Return current user/project for user/project show commands

Dean Troyer · Dean Troyer · commit 845de41635d7 · 2014-09-14T22:53:35.000-05:00
If non-admin user attempts 'project show' or 'user show' on the currently
authenticated project or user return the information that is already in the
service catalog rather than throwing a Forbidden error.

Change-Id: Ieeb6eacf71a471e410fbd3c09e7871740547e890
diff --git a/openstackclient/identity/v2_0/project.py b/openstackclient/identity/v2_0/project.py
@@ -22,6 +22,7 @@
 from cliff import lister
 from cliff import show
 
+from keystoneclient.openstack.common.apiclient import exceptions as ksc_exc
 from openstackclient.common import parseractions
 from openstackclient.common import utils
 
@@ -238,11 +239,28 @@ def get_parser(self, prog_name):
     def take_action(self, parsed_args):
         self.log.debug('take_action(%s)', parsed_args)
         identity_client = self.app.client_manager.identity
-        project = utils.find_resource(
-            identity_client.tenants,
-            parsed_args.project,
-        )
 
         info = {}
-        info.update(project._info)
+        try:
+            project = utils.find_resource(
+                identity_client.tenants,
+                parsed_args.project,
+            )
+            info.update(project._info)
+        except ksc_exc.Forbidden as e:
+            auth_ref = self.app.client_manager.auth_ref
+            if (
+                parsed_args.project == auth_ref.project_id or
+                parsed_args.project == auth_ref.project_name
+            ):
+                # Ask for currently auth'ed project so return it
+                info = {
+                    'id': auth_ref.project_id,
+                    'name': auth_ref.project_name,
+                    # True because we don't get this far if it is disabled
+                    'enabled': True,
+                }
+            else:
+                raise e
+
         return zip(*sorted(six.iteritems(info)))
diff --git a/openstackclient/identity/v2_0/user.py b/openstackclient/identity/v2_0/user.py
@@ -22,6 +22,7 @@
 from cliff import lister
 from cliff import show
 
+from keystoneclient.openstack.common.apiclient import exceptions as ksc_exc
 from openstackclient.common import utils
 
 
@@ -347,20 +348,37 @@ def take_action(self, parsed_args):
         self.log.debug('take_action(%s)', parsed_args)
         identity_client = self.app.client_manager.identity
 
-        user = utils.find_resource(
-            identity_client.users,
-            parsed_args.user,
-        )
+        info = {}
+        try:
+            user = utils.find_resource(
+                identity_client.users,
+                parsed_args.user,
+            )
+            info.update(user._info)
+        except ksc_exc.Forbidden as e:
+            auth_ref = self.app.client_manager.auth_ref
+            if (
+                parsed_args.user == auth_ref.user_id or
+                parsed_args.user == auth_ref.username
+            ):
+                # Ask for currently auth'ed project so return it
+                info = {
+                    'id': auth_ref.user_id,
+                    'name': auth_ref.username,
+                    'project_id': auth_ref.project_id,
+                    # True because we don't get this far if it is disabled
+                    'enabled': True,
+                }
+            else:
+                raise e
 
-        if 'tenantId' in user._info:
-            user._info.update(
-                {'project_id': user._info.pop('tenantId')}
+        if 'tenantId' in info:
+            info.update(
+                {'project_id': info.pop('tenantId')}
             )
-        if 'tenant_id' in user._info:
-            user._info.update(
-                {'project_id': user._info.pop('tenant_id')}
+        if 'tenant_id' in info:
+            info.update(
+                {'project_id': info.pop('tenant_id')}
             )
 
-        info = {}
-        info.update(user._info)
         return zip(*sorted(six.iteritems(info)))
