From 875a67aa69e17d49e2cca40857b76b46dc639657 Mon Sep 17 00:00:00 2001 From: Mark McLoughlin Date: Fri, 30 Mar 2012 12:17:48 +0100 Subject: Make import_nova_auth only create roles which don't already exist Fixes bug #969088 If a role already exists, there's no particular need for import_nova_auth to barf. Instead, we should just use the existing role. Change-Id: I18ae38af62b4c2b2423e20e436611fc30f844ae1 --- keystone/common/sql/nova.py | 5 ++++- tests/test_migrate_nova_auth.py | 9 +++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/keystone/common/sql/nova.py b/keystone/common/sql/nova.py index 2f05fe82..01b14d98 100644 --- a/keystone/common/sql/nova.py +++ b/keystone/common/sql/nova.py @@ -85,8 +85,11 @@ def _create_memberships(api, memberships, user_map, tenant_map): def _create_roles(api, roles): - role_map = {} + role_map = dict((r['name'], r['id']) for r in api.list_roles()) for role in roles: + if role in role_map: + LOG.debug('Ignoring existing role %s' % role) + continue role_dict = { 'id': _generate_uuid(), 'name': role, diff --git a/tests/test_migrate_nova_auth.py b/tests/test_migrate_nova_auth.py index 1be59b17..76b4a600 100644 --- a/tests/test_migrate_nova_auth.py +++ b/tests/test_migrate_nova_auth.py @@ -14,6 +14,8 @@ # License for the specific language governing permissions and limitations # under the License. +import uuid + from keystone.common.sql import nova from keystone.common.sql import util as sql_util from keystone import config @@ -73,7 +75,14 @@ class MigrateNovaAuth(test.TestCase): self.identity_api = identity_sql.Identity() self.ec2_api = ec2_sql.Ec2() + def _create_role(self, role_name): + role_id = uuid.uuid4().hex + role_dict = {'id': role_id, 'name': role_name} + self.identity_api.create_role(role_id, role_dict) + def test_import(self): + self._create_role('role1') + nova.import_auth(FIXTURE) users = {} -- cgit