python-keystoneclient 1:3.2.0-4 / usr / lib / python2.7 / dist-packages / keystoneclient / v3 / role_assignments.py

This file is indexed.

/usr/lib/python2.7/dist-packages/keystoneclient/v3/role_assignments.py is in python-keystoneclient 1:3.2.0-4.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.

from keystoneclient import base
from keystoneclient import exceptions
from keystoneclient.i18n import _


class RoleAssignment(base.Resource):
    """Represents an Identity role assignment.

    Attributes:
        * role: an object which contains a role uuid
        * user or group: an object which contains either a user or
                         group uuid
        * scope: an object which has either a project or domain object
                 containing an uuid
    """

    pass


class RoleAssignmentManager(base.CrudManager):
    """Manager class for manipulating Identity roles assignments."""

    resource_class = RoleAssignment
    collection_key = 'role_assignments'
    key = 'role_assignment'

    def _check_not_user_and_group(self, user, group):
        if user and group:
            msg = _('Specify either a user or group, not both')
            raise exceptions.ValidationError(msg)

    def _check_not_domain_and_project(self, domain, project):
        if domain and project:
            msg = _('Specify either a domain or project, not both')
            raise exceptions.ValidationError(msg)

    def list(self, user=None, group=None, project=None, domain=None, role=None,
             effective=False, os_inherit_extension_inherited_to=None,
             include_subtree=False, include_names=False):
        """List role assignments.

        If no arguments are provided, all role assignments in the
        system will be listed.

        If both user and group are provided, a ValidationError will be
        raised. If both domain and project are provided, it will also
        raise a ValidationError.

        :param user: User to be used as query filter. (optional)
        :param group: Group to be used as query filter. (optional)
        :param project: Project to be used as query filter.
                        (optional)
        :param domain: Domain to be used as query
                       filter. (optional)
        :param role: Role to be used as query filter. (optional)
        :param boolean effective: return effective role
                                  assignments. (optional)
        :param string os_inherit_extension_inherited_to:
            return inherited role assignments for either 'projects' or
            'domains'. (optional)
        :param boolean include_subtree: Include subtree (optional)
        :param boolean include_names: Display names instead
                                      of IDs. (optional)
        """
        self._check_not_user_and_group(user, group)
        self._check_not_domain_and_project(domain, project)

        query_params = {}
        if user:
            query_params['user.id'] = base.getid(user)
        if group:
            query_params['group.id'] = base.getid(group)
        if project:
            query_params['scope.project.id'] = base.getid(project)
        if domain:
            query_params['scope.domain.id'] = base.getid(domain)
        if role:
            query_params['role.id'] = base.getid(role)
        if effective:
            query_params['effective'] = effective
        if include_names:
            query_params['include_names'] = include_names
        if os_inherit_extension_inherited_to:
            query_params['scope.OS-INHERIT:inherited_to'] = (
                os_inherit_extension_inherited_to)
        if include_subtree:
            query_params['include_subtree'] = include_subtree

        return super(RoleAssignmentManager, self).list(**query_params)

    def create(self, **kwargs):
        raise exceptions.MethodNotImplemented(
            _('Create not supported for role assignments'))

    def update(self, **kwargs):
        raise exceptions.MethodNotImplemented(
            _('Update not supported for role assignments'))

    def get(self, **kwargs):
        raise exceptions.MethodNotImplemented(
            _('Get not supported for role assignments'))

    def find(self, **kwargs):
        raise exceptions.MethodNotImplemented(
            _('Find not supported for role assignments'))

    def put(self, **kwargs):
        raise exceptions.MethodNotImplemented(
            _('Put not supported for role assignments'))

    def delete(self, **kwargs):
        raise exceptions.MethodNotImplemented(
            _('Delete not supported for role assignments'))

APT Browse - Built by Thomas Orozco.