Use Domains with Keystone v3 in functional tests
This patch enables configuration of domains when using Keystone v3 authentication in the functional test suite. Change-Id: If7fbb1924ebb99dc93eacedc371369fe1fa6312f
This commit is contained in:
Douglas Mendizábal
Douglas Mendizábal
parent
66c88d09da
commit
39331ca5d2
@ -5,19 +5,23 @@
|
||||
uri=http://localhost:5000/v3
|
||||
version=v3
|
||||
|
||||
# Default user credentials
|
||||
username=admin
|
||||
project_name=admin
|
||||
password=secretadmin
|
||||
project_name=admin
|
||||
domain_name=Default
|
||||
|
||||
# Service user credentials
|
||||
service_admin=service-admin
|
||||
service_admin_project=service
|
||||
service_admin_password=secretservice
|
||||
service_admin_project=service
|
||||
service_admin_domain=Default
|
||||
|
||||
[rbac_users]
|
||||
# Replace these values that represent additional users for RBAC testing
|
||||
project_a=project_a
|
||||
project_b=project_b
|
||||
project_domain=Default
|
||||
|
||||
# users for project_a
|
||||
admin_a=project_a_admin
|
||||
|
||||
@ -22,12 +22,14 @@ STORED_AUTHENTICATION = None
|
||||
|
||||
class FunctionalTestAuth(auth.AuthBase):
|
||||
|
||||
def __init__(self, endpoint, version, username, password, project_name):
|
||||
def __init__(self, endpoint, version, username, password,
|
||||
project_name, project_domain):
|
||||
self.endpoint = endpoint
|
||||
self.version = version
|
||||
self.username = username
|
||||
self.password = password
|
||||
self.project_name = project_name
|
||||
self.project_domain = project_domain
|
||||
|
||||
self._client = None
|
||||
|
||||
@ -64,7 +66,9 @@ class FunctionalTestAuth(auth.AuthBase):
|
||||
self._client = v3_client.Client(
|
||||
username=self.username,
|
||||
password=self.password,
|
||||
user_domain_name=self.project_domain,
|
||||
project_name=self.project_name,
|
||||
project_domain_name=self.project_domain,
|
||||
auth_url=self.endpoint
|
||||
)
|
||||
return self._client.auth_token, self._client.project_id
|
||||
|
||||
@ -38,75 +38,47 @@ class BarbicanClient(object):
|
||||
'Content-Type': 'application/json',
|
||||
'Accept': 'application/json'
|
||||
}
|
||||
self.region = CONF.identity.region
|
||||
self._default_user_name = CONF.identity.username
|
||||
self._auth = {}
|
||||
self._auth[CONF.identity.username] = auth.FunctionalTestAuth(
|
||||
endpoint=CONF.identity.uri,
|
||||
version=CONF.identity.version,
|
||||
username=CONF.identity.username,
|
||||
password=CONF.identity.password,
|
||||
project_name=CONF.identity.project_name)
|
||||
self._auth[CONF.identity.service_admin] = auth.FunctionalTestAuth(
|
||||
endpoint=CONF.identity.uri,
|
||||
version=CONF.identity.version,
|
||||
username=CONF.identity.service_admin,
|
||||
password=CONF.identity.service_admin_password,
|
||||
project_name=CONF.identity.service_admin_project)
|
||||
self._auth[CONF.rbac_users.admin_a] = auth.FunctionalTestAuth(
|
||||
endpoint=CONF.identity.uri,
|
||||
version=CONF.identity.version,
|
||||
username=CONF.rbac_users.admin_a,
|
||||
password=CONF.rbac_users.admin_a_password,
|
||||
project_name=CONF.rbac_users.project_a)
|
||||
self._auth[CONF.rbac_users.creator_a] = auth.FunctionalTestAuth(
|
||||
endpoint=CONF.identity.uri,
|
||||
version=CONF.identity.version,
|
||||
username=CONF.rbac_users.creator_a,
|
||||
password=CONF.rbac_users.creator_a_password,
|
||||
project_name=CONF.rbac_users.project_a)
|
||||
self._auth[CONF.rbac_users.creator_a_2] = auth.FunctionalTestAuth(
|
||||
endpoint=CONF.identity.uri,
|
||||
version=CONF.identity.version,
|
||||
username=CONF.rbac_users.creator_a_2,
|
||||
password=CONF.rbac_users.creator_a_2_password,
|
||||
project_name=CONF.rbac_users.project_a)
|
||||
self._auth[CONF.rbac_users.observer_a] = auth.FunctionalTestAuth(
|
||||
endpoint=CONF.identity.uri,
|
||||
version=CONF.identity.version,
|
||||
username=CONF.rbac_users.observer_a,
|
||||
password=CONF.rbac_users.observer_a_password,
|
||||
project_name=CONF.rbac_users.project_a)
|
||||
self._auth[CONF.rbac_users.auditor_a] = auth.FunctionalTestAuth(
|
||||
endpoint=CONF.identity.uri,
|
||||
version=CONF.identity.version,
|
||||
username=CONF.rbac_users.auditor_a,
|
||||
password=CONF.rbac_users.auditor_a_password,
|
||||
project_name=CONF.rbac_users.project_a)
|
||||
self._auth[CONF.rbac_users.admin_b] = auth.FunctionalTestAuth(
|
||||
endpoint=CONF.identity.uri,
|
||||
version=CONF.identity.version,
|
||||
username=CONF.rbac_users.admin_b,
|
||||
password=CONF.rbac_users.admin_b_password,
|
||||
project_name=CONF.rbac_users.project_b)
|
||||
self._auth[CONF.rbac_users.creator_b] = auth.FunctionalTestAuth(
|
||||
endpoint=CONF.identity.uri,
|
||||
version=CONF.identity.version,
|
||||
username=CONF.rbac_users.creator_b,
|
||||
password=CONF.rbac_users.creator_b_password,
|
||||
project_name=CONF.rbac_users.project_b)
|
||||
self._auth[CONF.rbac_users.observer_b] = auth.FunctionalTestAuth(
|
||||
endpoint=CONF.identity.uri,
|
||||
version=CONF.identity.version,
|
||||
username=CONF.rbac_users.observer_b,
|
||||
password=CONF.rbac_users.observer_b_password,
|
||||
project_name=CONF.rbac_users.project_b)
|
||||
self._auth[CONF.rbac_users.auditor_b] = auth.FunctionalTestAuth(
|
||||
endpoint=CONF.identity.uri,
|
||||
version=CONF.identity.version,
|
||||
username=CONF.rbac_users.auditor_b,
|
||||
password=CONF.rbac_users.auditor_b_password,
|
||||
project_name=CONF.rbac_users.project_b)
|
||||
identity = CONF.identity
|
||||
self.region = identity.region
|
||||
self._default_user_name = identity.username
|
||||
self._auth = dict()
|
||||
|
||||
self._auth[identity.username] = auth.FunctionalTestAuth(
|
||||
endpoint=identity.uri,
|
||||
version=identity.version,
|
||||
username=identity.username,
|
||||
password=identity.password,
|
||||
project_name=identity.project_name,
|
||||
project_domain=identity.domain_name)
|
||||
|
||||
self._auth[identity.service_admin] = auth.FunctionalTestAuth(
|
||||
endpoint=identity.uri,
|
||||
version=identity.version,
|
||||
username=identity.service_admin,
|
||||
password=identity.service_admin_password,
|
||||
project_name=identity.service_admin_project,
|
||||
project_domain=identity.service_admin_domain)
|
||||
|
||||
rbac = CONF.rbac_users
|
||||
|
||||
for user in ['admin_a', 'creator_a', 'creator_a_2',
|
||||
'observer_a', 'auditor_a']:
|
||||
self._auth[getattr(rbac, user)] = auth.FunctionalTestAuth(
|
||||
endpoint=identity.uri,
|
||||
version=identity.version,
|
||||
username=getattr(rbac, user),
|
||||
password=getattr(rbac, user + '_password'),
|
||||
project_name=rbac.project_a,
|
||||
project_domain=rbac.project_domain)
|
||||
|
||||
for user in ['admin_b', 'creator_b', 'observer_b', 'auditor_b']:
|
||||
self._auth[getattr(rbac, user)] = auth.FunctionalTestAuth(
|
||||
endpoint=identity.uri,
|
||||
version=identity.version,
|
||||
username=getattr(rbac, user),
|
||||
password=getattr(rbac, user + '_password'),
|
||||
project_name=rbac.project_b,
|
||||
project_domain=rbac.project_domain)
|
||||
|
||||
def get_all_functional_test_user_names(self):
|
||||
retval = []
|
||||
|
||||
@ -35,6 +35,7 @@ def setup_config(config_file=''):
|
||||
cfg.StrOpt('region', default='RegionOne'),
|
||||
cfg.StrOpt('service_admin', default='service-admin'),
|
||||
cfg.StrOpt('service_admin_project', default='service'),
|
||||
cfg.StrOpt('service_admin_domain', default='Default'),
|
||||
cfg.StrOpt('service_admin_password', default='secretservice',
|
||||
secret=True)]
|
||||
TEST_CONF.register_group(identity_group)
|
||||
@ -44,6 +45,7 @@ def setup_config(config_file=''):
|
||||
rbac_users_options = [
|
||||
cfg.StrOpt('project_a', default='project_a'),
|
||||
cfg.StrOpt('project_b', default='project_b'),
|
||||
cfg.StrOpt('project_domain', default='Default'),
|
||||
cfg.StrOpt('admin_a', default='project_a_admin'),
|
||||
cfg.StrOpt('admin_a_password', default='barbican', secret=True),
|
||||
cfg.StrOpt('creator_a', default='project_a_creator'),
|
||||
|
||||
Loading…
Reference in New Issue
Block a user