diff options
author | Jenkins <jenkins@review.openstack.org> | 2013-08-10 00:43:16 +0000 |
---|---|---|
committer | Gerrit Code Review <review@openstack.org> | 2013-08-10 00:43:16 +0000 |
commit | ecb62d3ec07c23d9f02227bd0873e5c4115f7324 (patch) | |
tree | acd13c274b8930564304f93ca7029f21079bdd04 /keystone/assignment | |
parent | f1cc2255afe33b6faf0db287f011ee304e70057c (diff) | |
parent | 5977b9f2f08ea6e984bebdd17953550adb80df84 (diff) | |
download | keystone-ecb62d3ec07c23d9f02227bd0873e5c4115f7324.tar.gz keystone-ecb62d3ec07c23d9f02227bd0873e5c4115f7324.tar.xz keystone-ecb62d3ec07c23d9f02227bd0873e5c4115f7324.zip |
Merge "Create default role on demand"
Diffstat (limited to 'keystone/assignment')
-rw-r--r-- | keystone/assignment/core.py | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/keystone/assignment/core.py b/keystone/assignment/core.py index 64edb3fa..0a2ee681 100644 --- a/keystone/assignment/core.py +++ b/keystone/assignment/core.py @@ -178,9 +178,23 @@ class Manager(manager.Manager): keystone.exception.UserNotFound """ - self.driver.add_role_to_user_and_project(user_id, - tenant_id, - config.CONF.member_role_id) + try: + self.driver.add_role_to_user_and_project( + user_id, + tenant_id, + config.CONF.member_role_id) + except exception.RoleNotFound: + LOG.info(_("Creating the default role %s " + "because it does not exist.") % + config.CONF.member_role_id) + role = {'id': CONF.member_role_id, + 'name': CONF.member_role_name} + self.driver.create_role(config.CONF.member_role_id, role) + #now that default role exists, the add should succeed + self.driver.add_role_to_user_and_project( + user_id, + tenant_id, + config.CONF.member_role_id) def remove_user_from_project(self, tenant_id, user_id): """Remove user from a tenant |