← Back to branch summary

~ubuntu-branches/ubuntu/quantal/keystone/quantal-security

« back to all changes in this revision

Viewing changes to keystone/identity/backends/ldap/core.py

  • Committer: Package Import Robot
  • Author(s): Chuck Short
  • Date: 2012-06-22 12:27:50 UTC
  • mto: (35.1.1 quantal-proposed)
  • mto: This revision was merged to the branch mainline in revision 28.
  • Revision ID: package-import@ubuntu.com-20120622122750-4urdq17en1990apn
Tags: upstream-2012.2~f2~20120622.2353
ImportĀ upstreamĀ versionĀ 2012.2~f2~20120622.2353

Show diffs side-by-side

added added

removed removed

Lines of Context:
keystone/identity/backends/ldap/core.py
20
20
from ldap import filter as ldap_filter
21
21
 
22
22
from keystone import clean
 
23
from keystone.common import ldap as common_ldap
 
24
from keystone.common.ldap import fakeldap
 
25
from keystone.common import utils
23
26
from keystone import config
24
27
from keystone import exception
25
28
from keystone import identity
26
 
from keystone.common import ldap as common_ldap
27
 
from keystone.common import utils
28
 
from keystone.common.ldap import fakeldap
29
29
from keystone.identity import models
30
30
 
31
31
 
358
358
                              limit,
359
359
                              self.tenant_api.get_users(tenant_id, role_id))
360
360
 
361
 
    def users_get_by_tenant_get_page_markers(self, tenant_id,
362
 
        role_id, marker, limit):
 
361
    def users_get_by_tenant_get_page_markers(self, tenant_id, role_id, marker,
 
362
                                             limit):
363
363
        return self._get_page_markers(
364
 
                marker, limit, self.tenant_api.get_users(tenant_id, role_id))
 
364
            marker, limit, self.tenant_api.get_users(tenant_id, role_id))
365
365
 
366
366
    def check_password(self, user_id, password):
367
367
        user = self.get(user_id)
418
418
 
419
419
    def list_for_user_get_page_markers(self, user, marker, limit):
420
420
        return self._get_page_markers(
421
 
                marker, limit, self.get_user_tenants(user['id']))
 
421
            marker, limit, self.get_user_tenants(user['id']))
422
422
 
423
423
    def is_empty(self, id):
424
424
        tenant = self._ldap_get(id)
588
588
                    raise inst
589
589
 
590
590
        return UserRoleAssociation(
591
 
                id=self._create_ref(role_id, tenant_id, user_id),
592
 
                role_id=role_id,
593
 
                user_id=user_id,
594
 
                tenant_id=tenant_id)
 
591
            id=self._create_ref(role_id, tenant_id, user_id),
 
592
            role_id=role_id,
 
593
            user_id=user_id,
 
594
            tenant_id=tenant_id)
595
595
 
596
596
    def get_by_service(self, service_id):
597
597
        roles = self.get_all('(service_id=%s)' %
626
626
                user_id = self.user_api._dn_to_id(user_dn)
627
627
                role_id = self._dn_to_id(role_dn)
628
628
                res.append(UserRoleAssociation(
629
 
                        id=self._create_ref(role_id, tenant_id, user_id),
630
 
                        user_id=user_id,
631
 
                        role_id=role_id,
632
 
                        tenant_id=tenant_id))
 
629
                    id=self._create_ref(role_id, tenant_id, user_id),
 
630
                    user_id=user_id,
 
631
                    role_id=role_id,
 
632
                    tenant_id=tenant_id))
633
633
 
634
634
        return res
635
635
 
637
637
        user_dn = self.user_api._id_to_dn(user_id)
638
638
        roles = self.get_all('(%s=%s)' % (self.member_attribute, user_dn))
639
639
        return [UserRoleAssociation(
640
 
                    id=self._create_ref(role.id, None, user_id),
641
 
                    role_id=role.id,
642
 
                    user_id=user_id)
643
 
                for role in roles]
 
640
                id=self._create_ref(role.id, None, user_id),
 
641
                role_id=role.id,
 
642
                user_id=user_id) for role in roles]
644
643
 
645
644
    def list_tenant_roles_for_user(self, user_id, tenant_id=None):
646
645
        conn = self.get_connection()
659
658
            for role_dn, _ in roles:
660
659
                role_id = self._dn_to_id(role_dn)
661
660
                res.append(UserRoleAssociation(
662
 
                        id=self._create_ref(role_id, tenant_id, user_id),
663
 
                        user_id=user_id,
664
 
                        role_id=role_id,
665
 
                        tenant_id=tenant_id))
 
661
                    id=self._create_ref(role_id, tenant_id, user_id),
 
662
                    user_id=user_id,
 
663
                    role_id=role_id,
 
664
                    tenant_id=tenant_id))
666
665
        else:
667
666
            try:
668
667
                roles = conn.search_s(self.tenant_api.tree_dn,
676
675
                role_id = self._dn_to_id(role_dn)
677
676
                tenant_id = ldap.dn.str2dn(role_dn)[1][0][1]
678
677
                res.append(UserRoleAssociation(
679
 
                        id=self._create_ref(role_id, tenant_id, user_id),
680
 
                        user_id=user_id,
681
 
                        role_id=role_id,
682
 
                        tenant_id=tenant_id))
 
678
                    id=self._create_ref(role_id, tenant_id, user_id),
 
679
                    user_id=user_id,
 
680
                    role_id=role_id,
 
681
                    tenant_id=tenant_id))
683
682
        return res
684
683
 
685
684
    def rolegrant_get(self, id):
791
790
                ldap_role_id = self._dn_to_id(role_dn)
792
791
                if role_id == ldap_role_id:
793
792
                    res = UserRoleAssociation(
794
 
                            id=self._create_ref(role_id, tenant_id, user_id),
795
 
                            user_id=user_id,
796
 
                            role_id=role_id,
797
 
                            tenant_id=tenant_id)
 
793
                        id=self._create_ref(role_id, tenant_id, user_id),
 
794
                        user_id=user_id,
 
795
                        role_id=role_id,
 
796
                        tenant_id=tenant_id)
798
797
                    return res
799
798
        else:
800
799
            try:
809
808
            for role in roles:
810
809
                if role.id == role_id:
811
810
                    return UserRoleAssociation(
812
 
                            id=self._create_ref(role.id, None, user_id),
813
 
                            role_id=role.id,
814
 
                            user_id=user_id)
 
811
                        id=self._create_ref(role.id, None, user_id),
 
812
                        role_id=role.id,
 
813
                        user_id=user_id)
815
814
        return None