keystoneclient/v3/credentials.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

# Copyright 2011 OpenStack Foundation
# Copyright 2011 Nebula, Inc.
# All Rights Reserved.
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.

from keystoneclient import base
from keystoneclient import utils


class Credential(base.Resource):
    """Represents an Identity credential.

    Attributes:
        * id: a uuid that identifies the credential

    """
    pass


class CredentialManager(base.CrudManager):
    """Manager class for manipulating Identity credentials."""
    resource_class = Credential
    collection_key = 'credentials'
    key = 'credential'

    def _get_data_blob(self, blob, data):
        # Ref bug #1259461, the <= 0.4.1 keystoneclient calling convention was
        # to pass "data", but the underlying API expects "blob", so
        # support both in the python API for backwards compatibility
        if blob is not None:
            return blob
        elif data is not None:
            # FIXME(shardy): Passing data is deprecated. Provide an
            # appropriate warning.
            return data
        else:
            raise ValueError(
                "Credential requires blob to be specified")

    @utils.positional(1, enforcement=utils.positional.WARN)
    def create(self, user, type, blob=None, data=None, project=None, **kwargs):
        return super(CredentialManager, self).create(
            user_id=base.getid(user),
            type=type,
            blob=self._get_data_blob(blob, data),
            project_id=base.getid(project),
            **kwargs)

    def get(self, credential):
        return super(CredentialManager, self).get(
            credential_id=base.getid(credential))

    def list(self, **kwargs):
        """List credentials.

        If ``**kwargs`` are provided, then filter credentials with
        attributes matching ``**kwargs``.
        """
        return super(CredentialManager, self).list(**kwargs)

    @utils.positional(2, enforcement=utils.positional.WARN)
    def update(self, credential, user, type=None, blob=None, data=None,
               project=None, **kwargs):
        return super(CredentialManager, self).update(
            credential_id=base.getid(credential),
            user_id=base.getid(user),
            type=type,
            blob=self._get_data_blob(blob, data),
            project_id=base.getid(project),
            **kwargs)

    def delete(self, credential):
        return super(CredentialManager, self).delete(
            credential_id=base.getid(credential))