| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Changes to the 'service list' commands for Identity v2 and v3:
* Document support for --long
* Add Description to v3 output with --long
* v3 output is now (ID, Name, Type), with (Description, Enabled) added with --long
* Change v2 output to match v3 output, with the absense of Enabled.
* Update doc to match
Closes-Bug: #1411337
Change-Id: I999e3df22f61350cdeba63bbb7d01145c2ffeeaf
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently v3 endpoint commands access service.name directly, while
name is not a required attribute of service. So if we associate an
endpoint to a service without name, we will get an AttributeError
executing v3 endpoint commands later. This patch addresses this
issue by checking if service.name is available before accessing it.
Change-Id: I3dd686ef02a2e21e2049a49cb55634385c2ecfaf
Closes-Bug: #1406737
|
| | |
| |
| |
| |
| |
| | |
Command doc and tweaks to the code
Change-Id: I8f251bf9ca77f16b01a509844e79ddde82048b0d
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| | |
Added command docs, and changed request token to take in name or
id of a project, and also support a domain option.
Change-Id: I87363274e5b7a0c687e234f5a4bcaaf166d28840
|
| |/
|
|
|
|
|
|
| |
Adds a --project filter to `os user list`, which really
calls the role assignment manager behind the scenes.
Change-Id: I57a75018f12ed3acdf8f6611b6b58bd974f91da2
Closes-Bug: #1397251
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
Previously this column was coming up as empty, since user's
have a `default project id`, not just `project id`.
Change-Id: I3d7f7eb600e9526b9c6cc2a8c5d6009b9100b1f5
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Change the implementation of --enable|--disable on domain create
and set commands to our usual style.
Change-Id: I10f2b96281a114fa3cf3b001394844770b2a8632
|
| |\ \ \
| |/ /
|/| | |
|
| | |/
| |
| |
| |
| | |
Change-Id: Ibf84882c9a9f408268c225190436fc1a534e1017
Closes-Bug: #1404997
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is part2. Add support for these objects:
identity.project(v2.0)
identity.role(v2.0)
identity.user(v2.0)
identity.project(v3)
identity.role(v3)
identity.user(v3)
identity.group(v3)
Closes-Bug: #1400597
Change-Id: I270434d657cf4ddc23c3aba2c704d6ef184b0dbc
|
| |
|
|
|
|
|
| |
Co-Authored-By: Steve Martinelli <stevemar@ca.ibm.com>
Change-Id: Ia6f607630dbf507681733c3ab3b9b7c55de30f49
Closes-Bug: #1387932
|
| |
|
|
|
|
|
|
|
|
|
|
| |
A federated user can authenticate with the v3unscopedsaml plugin and
list the domains and projects she is allowed to scope to.
This patch introduces the new commands 'federation domain list' and
'federation project list'.
Note that for these commands -and plugin- to be available, the lxml
library must be installed.
Change-Id: I2707b624befcfb0a01b40a094e12fd68a3ee7773
Co-Authored-By: Florent Flament <florent.flament-ext@cloudwatt.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
IssueToken.take_action() was missed in updating the structure of
the ClientManager.
Also, TOKEN_WITH_TENANT_ID in v3 is just wrong...
Closes-Bug: #1383396
Change-Id: If2dd82a26af1d743ee9df73e0c1aebce497bf22e
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The links field in the returned objects from the v3 Identity
API aren't really useful, so let's remove them.
Managed to remove most of them from the core API.
I'll likely remove the extension/contribution (oauth/federation)
related ones in another patch.
Also in this patch the code for setting services and projects
was changed. Though not incorrect, it was not needed to copy
the entire returned object, we should just need to pass in
the fields we want to update.
Change-Id: I164ca9ad8b28fa10b291e9115ef40753e387c547
|
| |/
|
|
|
|
|
|
| |
Currently the code is broken as it references a part of
keystoneclient that does not exist.
Change-Id: I7fbc754537fbb4acffb166b5854840acfaef1fb8
Closes-Bug: #1379871
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Openstackclient needs to have a capability to manage federated protocols
(like saml2, openid connect, abfab). This patch allows users to
administrate such operations from the commandline.
Change-Id: I59eef2acdda60c7ec795d1bfe31e8e960b4478a1
Implements: bp/add-openstackclient-federation-crud
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The signature for users.set in keystoneclient dictates that
domain and project be sent in, not domainId and projectId,
which are being incorrectly sent in as 'extra' data.
Closes-Bug: #1376833
Change-Id: I44df3e492f61eab2241f3758dee622417bb6f399
|
| |/
|
|
|
| |
Change-Id: I4b8f2e77e741cf74f50aba98ab975af7321b02c6
Implements: bp/add-openstackclient-federation-crud
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This new action will allow a user to change their own password by
either providing the new password as an argument (--password) or by
being prompted to enter the new password.
In both cases user will be prompted to enter their current password
as required by the v3 API.
Closes-Bug: #1337245
Change-Id: I5e1e0fd2b46a4502318da57f7cce2b236fb2d93d
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | | |
Change-Id: I7eac5b2ff5f5a6f3f08b22dd3a48a5ae7e2c056b
Closes-Bug: #1281888
|
| |\ \ \
| |/ / |
|
| | | |
| | |
| | |
| | |
| | | |
Change-Id: I1479460473656ea4e2a48a976808371e840b49c1
Closes-Bug: #1348867
|
| |\ \ \ |
|
| | |/ /
| | |
| | |
| | | |
Change-Id: I478215f62b51e6e73283f0304ea1b0736177d1b1
|
| |/ /
| |
| |
| |
| |
| | |
Change test_service_show to test_role_show.
Change-Id: Ieef7fdeb9401b4dc28720c9ba14bf460ac171288
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
identity_client.identity_providers doesn't exist as a manager. These are
located at identity_client.federation.identity_providers. Fix the
routes.
Also fix passing id to .create() as a positional argument. This is not
allowed from keystoneclient it should be passed as a keyword argument.
Change-Id: I912c27fcee58b0723e27e9147def2cbd1c62c288
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Domain administrator cannot do project operations because the
require access to the domain API (which they don't have). When
attempting to find a domain for project operations, ignore errors
because the API returns nothing without indicating there is a
problem. The domain administrators will have to use a domain id,
but they will still be able to do project operations. If the user
does not have permission to read the domain table, they cannot
use domain names.
Change-Id: Ieed5d420022a407c8296a0bb3569d9469c89d752
Closes-Bug: #1317478
Closes-Bug: #1317485
|
| |
|
|
|
|
|
| |
Noticed these in the code, figured we should stick to not using
backslashes if possible.
Change-Id: I55e5402683141e14df7c2b38883b1f3cc2a6bb6a
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
Do both as they are all in the same set of files that required
major re-formatting.
Change-Id: I6e8a8ce19a55105124a33c0e2487fc4b4e06d252
|
| |\ \
| |/ |
|
| | |
| |
| |
| | |
Change-Id: Ieb9a9af1da27d3935d1a4d3cfb61b0ccb03d099a
|
| |/
|
|
|
|
|
| |
The token create/delete commands were renamed but not the class names.
Rename them to match.
Change-Id: Icbf9c0a954ed0332fa4c99e4ee2612bb11f89e3a
|
| |
|
|
|
|
|
| |
Complete the 'group list' and 'user list' filter options following
the refactor in https://review.openstack.org/69878
Change-Id: Ib4af417c56d4f7da4b88852f191af615cc7fa2ec
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently parts of user list and group list command are actually
functioning as role listing, which is quite counter intuitive and
misleading.
This refactor change move role related logic to a single place of role
list command. It now allows role grants listing for user/group +
domain/project combinations.
If no user or group specified, it will list all roles in the system,
which is the default behaviour.
Change-Id: I4ced6df4b76f018d01000d28b4281ad9f252ffcc
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The keystoneclient code for oauth1 support has changed.
As such, we should remove the delete, list and authenticate
functions, since they are not in keystoneclient.
Also, we must now pass in the project id when creating a
request token. Additionally we must now pass in roles
when authorizing a request token.
Added functional tests to ensure output and input args
are the same.
bp add-oauth-support
Change-Id: I559c18a73ad95a0c8b7a6a95f463b78334186f61
|
| |/
|
|
|
|
|
|
|
|
|
| |
The assignments manager and its test class were created.
Some fake stubs were also added on the fakes.py module.
The "openstack role assignment list" command was created.
Change-Id: Iae94f4fee608ea3e09ff38961ad22edc38efb89c
Implements: blueprint roles-assignment-list
Closes-Bug: 1246310
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Operations for:
* adding Identity Provider
* listing Identity Providers
* showing Identity Provider
* updating Identity Provider
* deleting Identity Provider
Change-Id: I4557168309f93e4670116b5c3c0e29252ff0c40f
Implements: bp/add-openstackclient-federation-crud
|
| |/
|
|
|
|
|
|
|
| |
Keystoneclient has added the positional decorator which emits a warning
if arguments aren't passed by keyword. This means we are getting
warnings in certain places in openstackclient.
Change-Id: Ic5446cd6f122cbb56fce543011386d53bc31fe18
Closes-Bug: #1302199
|
