openstack/adjutant
Code Issues Proposed changes

Fixed some unneeded domain_id handling

Browse Source 
When you are acting on a user or project with an id
there is no need for a domain_id as well, since
IDs are unique across all domains. Names are not.

Change-Id: Ib49ac4d3e1d3e0869195a67ecc922aae24e2a44e
This commit is contained in:
Adrian Turjak 2019-02-01 13:05:50 +13:00
parent 27ac3ae85b
commit ba14a45ba9
4 changed files with 13 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
adjutant/actions/v1/base.py
View File

@ -179,16 +179,20 @@ class BaseAction(object):
class ResourceMixin(object):
"""Base Mixin class for dealing with Openstack resources."""
def _validate_keystone_user(self):
def _validate_keystone_user_project_id(self):
keystone_user = self.action.task.keystone_user
if keystone_user['project_id'] != self.project_id:
self.add_note('Project id does not match keystone user project.')
return False
return True
def _validate_keystone_user_domain_id(self):
keystone_user = self.action.task.keystone_user
if keystone_user['project_domain_id'] != self.domain_id:
self.add_note('Domain id does not match keystone user domain.')
return False
if keystone_user['project_id'] != self.project_id:
self.add_note('Project id does not match keystone user project.')
return False
return True
def _validate_domain_id(self):

9
adjutant/actions/v1/resources.py
View File

@ -63,19 +63,12 @@ class NewDefaultNetworkAction(BaseAction, ProjectMixin):
return False
return True
def _validate_keystone_user(self):
keystone_user = self.action.task.keystone_user
if keystone_user.get('project_id') != self.project_id:
self.add_note('Project id does not match keystone user project.')
return False
return True
def _validate(self):
self.action.valid = validate_steps([
self._validate_region,
self._validate_project_id,
self._validate_defaults,
self._validate_keystone_user,
self._validate_keystone_user_project_id,
])
self.action.save()

1
adjutant/actions/v1/serializers.py
View File

@ -87,7 +87,6 @@ class EditUserRolesSerializer(BaseUserIdSerializer):
choices=role_options, default=set)
remove = serializers.BooleanField(default=False)
project_id = serializers.CharField(max_length=64)
domain_id = serializers.CharField(max_length=64, default='default')
def validate(self, data):
if not data['roles'] and not data['inherited_roles']:

7
adjutant/actions/v1/users.py
View File

@ -107,7 +107,8 @@ class NewUserAction(UserNameAction, ProjectMixin, UserMixin):
def _validate(self):
self.action.valid = validate_steps([
self._validate_role_permissions,
self._validate_keystone_user,
self._validate_keystone_user_domain_id,
self._validate_keystone_user_project_id,
self._validate_domain_id,
self._validate_project_id,
self._validate_target_user,
@ -250,7 +251,6 @@ class EditUserRolesAction(UserIdAction, ProjectMixin, UserMixin):
"""
required = [
'domain_id',
'project_id',
'user_id',
'roles',
@ -328,9 +328,8 @@ class EditUserRolesAction(UserIdAction, ProjectMixin, UserMixin):
def _validate(self):
self.action.valid = validate_steps([
self._validate_keystone_user,
self._validate_keystone_user_project_id,
self._validate_role_permissions,
self._validate_domain_id,
self._validate_project_id,
self._validate_target_user,
self._validate_user_roles,