProjectNotFound(project_id=tenant_name)
return tenant_ref.to_dict()
def get_tenant_users(self, tenant_id):
session = self.get_session()
self.get_tenant(tenant_id)
query = session.query(User)
query = query.join(UserTenantMembership)
query = query.filter(UserTenantMembership.tenant_id == tenant_id)
query = query.join(UserProjectMembership)
query = query.filter(UserProjectMembership.tenant_id == tenant_id)
user_refs = query.all()
return [identity.filter_user(user_ref.to_dict())
for user_ref in user_refs]
@ -370,7 +370,7 @@ class Identity(sql.Base, identity.Driver):
session = self.get_session()
self.get_tenant(tenant_id)
self.get_user(user_id)
query = session.query(UserTenantMembership)
query = session.query(UserProjectMembership)
query = query.filter_by(user_id=user_id)
query = query.filter_by(tenant_id=tenant_id)
rv = query.first()
@ -378,15 +378,15 @@ class Identity(sql.Base, identity.Driver):
return
with session.begin():
session.add(UserTenantMembership(user_id=user_id,
tenant_id=tenant_id))
session.add(UserProjectMembership(user_id=user_id,
tenant_id=tenant_id))
session.flush()
def remove_user_from_tenant(self, tenant_id, user_id):
session = self.get_session()
self.get_tenant(tenant_id)
self.get_user(user_id)
query = session.query(UserTenantMembership)
query = session.query(UserProjectMembership)
query = query.filter_by(user_id=user_id)
query = query.filter_by(tenant_id=tenant_id)
membership_ref = query.first()
@ -398,13 +398,13 @@ class Identity(sql.Base, identity.Driver):
def get_tenants(self):
session = self.get_session()
tenant_refs = session.query(Tenant).all()
tenant_refs = session.query(Project).all()
return [tenant_ref.to_dict() for tenant_ref in tenant_refs]
def get_tenants_for_user(self, user_id):
session = self.get_session()
self.get_user(user_id)
query = session.query(UserTenantMembership)
query = session.query(UserProjectMembership)
query = query.filter_by(user_id=user_id)
membership_refs = query.all()
return [x.tenant_id for x in membership_refs]
@ -465,7 +465,7 @@ class Identity(sql.Base, identity.Driver):
tenant['name'] = clean.tenant_name(tenant['name'])
session = self.get_session()
with session.begin():
tenant_ref = Tenant.from_dict(tenant)
tenant_ref = Project.from_dict(tenant)
session.add(tenant_ref)
session.flush()
return tenant_ref.to_dict()
@ -478,15 +478,15 @@ class Identity(sql.Base, identity.Driver):
tenant['name'] = clean.tenant_name(tenant['name'])
try:
tenant_ref = session.query(Tenant).filter_by(id=tenant_id).one()
tenant_ref = session.query(Project).filter_by(id=tenant_id).one()
except sql.NotFound:
raise exception.TenantNotFound(tenant_id=tenant_id)
raise exception.ProjectNotFound(project_id=tenant_id)
with session.begin():
old_tenant_dict = tenant_ref.to_dict()
for k in tenant:
old_tenant_dict[k] = tenant[k]
new_tenant = Tenant.from_dict(old_tenant_dict)
new_tenant = Project.from_dict(old_tenant_dict)
tenant_ref.name = new_tenant.name
tenant_ref.extra = new_tenant.extra
session.flush()
@ -496,12 +496,12 @@ class Identity(sql.Base, identity.Driver):
session = self.get_session()
try:
tenant_ref = session.query(Tenant).filter_by(id=tenant_id).one()
tenant_ref = session.query(Project).filter_by(id=tenant_id).one()
except sql.NotFound:
raise exception.TenantNotFound(tenant_id=tenant_id)
raise exception.ProjectNotFound(project_id=tenant_id)
with session.begin():
q = session.query(UserTenantMembership)
q = session.query(UserProjectMembership)
q = q.filter_by(tenant_id=tenant_id)
q.delete(False)
@ -513,8 +513,9 @@ class Identity(sql.Base, identity.Driver):
q = q.filter_by(project_id=tenant_id)
q.delete(False)
if not session.query(Tenant).filter_by(id=tenant_id).delete(False):
raise exception.TenantNotFound(tenant_id=tenant_id)
delete_query = session.query(Project).filter_by(id=tenant_id)
if not delete_query.delete(False):
raise exception.ProjectNotFound(project_id=tenant_id)
session.delete(tenant_ref)
session.flush()
@ -641,14 +642,14 @@ class Identity(sql.Base, identity.Driver):
def update_project(self, project_id, project):
session = self.get_session()
with session.begin():
ref = session.query(Tenant).filter_by(id=project_id).first()
ref = session.query(Project).filter_by(id=project_id).first()
if ref is None:
raise exception.TenantNotFound(project_id=project_id)
raise exception.ProjectNotFound(project_id=project_id)
old_dict = ref.to_dict()
for k in project:
old_dict[k] = project[k]
new_project = Tenant.from_dict(old_dict)
for attr in Tenant.attributes:
new_project = Project.from_dict(old_dict)
for attr in Project.attributes:
if attr != 'id':
setattr(ref, attr, getattr(new_project, attr))
ref.extra = new_project.extra
@ -803,7 +804,7 @@ class Identity(sql.Base, identity.Driver):
raise exception.UserNotFound(user_id=user_id)
with session.begin():
q = session.query(UserTenantMembership)
q = session.query(UserProjectMembership)
q = q.filter_by(user_id=user_id)
q.delete(False)

2
keystone/identity/controllers.py
View File

@ -178,7 +178,7 @@ class User(controller.V2Controller):
tenant_id = user.get('tenantId', None)
if (tenant_id is not None
and self.identity_api.get_tenant(context, tenant_id) is None):
raise exception.TenantNotFound(tenant_id=tenant_id)
raise exception.ProjectNotFound(project_id=tenant_id)
user_id = uuid.uuid4().hex
user_ref = user.copy()
user_ref['id'] = user_id

19
keystone/identity/core.py
View File

@ -76,7 +76,7 @@ class Driver(object):
"""Get a tenant by id.
:returns: tenant_ref
:raises: keystone.exception.TenantNotFound
:raises: keystone.exception.ProjectNotFound
"""
raise exception.NotImplemented()
@ -85,7 +85,7 @@ class Driver(object):
"""Get a tenant by name.
:returns: tenant_ref
:raises: keystone.exception.TenantNotFound
:raises: keystone.exception.ProjectNotFound
"""
raise exception.NotImplemented()
@ -102,7 +102,7 @@ class Driver(object):
def add_user_to_tenant(self, tenant_id, user_id):
"""Add user to a tenant without an explicit role relationship.
:raises: keystone.exception.TenantNotFound,
:raises: keystone.exception.ProjectNotFound,
keystone.exception.UserNotFound
"""
@ -111,7 +111,7 @@ class Driver(object):
def remove_user_from_tenant(self, tenant_id, user_id):
"""Remove user from a tenant without an explicit role relationship.
:raises: keystone.exception.TenantNotFound,
:raises: keystone.exception.ProjectNotFound,
keystone.exception.UserNotFound
"""
@ -153,7 +153,7 @@ class Driver(object):
:returns: a list of role ids.
:raises: keystone.exception.UserNotFound,
keystone.exception.TenantNotFound
keystone.exception.ProjectNotFound
"""
raise exception.NotImplemented()
@ -162,7 +162,7 @@ class Driver(object):
"""Add a role to a user within given tenant.
:raises: keystone.exception.UserNotFound,
keystone.exception.TenantNotFound,
keystone.exception.ProjectNotFound,
keystone.exception.RoleNotFound
"""
raise exception.NotImplemented()
@ -171,7 +171,7 @@ class Driver(object):
"""Remove a role from a user within given tenant.
:raises: keystone.exception.UserNotFound,
keystone.exception.TenantNotFound,
keystone.exception.ProjectNotFound,
keystone.exception.RoleNotFound
"""
@ -189,7 +189,8 @@ class Driver(object):
def update_tenant(self, tenant_id, tenant):
"""Updates an existing tenant.
:raises: keystone.exception.TenantNotFound, keystone.exception.Conflict
:raises: keystone.exception.ProjectNotFound,
keystone.exception.Conflict
"""
raise exception.NotImplemented()
@ -197,7 +198,7 @@ class Driver(object):
def delete_tenant(self, tenant_id):
"""Deletes an existing tenant.
:raises: keystone.exception.TenantNotFound
:raises: keystone.exception.ProjectNotFound
"""
raise exception.NotImplemented()

4
keystone/token/controllers.py
View File

@ -305,7 +305,7 @@ class Auth(controller.V2Controller):
tenant_ref = self.identity_api.get_tenant_by_name(
context=context, tenant_name=tenant_name)
tenant_id = tenant_ref['id']
except exception.TenantNotFound as e:
except exception.ProjectNotFound as e:
raise exception.Unauthorized(e)
return tenant_id
@ -323,7 +323,7 @@ class Auth(controller.V2Controller):
try:
tenant_ref = self.identity_api.get_tenant(context=context,
tenant_id=tenant_id)
except exception.TenantNotFound as e:
except exception.ProjectNotFound as e:
exception.Unauthorized(e)
return tenant_ref

2
keystone/token/core.py
View File

@ -147,6 +147,6 @@ class Driver(object):
"""Invalidates all tokens held by a user (optionally for a tenant).
:raises: keystone.exception.UserNotFound,
keystone.exception.TenantNotFound
keystone.exception.ProjectNotFound
"""
raise exception.NotImplemented()

24
tests/test_backend.py
View File

@ -111,7 +111,7 @@ class IdentityTests(object):
self.assertDictEqual(tenant_ref, self.tenant_bar)
def test_get_tenant_404(self):
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.get_tenant,
tenant_id=uuid.uuid4().hex)
@ -121,12 +121,12 @@ class IdentityTests(object):
self.assertDictEqual(tenant_ref, self.tenant_bar)
def test_get_tenant_by_name_404(self):
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.get_tenant,
tenant_id=uuid.uuid4().hex)
def test_get_tenant_users_404(self):
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.get_tenant_users,
tenant_id=uuid.uuid4().hex)
@ -307,7 +307,7 @@ class IdentityTests(object):
self.identity_api.update_tenant('fake1', tenant)
tenant_ref = self.identity_api.get_tenant('fake1')
self.assertEqual(tenant_ref['id'], 'fake1')
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.get_tenant,
'fake2')
@ -347,7 +347,7 @@ class IdentityTests(object):
uuid.uuid4().hex,
self.tenant_bar['id'])
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.get_roles_for_user_and_tenant,
self.user_foo['id'],
uuid.uuid4().hex)
@ -359,7 +359,7 @@ class IdentityTests(object):
self.tenant_bar['id'],
'keystone_admin')
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.add_role_to_user_and_tenant,
self.user_foo['id'],
uuid.uuid4().hex,
@ -417,7 +417,7 @@ class IdentityTests(object):
user_id=uuid.uuid4().hex,
project_id=self.tenant_bar['id'])
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.list_grants,
user_id=self.user_foo['id'],
project_id=uuid.uuid4().hex)
@ -429,7 +429,7 @@ class IdentityTests(object):
project_id=self.tenant_bar['id'],
role_id='keystone_admin')
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.create_grant,
user_id=self.user_foo['id'],
project_id=uuid.uuid4().hex,
@ -596,7 +596,7 @@ class IdentityTests(object):
self.assertIn(self.tenant_bar['id'], tenants)
def test_add_user_to_tenant_404(self):
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.add_user_to_tenant,
uuid.uuid4().hex,
self.user_foo['id'])
@ -615,7 +615,7 @@ class IdentityTests(object):
self.assertNotIn(self.tenant_bar['id'], tenants)
def test_remove_user_from_tenant_404(self):
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.remove_user_from_tenant,
uuid.uuid4().hex,
self.user_foo['id'])
@ -636,13 +636,13 @@ class IdentityTests(object):
uuid.uuid4().hex)
def test_update_tenant_404(self):
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.update_tenant,
uuid.uuid4().hex,
dict())
def test_delete_tenant_404(self):
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.delete_tenant,
uuid.uuid4().hex)

2
tests/test_backend_kvs.py
View File

@ -54,7 +54,7 @@ class KvsCatalog(test.TestCase, test_backend.CatalogTests):
def test_get_catalog_404(self):
# FIXME(dolph): this test should be moved up to test_backend
# FIXME(dolph): exceptions should be UserNotFound and TenantNotFound
# FIXME(dolph): exceptions should be UserNotFound and ProjectNotFound
self.assertRaises(exception.NotFound,
self.catalog_api.get_catalog,
uuid.uuid4().hex,

4
tests/test_backend_ldap.py
View File

@ -131,7 +131,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
self.identity_api.update_tenant('fake1', tenant)
self.identity_api.delete_tenant('fake1')
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.get_tenant,
'fake1')
@ -226,7 +226,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
CONF.ldap.tenant_filter = '(CN=DOES_NOT_MATCH)'
self.identity_api = identity_ldap.Identity()
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.get_tenant,
self.tenant_bar['id'])

4
tests/test_backend_sql.py
View File

@ -96,10 +96,10 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
self.identity_api.create_tenant,
tenant['id'],
tenant)
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.get_tenant,
tenant['id'])
self.assertRaises(exception.TenantNotFound,
self.assertRaises(exception.ProjectNotFound,
self.identity_api.get_tenant_by_name,
tenant['name'])