Merge "Fixes LP882760.Changes to return TenantId properly as part of roles.Additional tests to support the same."

2 files changed, 5 insertions, 2 deletions

diff --git a/keystone/logic/service.py b/keystone/logic/service.py
index ec11cc6f..b4e3bd4c 100755
--- a/keystone/logic/service.py
+++ b/keystone/logic/service.py
@@ -519,12 +519,12 @@ class IdentityService(object):
             for drole_ref in drole_refs:
                 drole = api.ROLE.get(drole_ref.role_id)
                 ts.append(Role(drole_ref.role_id, drole.name,
-                    None, drole_ref.tenant_id))
+                    drole.desc, None, drole_ref.tenant_id))
         drole_refs = api.ROLE.ref_get_all_global_roles(duser.id)
         for drole_ref in drole_refs:
             drole = api.ROLE.get(drole_ref.role_id)
             ts.append(Role(drole_ref.role_id, drole.name,
-                None, drole_ref.tenant_id))
+                drole.desc, None, drole_ref.tenant_id))
 
         user = auth.User(duser.id, duser.name, None, None, Roles(ts, []))
 
diff --git a/keystone/test/functional/test_auth.py b/keystone/test/functional/test_auth.py
index 6f1be303..dab20478 100644
--- a/keystone/test/functional/test_auth.py
+++ b/keystone/test/functional/test_auth.py
@@ -149,6 +149,9 @@ class TestServiceAuthentication(common.FunctionalTestCase):
 
         self.assertEqual(scoped['token']['tenant']['id'], tenant['id'])
         self.assertEqual(scoped['token']['tenant']['name'], tenant['name'])
+        self.assertEqual(scoped['user']['roles'][0]['id'], role['id'])
+        self.assertEqual(scoped['user']['roles'][0]['name'], role['name'])
+        self.assertEqual(scoped['user']['roles'][0]['tenantId'], tenant['id'])
 
         # And an admin should be able to validate that our new token is scoped
         r = self.validate_token(scoped['token']['id'], tenant['id'])