Charm specify roles to be granted to admin
A charm joined to keystone via the identity-service relation can now specify additional roles that can be granted to admin. This is done by setting the relation data key `add_role_to_admin` the value is a comma seperated list of roles that should be granted to admin. Change-Id: I5495c350c7ac65f8a67125734dff368577c983f4
This commit is contained in:
parent
a48a1e826a
commit
a4684ff27a
|
@ -112,7 +112,8 @@ class KeystoneRequires(RelationBase):
|
|||
return True
|
||||
|
||||
def register_endpoints(self, service, region, public_url, internal_url,
|
||||
admin_url, requested_roles=None):
|
||||
admin_url, requested_roles=None,
|
||||
add_role_to_admin=None):
|
||||
"""
|
||||
Register this service with keystone
|
||||
"""
|
||||
|
@ -126,6 +127,9 @@ class KeystoneRequires(RelationBase):
|
|||
if requested_roles:
|
||||
relation_info.update(
|
||||
{'requested_roles': ','.join(requested_roles)})
|
||||
if add_role_to_admin:
|
||||
relation_info.update(
|
||||
{'add_role_to_admin': ','.join(add_role_to_admin)})
|
||||
self.set_local(**relation_info)
|
||||
self.set_remote(**relation_info)
|
||||
|
||||
|
|
|
@ -230,6 +230,24 @@ class TestKeystoneRequires(unittest.TestCase):
|
|||
self.set_local.assert_called_once_with(**result)
|
||||
self.set_remote.assert_called_once_with(**result)
|
||||
|
||||
def test_register_endpoints_add_role_to_admin(self):
|
||||
self.patch_kr('set_local')
|
||||
self.patch_kr('set_remote')
|
||||
self.kr.register_endpoints('s', 'r', 'p_url', 'i_url', 'a_url',
|
||||
requested_roles=['role1', 'role2'],
|
||||
add_role_to_admin=['grole1', 'grole2'])
|
||||
result = {
|
||||
'service': 's',
|
||||
'public_url': 'p_url',
|
||||
'internal_url': 'i_url',
|
||||
'admin_url': 'a_url',
|
||||
'region': 'r',
|
||||
'requested_roles': 'role1,role2',
|
||||
'add_role_to_admin': 'grole1,grole2',
|
||||
}
|
||||
self.set_local.assert_called_once_with(**result)
|
||||
self.set_remote.assert_called_once_with(**result)
|
||||
|
||||
def test_request_keystone_endpoint_information(self):
|
||||
self.patch_kr('set_local')
|
||||
self.patch_kr('set_remote')
|
||||
|
|
Loading…
Reference in New Issue