diff options
| author | Kristi Nikolla <knikolla@bu.edu> | 2017-06-16 15:33:46 -0400 |
|---|---|---|
| committer | Steve Martinelli <s.martinelli@gmail.com> | 2017-06-22 17:08:01 +0000 |
| commit | da53c2b33457f4f1e93bdda6c0c16172ea36bc78 (patch) | |
| tree | 18da9b8cc530fb45e978d71115f6a9c2a52574a4 | |
| parent | eb793dc8c6a8bd30e612f19f30808528b10eb344 (diff) | |
| download | python-openstackclient-da53c2b33457f4f1e93bdda6c0c16172ea36bc78.tar.gz | |
When creating a trust, send role_ids instead or role_names
This changes create a trust to use ids instead of names because of
the possibility of roles sharing a name. Even if the user
uniquely identified a role by inputting the id, the request sent
to the identity service would used the name, therefore the command
would fail in the case that two roles share a name.
This does not change how trusts are displayed during trust list or
trust show, a name will still be shown instead of an id.
Depends-On: I38e0ac35946ee6e53128babac3ea759a380572e0
Change-Id: I5bdf89f1e288954a7f5c2704231f270bc7d196f5
Closes-Bug: 1696111
| -rw-r--r-- | openstackclient/identity/v3/trust.py | 12 | ||||
| -rw-r--r-- | openstackclient/tests/unit/identity/v3/test_trust.py | 2 | ||||
| -rw-r--r-- | releasenotes/notes/bug-1696111-e2cf9233fa872eb7.yaml | 7 |
3 files changed, 14 insertions, 7 deletions
diff --git a/openstackclient/identity/v3/trust.py b/openstackclient/identity/v3/trust.py index 52daeb4d..155063bb 100644 --- a/openstackclient/identity/v3/trust.py +++ b/openstackclient/identity/v3/trust.py @@ -104,16 +104,16 @@ class CreateTrust(command.ShowOne): parsed_args.project, parsed_args.project_domain).id - role_names = [] + role_ids = [] for role in parsed_args.role: try: - role_name = utils.find_resource( + role_id = utils.find_resource( identity_client.roles, role, - ).name + ).id except identity_exc.Forbidden: - role_name = role - role_names.append(role_name) + role_id = role + role_ids.append(role_id) expires_at = None if parsed_args.expiration: @@ -124,7 +124,7 @@ class CreateTrust(command.ShowOne): trustee_id, trustor_id, impersonation=parsed_args.impersonate, project=project_id, - role_names=role_names, + role_ids=role_ids, expires_at=expires_at, ) diff --git a/openstackclient/tests/unit/identity/v3/test_trust.py b/openstackclient/tests/unit/identity/v3/test_trust.py index 93e8f63d..614aab54 100644 --- a/openstackclient/tests/unit/identity/v3/test_trust.py +++ b/openstackclient/tests/unit/identity/v3/test_trust.py @@ -94,7 +94,7 @@ class TestTrustCreate(TestTrust): kwargs = { 'impersonation': False, 'project': identity_fakes.project_id, - 'role_names': [identity_fakes.role_name], + 'role_ids': [identity_fakes.role_id], 'expires_at': None, } # TrustManager.create(trustee_id, trustor_id, impersonation=, diff --git a/releasenotes/notes/bug-1696111-e2cf9233fa872eb7.yaml b/releasenotes/notes/bug-1696111-e2cf9233fa872eb7.yaml new file mode 100644 index 00000000..50154a88 --- /dev/null +++ b/releasenotes/notes/bug-1696111-e2cf9233fa872eb7.yaml @@ -0,0 +1,7 @@ +--- +fixes: + - | + Fixed an issue where a trust could not be created if multiple roles had + the same name. A role's ID is now sent to the identity service instead. + + [Bug '1696111 <https://bugs.launchpad.net/keystone/+bug/1696111>'_] |