def add_user_to_project():
"""
Giving a 'Member' role in given tenant
"""
form = forms.AddUserToProject()
tenant = clients.admin_clients().keystone.tenants.get(form.add_project.data)
tenant.add_user(form.user.data, clients.get_role_id("member"))
flask.flash('User was added to project', 'success')
return flask.redirect(flask.url_for('.show', user_id=form.user.data))
def add_user_to_project():
"""
Giving a 'Member' role in given tenant
"""
form = forms.AddUserToProject()
tenant = clients.admin_clients().keystone.tenants.get(
form.add_project.data)
tenant.add_user(form.user.data, clients.get_role_id("member"))
flask.flash('User was added to project', 'success')
return flask.redirect(flask.url_for('.show', user_id=form.user.data))
def revoke_admin(user_id):
"""Revoke admin permission.
Remove admin role in admin tenant (aka systenant).
TODO(apugachev): convert to POST
TODO(apugachev): add form to plug in the CSRF protection
"""
clients.admin_clients().keystone.roles.remove_user_role(
user_id, clients.get_role_id("admin"), clients.get_systenant_id())
flask.flash('Admin role removed', 'success')
return flask.redirect(flask.url_for('.index'))
def revoke_admin(user_id):
"""Revoke admin permission.
Remove admin role in admin tenant (aka systenant).
TODO(apugachev): convert to POST
TODO(apugachev): add form to plug in the CSRF protection
"""
clients.admin_clients().keystone.roles.remove_user_role(
user_id,
clients.get_role_id("admin"),
clients.get_systenant_id())
flask.flash('Admin role removed', 'success')
return flask.redirect(flask.url_for('.index'))
