summaryrefslogtreecommitdiff
path: root/openstackclient/identity/v3/role_assignment.py
Commit message (Collapse)AuthorAgeFilesLines
* Role operations should not require list object permissionNathan Kinder2015-04-171-8/+9
| | | | | | | | | | | | | | | | | When using Keystone's policy.v3cloudsample.json policy file, a project admin is supposed to be able to manage role assignments. Unfortunately, a project admin isn't allowed to perform these operations using python-openstackclient, as we attempt to perform list operations for any of the object types specified (users, groups, projects). This is done in an attempt to lookup the id of the object by name, but we perform this list operation even when the user specifies everything by id. This causes 403 errors. This patch still attempts to look up the object id by name, but we catch the 403 and assume that the user specified an id if the list operation is not allowed. This is similar to what we do with the --domain option for other commands. Closes-bug: #1445528 Change-Id: Id95a8520e935c1092d5a22ecd8ea01f572334ac8
* add doc for role assignment commandwanghong2014-12-241-6/+6
| | | | Change-Id: I594d444b6d1ec4e72bed03394178293737f26069
* Add role assignments list support to identity v3henriquetruta2014-05-301-0/+156
The assignments manager and its test class were created. Some fake stubs were also added on the fakes.py module. The "openstack role assignment list" command was created. Change-Id: Iae94f4fee608ea3e09ff38961ad22edc38efb89c Implements: blueprint roles-assignment-list Closes-Bug: 1246310
View Lorry Controller Status