openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #11114
Re: Keystone API question
The philosophy in essex is that it's meaningless for a user to have a role
without that role being applied to a tenant, so the call that's implemented
is:
GET /tenants/{tenant_id}/users/{user_id}/roles
Calling this instead should get you an HTTP 501 stating "User roles not
supported: tenant ID required".
GET /users/{user_id}/roles
Also, the term "roleRefs" was deprecated late in the diablo cycle (AFAIK)
in favor of "roles".
-Dolph
On Wed, May 2, 2012 at 3:44 PM, Luis Gervaso <luis@xxxxxxxxx> wrote:
> Hi,
>
> In Diablo was:
>
> GET /users/{user_id}/roleRefs
>
> In Essex it is maintained for compatibility reasons. I understand that
> this is the obsolete now.
>
> I can find:
>
> PUT & DELETE /users/{user_id}/roles/OS-KSADM/{role_id}
>
> How can get all the roles having a user_id?
>
> GET /users/{user_id}/roles (i can't find this on stable/essex)
>
> Returning role list with tenant associated
>
> Another option that would work for me is:
>
> GET /users/{user_id}/tenants
>
> Returning tenant list with role list associated per tenant
>
>
> When i GET /user/{user_id} i obtain only this info
>
> {"user": {"name": "admin", "enabled": true, "email": "admin@xxxxxxxxxxx",
> "id": "ef1e63df85b641d7bf3c575bb8670cef", "tenantId": null}}
>
> Regards
>
> --
> -------------------------------------------
> Luis Alberto Gervaso Martin
> Woorea Solutions, S.L
> CEO & CTO
> mobile: (+34) 627983344
> luis@ <luis.gervaso@xxxxxxxxx>woorea.es
>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
>
Follow ups
References