X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;ds=sidebyside;f=nfvbench%2Fcredentials.py;h=d9a67e6700e06b862142391ee359bc49158abd44;hb=95f2491ed89ac99b0d8bd006b4a13cbeb1eb96ce;hp=530ad695267963befabc79199dd3029c400f817e;hpb=58d63a026082a7e3207e409d51e919f959627e56;p=nfvbench.git diff --git a/nfvbench/credentials.py b/nfvbench/credentials.py index 530ad69..d9a67e6 100644 --- a/nfvbench/credentials.py +++ b/nfvbench/credentials.py @@ -21,7 +21,7 @@ import getpass from keystoneauth1.identity import v2 from keystoneauth1.identity import v3 from keystoneauth1 import session -from log import LOG +from .log import LOG class Credentials(object): @@ -106,6 +106,7 @@ class Credentials(object): self.rc_project_domain_name = None self.rc_project_name = None self.rc_identity_api_version = 2 + self.is_admin = False success = True if openrc_file: @@ -164,3 +165,22 @@ class Credentials(object): 'Please enter your OpenStack Password: ') if not self.rc_password: self.rc_password = "" + + # check if user has admin role in OpenStack project + filter = {'service_type': 'identity', + 'interface': 'public', + 'region_name': self.rc_region_name} + try: + # /users URL returns exception (HTTP 403) if user is not admin. + # try first without the version in case session already has it in + # Return HTTP 200 if user is admin + self.get_session().get('/users', endpoint_filter=filter) + self.is_admin = True + except Exception as e: + try: + # vX/users URL returns exception (HTTP 403) if user is not admin. + self.get_session().get('/v' + str(self.rc_identity_api_version) + '/users', + endpoint_filter=filter) + self.is_admin = True + except Exception as e: + LOG.warning("User is not admin, no permission to list user roles. Exception: %s", e)