diff options
author | Jenkins <jenkins@review.openstack.org> | 2014-10-09 01:13:32 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2014-10-09 01:13:32 +0000 |
commit | c9c8a8c51d573abc09f0ede647e0beefb4208ae7 (patch) | |
tree | 918d37a93901d3423340386a6e25f5605d6b9ad7 | |
parent | 7dc6ef2410de5bf71a0baa5549e66884a824b02c (diff) | |
parent | d7b52931aeef06eda6ec774f6cc3497836b14899 (diff) | |
download | keystone-c9c8a8c51d573abc09f0ede647e0beefb4208ae7.tar.gz |
Merge "revise docs on default _member_ role"
-rw-r--r-- | etc/keystone.conf.sample | 17 | ||||
-rw-r--r-- | keystone/common/config.py | 17 |
2 files changed, 16 insertions, 18 deletions
diff --git a/etc/keystone.conf.sample b/etc/keystone.conf.sample index 9712f5d3f..bf0d444ef 100644 --- a/etc/keystone.conf.sample +++ b/etc/keystone.conf.sample @@ -81,17 +81,16 @@ # token values. (integer value) #max_token_size=8192 -# During a SQL upgrade member_role_id will be used to create a -# new role that will replace records in the assignment table -# with explicit role grants. After migration, the -# member_role_id will be used in the API add_user_to_project. -# (string value) +# Similar to the member_role_name option, this represents the +# default role ID used to associate users with their default +# projects in the v2 API. This will be used as the explicit +# role where one is not specified by the v2 API. (string +# value) #member_role_id=9fe2ff9ee4384b1894a90878d3e92bab -# During a SQL upgrade member_role_name will be used to create -# a new role that will replace records in the assignment table -# with explicit role grants. After migration, member_role_name -# will be ignored. (string value) +# This is the role name used in combination with the +# member_role_id option; see that option for more detail. +# (string value) #member_role_name=_member_ # The value passed as the keyword "rounds" to passlib's diff --git a/keystone/common/config.py b/keystone/common/config.py index b9c723f80..2b41b0052 100644 --- a/keystone/common/config.py +++ b/keystone/common/config.py @@ -97,16 +97,15 @@ FILE_OPTIONS = { 'exception for token values.'), cfg.StrOpt('member_role_id', default='9fe2ff9ee4384b1894a90878d3e92bab', - help='During a SQL upgrade member_role_id will be used ' - 'to create a new role that will replace records in ' - 'the assignment table with explicit role grants. ' - 'After migration, the member_role_id will be used in ' - 'the API add_user_to_project.'), + help='Similar to the member_role_name option, this ' + 'represents the default role ID used to associate ' + 'users with their default projects in the v2 API. ' + 'This will be used as the explicit role where one is ' + 'not specified by the v2 API.'), cfg.StrOpt('member_role_name', default='_member_', - help='During a SQL upgrade member_role_name will be used ' - 'to create a new role that will replace records in ' - 'the assignment table with explicit role grants. ' - 'After migration, member_role_name will be ignored.'), + help='This is the role name used in combination with the ' + 'member_role_id option; see that option for more ' + 'detail.'), cfg.IntOpt('crypt_strength', default=40000, help='The value passed as the keyword "rounds" to ' 'passlib\'s encrypt method.'), |