Server-side filtering for Identity
Implements server-side filtering in Identity->Projects Projects (Only V3 supports server filtering) Users (Only V3 supports server filtering) Groups Roles This filtering method allows a user to filter by several fields: - Name - UUID - Enabled Cannot implement filter by email ttps://review.openstack.org/#/c/110970/ Implements blueprint: server-side-filtering Co-Authored-By: Daniel Castellanos <luis.daniel.castellanos@intel.com> Change-Id: I37d6afdef84593e2779d21bec0c2f55e2794ab78
This commit is contained in:
parent
bff48543ba
commit
bc1fb4910b
@ -315,7 +315,7 @@ def tenant_list(request, paginate=False, marker=None, domain=None, user=None,
|
||||
admin=True, filters=None):
|
||||
manager = VERSIONS.get_project_manager(request, admin=admin)
|
||||
page_size = utils.get_page_size(request)
|
||||
|
||||
tenants = []
|
||||
limit = None
|
||||
if paginate:
|
||||
limit = page_size + 1
|
||||
@ -341,6 +341,14 @@ def tenant_list(request, paginate=False, marker=None, domain=None, user=None,
|
||||
}
|
||||
if filters is not None:
|
||||
kwargs.update(filters)
|
||||
if 'id' in kwargs:
|
||||
try:
|
||||
tenants = [tenant_get(request, kwargs['id'])]
|
||||
except keystone_exceptions.NotFound:
|
||||
tenants = []
|
||||
except Exception:
|
||||
exceptions.handle(request)
|
||||
else:
|
||||
tenants = manager.list(**kwargs)
|
||||
return tenants, has_more_data
|
||||
|
||||
@ -360,6 +368,7 @@ def tenant_update(request, project, name=None, description=None,
|
||||
|
||||
|
||||
def user_list(request, project=None, domain=None, group=None, filters=None):
|
||||
users = []
|
||||
if VERSIONS.active < 3:
|
||||
kwargs = {"tenant_id": project}
|
||||
else:
|
||||
@ -370,6 +379,12 @@ def user_list(request, project=None, domain=None, group=None, filters=None):
|
||||
}
|
||||
if filters is not None:
|
||||
kwargs.update(filters)
|
||||
if 'id' in kwargs:
|
||||
try:
|
||||
users = [user_get(request, kwargs['id'])]
|
||||
except keystone_exceptions.NotFound:
|
||||
raise exceptions.NotFound()
|
||||
else:
|
||||
users = keystoneclient(request, admin=True).users.list(**kwargs)
|
||||
return [VERSIONS.upgrade_v2_user(user) for user in users]
|
||||
|
||||
@ -523,9 +538,23 @@ def group_delete(request, group_id):
|
||||
return manager.delete(group_id)
|
||||
|
||||
|
||||
def group_list(request, domain=None, project=None, user=None):
|
||||
def group_list(request, domain=None, project=None, user=None, filters=None):
|
||||
manager = keystoneclient(request, admin=True).groups
|
||||
groups = manager.list(user=user, domain=domain)
|
||||
groups = []
|
||||
kwargs = {
|
||||
"domain": domain,
|
||||
"user": user,
|
||||
"name": None
|
||||
}
|
||||
if filters is not None:
|
||||
kwargs.update(filters)
|
||||
if 'id' in kwargs:
|
||||
try:
|
||||
groups = [manager.get(kwargs['id'])]
|
||||
except keystone_exceptions.NotFound:
|
||||
raise exceptions.NotFound()
|
||||
else:
|
||||
groups = manager.list(**kwargs)
|
||||
|
||||
if project:
|
||||
project_groups = []
|
||||
@ -534,7 +563,6 @@ def group_list(request, domain=None, project=None, user=None):
|
||||
if roles and len(roles) > 0:
|
||||
project_groups.append(group)
|
||||
groups = project_groups
|
||||
|
||||
return groups
|
||||
|
||||
|
||||
@ -619,9 +647,23 @@ def role_delete(request, role_id):
|
||||
return manager.delete(role_id)
|
||||
|
||||
|
||||
def role_list(request):
|
||||
def role_list(request, filters=None):
|
||||
"""Returns a global list of available roles."""
|
||||
return keystoneclient(request, admin=True).roles.list()
|
||||
manager = keystoneclient(request, admin=True).roles
|
||||
roles = []
|
||||
kwargs = {}
|
||||
if filters is not None:
|
||||
kwargs.update(filters)
|
||||
if 'id' in kwargs:
|
||||
try:
|
||||
roles = [manager.get(kwargs['id'])]
|
||||
except keystone_exceptions.NotFound:
|
||||
roles = []
|
||||
except Exception:
|
||||
exceptions.handle(request)
|
||||
else:
|
||||
roles = manager.list(**kwargs)
|
||||
return roles
|
||||
|
||||
|
||||
def roles_for_user(request, user, project=None, domain=None):
|
||||
|
@ -100,16 +100,9 @@ class ManageUsersLink(tables.LinkAction):
|
||||
|
||||
|
||||
class GroupFilterAction(tables.FilterAction):
|
||||
def filter(self, table, groups, filter_string):
|
||||
"""Naive case-insensitive search."""
|
||||
q = filter_string.lower()
|
||||
|
||||
def comp(group):
|
||||
if q in group.name.lower():
|
||||
return True
|
||||
return False
|
||||
|
||||
return filter(comp, groups)
|
||||
filter_type = "server"
|
||||
filter_choices = (("name", _("Group Name ="), True),
|
||||
("id", _("Group ID ="), True))
|
||||
|
||||
|
||||
class GroupsTable(tables.DataTable):
|
||||
|
@ -48,10 +48,12 @@ class GroupsViewTests(test.BaseAdminViewTests):
|
||||
def test_index(self):
|
||||
domain_id = self._get_domain_id()
|
||||
groups = self._get_groups(domain_id)
|
||||
|
||||
filters = {}
|
||||
domain = self.domains.get(id="1")
|
||||
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
|
||||
api.keystone.group_list(IgnoreArg(), domain=domain_id) \
|
||||
api.keystone.group_list(IgnoreArg(),
|
||||
domain=domain_id,
|
||||
filters=filters) \
|
||||
.AndReturn(groups)
|
||||
|
||||
self.mox.ReplayAll()
|
||||
@ -72,7 +74,7 @@ class GroupsViewTests(test.BaseAdminViewTests):
|
||||
'get_effective_domain_id')})
|
||||
def test_index_with_domain(self):
|
||||
domain = self.domains.get(id="1")
|
||||
|
||||
filters = {}
|
||||
self.setSessionValues(domain_context=domain.id,
|
||||
domain_context_name=domain.name)
|
||||
groups = self._get_groups(domain.id)
|
||||
@ -80,7 +82,8 @@ class GroupsViewTests(test.BaseAdminViewTests):
|
||||
api.keystone.get_effective_domain_id(IgnoreArg()).AndReturn(domain.id)
|
||||
|
||||
api.keystone.group_list(IsA(http.HttpRequest),
|
||||
domain=domain.id).AndReturn(groups)
|
||||
domain=domain.id,
|
||||
filters=filters).AndReturn(groups)
|
||||
|
||||
self.mox.ReplayAll()
|
||||
|
||||
@ -103,8 +106,11 @@ class GroupsViewTests(test.BaseAdminViewTests):
|
||||
domain_id = self._get_domain_id()
|
||||
groups = self._get_groups(domain_id)
|
||||
domain = self.domains.get(id="1")
|
||||
filters = {}
|
||||
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
|
||||
api.keystone.group_list(IgnoreArg(), domain=domain_id) \
|
||||
api.keystone.group_list(IgnoreArg(),
|
||||
domain=domain_id,
|
||||
filters=filters) \
|
||||
.AndReturn(groups)
|
||||
api.keystone.keystone_can_edit_group() \
|
||||
.MultipleTimes().AndReturn(False)
|
||||
@ -195,11 +201,14 @@ class GroupsViewTests(test.BaseAdminViewTests):
|
||||
'group_delete')})
|
||||
def test_delete_group(self):
|
||||
domain_id = self._get_domain_id()
|
||||
filters = {}
|
||||
group = self.groups.get(id="2")
|
||||
|
||||
domain = self.domains.get(id="1")
|
||||
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
|
||||
api.keystone.group_list(IgnoreArg(), domain=domain_id) \
|
||||
api.keystone.group_list(IgnoreArg(),
|
||||
domain=domain_id,
|
||||
filters=filters) \
|
||||
.AndReturn(self.groups.list())
|
||||
api.keystone.group_delete(IgnoreArg(), group.id)
|
||||
|
||||
|
@ -40,12 +40,13 @@ class IndexView(tables.DataTableView):
|
||||
def get_data(self):
|
||||
groups = []
|
||||
domain_id = api.keystone.get_effective_domain_id(self.request)
|
||||
|
||||
filters = self.get_filters()
|
||||
if policy.check((("identity", "identity:list_groups"),),
|
||||
self.request):
|
||||
try:
|
||||
groups = api.keystone.group_list(self.request,
|
||||
domain=domain_id)
|
||||
domain=domain_id,
|
||||
filters=filters)
|
||||
except Exception:
|
||||
exceptions.handle(self.request,
|
||||
_('Unable to retrieve group list.'))
|
||||
|
@ -198,17 +198,13 @@ class DeleteTenantsAction(policy.PolicyTargetMixin, tables.DeleteAction):
|
||||
|
||||
|
||||
class TenantFilterAction(tables.FilterAction):
|
||||
def filter(self, table, tenants, filter_string):
|
||||
"""Really naive case-insensitive search."""
|
||||
# FIXME(gabriel): This should be smarter. Written for demo purposes.
|
||||
q = filter_string.lower()
|
||||
|
||||
def comp(tenant):
|
||||
if q in tenant.name.lower():
|
||||
return True
|
||||
return False
|
||||
|
||||
return filter(comp, tenants)
|
||||
if api.keystone.VERSIONS.active < 3:
|
||||
filter_type = "query"
|
||||
else:
|
||||
filter_type = "server"
|
||||
filter_choices = (('name', _("Project Name ="), True),
|
||||
('id', _("Project ID ="), True),
|
||||
('enabled', _("Enabled ="), True, _('e.g. Yes/No')))
|
||||
|
||||
|
||||
class UpdateRow(tables.Row):
|
||||
|
@ -48,10 +48,12 @@ class TenantsViewTests(test.BaseAdminViewTests):
|
||||
quotas: ('enabled_quotas',)})
|
||||
def test_index(self):
|
||||
domain = self.domains.get(id="1")
|
||||
filters = {}
|
||||
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
|
||||
api.keystone.tenant_list(IsA(http.HttpRequest),
|
||||
domain=None,
|
||||
paginate=True,
|
||||
filters=filters,
|
||||
marker=None) \
|
||||
.AndReturn([self.tenants.list(), False])
|
||||
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:
|
||||
@ -70,7 +72,7 @@ class TenantsViewTests(test.BaseAdminViewTests):
|
||||
quotas: ('enabled_quotas',)})
|
||||
def test_index_with_domain_context(self):
|
||||
domain = self.domains.get(id="1")
|
||||
|
||||
filters = {}
|
||||
self.setSessionValues(domain_context=domain.id,
|
||||
domain_context_name=domain.name)
|
||||
|
||||
@ -82,7 +84,8 @@ class TenantsViewTests(test.BaseAdminViewTests):
|
||||
api.keystone.tenant_list(IsA(http.HttpRequest),
|
||||
domain=domain.id,
|
||||
paginate=True,
|
||||
marker=None) \
|
||||
marker=None,
|
||||
filters=filters) \
|
||||
.AndReturn([domain_tenants, False])
|
||||
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:
|
||||
domain.name})
|
||||
@ -101,10 +104,12 @@ class ProjectsViewNonAdminTests(test.TestCase):
|
||||
'domain_lookup')})
|
||||
def test_index(self):
|
||||
domain = self.domains.get(id="1")
|
||||
filters = {}
|
||||
api.keystone.tenant_list(IsA(http.HttpRequest),
|
||||
user=self.user.id,
|
||||
paginate=True,
|
||||
marker=None,
|
||||
filters=filters,
|
||||
admin=False) \
|
||||
.AndReturn([self.tenants.list(), False])
|
||||
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:
|
||||
|
@ -78,9 +78,8 @@ class IndexView(tables.DataTableView):
|
||||
tenants = []
|
||||
marker = self.request.GET.get(
|
||||
project_tables.TenantsTable._meta.pagination_param, None)
|
||||
|
||||
self._more = False
|
||||
|
||||
filters = self.get_filters()
|
||||
if policy.check((("identity", "identity:list_projects"),),
|
||||
self.request):
|
||||
domain_context = api.keystone.get_effective_domain_id(self.request)
|
||||
@ -89,6 +88,7 @@ class IndexView(tables.DataTableView):
|
||||
self.request,
|
||||
domain=domain_context,
|
||||
paginate=True,
|
||||
filters=filters,
|
||||
marker=marker)
|
||||
except Exception:
|
||||
exceptions.handle(self.request,
|
||||
@ -101,6 +101,7 @@ class IndexView(tables.DataTableView):
|
||||
user=self.request.user.id,
|
||||
paginate=True,
|
||||
marker=marker,
|
||||
filters=filters,
|
||||
admin=False)
|
||||
except Exception:
|
||||
exceptions.handle(self.request,
|
||||
@ -114,6 +115,7 @@ class IndexView(tables.DataTableView):
|
||||
domain_lookup = api.keystone.domain_lookup(self.request)
|
||||
for t in tenants:
|
||||
t.domain_name = domain_lookup.get(t.domain_id)
|
||||
|
||||
return tenants
|
||||
|
||||
|
||||
|
@ -70,11 +70,9 @@ class DeleteRolesAction(tables.DeleteAction):
|
||||
|
||||
|
||||
class RoleFilterAction(tables.FilterAction):
|
||||
def filter(self, table, roles, filter_string):
|
||||
"""Naive case-insensitive search."""
|
||||
q = filter_string.lower()
|
||||
return [role for role in roles
|
||||
if q in role.name.lower()]
|
||||
filter_type = "server"
|
||||
filter_choices = (("name", _("Role Name ="), True),
|
||||
("id", _("Role ID ="), True))
|
||||
|
||||
|
||||
class RolesTable(tables.DataTable):
|
||||
|
@ -30,7 +30,11 @@ ROLES_UPDATE_URL = reverse('horizon:identity:roles:update', args=[1])
|
||||
class RolesViewTests(test.BaseAdminViewTests):
|
||||
@test.create_stubs({api.keystone: ('role_list',)})
|
||||
def test_index(self):
|
||||
api.keystone.role_list(IgnoreArg()).AndReturn(self.roles.list())
|
||||
filters = {}
|
||||
|
||||
api.keystone.role_list(IgnoreArg(),
|
||||
filters=filters) \
|
||||
.AndReturn(self.roles.list())
|
||||
|
||||
self.mox.ReplayAll()
|
||||
|
||||
@ -45,7 +49,11 @@ class RolesViewTests(test.BaseAdminViewTests):
|
||||
@test.create_stubs({api.keystone: ('role_list',
|
||||
'keystone_can_edit_role', )})
|
||||
def test_index_with_keystone_can_edit_role_false(self):
|
||||
api.keystone.role_list(IgnoreArg()).AndReturn(self.roles.list())
|
||||
filters = {}
|
||||
|
||||
api.keystone.role_list(IgnoreArg(),
|
||||
filters=filters) \
|
||||
.AndReturn(self.roles.list())
|
||||
api.keystone.keystone_can_edit_role() \
|
||||
.MultipleTimes().AndReturn(False)
|
||||
self.mox.ReplayAll()
|
||||
@ -97,8 +105,10 @@ class RolesViewTests(test.BaseAdminViewTests):
|
||||
@test.create_stubs({api.keystone: ('role_list', 'role_delete')})
|
||||
def test_delete(self):
|
||||
role = self.roles.first()
|
||||
filters = {}
|
||||
|
||||
api.keystone.role_list(IsA(http.HttpRequest)) \
|
||||
api.keystone.role_list(IsA(http.HttpRequest),
|
||||
filters=filters) \
|
||||
.AndReturn(self.roles.list())
|
||||
api.keystone.role_delete(IsA(http.HttpRequest),
|
||||
role.id).AndReturn(None)
|
||||
|
@ -38,10 +38,12 @@ class IndexView(tables.DataTableView):
|
||||
|
||||
def get_data(self):
|
||||
roles = []
|
||||
filters = self.get_filters()
|
||||
if policy.check((("identity", "identity:list_roles"),),
|
||||
self.request):
|
||||
try:
|
||||
roles = api.keystone.role_list(self.request)
|
||||
roles = api.keystone.role_list(self.request,
|
||||
filters=filters)
|
||||
except Exception:
|
||||
exceptions.handle(self.request,
|
||||
_('Unable to retrieve roles list.'))
|
||||
|
@ -157,12 +157,13 @@ class DeleteUsersAction(policy.PolicyTargetMixin, tables.DeleteAction):
|
||||
|
||||
|
||||
class UserFilterAction(tables.FilterAction):
|
||||
def filter(self, table, users, filter_string):
|
||||
"""Naive case-insensitive search."""
|
||||
q = filter_string.lower()
|
||||
return [user for user in users
|
||||
if q in user.name.lower()
|
||||
or q in (getattr(user, 'email', None) or '').lower()]
|
||||
if api.keystone.VERSIONS.active < 3:
|
||||
filter_type = "query"
|
||||
else:
|
||||
filter_type = "server"
|
||||
filter_choices = (("name", _("User Name ="), True),
|
||||
("id", _("User ID ="), True),
|
||||
("enabled", _("Enabled ="), True, _('e.g. Yes/No')))
|
||||
|
||||
|
||||
class UpdateRow(tables.Row):
|
||||
|
@ -60,12 +60,14 @@ class UsersViewTests(test.BaseAdminViewTests):
|
||||
def test_index(self):
|
||||
domain = self._get_default_domain()
|
||||
domain_id = domain.id
|
||||
filters = {}
|
||||
users = self._get_users(domain_id)
|
||||
|
||||
api.keystone.get_effective_domain_id(IgnoreArg()).AndReturn(domain_id)
|
||||
|
||||
api.keystone.user_list(IgnoreArg(),
|
||||
domain=domain_id).AndReturn(users)
|
||||
domain=domain_id,
|
||||
filters=filters).AndReturn(users)
|
||||
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:
|
||||
domain.name})
|
||||
|
||||
@ -653,12 +655,16 @@ class UsersViewTests(test.BaseAdminViewTests):
|
||||
def test_enable_user(self):
|
||||
domain = self._get_default_domain()
|
||||
domain_id = domain.id
|
||||
filters = {}
|
||||
user = self.users.get(id="2")
|
||||
users = self._get_users(domain_id)
|
||||
user.enabled = False
|
||||
|
||||
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
|
||||
api.keystone.user_list(IgnoreArg(), domain=domain_id).AndReturn(users)
|
||||
api.keystone.user_list(IgnoreArg(),
|
||||
domain=domain_id,
|
||||
filters=filters)\
|
||||
.AndReturn(users)
|
||||
api.keystone.user_update_enabled(IgnoreArg(),
|
||||
user.id,
|
||||
True).AndReturn(user)
|
||||
@ -679,13 +685,16 @@ class UsersViewTests(test.BaseAdminViewTests):
|
||||
def test_disable_user(self):
|
||||
domain = self._get_default_domain()
|
||||
domain_id = domain.id
|
||||
filters = {}
|
||||
user = self.users.get(id="2")
|
||||
users = self._get_users(domain_id)
|
||||
|
||||
self.assertTrue(user.enabled)
|
||||
|
||||
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
|
||||
api.keystone.user_list(IgnoreArg(), domain=domain_id) \
|
||||
api.keystone.user_list(IgnoreArg(),
|
||||
domain=domain_id,
|
||||
filters=filters)\
|
||||
.AndReturn(users)
|
||||
api.keystone.user_update_enabled(IgnoreArg(),
|
||||
user.id,
|
||||
@ -707,12 +716,15 @@ class UsersViewTests(test.BaseAdminViewTests):
|
||||
def test_enable_disable_user_exception(self):
|
||||
domain = self._get_default_domain()
|
||||
domain_id = domain.id
|
||||
filters = {}
|
||||
user = self.users.get(id="2")
|
||||
users = self._get_users(domain_id)
|
||||
user.enabled = False
|
||||
|
||||
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
|
||||
api.keystone.user_list(IgnoreArg(), domain=domain_id) \
|
||||
api.keystone.user_list(IgnoreArg(),
|
||||
domain=domain_id,
|
||||
filters=filters)\
|
||||
.AndReturn(users)
|
||||
api.keystone.user_update_enabled(IgnoreArg(), user.id, True) \
|
||||
.AndRaise(self.exceptions.keystone)
|
||||
@ -731,10 +743,13 @@ class UsersViewTests(test.BaseAdminViewTests):
|
||||
def test_disabling_current_user(self):
|
||||
domain = self._get_default_domain()
|
||||
domain_id = domain.id
|
||||
filters = {}
|
||||
users = self._get_users(domain_id)
|
||||
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
|
||||
for i in range(0, 2):
|
||||
api.keystone.user_list(IgnoreArg(), domain=domain_id) \
|
||||
api.keystone.user_list(IgnoreArg(),
|
||||
domain=domain_id,
|
||||
filters=filters) \
|
||||
.AndReturn(users)
|
||||
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:
|
||||
domain.name})
|
||||
@ -754,6 +769,7 @@ class UsersViewTests(test.BaseAdminViewTests):
|
||||
def test_disabling_current_user_domain_name(self):
|
||||
domain = self._get_default_domain()
|
||||
domains = self.domains.list()
|
||||
filters = {}
|
||||
domain_id = domain.id
|
||||
users = self._get_users(domain_id)
|
||||
domain_lookup = dict((d.id, d.name) for d in domains)
|
||||
@ -764,7 +780,9 @@ class UsersViewTests(test.BaseAdminViewTests):
|
||||
|
||||
for i in range(0, 2):
|
||||
api.keystone.domain_lookup(IgnoreArg()).AndReturn(domain_lookup)
|
||||
api.keystone.user_list(IgnoreArg(), domain=domain_id) \
|
||||
api.keystone.user_list(IgnoreArg(),
|
||||
domain=domain_id,
|
||||
filters=filters) \
|
||||
.AndReturn(users)
|
||||
|
||||
self.mox.ReplayAll()
|
||||
@ -782,10 +800,13 @@ class UsersViewTests(test.BaseAdminViewTests):
|
||||
def test_delete_user_with_improper_permissions(self):
|
||||
domain = self._get_default_domain()
|
||||
domain_id = domain.id
|
||||
filters = {}
|
||||
users = self._get_users(domain_id)
|
||||
api.keystone.domain_get(IsA(http.HttpRequest), '1').AndReturn(domain)
|
||||
for i in range(0, 2):
|
||||
api.keystone.user_list(IgnoreArg(), domain=domain_id) \
|
||||
api.keystone.user_list(IgnoreArg(),
|
||||
domain=domain_id,
|
||||
filters=filters) \
|
||||
.AndReturn(users)
|
||||
api.keystone.domain_lookup(IgnoreArg()).AndReturn({domain.id:
|
||||
domain.name})
|
||||
@ -806,6 +827,7 @@ class UsersViewTests(test.BaseAdminViewTests):
|
||||
domain = self._get_default_domain()
|
||||
domains = self.domains.list()
|
||||
domain_id = domain.id
|
||||
filters = {}
|
||||
users = self._get_users(domain_id)
|
||||
domain_lookup = dict((d.id, d.name) for d in domains)
|
||||
|
||||
@ -814,7 +836,9 @@ class UsersViewTests(test.BaseAdminViewTests):
|
||||
u.domain_name = domain_lookup.get(u.domain_id)
|
||||
|
||||
for i in range(0, 2):
|
||||
api.keystone.user_list(IgnoreArg(), domain=domain_id) \
|
||||
api.keystone.user_list(IgnoreArg(),
|
||||
domain=domain_id,
|
||||
filters=filters) \
|
||||
.AndReturn(users)
|
||||
api.keystone.domain_lookup(IgnoreArg()).AndReturn(domain_lookup)
|
||||
|
||||
|
@ -51,13 +51,14 @@ class IndexView(tables.DataTableView):
|
||||
|
||||
def get_data(self):
|
||||
users = []
|
||||
|
||||
filters = self.get_filters()
|
||||
if policy.check((("identity", "identity:list_users"),),
|
||||
self.request):
|
||||
domain_context = api.keystone.get_effective_domain_id(self.request)
|
||||
try:
|
||||
users = api.keystone.user_list(self.request,
|
||||
domain=domain_context)
|
||||
domain=domain_context,
|
||||
filters=filters)
|
||||
except Exception:
|
||||
exceptions.handle(self.request,
|
||||
_('Unable to retrieve user list.'))
|
||||
|
Loading…
Reference in New Issue
Block a user