diff options
| author | Jesse Andrews <anotherjesse@gmail.com> | 2011-06-09 19:02:12 -0700 |
|---|---|---|
| committer | Jesse Andrews <anotherjesse@gmail.com> | 2011-06-09 19:02:12 -0700 |
| commit | cfce057aaa01ed72bd84d53fe6e64b2e0f912f75 (patch) | |
| tree | d4599b4e6fdce8fade91e6ae3a5e20d6eff411f8 | |
| parent | 6ff079a458d32b462c3660f7ac1f39f93cddf48c (diff) | |
| download | keystone-cfce057aaa01ed72bd84d53fe6e64b2e0f912f75.tar.gz keystone-cfce057aaa01ed72bd84d53fe6e64b2e0f912f75.tar.xz keystone-cfce057aaa01ed72bd84d53fe6e64b2e0f912f75.zip | |
set nova admin role if keystone user has "Admin" role
| -rw-r--r-- | keystone/auth_protocols/nova_auth_token.py | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/keystone/auth_protocols/nova_auth_token.py b/keystone/auth_protocols/nova_auth_token.py index e9d61b74..3a3221ec 100644 --- a/keystone/auth_protocols/nova_auth_token.py +++ b/keystone/auth_protocols/nova_auth_token.py @@ -61,6 +61,9 @@ class KeystoneAuthShim(wsgi.Middleware): user_ref = self.auth.get_user(user_id) except: user_ref = self.auth.create_user(user_id) + # set admin if user has admin role + if user_ref.is_admin() != (req.headers.get('X_ROLE', None) == 'Admin'): + self.auth.modify_user(user_ref, admin=req.headers.get('X_ROLE') == 'Admin') project_id = req.headers['X_TENANT'] try: project_ref = self.auth.get_project(project_id) |