From c123e2abb48b8e72b279258d272d661a5146ebb8 Mon Sep 17 00:00:00 2001 From: Jan Provaznik Date: Mon, 10 Jun 2013 17:46:08 +0200 Subject: [PATCH] List only projects accessible by user When setting user's primary project, display only projects accessible by user being updated. Fixes bug 1161963 Change-Id: Ib83f3a1ee83b8d0441267254582824a3fe07b4e3 --- .../dashboards/admin/users/forms.py | 5 ++++- .../dashboards/admin/users/tests.py | 20 +++++++++---------- 2 files changed, 14 insertions(+), 11 deletions(-) diff --git a/openstack_dashboard/dashboards/admin/users/forms.py b/openstack_dashboard/dashboards/admin/users/forms.py index 090bc5889a..cc0ff10987 100644 --- a/openstack_dashboard/dashboards/admin/users/forms.py +++ b/openstack_dashboard/dashboards/admin/users/forms.py @@ -41,7 +41,10 @@ class BaseUserForm(forms.SelfHandlingForm): # Populate project choices project_choices = [('', _("Select a project"))] - projects, has_more = api.keystone.tenant_list(request) + # If the user is already set (update action), list only projects which + # the user has access to. + user_id = kwargs['initial'].get('id', None) + projects, has_more = api.keystone.tenant_list(request, user=user_id) for project in projects: if project.enabled: project_choices.append((project.id, project.name)) diff --git a/openstack_dashboard/dashboards/admin/users/tests.py b/openstack_dashboard/dashboards/admin/users/tests.py index ed029936a7..aefe6077fa 100644 --- a/openstack_dashboard/dashboards/admin/users/tests.py +++ b/openstack_dashboard/dashboards/admin/users/tests.py @@ -55,7 +55,7 @@ class UsersViewTests(test.BaseAdminViewTests): user = self.users.get(id="1") role = self.roles.first() - api.keystone.tenant_list(IgnoreArg()) \ + api.keystone.tenant_list(IgnoreArg(), user=None) \ .AndReturn([self.tenants.list(), False]) api.keystone.user_create(IgnoreArg(), user.name, @@ -88,7 +88,7 @@ class UsersViewTests(test.BaseAdminViewTests): def test_create_with_password_mismatch(self): user = self.users.get(id="1") - api.keystone.tenant_list(IgnoreArg()) \ + api.keystone.tenant_list(IgnoreArg(), user=None) \ .AndReturn([self.tenants.list(), False]) api.keystone.role_list(IgnoreArg()).AndReturn(self.roles.list()) api.keystone.get_default_role(IgnoreArg()) \ @@ -114,7 +114,7 @@ class UsersViewTests(test.BaseAdminViewTests): def test_create_validation_for_password_too_short(self): user = self.users.get(id="1") - api.keystone.tenant_list(IgnoreArg()) \ + api.keystone.tenant_list(IgnoreArg(), user=None) \ .AndReturn([self.tenants.list(), False]) api.keystone.role_list(IgnoreArg()).AndReturn(self.roles.list()) api.keystone.get_default_role(IgnoreArg()) \ @@ -143,7 +143,7 @@ class UsersViewTests(test.BaseAdminViewTests): def test_create_validation_for_password_too_long(self): user = self.users.get(id="1") - api.keystone.tenant_list(IgnoreArg()) \ + api.keystone.tenant_list(IgnoreArg(), user=None) \ .AndReturn([self.tenants.list(), False]) api.keystone.role_list(IgnoreArg()).AndReturn(self.roles.list()) api.keystone.get_default_role(IgnoreArg()) \ @@ -178,7 +178,7 @@ class UsersViewTests(test.BaseAdminViewTests): api.keystone.user_get(IsA(http.HttpRequest), '1', admin=True).AndReturn(user) - api.keystone.tenant_list(IgnoreArg()) \ + api.keystone.tenant_list(IgnoreArg(), user=user.id) \ .AndReturn([self.tenants.list(), False]) api.keystone.user_update(IsA(http.HttpRequest), user.id, @@ -212,7 +212,7 @@ class UsersViewTests(test.BaseAdminViewTests): api.keystone.user_get(IsA(http.HttpRequest), '1', admin=True).AndReturn(user) - api.keystone.tenant_list(IgnoreArg()) \ + api.keystone.tenant_list(IgnoreArg(), user=user.id) \ .AndReturn([self.tenants.list(), False]) api.keystone.keystone_can_edit_user().AndReturn(False) api.keystone.keystone_can_edit_user().AndReturn(False) @@ -235,7 +235,7 @@ class UsersViewTests(test.BaseAdminViewTests): api.keystone.user_get(IsA(http.HttpRequest), '1', admin=True).AndReturn(user) - api.keystone.tenant_list(IgnoreArg()) \ + api.keystone.tenant_list(IgnoreArg(), user=user.id) \ .AndReturn([self.tenants.list(), False]) self.mox.ReplayAll() @@ -260,7 +260,7 @@ class UsersViewTests(test.BaseAdminViewTests): api.keystone.user_get(IsA(http.HttpRequest), '1', admin=True).AndReturn(user) - api.keystone.tenant_list(IgnoreArg()) \ + api.keystone.tenant_list(IgnoreArg(), user=user.id) \ .AndReturn([self.tenants.list(), False]) self.mox.ReplayAll() @@ -361,7 +361,7 @@ class SeleniumTests(test.SeleniumAdminTestCase): 'role_list', 'user_list')}) def test_modal_create_user_with_passwords_not_matching(self): - api.keystone.tenant_list(IgnoreArg()) \ + api.keystone.tenant_list(IgnoreArg(), user=None) \ .AndReturn([self.tenants.list(), False]) api.keystone.role_list(IgnoreArg()).AndReturn(self.roles.list()) api.keystone.user_list(IgnoreArg()).AndReturn(self.users.list()) @@ -393,7 +393,7 @@ class SeleniumTests(test.SeleniumAdminTestCase): def test_update_user_with_passwords_not_matching(self): api.keystone.user_get(IsA(http.HttpRequest), '1', admin=True).AndReturn(self.user) - api.keystone.tenant_list(IgnoreArg()) \ + api.keystone.tenant_list(IgnoreArg(), user=self.user.id) \ .AndReturn([self.tenants.list(), False]) self.mox.ReplayAll()