Add support for Role resource in Identity v3
This change adds the Role resource to Identity v3 and exposes the CRUD methods in the proxy. It also adds a small example to the documentation. Change-Id: I064c27fcd1d15bfd064c63b8c50bc2461b8c1156
This commit is contained in:
parent
16520438c3
commit
aa6aeac21a
|
@ -71,3 +71,10 @@ def list_regions(conn):
|
||||||
|
|
||||||
for region in conn.identity.regions():
|
for region in conn.identity.regions():
|
||||||
print(region)
|
print(region)
|
||||||
|
|
||||||
|
|
||||||
|
def list_roles(conn):
|
||||||
|
print("List Roles:")
|
||||||
|
|
||||||
|
for role in conn.identity.roles():
|
||||||
|
print(role)
|
||||||
|
|
|
@ -17,6 +17,7 @@ from openstack.identity.v3 import group as _group
|
||||||
from openstack.identity.v3 import policy as _policy
|
from openstack.identity.v3 import policy as _policy
|
||||||
from openstack.identity.v3 import project as _project
|
from openstack.identity.v3 import project as _project
|
||||||
from openstack.identity.v3 import region as _region
|
from openstack.identity.v3 import region as _region
|
||||||
|
from openstack.identity.v3 import role as _role
|
||||||
from openstack.identity.v3 import service as _service
|
from openstack.identity.v3 import service as _service
|
||||||
from openstack.identity.v3 import trust as _trust
|
from openstack.identity.v3 import trust as _trust
|
||||||
from openstack.identity.v3 import user as _user
|
from openstack.identity.v3 import user as _user
|
||||||
|
@ -797,3 +798,80 @@ class Proxy(proxy.BaseProxy):
|
||||||
:rtype: :class:`~openstack.identity.v3.region.Region`
|
:rtype: :class:`~openstack.identity.v3.region.Region`
|
||||||
"""
|
"""
|
||||||
return self._update(_region.Region, region, **attrs)
|
return self._update(_region.Region, region, **attrs)
|
||||||
|
|
||||||
|
def create_role(self, **attrs):
|
||||||
|
"""Create a new role from attributes
|
||||||
|
|
||||||
|
:param dict attrs: Keyword arguments which will be used to create
|
||||||
|
a :class:`~openstack.identity.v3.role.Role`,
|
||||||
|
comprised of the properties on the Role class.
|
||||||
|
|
||||||
|
:returns: The results of role creation.
|
||||||
|
:rtype: :class:`~openstack.identity.v3.role.Role`
|
||||||
|
"""
|
||||||
|
return self._create(_role.Role, **attrs)
|
||||||
|
|
||||||
|
def delete_role(self, role, ignore_missing=True):
|
||||||
|
"""Delete a role
|
||||||
|
|
||||||
|
:param role: The value can be either the ID of a role or a
|
||||||
|
:class:`~openstack.identity.v3.role.Role` instance.
|
||||||
|
:param bool ignore_missing: When set to ``False``
|
||||||
|
:class:`~openstack.exceptions.ResourceNotFound` will be
|
||||||
|
raised when the role does not exist.
|
||||||
|
When set to ``True``, no exception will be thrown when
|
||||||
|
attempting to delete a nonexistent role.
|
||||||
|
|
||||||
|
:returns: ``None``
|
||||||
|
"""
|
||||||
|
self._delete(_role.Role, role, ignore_missing=ignore_missing)
|
||||||
|
|
||||||
|
def find_role(self, name_or_id, ignore_missing=True):
|
||||||
|
"""Find a single role
|
||||||
|
|
||||||
|
:param name_or_id: The name or ID of a role.
|
||||||
|
:param bool ignore_missing: When set to ``False``
|
||||||
|
:class:`~openstack.exceptions.ResourceNotFound` will be
|
||||||
|
raised when the role does not exist.
|
||||||
|
When set to ``True``, None will be returned when
|
||||||
|
attempting to find a nonexistent role.
|
||||||
|
:returns: One :class:`~openstack.identity.v3.role.Role` or None
|
||||||
|
"""
|
||||||
|
return self._find(_role.Role, name_or_id,
|
||||||
|
ignore_missing=ignore_missing)
|
||||||
|
|
||||||
|
def get_role(self, role):
|
||||||
|
"""Get a single role
|
||||||
|
|
||||||
|
:param role: The value can be the ID of a role or a
|
||||||
|
:class:`~openstack.identity.v3.role.Role` instance.
|
||||||
|
|
||||||
|
:returns: One :class:`~openstack.identity.v3.role.Role`
|
||||||
|
:raises: :class:`~openstack.exceptions.ResourceNotFound`
|
||||||
|
when no matching role can be found.
|
||||||
|
"""
|
||||||
|
return self._get(_role.Role, role)
|
||||||
|
|
||||||
|
def roles(self, **query):
|
||||||
|
"""Retrieve a generator of roles
|
||||||
|
|
||||||
|
:param kwargs \*\*query: Optional query parameters to be sent to limit
|
||||||
|
the resources being returned. The options
|
||||||
|
are: domain_id, name.
|
||||||
|
:return: A generator of role instances.
|
||||||
|
:rtype: :class:`~openstack.identity.v3.role.Role`
|
||||||
|
"""
|
||||||
|
return self._list(_role.Role, paginated=False, **query)
|
||||||
|
|
||||||
|
def update_role(self, role, **attrs):
|
||||||
|
"""Update a role
|
||||||
|
|
||||||
|
:param role: Either the ID of a role or a
|
||||||
|
:class:`~openstack.identity.v3.role.Role` instance.
|
||||||
|
:param dict kwargs: The attributes to update on the role represented
|
||||||
|
by ``value``. Only name can be updated
|
||||||
|
|
||||||
|
:returns: The updated role.
|
||||||
|
:rtype: :class:`~openstack.identity.v3.role.Role`
|
||||||
|
"""
|
||||||
|
return self._update(_role.Role, role, **attrs)
|
||||||
|
|
|
@ -0,0 +1,43 @@
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
from openstack.identity import identity_service
|
||||||
|
from openstack import resource2 as resource
|
||||||
|
|
||||||
|
|
||||||
|
class Role(resource.Resource):
|
||||||
|
resource_key = 'role'
|
||||||
|
resources_key = 'roles'
|
||||||
|
base_path = '/roles'
|
||||||
|
service = identity_service.IdentityService()
|
||||||
|
|
||||||
|
# capabilities
|
||||||
|
allow_create = True
|
||||||
|
allow_get = True
|
||||||
|
allow_update = True
|
||||||
|
allow_delete = True
|
||||||
|
allow_list = True
|
||||||
|
put_create = True
|
||||||
|
|
||||||
|
_query_mapping = resource.QueryParameters(
|
||||||
|
'name', 'domain_id')
|
||||||
|
|
||||||
|
# Properties
|
||||||
|
#: References the domain ID which owns the role; if a domain ID is not
|
||||||
|
#: specified by the client, the Identity service implementation will
|
||||||
|
#: default it to the domain ID to which the client's token is scoped.
|
||||||
|
#: *Type: string*
|
||||||
|
domain_id = resource.Body('domain_id')
|
||||||
|
#: Unique role name, within the owning domain. *Type: string*
|
||||||
|
name = resource.Body('name')
|
||||||
|
#: The links for the service resource.
|
||||||
|
links = resource.Body('links')
|
|
@ -18,6 +18,7 @@ from openstack.identity.v3 import group
|
||||||
from openstack.identity.v3 import policy
|
from openstack.identity.v3 import policy
|
||||||
from openstack.identity.v3 import project
|
from openstack.identity.v3 import project
|
||||||
from openstack.identity.v3 import region
|
from openstack.identity.v3 import region
|
||||||
|
from openstack.identity.v3 import role
|
||||||
from openstack.identity.v3 import service
|
from openstack.identity.v3 import service
|
||||||
from openstack.identity.v3 import trust
|
from openstack.identity.v3 import trust
|
||||||
from openstack.identity.v3 import user
|
from openstack.identity.v3 import user
|
||||||
|
@ -242,3 +243,24 @@ class TestIdentityProxy(test_proxy_base2.TestProxyBase):
|
||||||
|
|
||||||
def test_region_update(self):
|
def test_region_update(self):
|
||||||
self.verify_update(self.proxy.update_region, region.Region)
|
self.verify_update(self.proxy.update_region, region.Region)
|
||||||
|
|
||||||
|
def test_role_create_attrs(self):
|
||||||
|
self.verify_create(self.proxy.create_role, role.Role)
|
||||||
|
|
||||||
|
def test_role_delete(self):
|
||||||
|
self.verify_delete(self.proxy.delete_role, role.Role, False)
|
||||||
|
|
||||||
|
def test_role_delete_ignore(self):
|
||||||
|
self.verify_delete(self.proxy.delete_role, role.Role, True)
|
||||||
|
|
||||||
|
def test_role_find(self):
|
||||||
|
self.verify_find(self.proxy.find_role, role.Role)
|
||||||
|
|
||||||
|
def test_role_get(self):
|
||||||
|
self.verify_get(self.proxy.get_role, role.Role)
|
||||||
|
|
||||||
|
def test_roles(self):
|
||||||
|
self.verify_list(self.proxy.roles, role.Role, paginated=False)
|
||||||
|
|
||||||
|
def test_role_update(self):
|
||||||
|
self.verify_update(self.proxy.update_role, role.Role)
|
||||||
|
|
|
@ -0,0 +1,46 @@
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
import testtools
|
||||||
|
|
||||||
|
from openstack.identity.v3 import role
|
||||||
|
|
||||||
|
IDENTIFIER = 'IDENTIFIER'
|
||||||
|
EXAMPLE = {
|
||||||
|
'domain_id': '1',
|
||||||
|
'id': IDENTIFIER,
|
||||||
|
'links': {'self': 'http://example.com/user1'},
|
||||||
|
'name': '2',
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
class TestRole(testtools.TestCase):
|
||||||
|
|
||||||
|
def test_basic(self):
|
||||||
|
sot = role.Role()
|
||||||
|
self.assertEqual('role', sot.resource_key)
|
||||||
|
self.assertEqual('roles', sot.resources_key)
|
||||||
|
self.assertEqual('/roles', sot.base_path)
|
||||||
|
self.assertEqual('identity', sot.service.service_type)
|
||||||
|
self.assertTrue(sot.allow_create)
|
||||||
|
self.assertTrue(sot.allow_get)
|
||||||
|
self.assertTrue(sot.allow_update)
|
||||||
|
self.assertTrue(sot.allow_delete)
|
||||||
|
self.assertTrue(sot.allow_list)
|
||||||
|
self.assertTrue(sot.put_create)
|
||||||
|
|
||||||
|
def test_make_it(self):
|
||||||
|
sot = role.Role(**EXAMPLE)
|
||||||
|
self.assertEqual(EXAMPLE['domain_id'], sot.domain_id)
|
||||||
|
self.assertEqual(EXAMPLE['id'], sot.id)
|
||||||
|
self.assertEqual(EXAMPLE['links'], sot.links)
|
||||||
|
self.assertEqual(EXAMPLE['name'], sot.name)
|
Loading…
Reference in New Issue