1. As mentioned in [1], we should avoid using six.iteritems to achieve
iterators. We can use dict.items instead, as it will return iterators
in PY3 as well. And dict.items/keys will more readable.
2. In py2, the performance about list should be negligible,
see the link [2].
[1] https://wiki.openstack.org/wiki/Python3
[2] http://lists.openstack.org/pipermail/openstack-dev/2015-June/066391.html
Co-Authored-By: Akihiro Motoki <amotoki@gmail.com>
Change-Id: I4b9edb326444264c0f6c4ad281acaac356a07e85
Implements: blueprint replace-iteritems-with-items
This is a followup to https://review.openstack.org/#/c/541609/ that
changes most outstanding direct uses of sys.stdout to use the encoded
stdout set up by cliff.
Change-Id: I07cfc418385fc787d3b7d3c32d39676cf81bb91f
Similar delete commands in OSC, we can also support add/remove
multi users for one specified group, this review implement it.
Change-Id: I8ccf99d4ee83a18778fa3ff5c0a42bc7c6ff21fb
Implements: bp support-multi-add-remove
When checking whether a given user is in a given group, keystone will
return a 404 Not Found if all went well but the user was not in the
group. It may also return a 403 if the user and the group are in
different backends, which would also mean that the user was not in the
group[1]. Any other 400 response is a client error and any 500 response
is a server error to which the user should be alerted.
Without this patch, openstackclient treats any exception as a valid "not
found" and may end up hiding server errors. This patch reduces the
caught exceptions to 403 and 404 responses and treats everything else as
an error.
[1] https://developer.openstack.org/api-ref/identity/v3/?expanded=check-whether-user-belongs-to-group-detail#check-whether-user-belongs-to-group
Closes-bug: #1672634
Change-Id: Id3f3b2409b7cee480ee3c19b6d6c3070599ffe8f
if command failed, we usually raise exception,
if command success, sometimes there is not any
output (such as set, add commands)
So modify the error handling for role and group
commands.
Change-Id: I1c0f86c04dcedd9c0d725fd73f3436be9da75ee0
Add missing multi deletion error handling for
identity delete commands.
All delete commands in identity support
error handling now.
Change-Id: I05626dcb5e516a423d610906347b02236ba7eeaf
Leverage the new cliff command class attribute (_description)
to get the help of a command, this allows us to mark strings
for translation. We could not do this before since the help
was grabbed from the docstring.
This also depends on a new release of cliff and a bump to the
minimum level in osc's requirements.
Closes-Bug: 1636209
Depends-On: Id915f6aa7d95a0ff3dc6e2ceaac5decb3f3bf0da
Change-Id: I8673080bb5625e8e3c499feaefd42dfc7121e96f
When an exception was caught and rethrown,
it should call 'raise' without any arguments
because it shows the place where an exception
occured initially instead of place where the exception re-raised.
Change-Id: I5fb6dea5da7fb6e1e2b339a713c7d37f8c99e407
Use file logger for all command specific logs.
This patch also fixes some usage that doesn't
follow rules in:
http://docs.openstack.org/developer/oslo.i18n/guidelines.html
After this patch, all self.log and self.app.log
will be standardized to LOG().
NOTE: In shell.py, we got the log in class OpenStackShell,
which is also known as self.app.log in other classes.
This logger is used to record non-command-specific logs.
So we leave it as-is.
Change-Id: I114f73ee6c7e84593d71e724bc1ad00d343c1896
Implements: blueprint log-usage
command.Command and command.Showone are base classes implemented
in cliff framework. Showone extends Command to allow take_action()
to return data to be formatted using a user-selectable formatter.
Most of the classes which are extended from Command in
openstackclient/identity/v3/ in some cases return data or return
nothing where it is not necessary, this commit fixes most of them.
Change-Id: I84c72ea4d6680f8bdbef5449316dd9a8af8c8286
Closes-Bug: 1550892
Previously each command logs take_action parameters explicitly
by using @utils.log_method decorator or log.debug().
Some commands have no logging.
This commit calls a logger in the base class and
drops all logging definition from individual commands.
Closes-Bug: #1532294
Change-Id: I43cd0290a4353c68c075bade9571c940733da1be
* Change session imports to keystoneauth1
* Change keystoneclient.exception imports to keystoneauth1
* Change exceptions raised from internal API from keystoneclient to openstack.common
Change-Id: I046d89f561d6fe04baae53726f9749d2e7fe2056
Instead of duplicating the same log statement throughout
the code, the same logic can be provided by a shared decorator
that abstracts away the logging capability and unifies it behind
a common function instead.
Change-Id: Icc63bced7347c8bbf0299a4c5821425a10892a79
Many of the commands for the group and role resources were lacking an
option to specify the specific domain groups, projects or users belong
to. This commit fixes that.
Change-Id: I461d2bcfd01ad2dea970de38ec7ad6f4a631ceb1
Closes-bug: #1446546
In several places we had else branches where a reasonable default
would do the job. This makes the code a mean cleaer and easier to
read.
Change-Id: I231e09aab85fd32b8300bc33c48d0899b728b96e
Similar to projects, we shouldn't allow users and groups to
change domains. The server side tosses up an error but osc
should restrict that behaviour in the first place.
Related-Bug: #1418384
Change-Id: I860291a5859c576021b18e35d1a12c32abfb6ca5
This is part2. Add support for these objects:
identity.project(v2.0)
identity.role(v2.0)
identity.user(v2.0)
identity.project(v3)
identity.role(v3)
identity.user(v3)
identity.group(v3)
Closes-Bug: #1400597
Change-Id: I270434d657cf4ddc23c3aba2c704d6ef184b0dbc
The keystoneclient.openstack.common directory is where we sync files
from oslo incubator. It is not a public directory and should not be
being consumed by openstackclient.
Change-Id: I011bb95c2c824e2dbc4b822ca922ae77b8d9b955
Currently, only deleting via IDs is possible for groups, projects
and users.
We should have an optional --domain argument that allows for
a name to be specified for the resource. (Since these are all
namespaced by domains).
Change-Id: I18ace3db85a3969f0b97678d432d6f8368baa9cd
The links field in the returned objects from the v3 Identity
API aren't really useful, so let's remove them.
Managed to remove most of them from the core API.
I'll likely remove the extension/contribution (oauth/federation)
related ones in another patch.
Also in this patch the code for setting services and projects
was changed. Though not incorrect, it was not needed to copy
the entire returned object, we should just need to pass in
the fields we want to update.
Change-Id: I164ca9ad8b28fa10b291e9115ef40753e387c547
Performing create, list, or set operations for users, groups, and projects
with the --domain option attempts to look up the domain for name to ID
conversion. In the case of an environment using Keystone domains, it is
desired to allow a domain admin to perform these operations for objects in
their domain without allowing them to list or show domains. The current
behavior prevents the domain admin from performing these operations since
they will be forbidden to perform the underlying list_domains operation.
This patch makes the domain lookup error a soft failure, and falls back
to using the passed in domain argument directly as a domain ID in the
request that it sends to Keystone.
Change-Id: I5139097f8cedc53693f6f71297518917ac72e50a
Closes-Bug: #1378565
Update `user show` for Identity V3 to account for a domain argument,
in doing so, also update `find resource` to be more flexible by
allowing **kwargs.
Also update `group show` and `project show` since they follow the
same logic as a user within a group.
Change-Id: Ib828e4dbeb0bd31164396069ce8a64c873179779
Closes-Bug: #1378165
Complete the 'group list' and 'user list' filter options following
the refactor in https://review.openstack.org/69878
Change-Id: Ib4af417c56d4f7da4b88852f191af615cc7fa2ec
Currently parts of user list and group list command are actually
functioning as role listing, which is quite counter intuitive and
misleading.
This refactor change move role related logic to a single place of role
list command. It now allows role grants listing for user/group +
domain/project combinations.
If no user or group specified, it will list all roles in the system,
which is the default behaviour.
Change-Id: I4ced6df4b76f018d01000d28b4281ad9f252ffcc
There are files containing string format arguments inside
logging messages. Using logging function parameters should
be preferred.
Change-Id: Ic749ac9eb55564ed631d57055a5a4dfc3aebd169
Keystoneclient has added the positional decorator which emits a warning
if arguments aren't passed by keyword. This means we are getting
warnings in certain places in openstackclient.
Change-Id: Ic5446cd6f122cbb56fce543011386d53bc31fe18
Closes-Bug: #1302199
This fixes some errors and inconsistencies I found reviewing the
help strings:
* Capitalize help strings
* Add missing space between words (in multi-line strings)
* Improve wording
Change-Id: I2fb31ab4191c330146e31c1a9651115a6657769a
* use six.iteritems()
* replace basestring with six.string_types
* convert print statements to functions (they're all debugging and should
be removed eventually anyway)
* clean up OpenStack copyright: LLC -> Foundation
Change-Id: Icb14212bcb408e63816bfec3922a697bc1a6c946
As discussed in https://review.openstack.org/#/c/36352/ for each
command, we were setting api = identity or volume... etc,
this was for an old way of calling commands that are is no longer
used.
Also removed openstackclient/common/command.py
Change-Id: I2705f35d343f2ae729dc22d6aed0b852b2f8ca19
* Add remove role
* Add --role to group list
* Add --role to user list
* Fix groups in AddRole()
* Remove the tweaks to utils.find_resource for domains; will address
that across domains, projects, users and groups in another patch.
I want to nail down the structure of these commands and get that into place
Change-Id: I8673dd8221ef88978dada5a2833c187026bdb31a
Made all the necessary changes to pass new PEP8 standards.
Also cleaned up docstrings to conform to the HACKING stanards.
Change-Id: Ib8df3030da7a7885655689ab5da0717748c9edbe
updated with latest comments
modified entry points in setup.py
added group.py (v3)
added project.py (v3)
fixed indentation
updated to include new headers
Change-Id: Ice68b6c5bacb68d2e95321d903043056a9b8e810
