Add attributes schema for OS::Keystone::User

Add `attributes_schema` and `_resolve_attribute` for OS::Keystone::User. This patch allow get_attr works with OS::Keystone::User resource. Partial-Bug: #1648004 Closes-bug: #1659923 Co-Authored-By: Rico Lin <rico.lin.guanyu@gmail.com> Change-Id: I4e8e984c42120e23887ad9997df2fa530709be52
6 years ago · c2e944c6fc
parent 77b8073a01
commit c2e944c6fc
3 changed files with 69 additions and 2 deletions
--- a/heat/engine/api.py
+++ b/heat/engine/api.py
@ -288,7 +288,7 @@ def format_resource_attributes(resource, with_attr=None):
            return resolver._resolver(attr)
        except Exception:
            return None
-    # if 'show' in attribute_schema, will resolve all attributes of resource
+    # if 'show' in attributes_schema, will resolve all attributes of resource
    # including the ones are not represented in response of show API, such as
    # 'console_urls' for nova server, user can view it by taking with_attr
    # parameter
--- a/heat/engine/resources/openstack/keystone/user.py
+++ b/heat/engine/resources/openstack/keystone/user.py
@ -12,6 +12,7 @@
 #    under the License.

 from heat.common.i18n import _
+from heat.engine import attributes
 from heat.engine import constraints
 from heat.engine import properties
 from heat.engine import resource
@ -101,6 +102,41 @@ class KeystoneUser(resource.Resource,
    properties_schema.update(
        role_assignments.KeystoneRoleAssignmentMixin.mixin_properties_schema)

+    ATTRIBUTES = (
+        NAME_ATTR, DEFAULT_PROJECT_ATTR, DOMAIN_ATTR, ENABLED_ATTR,
+        PASSWORD_EXPIRES_AT_ATTR
+    ) = (
+        'name', 'default_project_id', 'domain_id',
+        'enabled', 'password_expires_at'
+    )
+    attributes_schema = {
+        NAME_ATTR: attributes.Schema(
+            _('User name.'),
+            support_status=support.SupportStatus(version='9.0.0'),
+            type=attributes.Schema.STRING
+        ),
+        DEFAULT_PROJECT_ATTR: attributes.Schema(
+            _('Default project id for user.'),
+            support_status=support.SupportStatus(version='9.0.0'),
+            type=attributes.Schema.STRING
+        ),
+        DOMAIN_ATTR: attributes.Schema(
+            _('Domain id for user.'),
+            support_status=support.SupportStatus(version='9.0.0'),
+            type=attributes.Schema.STRING
+        ),
+        ENABLED_ATTR: attributes.Schema(
+            _('Flag of enable user.'),
+            support_status=support.SupportStatus(version='9.0.0'),
+            type=attributes.Schema.BOOLEAN
+        ),
+        PASSWORD_EXPIRES_AT_ATTR: attributes.Schema(
+            _('Show user password expiration time.'),
+            support_status=support.SupportStatus(version='9.0.0'),
+            type=attributes.Schema.STRING
+        ),
+    }
+
    def translation_rules(self, properties):
        return [
            translation.TranslationRule(
@ -188,6 +224,12 @@ class KeystoneUser(resource.Resource,

        return new_group_ids, removed_group_ids

+    def _resolve_attribute(self, name):
+        if self.resource_id is None:
+            return
+        user = self.client().users.get(self.resource_id)
+        return getattr(user, name, None)
+
    def handle_create(self):
        user_name = (self.properties[self.NAME] or
                     self.physical_resource_name())
--- a/heat/tests/openstack/keystone/test_user.py
+++ b/heat/tests/openstack/keystone/test_user.py
@ -83,12 +83,17 @@ class KeystoneUserTest(common.HeatTestCase):
        value = mock.MagicMock()
        user_id = '477e8273-60a7-4c41-b683-fdb0bc7cd151'
        value.id = user_id
-
+        value.name = 'test_user_1'
+        value.default_project_id = 'project_1'
+        value.domain_id = 'default'
+        value.enabled = True
+        value.password_expires_at = '2016-12-10T17:28:49.000000'
        return value

    def test_user_handle_create(self):
        mock_user = self._get_mock_user()
        self.users.create.return_value = mock_user
+        self.users.get.return_value = mock_user
        self.users.add_to_group = mock.MagicMock()

        # validate the properties
@ -316,3 +321,23 @@ class KeystoneUserTest(common.HeatTestCase):
        self.assertEqual(set(expected.keys()), set(reality.keys()))
        for key in expected:
            self.assertEqual(expected[key], reality[key])
+
+    def test_resolve_attributes(self):
+        mock_user = self._get_mock_user()
+        self.test_user.resource_id = mock_user['id']
+        self.users.get.return_value = mock_user
+        self.assertEqual(
+            mock_user.name,
+            self.test_user._resolve_attribute('name'))
+        self.assertEqual(
+            mock_user.default_project_id,
+            self.test_user._resolve_attribute('default_project_id'))
+        self.assertEqual(
+            mock_user.domain_id,
+            self.test_user._resolve_attribute('domain_id'))
+        self.assertEqual(
+            mock_user.enabled,
+            self.test_user._resolve_attribute('enabled'))
+        self.assertEqual(
+            mock_user.password_expires_at,
+            self.test_user._resolve_attribute('password_expires_at'))