Identity API resources to get lists of users or groups with certain role in project or domain

Registered by Alexander Pugachev

This issue appeared during the work on change https://review.openstack.org/#/c/20476/ triggered by Launchpad issue https://bugs.launchpad.net/python-keystoneclient/+bug/1070544.

Original request was to teach /users to accept GET-arguments "role" and "tenant". Dolph Matthews suggested adding new resources to v3 Identity API instead of adding functionality to existing V2 API resource.

Resources proposed by Dolph Matthews are following:
- List users with role on project:
GET /projects/{project_id}/roles/{role_id}/users

- List groups with roles on project:
GET /projects/{project_id}/roles/{role_id}/groups

- List users with roles on domain:
GET /domains/{domain_id}/roles/{role_id}/users

- List groups with roles on domain:
GET /domains/{domain_id}/roles/{role_id}/groups

This will not fix original problem but v2 API is going to be deprecated but the same request will appear for client working with v3 API and it would be good to remove the obstacle now.

Blueprint information

Status:
Complete
Approver:
None
Priority:
Undefined
Drafter:
Alexander Pugachev
Direction:
Approved
Assignee:
Alexander Pugachev
Definition:
Obsolete
Series goal:
None
Implementation:
Unknown
Milestone target:
None
Completed by
Dolph Mathews

Related branches

Sprints

Whiteboard

was there an identity-api review associated with this?

According to "OpenStack Identity API v3" Doc :
        https://github.com/openstack/identity-api/blob/master/openstack-identity-api/src/markdown/identity-api-v3.md#list-users-with-a-role-get-rolesrole_idusers

List users with a role
GET /roles/{role_id}/users

Is observed to be Not Implemented
Please look into LP Question: https://answers.launchpad.net/keystone/+question/227750
For the details of analysis

Please identify whether there should be an API for GET /roles/{role_id}/users, if not, there shall be en error in the doc which lead to this confusion.

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.