For multi-domain model, set OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT to True and the login form will prompt the user for Domain name. For single-domain model, set OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT to False. The application will use the name of the default domain in OPENSTACK_KEYSTONE_DEFAULT_DOMAIN to login. Cleanup the unused Tenant field in the login form. Implements blueprint login-domain-support
access.AccessInfo.factory() does a (keystone) API version check, thus add versioned_scoped_token_dict to tests/data.py.
Setting the pk attribute of the User object for Django 1.5 compatibility. In Django 1.4, the id of the User object was used as the unique identifier. In Django 1.5, the pk is now used instead of id. Here is the related code change in Django: django/django@0eeae15
The is_safe_url function used in a previous commit was introduced in Django 1.4.3. I think breaking compatibility with the old version is unnecessary, and Ubuntu has backported the security fixes so I'm hesitant to require a new Django version. This commit moves the function into openstack_auth.utils, and uses it if the Django version is missing.
logical AND of all top level permissions. Will use logical OR for all first level tuples (check that use has one permissions in the tuple) Allows users with different roles to access a panel, while a user with a third role won't be allowed to access the same panel. Examples: Checks for all required permissions ('openstack.roles.admin', 'openstack.roles.L3-support') Checks for admin AND (L2 or L3) ('openstack.roles.admin', ('openstack.roles.L3-support', 'openstack.roles.L2-support'),)
The 'login' view currently accepts a parameter specifying the URL to redirect to after a successful login (via ?next=). This adds the same support for the 'switch' view by reusing a couple of lines of code from the Django login view.