Browse code
Merge "Add roles when we create groups"
Jenkins authored on 2015/04/04 01:18:30Showing 2 changed files
| ... | ... |
@@ -768,6 +768,27 @@ function get_or_add_user_project_role {
|
| 768 | 768 |
echo $user_role_id |
| 769 | 769 |
} |
| 770 | 770 |
|
| 771 |
+# Gets or adds group role to project |
|
| 772 |
+# Usage: get_or_add_group_project_role <role> <group> <project> |
|
| 773 |
+function get_or_add_group_project_role {
|
|
| 774 |
+ # Gets group role id |
|
| 775 |
+ local group_role_id=$(openstack role list \ |
|
| 776 |
+ --group $2 \ |
|
| 777 |
+ --project $3 \ |
|
| 778 |
+ --column "ID" \ |
|
| 779 |
+ --column "Name" \ |
|
| 780 |
+ | grep " $1 " | get_field 1) |
|
| 781 |
+ if [[ -z "$group_role_id" ]]; then |
|
| 782 |
+ # Adds role to group |
|
| 783 |
+ group_role_id=$(openstack role add \ |
|
| 784 |
+ $1 \ |
|
| 785 |
+ --group $2 \ |
|
| 786 |
+ --project $3 \ |
|
| 787 |
+ | grep " id " | get_field 2) |
|
| 788 |
+ fi |
|
| 789 |
+ echo $group_role_id |
|
| 790 |
+} |
|
| 791 |
+ |
|
| 771 | 792 |
# Gets or creates service |
| 772 | 793 |
# Usage: get_or_create_service <name> <type> <description> |
| 773 | 794 |
function get_or_create_service {
|
| ... | ... |
@@ -366,6 +366,12 @@ function configure_keystone_extensions {
|
| 366 | 366 |
# demo demo Member, anotherrole |
| 367 | 367 |
# invisible_to_admin demo Member |
| 368 | 368 |
|
| 369 |
+# Group Users Roles Tenant |
|
| 370 |
+# ------------------------------------------------------------------ |
|
| 371 |
+# admins admin admin admin |
|
| 372 |
+# nonadmin demo Member, anotherrole demo |
|
| 373 |
+ |
|
| 374 |
+ |
|
| 369 | 375 |
# Migrated from keystone_data.sh |
| 370 | 376 |
function create_keystone_accounts {
|
| 371 | 377 |
|
| ... | ... |
@@ -407,8 +413,14 @@ function create_keystone_accounts {
|
| 407 | 407 |
get_or_add_user_project_role $another_role $demo_user $demo_tenant |
| 408 | 408 |
get_or_add_user_project_role $member_role $demo_user $invis_tenant |
| 409 | 409 |
|
| 410 |
- get_or_create_group "developers" "default" "openstack developers" |
|
| 411 |
- get_or_create_group "testers" "default" |
|
| 410 |
+ local admin_group=$(get_or_create_group "admins" \ |
|
| 411 |
+ "default" "openstack admin group") |
|
| 412 |
+ local non_admin_group=$(get_or_create_group "nonadmins" \ |
|
| 413 |
+ "default" "non-admin group") |
|
| 414 |
+ |
|
| 415 |
+ get_or_add_group_project_role $member_role $non_admin_group $demo_tenant |
|
| 416 |
+ get_or_add_group_project_role $another_role $non_admin_group $demo_tenant |
|
| 417 |
+ get_or_add_group_project_role $admin_role $admin_group $admin_tenant |
|
| 412 | 418 |
|
| 413 | 419 |
# Keystone |
| 414 | 420 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |