keystone.trust.backends.sql module

class keystone.trust.backends.sql.Trust[source]

Bases: keystone.trust.backends.base.TrustDriverBase

consume_use(trust_id)[source]

Consume one use of a trust.

One use of a trust is consumed when the trust was created with a limitation on its uses, provided there are still uses available.

Raises
create_trust(trust_id, trust, roles)[source]

Create a new trust.

Returns

a new trust

delete_trust(trust_id)[source]
delete_trusts_for_project(project_id)[source]

Delete all trusts for a project.

Parameters

project_id – ID of a project to filter trusts by.

flush_expired_and_soft_deleted_trusts(project_id=None, trustor_user_id=None, trustee_user_id=None, date=None)[source]

Flush expired and non-expired soft deleted trusts from the backend.

Parameters
  • project_id – ID of a project to filter trusts by.

  • trustor_user_id – ID of a trustor_user_id to filter trusts by.

  • trustee_user_id – ID of a trustee_user_id to filter trusts by.

  • date (datetime) – date to filter trusts by.

get_trust(trust_id, deleted=False)[source]

Get a trust by the trust id.

Parameters
  • trust_id (string) – the trust identifier

  • deleted (bool) – return the trust even if it is deleted, expired, or has no consumptions left

list_trusts()[source]
list_trusts_for_trustee(trustee_user_id)[source]
list_trusts_for_trustor(trustor_user_id)[source]
class keystone.trust.backends.sql.TrustModel(*args, **kwargs)[source]

Bases: sqlalchemy.orm.decl_api.Base, keystone.common.sql.core.ModelDictMixinWithExtras

attributes = ['id', 'trustor_user_id', 'trustee_user_id', 'project_id', 'impersonation', 'expires_at', 'remaining_uses', 'deleted_at', 'redelegated_trust_id', 'redelegation_count']
deleted_at
expires_at
expires_at_int
extra
id
impersonation
project_id
redelegated_trust_id
redelegation_count
remaining_uses
trustee_user_id
trustor_user_id
class keystone.trust.backends.sql.TrustRole(*args, **kwargs)[source]

Bases: sqlalchemy.orm.decl_api.Base

attributes = ['trust_id', 'role_id']
role_id
trust_id