Add error handling for role updates assigned by workspace groups

[lhhyung]

Category

• New feature
• Bug fix
• Improvement
• Refactor
• etc

Description

Add error handling for role updates assigned by workspace groups

Known issue

[github-actions]

⚠️ @lhhyung the signed-off-by was not found in the following 3 commits:

• 73b6d89: Merge branch 'cloudforet-io:master' into master
• 1a7957d: Merge branch 'cloudforet-io:master' into master
• 1ab975b: Merge branch 'cloudforet-io:master' into master

✅ Why it is required

The Developer Certificate of Origin (DCO) is a lightweight way for contributors to certify that they wrote or otherwise have the right to submit the code they are contributing to the project. Here is the full text of the DCO.

Contributors sign-off that they adhere to these requirements by adding a Signed-off-by line to commit messages.

This is my commit message

Signed-off-by: Random Developer <randomdeveloper@example.com>

Git even has a -s command line option to append this automatically to your commit message:

$ git commit -s -m 'This is my commit message'

[github-actions]

⚠️ @lhhyung the signed-off-by was not found in the following 3 commits:

• 73b6d89: Merge branch 'cloudforet-io:master' into master
• 1a7957d: Merge branch 'cloudforet-io:master' into master
• 1ab975b: Merge branch 'cloudforet-io:master' into master

✅ Why it is required

The Developer Certificate of Origin (DCO) is a lightweight way for contributors to certify that they wrote or otherwise have the right to submit the code they are contributing to the project. Here is the full text of the DCO.

Contributors sign-off that they adhere to these requirements by adding a Signed-off-by line to commit messages.

This is my commit message

Signed-off-by: Random Developer <randomdeveloper@example.com>

Git even has a -s command line option to append this automatically to your commit message:

$ git commit -s -m 'This is my commit message'

[Copilot]

Pull Request Overview

This PR improves error handling by replacing a generic permission denied error with a more specific error message when attempting to update roles that were assigned by workspace groups.

• Introduces a new specific error class for workspace group role update restrictions
• Updates the role binding service to use the new error instead of a generic permission denied error
• Changes the default value for reset_password parameter from None to False in user update requests

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

File	Description
src/spaceone/identity/error/error_role.py	Adds new error class with descriptive message for workspace group role update restrictions
src/spaceone/identity/service/role_binding_service.py	Updates error handling to use the new specific error instead of generic permission denied
src/spaceone/identity/model/user/request.py	Changes reset_password default from None to False

[Copilot]

The error message contains a placeholder {role_binding_id} but the parameter being passed in the service is role_binding_id. The message should use {value} to match the parameter name being passed, or the service should pass role_binding_id=params.role_binding_id instead of value=params.role_binding_id.

Suggested change

	_message = "Roles assigned by a Workspace Group cannot be updated from the User menu. (role_binding_id = {role_binding_id})"
	_message = "Roles assigned by a Workspace Group cannot be updated from the User menu. (role_binding_id = {value})"