keystone.identity.backends.sql_model module

class keystone.identity.backends.sql_model.ExpiringUserGroupMembership(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

Expiring group membership through federation mapping rules.

expired

expires

group_id

idp_id

last_verified

user_id

class keystone.identity.backends.sql_model.FederatedUser(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['id', 'user_id', 'idp_id', 'protocol_id', 'unique_id', 'display_name']

display_name

id

idp_id

protocol_id

unique_id

user_id

class keystone.identity.backends.sql_model.Group(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixinWithExtras

attributes = ['id', 'name', 'domain_id', 'description']

description

domain_id

expiring_user_group_memberships

extra

id

name

class keystone.identity.backends.sql_model.LocalUser(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['id', 'user_id', 'domain_id', 'name']

domain_id

failed_auth_at

failed_auth_count

id

name

passwords

user_id

class keystone.identity.backends.sql_model.NonLocalUser(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

SQL data model for nonlocal users (LDAP and custom).

attributes = ['domain_id', 'name', 'user_id']

domain_id

name

user_id

class keystone.identity.backends.sql_model.Password(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

attributes = ['id', 'local_user_id', 'password_hash', 'created_at', 'expires_at']

created_at

created_at_int

expires_at

expires_at_int

id

local_user_id

password_hash

self_service

class keystone.identity.backends.sql_model.User(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixinWithExtras

attributes = ['id', 'name', 'domain_id', 'password', 'enabled', 'default_project_id', 'password_expires_at']

created_at

default_project_id

domain_id

enabled

Return whether user is enabled or not.

expiring_user_group_memberships

extra

federated_users

classmethod from_dict(user_dict)

Override from_dict to remove password_expires_at attribute.

Overriding this method to remove password_expires_at attribute to support update_user and unit tests where password_expires_at inadvertently gets added by calling to_dict followed by from_dict.

Parameters

user_dict – User entity dictionary

Returns User

User object

get_resource_option(option_id)

id

last_active_at

local_user

name

Return the current user name.

nonlocal_user

password

Return the current password.

property password_created_at

Return when password was created at.

property password_expires_at

Return when password expires at.

property password_is_expired

Return whether password is expired or not.

property password_ref

Return the current password ref.

readonly_attributes = ['id', 'password_expires_at', 'password']

resource_options_registry = <keystone.common.resource_options.core.ResourceOptionRegistry object>

to_dict(include_extra_dict=False)

Return the model’s attributes as a dictionary.

If include_extra_dict is True, ‘extra’ attributes are literally included in the resulting dictionary twice, for backwards-compatibility with a broken implementation.

class keystone.identity.backends.sql_model.UserGroupMembership(*args, **kwargs)

Bases: sqlalchemy.ext.declarative.api.Base, keystone.common.sql.core.ModelDictMixin

Group membership join table.

group_id

user_id

class keystone.identity.backends.sql_model.UserOption(option_id, option_value)

Bases: sqlalchemy.ext.declarative.api.Base

option_id

option_value

user_id