openstack/python-keystoneclient
Code Issues Proposed changes

Support creation of domain specific roles

Browse Source 
Add support for the domain_id attribute in the role entity.

Partially Implements: blueprint domain-specific-roles
Change-Id: I06af7647e15aa742609b3fe1b9b222fbeaeb5735
This commit is contained in:
Henry Nash
2016-02-18 19:24:44 +00:00
parent 9097481e81
commit 0d86209565
2 changed files with 33 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
keystoneclient/tests/unit/v3/test_roles.py
View File

@@ -33,6 +33,32 @@ class RoleTests(utils.ClientTestCase, utils.CrudTests):
kwargs.setdefault('name', uuid.uuid4().hex)
return kwargs
def _new_domain_ref(self, **kwargs):
kwargs.setdefault('enabled', True)
kwargs.setdefault('name', uuid.uuid4().hex)
return kwargs
def test_create_with_domain_id(self):
ref = self.new_ref()
ref['domain_id'] = uuid.uuid4().hex
self.test_create(ref=ref)
def test_create_with_domain(self):
ref = self.new_ref()
domain_ref = self._new_domain_ref()
domain_ref['id'] = uuid.uuid4().hex
ref['domain_id'] = domain_ref['id']
self.stub_entity('POST', entity=ref, status_code=201)
returned = self.manager.create(name=ref['name'],
domain=domain_ref)
self.assertIsInstance(returned, self.model)
for attr in ref:
self.assertEqual(
getattr(returned, attr),
ref[attr],
'Expected different %s' % attr)
def test_domain_role_grant(self):
user_id = uuid.uuid4().hex
domain_id = uuid.uuid4().hex

8
keystoneclient/v3/roles.py
View File

@@ -27,6 +27,7 @@ class Role(base.Resource):
Attributes:
* id: a uuid that identifies the role
* name: user-facing identifier
* domain: optional domain for the role
"""
pass
@@ -91,9 +92,14 @@ class RoleManager(base.CrudManager):
raise exceptions.ValidationError(msg)
@positional(1, enforcement=positional.WARN)
def create(self, name, **kwargs):
def create(self, name, domain=None, **kwargs):
domain_id = None
if domain:
domain_id = base.getid(domain)
return super(RoleManager, self).create(
name=name,
domain_id=domain_id,
**kwargs)
def _implied_role_url_tail(self, prior_role, implied_role):