From d6f28e056c32a03efb9a0b9cdc31b84e3fac5d2d Mon Sep 17 00:00:00 2001 From: lhhyung Date: Fri, 25 Jul 2025 13:58:07 +0900 Subject: [PATCH 1/2] fix: Fix default value for reset_password to False in request parameters Signed-off-by: lhhyung --- src/spaceone/identity/model/user/request.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/spaceone/identity/model/user/request.py b/src/spaceone/identity/model/user/request.py index 133d62b6..8f70b520 100644 --- a/src/spaceone/identity/model/user/request.py +++ b/src/spaceone/identity/model/user/request.py @@ -47,7 +47,7 @@ class UserUpdateRequest(BaseModel): language: Union[str, None] = None timezone: Union[str, None] = None tags: Union[dict, None] = None - reset_password: Union[bool, None] = None + reset_password: Union[bool, None] = False domain_id: str enforce_mfa_state: Union[MFAEnforceState, None] = None enforce_mfa_type: Union[MFAType, None] = None From 594555011091cd0ed67ee86894729fd2db5fabfe Mon Sep 17 00:00:00 2001 From: lhhyung Date: Tue, 12 Aug 2025 15:24:38 +0900 Subject: [PATCH 2/2] feat: Add error handling for role updates assigned by workspace groups Signed-off-by: lhhyung --- src/spaceone/identity/error/error_role.py | 6 ++++++ src/spaceone/identity/service/role_binding_service.py | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/spaceone/identity/error/error_role.py b/src/spaceone/identity/error/error_role.py index 467cbae9..5c0d8e2f 100644 --- a/src/spaceone/identity/error/error_role.py +++ b/src/spaceone/identity/error/error_role.py @@ -39,3 +39,9 @@ class ERROR_LAST_WORKSPACE_OWNER_CANNOT_DELETE(ERROR_INVALID_ARGUMENT): class ERROR_LAST_DOMAIN_ADMIN_CANNOT_DELETE(ERROR_INVALID_ARGUMENT): _message = "Last domain admin cannot be deleted." + + +class ERROR_NOT_ALLOWED_TO_UPDATE_ROLE_ASSIGNED_BY_WORKSPACE_GROUP( + ERROR_INVALID_ARGUMENT +): + _message = "Roles assigned by a Workspace Group cannot be updated from the User menu. (role_binding_id = {role_binding_id})" diff --git a/src/spaceone/identity/service/role_binding_service.py b/src/spaceone/identity/service/role_binding_service.py index 9bf9c06d..3184a88b 100644 --- a/src/spaceone/identity/service/role_binding_service.py +++ b/src/spaceone/identity/service/role_binding_service.py @@ -148,7 +148,7 @@ def update_role( self.check_self_update_and_delete(request_user_id, rb_vo.user_id) if rb_vo.workspace_group_id: - raise ERROR_PERMISSION_DENIED( + raise ERROR_NOT_ALLOWED_TO_UPDATE_ROLE_ASSIGNED_BY_WORKSPACE_GROUP( key="role_binding_id", value=params.role_binding_id )