Merge "Minor cleanup from patch 429047"
This commit is contained in:
commit
898c921fab
@ -223,7 +223,7 @@ class IdentityDriverBase(object):
|
||||
|
||||
@abc.abstractmethod
|
||||
def unset_default_project_id(self, project_id):
|
||||
"""Unset a users default project given a specific project ID.
|
||||
"""Unset a user's default project given a specific project ID.
|
||||
|
||||
:param str project_id: project ID
|
||||
|
||||
|
@ -88,8 +88,8 @@ class Identity(base.IdentityDriverBase):
|
||||
return self.user.get_all_filtered(hints)
|
||||
|
||||
def unset_default_project_id(self, project_id):
|
||||
# This function is not implemented for the LDAP backend
|
||||
# LDAP backend is readonly.
|
||||
# This function is not implemented for the LDAP backend. The LDAP
|
||||
# backend is readonly.
|
||||
self._disallow_write()
|
||||
|
||||
def get_user_by_name(self, user_name, domain_id):
|
||||
|
@ -491,7 +491,7 @@ class Manager(manager.Manager):
|
||||
self.event_callbacks = {
|
||||
notifications.ACTIONS.deleted: {
|
||||
'domain': [self._domain_deleted],
|
||||
'project': [self._set_default_project_to_none],
|
||||
'project': [self._unset_default_project],
|
||||
},
|
||||
}
|
||||
|
||||
@ -522,15 +522,13 @@ class Manager(manager.Manager):
|
||||
'cleanup.'),
|
||||
{'userid': user['id'], 'domainid': domain_id})
|
||||
|
||||
def _set_default_project_to_none(self, service, resource_type, operation,
|
||||
def _unset_default_project(self, service, resource_type, operation,
|
||||
payload):
|
||||
"""Callback, clears user default_project_id after project deletion.
|
||||
|
||||
Notification approach was used instead of using a FK constraint.
|
||||
Reason being, operators are allowed to have separate backends for
|
||||
various keystone subsystems. This doesn't guarantee that projects and
|
||||
users will be stored in the same backend, meaning we can't rely on FK
|
||||
constraints to do this work for us.
|
||||
Notifications are used to unset a user's default project because
|
||||
there is no foreign key to the project. Projects can be in a non-SQL
|
||||
backend, making FKs impossible.
|
||||
|
||||
"""
|
||||
project_id = payload['resource_info']
|
||||
|
@ -1,14 +1,13 @@
|
||||
fixes:
|
||||
- |
|
||||
[`bug 1523369 <https://bugs.launchpad.net/keystone/+bug/1523369>`_]
|
||||
Currently, if a project is deleted, it is not removed as a user's default
|
||||
project id. Now the default project id is set to none, however changes may
|
||||
not be visible until memcache end of life.
|
||||
Deleting a project will now cause it to be removed as a default project
|
||||
for users. If caching is enabled the changes may not be visible until the
|
||||
user's cache entry expires.
|
||||
|
||||
upgrade:
|
||||
- |
|
||||
The identity backend driver interface has changed. We've added a new
|
||||
``unset_default_project_id(project_id)`` method to unset a users default
|
||||
project id matching the given project id. If you have a custom
|
||||
implementation for the identity driver, you will need to implement this
|
||||
new method.
|
||||
The identity backend driver interface has changed. A new method,
|
||||
``unset_default_project_id(project_id)``, was added to unset a user's
|
||||
default project ID for a given project ID. Custom backend implementations
|
||||
must implement this method.
|
||||
|
Loading…
Reference in New Issue
Block a user