diff options
| -rwxr-xr-x | keystone/logic/service.py | 4 | ||||
| -rw-r--r-- | keystone/test/functional/test_auth.py | 3 |
2 files changed, 5 insertions, 2 deletions
diff --git a/keystone/logic/service.py b/keystone/logic/service.py index ec11cc6f..b4e3bd4c 100755 --- a/keystone/logic/service.py +++ b/keystone/logic/service.py @@ -519,12 +519,12 @@ class IdentityService(object): for drole_ref in drole_refs: drole = api.ROLE.get(drole_ref.role_id) ts.append(Role(drole_ref.role_id, drole.name, - None, drole_ref.tenant_id)) + drole.desc, None, drole_ref.tenant_id)) drole_refs = api.ROLE.ref_get_all_global_roles(duser.id) for drole_ref in drole_refs: drole = api.ROLE.get(drole_ref.role_id) ts.append(Role(drole_ref.role_id, drole.name, - None, drole_ref.tenant_id)) + drole.desc, None, drole_ref.tenant_id)) user = auth.User(duser.id, duser.name, None, None, Roles(ts, [])) diff --git a/keystone/test/functional/test_auth.py b/keystone/test/functional/test_auth.py index 6f1be303..dab20478 100644 --- a/keystone/test/functional/test_auth.py +++ b/keystone/test/functional/test_auth.py @@ -149,6 +149,9 @@ class TestServiceAuthentication(common.FunctionalTestCase): self.assertEqual(scoped['token']['tenant']['id'], tenant['id']) self.assertEqual(scoped['token']['tenant']['name'], tenant['name']) + self.assertEqual(scoped['user']['roles'][0]['id'], role['id']) + self.assertEqual(scoped['user']['roles'][0]['name'], role['name']) + self.assertEqual(scoped['user']['roles'][0]['tenantId'], tenant['id']) # And an admin should be able to validate that our new token is scoped r = self.validate_token(scoped['token']['id'], tenant['id']) |