delta/openstack/python-openstackclient.git/openstackclient/identity, branch feature/osc4 opendev.org: openstack/python-openstackclient Merge remote-tracking branch 'origin/master' into f4-merge-branch 2017-09-14T16:16:11+00:00 Dean Troyer dtroyer@gmail.com 2017-09-14T16:06:51+00:00 5309bf5f873aba4e994c9011a893987c40d56eda Change-Id: Ie6c321e67aa9338334e4649879e60847a5d1eb56 
Change-Id: Ie6c321e67aa9338334e4649879e60847a5d1eb56
Implied Roles 2017-08-22T17:08:30+00:00 Harry Rybacki hrybacki@redhat.com 2017-07-19T13:07:34+00:00 8cd3e258c5029a8efedab40019d6cfd3eac379f5 Allow the user to create an inference rule between two roles. The first, called the prior role is the role explicitly assigned to an individual. The second, called the implied role, is one that the user gets implicitly. For example: Role B implies Role A. User X is assigned Role B. Therefore User X also assigned Role A. The management and maintenance of the rules is performed in the Keystone server. Change-Id: If547c2f16e812bc7fffd742ec37e6a26011f3185 
Allow the user to create an inference rule between
two roles. The first, called the prior role
is the role explicitly assigned to an individual.
The second, called the implied role, is one that
the user gets implicitly. For example:

Role B implies Role A.
User X is assigned Role B.
Therefore User X also assigned Role A.

The management and maintenance of the rules is
performed in the Keystone server.

Change-Id: If547c2f16e812bc7fffd742ec37e6a26011f3185
Use cliff formattable columns in identity commands 2017-08-16T21:28:27+00:00 Akihiro Motoki amotoki@gmail.com 2017-05-15T04:00:32+00:00 6364b7b81f362f8f4bde85d973b2c36c70bc4db2 Partial-Bug: #1687955 Partially implement blueprint osc-formattable-columns Change-Id: I3f85129460ebeb177f5fdb30995bc1dcdf28c774 
Partial-Bug: #1687955
Partially implement blueprint osc-formattable-columns
Change-Id: I3f85129460ebeb177f5fdb30995bc1dcdf28c774
Merge "Use *_as_ids instead *_as_list" 2017-07-26T03:58:57+00:00 Jenkins jenkins@review.openstack.org 2017-07-26T03:58:57+00:00 86bda369638e53a8e9683731e7a5d432640fa813 






Add optional parameter "user_id" and "type" to list credentials
2017-07-25T14:56:50+00:00

zhanghongtao
zhanghongtao0826@126.com

2017-07-25T07:48:27+00:00

470a1f1acfe261357fc3125b2db3bc6ec10c654e

In keystone version 3.5, "type" optional attribute has been added
to list credentials. This patch add "user_id" and "type" optional
parameter in openstack client.

Change-Id: Ia09ee7c39204fdff2dfd7b9b606d888d007caac5





In keystone version 3.5, "type" optional attribute has been added
to list credentials. This patch add "user_id" and "type" optional
parameter in openstack client.

Change-Id: Ia09ee7c39204fdff2dfd7b9b606d888d007caac5







Add domain parameter to Identity Provider
2017-07-21T15:28:57+00:00

Kristi Nikolla
knikolla@bu.edu

2017-06-16T19:04:40+00:00

77ff011ced18260242224a7317aba92d53ff1455

Identity providers are now associated with domains. This change
allows a user to specify a domain by ID or by name when creating
an identity provider. [0]

This also adds the column for Domain ID in listing.
Updating a domain for an identity provider is not supported, so
that isn't changed.

[0]. Id18b8b2fe853b97631bc990df8188ed64a6e1275

Closes-Bug: 1698390

Change-Id: Icc408e2fe88f257d5863bd3df716a777d52befcc





Identity providers are now associated with domains. This change
allows a user to specify a domain by ID or by name when creating
an identity provider. [0]

This also adds the column for Domain ID in listing.
Updating a domain for an identity provider is not supported, so
that isn't changed.

[0]. Id18b8b2fe853b97631bc990df8188ed64a6e1275

Closes-Bug: 1698390

Change-Id: Icc408e2fe88f257d5863bd3df716a777d52befcc







Fix 'domain' filter not work well in some commands
2017-07-18T23:01:22+00:00

jiangpch
jiangpengcheng@navercorp.com

2017-07-13T08:58:00+00:00

a01bf55d2065ec1a98f486109cc8d315def501cd

The 'domain' filter not work well in commands 'project show',
'user show' and 'user set'.

Depends-On: I490900d6249f01654d4cba43bddd3e7af7928a84
Closes-Bug: #1704097
Change-Id: Ib4f47cbaba27eb56c4a41d187fee74a995e62dc7





The 'domain' filter not work well in commands 'project show',
'user show' and 'user set'.

Depends-On: I490900d6249f01654d4cba43bddd3e7af7928a84
Closes-Bug: #1704097
Change-Id: Ib4f47cbaba27eb56c4a41d187fee74a995e62dc7







When creating a trust, send role_ids instead or role_names
2017-06-22T17:08:01+00:00

Kristi Nikolla
knikolla@bu.edu

2017-06-16T19:33:46+00:00

da53c2b33457f4f1e93bdda6c0c16172ea36bc78

This changes create a trust to use ids instead of names because of
the possibility of roles sharing a name. Even if the user
uniquely identified a role by inputting the id, the request sent
to the identity service would used the name, therefore the command
would fail in the case that two roles share a name.

This does not change how trusts are displayed during trust list or
trust show, a name will still be shown instead of an id.

Depends-On: I38e0ac35946ee6e53128babac3ea759a380572e0

Change-Id: I5bdf89f1e288954a7f5c2704231f270bc7d196f5
Closes-Bug: 1696111





This changes create a trust to use ids instead of names because of
the possibility of roles sharing a name. Even if the user
uniquely identified a role by inputting the id, the request sent
to the identity service would used the name, therefore the command
would fail in the case that two roles share a name.

This does not change how trusts are displayed during trust list or
trust show, a name will still be shown instead of an id.

Depends-On: I38e0ac35946ee6e53128babac3ea759a380572e0

Change-Id: I5bdf89f1e288954a7f5c2704231f270bc7d196f5
Closes-Bug: 1696111







Use _get_token_resource in role assignment list
2017-05-23T15:16:41+00:00

David Rabel
rabel@b1-systems.de

2017-05-15T16:11:37+00:00

0ad6b6b2e0b26ebc93a99730bcc414bf8e091759

If project matches the project from access token,
we do not have to send an API request to /projects?name=...,
because the project ID is already known.
This API request may require additional permissions, so
we want to avoid it, if possible.

Change-Id: Ice1af8686bceea6b67229dcab7cf82eef821163e
Closes-Bug: #1658189





If project matches the project from access token,
we do not have to send an API request to /projects?name=...,
because the project ID is already known.
This API request may require additional permissions, so
we want to avoid it, if possible.

Change-Id: Ice1af8686bceea6b67229dcab7cf82eef821163e
Closes-Bug: #1658189







Support to add/remove multi users for "group add/remove user"
2017-03-21T02:39:42+00:00

Huanxuan Ao
huanxuan.ao@easystack.cn

2017-03-17T05:28:49+00:00

ef5a7caf85bd6169701371da67029457abdaf47f

Similar delete commands in OSC, we can also support add/remove
multi users for one specified group, this review implement it.

Change-Id: I8ccf99d4ee83a18778fa3ff5c0a42bc7c6ff21fb
Implements: bp support-multi-add-remove





Similar delete commands in OSC, we can also support add/remove
multi users for one specified group, this review implement it.

Change-Id: I8ccf99d4ee83a18778fa3ff5c0a42bc7c6ff21fb
Implements: bp support-multi-add-remove