diff --git a/nova/adminclient.py b/nova/adminclient.py index 5aa8ff9c..242298a7 100644 --- a/nova/adminclient.py +++ b/nova/adminclient.py @@ -217,11 +217,16 @@ class NovaAdminClient(object): """ deletes a user """ return self.apiconn.get_object('DeregisterUser', {'Name': username}, UserInfo) + def get_roles(self, project_roles=True): + """Returns a list of available roles.""" + return self.apiconn.get_list('DescribeRoles', + {'ProjectRoles': project_roles}, + [('item', UserRole)]) + def get_user_roles(self, user, project=None): - """ - Returns a list of roles for the given user. - Omitting project will return any global roles that the user has. - Specifying project will return only project specific roles. + """Returns a list of roles for the given user. + Omitting project will return any global roles that the user has. + Specifying project will return only project specific roles. """ params = {'User':user} if project: diff --git a/nova/endpoint/admin.py b/nova/endpoint/admin.py index a3114c0a..4f4824fc 100644 --- a/nova/endpoint/admin.py +++ b/nova/endpoint/admin.py @@ -105,7 +105,8 @@ class AdminController(object): @admin_only def describe_roles(self, context, project_roles=True, **kwargs): """Returns a list of allowed roles.""" - return manager.AuthManager().get_roles(project_roles) + roles = manager.AuthManager().get_roles(project_roles) + return { 'roles': [{'role': r} for r in roles]} @admin_only def describe_user_roles(self, context, user, project=None, **kwargs): @@ -113,7 +114,8 @@ class AdminController(object): Omitting project will return any global roles that the user has. Specifying project will return only project specific roles. """ - return manager.AuthManager().get_user_roles(user, project=project) + roles = manager.AuthManager().get_user_roles(user, project=project) + return { 'roles': [{'role': r} for r in roles]} @admin_only def modify_user_role(self, context, user, role, project=None,