Revert "Allow grant_role to select users outside default domain"
Im purposing a revert so we can implement something closer to: Related-Id: I43c97981d9e76f595efa2051b17a8425404179c4 This way we can handle it for user/role/group/project at the same time. The correct way to deal with different projects in different domains than users is to pass in IDs/objects as noted[0] I do this in the upstream salt modules[1] [0] https://github.com/openstack/python-openstacksdk/blob/master/openstack/cloud/operatorcloud.py#L1822-L1825 [1] https://github.com/saltstack/salt/blob/develop/salt/states/keystone_role_grant.py#L41-L94 This reverts commit d4148ff9d6d2236d50bfe5bbe9c6cef17bf765bd. Change-Id: Ia9f0bdf58a0df539d14b14a3b7e368a06ff6ed88
This commit is contained in:
Sam Yaple
Monty Taylor
parent
e3b301de27
commit
9f1e37669c
@ -10711,11 +10711,7 @@ class OpenStackCloud(
|
|||||||
self.get_domain(domain)['id']
|
self.get_domain(domain)['id']
|
||||||
|
|
||||||
if user:
|
if user:
|
||||||
if 'domain' in data:
|
data['user'] = self.get_user(user, filters=filters)
|
||||||
data['user'] = self.get_user(
|
|
||||||
user, filters=filters, domain_id=data['domain'])
|
|
||||||
else:
|
|
||||||
data['user'] = self.get_user(user, filters=filters)
|
|
||||||
|
|
||||||
if project:
|
if project:
|
||||||
# drop domain in favor of project
|
# drop domain in favor of project
|
||||||
|
|||||||
@ -436,7 +436,6 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
self.assert_calls()
|
self.assert_calls()
|
||||||
|
|
||||||
def test_grant_role_user_project_exists(self):
|
def test_grant_role_user_project_exists(self):
|
||||||
self.assertEqual(len(self.calls), 2)
|
|
||||||
self.register_uris([
|
self.register_uris([
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(resource='roles'),
|
uri=self.get_mock_url(resource='roles'),
|
||||||
@ -497,7 +496,6 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
entity_type='user',
|
entity_type='user',
|
||||||
entity_id=self.user_data.user_id)}),
|
entity_id=self.user_data.user_id)}),
|
||||||
])
|
])
|
||||||
self.assertEqual(len(self.calls), 10)
|
|
||||||
self.assertFalse(self.op_cloud.grant_role(
|
self.assertFalse(self.op_cloud.grant_role(
|
||||||
self.role_data.role_name,
|
self.role_data.role_name,
|
||||||
user=self.user_data.name,
|
user=self.user_data.name,
|
||||||
@ -664,10 +662,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -693,16 +688,12 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json={'roles': [self.role_data.json_response['role']]}),
|
json={'roles': [self.role_data.json_response['role']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='domains',
|
||||||
resource='domains',
|
append=[self.domain_data.domain_id]),
|
||||||
append=[self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -733,10 +724,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -767,10 +755,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -822,10 +807,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -854,10 +836,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -886,10 +865,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -918,10 +894,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -1795,10 +1768,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -1821,10 +1791,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -1847,10 +1814,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -1873,10 +1837,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -1920,10 +1881,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -1959,10 +1917,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -1998,10 +1953,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -2037,10 +1989,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -2529,10 +2478,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
@ -2581,10 +2527,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
|
|||||||
status_code=200,
|
status_code=200,
|
||||||
json=self.domain_data.json_response),
|
json=self.domain_data.json_response),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
uri=self.get_mock_url(
|
uri=self.get_mock_url(resource='users'),
|
||||||
resource='users',
|
|
||||||
qs_elements=[
|
|
||||||
'domain_id=%s' % self.domain_data.domain_id]),
|
|
||||||
status_code=200,
|
status_code=200,
|
||||||
json={'users': [self.user_data.json_response['user']]}),
|
json={'users': [self.user_data.json_response['user']]}),
|
||||||
dict(method='GET',
|
dict(method='GET',
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user