Remove kwargs from manager calls / general cleanup
Cleaned up keystone.trust.controllers.TrustV3.delete_trust to use the proper "delete_tokens" method from the token_api. Added "delete_trust" reference method to keystone.trust.core.Driver. Named-argument cleanup: This patch removes some use of kwargs from manager calls where not required. Dogpile.cache (the targeted caching library) does not support kwargs out of the box with its cache-key-generator. This change allows us to support the default cache-key-generator. Cleanup done on a couple calls in keystone.assignment.core to remove un-needed named-arguments. Added a note on keystone.token.core.Driver indicating that list_tokens should be considered a private method only used by "delete_tokens" and if treated as such, should not need caching. In keystone.common.controller.V3Controller._get_domain_id_for_request fixed named-argument call to token_api.get_token In keystone.contrib.oauth1.controllers.OAuthControllerV3.authorize fixed named-argument call to token_api.get_token partial-blueprint: caching-layer-for-driver-calls Change-Id: I1fddb4e2db9a24a9ebc544aabe63a3b1fdcfc374
This commit is contained in:
parent
14cba15fcb
commit
97922ad458
|
@ -70,8 +70,7 @@ class Manager(manager.Manager):
|
|||
"""
|
||||
def _get_group_project_roles(user_id, project_ref):
|
||||
role_list = []
|
||||
group_refs = (self.identity_api.list_groups_for_user
|
||||
(user_id=user_id))
|
||||
group_refs = self.identity_api.list_groups_for_user(user_id)
|
||||
for x in group_refs:
|
||||
try:
|
||||
metadata_ref = self._get_metadata(
|
||||
|
@ -136,8 +135,7 @@ class Manager(manager.Manager):
|
|||
|
||||
def _get_group_domain_roles(user_id, domain_id):
|
||||
role_list = []
|
||||
group_refs = (self.identity_api.
|
||||
list_groups_for_user(user_id=user_id))
|
||||
group_refs = self.identity_api.list_groups_for_user(user_id)
|
||||
for x in group_refs:
|
||||
try:
|
||||
metadata_ref = self._get_metadata(group_id=x['id'],
|
||||
|
|
|
@ -317,8 +317,7 @@ class V3Controller(V2Controller):
|
|||
# a v3 protected call). However, this optimization is probably not
|
||||
# worth the duplication of state
|
||||
try:
|
||||
token_ref = self.token_api.get_token(
|
||||
token_id=context['token_id'])
|
||||
token_ref = self.token_api.get_token(context['token_id'])
|
||||
except exception.TokenNotFound:
|
||||
LOG.warning(_('Invalid token in _get_domain_id_for_request'))
|
||||
raise exception.Unauthorized()
|
||||
|
|
|
@ -347,7 +347,7 @@ class OAuthControllerV3(controller.V3Controller):
|
|||
req_set.add(x['id'])
|
||||
|
||||
# verify the authorizing user has the roles
|
||||
user_token = self.token_api.get_token(token_id=context['token_id'])
|
||||
user_token = self.token_api.get_token(context['token_id'])
|
||||
credentials = user_token['metadata'].copy()
|
||||
user_roles = credentials.get('roles')
|
||||
user_id = user_token['user'].get('id')
|
||||
|
|
|
@ -177,12 +177,15 @@ class Driver(object):
|
|||
def delete_tokens(self, user_id, tenant_id=None, trust_id=None,
|
||||
consumer_id=None):
|
||||
"""Deletes tokens by user.
|
||||
|
||||
If the tenant_id is not None, only delete the tokens by user id under
|
||||
the specified tenant.
|
||||
|
||||
If the trust_id is not None, it will be used to query tokens and the
|
||||
user_id will be ignored.
|
||||
|
||||
If the consumer_id is not None, only delete the tokens by consumer id
|
||||
that match the specified consumer id
|
||||
that match the specified consumer id.
|
||||
|
||||
:param user_id: identity of user
|
||||
:type user_id: string
|
||||
|
@ -211,6 +214,10 @@ class Driver(object):
|
|||
consumer_id=None):
|
||||
"""Returns a list of current token_id's for a user
|
||||
|
||||
This is effectively a private method only used by the ``delete_tokens``
|
||||
method and should not be called by anything outside of the
|
||||
``token_api`` manager or the token driver itself.
|
||||
|
||||
:param user_id: identity of the user
|
||||
:type user_id: string
|
||||
:param tenant_id: identity of the tenant
|
||||
|
|
|
@ -202,9 +202,7 @@ class TrustV3(controller.V3Controller):
|
|||
_admin_trustor_only(context, trust, user_id)
|
||||
self.trust_api.delete_trust(trust_id)
|
||||
userid = trust['trustor_user_id']
|
||||
token_list = self.token_api.list_tokens(userid, trust_id=trust_id)
|
||||
for token in token_list:
|
||||
self.token_api.delete_token(token)
|
||||
self.token_api.delete_tokens(userid, trust_id=trust_id)
|
||||
|
||||
@controller.protected
|
||||
def list_roles_for_trust(self, context, trust_id):
|
||||
|
|
|
@ -60,3 +60,6 @@ class Driver(object):
|
|||
|
||||
def list_trusts_for_trustor(self, trustor):
|
||||
raise exception.NotImplemented()
|
||||
|
||||
def delete_trust(self, trust_id):
|
||||
raise exception.NotImplemented()
|
||||
|
|
Loading…
Reference in New Issue