commit
00db69eaa9
|
@ -32,8 +32,17 @@ module OpenstackclientCookbook
|
||||||
action :create do
|
action :create do
|
||||||
user = connection.users.find { |u| u.name == user_name }
|
user = connection.users.find { |u| u.name == user_name }
|
||||||
project = connection.projects.find { |p| p.name == project_name }
|
project = connection.projects.find { |p| p.name == project_name }
|
||||||
|
domain = connection.domains.find { |u| u.name == domain_name }
|
||||||
if user
|
if user
|
||||||
log "User with name: \"#{user_name}\" already exists"
|
log "User with name: \"#{user_name}\" already exists"
|
||||||
|
elsif domain
|
||||||
|
connection.users.create(
|
||||||
|
name: user_name,
|
||||||
|
domain_id: domain.id,
|
||||||
|
email: email,
|
||||||
|
default_project_id: project ? project.id : nil,
|
||||||
|
password: password
|
||||||
|
)
|
||||||
else
|
else
|
||||||
connection.users.create(
|
connection.users.create(
|
||||||
name: user_name,
|
name: user_name,
|
||||||
|
@ -53,6 +62,7 @@ module OpenstackclientCookbook
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Grant a role in a project
|
||||||
action :grant_role do
|
action :grant_role do
|
||||||
user = connection.users.find { |u| u.name == user_name }
|
user = connection.users.find { |u| u.name == user_name }
|
||||||
project = connection.projects.find { |p| p.name == project_name }
|
project = connection.projects.find { |p| p.name == project_name }
|
||||||
|
@ -67,20 +77,22 @@ module OpenstackclientCookbook
|
||||||
project.revoke_role_from_user role.id, user.id if role && project && user
|
project.revoke_role_from_user role.id, user.id if role && project && user
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Grant a role in a domain
|
||||||
|
# Note: in spite of what the action name may suggest, the domain name is
|
||||||
|
# only used to identify a user who is in that domain. This action grants
|
||||||
|
# the user a role in the domain.
|
||||||
action :grant_domain do
|
action :grant_domain do
|
||||||
user = connection.users.find { |u| u.name == user_name }
|
user = connection.users.find { |u| u.name == user_name }
|
||||||
domain = connection.domains.find { |p| p.name == domain_name }
|
domain = connection.domains.find { |p| p.name == domain_name }
|
||||||
role = connection.roles.find { |r| r.name == role_name }
|
role = connection.roles.find { |r| r.name == role_name }
|
||||||
connection.grant_domain_user_role(
|
user.grant_role role.id if role && domain && user
|
||||||
domain.id, user.id, role.id) if role && domain && user
|
|
||||||
end
|
end
|
||||||
|
|
||||||
action :revoke_domain do
|
action :revoke_domain do
|
||||||
user = connection.users.find { |u| u.name == user_name }
|
user = connection.users.find { |u| u.name == user_name }
|
||||||
domain = connection.domains.find { |p| p.name == domain_name }
|
domain = connection.domains.find { |p| p.name == domain_name }
|
||||||
role = connection.roles.find { |r| r.name == role_name }
|
role = connection.roles.find { |r| r.name == role_name }
|
||||||
connection.revoke_domain_user_role(
|
user.revoke_role role.id if role && domain && user
|
||||||
domain.id, user.id, role.id) if role && domain && user
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -49,7 +49,6 @@ end
|
||||||
|
|
||||||
openstack_user 'myuser' do
|
openstack_user 'myuser' do
|
||||||
role_name 'myrole'
|
role_name 'myrole'
|
||||||
project_name 'myproject'
|
|
||||||
domain_name 'mydomain'
|
domain_name 'mydomain'
|
||||||
connection_params connection_params
|
connection_params connection_params
|
||||||
action :grant_domain
|
action :grant_domain
|
||||||
|
@ -57,7 +56,6 @@ end
|
||||||
|
|
||||||
openstack_user 'myuser' do
|
openstack_user 'myuser' do
|
||||||
role_name 'myrole'
|
role_name 'myrole'
|
||||||
project_name 'myproject'
|
|
||||||
domain_name 'mydomain'
|
domain_name 'mydomain'
|
||||||
connection_params connection_params
|
connection_params connection_params
|
||||||
action :revoke_domain
|
action :revoke_domain
|
||||||
|
|
|
@ -19,7 +19,9 @@ require_relative '../libraries/openstack_domain'
|
||||||
|
|
||||||
describe 'openstackclient_test::domain' do
|
describe 'openstackclient_test::domain' do
|
||||||
let(:chef_run) do
|
let(:chef_run) do
|
||||||
runner = ChefSpec::SoloRunner.new(step_into: ['openstack_domain'])
|
runner = ChefSpec::SoloRunner.new(
|
||||||
|
UBUNTU_OPTS.merge(step_into: ['openstack_domain'])
|
||||||
|
)
|
||||||
runner.converge(described_recipe)
|
runner.converge(described_recipe)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -19,7 +19,9 @@ require_relative '../libraries/openstack_endpoint'
|
||||||
|
|
||||||
describe 'openstackclient_test::endpoint' do
|
describe 'openstackclient_test::endpoint' do
|
||||||
let(:chef_run) do
|
let(:chef_run) do
|
||||||
runner = ChefSpec::SoloRunner.new(step_into: ['openstack_endpoint'])
|
runner = ChefSpec::SoloRunner.new(
|
||||||
|
UBUNTU_OPTS.merge(step_into: ['openstack_endpoint'])
|
||||||
|
)
|
||||||
runner.converge(described_recipe)
|
runner.converge(described_recipe)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -19,7 +19,9 @@ require_relative '../libraries/openstack_project'
|
||||||
|
|
||||||
describe 'openstackclient_test::project' do
|
describe 'openstackclient_test::project' do
|
||||||
let(:chef_run) do
|
let(:chef_run) do
|
||||||
runner = ChefSpec::SoloRunner.new(step_into: ['openstack_project'])
|
runner = ChefSpec::SoloRunner.new(
|
||||||
|
UBUNTU_OPTS.merge(step_into: ['openstack_project'])
|
||||||
|
)
|
||||||
runner.converge(described_recipe)
|
runner.converge(described_recipe)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -19,7 +19,9 @@ require_relative '../libraries/openstack_role'
|
||||||
|
|
||||||
describe 'openstackclient_test::role' do
|
describe 'openstackclient_test::role' do
|
||||||
let(:chef_run) do
|
let(:chef_run) do
|
||||||
runner = ChefSpec::SoloRunner.new(step_into: ['openstack_role'])
|
runner = ChefSpec::SoloRunner.new(
|
||||||
|
UBUNTU_OPTS.merge(step_into: ['openstack_role'])
|
||||||
|
)
|
||||||
runner.converge(described_recipe)
|
runner.converge(described_recipe)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -19,7 +19,9 @@ require_relative '../libraries/openstack_service'
|
||||||
|
|
||||||
describe 'openstackclient_test::service' do
|
describe 'openstackclient_test::service' do
|
||||||
let(:chef_run) do
|
let(:chef_run) do
|
||||||
runner = ChefSpec::SoloRunner.new(step_into: ['openstack_service'])
|
runner = ChefSpec::SoloRunner.new(
|
||||||
|
UBUNTU_OPTS.merge(step_into: ['openstack_service'])
|
||||||
|
)
|
||||||
runner.converge(described_recipe)
|
runner.converge(described_recipe)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -23,4 +23,9 @@ RSpec.configure do |config|
|
||||||
config.log_level = :error
|
config.log_level = :error
|
||||||
end
|
end
|
||||||
|
|
||||||
|
UBUNTU_OPTS = {
|
||||||
|
platform: 'ubuntu',
|
||||||
|
version: '16.04'
|
||||||
|
}.freeze
|
||||||
|
|
||||||
at_exit { ChefSpec::Coverage.report! }
|
at_exit { ChefSpec::Coverage.report! }
|
||||||
|
|
|
@ -19,7 +19,9 @@ require_relative '../libraries/openstack_user'
|
||||||
|
|
||||||
describe 'openstackclient_test::user' do
|
describe 'openstackclient_test::user' do
|
||||||
let(:chef_run) do
|
let(:chef_run) do
|
||||||
runner = ChefSpec::SoloRunner.new(step_into: ['openstack_user'])
|
runner = ChefSpec::SoloRunner.new(
|
||||||
|
UBUNTU_OPTS.merge(step_into: ['openstack_user'])
|
||||||
|
)
|
||||||
runner.converge(described_recipe)
|
runner.converge(described_recipe)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -33,7 +35,9 @@ describe 'openstackclient_test::user' do
|
||||||
let(:found_user) do
|
let(:found_user) do
|
||||||
double :find,
|
double :find,
|
||||||
id: 4,
|
id: 4,
|
||||||
destroy: true
|
destroy: true,
|
||||||
|
grant_role: true,
|
||||||
|
revoke_role: true
|
||||||
end
|
end
|
||||||
|
|
||||||
let(:users_populated) do
|
let(:users_populated) do
|
||||||
|
@ -133,6 +137,7 @@ describe 'openstackclient_test::user' do
|
||||||
expect(users_empty).to receive(:create)
|
expect(users_empty).to receive(:create)
|
||||||
.with(
|
.with(
|
||||||
name: 'myuser',
|
name: 'myuser',
|
||||||
|
domain_id: 5,
|
||||||
email: 'myemail',
|
email: 'myemail',
|
||||||
default_project_id: 42,
|
default_project_id: 42,
|
||||||
password: 'mypassword'
|
password: 'mypassword'
|
||||||
|
@ -152,9 +157,7 @@ describe 'openstackclient_test::user' do
|
||||||
users: users_populated,
|
users: users_populated,
|
||||||
domains: domains_populated,
|
domains: domains_populated,
|
||||||
roles: roles_populated,
|
roles: roles_populated,
|
||||||
projects: projects_populated,
|
projects: projects_populated
|
||||||
grant_domain_user_role: true,
|
|
||||||
revoke_domain_user_role: true
|
|
||||||
end
|
end
|
||||||
|
|
||||||
before do
|
before do
|
||||||
|
@ -241,14 +244,14 @@ describe 'openstackclient_test::user' do
|
||||||
end
|
end
|
||||||
|
|
||||||
it do
|
it do
|
||||||
expect(connection_dub).to receive(:grant_domain_user_role)
|
expect(found_user).to receive(:grant_role)
|
||||||
.with(5, 4, 3)
|
.with(3)
|
||||||
chef_run
|
chef_run
|
||||||
end
|
end
|
||||||
|
|
||||||
it do
|
it do
|
||||||
expect(connection_dub).to receive(:revoke_domain_user_role)
|
expect(found_user).to receive(:revoke_role)
|
||||||
.with(5, 4, 3)
|
.with(3)
|
||||||
chef_run
|
chef_run
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue