OpenStack Identity (Keystone)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

115 lines
3.7KB

  1. # Licensed under the Apache License, Version 2.0 (the "License"); you may
  2. # not use this file except in compliance with the License. You may obtain
  3. # a copy of the License at
  4. #
  5. # http://www.apache.org/licenses/LICENSE-2.0
  6. #
  7. # Unless required by applicable law or agreed to in writing, software
  8. # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  9. # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
  10. # License for the specific language governing permissions and limitations
  11. # under the License.
  12. from oslo_config import cfg
  13. from keystone.conf import utils
  14. driver = cfg.StrOpt(
  15. 'driver',
  16. default='sql',
  17. help=utils.fmt("""
  18. Entry point for the resource driver in the `keystone.resource` namespace. Only
  19. a `sql` driver is supplied by keystone. Unless you are writing proprietary
  20. drivers for keystone, you do not need to set this option.
  21. """))
  22. caching = cfg.BoolOpt(
  23. 'caching',
  24. default=True,
  25. deprecated_opts=[cfg.DeprecatedOpt('caching', group='assignment')],
  26. help=utils.fmt("""
  27. Toggle for resource caching. This has no effect unless global caching is
  28. enabled.
  29. """))
  30. cache_time = cfg.IntOpt(
  31. 'cache_time',
  32. deprecated_opts=[cfg.DeprecatedOpt('cache_time', group='assignment')],
  33. help=utils.fmt("""
  34. Time to cache resource data in seconds. This has no effect unless global
  35. caching is enabled.
  36. """))
  37. list_limit = cfg.IntOpt(
  38. 'list_limit',
  39. deprecated_opts=[cfg.DeprecatedOpt('list_limit', group='assignment')],
  40. help=utils.fmt("""
  41. Maximum number of entities that will be returned in a resource collection.
  42. """))
  43. admin_project_domain_name = cfg.StrOpt(
  44. 'admin_project_domain_name',
  45. help=utils.fmt("""
  46. Name of the domain that owns the `admin_project_name`. If left unset, then
  47. there is no admin project. `[resource] admin_project_name` must also be set to
  48. use this option.
  49. """))
  50. admin_project_name = cfg.StrOpt(
  51. 'admin_project_name',
  52. help=utils.fmt("""
  53. This is a special project which represents cloud-level administrator privileges
  54. across services. Tokens scoped to this project will contain a true
  55. `is_admin_project` attribute to indicate to policy systems that the role
  56. assignments on that specific project should apply equally across every project.
  57. If left unset, then there is no admin project, and thus no explicit means of
  58. cross-project role assignments. `[resource] admin_project_domain_name` must
  59. also be set to use this option.
  60. """))
  61. project_name_url_safe = cfg.StrOpt(
  62. 'project_name_url_safe',
  63. choices=['off', 'new', 'strict'],
  64. default='off',
  65. help=utils.fmt("""
  66. This controls whether the names of projects are restricted from containing
  67. URL-reserved characters. If set to `new`, attempts to create or update a
  68. project with a URL-unsafe name will fail. If set to `strict`, attempts to scope
  69. a token with a URL-unsafe project name will fail, thereby forcing all project
  70. names to be updated to be URL-safe.
  71. """))
  72. domain_name_url_safe = cfg.StrOpt(
  73. 'domain_name_url_safe',
  74. choices=['off', 'new', 'strict'],
  75. default='off',
  76. help=utils.fmt("""
  77. This controls whether the names of domains are restricted from containing
  78. URL-reserved characters. If set to `new`, attempts to create or update a domain
  79. with a URL-unsafe name will fail. If set to `strict`, attempts to scope a token
  80. with a URL-unsafe domain name will fail, thereby forcing all domain names to be
  81. updated to be URL-safe.
  82. """))
  83. GROUP_NAME = __name__.split('.')[-1]
  84. ALL_OPTS = [
  85. driver,
  86. caching,
  87. cache_time,
  88. list_limit,
  89. admin_project_domain_name,
  90. admin_project_name,
  91. project_name_url_safe,
  92. domain_name_url_safe,
  93. ]
  94. def register_opts(conf):
  95. conf.register_opts(ALL_OPTS, group=GROUP_NAME)
  96. def list_opts():
  97. return {GROUP_NAME: ALL_OPTS}