openstack/puppet-keystone
Code Issues Proposed changes

Fix leaking environment variables in tests

Browse Source 
In rspec provider tests the environment variables are used to
authenticate the calls.  The environment was set in a shared example.
The problem is that rspec read all those environment variables when it
compile the tests.  Then the last shared environment red by rspec was
setting the environment for all the test.  This was leading to
unpredictable behavior.

This fix this problem by setting the environment variables before each
test at rspec run time.

Change-Id: I28c952273d6f981c953cb3e2c960a98609ece263
Closes-Bug: 1482243
This commit is contained in:
Sofer Athlan-Guyot 2015-09-21 18:01:45 +02:00 committed by Gilles Dubreuil
parent 40a1d04410
commit 42d918040d
8 changed files with 862 additions and 821 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
spec/unit/provider/keystone_domain/openstack_spec.rb
View File

@ -8,7 +8,7 @@ provider_class = Puppet::Type.type(:keystone_domain).provider(:openstack)
describe provider_class do
shared_examples 'authenticated with environment variables' do
let(:set_env) do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
@ -41,61 +41,66 @@ describe provider_class do
AnotherKlass
end
before :each do
set_env
end
after :each do
provider_class.reset
another_class.reset
end
it_behaves_like 'authenticated with environment variables' do
describe '#create' do
it 'creates a domain' do
# keystone.conf
File.expects(:exists?).returns(true)
kcmock = {
'identity' => {'default_domain_id' => ' default'}
}
Puppet::Util::IniConfig::File.expects(:new).returns(kcmock)
kcmock.expects(:read).with('/etc/keystone/keystone.conf')
provider.class.expects(:openstack)
.with('domain', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo'])
.returns('id="1cb05cfed7c24279be884ba4f6520262"
describe '#create' do
it 'creates a domain' do
# keystone.conf
File.expects(:exists?).returns(true)
kcmock = {
'identity' => {'default_domain_id' => ' default'}
}
Puppet::Util::IniConfig::File.expects(:new).returns(kcmock)
kcmock.expects(:read).with('/etc/keystone/keystone.conf')
provider.class.expects(:openstack)
.with('domain', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo'])
.returns('id="1cb05cfed7c24279be884ba4f6520262"
name="foo"
description="foo"
enabled=True
')
provider.create
expect(provider.exists?).to be_truthy
end
'
)
provider.create
expect(provider.exists?).to be_truthy
end
describe '#destroy' do
it 'destroys a domain' do
provider.instance_variable_get('@property_hash')[:id] = 'my-domainid'
# keystone.conf
File.expects(:exists?).returns(true)
kcmock = {
'identity' => {'default_domain_id' => ' default'}
}
Puppet::Util::IniConfig::File.expects(:new).returns(kcmock)
kcmock.expects(:read).with('/etc/keystone/keystone.conf')
provider.class.expects(:openstack)
.with('domain', 'set', ['foo', '--disable'])
provider.class.expects(:openstack)
.with('domain', 'delete', 'foo')
provider.destroy
expect(provider.exists?).to be_falsey
end
end
describe '#destroy' do
it 'destroys a domain' do
provider.instance_variable_get('@property_hash')[:id] = 'my-domainid'
# keystone.conf
File.expects(:exists?).returns(true)
kcmock = {
'identity' => {'default_domain_id' => ' default'}
}
Puppet::Util::IniConfig::File.expects(:new).returns(kcmock)
kcmock.expects(:read).with('/etc/keystone/keystone.conf')
provider.class.expects(:openstack)
.with('domain', 'set', ['foo', '--disable'])
provider.class.expects(:openstack)
.with('domain', 'delete', 'foo')
provider.destroy
expect(provider.exists?).to be_falsey
end
end
describe '#instances' do
it 'finds every domain' do
provider.class.expects(:openstack)
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Description","Enabled"
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo",True
')
'
)
instances = provider_class.instances
expect(instances.count).to eq(1)
end
@ -121,12 +126,13 @@ enabled=True
mock.expects(:read).twice.with('/etc/keystone/keystone.conf')
mock.expects(:store)
provider.class.expects(:openstack)
.with('domain', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo'])
.returns('id="1cb05cfed7c24279be884ba4f6520262"
.with('domain', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo'])
.returns('id="1cb05cfed7c24279be884ba4f6520262"
name="foo"
description="foo"
enabled=True
')
'
)
expect(provider.class.default_domain_id).to eq('default')
expect(another_class.default_domain_id).to eq('default')
provider.create
@ -150,9 +156,9 @@ enabled=True
kcmock.expects(:read).with('/etc/keystone/keystone.conf')
kcmock.expects(:store)
provider.class.expects(:openstack)
.with('domain', 'set', ['foo', '--disable'])
.with('domain', 'set', ['foo', '--disable'])
provider.class.expects(:openstack)
.with('domain', 'delete', 'foo')
.with('domain', 'delete', 'foo')
provider.destroy
expect(provider.exists?).to be_falsey
expect(kcmock['identity']['default_domain_id']).to eq('default')
@ -174,7 +180,7 @@ enabled=True
it 'changes the description' do
provider.class.expects(:openstack)
.with('domain', 'set', ['foo', '--description', 'new description'])
.with('domain', 'set', ['foo', '--description', 'new description'])
provider.description=('new description')
provider.flush
end
@ -191,6 +197,5 @@ enabled=True
provider.flush
end
end
end
end
end

100
spec/unit/provider/keystone_endpoint/openstack_spec.rb
View File

@ -6,7 +6,7 @@ provider_class = Puppet::Type.type(:keystone_endpoint).provider(:openstack)
describe provider_class do
shared_examples 'authenticated with environment variables' do
let(:set_env) do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
@ -33,17 +33,21 @@ describe provider_class do
provider_class.new(resource)
end
it_behaves_like 'authenticated with environment variables' do
describe '#create' do
it 'creates an endpoint' do
provider.class.stubs(:openstack)
.with('endpoint', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL"
before(:each) do
set_env
end
describe '#create' do
it 'creates an endpoint' do
provider.class.stubs(:openstack)
.with('endpoint', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL"
"1cb05cfed7c24279be884ba4f6520262","foo","bar","","http://127.0.0.1:5000/v2.0","http://127.0.0.1:5001/v2.0","http://127.0.0.1:5002/v2.0"
')
provider.class.stubs(:openstack)
.with('endpoint', 'create', '--format', 'shell', ['bar', '--region', 'foo', '--publicurl', 'http://127.0.0.1:5000', '--internalurl', 'http://127.0.0.1:5001', '--adminurl', 'http://127.0.0.1:5002'])
.returns('adminurl="http://127.0.0.1:5002"
'
)
provider.class.stubs(:openstack)
.with('endpoint', 'create', '--format', 'shell', ['bar', '--region', 'foo', '--publicurl', 'http://127.0.0.1:5000', '--internalurl', 'http://127.0.0.1:5001', '--adminurl', 'http://127.0.0.1:5002'])
.returns('adminurl="http://127.0.0.1:5002"
id="3a5c4378981e4112a0d44902a43e16ef"
internalurl="http://127.0.0.1:5001"
publicurl="http://127.0.0.1:5000"
@ -51,49 +55,51 @@ region="foo"
service_id="8137d72980fd462192f276585a002426"
service_name="bar"
service_type="test"
')
provider.create
expect(provider.exists?).to be_truthy
end
'
)
provider.create
expect(provider.exists?).to be_truthy
end
end
describe '#destroy' do
it 'destroys an endpoint' do
provider.class.stubs(:openstack)
.with('endpoint', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL"
describe '#destroy' do
it 'destroys an endpoint' do
provider.class.stubs(:openstack)
.with('endpoint', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL"
"1cb05cfed7c24279be884ba4f6520262","foo","bar","test","http://127.0.0.1:5000","http://127.0.0.1:5001","http://127.0.0.1:5002"
')
provider.class.stubs(:openstack)
.with('endpoint', 'delete', [])
provider.destroy
expect(provider.exists?).to be_falsey
end
'
)
provider.class.stubs(:openstack)
.with('endpoint', 'delete', [])
provider.destroy
expect(provider.exists?).to be_falsey
end
end
describe '#exists' do
context 'when tenant does not exist' do
subject(:response) do
provider.class.stubs(:openstack)
.with('endpoint', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL"')
response = provider.exists?
end
it { is_expected.to be_falsey }
end
end
describe '#instances' do
it 'finds every tenant' do
describe '#exists' do
context 'when tenant does not exist' do
subject(:response) do
provider.class.stubs(:openstack)
.with('endpoint', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL"
.with('endpoint', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL"')
response = provider.exists?
end
it { is_expected.to be_falsey }
end
end
describe '#instances' do
it 'finds every tenant' do
provider.class.stubs(:openstack)
.with('endpoint', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL"
"3a5c4378981e4112a0d44902a43e16ef","foo","bar","test","http://127.0.0.1:5000","http://127.0.0.1:5001","http://127.0.0.1:5002"
')
instances = Puppet::Type::Keystone_endpoint::ProviderOpenstack.instances
expect(instances.count).to eq(1)
end
'
)
instances = Puppet::Type::Keystone_endpoint::ProviderOpenstack.instances
expect(instances.count).to eq(1)
end
end
end

101
spec/unit/provider/keystone_role/openstack_spec.rb
View File

@ -6,69 +6,72 @@ provider_class = Puppet::Type.type(:keystone_role).provider(:openstack)
describe provider_class do
shared_examples 'authenticated with environment variables' do
let(:set_env) do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000'
end
before(:each) do
set_env
end
describe 'when creating a role' do
it_behaves_like 'authenticated with environment variables' do
let(:role_attrs) do
{
:name => 'foo',
:ensure => 'present',
}
let(:role_attrs) do
{
:name => 'foo',
:ensure => 'present',
}
end
let(:resource) do
Puppet::Type::Keystone_role.new(role_attrs)
end
let(:provider) do
provider_class.new(resource)
end
describe '#create' do
it 'creates a role' do
provider.class.expects(:openstack)
.with('role', 'create', '--format', 'shell', 'foo')
.returns('name="foo"')
provider.create
expect(provider.exists?).to be_truthy
end
end
describe '#destroy' do
it 'destroys a role' do
provider.class.expects(:openstack)
.with('role', 'delete', [])
provider.destroy
expect(provider.exists?).to be_falsey
end
let(:resource) do
Puppet::Type::Keystone_role.new(role_attrs)
end
end
let(:provider) do
provider_class.new(resource)
end
describe '#create' do
it 'creates a role' do
provider.class.expects(:openstack)
.with('role', 'create', '--format', 'shell', 'foo')
.returns('name="foo"')
provider.create
expect(provider.exists?).to be_truthy
describe '#exists' do
context 'when role does not exist' do
subject(:response) do
response = provider.exists?
end
it { is_expected.to be_falsey }
end
end
describe '#destroy' do
it 'destroys a role' do
provider.class.expects(:openstack)
.with('role', 'delete', [])
provider.destroy
expect(provider.exists?).to be_falsey
end
end
describe '#exists' do
context 'when role does not exist' do
subject(:response) do
response = provider.exists?
end
it { is_expected.to be_falsey }
end
end
describe '#instances' do
it 'finds every role' do
provider.class.expects(:openstack)
.with('role', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name"
describe '#instances' do
it 'finds every role' do
provider.class.expects(:openstack)
.with('role', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name"
"1cb05cfed7c24279be884ba4f6520262","foo"
')
instances = Puppet::Type::Keystone_role::ProviderOpenstack.instances
expect(instances.count).to eq(1)
end
'
)
instances = Puppet::Type::Keystone_role::ProviderOpenstack.instances
expect(instances.count).to eq(1)
end
end
end

54
spec/unit/provider/keystone_service/openstack_spec.rb
View File

@ -6,13 +6,17 @@ provider_class = Puppet::Type.type(:keystone_service).provider(:openstack)
describe provider_class do
shared_examples 'authenticated with environment variables' do
let(:set_env) do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000/v3'
end
before(:each) do
set_env
end
describe 'when managing a service' do
let(:service_attrs) do
@ -32,36 +36,37 @@ describe provider_class do
provider_class.new(resource)
end
it_behaves_like 'authenticated with environment variables' do
describe '#create' do
it 'creates a service' do
provider.class.stubs(:openstack)
.with('service', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Type","Description"
describe '#create' do
it 'creates a service' do
provider.class.stubs(:openstack)
.with('service', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Type","Description"
"1cb05cfed7c24279be884ba4f6520262","foo","foo","foo"
')
provider.class.stubs(:openstack)
.with('service', 'create', '--format', 'shell', ['foo', '--name', 'foo', '--description', 'foo'])
.returns('description="foo"
'
)
provider.class.stubs(:openstack)
.with('service', 'create', '--format', 'shell', ['foo', '--name', 'foo', '--description', 'foo'])
.returns('description="foo"
enabled="True"
id="8f0dd4c0abc44240998fbb3f5089ecbf"
name="foo"
type="foo"
')
provider.create
expect(provider.exists?).to be_truthy
end
'
)
provider.create
expect(provider.exists?).to be_truthy
end
describe '#destroy' do
it 'destroys a service' do
provider.class.stubs(:openstack)
.with('service', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Type","Description"
.with('service', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Type","Description"
"1cb05cfed7c24279be884ba4f6520262","foo","foo","foo"
')
'
)
provider.class.stubs(:openstack)
.with('service', 'delete', [])
.with('service', 'delete', [])
provider.destroy
expect(provider.exists?).to be_falsey
end
@ -69,8 +74,8 @@ type="foo"
context 'when service does not exist' do
subject(:response) do
provider.class.stubs(:openstack)
.with('service', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Type","Description"')
.with('service', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Type","Description"')
response = provider.exists?
end
it { is_expected.to be_falsey }
@ -80,10 +85,11 @@ type="foo"
describe '#instances' do
it 'finds every service' do
provider.class.stubs(:openstack)
.with('service', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Type","Description"
.with('service', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Type","Description"
"8f0dd4c0abc44240998fbb3f5089ecbf","foo","foo","foo"
')
'
)
instances = Puppet::Type::Keystone_service::ProviderOpenstack.instances
expect(instances.count).to eq(1)
end

35
spec/unit/provider/keystone_spec.rb
View File

@ -200,6 +200,17 @@ describe Puppet::Provider::Keystone do
end
describe 'when using domains' do
let(:set_env) do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3'
end
before(:each) do
set_env
end
it 'name_and_domain should return the resource domain' do
expect(klass.name_and_domain('foo::in_name', 'from_resource', 'default')).to eq(['foo', 'from_resource'])
end
@ -210,10 +221,6 @@ describe Puppet::Provider::Keystone do
expect(klass.name_and_domain('foo::in_name', nil, 'default')).to eq(['foo', 'in_name'])
end
it 'should return the default domain name using the default_domain_id from keystone.conf' do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3'
mock = {
'DEFAULT' => {
'admin_endpoint' => 'http://127.0.0.1:35357',
@ -232,10 +239,6 @@ describe Puppet::Provider::Keystone do
expect(klass.name_and_domain('foo')).to eq(['foo', 'SomeName'])
end
it 'should return the default_domain_id from one class set in another class' do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3'
klass.expects(:openstack)
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Enabled","Description"
@ -255,10 +258,6 @@ describe Puppet::Provider::Keystone do
expect(another_class.default_domain).to eq('SomeName')
end
it 'should return Default if default_domain_id is not configured' do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3'
mock = {}
Puppet::Util::IniConfig::File.expects(:new).returns(mock)
File.expects(:exists?).with('/etc/keystone/keystone.conf').returns(true)
@ -271,10 +270,6 @@ describe Puppet::Provider::Keystone do
expect(klass.name_and_domain('foo')).to eq(['foo', 'Default'])
end
it 'should list all domains when requesting a domain name from an ID' do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3'
klass.expects(:openstack)
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Enabled","Description"
@ -283,10 +278,6 @@ describe Puppet::Provider::Keystone do
expect(klass.domain_name_from_id('somename')).to eq('SomeName')
end
it 'should lookup a domain when not found in the hash' do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3'
klass.expects(:openstack)
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Enabled","Description"
@ -302,10 +293,6 @@ id="another"
expect(klass.domain_name_from_id('another')).to eq('AnOther')
end
it 'should print an error when there is no such domain' do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3'
klass.expects(:openstack)
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Enabled","Description"

323
spec/unit/provider/keystone_tenant/openstack_spec.rb
View File

@ -32,14 +32,15 @@ describe provider_class do
def before_hook(domainlist)
if domainlist
provider.class.expects(:openstack).once
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Enabled","Description"
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Enabled","Description"
"foo_domain_id","foo_domain",True,"foo domain"
"bar_domain_id","bar_domain",True,"bar domain"
"another_domain_id","another_domain",True,"another domain"
"disabled_domain_id","disabled_domain",False,"disabled domain"
"default","Default",True,"the default domain"
')
'
)
end
end
@ -51,178 +52,186 @@ describe provider_class do
before_hook(false)
end
shared_examples 'authenticated with environment variables' do
let(:set_env) do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3'
end
before(:each) do
set_env
end
describe 'when managing a tenant' do
it_behaves_like 'authenticated with environment variables' do
describe '#create', :domainlist => true do
it 'creates a tenant' do
provider.class.expects(:openstack)
.with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'Default'])
.returns('description="foo"
describe '#create', :domainlist => true do
it 'creates a tenant' do
provider.class.expects(:openstack)
.with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'Default'])
.returns('description="foo"
enabled="True"
name="foo"
id="foo"
domain_id="foo_domain_id"
')
provider.create
expect(provider.exists?).to be_truthy
end
'
)
provider.create
expect(provider.exists?).to be_truthy
end
end
describe '#destroy', :domainlist => false do
it 'destroys a tenant' do
provider.instance_variable_get('@property_hash')[:id] = 'my-project-id'
provider.class.expects(:openstack)
.with('project', 'delete', 'my-project-id')
provider.destroy
expect(provider.exists?).to be_falsey
end
end
context 'when tenant does not exist', :domainlist => false do
subject(:response) do
response = provider.exists?
end
describe '#destroy', :domainlist => false do
it 'destroys a tenant' do
provider.instance_variable_get('@property_hash')[:id] = 'my-project-id'
provider.class.expects(:openstack)
.with('project', 'delete', 'my-project-id')
provider.destroy
expect(provider.exists?).to be_falsey
end
end
it { expect(response).to be_falsey }
end
context 'when tenant does not exist', :domainlist => false do
subject(:response) do
response = provider.exists?
end
it { expect(response).to be_falsey }
end
describe '#instances', :domainlist => true do
it 'finds every tenant' do
provider.class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
describe '#instances', :domainlist => true do
it 'finds every tenant' do
provider.class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","foo","bar_domain_id","foo",True
')
instances = provider.class.instances
expect(instances[0].name).to eq('foo')
expect(instances[0].domain).to eq('bar_domain')
expect(instances[1].name).to eq('foo::foo_domain')
end
end
end
describe 'v3 domains with no domain in resource', :domainlist => true do
let(:tenant_attrs) do
{
:name => 'foo',
:description => 'foo',
:ensure => 'present',
:enabled => 'True'
}
end
it 'adds default domain to commands' do
mock = {
'identity' => {'default_domain_id' => 'foo_domain_id'}
}
Puppet::Util::IniConfig::File.expects(:new).returns(mock)
File.expects(:exists?).with('/etc/keystone/keystone.conf').returns(true)
mock.expects(:read).with('/etc/keystone/keystone.conf')
provider.class.expects(:openstack)
.with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain'])
.returns('description="foo"
enabled="True"
name="foo"
id="project-id"
domain_id="foo_domain_id"
')
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("project-id")
end
end
describe 'v3 domains with domain in resource', :domainlist => false do
let(:tenant_attrs) do
{
:name => 'foo',
:description => 'foo',
:ensure => 'present',
:enabled => 'True',
:domain => 'foo_domain'
}
end
it 'uses given domain in commands' do
provider.class.expects(:openstack)
.with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain'])
.returns('description="foo"
enabled="True"
name="foo"
id="project-id"
domain_id="foo_domain_id"
')
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("project-id")
end
end
describe 'v3 domains with domain in name/title', :domainlist => false do
let(:tenant_attrs) do
{
:name => 'foo::foo_domain',
:description => 'foo',
:ensure => 'present',
:enabled => 'True'
}
end
it 'uses given domain in commands' do
provider.class.expects(:openstack)
.with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain'])
.returns('description="foo"
enabled="True"
name="foo"
id="project-id"
domain_id="foo_domain_id"
')
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("project-id")
expect(provider.name).to eq('foo::foo_domain')
end
end
describe 'v3 domains with domain in name/title and in resource', :domainlist => false do
let(:tenant_attrs) do
{
:name => 'foo::bar_domain',
:description => 'foo',
:ensure => 'present',
:enabled => 'True',
:domain => 'foo_domain'
}
end
it 'uses given domain in commands' do
provider.class.expects(:openstack)
.with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain'])
.returns('description="foo"
enabled="True"
name="foo"
id="project-id"
domain_id="foo_domain_id"
')
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("project-id")
expect(provider.name).to eq('foo::bar_domain')
'
)
instances = provider.class.instances
expect(instances[0].name).to eq('foo')
expect(instances[0].domain).to eq('bar_domain')
expect(instances[1].name).to eq('foo::foo_domain')
end
end
end
describe 'v3 domains with no domain in resource', :domainlist => true do
let(:tenant_attrs) do
{
:name => 'foo',
:description => 'foo',
:ensure => 'present',
:enabled => 'True'
}
end
it 'adds default domain to commands' do
mock = {
'identity' => {'default_domain_id' => 'foo_domain_id'}
}
Puppet::Util::IniConfig::File.expects(:new).returns(mock)
File.expects(:exists?).with('/etc/keystone/keystone.conf').returns(true)
mock.expects(:read).with('/etc/keystone/keystone.conf')
provider.class.expects(:openstack)
.with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain'])
.returns('description="foo"
enabled="True"
name="foo"
id="project-id"
domain_id="foo_domain_id"
'
)
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("project-id")
end
end
describe 'v3 domains with domain in resource', :domainlist => false do
let(:tenant_attrs) do
{
:name => 'foo',
:description => 'foo',
:ensure => 'present',
:enabled => 'True',
:domain => 'foo_domain'
}
end
it 'uses given domain in commands' do
provider.class.expects(:openstack)
.with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain'])
.returns('description="foo"
enabled="True"
name="foo"
id="project-id"
domain_id="foo_domain_id"
'
)
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("project-id")
end
end
describe 'v3 domains with domain in name/title', :domainlist => false do
let(:tenant_attrs) do
{
:name => 'foo::foo_domain',
:description => 'foo',
:ensure => 'present',
:enabled => 'True'
}
end
it 'uses given domain in commands' do
provider.class.expects(:openstack)
.with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain'])
.returns('description="foo"
enabled="True"
name="foo"
id="project-id"
domain_id="foo_domain_id"
'
)
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("project-id")
expect(provider.name).to eq('foo::foo_domain')
end
end
describe 'v3 domains with domain in name/title and in resource', :domainlist => false do
let(:tenant_attrs) do
{
:name => 'foo::bar_domain',
:description => 'foo',
:ensure => 'present',
:enabled => 'True',
:domain => 'foo_domain'
}
end
it 'uses given domain in commands' do
provider.class.expects(:openstack)
.with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain'])
.returns('description="foo"
enabled="True"
name="foo"
id="project-id"
domain_id="foo_domain_id"
'
)
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("project-id")
expect(provider.name).to eq('foo::bar_domain')
end
end
end

788
spec/unit/provider/keystone_user/openstack_spec.rb
View File

@ -13,7 +13,7 @@ end
describe provider_class do
shared_examples 'authenticated with environment variables' do
let(:set_env) do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
@ -46,16 +46,18 @@ describe provider_class do
end
def before_hook(delete, missing, noproject, user_cached, project_only)
set_env
unless noproject
project_class.expects(:openstack).once
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Enabled","Description"
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Enabled","Description"
"default","Default",True,"default"
"foo_domain_id","foo_domain",True,"foo domain"
"bar_domain_id","bar_domain",True,"bar domain"
"another_domain_id","another_domain",True,"another domain"
"disabled_domain_id","disabled_domain",False,"disabled domain"
')
'
)
end
if project_only
@ -63,14 +65,15 @@ describe provider_class do
end
provider.class.expects(:openstack).once
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Enabled","Description"
.with('domain', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name","Enabled","Description"
"default","Default",True,"default"
"foo_domain_id","foo_domain",True,"foo domain"
"bar_domain_id","bar_domain",True,"bar domain"
"another_domain_id","another_domain",True,"another domain"
"disabled_domain_id","disabled_domain",False,"disabled domain"
')
'
)
if user_cached
return # using cached user, so no user list
end
@ -84,7 +87,8 @@ describe provider_class do
"1cb05cfed7c24279be884ba4f6520262","foo",' + project + ',"foo_domain_id","foo description","foo@example.com",True
"2cb05cfed7c24279be884ba4f6520262","foo",' + project + ',"bar_domain_id","foo description","foo@example.com",True
"3cb05cfed7c24279be884ba4f6520262","foo",' + project + ',"another_domain_id","foo description","foo@example.com",True
']
'
]
nn = 1
if delete
nn = 2
@ -94,8 +98,8 @@ describe provider_class do
foo_returns = ['']
end
provider.class.expects(:openstack).times(nn)
.with('user', 'list', '--quiet', '--format', 'csv', ['--long'])
.returns(*foo_returns)
.with('user', 'list', '--quiet', '--format', 'csv', ['--long'])
.returns(*foo_returns)
end
before :each, :default => true do
@ -117,7 +121,7 @@ describe provider_class do
before_hook(false, false, false, true, false)
end
before :each, :nohooks => true do
# do nothing
set_env
end
before :each, :project_only => true do
before_hook(false, false, false, false, true)
@ -127,177 +131,186 @@ describe provider_class do
end
describe 'when managing a user' do
it_behaves_like 'authenticated with environment variables' do
describe '#create', :project_only => true do
it 'creates a user' do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
describe '#create', :project_only => true do
it 'creates a user' do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","foo","bar_domain_id","foo",True
')
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
'
)
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
name="_member_"
')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '12b23f07d4a3448d8189521ab09610b0'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain'])
.returns('email="foo@example.com"
'
)
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '12b23f07d4a3448d8189521ab09610b0'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain'])
.returns('email="foo@example.com"
enabled="True"
id="12b23f07d4a3448d8189521ab09610b0"
name="foo"
username="foo"
')
provider.create
expect(provider.exists?).to be_truthy
end
'
)
provider.create
expect(provider.exists?).to be_truthy
end
end
describe '#destroy' do
it 'destroys a user' do
provider.instance_variable_get('@property_hash')[:id] = 'my-user-id'
provider.class.expects(:openstack)
.with('user', 'delete', 'my-user-id')
provider.destroy
expect(provider.exists?).to be_falsey
end
describe '#destroy' do
it 'destroys a user' do
provider.instance_variable_get('@property_hash')[:id] = 'my-user-id'
provider.class.expects(:openstack)
.with('user', 'delete', 'my-user-id')
provider.destroy
expect(provider.exists?).to be_falsey
end
describe '#exists' do
context 'when user does not exist' do
subject(:response) do
response = provider.exists?
end
it { is_expected.to be_falsey }
end
end
describe '#exists' do
context 'when user does not exist' do
subject(:response) do
response = provider.exists?
end
it { is_expected.to be_falsey }
end
describe '#instances', :noproject => true do
it 'finds every user' do
instances = provider.class.instances
expect(instances.count).to eq(3)
expect(instances[0].name).to eq('foo')
expect(instances[0].domain).to eq('another_domain')
expect(instances[1].name).to eq('foo::foo_domain')
expect(instances[2].name).to eq('foo::bar_domain')
end
end
describe '#instances', :noproject => true do
it 'finds every user' do
instances = provider.class.instances
expect(instances.count).to eq(3)
expect(instances[0].name).to eq('foo')
expect(instances[0].domain).to eq('another_domain')
expect(instances[1].name).to eq('foo::foo_domain')
expect(instances[2].name).to eq('foo::bar_domain')
end
end
describe '#tenant' do
it 'gets the tenant with default backend', :user_cached => true do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
describe '#tenant' do
it 'gets the tenant with default backend', :user_cached => true do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True
')
provider.class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name","Domain ID","Description","Enabled"
'
)
provider.class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name","Domain ID","Description","Enabled"
"foo_project_id1","foo","foo_domain_id","",True
')
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
tenant = provider.tenant
expect(tenant).to eq('foo')
end
'
)
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
tenant = provider.tenant
expect(tenant).to eq('foo')
end
it 'gets the tenant with LDAP backend', :user_cached => true do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
it 'gets the tenant with LDAP backend', :user_cached => true do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True
')
provider.class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name","Domain ID","Description","Enabled"
'
)
provider.class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name","Domain ID","Description","Enabled"
"foo_project_id1","foo","foo_domain_id","",True
"bar_project_id2","bar","bar_domain_id","",True
"foo_project_id2","foo","another_domain_id","",True
')
tenant = provider.tenant
expect(tenant).to eq('foo')
'
)
tenant = provider.tenant
expect(tenant).to eq('foo')
end
end
describe '#tenant=', :project_only => true do
context 'when using default backend' do
it 'sets the tenant' do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain'
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True
'
)
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('name="_member_"')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262'])
provider.tenant=('bar')
end
end
describe '#tenant=', :project_only => true do
context 'when using default backend' do
it 'sets the tenant' do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain'
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
context 'when using LDAP read-write backend' do
it 'sets the tenant when _member_ role exists' do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain'
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True
')
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('name="_member_"')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262'])
provider.tenant=('bar')
end
'
)
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('name="_member_"')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262'])
provider.tenant=('bar')
end
context 'when using LDAP read-write backend' do
it 'sets the tenant when _member_ role exists' do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain'
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
it 'sets the tenant when _member_ role does not exist' do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain'
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True
')
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('name="_member_"')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262'])
provider.tenant=('bar')
end
it 'sets the tenant when _member_ role does not exist' do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain'
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True
')
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.raises(Puppet::ExecutionFailure, 'no such role _member_')
provider.class.expects(:openstack)
.with('role', 'create', '--format', 'shell', '_member_')
.returns('name="_member_"')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262'])
provider.tenant=('bar')
end
'
)
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.raises(Puppet::ExecutionFailure, 'no such role _member_')
provider.class.expects(:openstack)
.with('role', 'create', '--format', 'shell', '_member_')
.returns('name="_member_"')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262'])
provider.tenant=('bar')
end
context 'when using LDAP read-only backend', :nohooks => true do
it 'sets the tenant when _member_ role exists' do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain'
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
end
context 'when using LDAP read-only backend', :nohooks => true do
it 'sets the tenant when _member_ role exists' do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain'
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True
')
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('name="_member_"')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262'])
provider.tenant=('bar')
end
'
)
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('name="_member_"')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262'])
provider.tenant=('bar')
end
end
end
@ -324,74 +337,73 @@ username="foo"
provider_class.new(resource)
end
shared_examples 'with auth-url environment variable' do
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000'
it 'checks the password', :noproject_user_cached => true do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
mock_creds = Puppet::Provider::Openstack::CredentialsV3.new
mock_creds.auth_url='http://127.0.0.1:5000'
mock_creds.password='foo'
mock_creds.username='foo'
mock_creds.user_id='1cb05cfed7c24279be884ba4f6520262'
mock_creds.project_id='project-id-1'
Puppet::Provider::Openstack::CredentialsV3.expects(:new).returns(mock_creds)
Puppet::Provider::Openstack.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name","Domain ID","Description","Enabled"
"project-id-1","foo","foo_domain_id","foo",True
'
)
Puppet::Provider::Openstack.expects(:openstack)
.with('token', 'issue', ['--format', 'value'])
.returns('2015-05-14T04:06:05Z
e664a386befa4a30878dcef20e79f167
8dce2ae9ecd34c199d2877bf319a3d06
ac43ec53d5a74a0b9f51523ae41a29f0
'
)
password = provider.password
expect(password).to eq('foo')
end
it_behaves_like 'with auth-url environment variable' do
it 'checks the password', :noproject_user_cached => true do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
mock_creds = Puppet::Provider::Openstack::CredentialsV3.new
mock_creds.auth_url='http://127.0.0.1:5000'
mock_creds.password='foo'
mock_creds.username='foo'
mock_creds.user_id='1cb05cfed7c24279be884ba4f6520262'
mock_creds.project_id='project-id-1'
Puppet::Provider::Openstack::CredentialsV3.expects(:new).returns(mock_creds)
Puppet::Provider::Openstack.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name","Domain ID","Description","Enabled"
it 'fails the password check', :noproject_user_cached => true do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
Puppet::Provider::Openstack.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name","Domain ID","Description","Enabled"
"project-id-1","foo","foo_domain_id","foo",True
')
Puppet::Provider::Openstack.expects(:openstack)
.with('token', 'issue', ['--format', 'value'])
.returns('2015-05-14T04:06:05Z
'
)
Puppet::Provider::Openstack.expects(:openstack)
.with('token', 'issue', ['--format', 'value'])
.raises(Puppet::ExecutionFailure, 'HTTP 401 invalid authentication')
password = provider.password
expect(password).to eq(nil)
end
it 'checks the password with domain scoped token', :nohooks => true do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain'
mock_creds = Puppet::Provider::Openstack::CredentialsV3.new
mock_creds.auth_url='http://127.0.0.1:5000'
mock_creds.password='foo'
mock_creds.username='foo'
mock_creds.user_id='1cb05cfed7c24279be884ba4f6520262'
mock_creds.domain_name='foo_domain'
Puppet::Provider::Openstack::CredentialsV3.expects(:new).returns(mock_creds)
Puppet::Provider::Openstack.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name","Domain ID","Description","Enabled"
'
)
Puppet::Provider::Openstack.expects(:openstack)
.with('token', 'issue', ['--format', 'value'])
.returns('2015-05-14T04:06:05Z
e664a386befa4a30878dcef20e79f167
8dce2ae9ecd34c199d2877bf319a3d06
ac43ec53d5a74a0b9f51523ae41a29f0
')
password = provider.password
expect(password).to eq('foo')
end
it 'fails the password check', :noproject_user_cached => true do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
Puppet::Provider::Openstack.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name","Domain ID","Description","Enabled"
"project-id-1","foo","foo_domain_id","foo",True
')
Puppet::Provider::Openstack.expects(:openstack)
.with('token', 'issue', ['--format', 'value'])
.raises(Puppet::ExecutionFailure, 'HTTP 401 invalid authentication')
password = provider.password
expect(password).to eq(nil)
end
it 'checks the password with domain scoped token', :nohooks => true do
provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262'
provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain'
mock_creds = Puppet::Provider::Openstack::CredentialsV3.new
mock_creds.auth_url='http://127.0.0.1:5000'
mock_creds.password='foo'
mock_creds.username='foo'
mock_creds.user_id='1cb05cfed7c24279be884ba4f6520262'
mock_creds.domain_name='foo_domain'
Puppet::Provider::Openstack::CredentialsV3.expects(:new).returns(mock_creds)
Puppet::Provider::Openstack.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name","Domain ID","Description","Enabled"
')
Puppet::Provider::Openstack.expects(:openstack)
.with('token', 'issue', ['--format', 'value'])
.returns('2015-05-14T04:06:05Z
e664a386befa4a30878dcef20e79f167
8dce2ae9ecd34c199d2877bf319a3d06
ac43ec53d5a74a0b9f51523ae41a29f0
')
password = provider.password
expect(password).to eq('foo')
end
'
)
password = provider.password
expect(password).to eq('foo')
end
end
@ -426,221 +438,235 @@ ac43ec53d5a74a0b9f51523ae41a29f0
end
end
it_behaves_like 'authenticated with environment variables' do
describe 'v3 domains with no domain in resource', :user_cached => true do
let(:user_attrs) do
{
:name => 'foo',
:ensure => 'present',
:enabled => 'True',
:password => 'foo',
:tenant => 'foo',
:email => 'foo@example.com',
}
end
describe 'v3 domains with no domain in resource', :user_cached => true do
let(:user_attrs) do
{
:name => 'foo',
:ensure => 'present',
:enabled => 'True',
:password => 'foo',
:tenant => 'foo',
:email => 'foo@example.com',
}
end
it 'adds default domain to commands' do
mock = {
'identity' => {'default_domain_id' => 'foo_domain_id'}
}
Puppet::Util::IniConfig::File.expects(:new).returns(mock)
File.expects(:exists?).with('/etc/keystone/keystone.conf').returns(true)
mock.expects(:read).with('/etc/keystone/keystone.conf')
provider.class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name"
')
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
it 'adds default domain to commands' do
mock = {
'identity' => {'default_domain_id' => 'foo_domain_id'}
}
Puppet::Util::IniConfig::File.expects(:new).returns(mock)
File.expects(:exists?).with('/etc/keystone/keystone.conf').returns(true)
mock.expects(:read).with('/etc/keystone/keystone.conf')
provider.class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long'])
.returns('"ID","Name"
'
)
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True
')
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
'
)
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
name="_member_"
')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain'])
.returns('email="foo@example.com"
'
)
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain'])
.returns('email="foo@example.com"
enabled="True"
id="1cb05cfed7c24279be884ba4f6520262"
name="foo"
username="foo"
')
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("1cb05cfed7c24279be884ba4f6520262")
end
'
)
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("1cb05cfed7c24279be884ba4f6520262")
end
end
describe 'v3 domains with domain in resource', :project_only => true do
let(:user_attrs) do
{
:name => 'foo',
:ensure => 'present',
:enabled => 'True',
:password => 'foo',
:tenant => 'foo',
:email => 'foo@example.com',
:domain => 'bar_domain',
}
end
describe 'v3 domains with domain in resource', :project_only => true do
let(:user_attrs) do
{
:name => 'foo',
:ensure => 'present',
:enabled => 'True',
:password => 'foo',
:tenant => 'foo',
:email => 'foo@example.com',
:domain => 'bar_domain',
}
end
it 'uses given domain in commands' do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
it 'uses given domain in commands' do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True
')
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
'
)
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
name="_member_"
')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'bar_domain'])
.returns('email="foo@example.com"
'
)
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'bar_domain'])
.returns('email="foo@example.com"
enabled="True"
id="2cb05cfed7c24279be884ba4f6520262"
name="foo"
username="foo"
')
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262")
end
'
)
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262")
end
end
describe 'v3 domains with domain in name/title', :project_only => true do
let(:user_attrs) do
{
:name => 'foo::bar_domain',
:ensure => 'present',
:enabled => 'True',
:password => 'foo',
:tenant => 'foo',
:email => 'foo@example.com',
}
end
describe 'v3 domains with domain in name/title', :project_only => true do
let(:user_attrs) do
{
:name => 'foo::bar_domain',
:ensure => 'present',
:enabled => 'True',
:password => 'foo',
:tenant => 'foo',
:email => 'foo@example.com',
}
end
it 'uses given domain in commands' do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
it 'uses given domain in commands' do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True
')
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
'
)
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
name="_member_"
')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'bar_domain'])
.returns('email="foo@example.com"
'
)
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'bar_domain'])
.returns('email="foo@example.com"
enabled="True"
id="2cb05cfed7c24279be884ba4f6520262"
name="foo"
username="foo"
')
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262")
expect(provider.name).to eq('foo::bar_domain')
end
'
)
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262")
expect(provider.name).to eq('foo::bar_domain')
end
end
describe 'v3 domains with domain in name/title and in resource', :project_only => true do
let(:user_attrs) do
{
:name => 'foo::bar_domain',
:ensure => 'present',
:enabled => 'True',
:password => 'foo',
:tenant => 'foo',
:email => 'foo@example.com',
:domain => 'foo_domain',
}
end
describe 'v3 domains with domain in name/title and in resource', :project_only => true do
let(:user_attrs) do
{
:name => 'foo::bar_domain',
:ensure => 'present',
:enabled => 'True',
:password => 'foo',
:tenant => 'foo',
:email => 'foo@example.com',
:domain => 'foo_domain',
}
end
it 'uses the resource domain in commands' do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
it 'uses the resource domain in commands' do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True
')
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
'
)
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
name="_member_"
')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain'])
.returns('email="foo@example.com"
'
)
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain'])
.returns('email="foo@example.com"
enabled="True"
id="2cb05cfed7c24279be884ba4f6520262"
name="foo"
username="foo"
')
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262")
expect(provider.name).to eq('foo::bar_domain')
end
'
)
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262")
expect(provider.name).to eq('foo::bar_domain')
end
end
describe 'v3 domains with domain in name/title and in resource and in tenant', :project_only => true do
let(:user_attrs) do
{
:name => 'foo::bar_domain',
:ensure => 'present',
:enabled => 'True',
:password => 'foo',
:tenant => 'foo::foo_domain',
:email => 'foo@example.com',
:domain => 'foo_domain',
}
end
describe 'v3 domains with domain in name/title and in resource and in tenant', :project_only => true do
let(:user_attrs) do
{
:name => 'foo::bar_domain',
:ensure => 'present',
:enabled => 'True',
:password => 'foo',
:tenant => 'foo::foo_domain',
:email => 'foo@example.com',
:domain => 'foo_domain',
}
end
it 'uses the resource domain in commands' do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
it 'uses the resource domain in commands' do
project_class.expects(:openstack)
.with('project', 'list', '--quiet', '--format', 'csv', '--long')
.returns('"ID","Name","Domain ID","Description","Enabled"
"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True
"2cb05cfed7c24279be884ba4f6520262","foo","bar_domain_id","foo",True
')
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
'
)
provider.class.expects(:openstack)
.with('role', 'show', '--format', 'shell', '_member_')
.returns('
name="_member_"
')
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain'])
.returns('email="foo@example.com"
'
)
provider.class.expects(:openstack)
.with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262'])
provider.class.expects(:openstack)
.with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain'])
.returns('email="foo@example.com"
enabled="True"
id="2cb05cfed7c24279be884ba4f6520262"
name="foo"
username="foo"
')
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262")
expect(provider.name).to eq('foo::bar_domain')
end
'
)
provider.create
expect(provider.exists?).to be_truthy
expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262")
expect(provider.name).to eq('foo::bar_domain')
end
end
end

185
spec/unit/provider/keystone_user_role/openstack_spec.rb
View File

@ -137,7 +137,15 @@ describe provider_class do
end
end
let(:set_env) do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000'
end
def before_common(destroy, nolist=false, instances=false)
set_env
rolelistprojectuser = [['role-id-1','foo','foo','foo'],
['role-id-2','bar','foo','foo']]
csvlist = list_to_csv(rolelistprojectuser)
@ -186,107 +194,98 @@ describe provider_class do
before_common(true, true, true)
end
shared_examples 'authenticated with environment variables' do
ENV['OS_USERNAME'] = 'test'
ENV['OS_PASSWORD'] = 'abc123'
ENV['OS_PROJECT_NAME'] = 'test'
ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000'
end
describe 'when updating a user\'s role' do
it_behaves_like 'authenticated with environment variables' do
let(:user_role_attrs) do
{
:name => 'foo@foo',
:ensure => 'present',
:roles => ['foo', 'bar'],
}
end
let(:resource) do
Puppet::Type::Keystone_user_role.new(user_role_attrs)
end
let(:provider) do
provider_class.new(resource)
end
describe '#create', :default => true do
it 'adds all the roles to the user' do
provider.class.expects(:openstack)
.with('role', 'add', ['foo', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.class.expects(:openstack)
.with('role', 'add', ['bar', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.create
expect(provider.exists?).to be_truthy
end
end
describe '#destroy', :destroy => true do
it 'removes all the roles from a user' do
provider.instance_variable_get('@property_hash')[:roles] = ['foo', 'bar']
provider.class.expects(:openstack)
.with('role', 'remove', ['foo', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.class.expects(:openstack)
.with('role', 'remove', ['bar', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.destroy
expect(provider.exists?).to be_falsey
end
end
describe '#exists', :default => true do
subject(:response) do
response = provider.exists?
end
it { is_expected.to be_truthy }
end
describe '#instances', :instances => true do
it 'finds every user role' do
provider.class.expects(:openstack)
.with('role', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name"
"foo-role-id","foo"
"bar-role-id","bar"
')
provider.class.expects(:openstack)
.with('role assignment', 'list', '--quiet', '--format', 'csv', [])
.returns('
"Role","User","Group","Project","Domain"
"foo-role-id","user-id-1","","project-id-1",""
"bar-role-id","user-id-1","","project-id-1",""
')
instances = provider.class.instances
expect(instances.count).to eq(1)
expect(instances[0].name).to eq('foo@example.com@foo')
expect(instances[0].roles).to eq(['foo', 'bar'])
end
end
describe '#roles=', :nolist => true do
let(:user_role_attrs) do
{
:name => 'foo@foo',
:ensure => 'present',
:roles => ['foo', 'bar'],
:roles => ['one', 'two'],
}
end
let(:resource) do
Puppet::Type::Keystone_user_role.new(user_role_attrs)
end
let(:provider) do
provider_class.new(resource)
end
describe '#create', :default => true do
it 'adds all the roles to the user' do
provider.class.expects(:openstack)
.with('role', 'add', ['foo', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.class.expects(:openstack)
.with('role', 'add', ['bar', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.create
expect(provider.exists?).to be_truthy
end
end
describe '#destroy', :destroy => true do
it 'removes all the roles from a user' do
provider.instance_variable_get('@property_hash')[:roles] = ['foo', 'bar']
provider.class.expects(:openstack)
.with('role', 'remove', ['foo', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.class.expects(:openstack)
.with('role', 'remove', ['bar', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.destroy
expect(provider.exists?).to be_falsey
end
end
describe '#exists', :default => true do
subject(:response) do
response = provider.exists?
end
it { is_expected.to be_truthy }
end
describe '#instances', :instances => true do
it 'finds every user role' do
provider.class.expects(:openstack)
.with('role', 'list', '--quiet', '--format', 'csv', [])
.returns('"ID","Name"
"foo-role-id","foo"
"bar-role-id","bar"
')
provider.class.expects(:openstack)
.with('role assignment', 'list', '--quiet', '--format', 'csv', [])
.returns('
"Role","User","Group","Project","Domain"
"foo-role-id","user-id-1","","project-id-1",""
"bar-role-id","user-id-1","","project-id-1",""
')
instances = provider.class.instances
expect(instances.count).to eq(1)
expect(instances[0].name).to eq('foo@example.com@foo')
expect(instances[0].roles).to eq(['foo', 'bar'])
end
end
describe '#roles=', :nolist => true do
let(:user_role_attrs) do
{
:name => 'foo@foo',
:ensure => 'present',
:roles => ['one', 'two'],
}
end
it 'applies the new roles' do
provider.instance_variable_get('@property_hash')[:roles] = ['foo', 'bar']
provider.class.expects(:openstack)
.with('role', 'remove', ['foo', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.class.expects(:openstack)
.with('role', 'remove', ['bar', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.class.expects(:openstack)
.with('role', 'add', ['one', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.class.expects(:openstack)
.with('role', 'add', ['two', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.roles=(['one', 'two'])
end
it 'applies the new roles' do
provider.instance_variable_get('@property_hash')[:roles] = ['foo', 'bar']
provider.class.expects(:openstack)
.with('role', 'remove', ['foo', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.class.expects(:openstack)
.with('role', 'remove', ['bar', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.class.expects(:openstack)
.with('role', 'add', ['one', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.class.expects(:openstack)
.with('role', 'add', ['two', '--project', 'project-id-1', '--user', 'user-id-1'])
provider.roles=(['one', 'two'])
end
end
end