summaryrefslogtreecommitdiff
path: root/openstackclient/identity/v3/role_assignment.py
diff options
context:
space:
mode:
authorHenry Nash <henryn@linux.vnet.ibm.com>2016-04-29 23:59:27 +0100
committerDean Troyer <dtroyer@gmail.com>2016-07-22 21:46:29 +0000
commit713d92df4e53f74698a1ff2dfcb7514ff22f023b (patch)
treedbf6825abaa32d4779d07ea28c7d637411959efd /openstackclient/identity/v3/role_assignment.py
parent719c5d79ced34687944eb0bf458f36070817a7b9 (diff)
downloadpython-openstackclient-713d92df4e53f74698a1ff2dfcb7514ff22f023b.tar.gz
Add assignment list to v2 identity and deprecate alternate listing
The current identity role list command (both v2 and v3) is overloaded with listing roles as well as assignments (if you provide user, group, project or domain options). This is in addition to the v3 assignment list command designed for this purpose. This overloading complicates the fact that roles can now be domain specific (i.e. have a domain attribute), so the command 'role list --domain <domain-name' will soon become ambigious (this is in a follow on patch). This patch: - Adds a v2 assignments list, with support for pulling the user and project from the auth credentials - For comapability, adds the same auth support to the existing v3 assignments list - Deprecates the use of role list and user role list to list assignments Change-Id: I65bafdef4f8c89e863dab101369d0d629fa818b8 Partial-Bug: 1605774
Diffstat (limited to 'openstackclient/identity/v3/role_assignment.py')
-rw-r--r--openstackclient/identity/v3/role_assignment.py26
1 files changed, 26 insertions, 0 deletions
diff --git a/openstackclient/identity/v3/role_assignment.py b/openstackclient/identity/v3/role_assignment.py
index 39e2336d..6177d1a5 100644
--- a/openstackclient/identity/v3/role_assignment.py
+++ b/openstackclient/identity/v3/role_assignment.py
@@ -67,6 +67,19 @@ class ListRoleAssignment(command.Lister):
)
common.add_project_domain_option_to_parser(parser)
common.add_inherited_option_to_parser(parser)
+ parser.add_argument(
+ '--auth-user',
+ action="store_true",
+ dest='authuser',
+ help='Only list assignments for the authenticated user',
+ )
+ parser.add_argument(
+ '--auth-project',
+ action="store_true",
+ dest='authproject',
+ help='Only list assignments for the project to which the '
+ 'authenticated user\'s token is scoped',
+ )
return parser
def _as_tuple(self, assignment):
@@ -75,6 +88,7 @@ class ListRoleAssignment(command.Lister):
def take_action(self, parsed_args):
identity_client = self.app.client_manager.identity
+ auth_ref = self.app.client_manager.auth_ref
role = None
if parsed_args.role:
@@ -90,6 +104,12 @@ class ListRoleAssignment(command.Lister):
parsed_args.user,
parsed_args.user_domain,
)
+ elif parsed_args.authuser:
+ if auth_ref:
+ user = common.find_user(
+ identity_client,
+ auth_ref.user_id
+ )
domain = None
if parsed_args.domain:
@@ -105,6 +125,12 @@ class ListRoleAssignment(command.Lister):
parsed_args.project,
parsed_args.project_domain,
)
+ elif parsed_args.authproject:
+ if auth_ref:
+ project = common.find_project(
+ identity_client,
+ auth_ref.project_id
+ )
group = None
if parsed_args.group:
View Lorry Controller Status