summaryrefslogtreecommitdiff
path: root/openstackclient/identity/v3
Commit message (Collapse)AuthorAgeFilesLines
* Safely pop project parent idSteve Martinelli2014-12-041-0/+4
| | | | | | | | | Since we don't support multitenancy yet, we should just pop the parent id of a project. When keystoneclient supports mulittenancy we should bring everything in at once (CRUD), and these changes should be removed. Change-Id: I82c7c825502124a24ccdbadf09ecb2748887ca5d
* Add the ability to list projects based on a userSteve Martinelli2014-12-011-2/+22
| | | | | | | Essentially performing GET /users/{user_id}/projects Change-Id: Iae6ddfc86a856fa24fbe293ec4af52ea671390f8 Closes-Bug: #1394793
* Add support for domains when deleting identity v3 resourcesSteve Martinelli2014-12-013-9/+41
| | | | | | | | | | Currently, only deleting via IDs is possible for groups, projects and users. We should have an optional --domain argument that allows for a name to be specified for the resource. (Since these are all namespaced by domains). Change-Id: I18ace3db85a3969f0b97678d432d6f8368baa9cd
* Command object docs: project, role, userDean Troyer2014-12-013-95/+95
| | | | | | | | | project role user user role Change-Id: I445e09a3ffb69114912ae562a9285963a636bfd1
* Merge "add keystone v3 region object"Jenkins2014-11-191-0/+205
|\
| * add keystone v3 region objectwanghong2014-11-181-0/+205
| | | | | | | | | | | | | | Co-Authored-By: Steve Martinelli <stevemar@ca.ibm.com> Change-Id: Ia6f607630dbf507681733c3ab3b9b7c55de30f49 Closes-Bug: #1387932
* | Merge "Add --or-show support for v3 identity resources"Jenkins2014-11-185-27/+106
|\ \
| * | Add --or-show support for v3 identity resourcesSteve Martinelli2014-11-185-27/+106
| |/ | | | | | | | | | | | | | | | | | | | | | | Add --or-show for the following: * v3 roles * v3 projects * v3 domains * v3 users * v3 groups Closes-Bug: #1390389 Change-Id: Id4ef043e5fda6be49a515eb3fe138c813c393ec9
* | Remove links from oauth consumersSteve Martinelli2014-11-131-6/+4
| | | | | | | | | | | | | | This should be the last of the v3 identity objects that return a links section upon create or show. Change-Id: I45a3b43c303bfed73950095bec8860cbea7a559c
* | Remove links from federation related commands in identity v3Steve Martinelli2014-11-133-12/+11
|/ | | | | | | | | | | We should remove the 'links' portion from the returned object for the following commands: * create/show federation protocol * create/show mapping * create/show identity provider Change-Id: I55654cce1f89de8e532f9acd8092257be33efd85
* Unscoped federated user-specific commandsMatthieu Huin2014-10-301-0/+79
| | | | | | | | | | | | A federated user can authenticate with the v3unscopedsaml plugin and list the domains and projects she is allowed to scope to. This patch introduces the new commands 'federation domain list' and 'federation project list'. Note that for these commands -and plugin- to be available, the lxml library must be installed. Change-Id: I2707b624befcfb0a01b40a094e12fd68a3ee7773 Co-Authored-By: Florent Flament <florent.flament-ext@cloudwatt.com>
* Fix token issue after auth changeupDean Troyer2014-10-201-3/+1
| | | | | | | | | | | IssueToken.take_action() was missed in updating the structure of the ClientManager. Also, TOKEN_WITH_TENANT_ID in v3 is just wrong... Closes-Bug: #1383396 Change-Id: If2dd82a26af1d743ee9df73e0c1aebce497bf22e
* Merge "Remove 'links' section from several v3 Identity objects"Jenkins2014-10-139-20/+23
|\
| * Remove 'links' section from several v3 Identity objectsSteve Martinelli2014-10-119-20/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The links field in the returned objects from the v3 Identity API aren't really useful, so let's remove them. Managed to remove most of them from the core API. I'll likely remove the extension/contribution (oauth/federation) related ones in another patch. Also in this patch the code for setting services and projects was changed. Though not incorrect, it was not needed to copy the entire returned object, we should just need to pass in the fields we want to update. Change-Id: I164ca9ad8b28fa10b291e9115ef40753e387c547
* | Merge "Fix issue token for v3"Jenkins2014-10-121-2/+2
|\ \ | |/ |/|
| * Fix issue token for v3Steve Martinelli2014-10-111-2/+2
| | | | | | | | | | | | | | | | Currently the code is broken as it references a part of keystoneclient that does not exist. Change-Id: I7fbc754537fbb4acffb166b5854840acfaef1fb8 Closes-Bug: #1379871
* | Allow --domain to be used for identity commands without lookupNathan Kinder2014-10-093-27/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Performing create, list, or set operations for users, groups, and projects with the --domain option attempts to look up the domain for name to ID conversion. In the case of an environment using Keystone domains, it is desired to allow a domain admin to perform these operations for objects in their domain without allowing them to list or show domains. The current behavior prevents the domain admin from performing these operations since they will be forbidden to perform the underlying list_domains operation. This patch makes the domain lookup error a soft failure, and falls back to using the passed in domain argument directly as a domain ID in the request that it sends to Keystone. Change-Id: I5139097f8cedc53693f6f71297518917ac72e50a Closes-Bug: #1378565
* | Add domain parameters to user show for Identity V3Steve Martinelli2014-10-093-18/+50
|/ | | | | | | | | | | Update `user show` for Identity V3 to account for a domain argument, in doing so, also update `find resource` to be more flexible by allowing **kwargs. Also update `group show` and `project show` since they follow the same logic as a user within a group. Change-Id: Ib828e4dbeb0bd31164396069ce8a64c873179779 Closes-Bug: #1378165
* Merge "CRUD operations for federated protocols"Jenkins2014-10-091-0/+182
|\
| * CRUD operations for federated protocolsMarek Denis2014-10-081-0/+182
| | | | | | | | | | | | | | | | | | Openstackclient needs to have a capability to manage federated protocols (like saml2, openid connect, abfab). This patch allows users to administrate such operations from the commandline. Change-Id: I59eef2acdda60c7ec795d1bfe31e8e960b4478a1 Implements: bp/add-openstackclient-federation-crud
* | Merge "Pass in domain and project as positional args, not kwargs"Jenkins2014-10-091-2/+2
|\ \ | |/ |/|
| * Pass in domain and project as positional args, not kwargsSteve Martinelli2014-10-021-2/+2
| | | | | | | | | | | | | | | | | | | | The signature for users.set in keystoneclient dictates that domain and project be sent in, not domainId and projectId, which are being incorrectly sent in as 'extra' data. Closes-Bug: #1376833 Change-Id: I44df3e492f61eab2241f3758dee622417bb6f399
* | Implement CRUD operations for Mapping objectsMarek Denis2014-10-081-0/+209
|/ | | | | Change-Id: I4b8f2e77e741cf74f50aba98ab975af7321b02c6 Implements: bp/add-openstackclient-federation-crud
* v3 credential set always needs --user optionwanghong2014-09-231-4/+5
| | | | | Change-Id: Ieca76bb6ee2f328f4e33010623c25eb9c18e6952 Closes-Bug: #1372744
* Merge "Add action 'user password set' for identiy v3"Jenkins2014-09-071-0/+29
|\
| * Add action 'user password set' for identiy v3Mouad Benchchaoui2014-09-071-0/+29
| | | | | | | | | | | | | | | | | | | | | | This new action will allow a user to change their own password by either providing the new password as an argument (--password) or by being prompted to enter the new password. In both cases user will be prompted to enter their current password as required by the v3 API. Closes-Bug: #1337245 Change-Id: I5e1e0fd2b46a4502318da57f7cce2b236fb2d93d
* | Merge "add service/interface/region filter for endpoint v3"Jenkins2014-09-061-1/+27
|\ \
| * | add service/interface/region filter for endpoint v3wanghong2014-08-181-1/+27
| | | | | | | | | | | | | | | Change-Id: I7eac5b2ff5f5a6f3f08b22dd3a48a5ae7e2c056b Closes-Bug: #1281888
* | | Merge "add tests for identity v3 endpoint"Jenkins2014-08-231-5/+11
|\ \ \ | |/ /
| * | add tests for identity v3 endpointwanghong2014-08-141-5/+11
| | | | | | | | | | | | | | | Change-Id: I1479460473656ea4e2a48a976808371e840b49c1 Closes-Bug: #1348867
* | | add tests for identity v3 domainwanghong2014-08-141-5/+6
|/ / | | | | | | Change-Id: I478215f62b51e6e73283f0304ea1b0736177d1b1
* | v3 endpoint set shouldn't always need service optionwanghong2014-08-041-2/+6
| | | | | | | | | | Change-Id: I71aab1ee4f467dc963e7afa7fc1c82b4255ea822 Closes-Bug: #1351121
* | fix typo in identity/v3/endpoint.pywanghong2014-07-291-4/+4
| | | | | | | | Change-Id: Idf57a6a988f5c0f20f3b0b19ab896642ce10d70b
* | Merge "Normalize more help strings"Jenkins2014-07-241-11/+11
|\ \
| * | Normalize more help stringsDean Troyer2014-07-241-11/+11
| |/ | | | | | | Change-Id: I2b21bc904e35c1cc50da369d148e607fe3e8cf90
* | Fix IDP commandsJamie Lennox2014-07-211-7/+8
| | | | | | | | | | | | | | | | | | | | | | identity_client.identity_providers doesn't exist as a manager. These are located at identity_client.federation.identity_providers. Fix the routes. Also fix passing id to .create() as a positional argument. This is not allowed from keystoneclient it should be passed as a keyword argument. Change-Id: I912c27fcee58b0723e27e9147def2cbd1c62c288
* | Domain administrator cannot do project operationsTerry Howe2014-07-071-12/+6
|/ | | | | | | | | | | | | | | Domain administrator cannot do project operations because the require access to the domain API (which they don't have). When attempting to find a domain for project operations, ignore errors because the API returns nothing without indicating there is a problem. The domain administrators will have to use a domain id, but they will still be able to do project operations. If the user does not have permission to read the domain table, they cannot use domain names. Change-Id: Ieed5d420022a407c8296a0bb3569d9469c89d752 Closes-Bug: #1317478 Closes-Bug: #1317485
* Merge "Rename token classes to match command"Jenkins2014-06-271-7/+8
|\
| * Rename token classes to match commandDean Troyer2014-06-271-7/+8
| | | | | | | | | | | | | | The token create/delete commands were renamed but not the class names. Rename them to match. Change-Id: Icbf9c0a954ed0332fa4c99e4ee2612bb11f89e3a
* | Fixed typos in the identity clientAlex Gaynor2014-06-261-2/+2
|/ | | | Change-Id: I76042110f5a008d4c097862a572448448f92a504
* Complete Identity v3 list command filtersDean Troyer2014-06-192-23/+74
| | | | | | | Complete the 'group list' and 'user list' filter options following the refactor in https://review.openstack.org/69878 Change-Id: Ib4af417c56d4f7da4b88852f191af615cc7fa2ec
* Merge "Refactor role list subcommand for identity v3 api"Jenkins2014-06-193-158/+115
|\
| * Refactor role list subcommand for identity v3 apiQiu Yu2014-06-133-158/+115
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently parts of user list and group list command are actually functioning as role listing, which is quite counter intuitive and misleading. This refactor change move role related logic to a single place of role list command. It now allows role grants listing for user/group + domain/project combinations. If no user or group specified, it will list all roles in the system, which is the default behaviour. Change-Id: I4ced6df4b76f018d01000d28b4281ad9f252ffcc
* | Merge "Change the token verb to issue/revoke"Jenkins2014-06-181-1/+1
|\ \
| * | Change the token verb to issue/revokeTerry Howe2014-06-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | Change the token verb to issue/revoke as documented in: https://wiki.openstack.org/wiki/OpenStackClient/Commands#token https://wiki.openstack.org/wiki/OpenStackClient/Commands#Actions Change-Id: I44f77f98ad3269c4f2149301c204804dcb75ac81
* | | Refactor oauth1 code for updatesSteve Martinelli2014-06-142-141/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The keystoneclient code for oauth1 support has changed. As such, we should remove the delete, list and authenticate functions, since they are not in keystoneclient. Also, we must now pass in the project id when creating a request token. Additionally we must now pass in roles when authorizing a request token. Added functional tests to ensure output and input args are the same. bp add-oauth-support Change-Id: I559c18a73ad95a0c8b7a6a95f463b78334186f61
* | | Merge "Add role assignments list support to identity v3"Jenkins2014-06-131-0/+156
|\ \ \ | |_|/ |/| |
| * | Add role assignments list support to identity v3henriquetruta2014-05-301-0/+156
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The assignments manager and its test class were created. Some fake stubs were also added on the fakes.py module. The "openstack role assignment list" command was created. Change-Id: Iae94f4fee608ea3e09ff38961ad22edc38efb89c Implements: blueprint roles-assignment-list Closes-Bug: 1246310
* | | Merge "replace string format arguments with function parameters"Jenkins2014-06-1012-67/+67
|\ \ \ | |/ / |/| |
| * | replace string format arguments with function parametersChristian Berendt2014-05-2012-67/+67
| |/ | | | | | | | | | | | | | | There are files containing string format arguments inside logging messages. Using logging function parameters should be preferred. Change-Id: Ic749ac9eb55564ed631d57055a5a4dfc3aebd169
View Lorry Controller Status