From 02aa3851c9ec107fd1d9dd1f032f231b64c00013 Mon Sep 17 00:00:00 2001 From: Brant Knudson Date: Sat, 2 Aug 2014 21:21:56 -0500 Subject: [PATCH] Change OS-INHERIT extension to provide JSON Home data The V3 router class for the OS-INHERIT extension is changed to provide JSON Home data for its resources. bp json-home Change-Id: I6023d7d8646c4ab5e5515fe5997fe8bd12a61a4e --- keystone/assignment/routers.py | 41 ++++++++++++-- keystone/tests/test_versions.py | 94 ++++++++++++++++++++++++++++++++- 2 files changed, 129 insertions(+), 6 deletions(-) diff --git a/keystone/assignment/routers.py b/keystone/assignment/routers.py index 66293879f..1e163f1f4 100644 --- a/keystone/assignment/routers.py +++ b/keystone/assignment/routers.py @@ -15,6 +15,8 @@ """WSGI Routers for the Assignment service.""" +import functools + from keystone.assignment import controllers from keystone.common import json_home from keystone.common import router @@ -22,6 +24,11 @@ from keystone.common import wsgi from keystone import config +build_os_inherit_relation = functools.partial( + json_home.build_v3_extension_resource_relation, + extension_name='OS-INHERIT', extension_version='1.0') + + class Public(wsgi.ComposableRouter): def add_routes(self, mapper): tenant_controller = controllers.Tenant() @@ -182,21 +189,47 @@ class Routers(wsgi.RoutersBase): '{role_id}/inherited_to_projects', get_head_action='check_grant', put_action='create_grant', - delete_action='revoke_grant') + delete_action='revoke_grant', + rel=build_os_inherit_relation( + resource_name='domain_user_role_inherited_to_projects'), + path_vars={ + 'domain_id': json_home.Parameters.DOMAIN_ID, + 'role_id': json_home.Parameters.ROLE_ID, + 'user_id': json_home.Parameters.USER_ID, + }) self._add_resource( mapper, role_controller, path='/OS-INHERIT/domains/{domain_id}/groups/{group_id}/roles/' '{role_id}/inherited_to_projects', get_head_action='check_grant', put_action='create_grant', - delete_action='revoke_grant') + delete_action='revoke_grant', + rel=build_os_inherit_relation( + resource_name='domain_group_role_inherited_to_projects'), + path_vars={ + 'domain_id': json_home.Parameters.DOMAIN_ID, + 'group_id': json_home.Parameters.GROUP_ID, + 'role_id': json_home.Parameters.ROLE_ID, + }) self._add_resource( mapper, role_controller, path='/OS-INHERIT/domains/{domain_id}/groups/{group_id}/roles/' 'inherited_to_projects', - get_action='list_grants') + get_action='list_grants', + rel=build_os_inherit_relation( + resource_name='domain_group_roles_inherited_to_projects'), + path_vars={ + 'domain_id': json_home.Parameters.DOMAIN_ID, + 'group_id': json_home.Parameters.GROUP_ID, + }) self._add_resource( mapper, role_controller, path='/OS-INHERIT/domains/{domain_id}/users/{user_id}/roles/' 'inherited_to_projects', - get_action='list_grants') + get_action='list_grants', + rel=build_os_inherit_relation( + resource_name='domain_user_roles_inherited_to_projects'), + path_vars={ + 'domain_id': json_home.Parameters.DOMAIN_ID, + 'user_id': json_home.Parameters.USER_ID, + }) diff --git a/keystone/tests/test_versions.py b/keystone/tests/test_versions.py index a4ef6e0d3..a4190435f 100644 --- a/keystone/tests/test_versions.py +++ b/keystone/tests/test_versions.py @@ -114,7 +114,7 @@ _build_trust_relation = functools.partial( TRUST_ID_PARAMETER_RELATION = json_home.build_v3_extension_parameter_relation( 'OS-TRUST', '1.0', 'trust_id') -V3_JSON_HOME_RESOURCES = { +V3_JSON_HOME_RESOURCES_INHERIT_DISABLED = { json_home.build_v3_resource_relation('auth_tokens'): { 'href': '/auth/tokens'}, json_home.build_v3_resource_relation('auth_catalog'): { @@ -268,6 +268,60 @@ V3_JSON_HOME_RESOURCES = { } +# with os-inherit enabled, there's some more resources. + +build_os_inherit_relation = functools.partial( + json_home.build_v3_extension_resource_relation, + extension_name='OS-INHERIT', extension_version='1.0') + +V3_JSON_HOME_RESOURCES_INHERIT_ENABLED = dict( + V3_JSON_HOME_RESOURCES_INHERIT_DISABLED) +V3_JSON_HOME_RESOURCES_INHERIT_ENABLED.update(( + (build_os_inherit_relation( + resource_name='domain_user_role_inherited_to_projects'), + { + 'href-template': '/OS-INHERIT/domains/{domain_id}/users/' + '{user_id}/roles/{role_id}/inherited_to_projects', + 'href-vars': { + 'domain_id': json_home.Parameters.DOMAIN_ID, + 'role_id': json_home.Parameters.ROLE_ID, + 'user_id': json_home.Parameters.USER_ID, + }, + }), + (build_os_inherit_relation( + resource_name='domain_group_role_inherited_to_projects'), + { + 'href-template': '/OS-INHERIT/domains/{domain_id}/groups/' + '{group_id}/roles/{role_id}/inherited_to_projects', + 'href-vars': { + 'domain_id': json_home.Parameters.DOMAIN_ID, + 'group_id': json_home.Parameters.GROUP_ID, + 'role_id': json_home.Parameters.ROLE_ID, + }, + }), + (build_os_inherit_relation( + resource_name='domain_user_roles_inherited_to_projects'), + { + 'href-template': '/OS-INHERIT/domains/{domain_id}/users/' + '{user_id}/roles/inherited_to_projects', + 'href-vars': { + 'domain_id': json_home.Parameters.DOMAIN_ID, + 'user_id': json_home.Parameters.USER_ID, + }, + }), + (build_os_inherit_relation( + resource_name='domain_group_roles_inherited_to_projects'), + { + 'href-template': '/OS-INHERIT/domains/{domain_id}/groups/' + '{group_id}/roles/inherited_to_projects', + 'href-vars': { + 'domain_id': json_home.Parameters.DOMAIN_ID, + 'group_id': json_home.Parameters.GROUP_ID, + }, + }), +)) + + class VersionTestCase(tests.TestCase): def setUp(self): super(VersionTestCase, self).setUp() @@ -474,7 +528,43 @@ class VersionTestCase(tests.TestCase): tt_matchers.Equals('application/json-home')) exp_json_home_data = { - 'resources': V3_JSON_HOME_RESOURCES} + 'resources': V3_JSON_HOME_RESOURCES_INHERIT_DISABLED} + + self.assertThat(jsonutils.loads(resp.body), + tt_matchers.Equals(exp_json_home_data)) + + +class VersionInheritEnabledTestCase(tests.TestCase): + def setUp(self): + super(VersionInheritEnabledTestCase, self).setUp() + self.load_backends() + self.public_app = self.loadapp('keystone', 'main') + self.admin_app = self.loadapp('keystone', 'admin') + + self.config_fixture.config( + public_endpoint='http://localhost:%(public_port)d', + admin_endpoint='http://localhost:%(admin_port)d') + + def config_overrides(self): + super(VersionInheritEnabledTestCase, self).config_overrides() + port = random.randint(10000, 30000) + self.config_fixture.config(public_port=port, admin_port=port) + + self.config_fixture.config(group='os_inherit', enabled=True) + + def test_json_home_v3(self): + # If the request is /v3 and the Accept header is application/json-home + # then the server responds with a JSON Home document. + + client = self.client(self.public_app) + resp = client.get('/v3/', headers={'Accept': 'application/json-home'}) + + self.assertThat(resp.status, tt_matchers.Equals('200 OK')) + self.assertThat(resp.headers['Content-Type'], + tt_matchers.Equals('application/json-home')) + + exp_json_home_data = { + 'resources': V3_JSON_HOME_RESOURCES_INHERIT_ENABLED} self.assertThat(jsonutils.loads(resp.body), tt_matchers.Equals(exp_json_home_data))