Browse Source

Merge pull request #4 from ideaship/grant_domain_04

Grant domain
Jan Klare 1 year ago
parent
commit
00db69eaa9
No account linked to committer's email address

+ 16
- 4
libraries/openstack_user.rb View File

@@ -32,8 +32,17 @@ module OpenstackclientCookbook
32 32
     action :create do
33 33
       user = connection.users.find { |u| u.name == user_name }
34 34
       project = connection.projects.find { |p| p.name == project_name }
35
+      domain = connection.domains.find { |u| u.name == domain_name }
35 36
       if user
36 37
         log "User with name: \"#{user_name}\" already exists"
38
+      elsif domain
39
+        connection.users.create(
40
+          name: user_name,
41
+          domain_id: domain.id,
42
+          email: email,
43
+          default_project_id: project ? project.id : nil,
44
+          password: password
45
+        )
37 46
       else
38 47
         connection.users.create(
39 48
           name: user_name,
@@ -53,6 +62,7 @@ module OpenstackclientCookbook
53 62
       end
54 63
     end
55 64
 
65
+    # Grant a role in a project
56 66
     action :grant_role do
57 67
       user = connection.users.find { |u| u.name == user_name }
58 68
       project = connection.projects.find { |p| p.name == project_name }
@@ -67,20 +77,22 @@ module OpenstackclientCookbook
67 77
       project.revoke_role_from_user role.id, user.id if role && project && user
68 78
     end
69 79
 
80
+    # Grant a role in a domain
81
+    # Note: in spite of what the action name may suggest, the domain name is
82
+    # only used to identify a user who is in that domain. This action grants
83
+    # the user a role in the domain.
70 84
     action :grant_domain do
71 85
       user = connection.users.find { |u| u.name == user_name }
72 86
       domain = connection.domains.find { |p| p.name == domain_name }
73 87
       role = connection.roles.find { |r| r.name == role_name }
74
-      connection.grant_domain_user_role(
75
-        domain.id, user.id, role.id) if role && domain && user
88
+      user.grant_role role.id if role && domain && user
76 89
     end
77 90
 
78 91
     action :revoke_domain do
79 92
       user = connection.users.find { |u| u.name == user_name }
80 93
       domain = connection.domains.find { |p| p.name == domain_name }
81 94
       role = connection.roles.find { |r| r.name == role_name }
82
-      connection.revoke_domain_user_role(
83
-        domain.id, user.id, role.id) if role && domain && user
95
+      user.revoke_role  role.id if role && domain && user
84 96
     end
85 97
   end
86 98
 end

+ 0
- 2
spec/cookbooks/openstackclient_test/recipes/user.rb View File

@@ -49,7 +49,6 @@ end
49 49
 
50 50
 openstack_user 'myuser' do
51 51
   role_name 'myrole'
52
-  project_name 'myproject'
53 52
   domain_name 'mydomain'
54 53
   connection_params connection_params
55 54
   action :grant_domain
@@ -57,7 +56,6 @@ end
57 56
 
58 57
 openstack_user 'myuser' do
59 58
   role_name 'myrole'
60
-  project_name 'myproject'
61 59
   domain_name 'mydomain'
62 60
   connection_params connection_params
63 61
   action :revoke_domain

+ 3
- 1
spec/domain_spec.rb View File

@@ -19,7 +19,9 @@ require_relative '../libraries/openstack_domain'
19 19
 
20 20
 describe 'openstackclient_test::domain' do
21 21
   let(:chef_run) do
22
-    runner = ChefSpec::SoloRunner.new(step_into: ['openstack_domain'])
22
+    runner = ChefSpec::SoloRunner.new(
23
+      UBUNTU_OPTS.merge(step_into: ['openstack_domain'])
24
+    )
23 25
     runner.converge(described_recipe)
24 26
   end
25 27
 

+ 3
- 1
spec/endpoint_spec.rb View File

@@ -19,7 +19,9 @@ require_relative '../libraries/openstack_endpoint'
19 19
 
20 20
 describe 'openstackclient_test::endpoint' do
21 21
   let(:chef_run) do
22
-    runner = ChefSpec::SoloRunner.new(step_into: ['openstack_endpoint'])
22
+    runner = ChefSpec::SoloRunner.new(
23
+      UBUNTU_OPTS.merge(step_into: ['openstack_endpoint'])
24
+    )
23 25
     runner.converge(described_recipe)
24 26
   end
25 27
 

+ 3
- 1
spec/project_spec.rb View File

@@ -19,7 +19,9 @@ require_relative '../libraries/openstack_project'
19 19
 
20 20
 describe 'openstackclient_test::project' do
21 21
   let(:chef_run) do
22
-    runner = ChefSpec::SoloRunner.new(step_into: ['openstack_project'])
22
+    runner = ChefSpec::SoloRunner.new(
23
+      UBUNTU_OPTS.merge(step_into: ['openstack_project'])
24
+    )
23 25
     runner.converge(described_recipe)
24 26
   end
25 27
 

+ 3
- 1
spec/role_spec.rb View File

@@ -19,7 +19,9 @@ require_relative '../libraries/openstack_role'
19 19
 
20 20
 describe 'openstackclient_test::role' do
21 21
   let(:chef_run) do
22
-    runner = ChefSpec::SoloRunner.new(step_into: ['openstack_role'])
22
+    runner = ChefSpec::SoloRunner.new(
23
+      UBUNTU_OPTS.merge(step_into: ['openstack_role'])
24
+    )
23 25
     runner.converge(described_recipe)
24 26
   end
25 27
 

+ 3
- 1
spec/service_spec.rb View File

@@ -19,7 +19,9 @@ require_relative '../libraries/openstack_service'
19 19
 
20 20
 describe 'openstackclient_test::service' do
21 21
   let(:chef_run) do
22
-    runner = ChefSpec::SoloRunner.new(step_into: ['openstack_service'])
22
+    runner = ChefSpec::SoloRunner.new(
23
+      UBUNTU_OPTS.merge(step_into: ['openstack_service'])
24
+    )
23 25
     runner.converge(described_recipe)
24 26
   end
25 27
 

+ 5
- 0
spec/spec_helper.rb View File

@@ -23,4 +23,9 @@ RSpec.configure do |config|
23 23
   config.log_level = :error
24 24
 end
25 25
 
26
+UBUNTU_OPTS = {
27
+  platform: 'ubuntu',
28
+  version: '16.04'
29
+}.freeze
30
+
26 31
 at_exit { ChefSpec::Coverage.report! }

+ 12
- 9
spec/user_spec.rb View File

@@ -19,7 +19,9 @@ require_relative '../libraries/openstack_user'
19 19
 
20 20
 describe 'openstackclient_test::user' do
21 21
   let(:chef_run) do
22
-    runner = ChefSpec::SoloRunner.new(step_into: ['openstack_user'])
22
+    runner = ChefSpec::SoloRunner.new(
23
+      UBUNTU_OPTS.merge(step_into: ['openstack_user'])
24
+    )
23 25
     runner.converge(described_recipe)
24 26
   end
25 27
 
@@ -33,7 +35,9 @@ describe 'openstackclient_test::user' do
33 35
   let(:found_user) do
34 36
     double :find,
35 37
            id: 4,
36
-           destroy: true
38
+           destroy: true,
39
+           grant_role: true,
40
+           revoke_role: true
37 41
   end
38 42
 
39 43
   let(:users_populated) do
@@ -133,6 +137,7 @@ describe 'openstackclient_test::user' do
133 137
       expect(users_empty).to receive(:create)
134 138
         .with(
135 139
           name: 'myuser',
140
+          domain_id: 5,
136 141
           email: 'myemail',
137 142
           default_project_id: 42,
138 143
           password: 'mypassword'
@@ -152,9 +157,7 @@ describe 'openstackclient_test::user' do
152 157
              users: users_populated,
153 158
              domains: domains_populated,
154 159
              roles: roles_populated,
155
-             projects: projects_populated,
156
-             grant_domain_user_role: true,
157
-             revoke_domain_user_role: true
160
+             projects: projects_populated
158 161
     end
159 162
 
160 163
     before do
@@ -241,14 +244,14 @@ describe 'openstackclient_test::user' do
241 244
     end
242 245
 
243 246
     it do
244
-      expect(connection_dub).to receive(:grant_domain_user_role)
245
-        .with(5, 4, 3)
247
+      expect(found_user).to receive(:grant_role)
248
+        .with(3)
246 249
       chef_run
247 250
     end
248 251
 
249 252
     it do
250
-      expect(connection_dub).to receive(:revoke_domain_user_role)
251
-        .with(5, 4, 3)
253
+      expect(found_user).to receive(:revoke_role)
254
+        .with(3)
252 255
       chef_run
253 256
     end
254 257
   end

Loading…
Cancel
Save