openstack/horizon
Code Issues Proposed changes

Server-side filtering for Identity

Browse Source 
Implements server-side filtering in Identity->Projects

Projects (Only V3 supports server filtering)
Users (Only V3 supports server filtering)
Groups
Roles

This filtering method allows a user to filter by
several fields:
- Name
- UUID
- Enabled

Cannot implement filter by email ttps://review.openstack.org/#/c/110970/

Implements blueprint: server-side-filtering
Co-Authored-By: Daniel Castellanos <luis.daniel.castellanos@intel.com>

Change-Id: I37d6afdef84593e2779d21bec0c2f55e2794ab78
This commit is contained in:
Eddie Ramirez 2016-06-01 21:56:41 +00:00 committed by Luis Daniel Castellanos
parent bff48543ba
commit bc1fb4910b
13 changed files with 150 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
openstack_dashboard/api/keystone.py
View File

@ -315,7 +315,7 @@ def tenant_list(request, paginate=False, marker=None, domain=None, user=None,
admin=True, filters=None): admin=True, filters=None):
manager = VERSIONS.get_project_manager(request, admin=admin) manager = VERSIONS.get_project_manager(request, admin=admin)
page_size = utils.get_page_size(request) page_size = utils.get_page_size(request)
tenants = []
limit = None limit = None
if paginate: if paginate:
limit = page_size + 1 limit = page_size + 1
@ -341,7 +341,15 @@ def tenant_list(request, paginate=False, marker=None, domain=None, user=None,
} }
if filters is not None: if filters is not None:
kwargs.update(filters) kwargs.update(filters)
tenants = manager.list(**kwargs) if 'id' in kwargs:
try:
tenants = [tenant_get(request, kwargs['id'])]
except keystone_exceptions.NotFound:
tenants = []
except Exception:
exceptions.handle(request)
else:
tenants = manager.list(**kwargs)
return tenants, has_more_data return tenants, has_more_data
@ -360,6 +368,7 @@ def tenant_update(request, project, name=None, description=None,
def user_list(request, project=None, domain=None, group=None, filters=None): def user_list(request, project=None, domain=None, group=None, filters=None):
users = []
if VERSIONS.active < 3: if VERSIONS.active < 3:
kwargs = {"tenant_id": project} kwargs = {"tenant_id": project}
else: else:
@ -370,7 +379,13 @@ def user_list(request, project=None, domain=None, group=None, filters=None):
} }
if filters is not None: if filters is not None:
kwargs.update(filters) kwargs.update(filters)
users = keystoneclient(request, admin=True).users.list(**kwargs) if 'id' in kwargs:
try:
users = [user_get(request, kwargs['id'])]
except keystone_exceptions.NotFound:
raise exceptions.NotFound()
else:
users = keystoneclient(request, admin=True).users.list(**kwargs)
return [VERSIONS.upgrade_v2_user(user) for user in users] return [VERSIONS.upgrade_v2_user(user) for user in users]
@ -523,9 +538,23 @@ def group_delete(request, group_id):
return manager.delete(group_id) return manager.delete(group_id)
def group_list(request, domain=None, project=None, user=None): def group_list(request, domain=None, project=None, user=None, filters=None):
manager = keystoneclient(request, admin=True).groups manager = keystoneclient(request, admin=True).groups
groups = manager.list(user=user, domain=domain) groups = []
kwargs = {
"domain": domain,
"user": user,
"name": None
}
if filters is not None:
kwargs.update(filters)
if 'id' in kwargs:
try:
groups = [manager.get(kwargs['id'])]
except keystone_exceptions.NotFound:
raise exceptions.NotFound()
else:
groups = manager.list(**kwargs)
if project: if project:
project_groups = [] project_groups = []
@ -534,7 +563,6 @@ def group_list(request, domain=None, project=None, user=None):
if roles and len(roles) > 0: if roles and len(roles) > 0:
project_groups.append(group) project_groups.append(group)
groups = project_groups groups = project_groups
return groups return groups
@ -619,9 +647,23 @@ def role_delete(request, role_id):
return manager.delete(role_id) return manager.delete(role_id)
def role_list(request): def role_list(request, filters=None):
"""Returns a global list of available roles.""" """Returns a global list of available roles."""
return keystoneclient(request, admin=True).roles.list() manager = keystoneclient(request, admin=True).roles
roles = []
kwargs = {}
if filters is not None:
kwargs.update(filters)
if 'id' in kwargs:
try:
roles = [manager.get(kwargs['id'])]
except keystone_exceptions.NotFound:
roles = []
except Exception:
exceptions.handle(request)
else:
roles = manager.list(**kwargs)
return roles
def roles_for_user(request, user, project=None, domain=None): def roles_for_user(request, user, project=None, domain=None):

13
openstack_dashboard/dashboards/identity/groups/tables.py
View File

@ -100,16 +100,9 @@ class ManageUsersLink(tables.LinkAction):
class GroupFilterAction(tables.FilterAction): class GroupFilterAction(tables.FilterAction):
def filter(self, table, groups, filter_string): filter_type = "server"
"""Naive case-insensitive search.""" filter_choices = (("name", _("Group Name ="), True),
q = filter_string.lower() ("id", _("Group ID ="), True))
def comp(group):
if q in group.name.lower():
return True
return False
return filter(comp, groups)
class GroupsTable(tables.DataTable): class GroupsTable(tables.DataTable):

21
openstack_dashboard/dashboards/identity/groups/tests.py
View File

@ -48,10 +48,12 @@ class GroupsViewTests(test.BaseAdminViewTests):
def test_index(self): def test_index(self):
domain_id = self._get_domain_id() domain_id = self._get_domain_id()
groups = self._get_groups(domain_id) groups = self._get_groups(domain_id)
filters = {}
domain = self.domains.get(id="1") domain = self.domains.get(id="1")
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain) api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
api.keystone.group_list(IgnoreArg(), domain=domain_id) \ api.keystone.group_list(IgnoreArg(),
domain=domain_id,
filters=filters) \
.AndReturn(groups) .AndReturn(groups)
self.mox.ReplayAll() self.mox.ReplayAll()
@ -72,7 +74,7 @@ class GroupsViewTests(test.BaseAdminViewTests):
'get_effective_domain_id')}) 'get_effective_domain_id')})
def test_index_with_domain(self): def test_index_with_domain(self):
domain = self.domains.get(id="1") domain = self.domains.get(id="1")
filters = {}
self.setSessionValues(domain_context=domain.id, self.setSessionValues(domain_context=domain.id,
domain_context_name=domain.name) domain_context_name=domain.name)
groups = self._get_groups(domain.id) groups = self._get_groups(domain.id)
@ -80,7 +82,8 @@ class GroupsViewTests(test.BaseAdminViewTests):
api.keystone.get_effective_domain_id(IgnoreArg()).AndReturn(domain.id) api.keystone.get_effective_domain_id(IgnoreArg()).AndReturn(domain.id)
api.keystone.group_list(IsA(http.HttpRequest), api.keystone.group_list(IsA(http.HttpRequest),
domain=domain.id).AndReturn(groups) domain=domain.id,
filters=filters).AndReturn(groups)
self.mox.ReplayAll() self.mox.ReplayAll()
@ -103,8 +106,11 @@ class GroupsViewTests(test.BaseAdminViewTests):
domain_id = self._get_domain_id() domain_id = self._get_domain_id()
groups = self._get_groups(domain_id) groups = self._get_groups(domain_id)
domain = self.domains.get(id="1") domain = self.domains.get(id="1")
filters = {}
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain) api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
api.keystone.group_list(IgnoreArg(), domain=domain_id) \ api.keystone.group_list(IgnoreArg(),
domain=domain_id,
filters=filters) \
.AndReturn(groups) .AndReturn(groups)
api.keystone.keystone_can_edit_group() \ api.keystone.keystone_can_edit_group() \
.MultipleTimes().AndReturn(False) .MultipleTimes().AndReturn(False)
@ -195,11 +201,14 @@ class GroupsViewTests(test.BaseAdminViewTests):
'group_delete')}) 'group_delete')})
def test_delete_group(self): def test_delete_group(self):
domain_id = self._get_domain_id() domain_id = self._get_domain_id()
filters = {}
group = self.groups.get(id="2") group = self.groups.get(id="2")
domain = self.domains.get(id="1") domain = self.domains.get(id="1")
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain) api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
api.keystone.group_list(IgnoreArg(), domain=domain_id) \ api.keystone.group_list(IgnoreArg(),
domain=domain_id,
filters=filters) \
.AndReturn(self.groups.list()) .AndReturn(self.groups.list())
api.keystone.group_delete(IgnoreArg(), group.id) api.keystone.group_delete(IgnoreArg(), group.id)

5
openstack_dashboard/dashboards/identity/groups/views.py
View File

@ -40,12 +40,13 @@ class IndexView(tables.DataTableView):
def get_data(self): def get_data(self):
groups = [] groups = []
domain_id = api.keystone.get_effective_domain_id(self.request) domain_id = api.keystone.get_effective_domain_id(self.request)
filters = self.get_filters()
if policy.check((("identity", "identity:list_groups"),), if policy.check((("identity", "identity:list_groups"),),
self.request): self.request):
try: try:
groups = api.keystone.group_list(self.request, groups = api.keystone.group_list(self.request,
domain=domain_id) domain=domain_id,
filters=filters)
except Exception: except Exception:
exceptions.handle(self.request, exceptions.handle(self.request,
_('Unable to retrieve group list.')) _('Unable to retrieve group list.'))

18
openstack_dashboard/dashboards/identity/projects/tables.py
View File

@ -198,17 +198,13 @@ class DeleteTenantsAction(policy.PolicyTargetMixin, tables.DeleteAction):
class TenantFilterAction(tables.FilterAction): class TenantFilterAction(tables.FilterAction):
def filter(self, table, tenants, filter_string): if api.keystone.VERSIONS.active < 3:
"""Really naive case-insensitive search.""" filter_type = "query"
# FIXME(gabriel): This should be smarter. Written for demo purposes. else:
q = filter_string.lower() filter_type = "server"
filter_choices = (('name', _("Project Name ="), True),
def comp(tenant): ('id', _("Project ID ="), True),
if q in tenant.name.lower(): ('enabled', _("Enabled ="), True, _('e.g. Yes/No')))
return True
return False
return filter(comp, tenants)
class UpdateRow(tables.Row): class UpdateRow(tables.Row):

9
openstack_dashboard/dashboards/identity/projects/tests.py
View File

@ -48,10 +48,12 @@ class TenantsViewTests(test.BaseAdminViewTests):
quotas: ('enabled_quotas',)}) quotas: ('enabled_quotas',)})
def test_index(self): def test_index(self):
domain = self.domains.get(id="1") domain = self.domains.get(id="1")
filters = {}
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain) api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
api.keystone.tenant_list(IsA(http.HttpRequest), api.keystone.tenant_list(IsA(http.HttpRequest),
domain=None, domain=None,
paginate=True, paginate=True,
filters=filters,
marker=None) \ marker=None) \
.AndReturn([self.tenants.list(), False]) .AndReturn([self.tenants.list(), False])
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id: api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:
@ -70,7 +72,7 @@ class TenantsViewTests(test.BaseAdminViewTests):
quotas: ('enabled_quotas',)}) quotas: ('enabled_quotas',)})
def test_index_with_domain_context(self): def test_index_with_domain_context(self):
domain = self.domains.get(id="1") domain = self.domains.get(id="1")
filters = {}
self.setSessionValues(domain_context=domain.id, self.setSessionValues(domain_context=domain.id,
domain_context_name=domain.name) domain_context_name=domain.name)
@ -82,7 +84,8 @@ class TenantsViewTests(test.BaseAdminViewTests):
api.keystone.tenant_list(IsA(http.HttpRequest), api.keystone.tenant_list(IsA(http.HttpRequest),
domain=domain.id, domain=domain.id,
paginate=True, paginate=True,
marker=None) \ marker=None,
filters=filters) \
.AndReturn([domain_tenants, False]) .AndReturn([domain_tenants, False])
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id: api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:
domain.name}) domain.name})
@ -101,10 +104,12 @@ class ProjectsViewNonAdminTests(test.TestCase):
'domain_lookup')}) 'domain_lookup')})
def test_index(self): def test_index(self):
domain = self.domains.get(id="1") domain = self.domains.get(id="1")
filters = {}
api.keystone.tenant_list(IsA(http.HttpRequest), api.keystone.tenant_list(IsA(http.HttpRequest),
user=self.user.id, user=self.user.id,
paginate=True, paginate=True,
marker=None, marker=None,
filters=filters,
admin=False) \ admin=False) \
.AndReturn([self.tenants.list(), False]) .AndReturn([self.tenants.list(), False])
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id: api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:

6
openstack_dashboard/dashboards/identity/projects/views.py
View File

@ -78,9 +78,8 @@ class IndexView(tables.DataTableView):
tenants = [] tenants = []
marker = self.request.GET.get( marker = self.request.GET.get(
project_tables.TenantsTable._meta.pagination_param, None) project_tables.TenantsTable._meta.pagination_param, None)
self._more = False self._more = False
filters = self.get_filters()
if policy.check((("identity", "identity:list_projects"),), if policy.check((("identity", "identity:list_projects"),),
self.request): self.request):
domain_context = api.keystone.get_effective_domain_id(self.request) domain_context = api.keystone.get_effective_domain_id(self.request)
@ -89,6 +88,7 @@ class IndexView(tables.DataTableView):
self.request, self.request,
domain=domain_context, domain=domain_context,
paginate=True, paginate=True,
filters=filters,
marker=marker) marker=marker)
except Exception: except Exception:
exceptions.handle(self.request, exceptions.handle(self.request,
@ -101,6 +101,7 @@ class IndexView(tables.DataTableView):
user=self.request.user.id, user=self.request.user.id,
paginate=True, paginate=True,
marker=marker, marker=marker,
filters=filters,
admin=False) admin=False)
except Exception: except Exception:
exceptions.handle(self.request, exceptions.handle(self.request,
@ -114,6 +115,7 @@ class IndexView(tables.DataTableView):
domain_lookup = api.keystone.domain_lookup(self.request) domain_lookup = api.keystone.domain_lookup(self.request)
for t in tenants: for t in tenants:
t.domain_name = domain_lookup.get(t.domain_id) t.domain_name = domain_lookup.get(t.domain_id)
return tenants return tenants

8
openstack_dashboard/dashboards/identity/roles/tables.py
View File

@ -70,11 +70,9 @@ class DeleteRolesAction(tables.DeleteAction):
class RoleFilterAction(tables.FilterAction): class RoleFilterAction(tables.FilterAction):
def filter(self, table, roles, filter_string): filter_type = "server"
"""Naive case-insensitive search.""" filter_choices = (("name", _("Role Name ="), True),
q = filter_string.lower() ("id", _("Role ID ="), True))
return [role for role in roles
if q in role.name.lower()]
class RolesTable(tables.DataTable): class RolesTable(tables.DataTable):

16
openstack_dashboard/dashboards/identity/roles/tests.py
View File

@ -30,7 +30,11 @@ ROLES_UPDATE_URL = reverse('horizon:identity:roles:update', args=[1])
class RolesViewTests(test.BaseAdminViewTests): class RolesViewTests(test.BaseAdminViewTests):
@test.create_stubs({api.keystone: ('role_list',)}) @test.create_stubs({api.keystone: ('role_list',)})
def test_index(self): def test_index(self):
api.keystone.role_list(IgnoreArg()).AndReturn(self.roles.list()) filters = {}
api.keystone.role_list(IgnoreArg(),
filters=filters) \
.AndReturn(self.roles.list())
self.mox.ReplayAll() self.mox.ReplayAll()
@ -45,7 +49,11 @@ class RolesViewTests(test.BaseAdminViewTests):
@test.create_stubs({api.keystone: ('role_list', @test.create_stubs({api.keystone: ('role_list',
'keystone_can_edit_role', )}) 'keystone_can_edit_role', )})
def test_index_with_keystone_can_edit_role_false(self): def test_index_with_keystone_can_edit_role_false(self):
api.keystone.role_list(IgnoreArg()).AndReturn(self.roles.list()) filters = {}
api.keystone.role_list(IgnoreArg(),
filters=filters) \
.AndReturn(self.roles.list())
api.keystone.keystone_can_edit_role() \ api.keystone.keystone_can_edit_role() \
.MultipleTimes().AndReturn(False) .MultipleTimes().AndReturn(False)
self.mox.ReplayAll() self.mox.ReplayAll()
@ -97,8 +105,10 @@ class RolesViewTests(test.BaseAdminViewTests):
@test.create_stubs({api.keystone: ('role_list', 'role_delete')}) @test.create_stubs({api.keystone: ('role_list', 'role_delete')})
def test_delete(self): def test_delete(self):
role = self.roles.first() role = self.roles.first()
filters = {}
api.keystone.role_list(IsA(http.HttpRequest)) \ api.keystone.role_list(IsA(http.HttpRequest),
filters=filters) \
.AndReturn(self.roles.list()) .AndReturn(self.roles.list())
api.keystone.role_delete(IsA(http.HttpRequest), api.keystone.role_delete(IsA(http.HttpRequest),
role.id).AndReturn(None) role.id).AndReturn(None)

4
openstack_dashboard/dashboards/identity/roles/views.py
View File

@ -38,10 +38,12 @@ class IndexView(tables.DataTableView):
def get_data(self): def get_data(self):
roles = [] roles = []
filters = self.get_filters()
if policy.check((("identity", "identity:list_roles"),), if policy.check((("identity", "identity:list_roles"),),
self.request): self.request):
try: try:
roles = api.keystone.role_list(self.request) roles = api.keystone.role_list(self.request,
filters=filters)
except Exception: except Exception:
exceptions.handle(self.request, exceptions.handle(self.request,
_('Unable to retrieve roles list.')) _('Unable to retrieve roles list.'))

13
openstack_dashboard/dashboards/identity/users/tables.py
View File

@ -157,12 +157,13 @@ class DeleteUsersAction(policy.PolicyTargetMixin, tables.DeleteAction):
class UserFilterAction(tables.FilterAction): class UserFilterAction(tables.FilterAction):
def filter(self, table, users, filter_string): if api.keystone.VERSIONS.active < 3:
"""Naive case-insensitive search.""" filter_type = "query"
q = filter_string.lower() else:
return [user for user in users filter_type = "server"
if q in user.name.lower() filter_choices = (("name", _("User Name ="), True),
or q in (getattr(user, 'email', None) or '').lower()] ("id", _("User ID ="), True),
("enabled", _("Enabled ="), True, _('e.g. Yes/No')))
class UpdateRow(tables.Row): class UpdateRow(tables.Row):

40
openstack_dashboard/dashboards/identity/users/tests.py
View File

@ -60,12 +60,14 @@ class UsersViewTests(test.BaseAdminViewTests):
def test_index(self): def test_index(self):
domain = self._get_default_domain() domain = self._get_default_domain()
domain_id = domain.id domain_id = domain.id
filters = {}
users = self._get_users(domain_id) users = self._get_users(domain_id)
api.keystone.get_effective_domain_id(IgnoreArg()).AndReturn(domain_id) api.keystone.get_effective_domain_id(IgnoreArg()).AndReturn(domain_id)
api.keystone.user_list(IgnoreArg(), api.keystone.user_list(IgnoreArg(),
domain=domain_id).AndReturn(users) domain=domain_id,
filters=filters).AndReturn(users)
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id: api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:
domain.name}) domain.name})
@ -653,12 +655,16 @@ class UsersViewTests(test.BaseAdminViewTests):
def test_enable_user(self): def test_enable_user(self):
domain = self._get_default_domain() domain = self._get_default_domain()
domain_id = domain.id domain_id = domain.id
filters = {}
user = self.users.get(id="2") user = self.users.get(id="2")
users = self._get_users(domain_id) users = self._get_users(domain_id)
user.enabled = False user.enabled = False
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain) api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
api.keystone.user_list(IgnoreArg(), domain=domain_id).AndReturn(users) api.keystone.user_list(IgnoreArg(),
domain=domain_id,
filters=filters)\
.AndReturn(users)
api.keystone.user_update_enabled(IgnoreArg(), api.keystone.user_update_enabled(IgnoreArg(),
user.id, user.id,
True).AndReturn(user) True).AndReturn(user)
@ -679,13 +685,16 @@ class UsersViewTests(test.BaseAdminViewTests):
def test_disable_user(self): def test_disable_user(self):
domain = self._get_default_domain() domain = self._get_default_domain()
domain_id = domain.id domain_id = domain.id
filters = {}
user = self.users.get(id="2") user = self.users.get(id="2")
users = self._get_users(domain_id) users = self._get_users(domain_id)
self.assertTrue(user.enabled) self.assertTrue(user.enabled)
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain) api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
api.keystone.user_list(IgnoreArg(), domain=domain_id) \ api.keystone.user_list(IgnoreArg(),
domain=domain_id,
filters=filters)\
.AndReturn(users) .AndReturn(users)
api.keystone.user_update_enabled(IgnoreArg(), api.keystone.user_update_enabled(IgnoreArg(),
user.id, user.id,
@ -707,12 +716,15 @@ class UsersViewTests(test.BaseAdminViewTests):
def test_enable_disable_user_exception(self): def test_enable_disable_user_exception(self):
domain = self._get_default_domain() domain = self._get_default_domain()
domain_id = domain.id domain_id = domain.id
filters = {}
user = self.users.get(id="2") user = self.users.get(id="2")
users = self._get_users(domain_id) users = self._get_users(domain_id)
user.enabled = False user.enabled = False
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain) api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
api.keystone.user_list(IgnoreArg(), domain=domain_id) \ api.keystone.user_list(IgnoreArg(),
domain=domain_id,
filters=filters)\
.AndReturn(users) .AndReturn(users)
api.keystone.user_update_enabled(IgnoreArg(), user.id, True) \ api.keystone.user_update_enabled(IgnoreArg(), user.id, True) \
.AndRaise(self.exceptions.keystone) .AndRaise(self.exceptions.keystone)
@ -731,10 +743,13 @@ class UsersViewTests(test.BaseAdminViewTests):
def test_disabling_current_user(self): def test_disabling_current_user(self):
domain = self._get_default_domain() domain = self._get_default_domain()
domain_id = domain.id domain_id = domain.id
filters = {}
users = self._get_users(domain_id) users = self._get_users(domain_id)
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain) api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
for i in range(0, 2): for i in range(0, 2):
api.keystone.user_list(IgnoreArg(), domain=domain_id) \ api.keystone.user_list(IgnoreArg(),
domain=domain_id,
filters=filters) \
.AndReturn(users) .AndReturn(users)
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id: api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:
domain.name}) domain.name})
@ -754,6 +769,7 @@ class UsersViewTests(test.BaseAdminViewTests):
def test_disabling_current_user_domain_name(self): def test_disabling_current_user_domain_name(self):
domain = self._get_default_domain() domain = self._get_default_domain()
domains = self.domains.list() domains = self.domains.list()
filters = {}
domain_id = domain.id domain_id = domain.id
users = self._get_users(domain_id) users = self._get_users(domain_id)
domain_lookup = dict((d.id, d.name) for d in domains) domain_lookup = dict((d.id, d.name) for d in domains)
@ -764,7 +780,9 @@ class UsersViewTests(test.BaseAdminViewTests):
for i in range(0, 2): for i in range(0, 2):
api.keystone.domain_lookup(IgnoreArg()).AndReturn(domain_lookup) api.keystone.domain_lookup(IgnoreArg()).AndReturn(domain_lookup)
api.keystone.user_list(IgnoreArg(), domain=domain_id) \ api.keystone.user_list(IgnoreArg(),
domain=domain_id,
filters=filters) \
.AndReturn(users) .AndReturn(users)
self.mox.ReplayAll() self.mox.ReplayAll()
@ -782,10 +800,13 @@ class UsersViewTests(test.BaseAdminViewTests):
def test_delete_user_with_improper_permissions(self): def test_delete_user_with_improper_permissions(self):
domain = self._get_default_domain() domain = self._get_default_domain()
domain_id = domain.id domain_id = domain.id
filters = {}
users = self._get_users(domain_id) users = self._get_users(domain_id)
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain) api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
for i in range(0, 2): for i in range(0, 2):
api.keystone.user_list(IgnoreArg(), domain=domain_id) \ api.keystone.user_list(IgnoreArg(),
domain=domain_id,
filters=filters) \
.AndReturn(users) .AndReturn(users)
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id: api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:
domain.name}) domain.name})
@ -806,6 +827,7 @@ class UsersViewTests(test.BaseAdminViewTests):
domain = self._get_default_domain() domain = self._get_default_domain()
domains = self.domains.list() domains = self.domains.list()
domain_id = domain.id domain_id = domain.id
filters = {}
users = self._get_users(domain_id) users = self._get_users(domain_id)
domain_lookup = dict((d.id, d.name) for d in domains) domain_lookup = dict((d.id, d.name) for d in domains)
@ -814,7 +836,9 @@ class UsersViewTests(test.BaseAdminViewTests):
u.domain_name = domain_lookup.get(u.domain_id) u.domain_name = domain_lookup.get(u.domain_id)
for i in range(0, 2): for i in range(0, 2):
api.keystone.user_list(IgnoreArg(), domain=domain_id) \ api.keystone.user_list(IgnoreArg(),
domain=domain_id,
filters=filters) \
.AndReturn(users) .AndReturn(users)
api.keystone.domain_lookup(IgnoreArg()).AndReturn(domain_lookup) api.keystone.domain_lookup(IgnoreArg()).AndReturn(domain_lookup)

5
openstack_dashboard/dashboards/identity/users/views.py
View File

@ -51,13 +51,14 @@ class IndexView(tables.DataTableView):
def get_data(self): def get_data(self):
users = [] users = []
filters = self.get_filters()
if policy.check((("identity", "identity:list_users"),), if policy.check((("identity", "identity:list_users"),),
self.request): self.request):
domain_context = api.keystone.get_effective_domain_id(self.request) domain_context = api.keystone.get_effective_domain_id(self.request)
try: try:
users = api.keystone.user_list(self.request, users = api.keystone.user_list(self.request,
domain=domain_context) domain=domain_context,
filters=filters)
except Exception: except Exception:
exceptions.handle(self.request, exceptions.handle(self.request,
_('Unable to retrieve user list.')) _('Unable to retrieve user list.'))