diff options
Diffstat (limited to 'keystone')
-rw-r--r-- | keystone/identity/backends/kvs.py | 3 | ||||
-rw-r--r-- | keystone/identity/backends/sql.py | 3 | ||||
-rw-r--r-- | keystone/identity/core.py | 13 |
3 files changed, 13 insertions, 6 deletions
diff --git a/keystone/identity/backends/kvs.py b/keystone/identity/backends/kvs.py index 7efc7ab5..95286a9f 100644 --- a/keystone/identity/backends/kvs.py +++ b/keystone/identity/backends/kvs.py @@ -97,8 +97,7 @@ class Identity(kvs.Base, identity.Driver): return self.db.get('metadata-%s-%s' % (tenant_id, user_id)) or {} def get_role(self, role_id): - role_ref = self.db.get('role-%s' % role_id) - return role_ref + return self.db.get('role-%s' % role_id) def list_users(self): user_ids = self.db.get('user_list', []) diff --git a/keystone/identity/backends/sql.py b/keystone/identity/backends/sql.py index 16cfb5fd..00dedcba 100644 --- a/keystone/identity/backends/sql.py +++ b/keystone/identity/backends/sql.py @@ -210,8 +210,7 @@ class Identity(sql.Base, identity.Driver): def get_role(self, role_id): session = self.get_session() - role_ref = session.query(Role).filter_by(id=role_id).first() - return role_ref + return session.query(Role).filter_by(id=role_id).first() def list_users(self): session = self.get_session() diff --git a/keystone/identity/core.py b/keystone/identity/core.py index a99671d6..f8af897f 100644 --- a/keystone/identity/core.py +++ b/keystone/identity/core.py @@ -425,7 +425,15 @@ class RoleController(wsgi.Application): """ if tenant_id is None: raise exception.NotImplemented(message='User roles not supported: ' - 'tenant_id required') + 'tenant ID required') + + user = self.identity_api.get_user(context, user_id) + if user is None: + raise exception.UserNotFound(user_id=user_id) + tenant = self.identity_api.get_tenant(context, tenant_id) + if tenant is None: + raise exception.TenantNotFound(tenant_id=tenant_id) + roles = self.identity_api.get_roles_for_user_and_tenant( context, user_id, tenant_id) return {'roles': [self.identity_api.get_role(context, x) @@ -449,7 +457,8 @@ class RoleController(wsgi.Application): def delete_role(self, context, role_id): self.assert_admin(context) - role_ref = self.identity_api.delete_role(context, role_id) + self.get_role(context, role_id) + self.identity_api.delete_role(context, role_id) def get_roles(self, context): self.assert_admin(context) |