openstack/python-openstackclient
Code Issues Proposed changes

Merge "Add assignment list to v2 identity and deprecate alternate listing"

Browse Source
This commit is contained in:
Jenkins 2016-07-23 00:04:39 +00:00 committed by Gerrit Code Review
commit a8880e8b34
11 changed files with 556 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
doc/source/command-objects/role-assignment.rst
View File

@ -2,7 +2,7 @@
role assignment role assignment
=============== ===============
Identity v3 Identity v2, v3
role assignment list role assignment list
-------------------- --------------------
@ -23,11 +23,14 @@ List role assignments
[--project-domain <project-domain>] [--project-domain <project-domain>]
[--effective] [--effective]
[--inherited] [--inherited]
[--names]
.. option:: --role <role> .. option:: --role <role>
Role to filter (name or ID) Role to filter (name or ID)
.. versionadded:: 3
.. option:: --user <user> .. option:: --user <user>
User to filter (name or ID) User to filter (name or ID)
@ -37,19 +40,27 @@ List role assignments
Domain the user belongs to (name or ID). Domain the user belongs to (name or ID).
This can be used in case collisions between user names exist. This can be used in case collisions between user names exist.
.. versionadded:: 3
.. option:: --group <group> .. option:: --group <group>
Group to filter (name or ID) Group to filter (name or ID)
.. versionadded:: 3
.. option:: --group-domain <group-domain> .. option:: --group-domain <group-domain>
Domain the group belongs to (name or ID). Domain the group belongs to (name or ID).
This can be used in case collisions between group names exist. This can be used in case collisions between group names exist.
.. versionadded:: 3
.. option:: --domain <domain> .. option:: --domain <domain>
Domain to filter (name or ID) Domain to filter (name or ID)
.. versionadded:: 3
.. option:: --project <project> .. option:: --project <project>
Project to filter (name or ID) Project to filter (name or ID)
@ -59,14 +70,29 @@ List role assignments
Domain the project belongs to (name or ID). Domain the project belongs to (name or ID).
This can be used in case collisions between project names exist. This can be used in case collisions between project names exist.
.. versionadded:: 3
.. option:: --effective .. option:: --effective
Returns only effective role assignments (defaults to False) Returns only effective role assignments (defaults to False)
.. versionadded:: 3
.. option:: --inherited .. option:: --inherited
Specifies if the role grant is inheritable to the sub projects Specifies if the role grant is inheritable to the sub projects
.. versionadded:: 3
.. option:: --names .. option:: --names
Returns role assignments with names instead of IDs Returns role assignments with names instead of IDs
.. option:: --auth-user
Returns role assignments for the authenticated user.
.. option:: --auth-project
Returns role assignments for the project to which the authenticated user
is scoped.

20
doc/source/command-objects/role.rst
View File

@ -7,7 +7,7 @@ Identity v2, v3
role add role add
-------- --------
Add role to a user or group in a project or domain Add role assignment to a user or group in a project or domain
.. program:: role add .. program:: role add
.. code:: bash .. code:: bash
@ -123,31 +123,33 @@ List roles
Filter roles by <domain> (name or ID) Filter roles by <domain> (name or ID)
.. versionadded:: 3 (Deprecated, please use ``role assignment list`` instead)
.. option:: --project <project> .. option:: --project <project>
Filter roles by <project> (name or ID) Filter roles by <project> (name or ID)
.. versionadded:: 3 (Deprecated, please use ``role assignment list`` instead)
.. option:: --user <user> .. option:: --user <user>
Filter roles by <user> (name or ID) Filter roles by <user> (name or ID)
.. versionadded:: 3 (Deprecated, please use ``role assignment list`` instead)
.. option:: --group <group> .. option:: --group <group>
Filter roles by <group> (name or ID) Filter roles by <group> (name or ID)
.. versionadded:: 3 (Deprecated, please use ``role assignment list`` instead)
.. option:: --user-domain <user-domain> .. option:: --user-domain <user-domain>
Domain the user belongs to (name or ID). Domain the user belongs to (name or ID).
This can be used in case collisions between user names exist. This can be used in case collisions between user names exist.
(Deprecated, please use ``role assignment list`` instead)
.. versionadded:: 3 .. versionadded:: 3
.. option:: --group-domain <group-domain> .. option:: --group-domain <group-domain>
@ -155,6 +157,8 @@ List roles
Domain the group belongs to (name or ID). Domain the group belongs to (name or ID).
This can be used in case collisions between group names exist. This can be used in case collisions between group names exist.
(Deprecated, please use ``role assignment list`` instead)
.. versionadded:: 3 .. versionadded:: 3
.. option:: --project-domain <project-domain> .. option:: --project-domain <project-domain>
@ -162,18 +166,22 @@ List roles
Domain the project belongs to (name or ID). Domain the project belongs to (name or ID).
This can be used in case collisions between project names exist. This can be used in case collisions between project names exist.
(Deprecated, please use ``role assignment list`` instead)
.. versionadded:: 3 .. versionadded:: 3
.. option:: --inherited .. option:: --inherited
Specifies if the role grant is inheritable to the sub projects. Specifies if the role grant is inheritable to the sub projects.
(Deprecated, please use ``role assignment list`` instead)
.. versionadded:: 3 .. versionadded:: 3
role remove role remove
----------- -----------
Remove role from domain/project : user/group Remove role assignment from domain/project : user/group
.. program:: role remove .. program:: role remove
.. code:: bash .. code:: bash

16
openstackclient/identity/v2_0/role.py
View File

@ -150,6 +150,15 @@ class ListRole(command.Lister):
return parser return parser
def take_action(self, parsed_args): def take_action(self, parsed_args):
def _deprecated():
# NOTE(henry-nash): Deprecated as of Newton, so we should remove
# this in the 'P' release.
self.log.warning(_('Listing assignments using role list is '
'deprecated as of the Newton release. Use role '
'assignment list --user <user-name> --project '
'<project-name> --names instead.'))
identity_client = self.app.client_manager.identity identity_client = self.app.client_manager.identity
auth_ref = self.app.client_manager.auth_ref auth_ref = self.app.client_manager.auth_ref
@ -166,6 +175,7 @@ class ListRole(command.Lister):
identity_client.projects, identity_client.projects,
parsed_args.project, parsed_args.project,
) )
_deprecated()
data = identity_client.roles.roles_for_user(user.id, project.id) data = identity_client.roles.roles_for_user(user.id, project.id)
elif parsed_args.user: elif parsed_args.user:
@ -181,6 +191,7 @@ class ListRole(command.Lister):
else: else:
msg = _("Project must be specified") msg = _("Project must be specified")
raise exceptions.CommandError(msg) raise exceptions.CommandError(msg)
_deprecated()
data = identity_client.roles.roles_for_user(user.id, project.id) data = identity_client.roles.roles_for_user(user.id, project.id)
elif parsed_args.project: elif parsed_args.project:
project = utils.find_resource( project = utils.find_resource(
@ -195,6 +206,7 @@ class ListRole(command.Lister):
else: else:
msg = _("User must be specified") msg = _("User must be specified")
raise exceptions.CommandError(msg) raise exceptions.CommandError(msg)
_deprecated()
data = identity_client.roles.roles_for_user(user.id, project.id) data = identity_client.roles.roles_for_user(user.id, project.id)
if parsed_args.user or parsed_args.project: if parsed_args.user or parsed_args.project:
@ -249,6 +261,10 @@ class ListUserRole(command.Lister):
msg = _("User must be specified") msg = _("User must be specified")
raise exceptions.CommandError(msg) raise exceptions.CommandError(msg)
self.log.warning(_('Listing assignments using user role list is '
'deprecated as of the Newton release. Use role '
'assignment list --user <user-name> --project '
'<project-name> --names instead.'))
project = utils.find_resource( project = utils.find_resource(
identity_client.tenants, identity_client.tenants,
parsed_args.project, parsed_args.project,

113
openstackclient/identity/v2_0/role_assignment.py Normal file
View File

@ -0,0 +1,113 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
"""Identity v2 Assignment action implementations """
from openstackclient.common import command
from openstackclient.common import exceptions
from openstackclient.common import utils
from openstackclient.i18n import _ # noqa
class ListRoleAssignment(command.Lister):
"""List role assignments"""
def get_parser(self, prog_name):
parser = super(ListRoleAssignment, self).get_parser(prog_name)
parser.add_argument(
'--user',
metavar='<user>',
help='User to filter (name or ID)',
)
parser.add_argument(
'--project',
metavar='<project>',
help='Project to filter (name or ID)',
)
parser.add_argument(
'--names',
action="store_true",
help='Display names instead of IDs',
)
parser.add_argument(
'--auth-user',
action="store_true",
dest='authuser',
help='Only list assignments for the authenticated user',
)
parser.add_argument(
'--auth-project',
action="store_true",
dest='authproject',
help='Only list assignments for the project to which the '
'authenticated user\'s token is scoped',
)
return parser
def take_action(self, parsed_args):
identity_client = self.app.client_manager.identity
auth_ref = self.app.client_manager.auth_ref
include_names = True if parsed_args.names else False
user = None
if parsed_args.user:
user = utils.find_resource(
identity_client.users,
parsed_args.user,
)
elif parsed_args.authuser:
if auth_ref:
user = utils.find_resource(
identity_client.users,
auth_ref.user_id
)
project = None
if parsed_args.project:
project = utils.find_resource(
identity_client.projects,
parsed_args.project,
)
elif parsed_args.authproject:
if auth_ref:
project = utils.find_resource(
identity_client.projects,
auth_ref.project_id
)
# If user or project is not specified, we would ideally list all
# relevant assignments in the system (to be compatible with v3).
# However, there is no easy way of doing that in v2.
if not user or not project:
msg = _("Project and User must be specified")
raise exceptions.CommandError(msg)
else:
data = identity_client.roles.roles_for_user(user.id, project.id)
columns = ('Role', 'User', 'Project')
for user_role in data:
if include_names:
setattr(user_role, 'role', user_role.name)
user_role.user = user.name
user_role.project = project.name
else:
setattr(user_role, 'role', user_role.id)
user_role.user = user.id
user_role.project = project.id
return (columns,
(utils.get_item_properties(
s, columns,
formatters={},
) for s in data))

20
openstackclient/identity/v3/role.py
View File

@ -251,6 +251,10 @@ class ListRole(command.Lister):
for user_role in data: for user_role in data:
user_role.user = user.name user_role.user = user.name
user_role.domain = domain.name user_role.domain = domain.name
self.log.warning(_('Listing assignments using role list is '
'deprecated. Use role assignment list --user '
'<user-name> --domain <domain-name> --names '
'instead.'))
elif parsed_args.user and parsed_args.project: elif parsed_args.user and parsed_args.project:
columns = ('ID', 'Name', 'Project', 'User') columns = ('ID', 'Name', 'Project', 'User')
data = identity_client.roles.list( data = identity_client.roles.list(
@ -261,6 +265,10 @@ class ListRole(command.Lister):
for user_role in data: for user_role in data:
user_role.user = user.name user_role.user = user.name
user_role.project = project.name user_role.project = project.name
self.log.warning(_('Listing assignments using role list is '
'deprecated. Use role assignment list --user '
'<user-name> --project <project-name> --names '
'instead.'))
elif parsed_args.user: elif parsed_args.user:
columns = ('ID', 'Name') columns = ('ID', 'Name')
data = identity_client.roles.list( data = identity_client.roles.list(
@ -268,6 +276,10 @@ class ListRole(command.Lister):
domain='default', domain='default',
os_inherit_extension_inherited=parsed_args.inherited os_inherit_extension_inherited=parsed_args.inherited
) )
self.log.warning(_('Listing assignments using role list is '
'deprecated. Use role assignment list --user '
'<user-name> --domain default --names '
'instead.'))
elif parsed_args.group and parsed_args.domain: elif parsed_args.group and parsed_args.domain:
columns = ('ID', 'Name', 'Domain', 'Group') columns = ('ID', 'Name', 'Domain', 'Group')
data = identity_client.roles.list( data = identity_client.roles.list(
@ -278,6 +290,10 @@ class ListRole(command.Lister):
for group_role in data: for group_role in data:
group_role.group = group.name group_role.group = group.name
group_role.domain = domain.name group_role.domain = domain.name
self.log.warning(_('Listing assignments using role list is '
'deprecated. Use role assignment list --group '
'<group-name> --domain <domain-name> --names '
'instead.'))
elif parsed_args.group and parsed_args.project: elif parsed_args.group and parsed_args.project:
columns = ('ID', 'Name', 'Project', 'Group') columns = ('ID', 'Name', 'Project', 'Group')
data = identity_client.roles.list( data = identity_client.roles.list(
@ -288,6 +304,10 @@ class ListRole(command.Lister):
for group_role in data: for group_role in data:
group_role.group = group.name group_role.group = group.name
group_role.project = project.name group_role.project = project.name
self.log.warning(_('Listing assignments using role list is '
'deprecated. Use role assignment list --group '
'<group-name> --project <project-name> --names '
'instead.'))
else: else:
sys.stderr.write(_("Error: If a user or group is specified, " sys.stderr.write(_("Error: If a user or group is specified, "
"either --domain or --project must also be " "either --domain or --project must also be "

26
openstackclient/identity/v3/role_assignment.py
View File

@ -67,6 +67,19 @@ class ListRoleAssignment(command.Lister):
) )
common.add_project_domain_option_to_parser(parser) common.add_project_domain_option_to_parser(parser)
common.add_inherited_option_to_parser(parser) common.add_inherited_option_to_parser(parser)
parser.add_argument(
'--auth-user',
action="store_true",
dest='authuser',
help='Only list assignments for the authenticated user',
)
parser.add_argument(
'--auth-project',
action="store_true",
dest='authproject',
help='Only list assignments for the project to which the '
'authenticated user\'s token is scoped',
)
return parser return parser
def _as_tuple(self, assignment): def _as_tuple(self, assignment):
@ -75,6 +88,7 @@ class ListRoleAssignment(command.Lister):
def take_action(self, parsed_args): def take_action(self, parsed_args):
identity_client = self.app.client_manager.identity identity_client = self.app.client_manager.identity
auth_ref = self.app.client_manager.auth_ref
role = None role = None
if parsed_args.role: if parsed_args.role:
@ -90,6 +104,12 @@ class ListRoleAssignment(command.Lister):
parsed_args.user, parsed_args.user,
parsed_args.user_domain, parsed_args.user_domain,
) )
elif parsed_args.authuser:
if auth_ref:
user = common.find_user(
identity_client,
auth_ref.user_id
)
domain = None domain = None
if parsed_args.domain: if parsed_args.domain:
@ -105,6 +125,12 @@ class ListRoleAssignment(command.Lister):
parsed_args.project, parsed_args.project,
parsed_args.project_domain, parsed_args.project_domain,
) )
elif parsed_args.authproject:
if auth_ref:
project = common.find_project(
identity_client,
auth_ref.project_id
)
group = None group = None
if parsed_args.group: if parsed_args.group:

5
openstackclient/tests/identity/v2_0/fakes.py
View File

@ -50,6 +50,11 @@ ROLE = {
'name': role_name, 'name': role_name,
} }
ROLE_2 = {
'id': '2',
'name': 'bigboss',
}
service_id = '1925-10-11' service_id = '1925-10-11'
service_name = 'elmore' service_name = 'elmore'
service_description = 'Leonard, Elmore, rip' service_description = 'Leonard, Elmore, rip'

270
openstackclient/tests/identity/v2_0/test_role_assignment.py Normal file
View File

@ -0,0 +1,270 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
import copy
import mock
from openstackclient.common import exceptions
from openstackclient.identity.v2_0 import role_assignment
from openstackclient.tests import fakes
from openstackclient.tests.identity.v2_0 import fakes as identity_fakes
class TestRoleAssignment(identity_fakes.TestIdentityv2):
def setUp(self):
super(TestRoleAssignment, self).setUp()
class TestRoleAssignmentList(TestRoleAssignment):
columns = (
'Role',
'User',
'Project',
)
def setUp(self):
super(TestRoleAssignment, self).setUp()
# Get a shortcut to the UserManager Mock
self.users_mock = self.app.client_manager.identity.users
self.users_mock.reset_mock()
# Get a shortcut to the ProjectManager Mock
self.projects_mock = self.app.client_manager.identity.projects
self.projects_mock.reset_mock()
# Get a shortcut to the RoleManager Mock
self.roles_mock = self.app.client_manager.identity.roles
self.roles_mock.reset_mock()
self.projects_mock.get.return_value = fakes.FakeResource(
None,
copy.deepcopy(identity_fakes.PROJECT),
loaded=True,
)
self.users_mock.get.return_value = fakes.FakeResource(
None,
copy.deepcopy(identity_fakes.USER),
loaded=True,
)
self.roles_mock.roles_for_user.return_value = [
fakes.FakeResource(
None,
copy.deepcopy(identity_fakes.ROLE),
loaded=True,
),
]
# Get the command object to test
self.cmd = role_assignment.ListRoleAssignment(self.app, None)
def test_role_assignment_list_no_filters(self):
arglist = []
verifylist = []
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
# This argument combination should raise a CommandError
self.assertRaises(
exceptions.CommandError,
self.cmd.take_action,
parsed_args,
)
def test_role_assignment_list_only_project_filter(self):
arglist = [
'--project', identity_fakes.project_name,
]
verifylist = [
('project', identity_fakes.project_name),
]
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
# This argument combination should raise a CommandError
self.assertRaises(
exceptions.CommandError,
self.cmd.take_action,
parsed_args,
)
def test_role_assignment_list_only_user_filter(self):
arglist = [
'--user', identity_fakes.user_name,
]
verifylist = [
('user', identity_fakes.user_name),
]
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
# This argument combination should raise a CommandError
self.assertRaises(
exceptions.CommandError,
self.cmd.take_action,
parsed_args,
)
def test_role_assignment_list_project_and_user(self):
self.roles_mock.roles_for_user.return_value = [
fakes.FakeResource(
None,
copy.deepcopy(
identity_fakes.ROLE),
loaded=True,
),
fakes.FakeResource(
None,
copy.deepcopy(
identity_fakes.ROLE_2),
loaded=True,
),
]
arglist = [
'--project', identity_fakes.project_name,
'--user', identity_fakes.user_name,
]
verifylist = [
('user', identity_fakes.user_name),
('project', identity_fakes.project_name),
]
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
# In base command class Lister in cliff, abstract method take_action()
# returns a tuple containing the column names and an iterable
# containing the data to be listed.
columns, data = self.cmd.take_action(parsed_args)
self.roles_mock.roles_for_user.assert_called_with(
identity_fakes.user_id,
identity_fakes.project_id,
)
self.assertEqual(self.columns, columns)
datalist = ((
identity_fakes.role_id,
identity_fakes.user_id,
identity_fakes.project_id,
), (identity_fakes.ROLE_2['id'],
identity_fakes.user_id,
identity_fakes.project_id,
),)
self.assertEqual(datalist, tuple(data))
def test_role_assignment_list_def_creds(self):
auth_ref = self.app.client_manager.auth_ref = mock.MagicMock()
auth_ref.project_id.return_value = identity_fakes.project_id
auth_ref.user_id.return_value = identity_fakes.user_id
self.roles_mock.roles_for_user.return_value = [
fakes.FakeResource(
None,
copy.deepcopy(
identity_fakes.ROLE),
loaded=True,
),
fakes.FakeResource(
None,
copy.deepcopy(
identity_fakes.ROLE_2),
loaded=True,
),
]
arglist = [
'--auth-user',
'--auth-project',
]
verifylist = [
('authuser', True),
('authproject', True),
]
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
# In base command class Lister in cliff, abstract method take_action()
# returns a tuple containing the column names and an iterable
# containing the data to be listed.
columns, data = self.cmd.take_action(parsed_args)
self.roles_mock.roles_for_user.assert_called_with(
identity_fakes.user_id,
identity_fakes.project_id,
)
self.assertEqual(self.columns, columns)
datalist = ((
identity_fakes.role_id,
identity_fakes.user_id,
identity_fakes.project_id,
), (identity_fakes.ROLE_2['id'],
identity_fakes.user_id,
identity_fakes.project_id,
),)
self.assertEqual(datalist, tuple(data))
def test_role_assignment_list_by_name_project_and_user(self):
self.roles_mock.roles_for_user.return_value = [
fakes.FakeResource(
None,
copy.deepcopy(
identity_fakes.ROLE),
loaded=True,
),
fakes.FakeResource(
None,
copy.deepcopy(
identity_fakes.ROLE_2),
loaded=True,
),
]
arglist = [
'--project', identity_fakes.project_name,
'--user', identity_fakes.user_name,
'--names'
]
verifylist = [
('user', identity_fakes.user_name),
('project', identity_fakes.project_name),
('names', True),
]
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
# In base command class Lister in cliff, abstract method take_action()
# returns a tuple containing the column names and an iterable
# containing the data to be listed.
columns, data = self.cmd.take_action(parsed_args)
self.roles_mock.roles_for_user.assert_called_with(
identity_fakes.user_id,
identity_fakes.project_id,
)
self.assertEqual(self.columns, columns)
datalist = ((
identity_fakes.role_name,
identity_fakes.user_name,
identity_fakes.project_name,
), (identity_fakes.ROLE_2['name'],
identity_fakes.user_name,
identity_fakes.project_name,
),)
self.assertEqual(datalist, tuple(data))

60
openstackclient/tests/identity/v3/test_role_assignment.py
View File

@ -12,6 +12,7 @@
# #
import copy import copy
import mock
from openstackclient.identity.v3 import role_assignment from openstackclient.identity.v3 import role_assignment
from openstackclient.tests import fakes from openstackclient.tests import fakes
@ -374,6 +375,65 @@ class TestRoleAssignmentList(TestRoleAssignment):
),) ),)
self.assertEqual(datalist, tuple(data)) self.assertEqual(datalist, tuple(data))
def test_role_assignment_list_def_creds(self):
auth_ref = self.app.client_manager.auth_ref = mock.MagicMock()
auth_ref.project_id.return_value = identity_fakes.project_id
auth_ref.user_id.return_value = identity_fakes.user_id
self.role_assignments_mock.list.return_value = [
fakes.FakeResource(
None,
copy.deepcopy(
identity_fakes.ASSIGNMENT_WITH_PROJECT_ID_AND_USER_ID),
loaded=True,
),
]
arglist = [
'--auth-user',
'--auth-project',
]
verifylist = [
('user', None),
('group', None),
('domain', None),
('project', None),
('role', None),
('effective', False),
('inherited', False),
('names', False),
('authuser', True),
('authproject', True),
]
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
# In base command class Lister in cliff, abstract method take_action()
# returns a tuple containing the column names and an iterable
# containing the data to be listed.
columns, data = self.cmd.take_action(parsed_args)
self.role_assignments_mock.list.assert_called_with(
domain=None,
user=self.users_mock.get(),
group=None,
project=self.projects_mock.get(),
role=None,
effective=False,
os_inherit_extension_inherited_to=None,
include_names=False)
self.assertEqual(self.columns, columns)
datalist = ((
identity_fakes.role_id,
identity_fakes.user_id,
'',
identity_fakes.project_id,
'',
False
),)
self.assertEqual(datalist, tuple(data))
def test_role_assignment_list_effective(self): def test_role_assignment_list_effective(self):
self.role_assignments_mock.list.return_value = [ self.role_assignments_mock.list.return_value = [

4
releasenotes/notes/bug-1605774-28aec51f6ec4926e.yaml Normal file
View File

@ -0,0 +1,4 @@
---
features:
- Deprecate ``role list`` arguments in favor of ``role assignment`` command.
[Bug `1605774 <https://bugs.launchpad.net/python-openstackclient/+bug/1605774>`_]

1
setup.cfg
View File

@ -172,6 +172,7 @@ openstack.identity.v2 =
role_list = openstackclient.identity.v2_0.role:ListRole role_list = openstackclient.identity.v2_0.role:ListRole
role_remove = openstackclient.identity.v2_0.role:RemoveRole role_remove = openstackclient.identity.v2_0.role:RemoveRole
role_show = openstackclient.identity.v2_0.role:ShowRole role_show = openstackclient.identity.v2_0.role:ShowRole
role_assignment_list = openstackclient.identity.v2_0.role_assignment:ListRoleAssignment
service_create = openstackclient.identity.v2_0.service:CreateService service_create = openstackclient.identity.v2_0.service:CreateService
service_delete = openstackclient.identity.v2_0.service:DeleteService service_delete = openstackclient.identity.v2_0.service:DeleteService