| Commit message (Collapse) | Author | Age | Files | Lines |
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Manual import of Translations from Transifex. This change also removes
all po files that are less than 66 per cent translated since such
partially translated files will not help users.
This change needs to be done manually since the automatic import does
not handle the proposed branches and we need to sync with latest
translations.
Change-Id: Iaf4bdae303b06c1af4023fe2daa3a6b03c195ee9
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This syncs to oslo-incubator to commit 64b5819 and also includes
51280db.
Change-Id: I7b43a67a0b67fe0ff5ac3d87708ecc4ab52102f8
Depends-On: Ie51669bd278288b768311ddf56ad31a2f28cc7ab
Closes-Bug: #1446583
(cherry picked from commit 797da5f05444e7cfbf55df52867ade6107834f00)
|
|\ \ |
|
| |/
| |
| |
| | |
Change-Id: I72af7a36f2c3ba206be06fa35323386801e6ff81
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
WebSSO always use the remote_id_attribute from the
[federation] group. Fix the issue, by consuming the
protocol specific remote_id_attribute if available.
Change-Id: Icdc693965ec53e5ff8f1901af26c9232a20aef7e
Closes-Bug: #1441827
(cherry picked from commit 9b11d13856034e3a2cf6ab1f6ca80a6965818d17)
|
|\ \ \ |
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
memcache.Client is inherited from threading._local so instances are only
accessible from current thread or eventlet. Present workaround broke
inheritance chain so super() call is unusable.
This patch makes artificial client class mimic inheritance from
threading._local while using generic object methods allowing reusability.
Change-Id: Ic5d5709695877afb995fd816bb0e4ce711b99b60
Closes-Bug: #1440493
(cherry picked from commit 33a95575fc3778bf8ef054f7b9d24fcb7c75100b)
|
|\ \ \ |
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The current man pages for keystone-manage don't include commands relating to
Fernet setup, or the domain configuration upload.
Change-Id: Ifd208151470d8d39d3d4851557e45dc12d1a577b
Closes-Bug: #1441300
(cherry picked from commit 7d8b6eb2ac4f46dbe63e3883de5b8ad85b7e8251)
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Since the backend_argument can potentially contain a password,
it should be marked secret to avoid leakage into the logs.
Closes-Bug: #1443598
Change-Id: I55663db4cf2df84a66de8f64fba4b4f129ae827d
(cherry picked from commit f9db1a65bd4d83d12c572ba4d5807845996ef410)
|
|\ \ \ \
| |_|_|/
|/| | |
| | | | |
drivers" into stable/kilo
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
Change-Id: I298515dafd7f8eb8a02745d128296a0da596adf6
closes-bug: #1441386
(cherry picked from commit da2effe7f33f5822da33b3966e3afd386d6f43cb)
|
| |/
|/|
| |
| |
| |
| | |
Open stable/kilo branch by setting defaultbranch for git-review.
Change-Id: If5b35b0fc5a85ba8dda16dc6b365537ed0d839bc
|
|/
|
|
|
|
|
|
|
| |
pymongo 3.0 renamed mongos_enum to read_pref_mode_from_name which
was causing the unit tests to fail.
Change-Id: Iaa7fd7221c2e6c865633ef342e6b83304a1de655
Closes-Bug: 1441393
(cherry picked from commit 7c3fe6acaef6fc283c383fb79f06e388df6e6926)
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The test case class IdentityTestListLimitCase (test_v3_filters.py)
always sets multiple policies for the each test defined in that class.
However, only one policy is really needed for each test case.
That appears to lead to unreliable policy checking.
It would be better to set only one policy required for the particular
test case (policy with the type of entity used in the test case).
Change-Id: I7892950b43c56ecce03677d8d592e71359bedf27
Closes-Bug: #1271273
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Added a check for service.extra column before jsonutils.loads() call
Change-Id: I5a652101d986672ba6094f0b3e107e2710154c68
Closes-Bug: #1441164
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Notifications were not being sent when role grants were added or
deleted using the v2 API.
SecurityImpact
Change-Id: I577d4435d551181298b23e713ed84f76d9f1ba3e
Closes-Bug: #1435396
|
|\ \ \ \ |
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
`revocation_event` model class missed index at revoked_at column, whereas a
migration keystone/contrib/revoke/migrate_repo/versions/001_revoke_table.py:35
provides the index. The migration looks correct, but the model doesn't
appropriate to the migration.
Closes-Bug: #1397899
Change-Id: I5205f9a0e951d43badd2b11fd5b20a5d59c07ee8
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
For "damned good security reasons" (POODLE) some platforms have
patched out SSLv3 from OpenSSL. Because Evenetlet cannot be configured
for specific versions (or ciphers) and httplib is extremely limited,
the tests for SSL have been explicitly skipped. These tests should
be potentially re-enabled in the functional suite for SSL terminated
endpoints.
This comes back to "do not terminate SSL in the eventlet wsgi" that
was determined in bug 1381365.
Change-Id: Ic4b446ceee9034de5b6530c2d79d798a903fcbbf
Related-Bug: #1381365
Closes-Bug: #1435174
|
|\ \ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
If a token is domain-scoped, there is no project defined.
Hence for any catalog entries, we should skip any endpoints
that need a project id in order to be formatted correctly.
Co-Authored-By: Henry Nash <henryn@linux.vnet.ibm.com>
Change-Id: I3617a2509bfc4213f136b5c867c40d478a70ded8
Closes-Bug: #1261468
|
|\ \ \ \ \ |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
there are a few extra steps necessary for supporting horizon and
a federated keystone, these need to be documented.
Change-Id: I468e5591de9b77b44de995d855dc9b133bf0e741
|
| |_|/ / /
|/| | | |
| | | | |
| | | | | |
Change-Id: Icaf6356f5df79a8fb8ae9bc6f91bcc062dda6272
|
|\ \ \ \ \ |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This patch fixes an error in the file-based domain-specific
configuration support where the method to spot multiple SQL
drivers would fail to remember previous instances of this. The
fix is simply to OR the previous cumulative memory of SQL drivers
with the state of the one being requested.
Change-Id: I87314a5806a5652695ef17f74f70165b8e3347c2
Closes-Bug: #1410850
|
|\ \ \ \ \ \
| |/ / / / / |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
File-based domain-specific configuration supports only one SQL backend.
The method that checked how many SQL backends are enabled was not correct,
and depending on the order of domains examined, may give the wrong
result. A follow-on patch will fix this error.
Co-Authored-By: Henry Nash <henryn@linux.vnet.ibm.com>
Partial-Bug: #1410850
Change-Id: Idfc03ba5314acc7ebc8ed99f078b6a08130cc1dd
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
When support was added for multiple remote_ids, identity provider
creation was broken when remote_ids are specified as None instead
of an empty list. The remote_ids are supposed to be optional. This
causes 400 errors when using python-openstackclient to create an
identity provider without any remote_ids.
Change-Id: I9a4d1206f6df95636ae350236f6e704ca37f7b73
Closes-bug: #1440185
|
|\ \ \ \ \ \ |
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
The fernet provider is optional and has extra requirements beyond
other token providers. keystone-manage shouldn't require these
extra requirements just to run.
Closes-Bug: 1440123
Change-Id: I2363e090372bdb709a6754a216db45fc649a5aed
|
|\ \ \ \ \ \ \ |
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
For more information about this automatic import see:
https://wiki.openstack.org/wiki/Translations/Infrastructure
Change-Id: Ifa4f1e9bf138c14817bace4de67800688c827465
|
|\ \ \ \ \ \ \ \ |
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
'/OS-FEDERATION/projects' and '/auth/projects'
API endpoints did not honor project inherited
group role assignments.
This patch fixed this bug.
Closes-Bug: #1424500
Change-Id: I4937289362122952d1b3e1b73c5712601c675bb4
|
|\ \ \ \ \ \ \ \ \
| |/ / / / / / / / |
|
| | |_|_|_|_|_|/
| |/| | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
'/OS-FEDERATION/projects' and '/auth/projects'
API endpoints do not honor project inherited
group role assignments.
This patch exposes this bug and a follow-on patch
will fix it.
Related-Bug: #1424500
Change-Id: Idd6827bc5552192f04de19e8a78fb462bdde380f
|
|\ \ \ \ \ \ \ \
| |_|/ / / / / /
|/| | | | | | | |
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Unless being used to override the Manager implementation, .driver
doesn't need to be used because the Manager automatically
forwards calls to the driver. The code shouldn't use .driver
directly where it's not necessary since developers should be
able to override behavior in the Manager, which we've done
several times (for deprecations or reorganization for
example).
Change-Id: I05b13d4f4ec7e6be8e72b73bac164333535aebee
|
|\ \ \ \ \ \ \ \ |
|
| |/ / / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
The default log level override wasn't sticking around because
oslo.config resets the config when calling CONF(). We need to use
set_default instead of setting the value directly.
Change-Id: I43e12134027a657e8f2905ef4fa866332a7fb1dc
|
|\ \ \ \ \ \ \ \ |
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
- Check for colon in credentials['host'] instead of
credentials['signature'].
- Fix the syntax issue when trying to get the signature
from the dict.
- credentials['signature'] is not guaranteed to existed,
so check it explicitly.
- Need to reinitialize 'signer' to avoid contaminated status
of signature.
Closes-Bug: #1289115
Closes-Bug: #1434599
Change-Id: Idb5d97c30a20872fdaafea786bcea2631d70858c
|