keystone.endpoint_policy.backends package

Submodules

keystone.endpoint_policy.backends.base module

class keystone.endpoint_policy.backends.base.EndpointPolicyDriverV8[source]

Bases: object

Interface description for an Endpoint Policy driver.

check_policy_association(policy_id, endpoint_id=None, service_id=None, region_id=None)[source]

Check existence a policy association.

Parameters:
  • policy_id (string) – identity of policy that is being associated
  • endpoint_id (string) – identity of endpoint to associate
  • service_id (string) – identity of the service to associate
  • region_id (string) – identity of the region to associate
Raises keystone.exception.PolicyAssociationNotFound:
 

If there is no match for the specified association.
Returns:

None
create_policy_association(policy_id, endpoint_id=None, service_id=None, region_id=None)[source]

Create a policy association.

Parameters:
  • policy_id (string) – identity of policy that is being associated
  • endpoint_id (string) – identity of endpoint to associate
  • service_id (string) – identity of the service to associate
  • region_id (string) – identity of the region to associate
Returns:

None

There are three types of association permitted:

  • Endpoint (in which case service and region must be None)
  • Service and region (in which endpoint must be None)
  • Service (in which case endpoint and region must be None)
delete_association_by_endpoint(endpoint_id)[source]

Remove all the policy associations with the specific endpoint.

Parameters:endpoint_id (string) – identity of endpoint to check
Returns:None
delete_association_by_policy(policy_id)[source]

Remove all the policy associations with the specific policy.

Parameters:policy_id (string) – identity of endpoint to check
Returns:None
delete_association_by_region(region_id)[source]

Remove all the policy associations with the specific region.

Parameters:region_id (string) – identity of endpoint to check
Returns:None
delete_association_by_service(service_id)[source]

Remove all the policy associations with the specific service.

Parameters:service_id (string) – identity of endpoint to check
Returns:None
delete_policy_association(policy_id, endpoint_id=None, service_id=None, region_id=None)[source]

Delete a policy association.

Parameters:
  • policy_id (string) – identity of policy that is being associated
  • endpoint_id (string) – identity of endpoint to associate
  • service_id (string) – identity of the service to associate
  • region_id (string) – identity of the region to associate
Returns:

None
get_policy_association(endpoint_id=None, service_id=None, region_id=None)[source]

Get the policy for an explicit association.

This method is not exposed as a public API, but is used by get_policy_for_endpoint().

Parameters:
  • endpoint_id (string) – identity of endpoint
  • service_id (string) – identity of the service
  • region_id (string) – identity of the region
Raises keystone.exception.PolicyAssociationNotFound:
 

If there is no match for the specified association.
Returns:

dict containing policy_id
get_policy_for_endpoint(endpoint_id)[source]

Get the appropriate policy for a given endpoint.

Parameters:endpoint_id (string) – identity of endpoint
Returns:Policy entity for the endpoint
list_associations_for_policy(policy_id)[source]

List the associations for a policy.

This method is not exposed as a public API, but is used by list_endpoints_for_policy().

Parameters:policy_id (string) – identity of policy
Returns:List of association dicts
list_endpoints_for_policy(policy_id)[source]

List all the endpoints using a given policy.

Parameters:policy_id (string) – identity of policy that is being associated
Returns:list of endpoints that have an effective association with that policy

keystone.endpoint_policy.backends.sql module

class keystone.endpoint_policy.backends.sql.EndpointPolicy[source]

Bases: object

check_policy_association(policy_id, endpoint_id=None, service_id=None, region_id=None)[source]
create_policy_association(policy_id, endpoint_id=None, service_id=None, region_id=None)[source]
delete_association_by_endpoint(endpoint_id)[source]
delete_association_by_policy(policy_id)[source]
delete_association_by_region(region_id)[source]
delete_association_by_service(service_id)[source]
delete_policy_association(policy_id, endpoint_id=None, service_id=None, region_id=None)[source]
get_policy_association(endpoint_id=None, service_id=None, region_id=None)[source]
list_associations_for_policy(policy_id)[source]
class keystone.endpoint_policy.backends.sql.PolicyAssociation(*args, **kwargs)[source]

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['policy_id', 'endpoint_id', 'region_id', 'service_id']
endpoint_id
id
policy_id
region_id
service_id
to_dict()[source]

Return the model’s attributes as a dictionary.

We override the standard method in order to hide the id column, since this only exists to provide the table with a primary key.

Module contents

Table Of Contents

Previous topic

keystone.endpoint_policy package

Next topic

keystone.federation package

Project Source

This Page

Navigation

© Copyright 2012, OpenStack Foundation. Last updated on 'Mon Jul 10 13:20:18 2017, commit bd49c3e'. Created using Sphinx 1.2.3.