summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--README.rst1
-rwxr-xr-xkeystoneclient/v2_0/shell.py38
2 files changed, 25 insertions, 14 deletions
diff --git a/README.rst b/README.rst
index 5952c0e..4e88728 100644
--- a/README.rst
+++ b/README.rst
@@ -120,6 +120,7 @@ You'll find complete documentation on the shell by running
Update user password
user-role-add Add role to user
user-role-remove Remove role from user
+ user-role-list List roles for user
user-update Update user's name, email, and enabled status
discover Discover Keystone servers and show authentication
protocols and
diff --git a/keystoneclient/v2_0/shell.py b/keystoneclient/v2_0/shell.py
index 84fc389..7136f27 100755
--- a/keystoneclient/v2_0/shell.py
+++ b/keystoneclient/v2_0/shell.py
@@ -187,21 +187,9 @@ def do_service_delete(kc, args):
kc.services.delete(args.id)
-@utils.arg('--user', metavar='<user-id>',
- help='List roles granted to a user')
-@utils.arg('--tenant_id', metavar='<tenant-id>',
- help='List roles granted on a tenant')
def do_role_list(kc, args):
- """List all roles, or only those granted to a user."""
- if bool(args.tenant_id) ^ bool(args.user):
- print 'User ID and Tenant ID are both required to list granted roles.'
- return
-
- if args.tenant_id and args.user:
- roles = kc.roles.roles_for_user(user=args.user, tenant=args.tenant_id)
- else:
- roles = kc.roles.list()
-
+ """List all roles"""
+ roles = kc.roles.list()
utils.print_list(roles, ['id', 'name'])
@@ -244,6 +232,28 @@ def do_user_role_remove(kc, args):
kc.roles.remove_user_role(args.user, args.role, args.tenant_id)
+@utils.arg('--user', metavar='<user-id>',
+ help='List roles granted to a user')
+@utils.arg('--tenant_id', metavar='<tenant-id>',
+ help='List roles granted on a tenant')
+def do_user_role_list(kc, args):
+ """List roles granted to a user"""
+ if not args.tenant_id:
+ # use the authenticated tenant id as a default
+ args.tenant_id = kc.auth_tenant_id
+ if not args.user:
+ # use the authenticated user id as a default
+ args.user = kc.auth_user_id
+ roles = kc.roles.roles_for_user(user=args.user, tenant=args.tenant_id)
+
+ # this makes the command output a bit more intuitive
+ for role in roles:
+ role.user_id = args.user
+ role.tenant_id = args.tenant_id
+
+ utils.print_list(roles, ['id', 'name', 'user_id', 'tenant_id'])
+
+
@utils.arg('--user', metavar='<user-id>', help='User ID')
@utils.arg('--tenant_id', metavar='<tenant-id>', help='Tenant ID')
def do_ec2_credentials_create(kc, args):
View Lorry Controller Status