From dc4dd4b81ba8ed62f0a530f3786fac0c3ab6d508 Mon Sep 17 00:00:00 2001 From: zouyee Date: Wed, 21 Oct 2015 00:06:07 +0800 Subject: [PATCH] Get user role without project id is not implemented The router for getting user's role without project id is defined for V2 API but not implemented so far, this change will make it explicitly show that this http request is not implemented. Co-Authored-By: Dave Chen Closes-Bug: #1507920 Change-Id: Iae710915a912558057b942d3ca62ab380ce26003 --- keystone/assignment/controllers.py | 5 +++++ keystone/tests/unit/test_v2.py | 8 ++++++++ 2 files changed, 13 insertions(+) diff --git a/keystone/assignment/controllers.py b/keystone/assignment/controllers.py index 0e513c7824..5ca48a78c1 100644 --- a/keystone/assignment/controllers.py +++ b/keystone/assignment/controllers.py @@ -138,6 +138,11 @@ class RoleAssignmentV2(controller.V2Controller): """ self.assert_admin(context) + # NOTE(davechen): Router without project id is defined, + # but we don't plan on implementing this. + if tenant_id is None: + raise exception.NotImplemented( + message=_('User roles not supported: tenant_id required')) roles = self.assignment_api.get_roles_for_user_and_project( user_id, tenant_id) return {'roles': [self.role_api.get_role(x) diff --git a/keystone/tests/unit/test_v2.py b/keystone/tests/unit/test_v2.py index 465c6b7a05..da85b25dce 100644 --- a/keystone/tests/unit/test_v2.py +++ b/keystone/tests/unit/test_v2.py @@ -273,6 +273,14 @@ class CoreApiTests(object): token=token) self.assertValidRoleListResponse(r) + def test_get_user_roles_without_tenant(self): + token = self.get_scoped_token() + self.admin_request( + path='/v2.0/users/%(user_id)s/roles' % { + 'user_id': self.user_foo['id'], + }, + token=token, expected_status=http_client.NOT_IMPLEMENTED) + def test_get_user(self): token = self.get_scoped_token() r = self.admin_request(