keystone.assignment.role_backends.base module

class keystone.assignment.role_backends.base.RoleDriverBase[source]

Bases: object

abstract create_implied_role(prior_role_id, implied_role_id)[source]

Create a role inference rule.

Raises:

keystone.exception.RoleNotFound: If the role doesn’t exist.

abstract create_role(role_id, role)[source]

Create a new role.

Raises:

keystone.exception.Conflict – If a duplicate role exists.

abstract delete_implied_role(prior_role_id, implied_role_id)[source]

Delete a role inference rule.

Raises:

keystone.exception.ImpliedRoleNotFound – If the implied role doesn’t exist.

abstract delete_role(role_id)[source]

Delete an existing role.

Raises:

keystone.exception.RoleNotFound – If the role doesn’t exist.

abstract get_implied_role(prior_role_id, implied_role_id)[source]

Get a role inference rule.

Raises:

keystone.exception.ImpliedRoleNotFound – If the implied role doesn’t exist.

abstract get_role(role_id)[source]

Get a role by ID.

Returns:

role_ref

Raises:

keystone.exception.RoleNotFound – If the role doesn’t exist.

abstract list_implied_roles(prior_role_id)[source]

List roles implied from the prior role ID.

abstract list_role_inference_rules()[source]

List all the rules used to imply one role from another.

abstract list_roles(hints)[source]

List roles in the system.

Parameters:

hints – filter hints which the driver should implement if at all possible.

Returns:

a list of role_refs or an empty list.

abstract list_roles_from_ids(role_ids)[source]

List roles for the provided list of ids.

Parameters:

role_ids – list of ids

Returns:

a list of role_refs.

This method is used internally by the assignment manager to bulk read a set of roles given their ids.

abstract update_role(role_id, role)[source]

Update an existing role.

Raises: