Merge "Finish up v3 role commands"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
bf3ee1e9a5
@ -24,20 +24,27 @@ from openstackclient.common import exceptions
|
|||||||
|
|
||||||
def find_resource(manager, name_or_id):
|
def find_resource(manager, name_or_id):
|
||||||
"""Helper for the _find_* methods."""
|
"""Helper for the _find_* methods."""
|
||||||
# first try to get entity as integer id
|
|
||||||
|
# Try to get entity as integer id
|
||||||
try:
|
try:
|
||||||
if isinstance(name_or_id, int) or name_or_id.isdigit():
|
if isinstance(name_or_id, int) or name_or_id.isdigit():
|
||||||
return manager.get(int(name_or_id))
|
return manager.get(int(name_or_id))
|
||||||
except exceptions.NotFound:
|
except exceptions.NotFound:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
# now try to get entity as uuid
|
# Try to get entity as uuid
|
||||||
try:
|
try:
|
||||||
uuid.UUID(str(name_or_id))
|
uuid.UUID(str(name_or_id))
|
||||||
return manager.get(name_or_id)
|
return manager.get(name_or_id)
|
||||||
except (ValueError, exceptions.NotFound):
|
except (ValueError, exceptions.NotFound):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
# Try directly using the passed value
|
||||||
|
try:
|
||||||
|
return manager.get(name_or_id)
|
||||||
|
except Exception:
|
||||||
|
pass
|
||||||
|
|
||||||
kwargs = {}
|
kwargs = {}
|
||||||
if 'NAME_ATTR' in manager.resource_class.__dict__:
|
if 'NAME_ATTR' in manager.resource_class.__dict__:
|
||||||
# novaclient does this for oddball resources
|
# novaclient does this for oddball resources
|
||||||
|
|||||||
@ -167,27 +167,108 @@ class DeleteGroup(command.Command):
|
|||||||
|
|
||||||
|
|
||||||
class ListGroup(lister.Lister):
|
class ListGroup(lister.Lister):
|
||||||
"""List group command"""
|
"""List groups and optionally roles assigned to groups"""
|
||||||
|
|
||||||
api = 'identity'
|
api = 'identity'
|
||||||
log = logging.getLogger(__name__ + '.ListGroup')
|
log = logging.getLogger(__name__ + '.ListGroup')
|
||||||
|
|
||||||
def get_parser(self, prog_name):
|
def get_parser(self, prog_name):
|
||||||
parser = super(ListGroup, self).get_parser(prog_name)
|
parser = super(ListGroup, self).get_parser(prog_name)
|
||||||
|
parser.add_argument(
|
||||||
|
'group',
|
||||||
|
metavar='<group>',
|
||||||
|
nargs='?',
|
||||||
|
help='Name or ID of group to list [required with --role]',
|
||||||
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
'--role',
|
||||||
|
action='store_true',
|
||||||
|
default=False,
|
||||||
|
help='List the roles assigned to <group>',
|
||||||
|
)
|
||||||
|
domain_or_project = parser.add_mutually_exclusive_group()
|
||||||
|
domain_or_project.add_argument(
|
||||||
|
'--domain',
|
||||||
|
metavar='<domain>',
|
||||||
|
help='Filter list by <domain> [Only valid with --role]',
|
||||||
|
)
|
||||||
|
domain_or_project.add_argument(
|
||||||
|
'--project',
|
||||||
|
metavar='<project>',
|
||||||
|
help='Filter list by <project> [Only valid with --role]',
|
||||||
|
)
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'--long',
|
'--long',
|
||||||
action='store_true',
|
action='store_true',
|
||||||
default=False,
|
default=False,
|
||||||
help='Additional fields are listed in output')
|
help='Additional fields are listed in output',
|
||||||
|
)
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
def take_action(self, parsed_args):
|
def take_action(self, parsed_args):
|
||||||
self.log.debug('take_action(%s)' % parsed_args)
|
self.log.debug('take_action(%s)' % parsed_args)
|
||||||
|
identity_client = self.app.client_manager.identity
|
||||||
|
|
||||||
|
if parsed_args.role:
|
||||||
|
# List roles belonging to group
|
||||||
|
|
||||||
|
# Group is required here, bail if it is not supplied
|
||||||
|
if not parsed_args.group:
|
||||||
|
sys.stderr.write('Error: Group must be specified')
|
||||||
|
# TODO(dtroyer): This lists the commands...I want it to
|
||||||
|
# show the help for _this_ command.
|
||||||
|
self.app.DeferredHelpAction(
|
||||||
|
self.app.parser,
|
||||||
|
self.app.parser,
|
||||||
|
None,
|
||||||
|
None,
|
||||||
|
)
|
||||||
|
return ([], [])
|
||||||
|
|
||||||
|
group = utils.find_resource(
|
||||||
|
identity_client.groups,
|
||||||
|
parsed_args.group,
|
||||||
|
)
|
||||||
|
|
||||||
|
if parsed_args.domain:
|
||||||
|
columns = ('ID', 'Name', 'Domain', 'Group')
|
||||||
|
domain = utils.find_resource(
|
||||||
|
identity_client.domains,
|
||||||
|
parsed_args.domain,
|
||||||
|
)
|
||||||
|
data = identity_client.roles.list(
|
||||||
|
group=group,
|
||||||
|
domain=domain,
|
||||||
|
)
|
||||||
|
for group_role in data:
|
||||||
|
group_role.group = group.name
|
||||||
|
group_role.domain = domain.name
|
||||||
|
elif parsed_args.project:
|
||||||
|
columns = ('ID', 'Name', 'Project', 'Group')
|
||||||
|
project = utils.find_resource(
|
||||||
|
identity_client.projects,
|
||||||
|
parsed_args.project,
|
||||||
|
)
|
||||||
|
data = identity_client.roles.list(
|
||||||
|
group=group,
|
||||||
|
project=project,
|
||||||
|
)
|
||||||
|
for group_role in data:
|
||||||
|
group_role.group = group.name
|
||||||
|
group_role.project = project.name
|
||||||
|
else:
|
||||||
|
# TODO(dtroyer): raise exception here, this really is an error
|
||||||
|
sys.stderr.write("Error: Must specify --domain or --project "
|
||||||
|
"with --role\n")
|
||||||
|
return ([], [])
|
||||||
|
else:
|
||||||
|
# List groups
|
||||||
if parsed_args.long:
|
if parsed_args.long:
|
||||||
columns = ('ID', 'Name', 'Domain ID', 'Description')
|
columns = ('ID', 'Name', 'Domain ID', 'Description')
|
||||||
else:
|
else:
|
||||||
columns = ('ID', 'Name')
|
columns = ('ID', 'Name')
|
||||||
data = self.app.client_manager.identity.groups.list()
|
data = identity_client.groups.list()
|
||||||
|
|
||||||
return (columns,
|
return (columns,
|
||||||
(utils.get_item_properties(
|
(utils.get_item_properties(
|
||||||
s, columns,
|
s, columns,
|
||||||
@ -275,7 +356,7 @@ class SetGroup(command.Command):
|
|||||||
kwargs['domain'] = domain
|
kwargs['domain'] = domain
|
||||||
|
|
||||||
if not len(kwargs):
|
if not len(kwargs):
|
||||||
sys.stdout.write("Group not updated, no arguments present")
|
sys.stderr.write("Group not updated, no arguments present")
|
||||||
return
|
return
|
||||||
identity_client.groups.update(group.id, **kwargs)
|
identity_client.groups.update(group.id, **kwargs)
|
||||||
return
|
return
|
||||||
|
|||||||
@ -26,7 +26,7 @@ from openstackclient.common import utils
|
|||||||
|
|
||||||
|
|
||||||
class AddRole(command.Command):
|
class AddRole(command.Command):
|
||||||
"""Add role command"""
|
"""Adds a role to a user or group on a domain or project"""
|
||||||
|
|
||||||
api = 'identity'
|
api = 'identity'
|
||||||
log = logging.getLogger(__name__ + '.AddRole')
|
log = logging.getLogger(__name__ + '.AddRole')
|
||||||
@ -42,23 +42,24 @@ class AddRole(command.Command):
|
|||||||
user_or_group.add_argument(
|
user_or_group.add_argument(
|
||||||
'--user',
|
'--user',
|
||||||
metavar='<user>',
|
metavar='<user>',
|
||||||
help='Name or ID of user to assign a role',
|
help='Name or ID of user to add a role',
|
||||||
)
|
)
|
||||||
user_or_group.add_argument(
|
user_or_group.add_argument(
|
||||||
'--group',
|
'--group',
|
||||||
metavar='<group>',
|
metavar='<group>',
|
||||||
help='Name or ID of group to assign a role',
|
help='Name or ID of group to add a role',
|
||||||
)
|
)
|
||||||
domain_or_project = parser.add_mutually_exclusive_group()
|
domain_or_project = parser.add_mutually_exclusive_group()
|
||||||
domain_or_project.add_argument(
|
domain_or_project.add_argument(
|
||||||
'--domain',
|
'--domain',
|
||||||
metavar='<domain>',
|
metavar='<domain>',
|
||||||
help='Name or ID of domain where user or group resides',
|
default='default',
|
||||||
|
help='Name or ID of domain associated with user or group',
|
||||||
)
|
)
|
||||||
domain_or_project.add_argument(
|
domain_or_project.add_argument(
|
||||||
'--project',
|
'--project',
|
||||||
metavar='<project>',
|
metavar='<project>',
|
||||||
help='Name or ID of project where user or group resides',
|
help='Name or ID of project associated with user or group',
|
||||||
)
|
)
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
@ -68,41 +69,39 @@ class AddRole(command.Command):
|
|||||||
|
|
||||||
if (not parsed_args.user and not parsed_args.domain
|
if (not parsed_args.user and not parsed_args.domain
|
||||||
and not parsed_args.group and not parsed_args.project):
|
and not parsed_args.group and not parsed_args.project):
|
||||||
sys.stdout.write("Role not updated, no arguments present \n")
|
sys.stderr.write("Role not added, no arguments present\n")
|
||||||
return
|
return
|
||||||
|
|
||||||
role_id = utils.find_resource(identity_client.roles,
|
role_id = utils.find_resource(identity_client.roles,
|
||||||
parsed_args.role).id
|
parsed_args.role).id
|
||||||
|
|
||||||
if (parsed_args.user and parsed_args.domain):
|
if parsed_args.user and parsed_args.domain:
|
||||||
user = utils.find_resource(identity_client.users,
|
user = utils.find_resource(identity_client.users,
|
||||||
parsed_args.user)
|
parsed_args.user)
|
||||||
domain = utils.find_resource(identity_client.domains,
|
domain = utils.find_resource(identity_client.domains,
|
||||||
parsed_args.domain)
|
parsed_args.domain)
|
||||||
identity_client.roles.grant(role_id, user=user, domain=domain)
|
identity_client.roles.grant(role_id, user=user, domain=domain)
|
||||||
return
|
elif parsed_args.user and parsed_args.project:
|
||||||
elif (parsed_args.user and parsed_args.project):
|
|
||||||
user = utils.find_resource(identity_client.users,
|
user = utils.find_resource(identity_client.users,
|
||||||
parsed_args.user)
|
parsed_args.user)
|
||||||
project = utils.find_resource(identity_client.projects,
|
project = utils.find_resource(identity_client.projects,
|
||||||
parsed_args.project)
|
parsed_args.project)
|
||||||
identity_client.roles.grant(role_id, user=user, project=project)
|
identity_client.roles.grant(role_id, user=user, project=project)
|
||||||
return
|
elif parsed_args.group and parsed_args.domain:
|
||||||
elif (parsed_args.group and parsed_args.project):
|
group = utils.find_resource(identity_client.groups,
|
||||||
|
parsed_args.group)
|
||||||
|
domain = utils.find_resource(identity_client.domains,
|
||||||
|
parsed_args.domain)
|
||||||
|
identity_client.roles.grant(role_id, group=group, domain=domain)
|
||||||
|
elif parsed_args.group and parsed_args.project:
|
||||||
group = utils.find_resource(identity_client.group,
|
group = utils.find_resource(identity_client.group,
|
||||||
parsed_args.group)
|
parsed_args.group)
|
||||||
project = utils.find_resource(identity_client.projects,
|
project = utils.find_resource(identity_client.projects,
|
||||||
parsed_args.project)
|
parsed_args.project)
|
||||||
identity_client.roles.grant(role_id, group=group, project=project)
|
identity_client.roles.grant(role_id, group=group, project=project)
|
||||||
return
|
|
||||||
elif (parsed_args.group and parsed_args.domain):
|
|
||||||
group = utils.find_resource(identity_client.group,
|
|
||||||
parsed_args.group)
|
|
||||||
domain = utils.find_resource(identity_client.domains,
|
|
||||||
parsed_args.domain)
|
|
||||||
identity_client.roles.grant(role_id, group=group, domain=domain)
|
|
||||||
return
|
|
||||||
else:
|
else:
|
||||||
|
sys.stderr.write("Role not added, incorrect set of arguments \
|
||||||
|
provided. See openstack --help for more details\n")
|
||||||
return
|
return
|
||||||
|
|
||||||
|
|
||||||
@ -115,15 +114,16 @@ class CreateRole(show.ShowOne):
|
|||||||
def get_parser(self, prog_name):
|
def get_parser(self, prog_name):
|
||||||
parser = super(CreateRole, self).get_parser(prog_name)
|
parser = super(CreateRole, self).get_parser(prog_name)
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'role-name',
|
'name',
|
||||||
metavar='<role-name>',
|
metavar='<role-name>',
|
||||||
help='New role name')
|
help='New role name',
|
||||||
|
)
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
def take_action(self, parsed_args):
|
def take_action(self, parsed_args):
|
||||||
self.log.debug('take_action(%s)' % parsed_args)
|
self.log.debug('take_action(%s)' % parsed_args)
|
||||||
identity_client = self.app.client_manager.identity
|
identity_client = self.app.client_manager.identity
|
||||||
role = identity_client.roles.create(parsed_args.role_name)
|
role = identity_client.roles.create(parsed_args.name)
|
||||||
|
|
||||||
return zip(*sorted(role._info.iteritems()))
|
return zip(*sorted(role._info.iteritems()))
|
||||||
|
|
||||||
@ -139,7 +139,8 @@ class DeleteRole(command.Command):
|
|||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'role',
|
'role',
|
||||||
metavar='<role>',
|
metavar='<role>',
|
||||||
help='Name or ID of role to delete')
|
help='Name or ID of role to delete',
|
||||||
|
)
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
def take_action(self, parsed_args):
|
def take_action(self, parsed_args):
|
||||||
@ -168,6 +169,85 @@ class ListRole(lister.Lister):
|
|||||||
) for s in data))
|
) for s in data))
|
||||||
|
|
||||||
|
|
||||||
|
class RemoveRole(command.Command):
|
||||||
|
"""Remove role command"""
|
||||||
|
|
||||||
|
api = 'identity'
|
||||||
|
log = logging.getLogger(__name__ + '.RemoveRole')
|
||||||
|
|
||||||
|
def get_parser(self, prog_name):
|
||||||
|
parser = super(RemoveRole, self).get_parser(prog_name)
|
||||||
|
parser.add_argument(
|
||||||
|
'role',
|
||||||
|
metavar='<role>',
|
||||||
|
help='Name or ID of role to remove',
|
||||||
|
)
|
||||||
|
user_or_group = parser.add_mutually_exclusive_group()
|
||||||
|
user_or_group.add_argument(
|
||||||
|
'--user',
|
||||||
|
metavar='<user>',
|
||||||
|
help='Name or ID of user to remove a role',
|
||||||
|
)
|
||||||
|
user_or_group.add_argument(
|
||||||
|
'--group',
|
||||||
|
metavar='<group>',
|
||||||
|
help='Name or ID of group to remove a role',
|
||||||
|
)
|
||||||
|
domain_or_project = parser.add_mutually_exclusive_group()
|
||||||
|
domain_or_project.add_argument(
|
||||||
|
'--domain',
|
||||||
|
metavar='<domain>',
|
||||||
|
help='Name or ID of domain associated with user or group',
|
||||||
|
)
|
||||||
|
domain_or_project.add_argument(
|
||||||
|
'--project',
|
||||||
|
metavar='<project>',
|
||||||
|
help='Name or ID of project associated with user or group',
|
||||||
|
)
|
||||||
|
return parser
|
||||||
|
|
||||||
|
def take_action(self, parsed_args):
|
||||||
|
self.log.debug('take_action(%s)' % parsed_args)
|
||||||
|
identity_client = self.app.client_manager.identity
|
||||||
|
|
||||||
|
if (not parsed_args.user and not parsed_args.domain
|
||||||
|
and not parsed_args.group and not parsed_args.project):
|
||||||
|
sys.stdout.write("Role not updated, no arguments present\n")
|
||||||
|
return
|
||||||
|
|
||||||
|
role_id = utils.find_resource(identity_client.roles,
|
||||||
|
parsed_args.role).id
|
||||||
|
|
||||||
|
if parsed_args.user and parsed_args.domain:
|
||||||
|
user = utils.find_resource(identity_client.users,
|
||||||
|
parsed_args.user)
|
||||||
|
domain = utils.find_resource(identity_client.domains,
|
||||||
|
parsed_args.domain)
|
||||||
|
identity_client.roles.revoke(role_id, user=user, domain=domain)
|
||||||
|
elif parsed_args.user and parsed_args.project:
|
||||||
|
user = utils.find_resource(identity_client.users,
|
||||||
|
parsed_args.user)
|
||||||
|
project = utils.find_resource(identity_client.projects,
|
||||||
|
parsed_args.project)
|
||||||
|
identity_client.roles.revoke(role_id, user=user, project=project)
|
||||||
|
elif parsed_args.group and parsed_args.project:
|
||||||
|
group = utils.find_resource(identity_client.group,
|
||||||
|
parsed_args.group)
|
||||||
|
project = utils.find_resource(identity_client.projects,
|
||||||
|
parsed_args.project)
|
||||||
|
identity_client.roles.revoke(role_id, group=group, project=project)
|
||||||
|
elif parsed_args.group and parsed_args.domain:
|
||||||
|
group = utils.find_resource(identity_client.group,
|
||||||
|
parsed_args.group)
|
||||||
|
domain = utils.find_resource(identity_client.domains,
|
||||||
|
parsed_args.domain)
|
||||||
|
identity_client.roles.revoke(role_id, group=group, domain=domain)
|
||||||
|
else:
|
||||||
|
sys.stderr.write("Role not removed, incorrect set of arguments \
|
||||||
|
provided. See openstack --help for more details\n")
|
||||||
|
return
|
||||||
|
|
||||||
|
|
||||||
class SetRole(command.Command):
|
class SetRole(command.Command):
|
||||||
"""Set role command"""
|
"""Set role command"""
|
||||||
|
|
||||||
@ -179,7 +259,7 @@ class SetRole(command.Command):
|
|||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'role',
|
'role',
|
||||||
metavar='<role>',
|
metavar='<role>',
|
||||||
help='Name or ID of role to change',
|
help='Name or ID of role to update',
|
||||||
)
|
)
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'--name',
|
'--name',
|
||||||
@ -195,7 +275,7 @@ class SetRole(command.Command):
|
|||||||
parsed_args.role)
|
parsed_args.role)
|
||||||
|
|
||||||
if not parsed_args.name:
|
if not parsed_args.name:
|
||||||
sys.stdout.write("Role not updated, no arguments present")
|
sys.stderr.write("Role not updated, no arguments present")
|
||||||
return
|
return
|
||||||
|
|
||||||
identity_client.roles.update(role_id, parsed_args.name)
|
identity_client.roles.update(role_id, parsed_args.name)
|
||||||
@ -213,7 +293,8 @@ class ShowRole(show.ShowOne):
|
|||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'role',
|
'role',
|
||||||
metavar='<role>',
|
metavar='<role>',
|
||||||
help='Name or ID of role to display')
|
help='Name or ID of role to display',
|
||||||
|
)
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
def take_action(self, parsed_args):
|
def take_action(self, parsed_args):
|
||||||
|
|||||||
@ -135,7 +135,7 @@ class DeleteUser(command.Command):
|
|||||||
|
|
||||||
|
|
||||||
class ListUser(lister.Lister):
|
class ListUser(lister.Lister):
|
||||||
"""List user command"""
|
"""List users and optionally roles assigned to users"""
|
||||||
|
|
||||||
api = 'identity'
|
api = 'identity'
|
||||||
log = logging.getLogger(__name__ + '.ListUser')
|
log = logging.getLogger(__name__ + '.ListUser')
|
||||||
@ -143,9 +143,27 @@ class ListUser(lister.Lister):
|
|||||||
def get_parser(self, prog_name):
|
def get_parser(self, prog_name):
|
||||||
parser = super(ListUser, self).get_parser(prog_name)
|
parser = super(ListUser, self).get_parser(prog_name)
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
|
'user',
|
||||||
|
metavar='<user>',
|
||||||
|
nargs='?',
|
||||||
|
help='Name or ID of user to list [required with --role]',
|
||||||
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
'--role',
|
||||||
|
action='store_true',
|
||||||
|
default=False,
|
||||||
|
help='List the roles assigned to <user>',
|
||||||
|
)
|
||||||
|
domain_or_project = parser.add_mutually_exclusive_group()
|
||||||
|
domain_or_project.add_argument(
|
||||||
|
'--domain',
|
||||||
|
metavar='<domain>',
|
||||||
|
help='Filter list by <domain> [Only valid with --role]',
|
||||||
|
)
|
||||||
|
domain_or_project.add_argument(
|
||||||
'--project',
|
'--project',
|
||||||
metavar='<project>',
|
metavar='<project>',
|
||||||
help='Name or ID of project to filter users',
|
help='Filter list by <project> [Only valid with --role]',
|
||||||
)
|
)
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'--long',
|
'--long',
|
||||||
@ -157,12 +175,70 @@ class ListUser(lister.Lister):
|
|||||||
|
|
||||||
def take_action(self, parsed_args):
|
def take_action(self, parsed_args):
|
||||||
self.log.debug('take_action(%s)' % parsed_args)
|
self.log.debug('take_action(%s)' % parsed_args)
|
||||||
|
identity_client = self.app.client_manager.identity
|
||||||
|
|
||||||
|
if parsed_args.role:
|
||||||
|
# List roles belonging to user
|
||||||
|
|
||||||
|
# User is required here, bail if it is not supplied
|
||||||
|
if not parsed_args.user:
|
||||||
|
sys.stderr.write('Error: User must be specified')
|
||||||
|
return ([], [])
|
||||||
|
|
||||||
|
user = utils.find_resource(
|
||||||
|
identity_client.users,
|
||||||
|
parsed_args.user,
|
||||||
|
)
|
||||||
|
|
||||||
|
# List a user's roles
|
||||||
|
if not parsed_args.domain and not parsed_args.project:
|
||||||
|
columns = ('ID', 'Name')
|
||||||
|
data = identity_client.roles.list(
|
||||||
|
user=user,
|
||||||
|
domain='default',
|
||||||
|
)
|
||||||
|
# List a user's roles on a domain
|
||||||
|
elif parsed_args.user and parsed_args.domain:
|
||||||
|
columns = ('ID', 'Name', 'Domain', 'User')
|
||||||
|
domain = utils.find_resource(
|
||||||
|
identity_client.domains,
|
||||||
|
parsed_args.domain,
|
||||||
|
)
|
||||||
|
data = identity_client.roles.list(
|
||||||
|
user=user,
|
||||||
|
domain=domain,
|
||||||
|
)
|
||||||
|
for user_role in data:
|
||||||
|
user_role.user = user.name
|
||||||
|
user_role.domain = domain.name
|
||||||
|
# List a user's roles on a project
|
||||||
|
elif parsed_args.user and parsed_args.project:
|
||||||
|
columns = ('ID', 'Name', 'Project', 'User')
|
||||||
|
project = utils.find_resource(
|
||||||
|
identity_client.projects,
|
||||||
|
parsed_args.project,
|
||||||
|
)
|
||||||
|
data = identity_client.roles.list(
|
||||||
|
user=user,
|
||||||
|
project=project,
|
||||||
|
)
|
||||||
|
for user_role in data:
|
||||||
|
user_role.user = user.name
|
||||||
|
user_role.project = project.name
|
||||||
|
else:
|
||||||
|
# TODO(dtroyer): raise exception here, this really is an error
|
||||||
|
sys.stderr.write("Error: Must specify --domain or --project "
|
||||||
|
"with --role\n")
|
||||||
|
return ([], [])
|
||||||
|
else:
|
||||||
|
# List users
|
||||||
if parsed_args.long:
|
if parsed_args.long:
|
||||||
columns = ('ID', 'Name', 'Project Id', 'Domain Id',
|
columns = ('ID', 'Name', 'Project Id', 'Domain Id',
|
||||||
'Description', 'Email', 'Enabled')
|
'Description', 'Email', 'Enabled')
|
||||||
else:
|
else:
|
||||||
columns = ('ID', 'Name')
|
columns = ('ID', 'Name')
|
||||||
data = self.app.client_manager.identity.users.list()
|
data = self.app.client_manager.identity.users.list()
|
||||||
|
|
||||||
return (columns,
|
return (columns,
|
||||||
(utils.get_item_properties(
|
(utils.get_item_properties(
|
||||||
s, columns,
|
s, columns,
|
||||||
@ -253,7 +329,7 @@ class SetUser(command.Command):
|
|||||||
kwargs['enabled'] = parsed_args.enabled
|
kwargs['enabled'] = parsed_args.enabled
|
||||||
|
|
||||||
if not len(kwargs):
|
if not len(kwargs):
|
||||||
sys.stdout.write("User not updated, no arguments present")
|
sys.stderr.write("User not updated, no arguments present")
|
||||||
return
|
return
|
||||||
identity_client.users.update(user.id, **kwargs)
|
identity_client.users.update(user.id, **kwargs)
|
||||||
return
|
return
|
||||||
|
|||||||
@ -37,6 +37,7 @@ DEFAULT_COMPUTE_API_VERSION = '2'
|
|||||||
DEFAULT_IDENTITY_API_VERSION = '2.0'
|
DEFAULT_IDENTITY_API_VERSION = '2.0'
|
||||||
DEFAULT_IMAGE_API_VERSION = '2'
|
DEFAULT_IMAGE_API_VERSION = '2'
|
||||||
DEFAULT_VOLUME_API_VERSION = '1'
|
DEFAULT_VOLUME_API_VERSION = '1'
|
||||||
|
DEFAULT_DOMAIN = 'default'
|
||||||
|
|
||||||
|
|
||||||
def env(*vars, **kwargs):
|
def env(*vars, **kwargs):
|
||||||
@ -134,6 +135,15 @@ class OpenStackShell(app.App):
|
|||||||
metavar='<auth-region-name>',
|
metavar='<auth-region-name>',
|
||||||
default=env('OS_REGION_NAME'),
|
default=env('OS_REGION_NAME'),
|
||||||
help='Authentication region name (Env: OS_REGION_NAME)')
|
help='Authentication region name (Env: OS_REGION_NAME)')
|
||||||
|
parser.add_argument(
|
||||||
|
'--os-default-domain',
|
||||||
|
metavar='<auth-domain>',
|
||||||
|
default=env(
|
||||||
|
'OS_DEFAULT_DOMAIN',
|
||||||
|
default=DEFAULT_DOMAIN),
|
||||||
|
help='Default domain ID, default=' +
|
||||||
|
DEFAULT_DOMAIN +
|
||||||
|
' (Env: OS_DEFAULT_DOMAIN)')
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
'--os-identity-api-version',
|
'--os-identity-api-version',
|
||||||
metavar='<identity-api-version>',
|
metavar='<identity-api-version>',
|
||||||
@ -304,7 +314,10 @@ class OpenStackShell(app.App):
|
|||||||
else:
|
else:
|
||||||
requests_log.setLevel(logging.WARNING)
|
requests_log.setLevel(logging.WARNING)
|
||||||
|
|
||||||
# stash selected API versions for later
|
# Save default domain
|
||||||
|
self.default_domain = self.options.os_default_domain
|
||||||
|
|
||||||
|
# Stash selected API versions for later
|
||||||
self.api_version = {
|
self.api_version = {
|
||||||
'compute': self.options.os_compute_api_version,
|
'compute': self.options.os_compute_api_version,
|
||||||
'identity': self.options.os_identity_api_version,
|
'identity': self.options.os_identity_api_version,
|
||||||
|
|||||||
@ -118,6 +118,7 @@ openstack.identity.v3 =
|
|||||||
role_create = openstackclient.identity.v3.role:CreateRole
|
role_create = openstackclient.identity.v3.role:CreateRole
|
||||||
role_delete = openstackclient.identity.v3.role:DeleteRole
|
role_delete = openstackclient.identity.v3.role:DeleteRole
|
||||||
role_list = openstackclient.identity.v3.role:ListRole
|
role_list = openstackclient.identity.v3.role:ListRole
|
||||||
|
role_remove = openstackclient.identity.v3.role:RemoveRole
|
||||||
role_show = openstackclient.identity.v3.role:ShowRole
|
role_show = openstackclient.identity.v3.role:ShowRole
|
||||||
role_set = openstackclient.identity.v3.role:SetRole
|
role_set = openstackclient.identity.v3.role:SetRole
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user