400 Commits

Author SHA1 Message Date
Jenkins
a478674ac9 Merge "Simplify rule in sample v3 policy file" 2015-08-27 09:35:16 +00:00
Jenkins
03e4cb62e9 Merge "Use entrypoints for paste middleware and apps" 2015-08-27 00:25:31 +00:00
OpenStack Proposal Bot
a42db6085b Updating sample configuration file
Change-Id: I7de26f050d81840abe669b835568ea6abdfd183a
2015-08-20 03:29:56 +00:00
David Stanek
4bda26a7e3 Use entrypoints for paste middleware and apps
This will allow us to get the code paths out of our paste.ini!

Change-Id: Ie361d1be7d01d0d2398f5fc528da3fe6170d1353
2015-08-19 19:59:48 +00:00
OpenStack Proposal Bot
a6a3960876 Updating sample configuration file
Change-Id: I04d78c4c2035088fb22258e54e2540238dd0e95b
2015-08-14 13:26:11 +00:00
Timothy Symanczyk
85b8158395 Simplify rule in sample v3 policy file
Remove redundant rule:cloud_admin from list_role_assignment
rule in sample v3 policy file.

Closes-Bug: #1485104

Change-Id: I0b65585c675c5b249d92cdce412efa7f3ac3c41b
2015-08-14 02:09:25 -07:00
Jenkins
9491af2db6 Merge "Remove reference of old endpoint_policy in paste file" 2015-08-08 10:34:25 +00:00
OpenStack Proposal Bot
727036f4f7 Updating sample configuration file
Change-Id: Id2835bf0d4e17cd018cd6ce734d04748b119a8ce
2015-08-07 22:51:36 +00:00
Jenkins
f7bf1c0281 Merge "Allow Domain Admin to get domain details" 2015-08-07 18:28:11 +00:00
Steve Martinelli
c6dd5e04bd Remove reference of old endpoint_policy in paste file
By referencing the old endpoint_policy in contrib, we are causing
deprecation warnings to appear in log files. We no longer need
to create a filter and include it, since it's in core now.

Change-Id: Id711163b76c9a81a650bc03ec08964129e167514
Closes-Bug: 1482500
2015-08-07 11:18:02 -07:00
daniel-a-nguyen
1d39b590b8 Allow Domain Admin to get domain details
This will give Domain Admin the ability to retrieve the details
for it's domain.

Change-Id: Ia82aaa686a7381be0b3f46c1d90658c1f1e1167d
Closes-Bug: #1480480
2015-08-05 17:32:01 -07:00
OpenStack Proposal Bot
970c9ad7d4 Updating sample configuration file
Change-Id: If77bc355329d9f1cc5a647f552b3fa2532465f36
2015-08-04 01:08:22 +00:00
OpenStack Proposal Bot
6570f475ec Updating sample configuration file
Change-Id: I0c6985a07d4b085beadb2dc25c246e7e67c46972
2015-07-27 21:04:11 +00:00
OpenStack Proposal Bot
49105527d5 Updating sample configuration file
Change-Id: I79a8fbeadd0530ff9409f94f4efd48770805097a
I748369eea6e048d98920da8171061ebc7b77fc03
Ia04f2b33eaaf42152af0f9b2c762ba3a77c9b050
Ibee973b6feb4e43125ce78bf303a2666ee1716f4
2015-07-23 00:58:43 +00:00
OpenStack Proposal Bot
86f098975f Updating sample configuration file
Change-Id: I81f383da8866d5da78e2c600add113eadafc7ea3
2015-07-13 20:00:46 +00:00
OpenStack Proposal Bot
38a1f34e6b Updating sample configuration file
Change-Id: Ieec8fad3919b798b80971e2574d16c8d3dcd6c68
2015-07-07 00:12:08 +00:00
Brant Knudson
51ff4966c1 Update sample config file
The sample config file was out of date.

Change-Id: I11d0bde7aec47ffc390822e90f59db639508f43c
2015-06-27 03:10:49 +00:00
Brant Knudson
50328c8910 Update sample configuration file
The sample configuration file was out of date. Updated with

 tox -e genconfig

Change-Id: I4399c5705ffc6250dd4cf35912c041d5da6fc9ff
2015-06-22 21:28:08 +00:00
Brant Knudson
2118dc33ab Update sample configuration file
The sample configuration file was out of date. Updated using

 tox -e genconfig

Change-Id: I352b1e23f73476115253e08c50f5035641fd9dcf
2015-06-21 07:34:58 -05:00
Jenkins
653692fa14 Merge "Fix sample policy to allow user to check own token" 2015-06-09 14:40:09 +00:00
Brant Knudson
6000cd2950 Update sample config file
The sample config file was out of date.

Change-Id: I69bf8c6025e70c567c09326073bd1d0d1861a68b
2015-05-31 11:16:00 -05:00
Brant Knudson
0021cdae56 Update sample config file
The sample config file was out of date. There are two [cors]
sections in the current one for some reason.

Regenerated using

 tox -e genconfig

Change-Id: I7e98e20624a80fe53e8d8d2dce1f136f27268f97
2015-05-22 14:17:00 -05:00
Jenkins
4e21f4659a Merge "Update sample config file" 2015-05-11 21:38:08 +00:00
Brant Knudson
f3d0c038e5 Update sample config file
The sample config file was out of date.

Change-Id: I3562bad3db7c2337f8c7bd32c642e562c251fb4d
2015-05-10 11:07:29 -05:00
Brant Knudson
a2436c47a4 Update sample config
The sample config file was out of date.

Change-Id: I404256a927f3f45a8155e0dd54f425b40f5d7cb3
2015-04-25 08:11:49 -05:00
Brant Knudson
6808486135 Fix sample policy to allow user to check own token
The sample policy file wouldn't allow a user to check their own
token.

Change-Id: I8853d2b8c5aabea03564a33df7daddb969fcd4b3
Closes-Bug: 1421825
2015-04-25 07:31:32 -05:00
Jenkins
2f9a6668d9 Merge "Update keystone.sample.conf" 2015-04-18 19:27:45 +00:00
lin-hua-cheng
060081cc91 Remove unused policy rule for get_trust
The policy rule for get_trust is misleading for operators
since it is not used by the trust controller.

Change-Id: I885ccbafef8bb9ca73ca6fab110176291bb3a542
Closes-Bug: #1444748
2015-04-15 16:33:09 -07:00
Jenkins
27f887b0aa Merge "Add routing for list_endpoint_groups_for_project" 2015-04-14 10:58:16 +00:00
Lance Bragstad
443f71c08f Update keystone.sample.conf
This change updates the sample configuration for Keystone to include the
'choices' work that's been added to oslo_config.

Change-Id: I5d9a19b26abc7ef19d898bace6de53ad716ecc28
2015-04-10 18:27:37 +00:00
Steve Martinelli
883d564c54 Update sample config file
adds a few more config options to the sample in time for kilo
release.

Change-Id: I93e21e299b70fc2ab5e42d9201ea980938017cfb
2015-04-02 11:16:45 -04:00
lin-hua-cheng
494a185f87 Add routing for list_endpoint_groups_for_project
Add missing routing mapping to "list_endpoint_groups_for_project".
Now that mapping has been corrected, adding back the policy rule
"identity:list_endpoint_groups_for_project" in the sample policy
file.

Change-Id: Iedc0622cd472d630346b7ae8e662ab88de6c52cb
Closes-Bug: #1421968
2015-03-27 11:07:14 -07:00
Steve Martinelli
59dbaca406 Revert "Document mapping of policy action to operation"
Causes issues with oslo.policy and ironic

This reverts commit 9e845eaae0c20d56d437b48c0dea93ce45833ee0.

Closes-Bug: 1437032
Change-Id: I5cd7445a15a5c4f20f7f018eb5b35f111feb8866
2015-03-26 20:25:53 +00:00
Brant Knudson
9e845eaae0 Document mapping of policy action to operation
There was no documentation that showed the mapping between the
actions in the policy file to the REST operation. The mapping is
now shown in the sample policy.json files.

DocImpact
This info also needs to be in an admin guide.

Closes-Bug: 1424496
Change-Id: I7c973068ec1a62d39287f926b71ba61de0566f58
2015-03-25 08:26:45 -05:00
Brant Knudson
86ff317b6f Update sample config file
There have been quite a few changes lately!

Change-Id: I61e48b1abab2083cfd394c54ae792aa90caf739c
2015-03-25 04:46:35 +00:00
Brant Knudson
ec31fb69ed Fix sample policy to allow user to revoke own token
The sample policy file wouldn't allow a user to revoke their own
token.

Partial-Bug: 1421825
Change-Id: Iaf9bcd4d083c91991d6bbd71c0e677123c5a86a2
2015-03-23 21:01:54 -05:00
wanghong
7b4a81fb3d make credential policy check ownership of credential
Currently, policy.json and policy.v3cloudsample.json only check if
the user from token matchs the user from url. However, we should
also check if the user owns the credential.

Change-Id: I5c8bbb6736b028d6cb693d2a35e018f28caeaa57
Closes-Bug: #1417366
Closes-Bug: #1417522
2015-03-11 08:57:38 +08:00
Henry Nash
92c676df7d Add API support for domain config
Building on previous patches, this adds the public API support
for domain configurations being stored in the database.

Partially Implements: blueprint domain-config-ext
Change-Id: Idcd37a55a1179ef9be088323414cd76e7bfcd6bb
2015-03-08 18:22:42 +00:00
Brant Knudson
1aeb96251f Update sample config file
The sample config file is regenerated using

 tox -e sample_config

Change-Id: Id4603422dd9ad2db036475d2cf42387ed26ba3c5
2015-03-03 14:26:32 -06:00
Jenkins
143c3fedca Merge "Remove check_role_for_trust from sample policies" 2015-02-26 05:18:28 +00:00
Steve Martinelli
bc6e6bd9f1 Enable endpoint_policy, endpoint_filter and oauth by default
Include endpoint policy, oauth1 and endpoint filter in the pipeline
by default, and automatically migrate the databases.

implements bp: replace-extensions

Change-Id: Ie12d220da149135755e15873807b4a551b243220
2015-02-24 03:56:40 -05:00
Jenkins
f9ba5bfa7e Merge "Add oslo request id middleware to keystone paste pipeline" 2015-02-24 07:52:00 +00:00
Jenkins
9870ea46d2 Merge "Add WebSSO support for federation" 2015-02-24 04:16:30 +00:00
Matthew Treinish
d333eac4ef Add oslo request id middleware to keystone paste pipeline
This commit adds the oslo middleware request id middleware into
keystones paste pipeline to add request id's to the response headers

Change-Id: I475d60460df6b1b88942bd8347b6bc443dbf4c8a
2015-02-23 19:01:43 -08:00
Jenkins
26efa31c7b Merge "Remove list_endpoint_groups_for_project from sample policies" 2015-02-20 21:36:49 +00:00
Jenkins
efd3deeccc Merge "Add get_endpoint_group_in_project to sample policy files" 2015-02-20 21:26:00 +00:00
Steve Martinelli
cd92123a4c Add WebSSO support for federation
Add the ability to return a templated post back HTML
response when a call is made that contains info from trusted
dashboard host.

implements bp websso-portal

Co-Authored-By: Jose Castro Leon <jose.castro.leon@cern.ch>
Co-Authored-By: Marek Denis <marek.denis@cern.ch>
Co-Authored-By: Thai Tran <tqtran@us.ibm.com>

Change-Id: Ia5a5c9bd176ea0372c92de6d0a3587d82f2fe5d7
2015-02-18 23:35:30 -05:00
Brant Knudson
797bb9b186 Regenerate sample config file
The eventlet config options were moved to their own section.

bp eventlet-server-config

Change-Id: I65415858dfad336b83b28b50cbb2eb06f46974fb
2015-02-18 20:24:46 -06:00
Steve Martinelli
97aa58e14b Update sample config file
This takes into account a few changes that have modified the
sample config.

1) Handle SSL termination
   I76462db9c01a130964844207e375bd35359694f7
2) federated domains
   I84c95a0abe3f4c4bbe2b785fd773f54e3384f5ce
3) use oslo.log
   0f61b11141baff243d0e4c10b3dcb612584f7426

Change-Id: I11950714b533b1bb8f216411611505f4fbadaedd
2015-02-18 16:15:35 +00:00
lin-hua-cheng
6ecf99c779 Remove check_role_for_trust from sample policies
The "identity:check_role_for_trust" was defined in the sample
policy files but there is no actual mapping for it, so setting
a value for this target has no effect. If or when the
mapping gets added then this target must be added back in.

Fixed the double protected call in "get_role_for_trust" by changing its
call to a private unprotected version of "check_role_for_trust".

Also, marking the public version of "check_role_for_trust" as deprecated
for future cleanup.

Change-Id: I1c2b1186e37e31eaf556f81db686cc362768a5ae
Closes-Bug: #1421966
2015-02-17 20:55:10 -08:00