Commits on Aug 7, 2012
  1. Open 2012.1.2 development

    Bump version to 2012.1.2 to formally open development of the next
    Essex stable update release.
    Change-Id: Id20de09f981f5389afbb9622ade9de7d4f3fd015
    markmc committed Aug 7, 2012
Commits on Jul 31, 2012
Commits on Jul 30, 2012
  1. Merge "fix variable names to coincide with the ones in common.ldap" i…

    …nto stable/essex
    Jenkins committed with openstack-gerrit Jul 30, 2012
  2. Raise unauthorized if tenant disabled (bug 988920)

    If the client attempts to explicitly authenticate against a disabled
    tenant, keystone should return HTTP 401 Unauthorized.
    Change-Id: I49fe56b6ef8d9f2fc6b9357472dae8964bb9cb9c
    dolph committed with apevec Jul 16, 2012
  3. Import ec2 credentials from old keystone db

    Fix bug #1016056
    Change-Id: Iebf31ccbdeff274b2c8f265911d3411963dd4844
    trid committed with apevec Jul 11, 2012
Commits on Jul 19, 2012
  1. cleanup dependent data upon user/tenant deletion

    fixes bug 974199
    fixes bug 973243
    * upon deletion of tenant also delete user tenant relations
    * upon deletion of tenant or user also delete corresponding metadata
    * add foreign keys in metadata to ensure consistency
    see also:
    Change-Id: I264714fe82b727e3e0f5273bcb781a580a3f3826
    jdsn committed with mapleoin Jul 12, 2012
Commits on Jul 12, 2012
  1. fix variable names to coincide with the ones in common.ldap

    Change-Id: I148d8d9b0a67b8c45d06227829d0105935216c4d
    mapleoin committed Jun 29, 2012
Commits on Jul 5, 2012
Commits on Jun 28, 2012
Commits on Jun 27, 2012
  1. Monkey patching 'thread'.

    Fixes bug 1012381.
    Change-Id: Icb7b2372df96d647fc6dcd4c4ebe72c8aa607f9d
    rafaduran committed with apevec Jun 19, 2012
Commits on Jun 26, 2012
  1. Require authz for user role list (bug 1006815)

    Change-Id: I65f25dcca3e265f44746930917434b45e64de15e
    dolph committed with apevec Jun 3, 2012
  2. Require authz for service CRUD (bug 1006822)

    Change-Id: Ia90f0aa2b856b9a9874d4865fb92ee913e8125c5
    dolph committed with apevec Jun 3, 2012
Commits on Jun 22, 2012
  1. Set defaultbranch in .gitreview to stable/essex

    This allows people run git-review without any arguments.
    Change-Id: I3f1c7ce22cbe40ed34f084fd3dbc0941ba787bcf
    markmc committed Jun 22, 2012
Commits on Jun 14, 2012
  1. Carrying over token expiry time when token chaining

    Fixes bug #998185
    This commit causes the token expiry time to be maintained when
    one token is being created from another
    Change-Id: I7b61692a60d9227423b93c267864a5abe939ca33
    derekhiggins committed with apevec Jun 5, 2012
  2. Invalidate user tokens when a user is disabled

    Fixes Bug 997194
    Delete valid tokens for a user when they have been disabled
    Moved logic to delete tokens into update_user, as this can be called
    directly form the REST API.
    Also checks if a user is enabled when creating a token from another
    token, this helps in cases there the backend didn't support listing of
    tokens (and as a result weren't deleted)
    Change-Id: Ib5ed73a7873bfa66ef31bf6d0f0322f50e677688
    derekhiggins committed with apevec May 11, 2012
  3. Invalidate user tokens when password is changed

    Fixes bug 996595
    This commit will cause all valid tokens to be deleted for a user
    who's password is changed (implemented for the sql and kvs backends)
    Change-Id: I6ad7da8957b7041983a3fc91d9ba9368667d06ac
    derekhiggins committed with apevec May 9, 2012
  4. Open 2012.1.1 development

    Bump version to 2012.1.1 to formally open development of the next
    Essex stable update release.
    Change-Id: I845e8abca87751bbe4ebfa9414add247f2afdc1f
    markmc committed Jun 14, 2012
Commits on Jun 13, 2012
  1. Fix expired token tests

    Fixes bug #983800
    The expiration timestamps are expressed in UTC time, so ensure:
     1) The timestamp of the token created by the test is UTC time (i.e.
        utcnow() vs now())
     2) The expiration check in the dummy memcache client properly
        accounts for UTC (i.e. utctimetuple() vs timetuple())
    Change-Id: Ie7356456f79ab5a8070a79771bb7d210b1cedd47
    markmc committed with mapleoin Apr 10, 2012
Commits on Jun 12, 2012
  1. Add ChangeLog to tarball.

    Fixes LP Bug #978981.
    Change-Id: I5b98df88673422cfc39c471fd77eecd77fa0cf2c
    dprince committed with apevec Apr 11, 2012
Commits on Jun 11, 2012
  1. Flush tenant membership deletion before user

    Ensure user tenant membership is *actually* removed before deleting
    Applied to 'stable/essex', originally committed to trunk via
    Fixes bug 998137.
    Change-Id: Ib52970d68f288b8742c3e060c7040838a1c738c2
    Adam Gandelman committed Jun 11, 2012
  2. Corrects url conversion in export_legacy_catalog

    Fixes bug 994936
    Change-Id: Ia63fdae7d0bcd7f8b0b587da588404765e22fb8f
    sorrison committed with apevec May 6, 2012
  3. Fix test env for the stable branch

    Need both changes in one commit to pass the gate!
    * Nail pep8 dependencies to 1.0.1.
    Nails the pep8 deps for tox and test-requires to 1.0.1.
    Fixes an issues causing pep8 failures due to a new pep8 release.
    (cherry picked from Nova stable)
    * Switch to 1000 rounds during unit tests
    Fixes bug 992918
    passlib 1.6 introduced a minimum number of rounds for sha512_crypt. As
    a result, increase the rounds used during testing to the minimum
    Change-Id: Ic0c635e92b4f13180a047904a6efa490ab599012
    apevec committed Jun 11, 2012
Commits on May 14, 2012
  1. Make import_nova_auth only create roles which don't already exist

    Fixes bug #969088
    If a role already exists, there's no particular need for import_nova_auth
    to barf. Instead, we should just use the existing role.
    Change-Id: I18ae38af62b4c2b2423e20e436611fc30f844ae1
    markmc committed with Chuck Short Mar 30, 2012
Commits on Apr 4, 2012
  1. Remove tenant membership during user deletion

    Remove users' tenant membership on user deletion.  Resolves a FK constraint
    issue that previously went unnoticed due to testing against database
    configurations that do not support FK constraints (MyISAM).
    Fixes LP bug 959294.
    Update: * Move tenant membership cleanup to the sql identity backend
            * Add a test case to test_backend_sql
    Change-Id: Ib4f5da03033f7886b36d1ab3b8b4ac37f08b2e0e
    Adam Gandelman committed with devcamcar Apr 2, 2012
Commits on Apr 3, 2012
  1. Add a _ at the end of reseller_prefix default.

    - Fixes bug 971592.
    Change-Id: Ic9edb2b8b0043413e4ec16de9c669646ae4230a6
    chmouel committed with ttx Apr 2, 2012
  2. Merge "additional logging to support debugging auth issue" into miles…

    Jenkins committed with openstack-gerrit Apr 3, 2012
  3. Add support to swift_auth for tokenless authz

     * Updates keystone.middleware.swift_auth to allow token-less
       (unauthenticated) access for container sync (bug 954030) and
       permitted referrers (bug 924578).
    Change-Id: Ieccf458c44dfe55f546dc15c79704800dad59ac0
    Maru Newby committed with ttx Mar 21, 2012
  4. additional logging to support debugging auth issue

    fixes bug 969801
    Change-Id: Iaf752e5f3692c91030cfd8575114f2c3293d1dba
    heckj committed with ttx Mar 31, 2012
  5. Fixed misc errors in configuration.rst

     * Addresses bug 965788
    Change-Id: I5aa276589a9818c7f523e6da9531af363139adbb
    Maru Newby committed with ttx Mar 26, 2012