Merge "Minor cleanup from patch 429047"

This commit is contained in:
Jenkins 2017-03-05 05:59:18 +00:00 committed by Gerrit Code Review
commit 898c921fab
4 changed files with 16 additions and 19 deletions

View File

@ -223,7 +223,7 @@ class IdentityDriverBase(object):
@abc.abstractmethod
def unset_default_project_id(self, project_id):
"""Unset a users default project given a specific project ID.
"""Unset a user's default project given a specific project ID.
:param str project_id: project ID

View File

@ -88,8 +88,8 @@ class Identity(base.IdentityDriverBase):
return self.user.get_all_filtered(hints)
def unset_default_project_id(self, project_id):
# This function is not implemented for the LDAP backend
# LDAP backend is readonly.
# This function is not implemented for the LDAP backend. The LDAP
# backend is readonly.
self._disallow_write()
def get_user_by_name(self, user_name, domain_id):

View File

@ -491,7 +491,7 @@ class Manager(manager.Manager):
self.event_callbacks = {
notifications.ACTIONS.deleted: {
'domain': [self._domain_deleted],
'project': [self._set_default_project_to_none],
'project': [self._unset_default_project],
},
}
@ -522,15 +522,13 @@ class Manager(manager.Manager):
'cleanup.'),
{'userid': user['id'], 'domainid': domain_id})
def _set_default_project_to_none(self, service, resource_type, operation,
payload):
def _unset_default_project(self, service, resource_type, operation,
payload):
"""Callback, clears user default_project_id after project deletion.
Notification approach was used instead of using a FK constraint.
Reason being, operators are allowed to have separate backends for
various keystone subsystems. This doesn't guarantee that projects and
users will be stored in the same backend, meaning we can't rely on FK
constraints to do this work for us.
Notifications are used to unset a user's default project because
there is no foreign key to the project. Projects can be in a non-SQL
backend, making FKs impossible.
"""
project_id = payload['resource_info']

View File

@ -1,14 +1,13 @@
fixes:
- |
[`bug 1523369 <https://bugs.launchpad.net/keystone/+bug/1523369>`_]
Currently, if a project is deleted, it is not removed as a user's default
project id. Now the default project id is set to none, however changes may
not be visible until memcache end of life.
Deleting a project will now cause it to be removed as a default project
for users. If caching is enabled the changes may not be visible until the
user's cache entry expires.
upgrade:
- |
The identity backend driver interface has changed. We've added a new
``unset_default_project_id(project_id)`` method to unset a users default
project id matching the given project id. If you have a custom
implementation for the identity driver, you will need to implement this
new method.
The identity backend driver interface has changed. A new method,
``unset_default_project_id(project_id)``, was added to unset a user's
default project ID for a given project ID. Custom backend implementations
must implement this method.