NFVBENCH-120 No admin support patch3.0.5

Change-Id: Iaaf29e4eb439243348e955e796b6f951c184ee19
Signed-off-by: fmenguy <francoisregis.menguy@orange.com>

1 files changed, 15 insertions, 0 deletions

diff --git a/nfvbench/credentials.py b/nfvbench/credentials.py
index 530ad69..b3e4a04 100644
--- a/nfvbench/credentials.py
+++ b/nfvbench/credentials.py
@@ -21,6 +21,8 @@ import getpass
 from keystoneauth1.identity import v2
 from keystoneauth1.identity import v3
 from keystoneauth1 import session
+from keystoneclient import client
+from keystoneclient import utils
 from log import LOG
 
 
@@ -106,6 +108,7 @@ class Credentials(object):
         self.rc_project_domain_name = None
         self.rc_project_name = None
         self.rc_identity_api_version = 2
+        self.is_admin = False
         success = True
 
         if openrc_file:
@@ -164,3 +167,15 @@ class Credentials(object):
                     'Please enter your OpenStack Password: ')
         if not self.rc_password:
             self.rc_password = ""
+
+        # check if user has admin role in OpenStack project
+        try:
+            keystone = client.Client(session=self.get_session())
+            user = utils.find_resource(keystone.users, self.rc_username)
+            project = utils.find_resource(keystone.projects, self.rc_project_name)
+            roles = keystone.roles.list(user=user.id, project=project.id)
+            for role in roles:
+                if role.name == 'admin':
+                    self.is_admin = True
+        except Exception:
+            LOG.warning("User is not admin, no permission to list user roles")