377 Commits

Author SHA1 Message Date
Jenkins
0d8dab6288 Merge "keystone: fix catalog output when region is unset" 2016-05-25 18:56:14 +00:00
Julien Danjou
e44bb009d3 keystone: fix catalog output when region is unset
If no region is set in Keystone, null is deserialized as None and the
region has None has value, which triggers a type error when building the
output string.

This patch fixes that.

Change-Id: I7637dc2595655cf452f38308f99fe66ac782e16d
2016-05-25 16:13:48 +02:00
Jenkins
f97fa2e6d2 Merge "Search by user defined ID for service providers" 2016-05-25 02:44:56 +00:00
Steve Martinelli
58094bff80 Search by user defined ID for service providers
IDs for service providers can be user defined (like, Bob). This
causes issues with the usual get by ID method.

Keystone server side has implemented changes to search by ID when
listing, which should resolve the issue with minimal changes to
the client side.

Change-Id: Ic705806e4bc7bb24f946a1fce803a0a0a4d788c1
Closes-Bug: 1555830
2016-05-24 18:45:58 +00:00
Steve Martinelli
21530d026e Search by user defined ID for identity providers
IDs for service providers can be user defined (like, Bob). This
causes issues with the usual get by ID method.

Keystone server side has implemented changes to search by ID when
listing, which should resolve the issue with minimal changes to
the client side.

Change-Id: Ic58df22b3445d3293a8e1c76c5da79badebf6528
Closes-Bug: 1479837
2016-05-23 15:18:11 -04:00
Steve Martinelli
ebcbd6ba71 remove #noqa from i18n imports
hacking checks no longer fail on `import _`

Change-Id: Idd60f0a0e71e5081691eacb39e5091ab08fcce6d
2016-05-13 13:14:02 -07:00
sharat.sharma
f924fa39e1 Added "name" parameter to the help message.
In OS_IDENTITY_API_VERSION=3, the "openstack help service delete"
allows the user to remove a service based on the name of the
service. So, this patch includes name as positional argument.

Change-Id: Iae7cb0a82af3cdd4d88e0ed2eb651abf9af30fd9
Closes-Bug: #1566909
2016-05-04 12:57:07 +00:00
Tang Chen
32c627eaf0 Doc: Unify repeatable option comments
There are lots of "this option can be repeated" comments
in the doc, which are not consistent to other similar
docs.

This patch changes them to the following format:

"repeat option to do something"

Change-Id: I54e01053091c428bf87bb36bb95f73a0b80ab6e7
2016-04-12 15:57:17 +08:00
timothy-symanczyk
15edb2f61a Improve error for token issue command without auth
Currently when you perform the 'token issue' command with
the admin_token, the error is a nonsense python error. This
commit changes it to be user-friendly.

Change-Id: I5cc92c342e3f83e099354cd04301c7b8d8d2dabc
Closes-Bug: #1547721
2016-03-18 15:44:02 -07:00
Tang Chen
fc24f37ae2 Trivial: Remove useless return
If a function returns nothing, do not add return in the end.

Change-Id: I298b8717462f68d3076a1619d674775be2a94c42
2016-03-07 17:54:06 +08:00
Mohan Muppidi
3d7430463c take_action() method from command.Command shouldn't return
command.Command and command.Showone are base classes implemented
in cliff framework. Showone extends Command to allow take_action()
to return data to be formatted using a user-selectable formatter.
Most of the classes which are extended from Command in
openstackclient/identity/v3/ in some cases return data or return
nothing where it is not necessary, this commit fixes most of them.

Change-Id: I84c72ea4d6680f8bdbef5449316dd9a8af8c8286
Closes-Bug: 1550892
2016-02-29 17:23:29 +00:00
Brandon Palm
f49f0fead2 Fixed a bunch of spacing
Nothing too complicated here.  I fixed a bunch of spacing issues
that I saw in OSC.

Change-Id: I935ab48e7c5bac5f88ecdb3a05f73fb44fc9f41d
2016-02-23 10:38:58 -06:00
guang-yee
41e1bd0be6 Support unscoped token request
Make scope check optional for the "token issue" command as unscoped token is
a valid Keystone V2/V3 API.

Change-Id: Ie1cded4dbfdafd3a78c0ebdf89e3f66762509930
Closes-Bug: #1543214
2016-02-19 16:07:13 -08:00
Jenkins
272ac55776 Merge "Return names in list role assignments" 2016-02-17 22:23:51 +00:00
lin-hua-cheng
686a269738 Add "token revoke" for identity v3
Change-Id: Ie631600d02942fe6ce035f31af46abe44e543631
Closes-bug: #1543226
2016-02-09 16:49:11 -08:00
Akihiro Motoki
258c1102cc log take_action parameters in a single place
Previously each command logs take_action parameters explicitly
by using @utils.log_method decorator or log.debug().
Some commands have no logging.

This commit calls a logger in the base class and
drops all logging definition from individual commands.

Closes-Bug: #1532294
Change-Id: I43cd0290a4353c68c075bade9571c940733da1be
2016-02-02 09:58:32 +09:00
Tom Cocozzello
3a48989eb0 Return names in list role assignments
Utilize the new include names functionality added to
list role assignments (GET /role_assignments?include_names=True).
Which will return the names of the entities instead of their
IDs.

Change-Id: I6dc03baf61ef9354a8a259a9f17ff47ce1665ce7
Depends-On: I4aa77c08660a0cbd021502155938a46121ca76ef
Closes-Bug: #1479569
Implements: blueprint list-assignment-with-names
2016-01-27 18:13:32 +00:00
Guang Yee
5cbecc130e Support non-interactive user password update
Currently user password update require interactive prompting of user's
original password. This is problematic because we can't support
non-interactive applications and therefore hinders automation. This
patch make it possible by optionally accepting an
'--original-password' argument. If specified, we would use it instead
of prompting.

DocImpact

Change-Id: I2d994e8c2be949f7ae616ac1d1594fb94e1a27cd
Closes-Bug: 1531360
2016-01-11 09:27:10 -08:00
Jenkins
774201b696 Merge "Implementation for project unset cmd for python-openstackclient." 2016-01-04 19:09:31 +00:00
Jude Job
a2a63f19bf Implementation for project unset cmd for python-openstackclient.
This patch introduces a unit test class TestProjectUnset
for testing unset cmd.

Co-Authored-By: Steve Martinelli <stevemar@ca.ibm.com>
Change-Id: Ib4a414d2313e3d37e48d1cb3639f064231aec508
Closes-Bug: #1486597
2016-01-04 10:25:55 -05:00
Jude Job
66931c6931 Enabling domain lookup for project set v3 command
Currently the domain option for `project set` attempts to set
a new domain that owns the project. This is actually an action
that is denied by keystone server. Instead, the domain option
should be used as a lookup, to find projects that exist in the
non-default domain.

Co-Authored-By: Steve Martinelli <stevemar@ca.ibm.com>

Closes-Bug: #1524456

Change-Id: I30a3812184fe262667e09baa106d2275c2cbb981
2015-12-31 02:11:39 -05:00
Jenkins
823ba770e0 Merge "Fix "sevice show" cannot catch NoUniqueMatch Exception" 2015-12-10 18:37:18 +00:00
Min Min Ren
b98aee57c1 Fix "sevice show" cannot catch NoUniqueMatch Exception
Fix a bug for "service show" subcommand cannot cache NoUniqueMatch Exception

Change-Id: I393c5417de0fef424618b08119ddbc8fea27e114
Closes-Bug: #1524305
2015-12-09 05:47:12 +08:00
Dean Troyer
bf090c69c2 Switch to ksa Session
* Change session imports to keystoneauth1
* Change keystoneclient.exception imports to keystoneauth1
* Change exceptions raised from internal API from keystoneclient to openstack.common

Change-Id: I046d89f561d6fe04baae53726f9749d2e7fe2056
2015-12-02 01:55:14 +00:00
Jenkins
6952916c48 Merge "better format remote IDs for identity providers" 2015-11-15 01:24:47 +00:00
lin-hua-cheng
51f2fda041 Add capability to update description of an IdP
Change-Id: I854067642bbfde6fdf84b22b9cc1de8afc7767c0
Closes-Bug: #1515815
2015-11-12 16:49:45 -08:00
Steve Martinelli
c079e13774 better format remote IDs for identity providers
remote-ids are a list, and we should format these values as such,
rather than python representations of lists/arrays.

Closes-Bug: 1478995

Change-Id: Ia6ced0fab2435b8cb486822c676c0dee32613abe
2015-11-12 02:56:49 +00:00
Jenkins
266ecf57f5 Merge "Mark arguments for 'credential' commands as required" 2015-11-04 14:33:57 +00:00
Jenkins
58d0facd68 Merge "remove url from v3 regions" 2015-10-29 02:20:56 +00:00
Steve Martinelli
539c39bfaf remove url from v3 regions
the parameter "url" was removed from Keystone, it was only added
for one release as part of an experimental support for adding
service providers.

BackwardsIncompatibleImpact
Closes-Bug: 1506841

Change-Id: I7a62fbf1d9bfa8e6dd8d619e98c32b9860348d2e
2015-10-21 13:21:20 +00:00
Jenkins
3ad2f85614 Merge "Change Identity API default version to 3" 2015-10-21 02:58:27 +00:00
Steve Martinelli
17f794ca08 Change Identity API default version to 3
Devstack now issues all v3 OSC commands for our CI, and since v3
has everything v2 has, we should be able to switch to v3.

Furthermore, most OSC users were initially  using OSC since they
were looking to exploit v3 keystone capabilities.

Change-Id: If7de86946f6dd0f148aa5f526155cccf90adfcc3
2015-10-09 05:25:19 +00:00
Rudolf Vriend
7075c90053 Evaluate --inherited in role list
the --inherited option was not being passed into keystoneclient

Closes-Bug: #1502822

Change-Id: I48170dc67b23cc9b0665b1e0f38118eea952f131
2015-10-06 13:39:22 -04:00
Sean Perry
b33cdec92a Mark arguments for 'credential' commands as required
According to the [1], 'user_id', 'type', and 'blob' are all required
arguments for 'credential set' but the code treats them as optional. Set the
'required' flag and remove logic supporting missing arguments.

[1]: https://github.com/openstack/keystone-specs/blob/master/api/v3/identity-api-v3.rst#credentials-v3credentials "spec"

Change-Id: I597c9616ad744385fc6dd92379feb03daec54458
Closes-Bug: #1418837
2015-09-30 15:33:45 -07:00
Jenkins
b288fbfb35 Merge "Remove backticks from help in role commands" 2015-09-19 07:19:39 +00:00
Hidekazu Nakamura
3f532a2b69 Remove backticks from help in role commands
the docs and code had inconsistencies with how it
references other arguments, lets just remove the
backticks from around them.

Change-Id: I43d17b07364e45387c6b9d86c2aca26eeea8ed93
2015-09-19 00:40:21 -04:00
Jenkins
0116f3abc6 Merge "Support listing users by group name" 2015-09-19 01:49:54 +00:00
Steve Martinelli
36a9703a19 Support listing users by group name
Listing users within a group is not presently domain scoped. We
do not use the domain info at all when the group option is present.
A new --group-domain option is not needed since we cannot list
users by --project and --group, they are mutually exclusive (as
per the identity API).

Closes-Bug: 1492916
Change-Id: I50f995ee4a03c2bdb21f2b5722546ab8fe786eb6
2015-09-07 01:37:37 -05:00
Joshua Harlow
e3c46ece4a Use a common decorator to log 'take_action' activation
Instead of duplicating the same log statement throughout
the code, the same logic can be provided by a shared decorator
that abstracts away the logging capability and unifies it behind
a common function instead.

Change-Id: Icc63bced7347c8bbf0299a4c5821425a10892a79
2015-09-01 16:49:54 -07:00
Jamie Lennox
0cc1e5aa2b Use correct domain to find project
When adding a role to a group and project OSC is mistakenly using the
group_domain to find the project which will fail if the group_domain !=
project_domain.

Change-Id: I4c1bec9b3b183c755be121b91f40e026d707192b
Closes-Bug: #1483520
2015-08-11 06:49:20 +00:00
Jenkins
ef33132c39 Merge "Inherited info/option when listing role assignment" 2015-08-08 09:09:26 +00:00
Samuel de Medeiros Queiroz
94a8805a9a Inherited info/option when listing role assignment
Adds inherited information when listing role
assignments. In addition, it makes possible
to list only inherited ones by adding
--inherited option.

Change-Id: Idf889603d584716da95e2c7b4880142fbd8291c4
Closes-Bug: 1370546
2015-08-06 22:21:27 -07:00
Samuel de Medeiros Queiroz
4097ec1d24 Fixes inherited role assignments CRUD calls
The paremeter to Keystone Client was passed as
'inherited', when it should be
'os_inherit_extension_inherited'.

Closes-Bug: #1482254

Change-Id: I1cb46add532223ef0b9620763b1047cc80e19ec0
2015-08-06 12:05:57 -03:00
lin-hua-cheng
701b59f651 Add domain scoping in 'role assignment list'
Add ability to set which domain the user, group or project
belong to.

Change-Id: Idf6c7f23ab96261a73682226fb10ce5f0133924e
Closes-Bug: #1472909
2015-07-31 18:56:34 -07:00
Jenkins
55d9eba093 Merge "Do not set default versions in parsed args" 2015-07-24 19:51:30 +00:00
Hugh Saunders
874c921292 Fix --os-auth-plugin in auth_with_unscoped_saml
The error message refers to --os-auth-plugin which is not a valid
option. This patch changes that to --os-auth-type.

Change-Id: I02ec0b7855131180bb8c674051930ebb51cb7303
Closes-Bug: #1477083
2015-07-22 11:51:33 +01:00
Jenkins
4d9d2dbd36 Merge "Make trustee/trustor/project searchable by ID" 2015-07-21 19:46:16 +00:00
Steve Martinelli
921361b3ae Make trustee/trustor/project searchable by ID
In the previous implementation, we were always including the domain
argument, which caused a lookup by name for trustee/trustor and
project. By excluding it when not necessary, we do a search by
ID in find_resources.

Change-Id: Id756aeab522b5dccb2dc6b31d137a28514b0fdf6
Closes-Bug: 1473298
2015-07-20 20:12:50 -07:00
Jenkins
d26650b57d Merge "Removes trailing blank in trust show" 2015-07-19 23:14:31 +00:00
Gilles Dubreuil
00b4e38d3c Removes trailing blank in trust show
Previously a blank character at the end of the roles value would remain

Change-Id: I0961a5f9fb4b270a6055ee69898eadee315e416a
Closes-Bug: 1474707
2015-07-19 13:33:00 -07:00