Juju Charms Collection
keystone package

Merge lp:~gandelman-a/charms/precise/keystone/fix-grant-role into lp:~charmers/charms/precise/keystone/trunk

  1. Precise Pangolin (12.04)
  2. fix-grant-role
  3. Merge into trunk
Proposed by Adam Gandelman
Status: Merged
Approved by: Mark Mims
Approved revision: 32
Merge reported by: Adam Gandelman
Merged at revision: not available
Proposed branch: lp:~gandelman-a/charms/precise/keystone/fix-grant-role
Merge into: lp:~charmers/charms/precise/keystone/trunk
Diff against target: 37 lines (+13/-5)
2 files modified
hooks/utils.py (+12/-4)
revision (+1/-1)
To merge this branch: bzr merge lp:~gandelman-a/charms/precise/keystone/fix-grant-role
Reviewer Review Type Date Requested Status
Mark Mims (community) Approve
Review via email: mp+118836@code.launchpad.net

Description of the change

Avoids an exception that is raised when attempting to redefine an already existing association between a role and user+tenant. This makes utils.grant_role() check for the association before adding it.

This only triggers when using this charm to deploy Folsom, the exception is not raised in Essex. However, I'd prefer to fix in the Precise branch since:

- the functionality is there.
- its best practice.
- minimize the delta between the precise/keystone and quantal/keystone (when it opens)

To post a comment you must log in.
Revision history for this message
Mark Mims (mark-mims) wrote :

lgtm

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'hooks/utils.py'
2--- hooks/utils.py 2012-03-02 20:46:20 +0000
3+++ hooks/utils.py 2012-08-08 21:46:19 +0000
4@@ -337,14 +337,22 @@
5 import manager
6 manager = manager.KeystoneManager(endpoint='http://localhost:35357/v2.0/',
7 token=get_admin_token())
8- juju_log("Granting user '%s' role '%s' on tenant ' %s'" %\
9+ juju_log("Granting user '%s' role '%s' on tenant '%s'" %\
10 (user, role, tenant))
11 user_id = manager.resolve_user_id(user)
12 role_id = manager.resolve_role_id(role)
13 tenant_id = manager.resolve_tenant_id(tenant)
14- manager.api.roles.add_user_role(user=user_id,
15- role=role_id,
16- tenant=tenant_id)
17+
18+ cur_roles = manager.api.roles.roles_for_user(user_id, tenant_id)
19+ if not cur_roles or role_id not in [r.id for r in cur_roles]:
20+ manager.api.roles.add_user_role(user=user_id,
21+ role=role_id,
22+ tenant=tenant_id)
23+ juju_log("Granted user '%s' role '%s' on tenant '%s'" %\
24+ (user, role, tenant))
25+ else:
26+ juju_log("User '%s' already has role '%s' on tenant '%s'" %\
27+ (user, role, tenant))
28
29 def generate_admin_token(config):
30 """ generate and add an admin token """
31
32=== modified file 'revision'
33--- revision 2012-03-08 22:38:36 +0000
34+++ revision 2012-08-08 21:46:19 +0000
35@@ -1,1 +1,1 @@
36-138
37+139

Subscribers

People subscribed via source and target branches