Fix trust creation error
For some unclear reasons, when we pass roles to trust_create, the SDK will report a 'role not found' error. As a workaround, we don't pass roles by default. Change-Id: I40b47eae880c8319d2c045fdb20eb5124c8be8ec
This commit is contained in:
parent
d55233a2fc
commit
cd9b278410
@ -84,7 +84,7 @@ class TrustMiddleware(wsgi.Middleware):
|
||||
try:
|
||||
trusts = kc.trust_get_by_trustor(ctx.user, admin_id, ctx.project)
|
||||
except exception.TrustNotFound:
|
||||
# No trust found is okay
|
||||
# Trust not found is okay
|
||||
trusts = []
|
||||
|
||||
if len(trusts) > 0:
|
||||
@ -92,12 +92,9 @@ class TrustMiddleware(wsgi.Middleware):
|
||||
else:
|
||||
# Create a trust if no existing one found
|
||||
try:
|
||||
trust = kc.trust_create(ctx.user, admin_id, ctx.project,
|
||||
ctx.roles)
|
||||
except exception.Error as ex:
|
||||
msg = _("Failed building trust from user: "
|
||||
"%s.") % six.text_type(ex)
|
||||
raise webob.exc.HTTPInternalServerError(msg)
|
||||
trust = kc.trust_create(ctx.user, admin_id, ctx.project)
|
||||
except exception.TrustCreationFailure as ex:
|
||||
raise webob.exc.HTTPInternalServerError(six.text_type(ex))
|
||||
|
||||
# update cache
|
||||
if cred_exists:
|
||||
|
@ -251,11 +251,12 @@ class EventNotFound(SenlinException):
|
||||
class InternalError(SenlinException):
|
||||
'''A base class for internal exceptions in senlin.
|
||||
|
||||
The internal exception classes which inherit from InternalError
|
||||
class should be translated to a user facing exception.
|
||||
The internal exception classes which inherit from :class:`InternalError`
|
||||
class should be translated to a user facing exception type if need to be
|
||||
made user visible.
|
||||
'''
|
||||
|
||||
def __init__(self, **kwargs):
|
||||
def __init__(self, message=None, **kwargs):
|
||||
super(InternalError, self).__init__(**kwargs)
|
||||
|
||||
|
||||
@ -273,6 +274,10 @@ class TrustNotFound(InternalError):
|
||||
msg_fmt = _("The trust for trustor (%(trustor)s) could not be found.")
|
||||
|
||||
|
||||
class TrustCreationFailure(InternalError):
|
||||
msg_fmt = _("Failed in creating trust: %(reason)s.")
|
||||
|
||||
|
||||
class ResourceNotFound(InternalError):
|
||||
# Used when retrieving resources from other services
|
||||
msg_fmt = _("The resource (%(resource)s) could not be found.")
|
||||
|
@ -67,7 +67,7 @@ class KeystoneClient(base.DriverBase):
|
||||
if interface:
|
||||
filters['interface'] = interface
|
||||
|
||||
endpoints = [e for e in self.conn.identity.endpoints(filters=filters)]
|
||||
endpoints = [e for e in self.conn.identity.endpoints(**filters)]
|
||||
if len(endpoints) == 0:
|
||||
resource = _('endpoint: service=%(service)s,region='
|
||||
'%(region)s,visibility=%(interface)s.'
|
||||
@ -86,7 +86,7 @@ class KeystoneClient(base.DriverBase):
|
||||
if name:
|
||||
filters['name'] = name
|
||||
|
||||
services = [s for s in self.conn.identity.services(filters=filters)]
|
||||
services = [s for s in self.conn.identity.services(**filters)]
|
||||
if len(services) == 0:
|
||||
resource = _('service:type=%(type)s%(name)s'
|
||||
) % {'type': service_type,
|
||||
@ -111,13 +111,13 @@ class KeystoneClient(base.DriverBase):
|
||||
filters['project'] = project
|
||||
|
||||
try:
|
||||
trusts = [t for t in self.conn.identity.trusts(filters=filters)]
|
||||
trusts = [t for t in self.conn.identity.trusts(**filters)]
|
||||
except sdk.exc.HttpException:
|
||||
raise exception.TrustNotFound(trustor=trustor)
|
||||
|
||||
return trusts
|
||||
|
||||
def trust_create(self, trustor, trustee, project, roles,
|
||||
def trust_create(self, trustor, trustee, project, roles=None,
|
||||
impersonation=True):
|
||||
'''Create trust between two users.
|
||||
|
||||
@ -129,19 +129,23 @@ class KeystoneClient(base.DriverBase):
|
||||
the trustor.
|
||||
'''
|
||||
|
||||
if roles:
|
||||
role_list = [{'name': role} for role in roles]
|
||||
else:
|
||||
role_list = []
|
||||
params = {
|
||||
'trustor_user_id': trustor,
|
||||
'trustee_user_id': trustee,
|
||||
'project': project,
|
||||
'impersonation': impersonation,
|
||||
'allow_redelegation': True,
|
||||
'roles': [{'name': role} for role in roles]
|
||||
'roles': role_list
|
||||
}
|
||||
|
||||
try:
|
||||
result = self.conn.identity.create_trust(**params)
|
||||
except sdk.exc.HttpException as ex:
|
||||
raise exception.Error(message=six.text_type(ex))
|
||||
raise exception.TrustCreationFailure(reason=six.text_type(ex))
|
||||
|
||||
return result
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user