diff options
Diffstat (limited to 'openstackclient/identity')
| -rw-r--r-- | openstackclient/identity/client.py | 7 | ||||
| -rw-r--r-- | openstackclient/identity/common.py | 39 | ||||
| -rw-r--r-- | openstackclient/identity/v3/ec2creds.py | 58 | ||||
| -rw-r--r-- | openstackclient/identity/v3/group.py | 56 | ||||
| -rw-r--r-- | openstackclient/identity/v3/project.py | 37 | ||||
| -rw-r--r-- | openstackclient/identity/v3/role.py | 26 | ||||
| -rw-r--r-- | openstackclient/identity/v3/trust.py | 10 | ||||
| -rw-r--r-- | openstackclient/identity/v3/unscoped_saml.py | 2 |
8 files changed, 100 insertions, 135 deletions
diff --git a/openstackclient/identity/client.py b/openstackclient/identity/client.py index 4127a451..cc803511 100644 --- a/openstackclient/identity/client.py +++ b/openstackclient/identity/client.py @@ -46,10 +46,15 @@ def make_client(instance): API_VERSIONS) LOG.debug('Instantiating identity client: %s', identity_client) + # Remember interface only if endpoint_type is set + kwargs = utils.build_kwargs_dict('interface', + instance._endpoint_type) + client = identity_client( session=instance.session, region_name=instance._region_name, - ) + **kwargs + ) return client diff --git a/openstackclient/identity/common.py b/openstackclient/identity/common.py index b97a1778..2638b797 100644 --- a/openstackclient/identity/common.py +++ b/openstackclient/identity/common.py @@ -109,3 +109,42 @@ def _find_identity_resource(identity_client_manager, name_or_id, pass return resource_type(None, {'id': name_or_id, 'name': name_or_id}) + + +def add_user_domain_option_to_parser(parser): + parser.add_argument( + '--user-domain', + metavar='<user-domain>', + help=('Domain the user belongs to (name or ID). ' + 'This can be used in case collisions between user names ' + 'exist.') + ) + + +def add_group_domain_option_to_parser(parser): + parser.add_argument( + '--group-domain', + metavar='<group-domain>', + help=('Domain the group belongs to (name or ID). ' + 'This can be used in case collisions between group names ' + 'exist.') + ) + + +def add_project_domain_option_to_parser(parser): + parser.add_argument( + '--project-domain', + metavar='<project-domain>', + help=('Domain the project belongs to (name or ID). ' + 'This can be used in case collisions between project names ' + 'exist.') + ) + + +def add_inherited_option_to_parser(parser): + parser.add_argument( + '--inherited', + action='store_true', + default=False, + help=('Specifies if the role grant is inheritable to the sub projects') + ) diff --git a/openstackclient/identity/v3/ec2creds.py b/openstackclient/identity/v3/ec2creds.py index f995ae55..03314634 100644 --- a/openstackclient/identity/v3/ec2creds.py +++ b/openstackclient/identity/v3/ec2creds.py @@ -75,31 +75,15 @@ class CreateEC2Creds(show.ShowOne): '(name or ID; default: current authenticated user)' ), ) - parser.add_argument( - '--user-domain', - metavar='<user-domain>', - help=( - 'Select user from a specific domain (name or ID); ' - 'This can be used in case collisions between user names ' - 'exist.' - ), - ) - parser.add_argument( - '--project-domain', - metavar='<project-domain>', - help=( - 'Select project from a specific domain (name or ID); ' - 'This can be used in case collisions between project names ' - 'exist.' - ), - ) + common.add_user_domain_option_to_parser(parser) + common.add_project_domain_option_to_parser(parser) return parser def take_action(self, parsed_args): self.log.debug('take_action(%s)', parsed_args) identity_client = self.app.client_manager.identity client_manager = self.app.client_manager - user = self.determine_ec2_user(parsed_args, client_manager) + user = _determine_ec2_user(parsed_args, client_manager) project_domain = None if parsed_args.project_domain: @@ -149,21 +133,13 @@ class DeleteEC2Creds(command.Command): metavar='<user>', help=_('Delete credentials for user (name or ID)'), ) - parser.add_argument( - '--user-domain', - metavar='<user-domain>', - help=( - 'Select user from a specific domain (name or ID); ' - 'This can be used in case collisions between user names ' - 'exist.' - ), - ) + common.add_user_domain_option_to_parser(parser) return parser def take_action(self, parsed_args): self.log.debug('take_action(%s)', parsed_args) client_manager = self.app.client_manager - user = self.determine_ec2_user(parsed_args, client_manager) + user = _determine_ec2_user(parsed_args, client_manager) client_manager.identity.ec2.delete(user, parsed_args.access_key) @@ -179,21 +155,13 @@ class ListEC2Creds(lister.Lister): metavar='<user>', help=_('Filter list by user (name or ID)'), ) - parser.add_argument( - '--user-domain', - metavar='<user-domain>', - help=( - 'Select user from a specific domain (name or ID); ' - 'This can be used in case collisions between user names ' - 'exist.' - ), - ) + common.add_user_domain_option_to_parser(parser) return parser def take_action(self, parsed_args): self.log.debug('take_action(%s)', parsed_args) client_manager = self.app.client_manager - user = self.determine_ec2_user(parsed_args, client_manager) + user = _determine_ec2_user(parsed_args, client_manager) columns = ('access', 'secret', 'tenant_id', 'user_id') column_headers = ('Access', 'Secret', 'Project ID', 'User ID') @@ -223,21 +191,13 @@ class ShowEC2Creds(show.ShowOne): metavar='<user>', help=_('Show credentials for user (name or ID)'), ) - parser.add_argument( - '--user-domain', - metavar='<user-domain>', - help=( - 'Select user from a specific domain (name or ID); ' - 'This can be used in case collisions between user names ' - 'exist.' - ), - ) + common.add_user_domain_option_to_parser(parser) return parser def take_action(self, parsed_args): self.log.debug('take_action(%s)', parsed_args) client_manager = self.app.client_manager - user = self.determine_ec2_user(parsed_args, client_manager) + user = _determine_ec2_user(parsed_args, client_manager) creds = client_manager.identity.ec2.get(user, parsed_args.access_key) info = {} diff --git a/openstackclient/identity/v3/group.py b/openstackclient/identity/v3/group.py index b064eb77..d659f71e 100644 --- a/openstackclient/identity/v3/group.py +++ b/openstackclient/identity/v3/group.py @@ -46,20 +46,8 @@ class AddUserToGroup(command.Command): metavar='<user>', help='User to add to <group> (name or ID)', ) - parser.add_argument( - '--group-domain', - metavar='<group-domain>', - help=('Domain the group belongs to (name or ID). ' - 'This can be used in case collisions between group names ' - 'exist.') - ) - parser.add_argument( - '--user-domain', - metavar='<user-domain>', - help=('Domain the user belongs to (name or ID). ' - 'This can be used in case collisions between user names ' - 'exist.') - ) + common.add_group_domain_option_to_parser(parser) + common.add_user_domain_option_to_parser(parser) return parser def take_action(self, parsed_args): @@ -100,20 +88,8 @@ class CheckUserInGroup(command.Command): metavar='<user>', help='User to check (name or ID)', ) - parser.add_argument( - '--group-domain', - metavar='<group-domain>', - help=('Domain the group belongs to (name or ID). ' - 'This can be used in case collisions between group names ' - 'exist.') - ) - parser.add_argument( - '--user-domain', - metavar='<user-domain>', - help=('Domain the user belongs to (name or ID). ' - 'This can be used in case collisions between user names ' - 'exist.') - ) + common.add_group_domain_option_to_parser(parser) + common.add_user_domain_option_to_parser(parser) return parser def take_action(self, parsed_args): @@ -241,13 +217,7 @@ class ListGroup(lister.Lister): metavar='<user>', help='Filter group list by <user> (name or ID)', ) - parser.add_argument( - '--user-domain', - metavar='<user-domain>', - help=('Domain the user belongs to (name or ID). ' - 'This can be used in case collisions between user names ' - 'exist.') - ) + common.add_user_domain_option_to_parser(parser) parser.add_argument( '--long', action='store_true', @@ -310,20 +280,8 @@ class RemoveUserFromGroup(command.Command): metavar='<user>', help='User to remove from <group> (name or ID)', ) - parser.add_argument( - '--group-domain', - metavar='<group-domain>', - help=('Domain the group belongs to (name or ID). ' - 'This can be used in case collisions between group names ' - 'exist.') - ) - parser.add_argument( - '--user-domain', - metavar='<user-domain>', - help=('Domain the user belongs to (name or ID). ' - 'This can be used in case collisions between user names ' - 'exist.') - ) + common.add_group_domain_option_to_parser(parser) + common.add_user_domain_option_to_parser(parser) return parser def take_action(self, parsed_args): diff --git a/openstackclient/identity/v3/project.py b/openstackclient/identity/v3/project.py index 48f547f3..8185d65a 100644 --- a/openstackclient/identity/v3/project.py +++ b/openstackclient/identity/v3/project.py @@ -323,6 +323,18 @@ class ShowProject(show.ShowOne): metavar='<domain>', help='Domain owning <project> (name or ID)', ) + parser.add_argument( + '--parents', + action='store_true', + default=False, + help='Show the project\'s parents as a list', + ) + parser.add_argument( + '--children', + action='store_true', + default=False, + help='Show project\'s subtree (children) as a list', + ) return parser def take_action(self, parsed_args): @@ -331,14 +343,25 @@ class ShowProject(show.ShowOne): if parsed_args.domain: domain = common.find_domain(identity_client, parsed_args.domain) - project = utils.find_resource(identity_client.projects, - parsed_args.project, - domain_id=domain.id) + project = utils.find_resource( + identity_client.projects, + parsed_args.project, + domain_id=domain.id, + parents_as_list=parsed_args.parents, + subtree_as_list=parsed_args.children) else: - project = utils.find_resource(identity_client.projects, - parsed_args.project) + project = utils.find_resource( + identity_client.projects, + parsed_args.project, + parents_as_list=parsed_args.parents, + subtree_as_list=parsed_args.children) + + if project._info.get('parents'): + project._info['parents'] = [str(p['project']['id']) + for p in project._info['parents']] + if project._info.get('subtree'): + project._info['subtree'] = [str(p['project']['id']) + for p in project._info['subtree']] project._info.pop('links') - # TODO(stevemar): Remove the line below when we support multitenancy - project._info.pop('parent_id', None) return zip(*sorted(six.iteritems(project._info))) diff --git a/openstackclient/identity/v3/role.py b/openstackclient/identity/v3/role.py index 4f1c04d5..199b7dca 100644 --- a/openstackclient/identity/v3/role.py +++ b/openstackclient/identity/v3/role.py @@ -52,27 +52,10 @@ def _add_identity_and_resource_options_to_parser(parser): metavar='<group>', help='Include <group> (name or ID)', ) - parser.add_argument( - '--user-domain', - metavar='<user-domain>', - help=('Domain the user belongs to (name or ID). ' - 'This can be used in case collisions between user names ' - 'exist.') - ) - parser.add_argument( - '--group-domain', - metavar='<group-domain>', - help=('Domain the group belongs to (name or ID). ' - 'This can be used in case collisions between group names ' - 'exist.') - ) - parser.add_argument( - '--project-domain', - metavar='<project-domain>', - help=('Domain the project belongs to (name or ID). ' - 'This can be used in case collisions between project names ' - 'exist.') - ) + common.add_group_domain_option_to_parser(parser) + common.add_project_domain_option_to_parser(parser) + common.add_user_domain_option_to_parser(parser) + common.add_inherited_option_to_parser(parser) def _process_identity_and_resource_options(parsed_args, @@ -120,6 +103,7 @@ def _process_identity_and_resource_options(parsed_args, parsed_args.project, parsed_args.group_domain, ).id + kwargs['inherited'] = parsed_args.inherited return kwargs diff --git a/openstackclient/identity/v3/trust.py b/openstackclient/identity/v3/trust.py index ab6673d2..c8e5c4c7 100644 --- a/openstackclient/identity/v3/trust.py +++ b/openstackclient/identity/v3/trust.py @@ -71,19 +71,15 @@ class CreateTrust(show.ShowOne): help='Sets an expiration date for the trust' ' (format of YYYY-mm-ddTHH:MM:SS)', ) - parser.add_argument( - '--project-domain', - metavar='<domain>', - help='Domain that contains <project> (name or ID)', - ) + common.add_project_domain_option_to_parser(parser) parser.add_argument( '--trustor-domain', - metavar='<domain>', + metavar='<trustor-domain>', help='Domain that contains <trustor> (name or ID)', ) parser.add_argument( '--trustee-domain', - metavar='<domain>', + metavar='<trustee-domain>', help='Domain that contains <trustee> (name or ID)', ) return parser diff --git a/openstackclient/identity/v3/unscoped_saml.py b/openstackclient/identity/v3/unscoped_saml.py index affbaf3a..9b158b67 100644 --- a/openstackclient/identity/v3/unscoped_saml.py +++ b/openstackclient/identity/v3/unscoped_saml.py @@ -25,7 +25,7 @@ from openstackclient.common import exceptions from openstackclient.common import utils -UNSCOPED_AUTH_PLUGINS = ['v3unscopedsaml', 'v3unscopedadfs'] +UNSCOPED_AUTH_PLUGINS = ['v3unscopedsaml', 'v3unscopedadfs', 'v3oidc'] def auth_with_unscoped_saml(func): |