keystone.assignment.role_backends.sql module

class keystone.assignment.role_backends.sql.Role[source]

Bases: RoleDriverBase

create_implied_role(prior_role_id, implied_role_id)[source]

Create a role inference rule.

Raises:

keystone.exception.RoleNotFound: If the role doesn’t exist.

create_role(role_id, role)[source]

Create a new role.

Raises:

keystone.exception.Conflict – If a duplicate role exists.

delete_implied_role(prior_role_id, implied_role_id)[source]

Delete a role inference rule.

Raises:

keystone.exception.ImpliedRoleNotFound – If the implied role doesn’t exist.

delete_role(role_id)[source]

Delete an existing role.

Raises:

keystone.exception.RoleNotFound – If the role doesn’t exist.

get_implied_role(prior_role_id, implied_role_id)[source]

Get a role inference rule.

Raises:

keystone.exception.ImpliedRoleNotFound – If the implied role doesn’t exist.

get_role(role_id)[source]

Get a role by ID.

Returns:

role_ref

Raises:

keystone.exception.RoleNotFound – If the role doesn’t exist.

list_implied_roles(prior_role_id)[source]

List roles implied from the prior role ID.

list_role_inference_rules()[source]

List all the rules used to imply one role from another.

list_roles(hints)[source]

List roles in the system.

Parameters:

hints – filter hints which the driver should implement if at all possible.

Returns:

a list of role_refs or an empty list.

list_roles_from_ids(ids)[source]

List roles for the provided list of ids.

Parameters:

role_ids – list of ids

Returns:

a list of role_refs.

This method is used internally by the assignment manager to bulk read a set of roles given their ids.

update_role(role_id, role)[source]

Update an existing role.

Raises: