identity: Fix filtering endpoints by project with domain

We were incorrectly passing domain_id as a positional argument, causing it to get picked up as the ignore_missing argument instead. Correct this, fixing another bug where the look of projects or domains could be forbidden by policy, in the process. The latter is unlikely to happen, given endpoint lookup is typically an admin-only operation, but it's better to be safe. Change-Id: Idd3300040967d781b7743accd62298cb24c62872 Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
2025-11-14 11:47:15 +00:00
parent db2c1a5e2b
commit a5e4d5f0fa
1 changed files with 17 additions and 6 deletions
--- a/openstackclient/identity/v3/endpoint.py
+++ b/openstackclient/identity/v3/endpoint.py
@@ -231,11 +231,22 @@ class ListEndpoint(command.Lister):
        endpoint = None
        if parsed_args.endpoint:
            endpoint = identity_client.find_endpoint(parsed_args.endpoint)
-        project = None
+
+        project_domain_id = None
+        if parsed_args.project_domain:
+            project_domain_id = common._find_sdk_id(
+                identity_client.find_domain,
+                name_or_id=parsed_args.project_domain,
+            )
+
+        project_id = None
        if parsed_args.project:
-            project = identity_client.find_project(
-                parsed_args.project,
-                parsed_args.project_domain,
+            project_id = common._find_sdk_id(
+                identity_client.find_project,
+                name_or_id=common._get_token_resource(
+                    identity_client, 'project', parsed_args.project
+                ),
+                domain_id=project_domain_id,
            )

        if endpoint:
@@ -273,9 +284,9 @@ class ListEndpoint(command.Lister):
                region = identity_client.get_region(parsed_args.region)
                kwargs['region_id'] = region.id

-            if project:
+            if project_id:
                data = list(
-                    identity_client.project_endpoints(project=project.id)
+                    identity_client.project_endpoints(project=project_id)
                )
            else:
                data = list(identity_client.endpoints(**kwargs))