The openstack_dashboard.api.keystone Module

class openstack_dashboard.api.keystone.Service(service, *args, **kwargs)

Bases: openstack_dashboard.api.base.APIDictWrapper

Wrapper for a dict based on the service data from keystone.

openstack_dashboard.api.keystone.add_tenant_user_role(request, tenant_id, user_id, role_id)

Adds a role for a user on a tenant.

openstack_dashboard.api.keystone.create_ec2_credentials(request, user_id, tenant_id)

openstack_dashboard.api.keystone.get_default_role(request)

Gets the default role object from Keystone and saves it as a global since this is configured in settings and should not change from request to request. Supports lookup by name or id.

openstack_dashboard.api.keystone.get_user_ec2_credentials(request, user_id, access_token)

openstack_dashboard.api.keystone.keystone_backend_name()

openstack_dashboard.api.keystone.keystone_can_edit_project()

openstack_dashboard.api.keystone.keystone_can_edit_user()

openstack_dashboard.api.keystone.keystoneclient(request, admin=False)

Returns a client connected to the Keystone backend.

Several forms of authentication are supported:

• Username + password -> Unscoped authentication
• Username + password + tenant id -> Scoped authentication
• Unscoped token -> Unscoped authentication
• Unscoped token + tenant id -> Scoped authentication
• Scoped token -> Scoped authentication

Available services and data from the backend will vary depending on whether the authentication was scoped or unscoped.

Lazy authentication if an endpoint parameter is provided.

Calls requiring the admin endpoint should have admin=True passed in as a keyword argument.

The client is cached so that subsequent API calls during the same request/response cycle don’t have to be re-authenticated.

openstack_dashboard.api.keystone.list_ec2_credentials(request, user_id)

openstack_dashboard.api.keystone.remove_tenant_user(request, tenant_id, user_id)

Removes all roles from a user on a tenant, removing them from it.

openstack_dashboard.api.keystone.remove_tenant_user_role(request, tenant_id, user_id, role_id)

Removes a given single role for a user from a tenant.

openstack_dashboard.api.keystone.role_list(request)

Returns a global list of available roles.

openstack_dashboard.api.keystone.roles_for_user(request, user, project)

openstack_dashboard.api.keystone.tenant_create(request, tenant_name, description, enabled)

openstack_dashboard.api.keystone.tenant_delete(request, tenant_id)

openstack_dashboard.api.keystone.tenant_get(request, tenant_id, admin=False)

openstack_dashboard.api.keystone.tenant_list(request, admin=False)

openstack_dashboard.api.keystone.tenant_update(request, tenant_id, tenant_name, description, enabled)

openstack_dashboard.api.keystone.token_create_scoped(request, tenant, token)

Creates a scoped token using the tenant id and unscoped token; retrieves the service catalog for the given tenant.

openstack_dashboard.api.keystone.user_create(request, user_id, email, password, tenant_id, enabled)

openstack_dashboard.api.keystone.user_delete(request, user_id)

openstack_dashboard.api.keystone.user_get(request, user_id, admin=True)

openstack_dashboard.api.keystone.user_list(request, tenant_id=None)

openstack_dashboard.api.keystone.user_update(request, user, **data)

openstack_dashboard.api.keystone.user_update_enabled(request, user_id, enabled)

openstack_dashboard.api.keystone.user_update_password(request, user_id, password, admin=True)

openstack_dashboard.api.keystone.user_update_tenant(request, user_id, tenant_id, admin=True)