openstack
/
shade
Code Issues Proposed changes

Revert "Allow grant_role to select users outside default domain" 

Im purposing a revert so we can implement something closer to:
Related-Id: I43c97981d9e76f595efa2051b17a8425404179c4

This way we can handle it for user/role/group/project at the same time.

The correct way to deal with different projects in different domains
than users is to pass in IDs/objects as noted[0]

I do this in the upstream salt modules[1]

[0] https://github.com/openstack/python-openstacksdk/blob/master/openstack/cloud/operatorcloud.py#L1822-L1825
[1] https://github.com/saltstack/salt/blob/develop/salt/states/keystone_role_grant.py#L41-L94

This reverts commit d4148ff9d6.

Change-Id: Ia9f0bdf58a0df539d14b14a3b7e368a06ff6ed88
This commit is contained in:
Sam Yaple 2017-12-11 22:25:17 +00:00 committed by Monty Taylor
parent e3b301de27
commit 9f1e37669c
No known key found for this signature in database
GPG Key ID: 7BAE94BC7141A594
2 changed files with 21 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
shade/openstackcloud.py
View File

@ -10711,11 +10711,7 @@ class OpenStackCloud(
self.get_domain(domain)['id']
if user:
if 'domain' in data:
data['user'] = self.get_user(
user, filters=filters, domain_id=data['domain'])
else:
data['user'] = self.get_user(user, filters=filters)
data['user'] = self.get_user(user, filters=filters)
if project:
# drop domain in favor of project

97
shade/tests/unit/test_role_assignment.py
View File

@ -436,7 +436,6 @@ class TestRoleAssignment(base.RequestsMockTestCase):
self.assert_calls()
def test_grant_role_user_project_exists(self):
self.assertEqual(len(self.calls), 2)
self.register_uris([
dict(method='GET',
uri=self.get_mock_url(resource='roles'),
@ -497,7 +496,6 @@ class TestRoleAssignment(base.RequestsMockTestCase):
entity_type='user',
entity_id=self.user_data.user_id)}),
])
self.assertEqual(len(self.calls), 10)
self.assertFalse(self.op_cloud.grant_role(
self.role_data.role_name,
user=self.user_data.name,
@ -664,10 +662,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -693,16 +688,12 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json={'roles': [self.role_data.json_response['role']]}),
dict(method='GET',
uri=self.get_mock_url(
resource='domains',
append=[self.domain_data.domain_id]),
uri=self.get_mock_url(resource='domains',
append=[self.domain_data.domain_id]),
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -733,10 +724,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -767,10 +755,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -822,10 +807,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -854,10 +836,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -886,10 +865,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -918,10 +894,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -1795,10 +1768,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -1821,10 +1791,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -1847,10 +1814,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -1873,10 +1837,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -1920,10 +1881,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -1959,10 +1917,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -1998,10 +1953,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -2037,10 +1989,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -2529,10 +2478,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',
@ -2581,10 +2527,7 @@ class TestRoleAssignment(base.RequestsMockTestCase):
status_code=200,
json=self.domain_data.json_response),
dict(method='GET',
uri=self.get_mock_url(
resource='users',
qs_elements=[
'domain_id=%s' % self.domain_data.domain_id]),
uri=self.get_mock_url(resource='users'),
status_code=200,
json={'users': [self.user_data.json_response['user']]}),
dict(method='GET',