RDO tickets are now tracked in Jira https://issues.redhat.com/projects/RDO/issues/
Bug 984815 - keystone : there is no indication if keystone user-role-add succeeded or not .
Summary: keystone : there is no indication if keystone user-role-add succeeded or not .
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: RDO
Classification: Community
Component: openstack-keystone
Version: unspecified
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: ---
Assignee: Adam Young
QA Contact: Ami Jeain
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-07-16 06:12 UTC by Oded Ramraz
Modified: 2016-04-26 17:23 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2015-03-18 19:30:41 UTC
Embargoed:


Attachments (Terms of Use)

Description Oded Ramraz 2013-07-16 06:12:55 UTC
Description of problem:

When I add a role to user on a specific tenant I get no indication if the operation succeeded or not . 
I prefer to get an object which represent the user details or alternately to get a message : "user role has been added successfully" or something similar . 

See additional information for more details . 

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:


[root@aqua-vds10 ~(keystone_admin)]# keystone user-list
+----------------------------------+---------+---------+-------------------+
|                id                |   name  | enabled |       email       |
+----------------------------------+---------+---------+-------------------+
| 5a5fee70ab7d4cab9bc93ca1bb65092c |  admin  |   True  |   test   |
| baeaba899b644f5db1ec68ccb4c14867 |  alice  |   True  | alice |
| 2770f42c57c74f678cb10e1c007bf78b |  cinder |   True  |  cinder@localhost |
| ea1c55f1e09141df81bd474dc0fb71db |  glance |   True  |  glance@localhost |
| 3885924867dd4a37978931fa293709ae |   nova  |   True  |   nova@localhost  |
| 7fb99e00501d42099b3dabfc20b3caec | quantum |   True  | quantum@localhost |
+----------------------------------+---------+---------+-------------------+
[root@aqua-vds10 ~(keystone_admin)]# keystone role-list
+----------------------------------+--------------+
|                id                |     name     |
+----------------------------------+--------------+
| 39ab475f8d364d7daa7e257bc97922f1 |    Member    |
| 9fe2ff9ee4384b1894a90878d3e92bab |   _member_   |
| 10a5365539434f96b7cb9a147739e294 |    admin     |
| 0c56d49148a6466f9aa6c349642f3316 | compute-user |
+----------------------------------+--------------+

[root@aqua-vds10 ~(keystone_admin)]# keystone tenant-list
+----------------------------------+----------+---------+
|                id                |   name   | enabled |
+----------------------------------+----------+---------+
| 50bed28de0cf4a94abb08b25bcee656a |   acme   |   True  |
| ebe2b14c28714976823150a0516b675b |  admin   |   True  |
| db2c4517468448349b9f96d4fc5c7d84 | services |   True  |
+----------------------------------+----------+---------+


## adding the user role first time 


[root@aqua-vds10 ~(keystone_admin)]# keystone user-role-add --user=baeaba899b644f5db1ec68ccb4c14867 --role=0c56d49148a6466f9aa6c349642f3316 --tenant-id=50bed28de0cf4a94abb08b25bcee656a
[root@aqua-vds10 ~(keystone_admin)]# 

## adding the user role second time


[root@aqua-vds10 ~(keystone_admin)]# keystone user-role-add --user=baeaba899b644f5db1ec68ccb4c14867 --role=0c56d49148a6466f9aa6c349642f3316 --tenant-id=50bed28de0cf4a94abb08b25bcee656a
Unable to communicate with identity service: {"error": {"message": "Conflict occurred attempting to store role grant. User baeaba899b644f5db1ec68ccb4c14867 already has role 0c56d49148a6466f9aa6c349642f3316 in tenant 50bed28de0cf4a94abb08b25bcee656a", "code": 409, "title": "Conflict"}}. (HTTP 409)

Comment 1 Adam Young 2013-08-27 20:34:20 UTC
Please file this as upstream bug with status of wishlist and link to report here.  We will link to the upstream target milestone.


Note You need to log in before you can comment on or make changes to this bug.