Update api-ref to include user options

This commit formally adds resources options for users to the
identity API reference. Descriptions of the behavior provided
by each option is left to the administrator guide, but the
examples here at least show how to access and use the options
implemented for users.

Co-Authored-By: Lance Bragstad <lbragstad@gmail.com>
Closes-Bug: #1792026
Change-Id: I5af3761e42dfe544431ae0bd4b2c032391023bcc
This commit is contained in:
chenxing 2018-09-18 16:22:02 +08:00 committed by Lance Bragstad
parent 7f8c1a3069
commit 325d9eea33
7 changed files with 46 additions and 2 deletions

View File

@ -1977,6 +1977,25 @@ user_object:
in: body
required: true
type: object
user_options_request_body:
description: |
The resource options for the user. Available resource options are
``ignore_change_password_upon_first_use``, ``ignore_password_expiry``,
``ignore_lockout_failure_attempts``, ``lock_password``,
``multi_factor_auth_enabled``, and ``multi_factor_auth_rules``.
in: body
required: false
type: object
user_options_response_body:
description: |
The resource options for the user. Only present in the response if set on
the user entity. Available resource options are
``ignore_change_password_upon_first_use``, ``ignore_password_expiry``,
``ignore_lockout_failure_attempts``, ``lock_password``,
``multi_factor_auth_enabled``, and ``multi_factor_auth_rules``.
in: body
required: false
type: object
user_password_update_body:
description: |
The new password for the user.

View File

@ -6,6 +6,9 @@
"name": "James Doe",
"password": "secretsecret",
"description": "James Doe user",
"email": "jdoe@example.com"
"email": "jdoe@example.com",
"options": {
"ignore_password_expiry": true
}
}
}

View File

@ -10,6 +10,9 @@
"self": "https://example.com/identity/v3/users/ff4e51"
},
"name": "James Doe",
"options": {
"ignore_password_expiry": true
},
"password_expires_at": "2016-11-06T15:32:17.000000"
}
}

View File

@ -1,6 +1,9 @@
{
"user": {
"default_project_id": "263fd9",
"enabled": true
"enabled": true,
"options": {
"ignore_lockout_failure_attempts": true
}
}
}

View File

@ -8,6 +8,9 @@
"self": "https://example.com/identity/v3/users/ff4e51"
},
"name": "jamesdoe",
"options": {
"ignore_lockout_failure_attempts": true
},
"password_expires_at": "2016-11-06T15:32:17.000000"
}
}

View File

@ -104,6 +104,7 @@ Parameters
- name: user_name_create_request_body
- password: password_request_body
- extra: extra_request_body
- options: user_options_request_body
Example
~~~~~~~
@ -127,6 +128,7 @@ Parameters
- links: links_user
- name: user_name_response_body
- password_expires_at: password_expires_at
- options: user_options_response_body
Status Codes
~~~~~~~~~~~~
@ -233,6 +235,7 @@ Parameters
- enabled: enabled_user_update_body
- name: user_name_update_body
- password: user_update_password_body
- options: user_options_request_body
Example
~~~~~~~
@ -256,6 +259,7 @@ Parameters
- links: links_user
- name: user_name_response_body
- password_expires_at: password_expires_at
- options: user_options_response_body
Status Codes
~~~~~~~~~~~~

View File

@ -0,0 +1,9 @@
---
fixes:
- |
[`bug 1792026 <https://bugs.launchpad.net/keystone/+bug/1792026>`_]
Formal documentation for user resource options has been added to the
administrator guide and the API reference. This documentation helps
describe how user options can improve user experience, namely for
deployments looking to offer flexibility around PCI-DSS security
requirements, among other things.