keystone.notifications module¶
Notifications module for OpenStack Identity Service resources.
- keystone.notifications.ACTIONS = ('created', 'deleted', 'disabled', 'updated', 'internal')¶
The actions on resources.
- class keystone.notifications.Audit[source]¶
Bases:
object
Namespace for audit notification functions.
This is a namespace object to contain all of the direct notification functions utilized for
Manager
methods.- classmethod added_to(target_type, target_id, actor_type, actor_id, initiator=None, public=True, reason=None)[source]¶
- class keystone.notifications.CadfNotificationWrapper(operation)[source]¶
Bases:
object
Send CADF event notifications for various methods.
This function is only used for Authentication events. Its
action
andevent_type
are dictated below.action:
authenticate
event_type:
identity.authenticate
Sends CADF notifications for events such as whether an authentication was successful or not.
- Parameters:
operation – The authentication related action being performed
- class keystone.notifications.CadfRoleAssignmentNotificationWrapper(operation)[source]¶
Bases:
object
Send CADF notifications for
role_assignment
methods.This function is only used for role assignment events. Its
action
andevent_type
are dictated below.action:
created.role_assignment
ordeleted.role_assignment
- event_type:
identity.role_assignment.created
or identity.role_assignment.deleted
- event_type:
Sends a CADF notification if the wrapped method does not raise an
Exception
(such askeystone.exception.NotFound
).- Parameters:
operation – one of the values from ACTIONS (created or deleted)
- ROLE_ASSIGNMENT = 'role_assignment'¶
- keystone.notifications.build_audit_initiator()[source]¶
A pyCADF initiator describing the current authenticated context.
- keystone.notifications.clear_subscribers()[source]¶
Empty subscribers dictionary.
This effectively stops notifications since there will be no subscribers to publish to.
- keystone.notifications.emit_event¶
alias of
CadfNotificationWrapper
- keystone.notifications.invalidate_token_cache_notification(reason)[source]¶
A specific notification for invalidating the token cache.
- Parameters:
reason (string) – The specific reason why the token cache is being invalidated.
- keystone.notifications.listener(cls)[source]¶
A class decorator to declare a class to be a notification listener.
A notification listener must specify the event(s) it is interested in by defining a
event_callbacks
attribute or property.event_callbacks
is a dictionary where the key is the type of event and the value is a dictionary containing a mapping of resource types to callback(s).ACTIONS
contains constants for the currently supported events. There is currently no single place to find constants for the resource types.Example:
@listener class Something(object): def __init__(self): self.event_callbacks = { notifications.ACTIONS.created: { 'user': self._user_created_callback, }, notifications.ACTIONS.deleted: { 'project': [ self._project_deleted_callback, self._do_cleanup, ] }, }
- keystone.notifications.notify_event_callbacks(service, resource_type, operation, payload)[source]¶
Send a notification to registered extensions.
- keystone.notifications.register_event_callback(event, resource_type, callbacks)[source]¶
Register each callback with the event.
- Parameters:
event (keystone.notifications.ACTIONS) – Action being registered
resource_type (str) – Type of resource being operated on
callbacks (list) – Callback items to be registered with event
- Raises:
ValueError – If event is not a valid ACTION
TypeError – If callback is not callable
- keystone.notifications.reset_notifier()[source]¶
Reset the notifications internal state.
This is used only for testing purposes.
- keystone.notifications.role_assignment¶
- keystone.notifications.send_saml_audit_notification(action, user_id, group_ids, identity_provider, protocol, token_id, outcome)[source]¶
Send notification to inform observers about SAML events.
- Parameters:
action (str) – Action being audited
user_id (str) – User ID from Keystone token
group_ids (list) – List of Group IDs from Keystone token
identity_provider (str or None) – ID of the IdP from the Keystone token
protocol (str) – Protocol ID for IdP from the Keystone token
token_id (str or None) – audit_id from Keystone token
outcome (str) – One of
pycadf.cadftaxonomy