keystone.common.authorization module

keystone.common.authorization module

keystone.common.authorization.assert_admin(app, request)[source]

Ensure the user is an admin.

keystone.common.authorization.check_policy(controller, request, action, filter_attr=None, input_attr=None, target_attr=None, *args, **kwargs)[source]
keystone.common.authorization.check_protection(controller, request, prep_info, target_attr=None, *args, **kwargs)[source]

Provide call protection for complex target attributes.

As well as including the standard parameters from the original API call (which is passed in prep_info), this call will add in any additional entities or attributes (passed in target_attr), so that they can be referenced by policy rules.


Retrieve TokenModel object from the auth context and returns it.

Parameters:context (dict) – The request context.
Raises:keystone.exception.Unauthorized – If auth context cannot be found.
Returns:The TokenModel object.
Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.