def create_role(name, user=None, tenant=None):
"""Creates a role if it doesn't already exist. grants role to user"""
import manager
manager = manager.KeystoneManager(endpoint=get_local_endpoint(), token=get_admin_token())
roles = [r._info for r in manager.api.roles.list()]
if not roles or name not in [r['name'] for r in roles]: manager.api.roles.create(name=name) log("Created new role '%s'" % name, level=DEBUG)
else:
log("A role named '%s' already exists" % name, level=DEBUG)
Keystoneclient returns role names as created = however it will throw a conflict if you try to create a role with different capitalization:
Code snippet:
def create_role(name, user=None, tenant=None): KeystoneManager (endpoint= get_local_ endpoint( ),
token= get_admin_ token() ) api.roles. list()]
manager. api.roles. create( name=name)
log("Created new role '%s'" % name, level=DEBUG)
"""Creates a role if it doesn't already exist. grants role to user"""
import manager
manager = manager.
roles = [r._info for r in manager.
if not roles or name not in [r['name'] for r in roles]:
else:
log("A role named '%s' already exists" % name, level=DEBUG)
Keystoneclient returns role names as created = however it will throw a conflict if you try to create a role with different capitalization:
admin
Admin
will conflict by the looks of things.