We were incorrectly passing domain_id as a positional argument, causing
it to get picked up as the ignore_missing argument instead. Correct
this, fixing another bug where the look of projects or domains could be
forbidden by policy, in the process. The latter is unlikely to happen,
given endpoint lookup is typically an admin-only operation, but it's
better to be safe.
Change-Id: Idd3300040967d781b7743accd62298cb24c62872
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
The 'role_assignments_filter' identity proxy method requires either a
user or group, which defeats the entire purpose of the command when used
with this option. Use 'role_assignments' instead.
Change-Id: I8fb705c55fb4e81fa82d4a7dbe4c5bf7e1edd98a
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Closes-bug: #1616104
Currently, running ``application credential show`` on a
non-existent appcred will exit normally and display a
formatted application credential with no data, despite
the Keystone API returning a 404.
Ensure that querying a non-existent application
credential raises an exception message and an exit-code
1 to the user.
Closes-Bug: #2126565
Change-Id: I597d2d4064f1020c5ac40862ecc556f3c94b53eb
Signed-off-by: Matt Anson <matta@stackhpc.com>
"openstack project delete" command doesn't try to figure out if
other services are using specified project somehow before trying
to delete it. This patch extends command description to ensure
that this is clearly communicated to users.
Related-bug: #2118900
Change-Id: I3ae0b2a8f04d4f791cab46ccd89f400549d24ecd
Signed-off-by: Alexey Stupnikov <aleksey.stupnikov@gmail.com>
Make better use of argparse and eliminate the need for a helper in the
process.
Change-Id: Ibdc9b4bfbb4d532ddb05bce9b49bcf0580cce76d
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
This patch fixes a bug where the 'options' field was missing from
the output of the 'openstack user show' command since v7.0.0.
The issue was caused by the 'options' field not being included in
the column list in the _format_user function. This field is important
as it contains various user settings such as multi-factor authentication
configurations and password policy exemptions.
This patch:
1. Adds 'options' field to the column list in _format_user function
2. Updates all affected unit tests to include this field
3. Uses getattr() to safely handle cases where the options field may be absent
Without this fix, users cannot see important options like multi-factor
authentication settings through the CLI, which could lead to security
configuration issues being overlooked.
Closes-Bug: #2084946
Change-Id: I4319268ad4310e6164eb8e65664d73f9b32cdd78
cliff is now smarter (I9155763eee15e19eab23b48989dfcc19ea2c5d34), so we
can effectively revert change I6b4f1b793dc383856bfdf9a01514381be3cd2bf1.
We bump the dependencies to ensure this.
Change-Id: I2af19043fd66b5be0826a774baeabeac7110a4aa
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
When creating a user with the --password-prompt option, a warning is
incorrectly displayed stating that no password was supplied, even though
a password was entered. This occurs because the code checks parsed_args.password
instead of the password variable that actually stores the prompted password.
This patch fixes the issue by checking the 'password' variable
instead of 'parsed_args.password' in the warning condition. A test
case has been added to verify that no warning is displayed when
using --password-prompt and entering a password.
Closes-Bug: #2091836
Change-Id: Ib3ddc7e400ee7988f605c00db534bccc3617d982
One has been introduced since Ie5907de8d60f2f39e98f6a88227cebb2e2ff565c
merged.
Change-Id: I37f7bf58a2cbecb69b370e832e56daa310cea3b6
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
The values of these dictionaries are not used when SDK is in use,
which should soon account for all use cases. Eventually we should
probably look for plugins to return a proper class or typeddict but
that's a job for another day.
This began as a fix for in openstackclient/object/client.py which
referenced a non-existent class and quickly snowballed.
Change-Id: I7b807ec3a97124b35828ffdecbb36f6fde11e7b5
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
The fix ensures that if a user wants to set a default project,
they must also provide the project domain. If it's missing,
an explicit error message is shown, making it clear that the
project domain is required.
Also adding some unit tests by modifying respective calls.
Change-Id: Ia6e921a53da55ab1bce85a42c8160872a9d47d64
Closes-Bug: #2102146
openstacksdk's Credential expects user_id and project_id, not user and
project. Previously, we would send payloads like
{'type': 'ec2', 'blob': '{"access": "s3-user1", "secret": "s3-secret1"}'}
which Keystone would reject with
'user_id' is a required property
Change-Id: I0544bef7df9247395f0726ea075112d6ac992252
Fix the wrong value assignment which made the --user-domain option
ignored. Unit tests are updated to verify usage of domain options to
avoid further regressions.
Also drop the redundant look up of domain id to avoid unnecessary API
call.
Closes-Bug: #2085604
Change-Id: I5112b8e831fb26eb6544615277f0d3fe4f15dc5a
