clean up keystoneclient setup

2011-12-28 13:58:49 -08:00 · 2011-12-28 13:58:49 -08:00 · 2e1558ebd2
parent 32aa1dedb7
commit 2e1558ebd2
4 changed files with 45 additions and 36 deletions
--- a/keystonelight/keystone_compat.py
+++ b/keystonelight/keystone_compat.py
@ -150,7 +150,14 @@ class KeystoneController(service.BaseApplication):
                    tenant_id=tenant_ref['id'],
                    extras=extras_ref)

-        return self._format_authenticate(token_ref, catalog_ref)
+        # TODO(termie): optimize this call at some point and put it into the
+        #               the return for extras
+        # fill out the roles in the extras
+        roles_ref = []
+        for role_id in extras_ref.get('roles', []):
+            roles_ref.append(self.identity_api.get_role(context, role_id))
+
+        return self._format_authenticate(token_ref, roles_ref, catalog_ref)

    #admin-only
    def validate_token(self, context, token_id, belongs_to=None):
@ -220,11 +227,9 @@ class KeystoneController(service.BaseApplication):
                context, tenant_id=tenant_id, data=tenant_ref)
        return {'tenant': tenant}

-    def _format_token(self, token_ref):
+    def _format_token(self, token_ref, roles_ref):
        user_ref = token_ref['user']
        extras_ref = token_ref['extras']
-        roles = extras_ref.get('roles', [])
-        roles_ref = [{'id': 1, 'name': x} for x in roles]
        o = {'access': {'token': {'id': token_ref['id'],
                                  'expires': token_ref['expires']
                                  },
@ -242,8 +247,8 @@ class KeystoneController(service.BaseApplication):
            o['access']['token']['tenant'] = token_ref['tenant']
        return o

-    def _format_authenticate(self, token_ref, catalog_ref):
-        o = self._format_token(token_ref)
+    def _format_authenticate(self, token_ref, roles_ref, catalog_ref):
+        o = self._format_token(token_ref, roles_ref)
        o['access']['serviceCatalog'] = self._format_catalog(catalog_ref)
        return o

--- a/keystonelight/test.py
+++ b/keystonelight/test.py
@ -96,8 +96,22 @@ class TestCase(unittest.TestCase):
        sys.path.remove(path)
    super(TestCase, self).tearDown()

+  #TODO(termie): probably make this take an argument and use that for `options`
+  def load_backends(self):
+    """Hacky shortcut to load the backends for data manipulation.
+
+    Expects self.options to have already been set.
+
+    """
+    self.identity_api = utils.import_object(
+        self.options['identity_driver'], options=self.options)
+    self.token_api = utils.import_object(
+        self.options['token_driver'], options=self.options)
+    self.catalog_api = utils.import_object(
+        self.options['catalog_driver'], options=self.options)
+
  def load_fixtures(self, fixtures):
-    """Really quite basic and naive fixture loading based on a python module.
+    """Hacky basic and naive fixture loading based on a python module.

    Expects that the various APIs into the various services are already
    defined on `self`.
--- a/tests/test_backend_kvs.py
+++ b/tests/test_backend_kvs.py
@ -9,8 +9,8 @@ import default_fixtures
 class KvsIdentity(test.TestCase):
  def setUp(self):
    super(KvsIdentity, self).setUp()
-    options = self.appconfig('default')
-    self.identity_api = kvs.KvsIdentity(options=options, db={})
+    self.options = self.appconfig('default')
+    self.identity_api = kvs.KvsIdentity(options=self.options, db={})
    self.load_fixtures(default_fixtures)

  def test_authenticate_bad_user(self):
--- a/tests/test_keystoneclient_compat.py
+++ b/tests/test_keystoneclient_compat.py
@ -2,6 +2,8 @@ from keystonelight import models
 from keystonelight import test
 from keystonelight import utils

+import default_fixtures
+

 KEYSTONECLIENT_REPO = 'git://github.com/openstack/python-keystoneclient.git'

@ -37,32 +39,18 @@ class MasterCompatTestCase(CompatTestCase):

        self.app = self.loadapp('keystoneclient_compat_master')
        self.options = self.appconfig('keystoneclient_compat_master')
-
-        self.identity_backend = utils.import_object(
-            self.options['identity_driver'], options=self.options)
-        self.token_backend = utils.import_object(
-            self.options['token_driver'], options=self.options)
-        self.catalog_backend = utils.import_object(
-            self.options['catalog_driver'], options=self.options)
+        self.load_backends()
+        self.load_fixtures(default_fixtures)

        self.server = self.serveapp('keystoneclient_compat_master')

-        self.tenant_bar = self.identity_backend.create_tenant(
-            'bar',
-            models.Tenant(id='bar', name='BAR'))
-
-        self.user_foo = self.identity_backend.create_user(
-            'foo',
-            models.User(id='foo',
-                        name='FOO',
-                        tenants=[self.tenant_bar['id']],
-                        password='foo'))
-
-        self.extras_bar_foo = self.identity_backend.create_extras(
+        # TODO(termie): is_admin is being deprecated once the policy stuff
+        #               is all working
+        # TODO(termie): add an admin user to the fixtures and use that user
+        # override the fixtures, for now
+        self.extras_foobar = self.identity_api.update_extras(
            self.user_foo['id'], self.tenant_bar['id'],
-            dict(roles=[],
-                 is_admin='1',
-                 roles_links=[]))
+            dict(roles=['keystone_admin'], is_admin='1'))

    # def test_authenticate(self):
    #     from keystoneclient.v2_0 import client as ks_client
@ -77,7 +65,7 @@ class MasterCompatTestCase(CompatTestCase):
    def test_authenticate_tenant_name_and_tenants(self):
        client = self._client(auth_url=self._url(),
                              username='FOO',
-                              password='foo',
+                              password='foo2',
                              tenant_name='BAR')
        tenants = client.tenants.list()
        self.assertEquals(tenants[0].id, self.tenant_bar['id'])
@ -85,7 +73,7 @@ class MasterCompatTestCase(CompatTestCase):
    def test_authenticate_tenant_id_and_tenants(self):
        client = self._client(auth_url=self._url(),
                              username='FOO',
-                              password='foo',
+                              password='foo2',
                              tenant_id='bar')
        tenants = client.tenants.list()
        self.assertEquals(tenants[0].id, self.tenant_bar['id'])
@ -93,11 +81,13 @@ class MasterCompatTestCase(CompatTestCase):
    # FIXME(ja): this test should require the "keystone:admin" roled
    #            (probably the role set via --keystone_admin_role flag)
    # FIXME(ja): add a test that admin endpoint is only sent to admin user
-    # FIXME(ja): add a test that admin endpoint returns unauthorized if not admin
+    # FIXME(ja): add a test that admin endpoint returns unauthorized if not
+    #            admin
    def test_tenant_create(self):
        client = self._client(auth_url=self._url(),
                              username='FOO',
-                              password='foo',
+                              password='foo2',
                              tenant_name='BAR')
-        client.tenants.create("hello", description="My new tenant!", enabled=True)
+        client.tenants.create(
+            "hello", description="My new tenant!", enabled=True)
        # FIXME(ja): assert tenant was created