get_or_add_user_role is specific to adding a role on a project.
Rename it to get_or_add_user_project_role to allow room for adding a
domain specific role function.
Change-Id: I999308098d22be9800578ae67144a3b687fbc3be
... | ... |
@@ -913,9 +913,9 @@ function get_or_create_role { |
913 | 913 |
echo $role_id |
914 | 914 |
} |
915 | 915 |
|
916 |
-# Gets or adds user role |
|
917 |
-# Usage: get_or_add_user_role <role> <user> <project> |
|
918 |
-function get_or_add_user_role { |
|
916 |
+# Gets or adds user role to project |
|
917 |
+# Usage: get_or_add_user_project_role <role> <user> <project> |
|
918 |
+function get_or_add_user_project_role { |
|
919 | 919 |
# Gets user role id |
920 | 920 |
local user_role_id=$(openstack role list \ |
921 | 921 |
--user $2 \ |
... | ... |
@@ -121,7 +121,7 @@ function create_ceilometer_accounts { |
121 | 121 |
fi |
122 | 122 |
if is_service_enabled swift; then |
123 | 123 |
# Ceilometer needs ResellerAdmin role to access swift account stats. |
124 |
- get_or_add_user_role "ResellerAdmin" "ceilometer" $SERVICE_TENANT_NAME |
|
124 |
+ get_or_add_user_project_role "ResellerAdmin" "ceilometer" $SERVICE_TENANT_NAME |
|
125 | 125 |
fi |
126 | 126 |
fi |
127 | 127 |
} |
... | ... |
@@ -238,7 +238,7 @@ function create_glance_accounts { |
238 | 238 |
|
239 | 239 |
local glance_swift_user=$(get_or_create_user "glance-swift" \ |
240 | 240 |
"$SERVICE_PASSWORD" "glance-swift@example.com") |
241 |
- get_or_add_user_role "ResellerAdmin" $glance_swift_user $SERVICE_TENANT_NAME |
|
241 |
+ get_or_add_user_project_role "ResellerAdmin" $glance_swift_user $SERVICE_TENANT_NAME |
|
242 | 242 |
fi |
243 | 243 |
|
244 | 244 |
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then |
... | ... |
@@ -365,7 +365,7 @@ function create_keystone_accounts { |
365 | 365 |
local admin_tenant=$(get_or_create_project "admin") |
366 | 366 |
local admin_user=$(get_or_create_user "admin" "$ADMIN_PASSWORD") |
367 | 367 |
local admin_role=$(get_or_create_role "admin") |
368 |
- get_or_add_user_role $admin_role $admin_user $admin_tenant |
|
368 |
+ get_or_add_user_project_role $admin_role $admin_user $admin_tenant |
|
369 | 369 |
|
370 | 370 |
# Create service project/role |
371 | 371 |
get_or_create_project "$SERVICE_TENANT_NAME" |
... | ... |
@@ -394,10 +394,10 @@ function create_keystone_accounts { |
394 | 394 |
local demo_user=$(get_or_create_user "demo" \ |
395 | 395 |
"$ADMIN_PASSWORD" "demo@example.com") |
396 | 396 |
|
397 |
- get_or_add_user_role $member_role $demo_user $demo_tenant |
|
398 |
- get_or_add_user_role $admin_role $admin_user $demo_tenant |
|
399 |
- get_or_add_user_role $another_role $demo_user $demo_tenant |
|
400 |
- get_or_add_user_role $member_role $demo_user $invis_tenant |
|
397 |
+ get_or_add_user_project_role $member_role $demo_user $demo_tenant |
|
398 |
+ get_or_add_user_project_role $admin_role $admin_user $demo_tenant |
|
399 |
+ get_or_add_user_project_role $another_role $demo_user $demo_tenant |
|
400 |
+ get_or_add_user_project_role $member_role $demo_user $invis_tenant |
|
401 | 401 |
|
402 | 402 |
get_or_create_group "developers" "default" "openstack developers" |
403 | 403 |
get_or_create_group "testers" "default" |
... | ... |
@@ -426,7 +426,7 @@ function create_service_user { |
426 | 426 |
local role=${2:-service} |
427 | 427 |
|
428 | 428 |
local user=$(get_or_create_user "$1" "$SERVICE_PASSWORD") |
429 |
- get_or_add_user_role "$role" "$user" "$SERVICE_TENANT_NAME" |
|
429 |
+ get_or_add_user_project_role "$role" "$user" "$SERVICE_TENANT_NAME" |
|
430 | 430 |
} |
431 | 431 |
|
432 | 432 |
# Configure the service to use the auth token middleware. |
... | ... |
@@ -383,7 +383,7 @@ function create_nova_accounts { |
383 | 383 |
if is_service_enabled swift; then |
384 | 384 |
# Nova needs ResellerAdmin role to download images when accessing |
385 | 385 |
# swift through the s3 api. |
386 |
- get_or_add_user_role ResellerAdmin nova $SERVICE_TENANT_NAME |
|
386 |
+ get_or_add_user_project_role ResellerAdmin nova $SERVICE_TENANT_NAME |
|
387 | 387 |
fi |
388 | 388 |
|
389 | 389 |
# EC2 |
... | ... |
@@ -620,18 +620,18 @@ function create_swift_accounts { |
620 | 620 |
die_if_not_set $LINENO swift_tenant_test1 "Failure creating swift_tenant_test1" |
621 | 621 |
SWIFT_USER_TEST1=$(get_or_create_user swiftusertest1 $swiftusertest1_password "test@example.com") |
622 | 622 |
die_if_not_set $LINENO SWIFT_USER_TEST1 "Failure creating SWIFT_USER_TEST1" |
623 |
- get_or_add_user_role admin $SWIFT_USER_TEST1 $swift_tenant_test1 |
|
623 |
+ get_or_add_user_project_role admin $SWIFT_USER_TEST1 $swift_tenant_test1 |
|
624 | 624 |
|
625 | 625 |
local swift_user_test3=$(get_or_create_user swiftusertest3 $swiftusertest3_password "test3@example.com") |
626 | 626 |
die_if_not_set $LINENO swift_user_test3 "Failure creating swift_user_test3" |
627 |
- get_or_add_user_role $another_role $swift_user_test3 $swift_tenant_test1 |
|
627 |
+ get_or_add_user_project_role $another_role $swift_user_test3 $swift_tenant_test1 |
|
628 | 628 |
|
629 | 629 |
local swift_tenant_test2=$(get_or_create_project swifttenanttest2) |
630 | 630 |
die_if_not_set $LINENO swift_tenant_test2 "Failure creating swift_tenant_test2" |
631 | 631 |
|
632 | 632 |
local swift_user_test2=$(get_or_create_user swiftusertest2 $swiftusertest2_password "test2@example.com") |
633 | 633 |
die_if_not_set $LINENO swift_user_test2 "Failure creating swift_user_test2" |
634 |
- get_or_add_user_role admin $swift_user_test2 $swift_tenant_test2 |
|
634 |
+ get_or_add_user_project_role admin $swift_user_test2 $swift_tenant_test2 |
|
635 | 635 |
|
636 | 636 |
local swift_domain=$(get_or_create_domain swift_test 'Used for swift functional testing') |
637 | 637 |
die_if_not_set $LINENO swift_domain "Failure creating swift_test domain" |
... | ... |
@@ -641,7 +641,7 @@ function create_swift_accounts { |
641 | 641 |
|
642 | 642 |
local swift_user_test4=$(get_or_create_user swiftusertest4 $swiftusertest4_password "test4@example.com" $swift_domain) |
643 | 643 |
die_if_not_set $LINENO swift_user_test4 "Failure creating swift_user_test4" |
644 |
- get_or_add_user_role admin $swift_user_test4 $swift_tenant_test4 |
|
644 |
+ get_or_add_user_project_role admin $swift_user_test4 $swift_tenant_test4 |
|
645 | 645 |
} |
646 | 646 |
|
647 | 647 |
# init_swift() - Initialize rings |
... | ... |
@@ -505,7 +505,7 @@ function create_tempest_accounts { |
505 | 505 |
# between two regular users in separate tenants |
506 | 506 |
get_or_create_project alt_demo |
507 | 507 |
get_or_create_user alt_demo "$ADMIN_PASSWORD" "alt_demo@example.com" |
508 |
- get_or_add_user_role Member alt_demo alt_demo |
|
508 |
+ get_or_add_user_project_role Member alt_demo alt_demo |
|
509 | 509 |
fi |
510 | 510 |
} |
511 | 511 |
|