Simplify role addtion helper functions

Because adding the role is idempotent, we can save doing the initial
check for role assignment.  Also simplify the output matching by using
osc's filters where appropriate.

Co-Authored-By: Jens Harbott <harbott@osism.tech>
Change-Id: If2a661cc565a43a7821b8f0a10edd97de08eb911
This commit is contained in:
Ian Wienand 2019-09-24 12:51:25 +10:00 committed by Dr. Jens Harbott
parent e3bc6b5f57
commit e69b78df6f

View File

@ -966,29 +966,22 @@ function _get_domain_args {
# Usage: get_or_add_user_project_role <role> <user> <project> [<user_domain> <project_domain>] # Usage: get_or_add_user_project_role <role> <user> <project> [<user_domain> <project_domain>]
function get_or_add_user_project_role { function get_or_add_user_project_role {
local user_role_id local user_role_id
local domain_args
domain_args=$(_get_domain_args $4 $5) domain_args=$(_get_domain_args $4 $5)
# Gets user role id # Note this is idempotent so we are safe across multiple
# duplicate calls.
openstack --os-cloud devstack-system-admin role add $1 \
--user $2 \
--project $3 \
$domain_args
user_role_id=$(openstack --os-cloud devstack-system-admin role assignment list \ user_role_id=$(openstack --os-cloud devstack-system-admin role assignment list \
--role $1 \ --role $1 \
--user $2 \ --user $2 \
--project $3 \ --project $3 \
$domain_args \ $domain_args \
| grep '^|\s[a-f0-9]\+' | get_field 1) -c Role -f value)
if [[ -z "$user_role_id" ]]; then
# Adds role to user and get it
openstack --os-cloud devstack-system-admin role add $1 \
--user $2 \
--project $3 \
$domain_args
user_role_id=$(openstack --os-cloud devstack-system-admin role assignment list \
--role $1 \
--user $2 \
--project $3 \
$domain_args \
| grep '^|\s[a-f0-9]\+' | get_field 1)
fi
echo $user_role_id echo $user_role_id
} }
@ -996,23 +989,18 @@ function get_or_add_user_project_role {
# Usage: get_or_add_user_domain_role <role> <user> <domain> # Usage: get_or_add_user_domain_role <role> <user> <domain>
function get_or_add_user_domain_role { function get_or_add_user_domain_role {
local user_role_id local user_role_id
# Gets user role id
# Note this is idempotent so we are safe across multiple
# duplicate calls.
openstack --os-cloud devstack-system-admin role add $1 \
--user $2 \
--domain $3
user_role_id=$(openstack --os-cloud devstack-system-admin role assignment list \ user_role_id=$(openstack --os-cloud devstack-system-admin role assignment list \
--role $1 \ --role $1 \
--user $2 \ --user $2 \
--domain $3 \ --domain $3 \
| grep '^|\s[a-f0-9]\+' | get_field 1) -c Role -f value)
if [[ -z "$user_role_id" ]]; then
# Adds role to user and get it
openstack --os-cloud devstack-system-admin role add $1 \
--user $2 \
--domain $3
user_role_id=$(openstack --os-cloud devstack-system-admin role assignment list \
--role $1 \
--user $2 \
--domain $3 \
| grep '^|\s[a-f0-9]\+' | get_field 1)
fi
echo $user_role_id echo $user_role_id
} }
@ -1051,23 +1039,18 @@ function get_or_add_user_system_role {
# Usage: get_or_add_group_project_role <role> <group> <project> # Usage: get_or_add_group_project_role <role> <group> <project>
function get_or_add_group_project_role { function get_or_add_group_project_role {
local group_role_id local group_role_id
# Gets group role id
# Note this is idempotent so we are safe across multiple
# duplicate calls.
openstack role add $1 \
--group $2 \
--project $3
group_role_id=$(openstack --os-cloud devstack-system-admin role assignment list \ group_role_id=$(openstack --os-cloud devstack-system-admin role assignment list \
--role $1 \ --role $1 \
--group $2 \ --group $2 \
--project $3 \ --project $3 \
-f value) -f value -c Role)
if [[ -z "$group_role_id" ]]; then
# Adds role to group and get it
openstack --os-cloud devstack-system-admin role add $1 \
--group $2 \
--project $3
group_role_id=$(openstack --os-cloud devstack-system-admin role assignment list \
--role $1 \
--group $2 \
--project $3 \
-f value)
fi
echo $group_role_id echo $group_role_id
} }