common Package

authorization Module

base64utils Module

config Module

controller Module

dependency Module

driver_hints Module

class keystone.common.driver_hints.Hints[source]

Bases: list

Encapsulate driver hints for listing entities.

Hints are modifiers that affect the return of entities from a list_<entities> operation. They are typically passed to a driver to give direction as to what filtering, pagination or list limiting actions are being requested.

It is optional for a driver to action some or all of the list hints, but any filters that it does satisfy must be marked as such by calling removing the filter from the list.

A Hint object is a list of dicts, initially of type ‘filter’ or ‘limit’, although other types may be added in the future. The list can be enumerated directly, or by using the filters() method which will guarantee to only return filters.

add_filter(name, value, comparator='equals', case_sensitive=False)[source]
filters()[source]

Iterate over all unsatisfied filters.

Each filter term consists of:

  • name: the name of the attribute being matched

  • value: the value against which it is being matched

  • comparator: the operation, which can be one of equals,

    startswith or endswith

  • case_sensitive: whether any comparison should take account of

    case

  • type: will always be ‘filter’

get_exact_filter_by_name(name)[source]

Return a filter key and value if exact filter exists for name.

get_limit()[source]

Get the limit to which the list should be truncated.

set_limit(limit, truncated=False)[source]

Set a limit to indicate the list should be truncated.

extension Module

keystone.common.extension.register_admin_extension(url_prefix, extension_data)[source]

Register extension with collection of admin extensions.

Extensions register the information here that will show up in the /extensions page as a way to indicate that the extension is active.

url_prefix: unique key for the extension that will appear in the
urls generated by the extension.
extension_data is a dictionary. The expected fields are:
‘name’: short, human readable name of the extension ‘namespace’: xml namespace ‘alias’: identifier for the extension ‘updated’: date the extension was last updated ‘description’: text description of the extension ‘links’: hyperlinks to documents describing the extension
keystone.common.extension.register_public_extension(url_prefix, extension_data)[source]

Same as register_admin_extension but for public extensions.

manager Module

class keystone.common.manager.Manager(driver_name)[source]

Bases: object

Base class for intermediary request layer.

The Manager layer exists to support additional logic that applies to all or some of the methods exposed by a service that are not specific to the HTTP interface.

It also provides a stable entry point to dynamic backends.

An example of a probable use case is logging all the calls.

keystone.common.manager.response_truncated(f)[source]

Truncate the list returned by the wrapped function.

This is designed to wrap Manager list_{entity} methods to ensure that any list limits that are defined are passed to the driver layer. If a hints list is provided, the wrapper will insert the relevant limit into the hints so that the underlying driver call can try and honor it. If the driver does truncate the response, it will update the ‘truncated’ attribute in the ‘limit’ entry in the hints list, which enables the caller of this function to know if truncation has taken place. If, however, the driver layer is unable to perform truncation, the ‘limit’ entry is simply left in the hints list for the caller to handle.

A _get_list_limit() method is required to be present in the object class hierarchy, which returns the limit for this backend to which we will truncate.

If a hints list is not provided in the arguments of the wrapped call then any limits set in the config file are ignored. This allows internal use of such wrapped methods where the entire data set is needed as input for the calculations of some other API (e.g. get role assignments for a given project).

models Module

Base model for keystone internal services

Unless marked otherwise, all fields are strings.

class keystone.common.models.Domain[source]

Bases: keystone.common.models.Model

Domain object.

Required keys:
id name

Optional keys:

description enabled (bool, default True)
optional_keys = ('description', 'enabled')
required_keys = ('id', 'name')
class keystone.common.models.Endpoint[source]

Bases: keystone.common.models.Model

Endpoint object

Required keys:
id region service_id
Optional keys:
internalurl publicurl adminurl
optional_keys = ('internalurl', 'publicurl', 'adminurl')
required_keys = ('id', 'region', 'service_id')
class keystone.common.models.Group[source]

Bases: keystone.common.models.Model

Group object.

Required keys:
id name domain_id

Optional keys:

description
optional_keys = ('description',)
required_keys = ('id', 'name', 'domain_id')
class keystone.common.models.Model[source]

Bases: dict

Base model class.

known_keys[source]
class keystone.common.models.Project[source]

Bases: keystone.common.models.Model

Project object.

Required keys:
id name domain_id
Optional Keys:
description enabled (bool, default True)
optional_keys = ('description', 'enabled')
required_keys = ('id', 'name', 'domain_id')
class keystone.common.models.Role[source]

Bases: keystone.common.models.Model

Role object.

Required keys:
id name
optional_keys = ()
required_keys = ('id', 'name')
class keystone.common.models.Service[source]

Bases: keystone.common.models.Model

Service object.

Required keys:
id type name

Optional keys:

optional_keys = ()
required_keys = ('id', 'type', 'name')
class keystone.common.models.Token[source]

Bases: keystone.common.models.Model

Token object.

Required keys:
id expires (datetime)
Optional keys:
user tenant metadata trust_id
optional_keys = ('extra',)
required_keys = ('id', 'expires')
class keystone.common.models.Trust[source]

Bases: keystone.common.models.Model

Trust object.

Required keys:
id trustor_user_id trustee_user_id project_id
optional_keys = ('e', 'x', 'p', 'i', 'r', 'e', 's', '_', 'a', 't')
required_keys = ('id', 'trustor_user_id', 'trustee_user_id', 'project_id')
class keystone.common.models.User[source]

Bases: keystone.common.models.Model

User object.

Required keys:
id name domain_id
Optional keys:
password description email enabled (bool, default True) default_project_id
optional_keys = ('password', 'description', 'email', 'enabled', 'default_project_id')
required_keys = ('id', 'name', 'domain_id')

openssl Module

pemutils Module

router Module

serializer Module

systemd Module

Helper module for systemd start-up completion notification. Used for “onready” configuration parameter in keystone.conf

keystone.common.systemd.notify()[source]

utils Module

wsgi Module

Subpackages