diff options
-rw-r--r-- | README.rst | 1 | ||||
-rwxr-xr-x | keystoneclient/v2_0/shell.py | 38 |
2 files changed, 25 insertions, 14 deletions
@@ -120,6 +120,7 @@ You'll find complete documentation on the shell by running Update user password user-role-add Add role to user user-role-remove Remove role from user + user-role-list List roles for user user-update Update user's name, email, and enabled status discover Discover Keystone servers and show authentication protocols and diff --git a/keystoneclient/v2_0/shell.py b/keystoneclient/v2_0/shell.py index 84fc389..7136f27 100755 --- a/keystoneclient/v2_0/shell.py +++ b/keystoneclient/v2_0/shell.py @@ -187,21 +187,9 @@ def do_service_delete(kc, args): kc.services.delete(args.id) -@utils.arg('--user', metavar='<user-id>', - help='List roles granted to a user') -@utils.arg('--tenant_id', metavar='<tenant-id>', - help='List roles granted on a tenant') def do_role_list(kc, args): - """List all roles, or only those granted to a user.""" - if bool(args.tenant_id) ^ bool(args.user): - print 'User ID and Tenant ID are both required to list granted roles.' - return - - if args.tenant_id and args.user: - roles = kc.roles.roles_for_user(user=args.user, tenant=args.tenant_id) - else: - roles = kc.roles.list() - + """List all roles""" + roles = kc.roles.list() utils.print_list(roles, ['id', 'name']) @@ -244,6 +232,28 @@ def do_user_role_remove(kc, args): kc.roles.remove_user_role(args.user, args.role, args.tenant_id) +@utils.arg('--user', metavar='<user-id>', + help='List roles granted to a user') +@utils.arg('--tenant_id', metavar='<tenant-id>', + help='List roles granted on a tenant') +def do_user_role_list(kc, args): + """List roles granted to a user""" + if not args.tenant_id: + # use the authenticated tenant id as a default + args.tenant_id = kc.auth_tenant_id + if not args.user: + # use the authenticated user id as a default + args.user = kc.auth_user_id + roles = kc.roles.roles_for_user(user=args.user, tenant=args.tenant_id) + + # this makes the command output a bit more intuitive + for role in roles: + role.user_id = args.user + role.tenant_id = args.tenant_id + + utils.print_list(roles, ['id', 'name', 'user_id', 'tenant_id']) + + @utils.arg('--user', metavar='<user-id>', help='User ID') @utils.arg('--tenant_id', metavar='<tenant-id>', help='Tenant ID') def do_ec2_credentials_create(kc, args): |