¡@

Home 

OpenStack Study: core.py

OpenStack Index

**** CubicPower OpenStack Study ****

# Copyright 2013 OpenStack Foundation

#

# Licensed under the Apache License, Version 2.0 (the "License"); you may

# not use this file except in compliance with the License. You may obtain

# a copy of the License at

#

# http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT

# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the

# License for the specific language governing permissions and limitations

# under the License.

"""Main entry point into the Credentials service."""

import abc

import six

from keystone.common import dependency

from keystone.common import manager

from keystone import config

from keystone import exception

from keystone.openstack.common.gettextutils import _

from keystone.openstack.common import log

CONF = config.CONF

LOG = log.getLogger(__name__)

@dependency.provider('credential_api')

**** CubicPower OpenStack Study ****

class Manager(manager.Manager):

"""Default pivot point for the Credential backend.

See :mod:`keystone.common.manager.Manager` for more details on how this

dynamically calls the backend.

"""

**** CubicPower OpenStack Study ****

    def __init__(self):

        super(Manager, self).__init__(CONF.credential.driver)

@six.add_metaclass(abc.ABCMeta)

**** CubicPower OpenStack Study ****

class Driver(object):

# credential crud

@abc.abstractmethod

**** CubicPower OpenStack Study ****

    def create_credential(self, credential_id, credential):

        """Creates a new credential.

        :raises: keystone.exception.Conflict

        """

        raise exception.NotImplemented()

    @abc.abstractmethod

**** CubicPower OpenStack Study ****

    def list_credentials(self, **filters):

        """List all credentials in the system applying filters.

        :returns: a list of credential_refs or an empty list.

        """

        raise exception.NotImplemented()

    @abc.abstractmethod

**** CubicPower OpenStack Study ****

    def get_credential(self, credential_id):

        """Get a credential by ID.

        :returns: credential_ref

        :raises: keystone.exception.CredentialNotFound

        """

        raise exception.NotImplemented()

    @abc.abstractmethod

**** CubicPower OpenStack Study ****

    def update_credential(self, credential_id, credential):

        """Updates an existing credential.

        :raises: keystone.exception.CredentialNotFound,

                 keystone.exception.Conflict

        """

        raise exception.NotImplemented()

    @abc.abstractmethod

**** CubicPower OpenStack Study ****

    def delete_credential(self, credential_id):

        """Deletes an existing credential.

        :raises: keystone.exception.CredentialNotFound

        """

        raise exception.NotImplemented()

    @abc.abstractmethod

**** CubicPower OpenStack Study ****

    def delete_credentials_for_project(self, project_id):

        """Deletes all credentials for a project."""

        self._delete_credentials(lambda cr: cr['project_id'] == project_id)

    @abc.abstractmethod

**** CubicPower OpenStack Study ****

    def delete_credentials_for_user(self, user_id):

        """Deletes all credentials for a user."""

        self._delete_credentials(lambda cr: cr['user_id'] == user_id)

**** CubicPower OpenStack Study ****

    def _delete_credentials(self, match_fn):

        """Do the actual credential deletion work (default implementation).

        :param match_fn: function that takes a credential dict as the

                         parameter and returns true or false if the

                         identifier matches the credential dict.

        """

        for cr in self.list_credentials():

            if match_fn(cr):

                try:

                    self.credential_api.delete_credential(cr['id'])

                except exception.CredentialNotFound:

                    LOG.debug(_('Deletion of credential is not required: %s'),

                              cr['id'])