openstack
/
keystone
Code Issues Proposed changes

Refactored routers and controllers into their own modules (issue #44)

This commit is contained in:
Dolph Mathews 2011-07-11 13:18:02 -05:00
parent 3954de5744
commit 640a0b8ea7
16 changed files with 776 additions and 778 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
keystone/backends/api.py
View File

@ -14,39 +14,6 @@
# Not Yet PEP8 standardized
#API
#TODO(Yogi) Refactor all API to separate classes specific to models.
endpoint_template = None
group = None
role = None
tenant_group = None
tenant = None
token = None
user = None
# Function to dynamically set module references.
def set_value(variable_name, value):
if variable_name == 'endpoint_template':
global endpoint_template
endpoint_template = value
elif variable_name == 'group':
global group
group = value
elif variable_name == 'role':
global role
role = value
elif variable_name == 'tenant_group':
global tenant_group
tenant_group = value
elif variable_name == 'tenant':
global tenant
tenant = value
elif variable_name == 'token':
global token
token = value
elif variable_name == 'user':
global user
user = value
#Base APIs
class BaseUserAPI(object):
@ -306,3 +273,35 @@ class BaseEndpointTemplateAPI(object):
def endpoint_delete(self, id):
pass
endpoint_template = BaseEndpointTemplateAPI()
group = BaseGroupAPI()
role = BaseRoleAPI()
tenant_group = BaseTenantGroupAPI()
tenant = BaseTenantAPI()
token = BaseTokenAPI()
user = BaseUserAPI()
# Function to dynamically set module references.
def set_value(variable_name, value):
if variable_name == 'endpoint_template':
global endpoint_template
endpoint_template = value
elif variable_name == 'group':
global group
group = value
elif variable_name == 'role':
global role
role = value
elif variable_name == 'tenant_group':
global tenant_group
tenant_group = value
elif variable_name == 'tenant':
global tenant
tenant = value
elif variable_name == 'token':
global token
token = value
elif variable_name == 'user':
global user
user = value

6
keystone/common/config.py
View File

@ -298,8 +298,7 @@ def load_paste_config(app_name, options, args):
conf.global_conf.update(get_non_paste_configs(conf_file))
return conf_file, conf
except Exception, e:
raise RuntimeError("Error trying to load config %s: %s"
% (conf_file, e))
raise RuntimeError("Error loading config %s: %s" % (conf_file, e))
def get_non_paste_configs(conf_file):
load_config_files(conf_file)
@ -325,7 +324,6 @@ def load_config_files(config_files):
return config
def load_paste_app(app_name, options, args):
"""
Builds and returns a WSGI app from a paste config file.
@ -374,7 +372,7 @@ def load_paste_app(app_name, options, args):
for key, value in sorted(items.items()):
logger.info("%(key)-20s %(value)s" % locals())
logger.info("*" * 50)
app = deploy.loadapp("config:%s" % conf_file, name=app_name, global_conf= conf.global_conf)
app = deploy.loadapp("config:%s" % conf_file, name=app_name, global_conf=conf.global_conf)
except (LookupError, ImportError), e:
raise RuntimeError("Unable to load %(app_name)s from "
"configuration file %(conf_file)s."

5
keystone/config.py Normal file
View File

@ -0,0 +1,5 @@
from keystone.logic.service import IdentityService
VERSION_STATUS = "ALPHA"
VERSION_DATE = "2011-04-23T00:00:00Z"
SERVICE = IdentityService()

13
keystone/controllers/__init__.py Normal file
View File

@ -0,0 +1,13 @@
def get_url(req):
return '%s://%s:%s%s' % (
req.environ['wsgi.url_scheme'],
req.environ.get("SERVER_NAME"),
req.environ.get("SERVER_PORT"),
req.environ['PATH_INFO'])
def get_marker_limit_and_url(req):
marker = req.GET["marker"] if "marker" in req.GET else None
limit = req.GET["limit"] if "limit" in req.GET else 10
url = get_url(req)
return (marker, limit, url)

33
keystone/controllers/auth.py Normal file
View File

@ -0,0 +1,33 @@
from keystone import utils
from keystone.common import wsgi
from keystone.logic.types.auth import PasswordCredentials
import keystone.config as config
class AuthController(wsgi.Controller):
"""Controller for token related operations"""
def __init__(self, options):
self.options = options
self.request = None
@utils.wrap_error
def authenticate(self, req):
self.request = req
creds = utils.get_normalized_request_content(
PasswordCredentials, req)
return utils.send_result(200, req, config.SERVICE.authenticate(creds))
@utils.wrap_error
def validate_token(self, req, token_id):
belongs_to = req.GET["belongsTo"] if "belongsTo" in req.GET else None
rval = config.SERVICE.validate_token(
utils.get_auth_token(req), token_id, belongs_to)
return utils.send_result(200, req, rval)
@utils.wrap_error
def delete_token(self, req, token_id):
return utils.send_result(204, req,
config.SERVICE.revoke_token(utils.get_auth_token(req), token_id))

44
keystone/controllers/endpointtemplates.py Normal file
View File

@ -0,0 +1,44 @@
from keystone import utils
from keystone.common import wsgi
import keystone.config as config
from keystone.logic.types.endpoint import EndpointTemplate
from . import get_url, get_marker_limit_and_url
class EndpointTemplatesController(wsgi.Controller):
"""Controller for EndpointTemplates related operations"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def get_endpoint_templates(self, req):
marker, limit, url = get_marker_limit_and_url(req)
endpoint_templates = config.SERVICE.get_endpoint_templates(
utils.get_auth_token(req), marker, limit, url)
return utils.send_result(200, req, endpoint_templates)
@utils.wrap_error
def get_endpoint_template(self, req, endpoint_templates_id):
endpoint_template = config.SERVICE.get_endpoint_template(
utils.get_auth_token(req), endpoint_templates_id)
return utils.send_result(200, req, endpoint_template)
@utils.wrap_error
def get_endpoints_for_tenant(self, req, tenant_id):
marker, limit, url = get_marker_limit_and_url(req)
endpoints = config.SERVICE.get_tenant_endpoints(
utils.get_auth_token(req), marker, limit, url, tenant_id)
return utils.send_result(200, req, endpoints)
@utils.wrap_error
def add_endpoint_to_tenant(self, req, tenant_id):
endpoint = utils.get_normalized_request_content(EndpointTemplate, req)
return utils.send_result(201, req,
config.SERVICE.create_endpoint_for_tenant(
utils.get_auth_token(req), tenant_id, endpoint, get_url(req)))
@utils.wrap_error
def remove_endpoint_from_tenant(self, req, tenant_id, endpoints_id):
rval = config.SERVICE.delete_endpoint(utils.get_auth_token(req),
endpoints_id)
return utils.send_result(204, req, rval)

66
keystone/controllers/groups.py Normal file
View File

@ -0,0 +1,66 @@
from keystone import utils
from keystone.common import wsgi
import keystone.config as config
from keystone.logic.types.tenant import GlobalGroup
from . import get_marker_limit_and_url
class GroupsController(wsgi.Controller):
"""Controller for Group related operations"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def create_group(self, req):
group = utils.get_normalized_request_content(GlobalGroup, req)
return utils.send_result(201, req,
config.SERVICE.create_global_group(utils.get_auth_token(req),
group))
@utils.wrap_error
def get_groups(self, req):
marker, limit, url = get_marker_limit_and_url(req)
groups = config.SERVICE.get_global_groups(
utils.get_auth_token(req), marker, limit, url)
return utils.send_result(200, req, groups)
@utils.wrap_error
def get_group(self, req, group_id):
tenant = config.SERVICE.get_global_group(utils.get_auth_token(req),
group_id)
return utils.send_result(200, req, tenant)
@utils.wrap_error
def update_group(self, req, group_id):
group = utils.get_normalized_request_content(GlobalGroup, req)
rval = config.SERVICE.update_global_group(
utils.get_auth_token(req), group_id, group)
return utils.send_result(200, req, rval)
@utils.wrap_error
def delete_group(self, req, group_id):
rval = config.SERVICE.delete_global_group(utils.get_auth_token(req),
group_id)
return utils.send_result(204, req, rval)
@utils.wrap_error
def get_users_global_group(self, req, group_id):
marker, limit, url = get_marker_limit_and_url(req)
users = config.SERVICE.get_users_global_group(
utils.get_auth_token(req), group_id, marker, limit, url)
return utils.send_result(200, req, users)
@utils.wrap_error
def add_user_global_group(self, req, group_id, user_id):
return utils.send_result(201, req,
config.SERVICE.add_user_global_group(utils.get_auth_token(req),
group_id, user_id))
@utils.wrap_error
def delete_user_global_group(self, req, group_id, user_id):
return utils.send_result(204, req,
config.SERVICE.delete_user_global_group(utils.get_auth_token(req),
group_id, user_id))

50
keystone/controllers/roles.py Normal file
View File

@ -0,0 +1,50 @@
from keystone import utils
from keystone.common import wsgi
from keystone.logic.types.role import Role, RoleRef
import keystone.config as config
from . import get_marker_limit_and_url
class RolesController(wsgi.Controller):
"""Controller for Role related operations"""
def __init__(self, options):
self.options = options
# Not exposed yet.
@utils.wrap_error
def create_role(self, req):
role = utils.get_normalized_request_content(Role, req)
return utils.send_result(201, req,
config.SERVICE.create_role(utils.get_auth_token(req), role))
@utils.wrap_error
def get_roles(self, req):
marker, limit, url = get_marker_limit_and_url(req)
roles = config.SERVICE.get_roles(
utils.get_auth_token(req), marker, limit, url)
return utils.send_result(200, req, roles)
@utils.wrap_error
def get_role(self, req, role_id):
role = config.SERVICE.get_role(utils.get_auth_token(req), role_id)
return utils.send_result(200, req, role)
@utils.wrap_error
def create_role_ref(self, req, user_id):
roleRef = utils.get_normalized_request_content(RoleRef, req)
return utils.send_result(201, req, config.SERVICE.create_role_ref(
utils.get_auth_token(req), user_id, roleRef))
@utils.wrap_error
def get_role_refs(self, req, user_id):
marker, limit, url = get_marker_limit_and_url(req)
roleRefs = config.SERVICE.get_user_roles(
utils.get_auth_token(req), marker, limit, url, user_id)
return utils.send_result(200, req, roleRefs)
@utils.wrap_error
def delete_role_ref(self, req, user_id, role_ref_id):
rval = config.SERVICE.delete_role_ref(utils.get_auth_token(req),
role_ref_id)
return utils.send_result(204, req, rval)

34
keystone/controllers/staticfiles.py Normal file
View File

@ -0,0 +1,34 @@
from webob import Response
from keystone import utils
from keystone.common import template, wsgi
class StaticFilesController(wsgi.Controller):
"""Controller for contract documents"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def get_pdf_contract(self, req):
resp = Response()
return template.static_file(resp, req, "content/identitydevguide.pdf",
root=utils.get_app_root(), mimetype="application/pdf")
@utils.wrap_error
def get_wadl_contract(self, req):
resp = Response()
return template.static_file(resp, req, "identity.wadl",
root=utils.get_app_root(), mimetype="application/vnd.sun.wadl+xml")
@utils.wrap_error
def get_xsd_contract(self, req, xsd):
resp = Response()
return template.static_file(resp, req, "/xsd/" + xsd,
root=utils.get_app_root(), mimetype="application/xml")
@utils.wrap_error
def get_xsd_atom_contract(self, req, xsd):
resp = Response()
return template.static_file(resp, req, "/xsd/atom/" + xsd,
root=utils.get_app_root(), mimetype="application/xml")

94
keystone/controllers/tenant.py Normal file
View File

@ -0,0 +1,94 @@
from keystone import utils
from keystone.common import wsgi
import keystone.config as config
from keystone.logic.types.tenant import Tenant, Group
from . import get_marker_limit_and_url
class TenantController(wsgi.Controller):
"""Controller for Tenant and Tenant Group related operations"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def create_tenant(self, req):
tenant = utils.get_normalized_request_content(Tenant, req)
return utils.send_result(201, req,
config.SERVICE.create_tenant(utils.get_auth_token(req), tenant))
@utils.wrap_error
def get_tenants(self, req):
marker, limit, url = get_marker_limit_and_url(req)
tenants = config.SERVICE.get_tenants(utils.get_auth_token(req),
marker, limit, url)
return utils.send_result(200, req, tenants)
@utils.wrap_error
def get_tenant(self, req, tenant_id):
tenant = config.SERVICE.get_tenant(utils.get_auth_token(req),
tenant_id)
return utils.send_result(200, req, tenant)
@utils.wrap_error
def update_tenant(self, req, tenant_id):
tenant = utils.get_normalized_request_content(Tenant, req)
rval = config.SERVICE.update_tenant(utils.get_auth_token(req),
tenant_id, tenant)
return utils.send_result(200, req, rval)
@utils.wrap_error
def delete_tenant(self, req, tenant_id):
rval = config.SERVICE.delete_tenant(utils.get_auth_token(req),
tenant_id)
return utils.send_result(204, req, rval)
@utils.wrap_error
def create_tenant_group(self, req, tenant_id):
group = utils.get_normalized_request_content(Group, req)
return utils.send_result(201, req, config.SERVICE.create_tenant_group(
utils.get_auth_token(req), tenant_id, group))
@utils.wrap_error
def get_tenant_groups(self, req, tenant_id):
marker, limit, url = get_marker_limit_and_url(req)
groups = config.SERVICE.get_tenant_groups(utils.get_auth_token(req),
tenant_id, marker, limit, url)
return utils.send_result(200, req, groups)
@utils.wrap_error
def get_tenant_group(self, req, tenant_id, group_id):
tenant = config.SERVICE.get_tenant_group(utils.get_auth_token(req),
tenant_id, group_id)
return utils.send_result(200, req, tenant)
@utils.wrap_error
def update_tenant_group(self, req, tenant_id, group_id):
group = utils.get_normalized_request_content(Group, req)
rval = config.SERVICE.update_tenant_group(utils.get_auth_token(req),
tenant_id, group_id, group)
return utils.send_result(200, req, rval)
@utils.wrap_error
def delete_tenant_group(self, req, tenant_id, group_id):
rval = config.SERVICE.delete_tenant_group(utils.get_auth_token(req),
tenant_id, group_id)
return utils.send_result(204, req, rval)
@utils.wrap_error
def get_users_tenant_group(self, req, tenant_id, group_id):
marker, limit, url = get_marker_limit_and_url(req)
users = config.SERVICE.get_users_tenant_group(
utils.get_auth_token(req), tenant_id, group_id, marker, limit, url)
return utils.send_result(200, req, users)
@utils.wrap_error
def add_user_tenant_group(self, req, tenant_id, group_id, user_id):
return utils.send_result(201, req,
config.SERVICE.add_user_tenant_group(utils.get_auth_token(req),
tenant_id, group_id, user_id))
@utils.wrap_error
def delete_user_tenant_group(self, req, tenant_id, group_id, user_id):
return utils.send_result(204, req,
config.SERVICE.delete_user_tenant_group(utils.get_auth_token(req),
tenant_id, group_id, user_id))

75
keystone/controllers/user.py Normal file
View File

@ -0,0 +1,75 @@
from keystone import utils
from keystone.common import wsgi
import keystone.config as config
from keystone.logic.types.user import User, User_Update
from . import get_marker_limit_and_url
class UserController(wsgi.Controller):
"""Controller for User related operations"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def create_user(self, req):
u = utils.get_normalized_request_content(User, req)
return utils.send_result(201, req, config.SERVICE.create_user(
utils.get_auth_token(req), u))
@utils.wrap_error
def get_users(self, req):
marker, limit, url = get_marker_limit_and_url(req)
users = config.SERVICE.get_users(utils.get_auth_token(req), marker, limit,
url)
return utils.send_result(200, req, users)
@utils.wrap_error
def get_user(self, req, user_id):
user = config.SERVICE.get_user(utils.get_auth_token(req), user_id)
return utils.send_result(200, req, user)
@utils.wrap_error
def update_user(self, req, user_id):
user = utils.get_normalized_request_content(User_Update, req)
rval = config.SERVICE.update_user(utils.get_auth_token(req), user_id, user)
return utils.send_result(200, req, rval)
@utils.wrap_error
def delete_user(self, req, user_id):
rval = config.SERVICE.delete_user(utils.get_auth_token(req), user_id)
return utils.send_result(204, req, rval)
@utils.wrap_error
def set_user_password(self, req, user_id):
user = utils.get_normalized_request_content(User_Update, req)
rval = config.SERVICE.set_user_password(utils.get_auth_token(req), user_id,
user)
return utils.send_result(200, req, rval)
@utils.wrap_error
def set_user_enabled(self, req, user_id):
user = utils.get_normalized_request_content(User_Update, req)
rval = config.SERVICE.enable_disable_user(utils.get_auth_token(req), user_id,
user)
return utils.send_result(200, req, rval)
@utils.wrap_error
def update_user_tenant(self, req, user_id):
user = utils.get_normalized_request_content(User_Update, req)
rval = config.SERVICE.set_user_tenant(utils.get_auth_token(req), user_id,
user)
return utils.send_result(200, req, rval)
@utils.wrap_error
def get_tenant_users(self, req, tenant_id):
marker, limit, url = get_marker_limit_and_url(req)
users = config.SERVICE.get_tenant_users(utils.get_auth_token(req), tenant_id,
marker, limit, url)
return utils.send_result(200, req, users)
@utils.wrap_error
def get_user_groups(self, req, user_id):
marker, limit, url = get_marker_limit_and_url(req)
groups = config.SERVICE.get_user_groups(utils.get_auth_token(req), user_id,
marker, limit, url)
return utils.send_result(200, req, groups)

44
keystone/controllers/version.py Normal file
View File

@ -0,0 +1,44 @@
import os
import sys
from webob import Response
# If ../../keystone/__init__.py exists, add ../ to Python search path, so that
# it will override what happens to be installed in /usr/(local/)lib/python...
possible_topdir = os.path.normpath(os.path.join(os.path.abspath(sys.argv[0]),
os.pardir,
os.pardir))
from keystone import utils
from keystone.common import template, wsgi
import keystone.config as config
class VersionController(wsgi.Controller):
"""Controller for version related methods"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def get_version_info(self, req):
resp = Response()
resp.charset = 'UTF-8'
if utils.is_xml_response(req):
resp_file = os.path.join(possible_topdir,
"keystone/content/version.xml.tpl")
resp.content_type = "application/xml"
else:
resp_file = os.path.join(possible_topdir,
"keystone/content/version.json.tpl")
resp.content_type = "application/json"
hostname = req.environ.get("SERVER_NAME")
port = req.environ.get("SERVER_PORT")
resp.unicode_body = template.template(resp_file,
HOST=hostname,
PORT=port,
VERSION_STATUS=config.VERSION_STATUS,
VERSION_DATE=config.VERSION_DATE)
return resp

1
keystone/routers/__init__.py Normal file
View File

@ -0,0 +1 @@

222
keystone/routers/admin.py Normal file
View File

@ -0,0 +1,222 @@
import routes
from keystone.common import wsgi
import keystone.backends as db
from keystone.controllers.auth import AuthController
from keystone.controllers.endpointtemplates import EndpointTemplatesController
from keystone.controllers.groups import GroupsController
from keystone.controllers.roles import RolesController
from keystone.controllers.staticfiles import StaticFilesController
from keystone.controllers.tenant import TenantController
from keystone.controllers.user import UserController
from keystone.controllers.version import VersionController
class AdminApi(wsgi.Router):
"""WSGI entry point for admin Keystone API requests."""
def __init__(self, options):
self.options = options
mapper = routes.Mapper()
db.configure_backends(options)
# Token Operations
auth_controller = AuthController(options)
mapper.connect("/v2.0/tokens", controller=auth_controller,
action="authenticate",
conditions=dict(method=["POST"]))
mapper.connect("/v2.0/tokens/{token_id}", controller=auth_controller,
action="validate_token",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tokens/{token_id}", controller=auth_controller,
action="delete_token",
conditions=dict(method=["DELETE"]))
# Tenant Operations
tenant_controller = TenantController(options)
mapper.connect("/v2.0/tenants", controller=tenant_controller,
action="create_tenant",
conditions=dict(method=["PUT", "POST"]))
mapper.connect("/v2.0/tenants", controller=tenant_controller,
action="get_tenants", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}",
controller=tenant_controller,
action="get_tenant", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}",
controller=tenant_controller,
action="update_tenant", conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/tenants/{tenant_id}",
controller=tenant_controller,
action="delete_tenant", conditions=dict(method=["DELETE"]))
# Tenant Group Operations
mapper.connect("/v2.0/tenants/{tenant_id}/groups",
controller=tenant_controller,
action="create_tenant_group",
conditions=dict(method=["PUT", "POST"]))
mapper.connect("/v2.0/tenants/{tenant_id}/groups",
controller=tenant_controller,
action="get_tenant_groups",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}/groups/{group_id}",
controller=tenant_controller,
action="get_tenant_group",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}/groups/{group_id}",
controller=tenant_controller,
action="update_tenant_group",
conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/tenants/{tenant_id}/groups/{group_id}",
controller=tenant_controller,
action="delete_tenant_group",
conditions=dict(method=["DELETE"]))
mapper.connect("/v2.0/tenants/{tenant_id}/groups/{group_id}/users",
controller=tenant_controller,
action="get_users_tenant_group",
conditions=dict(method=["GET"]))
mapper.connect(
"/v2.0/tenants/{tenant_id}/groups/{group_id}/users/{user_id}",
controller=tenant_controller,
action="add_user_tenant_group",
conditions=dict(method=["PUT"]))
mapper.connect(
"/v2.0/tenants/{tenant_id}/groups/{group_id}/users/{user_id}",
controller=tenant_controller,
action="delete_user_tenant_group",
conditions=dict(method=["DELETE"]))
# User Operations
user_controller = UserController(options)
mapper.connect("/v2.0/users",
controller=user_controller,
action="create_user",
conditions=dict(method=["PUT", "POST"]))
mapper.connect("/v2.0/users",
controller=user_controller,
action="get_users",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/users/{user_id}",
controller=user_controller,
action="get_user",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/users/{user_id}",
controller=user_controller,
action="update_user",
conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/users/{user_id}",
controller=user_controller,
action="delete_user",
conditions=dict(method=["DELETE"]))
mapper.connect("/v2.0/users/{user_id}/password",
controller=user_controller,
action="set_user_password",
conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/users/{user_id}/tenant",
controller=user_controller,
action="update_user_tenant",
conditions=dict(method=["PUT"]))
# Test this, test failed
mapper.connect("/v2.0/users/{user_id}/enabled",
controller=user_controller,
action="set_user_enabled",
conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/users/{user_id}/groups",
controller=user_controller,
action="get_user_groups",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}/users",
controller=user_controller,
action="get_tenant_users",
conditions=dict(method=["GET"]))
#Global Groups
groups_controller = GroupsController(options)
mapper.connect("/v2.0/groups", controller=groups_controller,
action="create_group",
conditions=dict(method=["PUT", "POST"]))
mapper.connect("/v2.0/groups", controller=groups_controller,
action="get_groups", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/groups/{group_id}", controller=groups_controller,
action="get_group", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/groups/{group_id}", controller=groups_controller,
action="update_group", conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/groups/{group_id}", controller=groups_controller,
action="delete_group", conditions=dict(method=["DELETE"]))
mapper.connect("/v2.0/groups/{group_id}/users",
controller=groups_controller,
action="get_users_global_group",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/groups/{group_id}/users/{user_id}",
controller=groups_controller,
action="add_user_global_group",
conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/groups/{group_id}/users/{user_id}",
controller=groups_controller,
action="delete_user_global_group",
conditions=dict(method=["DELETE"]))
#Roles and RoleRefs
roles_controller = RolesController(options)
mapper.connect("/v2.0/roles", controller=roles_controller,
action="get_roles", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/roles/{role_id}", controller=roles_controller,
action="get_role", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/users/{user_id}/roleRefs",
controller=roles_controller, action="get_role_refs",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/users/{user_id}/roleRefs",
controller=roles_controller, action="create_role_ref",
conditions=dict(method=["POST"]))
mapper.connect("/v2.0/users/{user_id}/roleRefs/{role_ref_id}",
controller=roles_controller, action="delete_role_ref",
conditions=dict(method=["DELETE"]))
#EndpointTemplatesControllers and Endpoints
endpoint_templates_controller = EndpointTemplatesController(options)
mapper.connect("/v2.0/endpointTemplates",
controller=endpoint_templates_controller,
action="get_endpoint_templates",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/endpointTemplates/{endpoint_templates_id}",
controller=endpoint_templates_controller,
action="get_endpoint_template",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}/endpoints",
controller=endpoint_templates_controller,
action="get_endpoints_for_tenant",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}/endpoints",
controller=endpoint_templates_controller,
action="add_endpoint_to_tenant",
conditions=dict(method=["POST"]))
mapper.connect(
"/v2.0/tenants/{tenant_id}/endpoints/{endpoints_id}",
controller=endpoint_templates_controller,
action="remove_endpoint_from_tenant",
conditions=dict(method=["DELETE"]))
# Miscellaneous Operations
version_controller = VersionController(options)
mapper.connect("/v2.0", controller=version_controller,
action="get_version_info",
conditions=dict(method=["GET"]))
# Static Files Controller
static_files_controller = StaticFilesController(options)
mapper.connect("/v2.0/identitydevguide.pdf",
controller=static_files_controller,
action="get_pdf_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/identity.wadl",
controller=static_files_controller,
action="get_wadl_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/xsd/{xsd}",
controller=static_files_controller,
action="get_xsd_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/xsd/atom/{xsd}",
controller=static_files_controller,
action="get_xsd_atom_contract",
conditions=dict(method=["GET"]))
super(AdminApi, self).__init__(mapper)

55
keystone/routers/public.py Normal file
View File

@ -0,0 +1,55 @@
import routes
from keystone.common import wsgi
import keystone.backends as db
from keystone.controllers.auth import AuthController
from keystone.controllers.tenant import TenantController
from keystone.controllers.version import VersionController
from keystone.controllers.staticfiles import StaticFilesController
class PublicApi(wsgi.Router):
"""WSGI entry point for public Keystone API requests."""
def __init__(self, options):
self.options = options
mapper = routes.Mapper()
db.configure_backends(options)
# Token Operations
auth_controller = AuthController(options)
mapper.connect("/v2.0/tokens", controller=auth_controller,
action="authenticate",
conditions=dict(method=["POST"]))
# Tenant Operations
tenant_controller = TenantController(options)
mapper.connect("/v2.0/tenants", controller=tenant_controller,
action="get_tenants", conditions=dict(method=["GET"]))
# Miscellaneous Operations
version_controller = VersionController(options)
mapper.connect("/v2.0", controller=version_controller,
action="get_version_info",
conditions=dict(method=["GET"]))
# Static Files Controller
static_files_controller = StaticFilesController(options)
mapper.connect("/v2.0/identitydevguide.pdf",
controller=static_files_controller,
action="get_pdf_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/identity.wadl",
controller=static_files_controller,
action="get_wadl_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/xsd/{xsd}",
controller=static_files_controller,
action="get_pdf_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/xsd/atom/{xsd}",
controller=static_files_controller,
action="get_pdf_contract",
conditions=dict(method=["GET"]))
super(PublicApi, self).__init__(mapper)

747
keystone/server.py
View File

@ -31,753 +31,18 @@ HTTP_X_STORAGE_TOKEN: the client token being passed in (legacy Rackspace use)
www-authenticate : only used if this component is being used remotely
HTTP_AUTHORIZATION : basic auth password used to validate the connection
> What we add to the request for use by the OpenStack service
> What we add to the request for use by the OpenStack SERVICE
HTTP_X_AUTHORIZATION: the client identity being passed in
"""
import logging
import os
import routes
import sys
from webob import Response
POSSIBLE_TOPDIR = os.path.normpath(os.path.join(os.path.abspath(sys.argv[0]),
os.pardir,
os.pardir))
if os.path.exists(os.path.join(POSSIBLE_TOPDIR, 'keystone', '__init__.py')):
sys.path.insert(0, POSSIBLE_TOPDIR)
from keystone.common import wsgi
import keystone.backends as db
import keystone.backends.sqlalchemy
import keystone.backends.alterdb
import keystone.logic.service as serv
import keystone.logic.types.tenant as tenants
import keystone.logic.types.role as roles
import keystone.logic.types.endpoint as endpoints
import keystone.logic.types.auth as auth
import keystone.logic.types.user as users
import keystone.common.template as template
import keystone.utils as utils
from keystone.backends import alterdb, sqlalchemy #@UnusedImport (?)
from keystone.routers.public import PublicApi
from keystone.routers.admin import AdminApi
logger = logging.getLogger('keystone.server')
VERSION_STATUS = "ALPHA"
VERSION_DATE = "2011-04-23T00:00:00Z"
service = serv.IdentityService()
class StaticFilesController(wsgi.Controller):
"""
Static Files Controller -
Controller for contract documents
"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def get_pdf_contract(self, req):
resp = Response()
return template.static_file(resp, req, "content/identitydevguide.pdf",
root=utils.get_app_root(),
mimetype="application/pdf")
@utils.wrap_error
def get_wadl_contract(self, req):
resp = Response()
return template.static_file(resp, req, "identity.wadl",
root=utils.get_app_root(),
mimetype="application/vnd.sun.wadl+xml")
@utils.wrap_error
def get_xsd_contract(self, req, xsd):
resp = Response()
return template.static_file(resp, req, "/xsd/" + xsd,
root=utils.get_app_root(),
mimetype="application/xml")
@utils.wrap_error
def get_xsd_atom_contract(self, req, xsd):
resp = Response()
return template.static_file(resp, req, "/xsd/atom/" + xsd,
root=utils.get_app_root(),
mimetype="application/xml")
class VersionController(wsgi.Controller):
"""
Version Controller -
Controller for version related methods
"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def get_version_info(self, req):
resp = Response()
resp.charset = 'UTF-8'
if utils.is_xml_response(req):
resp_file = os.path.join(POSSIBLE_TOPDIR,
"keystone/content/version.xml.tpl")
resp.content_type = "application/xml"
else:
resp_file = os.path.join(POSSIBLE_TOPDIR,
"keystone/content/version.json.tpl")
resp.content_type = "application/json"
hostname = req.environ.get("SERVER_NAME")
port = req.environ.get("SERVER_PORT")
resp.unicode_body = template.template(resp_file, HOST=hostname,
PORT=port, VERSION_STATUS=VERSION_STATUS,
VERSION_DATE=VERSION_DATE)
return resp
class AuthController(wsgi.Controller):
"""
Auth Controller -
Controller for token related operations
"""
def __init__(self, options):
self.options = options
self.request = None
@utils.wrap_error
def authenticate(self, req):
self.request = req
creds = utils.get_normalized_request_content(auth.PasswordCredentials,
req)
return utils.send_result(200, req, service.authenticate(creds))
@utils.wrap_error
def validate_token(self, req, token_id):
belongs_to = None
if "belongsTo" in req.GET:
belongs_to = req.GET["belongsTo"]
rval = service.validate_token(utils.get_auth_token(req),
token_id, belongs_to)
return utils.send_result(200, req, rval)
@utils.wrap_error
def delete_token(self, req, token_id):
return utils.send_result(204, req,
service.revoke_token(utils.get_auth_token(req), token_id))
class TenantController(wsgi.Controller):
"""
Tenant Controller -
Controller for Tenant and Tenant Group related operations
"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def create_tenant(self, req):
tenant = utils.get_normalized_request_content(tenants.Tenant, req)
return utils.send_result(201, req,
service.create_tenant(utils.get_auth_token(req), tenant))
@utils.wrap_error
def get_tenants(self, req):
marker, limit, url = get_marker_limit_and_url(req)
tenants = service.get_tenants(utils.get_auth_token(req), marker,
limit, url)
return utils.send_result(200, req, tenants)
@utils.wrap_error
def get_tenant(self, req, tenant_id):
tenant = service.get_tenant(utils.get_auth_token(req), tenant_id)
return utils.send_result(200, req, tenant)
@utils.wrap_error
def update_tenant(self, req, tenant_id):
tenant = utils.get_normalized_request_content(tenants.Tenant, req)
rval = service.update_tenant(utils.get_auth_token(req), tenant_id,
tenant)
return utils.send_result(200, req, rval)
@utils.wrap_error
def delete_tenant(self, req, tenant_id):
rval = service.delete_tenant(utils.get_auth_token(req), tenant_id)
return utils.send_result(204, req, rval)
@utils.wrap_error
def create_tenant_group(self, req, tenant_id):
group = utils.get_normalized_request_content(tenants.Group, req)
return utils.send_result(201, req,
service.create_tenant_group(utils.get_auth_token(req),
tenant_id, group))
@utils.wrap_error
def get_tenant_groups(self, req, tenant_id):
marker, limit, url = get_marker_limit_and_url(req)
groups = service.get_tenant_groups(utils.get_auth_token(req),
tenant_id, marker, limit, url)
return utils.send_result(200, req, groups)
@utils.wrap_error
def get_tenant_group(self, req, tenant_id, group_id):
tenant = service.get_tenant_group(utils.get_auth_token(req), tenant_id,
group_id)
return utils.send_result(200, req, tenant)
@utils.wrap_error
def update_tenant_group(self, req, tenant_id, group_id):
group = utils.get_normalized_request_content(tenants.Group, req)
rval = service.update_tenant_group(utils.get_auth_token(req),
tenant_id, group_id, group)
return utils.send_result(200, req, rval)
@utils.wrap_error
def delete_tenant_group(self, req, tenant_id, group_id):
rval = service.delete_tenant_group(utils.get_auth_token(req),
tenant_id, group_id)
return utils.send_result(204, req, rval)
@utils.wrap_error
def get_users_tenant_group(self, req, tenant_id, group_id):
marker, limit, url = get_marker_limit_and_url(req)
users = service.get_users_tenant_group(utils.get_auth_token(req),
tenant_id, group_id, marker,
limit, url)
return utils.send_result(200, req, users)
@utils.wrap_error
def add_user_tenant_group(self, req, tenant_id, group_id, user_id):
return utils.send_result(201, req, service.add_user_tenant_group(\
utils.get_auth_token(req), tenant_id, group_id,
user_id))
@utils.wrap_error
def delete_user_tenant_group(self, req, tenant_id, group_id, user_id):
return utils.send_result(204, req, service.delete_user_tenant_group(\
utils.get_auth_token(req), tenant_id, group_id,
user_id))
class UserController(wsgi.Controller):
"""
User Controller -
Controller for User related operations
"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def create_user(self, req):
user = utils.get_normalized_request_content(users.User, req)
return utils.send_result(201, req,
service.create_user(utils.get_auth_token(req), \
user))
@utils.wrap_error
def get_users(self, req):
marker, limit, url = get_marker_limit_and_url(req)
users = service.get_users(utils.get_auth_token(req), marker,
limit, url)
return utils.send_result(200, req, users)
@utils.wrap_error
def get_user(self, req, user_id):
user = service.get_user(utils.get_auth_token(req), user_id)
return utils.send_result(200, req, user)
@utils.wrap_error
def update_user(self, req, user_id):
user = utils.get_normalized_request_content(users.User_Update, req)
rval = service.update_user(utils.get_auth_token(req),
user_id, user)
return utils.send_result(200, req, rval)
@utils.wrap_error
def delete_user(self, req, user_id):
rval = service.delete_user(utils.get_auth_token(req), user_id)
return utils.send_result(204, req, rval)
@utils.wrap_error
def set_user_password(self, req, user_id):
user = utils.get_normalized_request_content(users.User_Update, req)
rval = service.set_user_password(utils.get_auth_token(req), user_id,
user)
return utils.send_result(200, req, rval)
@utils.wrap_error
def set_user_enabled(self, req, user_id):
user = utils.get_normalized_request_content(users.User_Update, req)
rval = service.enable_disable_user(utils.get_auth_token(req), user_id,
user)
return utils.send_result(200, req, rval)
@utils.wrap_error
def update_user_tenant(self, req, user_id):
user = utils.get_normalized_request_content(users.User_Update, req)
rval = service.set_user_tenant(utils.get_auth_token(req), user_id,
user)
return utils.send_result(200, req, rval)
@utils.wrap_error
def get_tenant_users(self, req, tenant_id):
marker, limit, url = get_marker_limit_and_url(req)
users = service.get_tenant_users(utils.get_auth_token(req), \
tenant_id, marker, limit, url)
return utils.send_result(200, req, users)
@utils.wrap_error
def get_user_groups(self, req, user_id):
marker, limit, url = get_marker_limit_and_url(req)
groups = service.get_user_groups(utils.get_auth_token(req),
user_id, marker, limit, url)
return utils.send_result(200, req, groups)
class GroupsController(wsgi.Controller):
"""
Groups Controller -
Controller for Group related operations
"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def create_group(self, req):
group = utils.get_normalized_request_content(tenants.GlobalGroup, req)
return utils.send_result(201, req,
service.create_global_group(utils.get_auth_token(req),
group))
@utils.wrap_error
def get_groups(self, req):
marker, limit, url = get_marker_limit_and_url(req)
groups = service.get_global_groups(utils.get_auth_token(req),
marker, limit, url)
return utils.send_result(200, req, groups)
@utils.wrap_error
def get_group(self, req, group_id):
tenant = service.get_global_group(utils.get_auth_token(req), group_id)
return utils.send_result(200, req, tenant)
@utils.wrap_error
def update_group(self, req, group_id):
group = utils.get_normalized_request_content(tenants.GlobalGroup, req)
rval = service.update_global_group(utils.get_auth_token(req),
group_id, group)
return utils.send_result(200, req, rval)
@utils.wrap_error
def delete_group(self, req, group_id):
rval = service.delete_global_group(utils.get_auth_token(req), group_id)
return utils.send_result(204, req, rval)
@utils.wrap_error
def get_users_global_group(self, req, group_id):
marker, limit, url = get_marker_limit_and_url(req)
users = service.get_users_global_group(utils.get_auth_token(req),
group_id, marker, limit, url)
return utils.send_result(200, req, users)
@utils.wrap_error
def add_user_global_group(self, req, group_id, user_id):
return utils.send_result(201, req, service.add_user_global_group(\
utils.get_auth_token(req), group_id, user_id))
@utils.wrap_error
def delete_user_global_group(self, req, group_id, user_id):
return utils.send_result(204, req, service.delete_user_global_group(\
utils.get_auth_token(req), group_id, user_id))
class RolesController(wsgi.Controller):
"""
Roles Controller -
Controller for Role related operations
"""
def __init__(self, options):
self.options = options
# Not exposed yet.
@utils.wrap_error
def create_role(self, req):
role = utils.get_normalized_request_content(roles.Role, req)
return utils.send_result(201, req,
service.create_role(utils.get_auth_token(req),
role))
@utils.wrap_error
def get_roles(self, req):
marker, limit, url = get_marker_limit_and_url(req)
roles = service.get_roles(utils.get_auth_token(req),
marker, limit, url)
return utils.send_result(200, req, roles)
@utils.wrap_error
def get_role(self, req, role_id):
role = service.get_role(utils.get_auth_token(req), role_id)
return utils.send_result(200, req, role)
@utils.wrap_error
def create_role_ref(self, req, user_id):
roleRef = utils.get_normalized_request_content(roles.RoleRef, req)
return utils.send_result(201, req, service.create_role_ref(
utils.get_auth_token(req), user_id, roleRef))
@utils.wrap_error
def get_role_refs(self, req, user_id):
marker, limit, url = get_marker_limit_and_url(req)
roleRefs = service.get_user_roles(utils.get_auth_token(req),
marker, limit, url, user_id)
return utils.send_result(200, req, roleRefs)
@utils.wrap_error
def delete_role_ref(self, req, user_id, role_ref_id):
rval = service.delete_role_ref(utils.get_auth_token(req),
role_ref_id)
return utils.send_result(204, req, rval)
class EndpointTemplatesController(wsgi.Controller):
"""
EndpointTemplatesController Controller -
Controller for EndpointTemplates related operations
"""
def __init__(self, options):
self.options = options
@utils.wrap_error
def get_endpoint_templates(self, req):
marker, limit, url = get_marker_limit_and_url(req)
endpoint_templates = service.get_endpoint_templates(\
utils.get_auth_token(req), marker, limit, url)
return utils.send_result(200, req, endpoint_templates)
@utils.wrap_error
def get_endpoint_template(self, req, endpoint_templates_id):
endpoint_template = service.get_endpoint_template(\
utils.get_auth_token(req), endpoint_templates_id)
return utils.send_result(200, req, endpoint_template)
@utils.wrap_error
def get_endpoints_for_tenant(self, req, tenant_id):
marker, limit, url = get_marker_limit_and_url(req)
endpoints = service.get_tenant_endpoints(utils.get_auth_token(req),
marker, limit, url, tenant_id)
return utils.send_result(200, req, endpoints)
@utils.wrap_error
def add_endpoint_to_tenant(self, req, tenant_id):
endpoint = utils.get_normalized_request_content(\
endpoints.EndpointTemplate, req)
return utils.send_result(201, req,
service.create_endpoint_for_tenant(
utils.get_auth_token(req),
tenant_id, endpoint, get_url(req)))
@utils.wrap_error
def remove_endpoint_from_tenant(self, req, tenant_id, endpoints_id):
rval = service.delete_endpoint(utils.get_auth_token(req),
endpoints_id)
return utils.send_result(204, req, rval)
def get_marker_limit_and_url(req):
marker = None
limit = 10
if "marker" in req.GET:
marker = req.GET["marker"]
if "limit" in req.GET:
limit = req.GET["limit"]
url = get_url(req)
return (marker, limit, url)
def get_url(req):
return '%s://%s:%s%s' % (
req.environ['wsgi.url_scheme'],
req.environ.get("SERVER_NAME"),
req.environ.get("SERVER_PORT"),
req.environ['PATH_INFO'])
class KeystoneAPI(wsgi.Router):
"""WSGI entry point for public Keystone API requests."""
def __init__(self, options):
self.options = options
mapper = routes.Mapper()
db.configure_backends(options)
# Token Operations
auth_controller = AuthController(options)
mapper.connect("/v2.0/tokens", controller=auth_controller,
action="authenticate",
conditions=dict(method=["POST"]))
# Tenant Operations
tenant_controller = TenantController(options)
mapper.connect("/v2.0/tenants", controller=tenant_controller,
action="get_tenants", conditions=dict(method=["GET"]))
# Miscellaneous Operations
version_controller = VersionController(options)
mapper.connect("/v2.0", controller=version_controller,
action="get_version_info",
conditions=dict(method=["GET"]))
# Static Files Controller
static_files_controller = StaticFilesController(options)
mapper.connect("/v2.0/identitydevguide.pdf",
controller=static_files_controller,
action="get_pdf_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/identity.wadl",
controller=static_files_controller,
action="get_wadl_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/xsd/{xsd}",
controller=static_files_controller,
action="get_pdf_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/xsd/atom/{xsd}",
controller=static_files_controller,
action="get_pdf_contract",
conditions=dict(method=["GET"]))
super(KeystoneAPI, self).__init__(mapper)
class KeystoneAdminAPI(wsgi.Router):
"""WSGI entry point for admin Keystone API requests."""
def __init__(self, options):
self.options = options
mapper = routes.Mapper()
db.configure_backends(options)
# Token Operations
auth_controller = AuthController(options)
mapper.connect("/v2.0/tokens", controller=auth_controller,
action="authenticate",
conditions=dict(method=["POST"]))
mapper.connect("/v2.0/tokens/{token_id}", controller=auth_controller,
action="validate_token",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tokens/{token_id}", controller=auth_controller,
action="delete_token",
conditions=dict(method=["DELETE"]))
# Tenant Operations
tenant_controller = TenantController(options)
mapper.connect("/v2.0/tenants", controller=tenant_controller,
action="create_tenant",
conditions=dict(method=["PUT", "POST"]))
mapper.connect("/v2.0/tenants", controller=tenant_controller,
action="get_tenants", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}",
controller=tenant_controller,
action="get_tenant", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}",
controller=tenant_controller,
action="update_tenant", conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/tenants/{tenant_id}",
controller=tenant_controller,
action="delete_tenant", conditions=dict(method=["DELETE"]))
# Tenant Group Operations
mapper.connect("/v2.0/tenants/{tenant_id}/groups",
controller=tenant_controller,
action="create_tenant_group",
conditions=dict(method=["PUT", "POST"]))
mapper.connect("/v2.0/tenants/{tenant_id}/groups",
controller=tenant_controller,
action="get_tenant_groups",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}/groups/{group_id}",
controller=tenant_controller,
action="get_tenant_group",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}/groups/{group_id}",
controller=tenant_controller,
action="update_tenant_group",
conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/tenants/{tenant_id}/groups/{group_id}",
controller=tenant_controller,
action="delete_tenant_group",
conditions=dict(method=["DELETE"]))
mapper.connect("/v2.0/tenants/{tenant_id}/groups/{group_id}/users",
controller=tenant_controller,
action="get_users_tenant_group",
conditions=dict(method=["GET"]))
mapper.connect(
"/v2.0/tenants/{tenant_id}/groups/{group_id}/users/{user_id}",
controller=tenant_controller,
action="add_user_tenant_group",
conditions=dict(method=["PUT"]))
mapper.connect(
"/v2.0/tenants/{tenant_id}/groups/{group_id}/users/{user_id}",
controller=tenant_controller,
action="delete_user_tenant_group",
conditions=dict(method=["DELETE"]))
# User Operations
user_controller = UserController(options)
mapper.connect("/v2.0/users",
controller=user_controller,
action="create_user",
conditions=dict(method=["PUT", "POST"]))
mapper.connect("/v2.0/users",
controller=user_controller,
action="get_users",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/users/{user_id}",
controller=user_controller,
action="get_user",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/users/{user_id}",
controller=user_controller,
action="update_user",
conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/users/{user_id}",
controller=user_controller,
action="delete_user",
conditions=dict(method=["DELETE"]))
mapper.connect("/v2.0/users/{user_id}/password",
controller=user_controller,
action="set_user_password",
conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/users/{user_id}/tenant",
controller=user_controller,
action="update_user_tenant",
conditions=dict(method=["PUT"]))
# Test this, test failed
mapper.connect("/v2.0/users/{user_id}/enabled",
controller=user_controller,
action="set_user_enabled",
conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/users/{user_id}/groups",
controller=user_controller,
action="get_user_groups",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}/users",
controller=user_controller,
action="get_tenant_users",
conditions=dict(method=["GET"]))
#Global Groups
groups_controller = GroupsController(options)
mapper.connect("/v2.0/groups", controller=groups_controller,
action="create_group",
conditions=dict(method=["PUT", "POST"]))
mapper.connect("/v2.0/groups", controller=groups_controller,
action="get_groups", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/groups/{group_id}", controller=groups_controller,
action="get_group", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/groups/{group_id}", controller=groups_controller,
action="update_group", conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/groups/{group_id}", controller=groups_controller,
action="delete_group", conditions=dict(method=["DELETE"]))
mapper.connect("/v2.0/groups/{group_id}/users",
controller=groups_controller,
action="get_users_global_group",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/groups/{group_id}/users/{user_id}",
controller=groups_controller,
action="add_user_global_group",
conditions=dict(method=["PUT"]))
mapper.connect("/v2.0/groups/{group_id}/users/{user_id}",
controller=groups_controller,
action="delete_user_global_group",
conditions=dict(method=["DELETE"]))
#Roles and RoleRefs
roles_controller = RolesController(options)
mapper.connect("/v2.0/roles", controller=roles_controller,
action="get_roles", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/roles/{role_id}", controller=roles_controller,
action="get_role", conditions=dict(method=["GET"]))
mapper.connect("/v2.0/users/{user_id}/roleRefs",
controller=roles_controller, action="get_role_refs",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/users/{user_id}/roleRefs",
controller=roles_controller, action="create_role_ref",
conditions=dict(method=["POST"]))
mapper.connect("/v2.0/users/{user_id}/roleRefs/{role_ref_id}",
controller=roles_controller, action="delete_role_ref",
conditions=dict(method=["DELETE"]))
#EndpointTemplatesControllers and Endpoints
endpoint_templates_controller = EndpointTemplatesController(options)
mapper.connect("/v2.0/endpointTemplates",
controller=endpoint_templates_controller,
action="get_endpoint_templates",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/endpointTemplates/{endpoint_templates_id}",
controller=endpoint_templates_controller,
action="get_endpoint_template",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}/endpoints",
controller=endpoint_templates_controller,
action="get_endpoints_for_tenant",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/tenants/{tenant_id}/endpoints",
controller=endpoint_templates_controller,
action="add_endpoint_to_tenant",
conditions=dict(method=["POST"]))
mapper.connect(
"/v2.0/tenants/{tenant_id}/endpoints/{endpoints_id}",
controller=endpoint_templates_controller,
action="remove_endpoint_from_tenant",
conditions=dict(method=["DELETE"]))
# Miscellaneous Operations
version_controller = VersionController(options)
mapper.connect("/v2.0", controller=version_controller,
action="get_version_info",
conditions=dict(method=["GET"]))
# Static Files Controller
static_files_controller = StaticFilesController(options)
mapper.connect("/v2.0/identitydevguide.pdf",
controller=static_files_controller,
action="get_pdf_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/identity.wadl",
controller=static_files_controller,
action="get_wadl_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/xsd/{xsd}",
controller=static_files_controller,
action="get_xsd_contract",
conditions=dict(method=["GET"]))
mapper.connect("/v2.0/xsd/atom/{xsd}",
controller=static_files_controller,
action="get_xsd_atom_contract",
conditions=dict(method=["GET"]))
super(KeystoneAdminAPI, self).__init__(mapper)
def app_factory(global_conf, **local_conf):
"""paste.deploy app factory for creating OpenStack API server apps"""
try:
@ -785,7 +50,7 @@ def app_factory(global_conf, **local_conf):
conf.update(local_conf)
except Exception as err:
print err
return KeystoneAPI(conf)
return PublicApi(conf)
def admin_app_factory(global_conf, **local_conf):
@ -795,4 +60,4 @@ def admin_app_factory(global_conf, **local_conf):
conf.update(local_conf)
except Exception as err:
print err
return KeystoneAdminAPI(conf)
return AdminApi(conf)