From 14189256690e2fd281a583383bcc23bbc489a8ab Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 16 Jan 2012 17:36:38 -0800 Subject: [PATCH] tests for ec2 crud --- etc/keystone.conf | 2 +- keystone/backends/kvs.py | 5 +++-- keystone/backends/sql/core.py | 5 +++-- keystone/service.py | 16 ++++++++-------- tests/test_keystoneclient.py | 21 +++++++++++++++++++++ 5 files changed, 36 insertions(+), 13 deletions(-) diff --git a/etc/keystone.conf b/etc/keystone.conf index b937be45b5..f4c38e072c 100644 --- a/etc/keystone.conf +++ b/etc/keystone.conf @@ -66,7 +66,7 @@ paste.app_factory = keystone.service:admin_app_factory pipeline = token_auth admin_token_auth json_body debug ec2_extension public_service [pipeline:admin_api] -pipeline = token_auth admin_token_auth json_body debug crud_extension admin_service +pipeline = token_auth admin_token_auth json_body debug ec2_extension crud_extension admin_service [composite:main] use = egg:Paste#urlmap diff --git a/keystone/backends/kvs.py b/keystone/backends/kvs.py index 3ab5f1e9a4..f6771cb4f9 100644 --- a/keystone/backends/kvs.py +++ b/keystone/backends/kvs.py @@ -280,9 +280,10 @@ class KvsEc2(object): credential_ref = self.db.get('credential-%s' % credential_id) return credential_ref - def list_credentials(self): + def list_credentials(self, user_id): credential_ids = self.db.get('credential_list', []) - return [self.get_credential(x) for x in credential_ids] + rv = [self.get_credential(x) for x in credential_ids] + return [x for x in rv if x['user_id'] == user_id] # CRUD def create_credential(self, credential_id, credential): diff --git a/keystone/backends/sql/core.py b/keystone/backends/sql/core.py index 3c981b299b..0f870ca062 100644 --- a/keystone/backends/sql/core.py +++ b/keystone/backends/sql/core.py @@ -494,9 +494,10 @@ class SqlEc2(SqlBase): return return credential_ref.to_dict() - def list_credentials(self): + def list_credentials(self, user_id): session = self.get_session() - credential_refs = session.query(Ec2Credential) + credential_refs = session.query(Ec2Credential)\ + .filter_by(user_id=user_id) return [x.to_dict() for x in credential_refs] # CRUD diff --git a/keystone/service.py b/keystone/service.py index 138b86218b..1a618dba6f 100644 --- a/keystone/service.py +++ b/keystone/service.py @@ -335,25 +335,25 @@ class Ec2Extension(wsgi.ExtensionRouter): mapper.connect('/ec2tokens', controller=ec2_controller, action='authenticate_ec2', - conditions=dict(methods=['POST'])) + conditions=dict(method=['POST'])) # crud mapper.connect('/users/{user_id}/credentials/OS-EC2', controller=ec2_controller, action='create_credential', - conditions=dict(methods=['POST'])) + conditions=dict(method=['POST'])) mapper.connect('/users/{user_id}/credentials/OS-EC2', controller=ec2_controller, action='get_credentials', - conditions=dict(methods=['GET'])) + conditions=dict(method=['GET'])) mapper.connect('/users/{user_id}/credentials/OS-EC2/{credential_id}', controller=ec2_controller, action='get_credential', - conditions=dict(methods=['GET'])) + conditions=dict(method=['GET'])) mapper.connect('/users/{user_id}/credentials/OS-EC2/{credential_id}', controller=ec2_controller, action='delete_credential', - conditions=dict(methods=['DELETE'])) + conditions=dict(method=['DELETE'])) super(Ec2Extension, self).__init__(application, mapper) @@ -442,17 +442,17 @@ class Ec2Controller(Application): """List credentials for the given user_id.""" # TODO(termie): validate that this request is valid for given user # tenant - return {'credentials': self.ec2_api.list_credentials(user_id)} + return {'credentials': self.ec2_api.list_credentials(context, user_id)} def get_credential(self, context, user_id, credential_id): # TODO(termie): validate that this request is valid for given user # tenant - return {'credential': self.ec2_api.get_credential(credential_id)} + return {'credential': self.ec2_api.get_credential(context, credential_id)} def delete_credential(self, context, user_id, credential_id): # TODO(termie): validate that this request is valid for given user # tenant - return self.ec2_api.delete_credential(credential_id) + return self.ec2_api.delete_credential(context, credential_id) class NoopController(Application): diff --git a/tests/test_keystoneclient.py b/tests/test_keystoneclient.py index bb568b0963..3fd5edca15 100644 --- a/tests/test_keystoneclient.py +++ b/tests/test_keystoneclient.py @@ -239,6 +239,27 @@ class KcMasterTestCase(CompatTestCase): roles = client.roles.get_user_role_refs('foo') self.assertTrue(len(roles) > 0) + def test_ec2_credential_creation(self): + from keystoneclient import exceptions as client_exceptions + + client = self.foo_client() + creds = client.ec2.list(self.user_foo['id']) + self.assertEquals(creds, []) + + cred = client.ec2.create(self.user_foo['id'], self.tenant_bar['id']) + creds = client.ec2.list(self.user_foo['id']) + self.assertEquals(creds, [cred]) + + got = client.ec2.get(self.user_foo['id'], cred.access) + self.assertEquals(cred, got) + + # FIXME(ja): need to test ec2 validation here + + client.ec2.delete(self.user_foo['id'], cred.access) + creds = client.ec2.list(self.user_foo['id']) + self.assertEquals(creds, []) + + def test_service_create_and_delete(self): from keystoneclient import exceptions as client_exceptions