From 42d918040db4969959c2a7bb82f59f000c8f18a7 Mon Sep 17 00:00:00 2001 From: Sofer Athlan-Guyot Date: Mon, 21 Sep 2015 18:01:45 +0200 Subject: [PATCH] Fix leaking environment variables in tests In rspec provider tests the environment variables are used to authenticate the calls. The environment was set in a shared example. The problem is that rspec read all those environment variables when it compile the tests. Then the last shared environment red by rspec was setting the environment for all the test. This was leading to unpredictable behavior. This fix this problem by setting the environment variables before each test at rspec run time. Change-Id: I28c952273d6f981c953cb3e2c960a98609ece263 Closes-Bug: 1482243 --- .../keystone_domain/openstack_spec.rb | 97 ++- .../keystone_endpoint/openstack_spec.rb | 100 +-- .../provider/keystone_role/openstack_spec.rb | 101 +-- .../keystone_service/openstack_spec.rb | 54 +- spec/unit/provider/keystone_spec.rb | 35 +- .../keystone_tenant/openstack_spec.rb | 323 +++---- .../provider/keystone_user/openstack_spec.rb | 788 +++++++++--------- .../keystone_user_role/openstack_spec.rb | 185 ++-- 8 files changed, 862 insertions(+), 821 deletions(-) diff --git a/spec/unit/provider/keystone_domain/openstack_spec.rb b/spec/unit/provider/keystone_domain/openstack_spec.rb index c57373202..e6330977c 100644 --- a/spec/unit/provider/keystone_domain/openstack_spec.rb +++ b/spec/unit/provider/keystone_domain/openstack_spec.rb @@ -8,7 +8,7 @@ provider_class = Puppet::Type.type(:keystone_domain).provider(:openstack) describe provider_class do - shared_examples 'authenticated with environment variables' do + let(:set_env) do ENV['OS_USERNAME'] = 'test' ENV['OS_PASSWORD'] = 'abc123' ENV['OS_PROJECT_NAME'] = 'test' @@ -41,61 +41,66 @@ describe provider_class do AnotherKlass end + before :each do + set_env + end + after :each do provider_class.reset another_class.reset end - it_behaves_like 'authenticated with environment variables' do - describe '#create' do - it 'creates a domain' do - # keystone.conf - File.expects(:exists?).returns(true) - kcmock = { - 'identity' => {'default_domain_id' => ' default'} - } - Puppet::Util::IniConfig::File.expects(:new).returns(kcmock) - kcmock.expects(:read).with('/etc/keystone/keystone.conf') - provider.class.expects(:openstack) - .with('domain', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo']) - .returns('id="1cb05cfed7c24279be884ba4f6520262" + describe '#create' do + it 'creates a domain' do + # keystone.conf + File.expects(:exists?).returns(true) + kcmock = { + 'identity' => {'default_domain_id' => ' default'} + } + Puppet::Util::IniConfig::File.expects(:new).returns(kcmock) + kcmock.expects(:read).with('/etc/keystone/keystone.conf') + provider.class.expects(:openstack) + .with('domain', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo']) + .returns('id="1cb05cfed7c24279be884ba4f6520262" name="foo" description="foo" enabled=True -') - provider.create - expect(provider.exists?).to be_truthy - end - +' + ) + provider.create + expect(provider.exists?).to be_truthy end - describe '#destroy' do - it 'destroys a domain' do - provider.instance_variable_get('@property_hash')[:id] = 'my-domainid' - # keystone.conf - File.expects(:exists?).returns(true) - kcmock = { - 'identity' => {'default_domain_id' => ' default'} - } - Puppet::Util::IniConfig::File.expects(:new).returns(kcmock) - kcmock.expects(:read).with('/etc/keystone/keystone.conf') - provider.class.expects(:openstack) - .with('domain', 'set', ['foo', '--disable']) - provider.class.expects(:openstack) - .with('domain', 'delete', 'foo') - provider.destroy - expect(provider.exists?).to be_falsey - end + end + describe '#destroy' do + it 'destroys a domain' do + provider.instance_variable_get('@property_hash')[:id] = 'my-domainid' + # keystone.conf + File.expects(:exists?).returns(true) + kcmock = { + 'identity' => {'default_domain_id' => ' default'} + } + Puppet::Util::IniConfig::File.expects(:new).returns(kcmock) + kcmock.expects(:read).with('/etc/keystone/keystone.conf') + provider.class.expects(:openstack) + .with('domain', 'set', ['foo', '--disable']) + provider.class.expects(:openstack) + .with('domain', 'delete', 'foo') + provider.destroy + expect(provider.exists?).to be_falsey end + end + describe '#instances' do it 'finds every domain' do provider.class.expects(:openstack) - .with('domain', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Description","Enabled" + .with('domain', 'list', '--quiet', '--format', 'csv', []) + .returns('"ID","Name","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo",True -') +' + ) instances = provider_class.instances expect(instances.count).to eq(1) end @@ -121,12 +126,13 @@ enabled=True mock.expects(:read).twice.with('/etc/keystone/keystone.conf') mock.expects(:store) provider.class.expects(:openstack) - .with('domain', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo']) - .returns('id="1cb05cfed7c24279be884ba4f6520262" + .with('domain', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo']) + .returns('id="1cb05cfed7c24279be884ba4f6520262" name="foo" description="foo" enabled=True -') +' + ) expect(provider.class.default_domain_id).to eq('default') expect(another_class.default_domain_id).to eq('default') provider.create @@ -150,9 +156,9 @@ enabled=True kcmock.expects(:read).with('/etc/keystone/keystone.conf') kcmock.expects(:store) provider.class.expects(:openstack) - .with('domain', 'set', ['foo', '--disable']) + .with('domain', 'set', ['foo', '--disable']) provider.class.expects(:openstack) - .with('domain', 'delete', 'foo') + .with('domain', 'delete', 'foo') provider.destroy expect(provider.exists?).to be_falsey expect(kcmock['identity']['default_domain_id']).to eq('default') @@ -174,7 +180,7 @@ enabled=True it 'changes the description' do provider.class.expects(:openstack) - .with('domain', 'set', ['foo', '--description', 'new description']) + .with('domain', 'set', ['foo', '--description', 'new description']) provider.description=('new description') provider.flush end @@ -191,6 +197,5 @@ enabled=True provider.flush end end - end end end diff --git a/spec/unit/provider/keystone_endpoint/openstack_spec.rb b/spec/unit/provider/keystone_endpoint/openstack_spec.rb index f6d0b1af5..f4fc043ad 100644 --- a/spec/unit/provider/keystone_endpoint/openstack_spec.rb +++ b/spec/unit/provider/keystone_endpoint/openstack_spec.rb @@ -6,7 +6,7 @@ provider_class = Puppet::Type.type(:keystone_endpoint).provider(:openstack) describe provider_class do - shared_examples 'authenticated with environment variables' do + let(:set_env) do ENV['OS_USERNAME'] = 'test' ENV['OS_PASSWORD'] = 'abc123' ENV['OS_PROJECT_NAME'] = 'test' @@ -33,17 +33,21 @@ describe provider_class do provider_class.new(resource) end - it_behaves_like 'authenticated with environment variables' do - describe '#create' do - it 'creates an endpoint' do - provider.class.stubs(:openstack) - .with('endpoint', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL" + before(:each) do + set_env + end + + describe '#create' do + it 'creates an endpoint' do + provider.class.stubs(:openstack) + .with('endpoint', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL" "1cb05cfed7c24279be884ba4f6520262","foo","bar","","http://127.0.0.1:5000/v2.0","http://127.0.0.1:5001/v2.0","http://127.0.0.1:5002/v2.0" -') - provider.class.stubs(:openstack) - .with('endpoint', 'create', '--format', 'shell', ['bar', '--region', 'foo', '--publicurl', 'http://127.0.0.1:5000', '--internalurl', 'http://127.0.0.1:5001', '--adminurl', 'http://127.0.0.1:5002']) - .returns('adminurl="http://127.0.0.1:5002" +' + ) + provider.class.stubs(:openstack) + .with('endpoint', 'create', '--format', 'shell', ['bar', '--region', 'foo', '--publicurl', 'http://127.0.0.1:5000', '--internalurl', 'http://127.0.0.1:5001', '--adminurl', 'http://127.0.0.1:5002']) + .returns('adminurl="http://127.0.0.1:5002" id="3a5c4378981e4112a0d44902a43e16ef" internalurl="http://127.0.0.1:5001" publicurl="http://127.0.0.1:5000" @@ -51,49 +55,51 @@ region="foo" service_id="8137d72980fd462192f276585a002426" service_name="bar" service_type="test" -') - provider.create - expect(provider.exists?).to be_truthy - end +' + ) + provider.create + expect(provider.exists?).to be_truthy end + end - describe '#destroy' do - it 'destroys an endpoint' do - provider.class.stubs(:openstack) - .with('endpoint', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL" + describe '#destroy' do + it 'destroys an endpoint' do + provider.class.stubs(:openstack) + .with('endpoint', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL" "1cb05cfed7c24279be884ba4f6520262","foo","bar","test","http://127.0.0.1:5000","http://127.0.0.1:5001","http://127.0.0.1:5002" -') - provider.class.stubs(:openstack) - .with('endpoint', 'delete', []) - provider.destroy - expect(provider.exists?).to be_falsey - end +' + ) + provider.class.stubs(:openstack) + .with('endpoint', 'delete', []) + provider.destroy + expect(provider.exists?).to be_falsey end + end - describe '#exists' do - context 'when tenant does not exist' do - subject(:response) do - provider.class.stubs(:openstack) - .with('endpoint', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL"') - response = provider.exists? - end - - it { is_expected.to be_falsey } - end - end - - describe '#instances' do - it 'finds every tenant' do + describe '#exists' do + context 'when tenant does not exist' do + subject(:response) do provider.class.stubs(:openstack) - .with('endpoint', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL" + .with('endpoint', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL"') + response = provider.exists? + end + + it { is_expected.to be_falsey } + end + end + + describe '#instances' do + it 'finds every tenant' do + provider.class.stubs(:openstack) + .with('endpoint', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Region","Service Name","Service Type","PublicURL","AdminURL","InternalURL" "3a5c4378981e4112a0d44902a43e16ef","foo","bar","test","http://127.0.0.1:5000","http://127.0.0.1:5001","http://127.0.0.1:5002" -') - instances = Puppet::Type::Keystone_endpoint::ProviderOpenstack.instances - expect(instances.count).to eq(1) - end +' + ) + instances = Puppet::Type::Keystone_endpoint::ProviderOpenstack.instances + expect(instances.count).to eq(1) end end end diff --git a/spec/unit/provider/keystone_role/openstack_spec.rb b/spec/unit/provider/keystone_role/openstack_spec.rb index 6765e32e0..b36a8f1b6 100644 --- a/spec/unit/provider/keystone_role/openstack_spec.rb +++ b/spec/unit/provider/keystone_role/openstack_spec.rb @@ -6,69 +6,72 @@ provider_class = Puppet::Type.type(:keystone_role).provider(:openstack) describe provider_class do - shared_examples 'authenticated with environment variables' do + let(:set_env) do ENV['OS_USERNAME'] = 'test' ENV['OS_PASSWORD'] = 'abc123' ENV['OS_PROJECT_NAME'] = 'test' ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000' end + before(:each) do + set_env + end + describe 'when creating a role' do - it_behaves_like 'authenticated with environment variables' do - let(:role_attrs) do - { - :name => 'foo', - :ensure => 'present', - } + let(:role_attrs) do + { + :name => 'foo', + :ensure => 'present', + } + end + + let(:resource) do + Puppet::Type::Keystone_role.new(role_attrs) + end + + let(:provider) do + provider_class.new(resource) + end + + describe '#create' do + it 'creates a role' do + provider.class.expects(:openstack) + .with('role', 'create', '--format', 'shell', 'foo') + .returns('name="foo"') + provider.create + expect(provider.exists?).to be_truthy + end + end + + describe '#destroy' do + it 'destroys a role' do + provider.class.expects(:openstack) + .with('role', 'delete', []) + provider.destroy + expect(provider.exists?).to be_falsey end - let(:resource) do - Puppet::Type::Keystone_role.new(role_attrs) - end + end - let(:provider) do - provider_class.new(resource) - end - - describe '#create' do - it 'creates a role' do - provider.class.expects(:openstack) - .with('role', 'create', '--format', 'shell', 'foo') - .returns('name="foo"') - provider.create - expect(provider.exists?).to be_truthy + describe '#exists' do + context 'when role does not exist' do + subject(:response) do + response = provider.exists? end + it { is_expected.to be_falsey } end + end - describe '#destroy' do - it 'destroys a role' do - provider.class.expects(:openstack) - .with('role', 'delete', []) - provider.destroy - expect(provider.exists?).to be_falsey - end - - end - - describe '#exists' do - context 'when role does not exist' do - subject(:response) do - response = provider.exists? - end - it { is_expected.to be_falsey } - end - end - - describe '#instances' do - it 'finds every role' do - provider.class.expects(:openstack) - .with('role', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name" + describe '#instances' do + it 'finds every role' do + provider.class.expects(:openstack) + .with('role', 'list', '--quiet', '--format', 'csv', []) + .returns('"ID","Name" "1cb05cfed7c24279be884ba4f6520262","foo" -') - instances = Puppet::Type::Keystone_role::ProviderOpenstack.instances - expect(instances.count).to eq(1) - end +' + ) + instances = Puppet::Type::Keystone_role::ProviderOpenstack.instances + expect(instances.count).to eq(1) end end end diff --git a/spec/unit/provider/keystone_service/openstack_spec.rb b/spec/unit/provider/keystone_service/openstack_spec.rb index f685a8093..75206e054 100644 --- a/spec/unit/provider/keystone_service/openstack_spec.rb +++ b/spec/unit/provider/keystone_service/openstack_spec.rb @@ -6,13 +6,17 @@ provider_class = Puppet::Type.type(:keystone_service).provider(:openstack) describe provider_class do - shared_examples 'authenticated with environment variables' do + let(:set_env) do ENV['OS_USERNAME'] = 'test' ENV['OS_PASSWORD'] = 'abc123' ENV['OS_PROJECT_NAME'] = 'test' ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000/v3' end + before(:each) do + set_env + end + describe 'when managing a service' do let(:service_attrs) do @@ -32,36 +36,37 @@ describe provider_class do provider_class.new(resource) end - it_behaves_like 'authenticated with environment variables' do - describe '#create' do - it 'creates a service' do - provider.class.stubs(:openstack) - .with('service', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Type","Description" + describe '#create' do + it 'creates a service' do + provider.class.stubs(:openstack) + .with('service', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Type","Description" "1cb05cfed7c24279be884ba4f6520262","foo","foo","foo" -') - provider.class.stubs(:openstack) - .with('service', 'create', '--format', 'shell', ['foo', '--name', 'foo', '--description', 'foo']) - .returns('description="foo" +' + ) + provider.class.stubs(:openstack) + .with('service', 'create', '--format', 'shell', ['foo', '--name', 'foo', '--description', 'foo']) + .returns('description="foo" enabled="True" id="8f0dd4c0abc44240998fbb3f5089ecbf" name="foo" type="foo" -') - provider.create - expect(provider.exists?).to be_truthy - end +' + ) + provider.create + expect(provider.exists?).to be_truthy end describe '#destroy' do it 'destroys a service' do provider.class.stubs(:openstack) - .with('service', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Type","Description" + .with('service', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Type","Description" "1cb05cfed7c24279be884ba4f6520262","foo","foo","foo" -') +' + ) provider.class.stubs(:openstack) - .with('service', 'delete', []) + .with('service', 'delete', []) provider.destroy expect(provider.exists?).to be_falsey end @@ -69,8 +74,8 @@ type="foo" context 'when service does not exist' do subject(:response) do provider.class.stubs(:openstack) - .with('service', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Type","Description"') + .with('service', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Type","Description"') response = provider.exists? end it { is_expected.to be_falsey } @@ -80,10 +85,11 @@ type="foo" describe '#instances' do it 'finds every service' do provider.class.stubs(:openstack) - .with('service', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Type","Description" + .with('service', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Type","Description" "8f0dd4c0abc44240998fbb3f5089ecbf","foo","foo","foo" -') +' + ) instances = Puppet::Type::Keystone_service::ProviderOpenstack.instances expect(instances.count).to eq(1) end diff --git a/spec/unit/provider/keystone_spec.rb b/spec/unit/provider/keystone_spec.rb index e1035540f..5e133cd73 100644 --- a/spec/unit/provider/keystone_spec.rb +++ b/spec/unit/provider/keystone_spec.rb @@ -200,6 +200,17 @@ describe Puppet::Provider::Keystone do end describe 'when using domains' do + let(:set_env) do + ENV['OS_USERNAME'] = 'test' + ENV['OS_PASSWORD'] = 'abc123' + ENV['OS_PROJECT_NAME'] = 'test' + ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' + end + + before(:each) do + set_env + end + it 'name_and_domain should return the resource domain' do expect(klass.name_and_domain('foo::in_name', 'from_resource', 'default')).to eq(['foo', 'from_resource']) end @@ -210,10 +221,6 @@ describe Puppet::Provider::Keystone do expect(klass.name_and_domain('foo::in_name', nil, 'default')).to eq(['foo', 'in_name']) end it 'should return the default domain name using the default_domain_id from keystone.conf' do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' mock = { 'DEFAULT' => { 'admin_endpoint' => 'http://127.0.0.1:35357', @@ -232,10 +239,6 @@ describe Puppet::Provider::Keystone do expect(klass.name_and_domain('foo')).to eq(['foo', 'SomeName']) end it 'should return the default_domain_id from one class set in another class' do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' klass.expects(:openstack) .with('domain', 'list', '--quiet', '--format', 'csv', []) .returns('"ID","Name","Enabled","Description" @@ -255,10 +258,6 @@ describe Puppet::Provider::Keystone do expect(another_class.default_domain).to eq('SomeName') end it 'should return Default if default_domain_id is not configured' do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' mock = {} Puppet::Util::IniConfig::File.expects(:new).returns(mock) File.expects(:exists?).with('/etc/keystone/keystone.conf').returns(true) @@ -271,10 +270,6 @@ describe Puppet::Provider::Keystone do expect(klass.name_and_domain('foo')).to eq(['foo', 'Default']) end it 'should list all domains when requesting a domain name from an ID' do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' klass.expects(:openstack) .with('domain', 'list', '--quiet', '--format', 'csv', []) .returns('"ID","Name","Enabled","Description" @@ -283,10 +278,6 @@ describe Puppet::Provider::Keystone do expect(klass.domain_name_from_id('somename')).to eq('SomeName') end it 'should lookup a domain when not found in the hash' do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' klass.expects(:openstack) .with('domain', 'list', '--quiet', '--format', 'csv', []) .returns('"ID","Name","Enabled","Description" @@ -302,10 +293,6 @@ id="another" expect(klass.domain_name_from_id('another')).to eq('AnOther') end it 'should print an error when there is no such domain' do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' klass.expects(:openstack) .with('domain', 'list', '--quiet', '--format', 'csv', []) .returns('"ID","Name","Enabled","Description" diff --git a/spec/unit/provider/keystone_tenant/openstack_spec.rb b/spec/unit/provider/keystone_tenant/openstack_spec.rb index 8cfcf1b24..0fddeca60 100644 --- a/spec/unit/provider/keystone_tenant/openstack_spec.rb +++ b/spec/unit/provider/keystone_tenant/openstack_spec.rb @@ -32,14 +32,15 @@ describe provider_class do def before_hook(domainlist) if domainlist provider.class.expects(:openstack).once - .with('domain', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Enabled","Description" + .with('domain', 'list', '--quiet', '--format', 'csv', []) + .returns('"ID","Name","Enabled","Description" "foo_domain_id","foo_domain",True,"foo domain" "bar_domain_id","bar_domain",True,"bar domain" "another_domain_id","another_domain",True,"another domain" "disabled_domain_id","disabled_domain",False,"disabled domain" "default","Default",True,"the default domain" -') +' + ) end end @@ -51,178 +52,186 @@ describe provider_class do before_hook(false) end - shared_examples 'authenticated with environment variables' do + let(:set_env) do ENV['OS_USERNAME'] = 'test' ENV['OS_PASSWORD'] = 'abc123' ENV['OS_PROJECT_NAME'] = 'test' ENV['OS_AUTH_URL'] = 'http://127.0.0.1:35357/v3' end + before(:each) do + set_env + end + describe 'when managing a tenant' do - it_behaves_like 'authenticated with environment variables' do - describe '#create', :domainlist => true do - it 'creates a tenant' do - provider.class.expects(:openstack) - .with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'Default']) - .returns('description="foo" + describe '#create', :domainlist => true do + it 'creates a tenant' do + provider.class.expects(:openstack) + .with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'Default']) + .returns('description="foo" enabled="True" name="foo" id="foo" domain_id="foo_domain_id" -') - provider.create - expect(provider.exists?).to be_truthy - end +' + ) + provider.create + expect(provider.exists?).to be_truthy + end + end + + describe '#destroy', :domainlist => false do + it 'destroys a tenant' do + provider.instance_variable_get('@property_hash')[:id] = 'my-project-id' + provider.class.expects(:openstack) + .with('project', 'delete', 'my-project-id') + provider.destroy + expect(provider.exists?).to be_falsey + end + end + + context 'when tenant does not exist', :domainlist => false do + subject(:response) do + response = provider.exists? end - describe '#destroy', :domainlist => false do - it 'destroys a tenant' do - provider.instance_variable_get('@property_hash')[:id] = 'my-project-id' - provider.class.expects(:openstack) - .with('project', 'delete', 'my-project-id') - provider.destroy - expect(provider.exists?).to be_falsey - end - end + it { expect(response).to be_falsey } + end - context 'when tenant does not exist', :domainlist => false do - subject(:response) do - response = provider.exists? - end - - it { expect(response).to be_falsey } - end - - describe '#instances', :domainlist => true do - it 'finds every tenant' do - provider.class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + describe '#instances', :domainlist => true do + it 'finds every tenant' do + provider.class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","foo","bar_domain_id","foo",True -') - instances = provider.class.instances - expect(instances[0].name).to eq('foo') - expect(instances[0].domain).to eq('bar_domain') - expect(instances[1].name).to eq('foo::foo_domain') - end - end - end - - describe 'v3 domains with no domain in resource', :domainlist => true do - - let(:tenant_attrs) do - { - :name => 'foo', - :description => 'foo', - :ensure => 'present', - :enabled => 'True' - } - end - - it 'adds default domain to commands' do - mock = { - 'identity' => {'default_domain_id' => 'foo_domain_id'} - } - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - File.expects(:exists?).with('/etc/keystone/keystone.conf').returns(true) - mock.expects(:read).with('/etc/keystone/keystone.conf') - provider.class.expects(:openstack) - .with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain']) - .returns('description="foo" -enabled="True" -name="foo" -id="project-id" -domain_id="foo_domain_id" -') - provider.create - expect(provider.exists?).to be_truthy - expect(provider.id).to eq("project-id") - end - - end - - describe 'v3 domains with domain in resource', :domainlist => false do - - let(:tenant_attrs) do - { - :name => 'foo', - :description => 'foo', - :ensure => 'present', - :enabled => 'True', - :domain => 'foo_domain' - } - end - - it 'uses given domain in commands' do - provider.class.expects(:openstack) - .with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain']) - .returns('description="foo" -enabled="True" -name="foo" -id="project-id" -domain_id="foo_domain_id" -') - provider.create - expect(provider.exists?).to be_truthy - expect(provider.id).to eq("project-id") - end - end - - describe 'v3 domains with domain in name/title', :domainlist => false do - - let(:tenant_attrs) do - { - :name => 'foo::foo_domain', - :description => 'foo', - :ensure => 'present', - :enabled => 'True' - } - end - - it 'uses given domain in commands' do - provider.class.expects(:openstack) - .with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain']) - .returns('description="foo" -enabled="True" -name="foo" -id="project-id" -domain_id="foo_domain_id" -') - provider.create - expect(provider.exists?).to be_truthy - expect(provider.id).to eq("project-id") - expect(provider.name).to eq('foo::foo_domain') - end - end - - describe 'v3 domains with domain in name/title and in resource', :domainlist => false do - - let(:tenant_attrs) do - { - :name => 'foo::bar_domain', - :description => 'foo', - :ensure => 'present', - :enabled => 'True', - :domain => 'foo_domain' - } - end - - it 'uses given domain in commands' do - provider.class.expects(:openstack) - .with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain']) - .returns('description="foo" -enabled="True" -name="foo" -id="project-id" -domain_id="foo_domain_id" -') - provider.create - expect(provider.exists?).to be_truthy - expect(provider.id).to eq("project-id") - expect(provider.name).to eq('foo::bar_domain') +' + ) + instances = provider.class.instances + expect(instances[0].name).to eq('foo') + expect(instances[0].domain).to eq('bar_domain') + expect(instances[1].name).to eq('foo::foo_domain') end end end + + describe 'v3 domains with no domain in resource', :domainlist => true do + + let(:tenant_attrs) do + { + :name => 'foo', + :description => 'foo', + :ensure => 'present', + :enabled => 'True' + } + end + + it 'adds default domain to commands' do + mock = { + 'identity' => {'default_domain_id' => 'foo_domain_id'} + } + Puppet::Util::IniConfig::File.expects(:new).returns(mock) + File.expects(:exists?).with('/etc/keystone/keystone.conf').returns(true) + mock.expects(:read).with('/etc/keystone/keystone.conf') + provider.class.expects(:openstack) + .with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain']) + .returns('description="foo" +enabled="True" +name="foo" +id="project-id" +domain_id="foo_domain_id" +' + ) + provider.create + expect(provider.exists?).to be_truthy + expect(provider.id).to eq("project-id") + end + + end + + describe 'v3 domains with domain in resource', :domainlist => false do + + let(:tenant_attrs) do + { + :name => 'foo', + :description => 'foo', + :ensure => 'present', + :enabled => 'True', + :domain => 'foo_domain' + } + end + + it 'uses given domain in commands' do + provider.class.expects(:openstack) + .with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain']) + .returns('description="foo" +enabled="True" +name="foo" +id="project-id" +domain_id="foo_domain_id" +' + ) + provider.create + expect(provider.exists?).to be_truthy + expect(provider.id).to eq("project-id") + end + end + + describe 'v3 domains with domain in name/title', :domainlist => false do + + let(:tenant_attrs) do + { + :name => 'foo::foo_domain', + :description => 'foo', + :ensure => 'present', + :enabled => 'True' + } + end + + it 'uses given domain in commands' do + provider.class.expects(:openstack) + .with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain']) + .returns('description="foo" +enabled="True" +name="foo" +id="project-id" +domain_id="foo_domain_id" +' + ) + provider.create + expect(provider.exists?).to be_truthy + expect(provider.id).to eq("project-id") + expect(provider.name).to eq('foo::foo_domain') + end + end + + describe 'v3 domains with domain in name/title and in resource', :domainlist => false do + + let(:tenant_attrs) do + { + :name => 'foo::bar_domain', + :description => 'foo', + :ensure => 'present', + :enabled => 'True', + :domain => 'foo_domain' + } + end + + it 'uses given domain in commands' do + provider.class.expects(:openstack) + .with('project', 'create', '--format', 'shell', ['foo', '--enable', '--description', 'foo', '--domain', 'foo_domain']) + .returns('description="foo" +enabled="True" +name="foo" +id="project-id" +domain_id="foo_domain_id" +' + ) + provider.create + expect(provider.exists?).to be_truthy + expect(provider.id).to eq("project-id") + expect(provider.name).to eq('foo::bar_domain') + end + end end diff --git a/spec/unit/provider/keystone_user/openstack_spec.rb b/spec/unit/provider/keystone_user/openstack_spec.rb index f3836ef1d..db37d5a0b 100644 --- a/spec/unit/provider/keystone_user/openstack_spec.rb +++ b/spec/unit/provider/keystone_user/openstack_spec.rb @@ -13,7 +13,7 @@ end describe provider_class do - shared_examples 'authenticated with environment variables' do + let(:set_env) do ENV['OS_USERNAME'] = 'test' ENV['OS_PASSWORD'] = 'abc123' ENV['OS_PROJECT_NAME'] = 'test' @@ -46,16 +46,18 @@ describe provider_class do end def before_hook(delete, missing, noproject, user_cached, project_only) + set_env unless noproject project_class.expects(:openstack).once - .with('domain', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Enabled","Description" + .with('domain', 'list', '--quiet', '--format', 'csv', []) + .returns('"ID","Name","Enabled","Description" "default","Default",True,"default" "foo_domain_id","foo_domain",True,"foo domain" "bar_domain_id","bar_domain",True,"bar domain" "another_domain_id","another_domain",True,"another domain" "disabled_domain_id","disabled_domain",False,"disabled domain" -') +' + ) end if project_only @@ -63,14 +65,15 @@ describe provider_class do end provider.class.expects(:openstack).once - .with('domain', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name","Enabled","Description" + .with('domain', 'list', '--quiet', '--format', 'csv', []) + .returns('"ID","Name","Enabled","Description" "default","Default",True,"default" "foo_domain_id","foo_domain",True,"foo domain" "bar_domain_id","bar_domain",True,"bar domain" "another_domain_id","another_domain",True,"another domain" "disabled_domain_id","disabled_domain",False,"disabled domain" -') +' + ) if user_cached return # using cached user, so no user list end @@ -84,7 +87,8 @@ describe provider_class do "1cb05cfed7c24279be884ba4f6520262","foo",' + project + ',"foo_domain_id","foo description","foo@example.com",True "2cb05cfed7c24279be884ba4f6520262","foo",' + project + ',"bar_domain_id","foo description","foo@example.com",True "3cb05cfed7c24279be884ba4f6520262","foo",' + project + ',"another_domain_id","foo description","foo@example.com",True -'] +' + ] nn = 1 if delete nn = 2 @@ -94,8 +98,8 @@ describe provider_class do foo_returns = [''] end provider.class.expects(:openstack).times(nn) - .with('user', 'list', '--quiet', '--format', 'csv', ['--long']) - .returns(*foo_returns) + .with('user', 'list', '--quiet', '--format', 'csv', ['--long']) + .returns(*foo_returns) end before :each, :default => true do @@ -117,7 +121,7 @@ describe provider_class do before_hook(false, false, false, true, false) end before :each, :nohooks => true do - # do nothing + set_env end before :each, :project_only => true do before_hook(false, false, false, false, true) @@ -127,177 +131,186 @@ describe provider_class do end describe 'when managing a user' do - it_behaves_like 'authenticated with environment variables' do - describe '#create', :project_only => true do - it 'creates a user' do - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + describe '#create', :project_only => true do + it 'creates a user' do + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","foo","bar_domain_id","foo",True -') - provider.class.expects(:openstack) - .with('role', 'show', '--format', 'shell', '_member_') - .returns(' +' + ) + provider.class.expects(:openstack) + .with('role', 'show', '--format', 'shell', '_member_') + .returns(' name="_member_" -') - provider.class.expects(:openstack) - .with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '12b23f07d4a3448d8189521ab09610b0']) - provider.class.expects(:openstack) - .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain']) - .returns('email="foo@example.com" +' + ) + provider.class.expects(:openstack) + .with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '12b23f07d4a3448d8189521ab09610b0']) + provider.class.expects(:openstack) + .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain']) + .returns('email="foo@example.com" enabled="True" id="12b23f07d4a3448d8189521ab09610b0" name="foo" username="foo" -') - provider.create - expect(provider.exists?).to be_truthy - end +' + ) + provider.create + expect(provider.exists?).to be_truthy + end + end + + describe '#destroy' do + it 'destroys a user' do + provider.instance_variable_get('@property_hash')[:id] = 'my-user-id' + provider.class.expects(:openstack) + .with('user', 'delete', 'my-user-id') + provider.destroy + expect(provider.exists?).to be_falsey end - describe '#destroy' do - it 'destroys a user' do - provider.instance_variable_get('@property_hash')[:id] = 'my-user-id' - provider.class.expects(:openstack) - .with('user', 'delete', 'my-user-id') - provider.destroy - expect(provider.exists?).to be_falsey + end + + describe '#exists' do + context 'when user does not exist' do + subject(:response) do + response = provider.exists? end + it { is_expected.to be_falsey } end + end - describe '#exists' do - context 'when user does not exist' do - subject(:response) do - response = provider.exists? - end - - it { is_expected.to be_falsey } - end + describe '#instances', :noproject => true do + it 'finds every user' do + instances = provider.class.instances + expect(instances.count).to eq(3) + expect(instances[0].name).to eq('foo') + expect(instances[0].domain).to eq('another_domain') + expect(instances[1].name).to eq('foo::foo_domain') + expect(instances[2].name).to eq('foo::bar_domain') end + end - describe '#instances', :noproject => true do - it 'finds every user' do - instances = provider.class.instances - expect(instances.count).to eq(3) - expect(instances[0].name).to eq('foo') - expect(instances[0].domain).to eq('another_domain') - expect(instances[1].name).to eq('foo::foo_domain') - expect(instances[2].name).to eq('foo::bar_domain') - end - end - - describe '#tenant' do - it 'gets the tenant with default backend', :user_cached => true do - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + describe '#tenant' do + it 'gets the tenant with default backend', :user_cached => true do + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True -') - provider.class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) - .returns('"ID","Name","Domain ID","Description","Enabled" +' + ) + provider.class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) + .returns('"ID","Name","Domain ID","Description","Enabled" "foo_project_id1","foo","foo_domain_id","",True -') - provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' - tenant = provider.tenant - expect(tenant).to eq('foo') - end +' + ) + provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' + tenant = provider.tenant + expect(tenant).to eq('foo') + end - it 'gets the tenant with LDAP backend', :user_cached => true do - provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + it 'gets the tenant with LDAP backend', :user_cached => true do + provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True -') - provider.class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) - .returns('"ID","Name","Domain ID","Description","Enabled" +' + ) + provider.class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) + .returns('"ID","Name","Domain ID","Description","Enabled" "foo_project_id1","foo","foo_domain_id","",True "bar_project_id2","bar","bar_domain_id","",True "foo_project_id2","foo","another_domain_id","",True -') - tenant = provider.tenant - expect(tenant).to eq('foo') +' + ) + tenant = provider.tenant + expect(tenant).to eq('foo') + end + end + describe '#tenant=', :project_only => true do + context 'when using default backend' do + it 'sets the tenant' do + provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' + provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain' + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" +"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True +"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True +' + ) + provider.class.expects(:openstack) + .with('role', 'show', '--format', 'shell', '_member_') + .returns('name="_member_"') + provider.class.expects(:openstack) + .with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262']) + provider.tenant=('bar') end end - describe '#tenant=', :project_only => true do - context 'when using default backend' do - it 'sets the tenant' do - provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' - provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain' - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + context 'when using LDAP read-write backend' do + it 'sets the tenant when _member_ role exists' do + provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' + provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain' + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True -') - provider.class.expects(:openstack) - .with('role', 'show', '--format', 'shell', '_member_') - .returns('name="_member_"') - provider.class.expects(:openstack) - .with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262']) - provider.tenant=('bar') - end +' + ) + provider.class.expects(:openstack) + .with('role', 'show', '--format', 'shell', '_member_') + .returns('name="_member_"') + provider.class.expects(:openstack) + .with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262']) + provider.tenant=('bar') end - context 'when using LDAP read-write backend' do - it 'sets the tenant when _member_ role exists' do - provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' - provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain' - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + it 'sets the tenant when _member_ role does not exist' do + provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' + provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain' + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True -') - provider.class.expects(:openstack) - .with('role', 'show', '--format', 'shell', '_member_') - .returns('name="_member_"') - provider.class.expects(:openstack) - .with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262']) - provider.tenant=('bar') - end - it 'sets the tenant when _member_ role does not exist' do - provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' - provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain' - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" -"1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True -"2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True -') - provider.class.expects(:openstack) - .with('role', 'show', '--format', 'shell', '_member_') - .raises(Puppet::ExecutionFailure, 'no such role _member_') - provider.class.expects(:openstack) - .with('role', 'create', '--format', 'shell', '_member_') - .returns('name="_member_"') - provider.class.expects(:openstack) - .with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262']) - provider.tenant=('bar') - end +' + ) + provider.class.expects(:openstack) + .with('role', 'show', '--format', 'shell', '_member_') + .raises(Puppet::ExecutionFailure, 'no such role _member_') + provider.class.expects(:openstack) + .with('role', 'create', '--format', 'shell', '_member_') + .returns('name="_member_"') + provider.class.expects(:openstack) + .with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262']) + provider.tenant=('bar') end - context 'when using LDAP read-only backend', :nohooks => true do - it 'sets the tenant when _member_ role exists' do - provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' - provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain' - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + end + context 'when using LDAP read-only backend', :nohooks => true do + it 'sets the tenant when _member_ role exists' do + provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' + provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain' + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True -') - provider.class.expects(:openstack) - .with('role', 'show', '--format', 'shell', '_member_') - .returns('name="_member_"') - provider.class.expects(:openstack) - .with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262']) - provider.tenant=('bar') - end +' + ) + provider.class.expects(:openstack) + .with('role', 'show', '--format', 'shell', '_member_') + .returns('name="_member_"') + provider.class.expects(:openstack) + .with('role', 'add', ['_member_', '--project', '2cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262']) + provider.tenant=('bar') end end end @@ -324,74 +337,73 @@ username="foo" provider_class.new(resource) end - shared_examples 'with auth-url environment variable' do - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000' + it 'checks the password', :noproject_user_cached => true do + provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' + mock_creds = Puppet::Provider::Openstack::CredentialsV3.new + mock_creds.auth_url='http://127.0.0.1:5000' + mock_creds.password='foo' + mock_creds.username='foo' + mock_creds.user_id='1cb05cfed7c24279be884ba4f6520262' + mock_creds.project_id='project-id-1' + Puppet::Provider::Openstack::CredentialsV3.expects(:new).returns(mock_creds) + Puppet::Provider::Openstack.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) + .returns('"ID","Name","Domain ID","Description","Enabled" +"project-id-1","foo","foo_domain_id","foo",True +' + ) + Puppet::Provider::Openstack.expects(:openstack) + .with('token', 'issue', ['--format', 'value']) + .returns('2015-05-14T04:06:05Z +e664a386befa4a30878dcef20e79f167 +8dce2ae9ecd34c199d2877bf319a3d06 +ac43ec53d5a74a0b9f51523ae41a29f0 +' + ) + password = provider.password + expect(password).to eq('foo') end - it_behaves_like 'with auth-url environment variable' do - it 'checks the password', :noproject_user_cached => true do - provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' - mock_creds = Puppet::Provider::Openstack::CredentialsV3.new - mock_creds.auth_url='http://127.0.0.1:5000' - mock_creds.password='foo' - mock_creds.username='foo' - mock_creds.user_id='1cb05cfed7c24279be884ba4f6520262' - mock_creds.project_id='project-id-1' - Puppet::Provider::Openstack::CredentialsV3.expects(:new).returns(mock_creds) - Puppet::Provider::Openstack.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) - .returns('"ID","Name","Domain ID","Description","Enabled" + it 'fails the password check', :noproject_user_cached => true do + provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' + Puppet::Provider::Openstack.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) + .returns('"ID","Name","Domain ID","Description","Enabled" "project-id-1","foo","foo_domain_id","foo",True -') - Puppet::Provider::Openstack.expects(:openstack) - .with('token', 'issue', ['--format', 'value']) - .returns('2015-05-14T04:06:05Z +' + ) + Puppet::Provider::Openstack.expects(:openstack) + .with('token', 'issue', ['--format', 'value']) + .raises(Puppet::ExecutionFailure, 'HTTP 401 invalid authentication') + password = provider.password + expect(password).to eq(nil) + end + + it 'checks the password with domain scoped token', :nohooks => true do + provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' + provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain' + mock_creds = Puppet::Provider::Openstack::CredentialsV3.new + mock_creds.auth_url='http://127.0.0.1:5000' + mock_creds.password='foo' + mock_creds.username='foo' + mock_creds.user_id='1cb05cfed7c24279be884ba4f6520262' + mock_creds.domain_name='foo_domain' + Puppet::Provider::Openstack::CredentialsV3.expects(:new).returns(mock_creds) + Puppet::Provider::Openstack.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) + .returns('"ID","Name","Domain ID","Description","Enabled" +' + ) + Puppet::Provider::Openstack.expects(:openstack) + .with('token', 'issue', ['--format', 'value']) + .returns('2015-05-14T04:06:05Z e664a386befa4a30878dcef20e79f167 8dce2ae9ecd34c199d2877bf319a3d06 ac43ec53d5a74a0b9f51523ae41a29f0 -') - password = provider.password - expect(password).to eq('foo') - end - - it 'fails the password check', :noproject_user_cached => true do - provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' - Puppet::Provider::Openstack.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) - .returns('"ID","Name","Domain ID","Description","Enabled" -"project-id-1","foo","foo_domain_id","foo",True -') - Puppet::Provider::Openstack.expects(:openstack) - .with('token', 'issue', ['--format', 'value']) - .raises(Puppet::ExecutionFailure, 'HTTP 401 invalid authentication') - password = provider.password - expect(password).to eq(nil) - end - - it 'checks the password with domain scoped token', :nohooks => true do - provider.instance_variable_get('@property_hash')[:id] = '1cb05cfed7c24279be884ba4f6520262' - provider.instance_variable_get('@property_hash')[:domain] = 'foo_domain' - mock_creds = Puppet::Provider::Openstack::CredentialsV3.new - mock_creds.auth_url='http://127.0.0.1:5000' - mock_creds.password='foo' - mock_creds.username='foo' - mock_creds.user_id='1cb05cfed7c24279be884ba4f6520262' - mock_creds.domain_name='foo_domain' - Puppet::Provider::Openstack::CredentialsV3.expects(:new).returns(mock_creds) - Puppet::Provider::Openstack.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) - .returns('"ID","Name","Domain ID","Description","Enabled" -') - Puppet::Provider::Openstack.expects(:openstack) - .with('token', 'issue', ['--format', 'value']) - .returns('2015-05-14T04:06:05Z -e664a386befa4a30878dcef20e79f167 -8dce2ae9ecd34c199d2877bf319a3d06 -ac43ec53d5a74a0b9f51523ae41a29f0 -') - password = provider.password - expect(password).to eq('foo') - end +' + ) + password = provider.password + expect(password).to eq('foo') end end @@ -426,221 +438,235 @@ ac43ec53d5a74a0b9f51523ae41a29f0 end end - it_behaves_like 'authenticated with environment variables' do - describe 'v3 domains with no domain in resource', :user_cached => true do - let(:user_attrs) do - { - :name => 'foo', - :ensure => 'present', - :enabled => 'True', - :password => 'foo', - :tenant => 'foo', - :email => 'foo@example.com', - } - end + describe 'v3 domains with no domain in resource', :user_cached => true do + let(:user_attrs) do + { + :name => 'foo', + :ensure => 'present', + :enabled => 'True', + :password => 'foo', + :tenant => 'foo', + :email => 'foo@example.com', + } + end - it 'adds default domain to commands' do - mock = { - 'identity' => {'default_domain_id' => 'foo_domain_id'} - } - Puppet::Util::IniConfig::File.expects(:new).returns(mock) - File.expects(:exists?).with('/etc/keystone/keystone.conf').returns(true) - mock.expects(:read).with('/etc/keystone/keystone.conf') - provider.class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) - .returns('"ID","Name" -') - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + it 'adds default domain to commands' do + mock = { + 'identity' => {'default_domain_id' => 'foo_domain_id'} + } + Puppet::Util::IniConfig::File.expects(:new).returns(mock) + File.expects(:exists?).with('/etc/keystone/keystone.conf').returns(true) + mock.expects(:read).with('/etc/keystone/keystone.conf') + provider.class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', ['--user', '1cb05cfed7c24279be884ba4f6520262', '--long']) + .returns('"ID","Name" +' + ) + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True -') - provider.class.expects(:openstack) - .with('role', 'show', '--format', 'shell', '_member_') - .returns(' +' + ) + provider.class.expects(:openstack) + .with('role', 'show', '--format', 'shell', '_member_') + .returns(' name="_member_" -') - provider.class.expects(:openstack) - .with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262']) - provider.class.expects(:openstack) - .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain']) - .returns('email="foo@example.com" +' + ) + provider.class.expects(:openstack) + .with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '1cb05cfed7c24279be884ba4f6520262']) + provider.class.expects(:openstack) + .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain']) + .returns('email="foo@example.com" enabled="True" id="1cb05cfed7c24279be884ba4f6520262" name="foo" username="foo" -') - provider.create - expect(provider.exists?).to be_truthy - expect(provider.id).to eq("1cb05cfed7c24279be884ba4f6520262") - end +' + ) + provider.create + expect(provider.exists?).to be_truthy + expect(provider.id).to eq("1cb05cfed7c24279be884ba4f6520262") + end + end + + describe 'v3 domains with domain in resource', :project_only => true do + let(:user_attrs) do + { + :name => 'foo', + :ensure => 'present', + :enabled => 'True', + :password => 'foo', + :tenant => 'foo', + :email => 'foo@example.com', + :domain => 'bar_domain', + } end - describe 'v3 domains with domain in resource', :project_only => true do - let(:user_attrs) do - { - :name => 'foo', - :ensure => 'present', - :enabled => 'True', - :password => 'foo', - :tenant => 'foo', - :email => 'foo@example.com', - :domain => 'bar_domain', - } - end - - it 'uses given domain in commands' do - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + it 'uses given domain in commands' do + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True -') - provider.class.expects(:openstack) - .with('role', 'show', '--format', 'shell', '_member_') - .returns(' +' + ) + provider.class.expects(:openstack) + .with('role', 'show', '--format', 'shell', '_member_') + .returns(' name="_member_" -') - provider.class.expects(:openstack) - .with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262']) - provider.class.expects(:openstack) - .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'bar_domain']) - .returns('email="foo@example.com" +' + ) + provider.class.expects(:openstack) + .with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262']) + provider.class.expects(:openstack) + .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'bar_domain']) + .returns('email="foo@example.com" enabled="True" id="2cb05cfed7c24279be884ba4f6520262" name="foo" username="foo" -') - provider.create - expect(provider.exists?).to be_truthy - expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262") - end +' + ) + provider.create + expect(provider.exists?).to be_truthy + expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262") + end + end + + describe 'v3 domains with domain in name/title', :project_only => true do + let(:user_attrs) do + { + :name => 'foo::bar_domain', + :ensure => 'present', + :enabled => 'True', + :password => 'foo', + :tenant => 'foo', + :email => 'foo@example.com', + } end - describe 'v3 domains with domain in name/title', :project_only => true do - let(:user_attrs) do - { - :name => 'foo::bar_domain', - :ensure => 'present', - :enabled => 'True', - :password => 'foo', - :tenant => 'foo', - :email => 'foo@example.com', - } - end - - it 'uses given domain in commands' do - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + it 'uses given domain in commands' do + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True -') - provider.class.expects(:openstack) - .with('role', 'show', '--format', 'shell', '_member_') - .returns(' +' + ) + provider.class.expects(:openstack) + .with('role', 'show', '--format', 'shell', '_member_') + .returns(' name="_member_" -') - provider.class.expects(:openstack) - .with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262']) - provider.class.expects(:openstack) - .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'bar_domain']) - .returns('email="foo@example.com" +' + ) + provider.class.expects(:openstack) + .with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262']) + provider.class.expects(:openstack) + .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'bar_domain']) + .returns('email="foo@example.com" enabled="True" id="2cb05cfed7c24279be884ba4f6520262" name="foo" username="foo" -') - provider.create - expect(provider.exists?).to be_truthy - expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262") - expect(provider.name).to eq('foo::bar_domain') - end +' + ) + provider.create + expect(provider.exists?).to be_truthy + expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262") + expect(provider.name).to eq('foo::bar_domain') + end + end + + describe 'v3 domains with domain in name/title and in resource', :project_only => true do + let(:user_attrs) do + { + :name => 'foo::bar_domain', + :ensure => 'present', + :enabled => 'True', + :password => 'foo', + :tenant => 'foo', + :email => 'foo@example.com', + :domain => 'foo_domain', + } end - describe 'v3 domains with domain in name/title and in resource', :project_only => true do - let(:user_attrs) do - { - :name => 'foo::bar_domain', - :ensure => 'present', - :enabled => 'True', - :password => 'foo', - :tenant => 'foo', - :email => 'foo@example.com', - :domain => 'foo_domain', - } - end - - it 'uses the resource domain in commands' do - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + it 'uses the resource domain in commands' do + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","bar","bar_domain_id","bar",True -') - provider.class.expects(:openstack) - .with('role', 'show', '--format', 'shell', '_member_') - .returns(' +' + ) + provider.class.expects(:openstack) + .with('role', 'show', '--format', 'shell', '_member_') + .returns(' name="_member_" -') - provider.class.expects(:openstack) - .with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262']) - provider.class.expects(:openstack) - .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain']) - .returns('email="foo@example.com" +' + ) + provider.class.expects(:openstack) + .with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262']) + provider.class.expects(:openstack) + .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain']) + .returns('email="foo@example.com" enabled="True" id="2cb05cfed7c24279be884ba4f6520262" name="foo" username="foo" -') - provider.create - expect(provider.exists?).to be_truthy - expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262") - expect(provider.name).to eq('foo::bar_domain') - end +' + ) + provider.create + expect(provider.exists?).to be_truthy + expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262") + expect(provider.name).to eq('foo::bar_domain') + end + end + + describe 'v3 domains with domain in name/title and in resource and in tenant', :project_only => true do + let(:user_attrs) do + { + :name => 'foo::bar_domain', + :ensure => 'present', + :enabled => 'True', + :password => 'foo', + :tenant => 'foo::foo_domain', + :email => 'foo@example.com', + :domain => 'foo_domain', + } end - describe 'v3 domains with domain in name/title and in resource and in tenant', :project_only => true do - let(:user_attrs) do - { - :name => 'foo::bar_domain', - :ensure => 'present', - :enabled => 'True', - :password => 'foo', - :tenant => 'foo::foo_domain', - :email => 'foo@example.com', - :domain => 'foo_domain', - } - end - - it 'uses the resource domain in commands' do - project_class.expects(:openstack) - .with('project', 'list', '--quiet', '--format', 'csv', '--long') - .returns('"ID","Name","Domain ID","Description","Enabled" + it 'uses the resource domain in commands' do + project_class.expects(:openstack) + .with('project', 'list', '--quiet', '--format', 'csv', '--long') + .returns('"ID","Name","Domain ID","Description","Enabled" "1cb05cfed7c24279be884ba4f6520262","foo","foo_domain_id","foo",True "2cb05cfed7c24279be884ba4f6520262","foo","bar_domain_id","foo",True -') - provider.class.expects(:openstack) - .with('role', 'show', '--format', 'shell', '_member_') - .returns(' +' + ) + provider.class.expects(:openstack) + .with('role', 'show', '--format', 'shell', '_member_') + .returns(' name="_member_" -') - provider.class.expects(:openstack) - .with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262']) - provider.class.expects(:openstack) - .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain']) - .returns('email="foo@example.com" +' + ) + provider.class.expects(:openstack) + .with('role', 'add', ['_member_', '--project', '1cb05cfed7c24279be884ba4f6520262', '--user', '2cb05cfed7c24279be884ba4f6520262']) + provider.class.expects(:openstack) + .with('user', 'create', '--format', 'shell', ['foo', '--enable', '--password', 'foo', '--email', 'foo@example.com', '--domain', 'foo_domain']) + .returns('email="foo@example.com" enabled="True" id="2cb05cfed7c24279be884ba4f6520262" name="foo" username="foo" -') - provider.create - expect(provider.exists?).to be_truthy - expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262") - expect(provider.name).to eq('foo::bar_domain') - end +' + ) + provider.create + expect(provider.exists?).to be_truthy + expect(provider.id).to eq("2cb05cfed7c24279be884ba4f6520262") + expect(provider.name).to eq('foo::bar_domain') end end end diff --git a/spec/unit/provider/keystone_user_role/openstack_spec.rb b/spec/unit/provider/keystone_user_role/openstack_spec.rb index 51c147535..c6b521a0b 100644 --- a/spec/unit/provider/keystone_user_role/openstack_spec.rb +++ b/spec/unit/provider/keystone_user_role/openstack_spec.rb @@ -137,7 +137,15 @@ describe provider_class do end end + let(:set_env) do + ENV['OS_USERNAME'] = 'test' + ENV['OS_PASSWORD'] = 'abc123' + ENV['OS_PROJECT_NAME'] = 'test' + ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000' + end + def before_common(destroy, nolist=false, instances=false) + set_env rolelistprojectuser = [['role-id-1','foo','foo','foo'], ['role-id-2','bar','foo','foo']] csvlist = list_to_csv(rolelistprojectuser) @@ -186,107 +194,98 @@ describe provider_class do before_common(true, true, true) end - shared_examples 'authenticated with environment variables' do - ENV['OS_USERNAME'] = 'test' - ENV['OS_PASSWORD'] = 'abc123' - ENV['OS_PROJECT_NAME'] = 'test' - ENV['OS_AUTH_URL'] = 'http://127.0.0.1:5000' - end - describe 'when updating a user\'s role' do - it_behaves_like 'authenticated with environment variables' do + let(:user_role_attrs) do + { + :name => 'foo@foo', + :ensure => 'present', + :roles => ['foo', 'bar'], + } + end + + let(:resource) do + Puppet::Type::Keystone_user_role.new(user_role_attrs) + end + + let(:provider) do + provider_class.new(resource) + end + + describe '#create', :default => true do + it 'adds all the roles to the user' do + provider.class.expects(:openstack) + .with('role', 'add', ['foo', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.class.expects(:openstack) + .with('role', 'add', ['bar', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.create + expect(provider.exists?).to be_truthy + end + end + + describe '#destroy', :destroy => true do + it 'removes all the roles from a user' do + provider.instance_variable_get('@property_hash')[:roles] = ['foo', 'bar'] + provider.class.expects(:openstack) + .with('role', 'remove', ['foo', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.class.expects(:openstack) + .with('role', 'remove', ['bar', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.destroy + expect(provider.exists?).to be_falsey + end + + end + + describe '#exists', :default => true do + subject(:response) do + response = provider.exists? + end + + it { is_expected.to be_truthy } + + end + + describe '#instances', :instances => true do + it 'finds every user role' do + provider.class.expects(:openstack) + .with('role', 'list', '--quiet', '--format', 'csv', []) + .returns('"ID","Name" +"foo-role-id","foo" +"bar-role-id","bar" + ') + provider.class.expects(:openstack) + .with('role assignment', 'list', '--quiet', '--format', 'csv', []) + .returns(' +"Role","User","Group","Project","Domain" +"foo-role-id","user-id-1","","project-id-1","" +"bar-role-id","user-id-1","","project-id-1","" + ') + instances = provider.class.instances + expect(instances.count).to eq(1) + expect(instances[0].name).to eq('foo@example.com@foo') + expect(instances[0].roles).to eq(['foo', 'bar']) + end + end + + describe '#roles=', :nolist => true do let(:user_role_attrs) do { :name => 'foo@foo', :ensure => 'present', - :roles => ['foo', 'bar'], + :roles => ['one', 'two'], } end - let(:resource) do - Puppet::Type::Keystone_user_role.new(user_role_attrs) - end - - let(:provider) do - provider_class.new(resource) - end - - describe '#create', :default => true do - it 'adds all the roles to the user' do - provider.class.expects(:openstack) - .with('role', 'add', ['foo', '--project', 'project-id-1', '--user', 'user-id-1']) - provider.class.expects(:openstack) - .with('role', 'add', ['bar', '--project', 'project-id-1', '--user', 'user-id-1']) - provider.create - expect(provider.exists?).to be_truthy - end - end - - describe '#destroy', :destroy => true do - it 'removes all the roles from a user' do - provider.instance_variable_get('@property_hash')[:roles] = ['foo', 'bar'] - provider.class.expects(:openstack) - .with('role', 'remove', ['foo', '--project', 'project-id-1', '--user', 'user-id-1']) - provider.class.expects(:openstack) - .with('role', 'remove', ['bar', '--project', 'project-id-1', '--user', 'user-id-1']) - provider.destroy - expect(provider.exists?).to be_falsey - end - - end - - describe '#exists', :default => true do - subject(:response) do - response = provider.exists? - end - - it { is_expected.to be_truthy } - - end - - describe '#instances', :instances => true do - it 'finds every user role' do - provider.class.expects(:openstack) - .with('role', 'list', '--quiet', '--format', 'csv', []) - .returns('"ID","Name" -"foo-role-id","foo" -"bar-role-id","bar" -') - provider.class.expects(:openstack) - .with('role assignment', 'list', '--quiet', '--format', 'csv', []) - .returns(' -"Role","User","Group","Project","Domain" -"foo-role-id","user-id-1","","project-id-1","" -"bar-role-id","user-id-1","","project-id-1","" -') - instances = provider.class.instances - expect(instances.count).to eq(1) - expect(instances[0].name).to eq('foo@example.com@foo') - expect(instances[0].roles).to eq(['foo', 'bar']) - end - end - - describe '#roles=', :nolist => true do - let(:user_role_attrs) do - { - :name => 'foo@foo', - :ensure => 'present', - :roles => ['one', 'two'], - } - end - - it 'applies the new roles' do - provider.instance_variable_get('@property_hash')[:roles] = ['foo', 'bar'] - provider.class.expects(:openstack) - .with('role', 'remove', ['foo', '--project', 'project-id-1', '--user', 'user-id-1']) - provider.class.expects(:openstack) - .with('role', 'remove', ['bar', '--project', 'project-id-1', '--user', 'user-id-1']) - provider.class.expects(:openstack) - .with('role', 'add', ['one', '--project', 'project-id-1', '--user', 'user-id-1']) - provider.class.expects(:openstack) - .with('role', 'add', ['two', '--project', 'project-id-1', '--user', 'user-id-1']) - provider.roles=(['one', 'two']) - end + it 'applies the new roles' do + provider.instance_variable_get('@property_hash')[:roles] = ['foo', 'bar'] + provider.class.expects(:openstack) + .with('role', 'remove', ['foo', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.class.expects(:openstack) + .with('role', 'remove', ['bar', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.class.expects(:openstack) + .with('role', 'add', ['one', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.class.expects(:openstack) + .with('role', 'add', ['two', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.roles=(['one', 'two']) end end end