openstack/keystone
Code Issues Proposed changes
d59973e628
keystone/api-ref/source/v2-admin/parameters.yaml
Lance Bragstad 7f3f596351 Fix the belongsTo query parameter 
The belongsTo query parameter is only supported by the v2.0
token validation API. It would check the ID of the project passed
to the belongsTo parameter against the project a token was scoped to.

This commit corrects the implementation, tests, and adds
documentation. It also moves the check to keystone.token.controller
since belongsTo is a v2-ism and doesn't belong in the
keystone.token.provider.

Closes-Bug: 1627085
Closes-Bug: 1626794
Change-Id: I4a06a498112b81093d7e5ef3142bb1e2d0f78138
2016-09-23 21:05:16 +00:00

410 lines
7.3 KiB
YAML
Raw Blame History

# variables in header
X-Auth-Token:
description: |
A valid authentication token for an
administrative user.
in: header
required: true
type: string
# variables in path
endpoint_id_path:
description: |
Endpoint ID
in: path
required: true
type: string
tenant_id_path:
description: |
The tenant ID.
in: path
required: true
type: string
tenantId:
description: |
The tenant ID.
in: path
required: false
type: string
tokenId:
description: |
The authentication token for which to perform the
operation.
in: path
required: true
type: string
user_id_path:
description: |
The user ID.
in: path
required: true
type: string
userId:
description: |
The user ID.
in: path
required: true
type: string
# variables in query
belongsTo:
description: |
Project ID to check against token scope.
in: query
required: false
type: string
tenant_name_query:
description: |
Filters the response by a tenant name.
in: query
required: false
type: string
# variables in body
access:
description: |
An ``access`` object.
in: body
required: true
type: string
description:
description: |
The description of the tenant. If not set, this
value is ``null``.
in: body
required: true
type: string
email:
description: |
The user email.
in: body
required: false
type: string
enabled:
description: |
Indicates whether the tenant is enabled or
disabled.
in: body
required: true
type: boolean
endpoint:
description: |
Endpoint object. Contains ``publicURL``, ``adminURL``,
``internalURL``, ``id`` and ``region`` for the endpoint.
in: body
required: true
type: object
endpoint_adminurl_request:
description: |
Admin URL
in: body
required: false
type: string
endpoint_adminurl_response:
description: |
Admin URL
in: body
required: true
type: string
endpoint_id:
description: |
Endpoint ID
in: body
required: true
type: string
endpoint_internalurl_request:
description: |
Internal URL
in: body
required: false
type: string
endpoint_internalurl_response:
description: |
Internal URL
in: body
required: true
type: string
endpoint_publicurl_request:
description: |
Public URL
in: body
required: true
type: string
endpoint_publicurl_response:
description: |
Public URL
in: body
required: true
type: string
endpoint_region_request:
description: |
Region of the endpoint
in: body
required: false
type: string
endpoint_region_response:
description: |
Region of the endpoint
in: body
required: true
type: string
endpoints:
description: |
One or more ``endpoint`` objects. Each object
shows the ``adminURL``, ``region``, ``internalURL``, ``id``, and
``publicURL`` for the endpoint.
in: body
required: true
type: array
endpoints_links:
description: |
Links for the endpoint.
in: body
required: true
type: string
expires:
description: |
The date and time when the token expires.
The date and time stamp format is `ISO 8601
<https://en.wikipedia.org/wiki/ISO_8601>`_:
::
CCYY-MM-DDThh:mm:ss±hh:mm
For example, ``2015-08-27T09:49:58-05:00``.
The ``±hh:mm`` value, if included, is the time zone as an offset
from UTC. In the previous example, the offset value is ``-05:00``.
A ``null`` value indicates that the token never expires.
in: body
required: true
type: string
id:
description: |
The ID of the trust.
in: body
required: false
type: string
impersonation:
description: |
The impersonation flag.
in: body
required: false
type: string
issued_at:
description: |
The date and time when the token was issued.
The date and time stamp format is `ISO 8601
<https://en.wikipedia.org/wiki/ISO_8601>`_:
::
CCYY-MM-DDThh:mm:ss±hh:mm
For example, ``2015-08-27T09:49:58-05:00``.
The ``±hh:mm`` value, if included, is the time zone as an offset
from UTC. In the previous example, the offset value is ``-05:00``.
in: body
required: true
type: string
location:
format: uri
in: body
required: true
type: string
metadata:
description: |
A ``metadata`` object.
in: body
required: true
type: string
name:
description: |
Endpoint name.
in: body
required: true
type: string
name_1:
description: |
The user name.
in: body
required: true
type: string
password:
description: |
The user password.
in: body
required: false
type: string
role_description:
description: |
The role description.
in: body
required: true
type: string
role_id:
description: |
The role ID.
in: body
required: true
type: string
role_name:
description: |
The role name.
in: body
required: true
type: string
roles:
description: |
The collection of roles.
in: body
required: true
type: array
roles_links:
description: |
The link to the represented role collection.
in: body
required: true
type: array
service_id_request:
description: |
Service ID
in: body
required: true
type: string
serviceCatalog:
description: |
A ``serviceCatalog`` object.
in: body
required: true
type: string
tenant:
description: |
A ``tenant`` object.
in: body
required: true
type: string
tenant_description:
description: |
The description of the tenant. If not set, this
value is ``null``.
in: body
required: true
type: string
tenant_enabled:
description: |
Indicates whether the tenant is enabled or
disabled.
in: body
required: true
type: boolean
tenant_id:
description: |
The tenant ID.
in: body
required: true
type: string
tenant_links:
description: |
The link to the represented tenant collection.
in: body
required: true
type: array
tenant_name:
description: |
Tenant name.
in: body
required: true
type: string
tenants:
description: |
The collection of tenants.
in: body
required: true
type: array
token:
description: |
A ``token`` object.
in: body
required: true
type: string
trust:
description: |
A ``trust`` object.
in: body
required: false
type: string
trustee_user_id:
description: |
The trustee user ID.
in: body
required: false
type: string
trustor_user_id:
description: |
The trustor user ID.
in: body
required: false
type: string
type:
description: |
Endpoint type.
in: body
required: true
type: string
user:
description: |
A ``user`` object, which shows the ``username``,
``roles_links``, ``id``, ``roles``, and ``name``.
in: body
required: true
type: string
user_email:
description: |
The user email.
in: body
required: true
type: string
user_enabled:
description: |
Indicates whether the user is enabled (``true``)
or disabled(``false``). The default value is ``true``.
in: body
required: true
type: boolean
user_id:
description: |
The user ID.
in: body
required: true
type: string
user_name:
description: |
The user name.
in: body
required: true
type: string
username:
description: |
The username of user.
in: body
required: true
type: string
users:
description: |
One or more ``user`` objects.
in: body
required: true
type: array
users_link:
description: |
The link to the reporesented user collection.
in: body
required: true
type: array
View Git Blame Copy Permalink