openstack team mailing list archive

Thread
Date

Re: Keystone database (using latest devstack)

To: Jason Hedden <jhedden@xxxxxxxxxxx>
From: Michael Basnight <mbasnight@xxxxxxxxx>
Date: Fri, 9 Mar 2012 10:10:18 -0600
Cc: Andy Smith <andyster@xxxxxxxxx>, "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <347B685E-C77F-4847-B78F-752D71E69D03@mcs.anl.gov>

So disregarding the talk of optimization (much smarter people than i can argue that), is what you guys need as simple as listing the roles for a user? Keystone itself provides the curl stmt below. Seems very easy to add into keystone client if this is all you need.

http://localhost:35357/v2.0/users/UserID/roleRefs

(where for me UserID is f4d42fa3fb9946d084299d3e867bda41 in my devstack install for admin)

returning something like below.

{
    "roles": [
        {
            "id": "roleId=e6b1d3ee035d4f50a7757a03535d959b&userId=f4d42fa3fb9946d084299d3e867bda41&tenantId=885883dd827d4c90a3740562d7a3630b", 
            "roleId": "e6b1d3ee035d4f50a7757a03535d959b", 
            "tenantId": "885883dd827d4c90a3740562d7a3630b", 
            "userId": "f4d42fa3fb9946d084299d3e867bda41"
        }, 
        {
            "id": "roleId=c30c5ea15e514caf81ea8dc08be69792&userId=f4d42fa3fb9946d084299d3e867bda41&tenantId=885883dd827d4c90a3740562d7a3630b", 
            "roleId": "c30c5ea15e514caf81ea8dc08be69792", 
            "tenantId": "885883dd827d4c90a3740562d7a3630b", 
            "userId": "f4d42fa3fb9946d084299d3e867bda41"
        }, 
        {
            "id": "roleId=1fd81b77f7f64b97b053986ec3004c70&userId=f4d42fa3fb9946d084299d3e867bda41&tenantId=885883dd827d4c90a3740562d7a3630b", 
            "roleId": "1fd81b77f7f64b97b053986ec3004c70", 
            "tenantId": "885883dd827d4c90a3740562d7a3630b", 
            "userId": "f4d42fa3fb9946d084299d3e867bda41"
        }, 
        {
            "id": "roleId=c30c5ea15e514caf81ea8dc08be69792&userId=f4d42fa3fb9946d084299d3e867bda41&tenantId=b8504cc7c5a24b8b80f05065a80abf36", 
            "roleId": "c30c5ea15e514caf81ea8dc08be69792", 
            "tenantId": "b8504cc7c5a24b8b80f05065a80abf36", 
            "userId": "f4d42fa3fb9946d084299d3e867bda41"
        }
    ]
}

On Mar 8, 2012, at 7:48 PM, Jason Hedden wrote:

> 
> 
> On Mar 8, 2012, at 6:12 PM, Andy Smith <andyster@xxxxxxxxx> wrote:
> 
>> 
>> I came across this while trying to list the roles assigned to users, which I still don't know how to do via the keystone client utility. Is this even possible?
>> 
>> Well, to clarify that statement a bit, roles exist on user-tenant pairs, so you would list the roles for a user-tenant pair.
> 
> How?  I wasn't able to find a way using the keystone client tools.
> 
> Thanks, 
> Jason
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp

References

Keystone database (using latest devstack)
From: Jason Hedden, 2012-03-08
Re: Keystone database (using latest devstack)
From: Andy Smith, 2012-03-09
Re: Keystone database (using latest devstack)
From: Jason Hedden, 2012-03-09