From c756f2dab3fc31d3c120c92fb8a49d02a6e0bca1 Mon Sep 17 00:00:00 2001 From: henriquetruta Date: Thu, 19 Feb 2015 11:43:16 -0300 Subject: [PATCH] Creating parameter to list inherited role assignments This change adds the 'os_inherit_extension_inherited_to' parameter when calling the list role assignment method. It adds the following query to the URL: http://host:35357/v3/role_assignments?scope.OS-INHERIT:inherited_to=projects Co-Authored-By: Raildo Mascena Change-Id: I9bfeecf4ae9da6a0d232f0cff80af64a16ec0829 Closes-bug: 1367868 --- .../tests/unit/v3/test_role_assignments.py | 15 +++++++++++++++ keystoneclient/v3/role_assignments.py | 8 +++++++- 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/keystoneclient/tests/unit/v3/test_role_assignments.py b/keystoneclient/tests/unit/v3/test_role_assignments.py index 1a664c966..79d2585df 100644 --- a/keystoneclient/tests/unit/v3/test_role_assignments.py +++ b/keystoneclient/tests/unit/v3/test_role_assignments.py @@ -177,6 +177,21 @@ class RoleAssignmentsTests(utils.TestCase, utils.CrudTests): kwargs = {'role.id': self.TEST_ROLE_ID} self.assertQueryStringContains(**kwargs) + def test_role_assignments_inherited_list(self): + ref_list = self.TEST_ALL_RESPONSE_LIST + self.stub_entity('GET', + [self.collection_key, + '?scope.OS-INHERIT:inherited_to=projects'], + entity=ref_list + ) + + returned_list = self.manager.list( + os_inherit_extension_inherited_to='projects') + self._assert_returned_list(ref_list, returned_list) + + query_string = 'scope.OS-INHERIT:inherited_to=projects' + self.assertQueryStringIs(query_string) + def test_domain_and_project_list(self): # Should only accept either domain or project, never both self.assertRaises(exceptions.ValidationError, diff --git a/keystoneclient/v3/role_assignments.py b/keystoneclient/v3/role_assignments.py index 6518e4392..d71f9eb11 100644 --- a/keystoneclient/v3/role_assignments.py +++ b/keystoneclient/v3/role_assignments.py @@ -47,7 +47,7 @@ class RoleAssignmentManager(base.CrudManager): raise exceptions.ValidationError(msg) def list(self, user=None, group=None, project=None, domain=None, role=None, - effective=False): + effective=False, os_inherit_extension_inherited_to=None): """Lists role assignments. If no arguments are provided, all role assignments in the @@ -66,6 +66,9 @@ class RoleAssignmentManager(base.CrudManager): :param role: Role to be used as query filter. (optional) :param boolean effective: return effective role assignments. (optional) + :param string os_inherit_extension_inherited_to: + return inherited role assignments for either 'projects' or + 'domains'. (optional) """ self._check_not_user_and_group(user, group) @@ -84,6 +87,9 @@ class RoleAssignmentManager(base.CrudManager): query_params['role.id'] = base.getid(role) if effective: query_params['effective'] = effective + if os_inherit_extension_inherited_to: + query_params['scope.OS-INHERIT:inherited_to'] = ( + os_inherit_extension_inherited_to) return super(RoleAssignmentManager, self).list(**query_params)