From 6f7847f5917a80d224031bb92b63530fe4965734 Mon Sep 17 00:00:00 2001 From: fmenguy Date: Wed, 9 Jan 2019 11:22:50 +0100 Subject: NFVBENCH-120 No admin support patch Change-Id: Iaaf29e4eb439243348e955e796b6f951c184ee19 Signed-off-by: fmenguy --- nfvbench/credentials.py | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'nfvbench/credentials.py') diff --git a/nfvbench/credentials.py b/nfvbench/credentials.py index 530ad69..b3e4a04 100644 --- a/nfvbench/credentials.py +++ b/nfvbench/credentials.py @@ -21,6 +21,8 @@ import getpass from keystoneauth1.identity import v2 from keystoneauth1.identity import v3 from keystoneauth1 import session +from keystoneclient import client +from keystoneclient import utils from log import LOG @@ -106,6 +108,7 @@ class Credentials(object): self.rc_project_domain_name = None self.rc_project_name = None self.rc_identity_api_version = 2 + self.is_admin = False success = True if openrc_file: @@ -164,3 +167,15 @@ class Credentials(object): 'Please enter your OpenStack Password: ') if not self.rc_password: self.rc_password = "" + + # check if user has admin role in OpenStack project + try: + keystone = client.Client(session=self.get_session()) + user = utils.find_resource(keystone.users, self.rc_username) + project = utils.find_resource(keystone.projects, self.rc_project_name) + roles = keystone.roles.list(user=user.id, project=project.id) + for role in roles: + if role.name == 'admin': + self.is_admin = True + except Exception: + LOG.warning("User is not admin, no permission to list user roles") -- cgit 1.2.3-korg