Keystone role assignment observe reality method
Add special parsing method for role assignments to use it in resources with role assignments. implements bp get-reality-for-resources Change-Id: I1fbb1449723843d88501b8f11913e9908fe4cd00
This commit is contained in:
parent
885eb51ecc
commit
8de00cdc47
|
@ -308,6 +308,30 @@ class KeystoneRoleAssignmentMixin(object):
|
||||||
' role %s') % role_assignment.get(self.ROLE)
|
' role %s') % role_assignment.get(self.ROLE)
|
||||||
raise exception.StackValidationFailed(message=msg)
|
raise exception.StackValidationFailed(message=msg)
|
||||||
|
|
||||||
|
def parse_list_assignments(self, user_id=None, group_id=None):
|
||||||
|
"""Method used for get_live_state implementation in other resources."""
|
||||||
|
assignments = []
|
||||||
|
roles = []
|
||||||
|
if user_id is not None:
|
||||||
|
assignments = self.client().role_assignments.list(user=user_id)
|
||||||
|
elif group_id is not None:
|
||||||
|
assignments = self.client().role_assignments.list(group=group_id)
|
||||||
|
for assignment in assignments:
|
||||||
|
values = assignment.to_dict()
|
||||||
|
if not values.get('role') or not values.get('role').get('id'):
|
||||||
|
continue
|
||||||
|
role = {
|
||||||
|
self.ROLE: values['role']['id'],
|
||||||
|
self.DOMAIN: (values.get('scope') and
|
||||||
|
values['scope'].get('domain') and
|
||||||
|
values['scope'].get('domain').get('id')),
|
||||||
|
self.PROJECT: (values.get('scope') and
|
||||||
|
values['scope'].get('project') and
|
||||||
|
values['scope'].get('project').get('id')),
|
||||||
|
}
|
||||||
|
roles.append(role)
|
||||||
|
return roles
|
||||||
|
|
||||||
|
|
||||||
class KeystoneUserRoleAssignment(resource.Resource,
|
class KeystoneUserRoleAssignment(resource.Resource,
|
||||||
KeystoneRoleAssignmentMixin):
|
KeystoneRoleAssignmentMixin):
|
||||||
|
|
|
@ -346,6 +346,40 @@ class KeystoneRoleAssignmentMixinTest(common.HeatTestCase):
|
||||||
self.assertRaises(exception.ResourcePropertyConflict,
|
self.assertRaises(exception.ResourcePropertyConflict,
|
||||||
self.test_role_assignment.validate)
|
self.test_role_assignment.validate)
|
||||||
|
|
||||||
|
def test_empty_parse_list_assignments(self):
|
||||||
|
self.assertEqual([],
|
||||||
|
self.test_role_assignment.parse_list_assignments())
|
||||||
|
|
||||||
|
def test_user_parse_list_assignments(self):
|
||||||
|
self._test_parse_list_assignments('user')
|
||||||
|
|
||||||
|
def test_group_parse_list_assignments(self):
|
||||||
|
self._test_parse_list_assignments('group')
|
||||||
|
|
||||||
|
def _test_parse_list_assignments(self, entity=None):
|
||||||
|
dict_obj = mock.MagicMock()
|
||||||
|
dict_obj.to_dict.side_effect = [{'scope': {
|
||||||
|
'project': {'id': 'fc0fe982401643368ff2eb11d9ca70f1'}},
|
||||||
|
'role': {'id': '3b8b253648f44256a457a5073b78021d'},
|
||||||
|
entity: {'id': '4147558a763046cfb68fb870d58ef4cf'}},
|
||||||
|
{'role': {'id': '3b8b253648f44258021d6a457a5073b7'},
|
||||||
|
entity: {'id': '4147558a763046cfb68fb870d58ef4cf'}}]
|
||||||
|
self.keystoneclient.role_assignments.list.return_value = [dict_obj,
|
||||||
|
dict_obj]
|
||||||
|
|
||||||
|
kwargs = {'%s_id' % entity: '4147558a763046cfb68fb870d58ef4cf'}
|
||||||
|
list_assignments = self.test_role_assignment.parse_list_assignments(
|
||||||
|
**kwargs)
|
||||||
|
expected = [
|
||||||
|
{'role': '3b8b253648f44256a457a5073b78021d',
|
||||||
|
'project': 'fc0fe982401643368ff2eb11d9ca70f1',
|
||||||
|
'domain': None},
|
||||||
|
{'role': '3b8b253648f44258021d6a457a5073b7',
|
||||||
|
'project': None,
|
||||||
|
'domain': None},
|
||||||
|
]
|
||||||
|
self.assertEqual(expected, list_assignments)
|
||||||
|
|
||||||
|
|
||||||
class KeystoneUserRoleAssignmentTest(common.HeatTestCase):
|
class KeystoneUserRoleAssignmentTest(common.HeatTestCase):
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue