def _get_role_object(self, context_role):
"""Check if role exists.
:param context_role: name of existing role.
"""
keystone = identity.Identity(osclients.Clients(self.credential))
default_roles = keystone.list_roles()
for def_role in default_roles:
if str(def_role.name) == context_role:
return def_role
else:
raise exceptions.NoSuchRole(role=context_role)
def _add_role(self, admin_credential, context_role):
"""Add role to users.
:param admin_credential: The admin credential.
:param context_role: name of existing role.
"""
client = keystone.wrap(osclients.Clients(admin_credential).keystone())
default_roles = client.list_roles()
for def_role in default_roles:
if str(def_role.name) == context_role:
role = def_role
break
else:
raise exceptions.NoSuchRole(role=context_role)
LOG.debug("Adding role %s to all users" % (role.id))
for user in self.context["users"]:
client.add_role(user_id=user["id"], role_id=role.id,
project_id=user["tenant_id"])
return {"id": str(role.id), "name": str(role.name)}
def _add_role(self, admin_endpoint, context_role):
"""Add role to users.
:param admin_endpoint: The base url.
:param context_role: name of existing role.
"""
client = osclients.Clients(admin_endpoint).keystone()
default_roles = client.roles.list()
for def_role in default_roles:
if str(def_role.name) == context_role:
role = def_role
break
else:
raise exceptions.NoSuchRole(role=context_role)
LOG.debug("Adding role %s to all users" % (role.id))
for user in self.context["users"]:
client.roles.add_user_role(user["id"], role.id,
tenant=user["tenant_id"])
return {"id": str(role.id), "name": str(role.name)}
