Remove role metadata structures¶
Remove the redundant “role metatdata structures” and the associated driver API call.
Part of the original assignment driver API for getting and setting the assignments on a project/domain was to construct a metadata structure that stored all the roles for a given project/domain in a dict. This probably was derived from the early kvs implementation that stored assignments in this form. Given that we have removed the kvs driver and now have a more normalized storage of assignments (e.g. one row per assignment), this hang over from the past has no advantage and just duplicates other paths for retrieving assignments, leading to complicated code and maintenance issues.
It is proposed that this support in the assignment drivers is removed and the
two manager methods that use it (
get_roles_for_user_and_domain) call other existing driver methods to
extract the same information.
Data Model Impact¶
REST API Impact¶
Other End User Impact¶
Other Deployer Impact¶
Henry Nash (henry-nash)
Modify manager methods to call other driver methods
_get_metadatamethod from LDAP and SQL drivers.
For optimum performance this would capitalize on the filter performance driver improvements already being undertaken, see: bp list-role-assignments-performance <https://blueprints.launchpad.net/keystone/+spec/list-role-assignments-performance>)