The keystone.identity.backends.sql Module

class keystone.identity.backends.sql.BaseGrant

Bases: keystone.common.sql.core.DictBase

to_dict()

Override parent to_dict() method with a simpler implementation.

Grant tables don’t have non-indexed ‘extra’ attributes, so the parent implementation is not applicable.

class keystone.identity.backends.sql.Credential(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.Base, keystone.common.sql.core.DictBase

attributes = ['id', 'user_id', 'project_id', 'blob', 'type']
blob
extra
id
project_id
type
user_id
class keystone.identity.backends.sql.Domain(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.Base, keystone.common.sql.core.DictBase

attributes = ['id', 'name', 'enabled']
enabled
extra
id
name
class keystone.identity.backends.sql.Group(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.Base, keystone.common.sql.core.DictBase

attributes = ['id', 'name', 'domain_id']
description
domain_id
extra
id
name
class keystone.identity.backends.sql.GroupDomainGrant(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.Base, keystone.identity.backends.sql.BaseGrant

data
domain_id
group_id
class keystone.identity.backends.sql.GroupProjectGrant(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.Base, keystone.identity.backends.sql.BaseGrant

data
group_id
project_id
class keystone.identity.backends.sql.Identity

Bases: keystone.common.sql.core.Base, keystone.identity.core.Driver

add_role_to_user_and_project(user_id, tenant_id, role_id)
add_user_to_group(user_id, group_id)
authenticate(user_id=None, tenant_id=None, password=None)

Authenticate based on a user, tenant and password.

Expects the user object to have a password field and the tenant to be in the list of tenants on the user.

check_user_in_group(user_id, group_id)
create_credential(*args, **kwargs)
create_domain(*args, **kwargs)
create_grant(role_id, user_id=None, group_id=None, domain_id=None, project_id=None)
create_group(*args, **kwargs)
create_metadata(*args, **kwargs)
create_project(*args, **kwargs)
create_role(*args, **kwargs)
create_user(*args, **kwargs)
db_sync()
delete_credential(credential_id)
delete_domain(domain_id)
delete_grant(role_id, user_id=None, group_id=None, domain_id=None, project_id=None)
delete_group(group_id)
delete_project(*args, **kwargs)
delete_role(role_id)
delete_user(user_id)
get_credential(credential_id)
get_domain(domain_id)
get_domain_by_name(domain_name)
get_grant(role_id, user_id=None, group_id=None, domain_id=None, project_id=None)
get_group(group_id)
get_metadata(user_id=None, tenant_id=None, domain_id=None, group_id=None)
get_project(tenant_id)
get_project_by_name(tenant_name, domain_id)
get_project_users(tenant_id)
get_projects_for_user(user_id)
get_role(role_id)
get_roles_for_user_and_domain(user_id, domain_id)
get_roles_for_user_and_project(user_id, tenant_id)
get_user(user_id)
get_user_by_name(user_name, domain_id)
list_credentials()
list_domains()
list_grants(user_id=None, group_id=None, domain_id=None, project_id=None)
list_groups()
list_groups_for_user(user_id)
list_projects()
list_roles()
list_user_projects(user_id)
list_users()
list_users_in_group(group_id)
remove_role_from_user_and_project(user_id, tenant_id, role_id)
remove_user_from_group(user_id, group_id)
update_credential(*args, **kwargs)
update_domain(*args, **kwargs)
update_group(*args, **kwargs)
update_metadata(*args, **kwargs)
update_project(*args, **kwargs)
update_role(*args, **kwargs)
update_user(*args, **kwargs)
class keystone.identity.backends.sql.Project(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.Base, keystone.common.sql.core.DictBase

attributes = ['id', 'name', 'domain_id']
description
domain_id
enabled
extra
id
name
class keystone.identity.backends.sql.Role(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.Base, keystone.common.sql.core.DictBase

attributes = ['id', 'name']
extra
id
name
class keystone.identity.backends.sql.User(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.Base, keystone.common.sql.core.DictBase

attributes = ['id', 'name', 'domain_id', 'password', 'enabled']
domain_id
enabled
extra
id
name
password
class keystone.identity.backends.sql.UserDomainGrant(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.Base, keystone.identity.backends.sql.BaseGrant

data
domain_id
user_id
class keystone.identity.backends.sql.UserGroupMembership(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.Base, keystone.common.sql.core.DictBase

Group membership join table.

group_id
user_id
class keystone.identity.backends.sql.UserProjectGrant(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.Base, keystone.identity.backends.sql.BaseGrant

data
project_id
user_id
keystone.identity.backends.sql.handle_conflicts(type='object')

Converts IntegrityError into HTTP 409 Conflict.

Previous topic

The keystone.identity.backends.pam Module

Next topic

The keystone.identity.controllers Module

This Page