Merge "Make ec2-credentials-* commands work properly for non-admin user"

author: Jenkins <jenkins@review.openstack.org> 2012-03-07 18:16:17 +0000
committer: Gerrit Code Review <review@openstack.org> 2012-03-07 18:16:17 +0000
commit: 5c5918baac03fde8b9e16607034ac61ca8dfeb81 (patch)
tree: f91892859c3c96c571d5b267f78569aa0585446b /keystoneclient
parent: 9c07999dd5f5357fa7eee055fe9a4fdaa6a1a562 (diff)
parent: bdc0abbd81a7988188adaae2af22006274a23801 (diff)
download: python-keystoneclient-5c5918baac03fde8b9e16607034ac61ca8dfeb81.tar.gz
3 files changed, 31 insertions, 10 deletions
diff --git a/keystoneclient/service_catalog.py b/keystoneclient/service_catalog.py
index 91ac170..eb0941b 100644
--- a/keystoneclient/service_catalog.py
+++ b/keystoneclient/service_catalog.py
@@ -31,9 +31,10 @@ class ServiceCatalog(object):
         token = {'id': self.catalog['token']['id'],
                 'expires': self.catalog['token']['expires']}
         try:
-            token['tenant'] = self.catalog['token']['tenant']['id']
+            token['user_id'] = self.catalog['user']['id']
+            token['tenant_id'] = self.catalog['token']['tenant']['id']
         except:
-            # just leave the tenant out if it doesn't exist
+            # just leave the tenant and user out if it doesn't exist
             pass
         return token
 
diff --git a/keystoneclient/v2_0/client.py b/keystoneclient/v2_0/client.py
index a609b87..fb59ffc 100644
--- a/keystoneclient/v2_0/client.py
+++ b/keystoneclient/v2_0/client.py
@@ -113,7 +113,11 @@ class Client(client.HTTPClient):
         """ Set the client's service catalog from the response data. """
         self.service_catalog = service_catalog.ServiceCatalog(body)
         try:
-            self.auth_token = self.service_catalog.get_token()['id']
+            sc = self.service_catalog.get_token()
+            self.auth_token = sc['id']
+            # Save these since we have them and they'll be useful later
+            self.auth_tenant_id = sc['tenant_id']
+            self.auth_user_id = sc['user_id']
         except KeyError:
             raise exceptions.AuthorizationFailure()
 
diff --git a/keystoneclient/v2_0/shell.py b/keystoneclient/v2_0/shell.py
index 6825b16..91d0b23 100755
--- a/keystoneclient/v2_0/shell.py
+++ b/keystoneclient/v2_0/shell.py
@@ -225,42 +225,58 @@ def do_user_role_remove(kc, args):
     kc.roles.remove_user_role(args.user, args.role, args.tenant_id)
 
 
-@utils.arg('--user', metavar='<user-id>', required=True, help='User ID')
-@utils.arg('--tenant_id', metavar='<tenant-id>', required=True,
-           help='Tenant ID')
+@utils.arg('--user', metavar='<user-id>', help='User ID')
+@utils.arg('--tenant_id', metavar='<tenant-id>', help='Tenant ID')
 def do_ec2_credentials_create(kc, args):
     """Create EC2-compatibile credentials for user per tenant"""
+    if not args.tenant_id:
+        # use the authenticated tenant id as a default
+        args.tenant_id = kc.auth_tenant_id
+    if not args.user:
+        # use the authenticated user id as a default
+        args.user = kc.auth_user_id
     credentials = kc.ec2.create(args.user, args.tenant_id)
     utils.print_dict(credentials._info)
 
 
-@utils.arg('--user', metavar='<user-id>', required=True, help='User ID')
+@utils.arg('--user', metavar='<user-id>', help='User ID')
 @utils.arg('--access', metavar='<access-key>', required=True,
         help='Access Key')
 def do_ec2_credentials_get(kc, args):
     """Display EC2-compatibile credentials"""
+    if not args.user:
+        # use the authenticated user id as a default
+        args.user = kc.auth_user_id
     cred = kc.ec2.get(args.user, args.access)
     if cred:
         utils.print_dict(cred._info)
 
 
-@utils.arg('--user', metavar='<user-id>', required=True, help='User ID')
+@utils.arg('--user', metavar='<user-id>', help='User ID')
 def do_ec2_credentials_list(kc, args):
     """List EC2-compatibile credentials for a user"""
+    if not args.user:
+        # use the authenticated user id as a default
+        args.user = kc.auth_user_id
     credentials = kc.ec2.list(args.user)
     for cred in credentials:
         try:
             cred.tenant = getattr(kc.tenants.get(cred.tenant_id), 'name')
         except:
-            pass
+            # FIXME(dtroyer): Retrieving the tenant name fails for normal
+            #                 users; stuff in the tenant_id instead.
+            cred.tenant = cred.tenant_id
     utils.print_list(credentials, ['tenant', 'access', 'secret'])
 
 
-@utils.arg('--user', metavar='<user-id>', required=True, help='User ID')
+@utils.arg('--user', metavar='<user-id>', help='User ID')
 @utils.arg('--access', metavar='<access-key>', required=True,
         help='Access Key')
 def do_ec2_credentials_delete(kc, args):
     """Delete EC2-compatibile credentials"""
+    if not args.user:
+        # use the authenticated user id as a default
+        args.user = kc.auth_user_id
     try:
         kc.ec2.delete(args.user, args.access)
         print 'Credential has been deleted.'
author	Jenkins <jenkins@review.openstack.org>	2012-03-07 18:16:17 +0000
committer	Gerrit Code Review <review@openstack.org>	2012-03-07 18:16:17 +0000
commit	5c5918baac03fde8b9e16607034ac61ca8dfeb81 (patch)
tree	f91892859c3c96c571d5b267f78569aa0585446b /keystoneclient
parent	9c07999dd5f5357fa7eee055fe9a4fdaa6a1a562 (diff)
parent	bdc0abbd81a7988188adaae2af22006274a23801 (diff)
download	python-keystoneclient-5c5918baac03fde8b9e16607034ac61ca8dfeb81.tar.gz