parent
79fdc2190a
commit
737da1853e
1 changed files with 7 additions and 6 deletions
|
@ -41,8 +41,8 @@ options:
|
||||||
If you are using keystone version 2, then this value is required.
|
If you are using keystone version 2, then this value is required.
|
||||||
domain:
|
domain:
|
||||||
description:
|
description:
|
||||||
- ID of the domain to scope the role association to. Valid only with
|
- Name or ID of the domain to scope the role association to. Valid only
|
||||||
keystone version 3, and required if I(project) is not specified.
|
with keystone version 3, and required if I(project) is not specified.
|
||||||
state:
|
state:
|
||||||
description:
|
description:
|
||||||
- Should the roles be present or absent on the user.
|
- Should the roles be present or absent on the user.
|
||||||
|
@ -137,7 +137,7 @@ def main():
|
||||||
filters['role'] = r['id']
|
filters['role'] = r['id']
|
||||||
|
|
||||||
if domain:
|
if domain:
|
||||||
d = cloud.get_domain(domain)
|
d = cloud.get_domain(name_or_id=domain)
|
||||||
if d is None:
|
if d is None:
|
||||||
module.fail_json(msg="Domain %s is not valid" % domain)
|
module.fail_json(msg="Domain %s is not valid" % domain)
|
||||||
filters['domain'] = d['id']
|
filters['domain'] = d['id']
|
||||||
|
@ -155,6 +155,7 @@ def main():
|
||||||
if g is None:
|
if g is None:
|
||||||
module.fail_json(msg="Group %s is not valid" % group)
|
module.fail_json(msg="Group %s is not valid" % group)
|
||||||
filters['group'] = g['id']
|
filters['group'] = g['id']
|
||||||
|
domain_id = None
|
||||||
if project:
|
if project:
|
||||||
if domain:
|
if domain:
|
||||||
p = cloud.get_project(project, domain_id=filters['domain'])
|
p = cloud.get_project(project, domain_id=filters['domain'])
|
||||||
|
@ -162,7 +163,7 @@ def main():
|
||||||
# filter. Once we identified the project (using the domain as
|
# filter. Once we identified the project (using the domain as
|
||||||
# a filter criteria), we need to remove the domain itself from
|
# a filter criteria), we need to remove the domain itself from
|
||||||
# the filters list.
|
# the filters list.
|
||||||
filters.pop('domain')
|
domain_id = filters.pop('domain')
|
||||||
else:
|
else:
|
||||||
p = cloud.get_project(project)
|
p = cloud.get_project(project)
|
||||||
|
|
||||||
|
@ -179,13 +180,13 @@ def main():
|
||||||
|
|
||||||
if state == 'present':
|
if state == 'present':
|
||||||
if not assignment:
|
if not assignment:
|
||||||
kwargs = _build_kwargs(user, group, project, domain)
|
kwargs = _build_kwargs(user, group, project, domain_id)
|
||||||
cloud.grant_role(role, **kwargs)
|
cloud.grant_role(role, **kwargs)
|
||||||
changed = True
|
changed = True
|
||||||
|
|
||||||
elif state == 'absent':
|
elif state == 'absent':
|
||||||
if assignment:
|
if assignment:
|
||||||
kwargs = _build_kwargs(user, group, project, domain)
|
kwargs = _build_kwargs(user, group, project, domain_id)
|
||||||
cloud.revoke_role(role, **kwargs)
|
cloud.revoke_role(role, **kwargs)
|
||||||
changed = True
|
changed = True
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue