diff options
author | Lance Bragstad <lbragstad@gmail.com> | 2018-02-20 22:21:20 +0000 |
---|---|---|
committer | Colleen Murphy <colleen@gazlene.net> | 2018-02-21 09:45:34 +0000 |
commit | 02047000b424b75df5da4bb2b578fae0303d8e54 (patch) | |
tree | 2a08a442325a07b0d746dc578dbeaeaaa6e5da62 | |
parent | 1dc2173c1cc116763b79baeb34635bdec3a39b21 (diff) | |
download | keystone-02047000b424b75df5da4bb2b578fae0303d8e54.tar.gz |
Remove v2.0 policies
In queens the v2.0 APIs were removed. This commit removes the
leftover v2.0 policies documented in the sample policy file.
Change-Id: Ibb841bcbc12d0be365ddb2681310a0eee6724782
(cherry picked from commit 8948050c03252853d406ddea157633550cb639e4)
-rw-r--r-- | doc/source/getting-started/policy_mapping.rst | 7 | ||||
-rw-r--r-- | keystone/common/policies/token.py | 11 |
2 files changed, 2 insertions, 16 deletions
diff --git a/doc/source/getting-started/policy_mapping.rst b/doc/source/getting-started/policy_mapping.rst index 6f2b65e1d..3ed3cb120 100644 --- a/doc/source/getting-started/policy_mapping.rst +++ b/doc/source/getting-started/policy_mapping.rst @@ -131,11 +131,8 @@ identity:update_policy PATCH /v3/policy/{pol identity:delete_policy DELETE /v3/policy/{policy_id} identity:check_token HEAD /v3/auth/tokens -identity:validate_token GET /v2.0/tokens/{token_id} - GET /v3/auth/tokens -identity:validate_token_head HEAD /v2.0/tokens/{token_id} -identity:revocation_list GET /v2.0/tokens/revoked - GET /v3/auth/tokens/OS-PKI/revoked +identity:validate_token GET /v3/auth/tokens +identity:revocation_list GET /v3/auth/tokens/OS-PKI/revoked identity:revoke_token DELETE /v3/auth/tokens identity:create_trust POST /v3/OS-TRUST/trusts identity:list_trusts GET /v3/OS-TRUST/trusts diff --git a/keystone/common/policies/token.py b/keystone/common/policies/token.py index 2aafef858..49165f42e 100644 --- a/keystone/common/policies/token.py +++ b/keystone/common/policies/token.py @@ -44,19 +44,8 @@ token_policies = [ # scope_types=['system', 'project'], description='Validate a token.', operations=[{'path': '/v3/auth/tokens', - 'method': 'GET'}, - {'path': '/v2.0/tokens/{token_id}', 'method': 'GET'}]), policy.DocumentedRuleDefault( - name=base.IDENTITY % 'validate_token_head', - check_str=base.RULE_SERVICE_OR_ADMIN, - # FIXME(lbragstad): See the comment above about why this is commented - # out. - # scope_types=['system', 'project'], - description='Validate a token.', - operations=[{'path': '/v2.0/tokens/{token_id}', - 'method': 'HEAD'}]), - policy.DocumentedRuleDefault( name=base.IDENTITY % 'revoke_token', check_str=base.RULE_ADMIN_OR_TOKEN_SUBJECT, # FIXME(lbragstad): System administrators should be able to revoke any |