Wired up admin api for user roles

author: Devin Carlen <devin.carlen@gmail.com> 2010-08-10 18:46:49 -0700
committer: Devin Carlen <devin.carlen@gmail.com> 2010-08-10 18:46:49 -0700
commit: 253cc1f683dfcfe75b1a5c1eb3a93f07e85bb041 (patch)
tree: 4b414e62812e2da394e0cad260a6540c0638873e /nova/endpoint
parent: ce683104ace24e986f6c4b911ff63952355235f0 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/nova/endpoint/admin.py b/nova/endpoint/admin.py
index c4b8c05ca..a3114c0a3 100644
--- a/nova/endpoint/admin.py
+++ b/nova/endpoint/admin.py
@@ -103,6 +103,19 @@ class AdminController(object):
         return True
 
     @admin_only
+    def describe_roles(self, context, project_roles=True, **kwargs):
+        """Returns a list of allowed roles."""
+        return manager.AuthManager().get_roles(project_roles)
+
+    @admin_only
+    def describe_user_roles(self, context, user, project=None, **kwargs):
+        """Returns a list of roles for the given user.
+           Omitting project will return any global roles that the user has.
+           Specifying project will return only project specific roles.
+        """
+        return manager.AuthManager().get_user_roles(user, project=project)
+
+    @admin_only
     def modify_user_role(self, context, user, role, project=None,
                          operation='add', **kwargs):
         """Add or remove a role for a user and project."""
author	Devin Carlen <devin.carlen@gmail.com>	2010-08-10 18:46:49 -0700
committer	Devin Carlen <devin.carlen@gmail.com>	2010-08-10 18:46:49 -0700
commit	253cc1f683dfcfe75b1a5c1eb3a93f07e85bb041 (patch)
tree	4b414e62812e2da394e0cad260a6540c0638873e /nova/endpoint
parent	ce683104ace24e986f6c4b911ff63952355235f0 (diff)