From 85f9a93f16e6b0a134ef392988aa1e973a616ce5 Mon Sep 17 00:00:00 2001 From: Brant Knudson Date: Sat, 1 Feb 2014 11:06:32 -0600 Subject: [PATCH] Move v3_to_v2_user from manager to controller Managers should have no knowledge of v2 or v3, only the controllers should, so this moves the v3_to_v2_user function from the identity manager to common.controller.V2Controller. Change-Id: I0c111245965a2578cfe1d7c9f1ca2df2f612b0d9 --- keystone/assignment/controllers.py | 2 +- keystone/common/controller.py | 41 ++++++++++++++++++++++++++++ keystone/contrib/ec2/controllers.py | 2 +- keystone/identity/controllers.py | 12 ++++----- keystone/identity/core.py | 42 ----------------------------- keystone/tests/test_v3_identity.py | 10 +++---- keystone/token/controllers.py | 2 +- 7 files changed, 55 insertions(+), 56 deletions(-) diff --git a/keystone/assignment/controllers.py b/keystone/assignment/controllers.py index 9f5dbfa128..8f9feeb0ff 100644 --- a/keystone/assignment/controllers.py +++ b/keystone/assignment/controllers.py @@ -135,7 +135,7 @@ class Tenant(controller.V2Controller): user_ids = self.assignment_api.list_user_ids_for_project(tenant_id) for user_id in user_ids: user_ref = self.identity_api.get_user(user_id) - user_refs.append(self.identity_api.v3_to_v2_user(user_ref)) + user_refs.append(self.v3_to_v2_user(user_ref)) return {'users': user_refs} def _format_project_list(self, tenant_refs, **kwargs): diff --git a/keystone/common/controller.py b/keystone/common/controller.py index 6347e39cf0..046f3b517b 100644 --- a/keystone/common/controller.py +++ b/keystone/common/controller.py @@ -221,6 +221,47 @@ class V2Controller(wsgi.Application): ref['name'] = ref.pop('username') return ref + @staticmethod + def v3_to_v2_user(ref): + """Convert a user_ref from v3 to v2 compatible. + + * v2.0 users are not domain aware, and should have domain_id removed + * v2.0 users expect the use of tenantId instead of default_project_id + * v2.0 users have a username attribute + + This method should only be applied to user_refs being returned from the + v2.0 controller(s). + + If ref is a list type, we will iterate through each element and do the + conversion. + """ + + def _format_default_project_id(ref): + """Convert default_project_id to tenantId for v2 calls.""" + default_project_id = ref.pop('default_project_id', None) + if default_project_id is not None: + ref['tenantId'] = default_project_id + elif 'tenantId' in ref: + # NOTE(morganfainberg): To avoid v2.0 confusion if somehow a + # tenantId property sneaks its way into the extra blob on the + # user, we remove it here. If default_project_id is set, we + # would override it in either case. + del ref['tenantId'] + + def _normalize_and_filter_user_properties(ref): + """Run through the various filter/normalization methods.""" + _format_default_project_id(ref) + V2Controller.filter_domain_id(ref) + V2Controller.normalize_username_in_response(ref) + return ref + + if isinstance(ref, dict): + return _normalize_and_filter_user_properties(ref) + elif isinstance(ref, list): + return [_normalize_and_filter_user_properties(x) for x in ref] + else: + raise ValueError(_('Expected dict or list: %s') % type(ref)) + @dependency.requires('policy_api', 'token_api') class V3Controller(wsgi.Application): diff --git a/keystone/contrib/ec2/controllers.py b/keystone/contrib/ec2/controllers.py index 44b1549caa..1139a9c9b8 100644 --- a/keystone/contrib/ec2/controllers.py +++ b/keystone/contrib/ec2/controllers.py @@ -128,7 +128,7 @@ class Ec2Controller(controller.V2Controller): # NOTE(morganfainberg): Make sure the data is in correct form since it # might be consumed external to Keystone and this is a v2.0 controller. # The token provider doesn't actually expect either v2 or v3 user data. - user_ref = self.identity_api.v3_to_v2_user(user_ref) + user_ref = self.v3_to_v2_user(user_ref) auth_token_data = dict(user=user_ref, tenant=tenant_ref, metadata=metadata_ref, diff --git a/keystone/identity/controllers.py b/keystone/identity/controllers.py index 1007bc9730..57ba19136d 100644 --- a/keystone/identity/controllers.py +++ b/keystone/identity/controllers.py @@ -98,7 +98,7 @@ class User(controller.V2Controller): def get_user(self, context, user_id): self.assert_admin(context) ref = self.identity_api.get_user(user_id) - return {'user': self.identity_api.v3_to_v2_user(ref)} + return {'user': self.v3_to_v2_user(ref)} @controller.v2_deprecated def get_users(self, context): @@ -110,14 +110,14 @@ class User(controller.V2Controller): self.assert_admin(context) user_list = self.identity_api.list_users() - return {'users': self.identity_api.v3_to_v2_user(user_list)} + return {'users': self.v3_to_v2_user(user_list)} @controller.v2_deprecated def get_user_by_name(self, context, user_name): self.assert_admin(context) ref = self.identity_api.get_user_by_name( user_name, CONF.identity.default_domain_id) - return {'user': self.identity_api.v3_to_v2_user(ref)} + return {'user': self.v3_to_v2_user(ref)} # CRUD extension @controller.v2_deprecated @@ -143,7 +143,7 @@ class User(controller.V2Controller): user_id = uuid.uuid4().hex user_ref = self._normalize_domain_id(context, user.copy()) user_ref['id'] = user_id - new_user_ref = self.identity_api.v3_to_v2_user( + new_user_ref = self.v3_to_v2_user( self.identity_api.create_user(user_id, user_ref)) if default_project_id is not None: @@ -165,7 +165,7 @@ class User(controller.V2Controller): if default_project_id is not None: user['default_project_id'] = default_project_id - old_user_ref = self.identity_api.v3_to_v2_user( + old_user_ref = self.v3_to_v2_user( self.identity_api.get_user(user_id)) # Check whether a tenant is being added or changed for the user. @@ -181,7 +181,7 @@ class User(controller.V2Controller): # user update. self.assignment_api.get_project(default_project_id) - user_ref = self.identity_api.v3_to_v2_user( + user_ref = self.v3_to_v2_user( self.identity_api.update_user(user_id, user)) # If 'tenantId' is in either ref, we might need to add or remove the diff --git a/keystone/identity/core.py b/keystone/identity/core.py index 106d556826..acce24302a 100644 --- a/keystone/identity/core.py +++ b/keystone/identity/core.py @@ -24,7 +24,6 @@ from oslo.config import cfg import six from keystone import clean -from keystone.common import controller from keystone.common import dependency from keystone.common import driver_hints from keystone.common import manager @@ -218,47 +217,6 @@ class Manager(manager.Manager): super(Manager, self).__init__(CONF.identity.driver) self.domain_configs = DomainConfigs() - @staticmethod - def v3_to_v2_user(ref): - """Convert a user_ref from v3 to v2 compatible. - - * v2.0 users are not domain aware, and should have domain_id removed - * v2.0 users expect the use of tenantId instead of default_project_id - * v2.0 users have a username attribute - - This method should only be applied to user_refs being returned from the - v2.0 controller(s). - - If ref is a list type, we will iterate through each element and do the - conversion. - """ - - def _format_default_project_id(ref): - """Convert default_project_id to tenantId for v2 calls.""" - default_project_id = ref.pop('default_project_id', None) - if default_project_id is not None: - ref['tenantId'] = default_project_id - elif 'tenantId' in ref: - # NOTE(morganfainberg): To avoid v2.0 confusion if somehow a - # tenantId property sneaks its way into the extra blob on the - # user, we remove it here. If default_project_id is set, we - # would override it in either case. - del ref['tenantId'] - - def _normalize_and_filter_user_properties(ref): - """Run through the various filter/normalization methods.""" - _format_default_project_id(ref) - controller.V2Controller.filter_domain_id(ref) - controller.V2Controller.normalize_username_in_response(ref) - return ref - - if isinstance(ref, dict): - return _normalize_and_filter_user_properties(ref) - elif isinstance(ref, list): - return [_normalize_and_filter_user_properties(x) for x in ref] - else: - raise ValueError(_('Expected dict or list: %s') % type(ref)) - # Domain ID normalization methods def _set_domain_id(self, ref, domain_id): diff --git a/keystone/tests/test_v3_identity.py b/keystone/tests/test_v3_identity.py index a9046bd1fc..5ec590c652 100644 --- a/keystone/tests/test_v3_identity.py +++ b/keystone/tests/test_v3_identity.py @@ -1706,22 +1706,22 @@ class TestV3toV2Methods(tests.TestCase): def test_v3_to_v2_user_method(self): - updated_user1 = self.identity_api.v3_to_v2_user(self.user1) + updated_user1 = controller.V2Controller.v3_to_v2_user(self.user1) self.assertIs(self.user1, updated_user1) self.assertDictEqual(self.user1, self.expected_user) - updated_user2 = self.identity_api.v3_to_v2_user(self.user2) + updated_user2 = controller.V2Controller.v3_to_v2_user(self.user2) self.assertIs(self.user2, updated_user2) self.assertDictEqual(self.user2, self.expected_user_no_tenant_id) - updated_user3 = self.identity_api.v3_to_v2_user(self.user3) + updated_user3 = controller.V2Controller.v3_to_v2_user(self.user3) self.assertIs(self.user3, updated_user3) self.assertDictEqual(self.user3, self.expected_user) - updated_user4 = self.identity_api.v3_to_v2_user(self.user4) + updated_user4 = controller.V2Controller.v3_to_v2_user(self.user4) self.assertIs(self.user4, updated_user4) self.assertDictEqual(self.user4, self.expected_user_no_tenant_id) def test_v3_to_v2_user_method_list(self): user_list = [self.user1, self.user2, self.user3, self.user4] - updated_list = self.identity_api.v3_to_v2_user(user_list) + updated_list = controller.V2Controller.v3_to_v2_user(user_list) self.assertEqual(len(updated_list), len(user_list)) diff --git a/keystone/token/controllers.py b/keystone/token/controllers.py index 05be38a540..998a0c7f6c 100644 --- a/keystone/token/controllers.py +++ b/keystone/token/controllers.py @@ -106,7 +106,7 @@ class Auth(controller.V2Controller): # The user_ref is encoded into the auth_token_data which is returned as # part of the token data. The token provider doesn't care about the # format. - user_ref = self.identity_api.v3_to_v2_user(user_ref) + user_ref = self.v3_to_v2_user(user_ref) if tenant_ref: tenant_ref = self.filter_domain_id(tenant_ref) auth_token_data = self._get_auth_token_data(user_ref,