Add application credential CRUD support

This patch adds the client support of application
credentials.
Change-Id: Idac1b8f4610825ca7fdf62eec4f0453398e43346
This commit is contained in:
Vishakha Agarwal 2019-07-05 16:40:04 +05:30
parent 9db14f6d78
commit 7c10ff6041
7 changed files with 284 additions and 0 deletions

View File

@ -11,6 +11,8 @@
# under the License. # under the License.
import openstack.exceptions as exception import openstack.exceptions as exception
from openstack.identity.v3 import application_credential as \
_application_credential
from openstack.identity.v3 import credential as _credential from openstack.identity.v3 import credential as _credential
from openstack.identity.v3 import domain as _domain from openstack.identity.v3 import domain as _domain
from openstack.identity.v3 import endpoint as _endpoint from openstack.identity.v3 import endpoint as _endpoint
@ -1212,3 +1214,108 @@ class Proxy(proxy.Proxy):
group = self._get_resource(_group.Group, group) group = self._get_resource(_group.Group, group)
role = self._get_resource(_role.Role, role) role = self._get_resource(_role.Role, role)
return project.validate_group_has_role(self, group, role) return project.validate_group_has_role(self, group, role)
def application_credentials(self, user, **query):
"""Retrieve a generator of application credentials
:param user: Either the ID of a user or a
:class:`~openstack.identity.v3.user.User` instance.
:param kwargs query: Optional query parameters to be sent to
application credential the resources being returned.
:returns: A generator of application credentials instances.
:rtype: :class:`~openstack.identity.v3.application_credential.
ApplicationCredential`
"""
user = self._get_resource(_user.User, user)
return self._list(_application_credential.ApplicationCredential,
user_id=user.id, **query)
def get_application_credential(self, user, application_credential):
"""Get a single application credential
:param user: Either the ID of a user or a
:class:`~openstack.identity.v3.user.User` instance.
:param application_credential: The value can be the ID of a
application credential or a :class:
`~openstack.identity.v3.application_credential.
ApplicationCredential` instance.
:returns: One :class:`~openstack.identity.v3.application_credential.
ApplicationCredential`
:raises: :class:`~openstack.exceptions.ResourceNotFound` when no
resource can be found.
"""
user = self._get_resource(_user.User, user)
return self._get(_application_credential.ApplicationCredential,
application_credential,
user_id=user.id)
def create_application_credential(self, user, name, **attrs):
"""Create a new application credential from attributes
:param user: Either the ID of a user or a
:class:`~openstack.identity.v3.user.User` instance.
:param name: The name of the application credential which is
unique to the user.
:param dict attrs: Keyword arguments which will be used to create
a :class:`~openstack.identity.v3.application_credential.
ApplicationCredential`, comprised of the properties on the
ApplicationCredential class.
:returns: The results of application credential creation.
:rtype: :class:`~openstack.identity.v3.application_credential.
ApplicationCredential`
"""
user = self._get_resource(_user.User, user)
return self._create(_application_credential.ApplicationCredential,
name=name,
user_id=user.id, **attrs)
def find_application_credential(self, user, name_or_id,
ignore_missing=True, **args):
"""Find a single application credential
:param user: Either the ID of a user or a
:class:`~openstack.identity.v3.user.User` instance.
:param name_or_id: The name or ID of a application credential.
:param bool ignore_missing: When set to ``False``
:class:`~openstack.exceptions.ResourceNotFound` will be
raised when the resource does not exist.
When set to ``True``, None will be returned when
attempting to find a nonexistent resource.
:returns: One :class:`~openstack.identity.v3.application_credential.
ApplicationCredential` or None
"""
user = self._get_resource(_user.User, user)
return self._find(_application_credential.ApplicationCredential,
user_id=user.id, name_or_id=name_or_id,
ignore_missing=ignore_missing, **args)
def delete_application_credential(self, user, application_credential,
ignore_missing=True):
"""Delete a application credential
:param user: Either the ID of a user or a
:class:`~openstack.identity.v3.user.User` instance.
:param application credential: The value can be either the ID of a
application credential or a :class: `~openstack.identity.v3.
application_credential.ApplicationCredential` instance.
:param bool ignore_missing: When set to ``False``
:class:`~openstack.exceptions.ResourceNotFound` will be raised
when the application credential does not exist. When set to
``True``, no exception will be thrown when attempting to delete
a nonexistent application credential.
:returns: ``None``
"""
user = self._get_resource(_user.User, user)
self._delete(_application_credential.ApplicationCredential,
application_credential,
user_id=user.id,
ignore_missing=ignore_missing)

View File

@ -0,0 +1,49 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from openstack import resource
class ApplicationCredential(resource.Resource):
resource_key = 'application_credential'
resources_key = 'application_credentials'
base_path = '/users/%(user_id)s/application_credentials'
# capabilities
allow_create = True
allow_fetch = True
allow_commit = True
allow_delete = True
allow_list = True
# Properties
#: User ID using application credential. *Type: string*
user_id = resource.URI('user_id')
#: User object using application credential. *Type: string*
user = resource.Body('user')
#: The links for the application credential resource.
links = resource.Body('links')
#: name of the user. *Type: string*
name = resource.Body('name')
#: secret that application credential will be created with, if any.
# *Type: string*
secret = resource.Body('secret')
#: description of application credential's purpose. *Type: string*
description = resource.Body('description')
#: expire time of application credential. *Type: string*
expires_at = resource.Body('expires_at')
#: roles of the user. *Type: list*
roles = resource.Body('roles')
#: restricts the application credential. *Type: boolean*
unrestricted = resource.Body('unrestricted', type=bool)
#: ID of project. *Type: string*
project_id = resource.Body('project_id')

View File

@ -0,0 +1,68 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from openstack.tests.functional import base
from openstack import exceptions
class TestApplicationCredentials(base.BaseFunctionalTest):
def setUp(self):
super(TestApplicationCredentials, self).setUp()
self.user_id = self.operator_cloud.current_user_id
def _create_application_credentials(self):
app_creds = self.conn.identity.create_application_credential(
user=self.user_id, name='app_cred'
)
self.addCleanup(self.conn.identity.delete_application_credential,
self.user_id, app_creds['id'])
return app_creds
def test_create_application_credentials(self):
app_creds = self._create_application_credentials()
self.assertEqual(app_creds['user_id'], self.user_id)
def test_get_application_credential(self):
app_creds = self._create_application_credentials()
app_cred = self.conn.identity.get_application_credential(
user=self.user_id, application_credential=app_creds['id']
)
self.assertEqual(app_cred['id'], app_creds['id'])
self.assertEqual(app_cred['user_id'], self.user_id)
def test_application_credentials(self):
self._create_application_credentials()
app_creds = self.conn.identity.application_credentials(
user=self.user_id
)
for app_cred in app_creds:
self.assertEqual(app_cred['user_id'], self.user_id)
def test_find_application_credential(self):
app_creds = self._create_application_credentials()
app_cred = self.conn.identity.find_application_credential(
user=self.user_id, name_or_id=app_creds['id']
)
self.assertEqual(app_cred['id'], app_creds['id'])
self.assertEqual(app_cred['user_id'], self.user_id)
def test_delete_application_credential(self):
app_creds = self._create_application_credentials()
self.conn.identity.delete_application_credential(
user=self.user_id, application_credential=app_creds['id']
)
self.assertRaises(exceptions.NotFoundException,
self.conn.identity.get_application_credential,
user=self.user_id,
application_credential=app_creds['id']
)

View File

@ -0,0 +1,55 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from openstack.tests.unit import base
from openstack.identity.v3 import application_credential
EXAMPLE = {
"user": {
"id": "8ac43bb0926245cead88676a96c750d3"},
"name": 'monitoring',
"secret": 'rEaqvJka48mpv',
"roles": [
{"name": "Reader"}
],
"expires_at": '2018-02-27T18:30:59Z',
"description": "Application credential for monitoring",
"unrestricted": "False",
"project_id": "3",
"links": {"self": "http://example.com/v3/application_credential_1"}
}
class TestApplicationCredential(base.TestCase):
def test_basic(self):
sot = application_credential.ApplicationCredential()
self.assertEqual('application_credential', sot.resource_key)
self.assertEqual('application_credentials', sot.resources_key)
self.assertEqual('/users/%(user_id)s/application_credentials',
sot.base_path)
self.assertTrue(sot.allow_create)
self.assertTrue(sot.allow_fetch)
self.assertTrue(sot.allow_commit)
self.assertTrue(sot.allow_delete)
self.assertTrue(sot.allow_list)
def test_make_it(self):
sot = application_credential.ApplicationCredential(**EXAMPLE)
self.assertEqual(EXAMPLE['user'], sot.user)
self.assertEqual(EXAMPLE['name'], sot.name)
self.assertEqual(EXAMPLE['secret'], sot.secret)
self.assertEqual(EXAMPLE['description'], sot.description)
self.assertEqual(EXAMPLE['expires_at'], sot.expires_at)
self.assertEqual(EXAMPLE['project_id'], sot.project_id)
self.assertEqual(EXAMPLE['roles'], sot.roles)
self.assertEqual(EXAMPLE['links'], sot.links)

View File

@ -0,0 +1,5 @@
---
features:
- |
Added CRUD support for `application credentials
<https://docs.openstack.org/keystone/latest/user/application_credentials.html>`_.