Merge "Deletes tenant parameter from keystone_user"
This commit is contained in:
Jenkins
@@ -112,7 +112,6 @@ describe 'basic keystone server with resources' do
|
||||
keystone_user { 'adminv3::admin_domain':
|
||||
ensure => present,
|
||||
enabled => true,
|
||||
tenant => 'openstackv3::admin_domain',
|
||||
email => 'test@example.tld',
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
|
||||
@@ -112,7 +112,6 @@ describe 'keystone server running with Apache/WSGI as Identity Provider' do
|
||||
keystone_user { 'adminv3::admin_domain':
|
||||
ensure => present,
|
||||
enabled => true,
|
||||
tenant => 'openstackv3::admin_domain',
|
||||
email => 'test@example.tld',
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
|
||||
@@ -111,7 +111,6 @@ describe 'keystone server running with Apache/WSGI with resources' do
|
||||
keystone_user { 'adminv3::admin_domain':
|
||||
ensure => present,
|
||||
enabled => true,
|
||||
tenant => 'openstackv3::admin_domain',
|
||||
email => 'test@example.tld',
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
|
||||
@@ -24,10 +24,8 @@ describe 'keystone::roles::admin' do
|
||||
it { is_expected.to contain_keystone_user('admin').with(
|
||||
:ensure => 'present',
|
||||
:enabled => true,
|
||||
:tenant => 'openstack',
|
||||
:email => 'foo@bar',
|
||||
:password => 'ChangeMe',
|
||||
:ignore_default_tenant => 'false'
|
||||
)}
|
||||
it { is_expected.to contain_keystone_role('admin').with_ensure('present') }
|
||||
it { is_expected.to contain_keystone_user_role('admin@openstack').with(
|
||||
@@ -47,7 +45,6 @@ describe 'keystone::roles::admin' do
|
||||
:admin_tenant => 'admin',
|
||||
:admin_roles => ['admin', 'heat_stack_owner'],
|
||||
:service_tenant => 'foobar',
|
||||
:ignore_default_tenant => 'true',
|
||||
:admin_tenant_desc => 'admin something else',
|
||||
:service_tenant_desc => 'foobar description',
|
||||
}
|
||||
@@ -66,10 +63,8 @@ describe 'keystone::roles::admin' do
|
||||
it { is_expected.to contain_keystone_user('admin').with(
|
||||
:ensure => 'present',
|
||||
:enabled => true,
|
||||
:tenant => 'admin',
|
||||
:email => 'foo@baz',
|
||||
:password => 'foo',
|
||||
:ignore_default_tenant => 'true'
|
||||
)}
|
||||
it { is_expected.to contain_keystone_user_role('admin@admin').with(
|
||||
:roles => ['admin', 'heat_stack_owner'],
|
||||
@@ -117,7 +112,6 @@ describe 'keystone::roles::admin' do
|
||||
end
|
||||
it { is_expected.to contain_keystone_user('admin').with(
|
||||
:domain => 'admin_user_domain',
|
||||
:tenant => 'admin_tenant'
|
||||
)}
|
||||
it { is_expected.to contain_keystone_tenant('admin_tenant').with(:domain => 'admin_project_domain') }
|
||||
it { is_expected.to contain_keystone_domain('admin_user_domain') }
|
||||
@@ -137,7 +131,6 @@ describe 'keystone::roles::admin' do
|
||||
end
|
||||
it { is_expected.to contain_keystone_user('admin').with(
|
||||
:domain => 'admin_user_domain',
|
||||
:tenant => 'admin_tenant::admin_project_domain'
|
||||
)}
|
||||
it { is_expected.to contain_keystone_tenant('admin_tenant::admin_project_domain').with(:domain => 'admin_project_domain') }
|
||||
it { is_expected.to contain_keystone_domain('admin_user_domain') }
|
||||
|
||||
@@ -40,7 +40,6 @@ describe 'keystone::resource::service_identity' do
|
||||
:ensure => 'present',
|
||||
:password => 'secrete',
|
||||
:email => 'neutron@localhost',
|
||||
:tenant => 'services',
|
||||
)}
|
||||
|
||||
it { is_expected.to contain_keystone_user_role("#{title}@services").with(
|
||||
@@ -89,7 +88,6 @@ describe 'keystone::resource::service_identity' do
|
||||
:ensure => 'present',
|
||||
:password => 'secrete',
|
||||
:email => 'neutron@localhost',
|
||||
:tenant => 'services',
|
||||
:domain => 'userdomain',
|
||||
)}
|
||||
it { is_expected.to contain_keystone_user_role("#{title}@services").with(
|
||||
@@ -108,7 +106,6 @@ describe 'keystone::resource::service_identity' do
|
||||
:ensure => 'present',
|
||||
:password => 'secrete',
|
||||
:email => 'neutron@localhost',
|
||||
:tenant => 'services',
|
||||
:domain => 'userdomain',
|
||||
)}
|
||||
it { is_expected.to contain_keystone_domain('userdomain').with(
|
||||
@@ -129,7 +126,6 @@ describe 'keystone::resource::service_identity' do
|
||||
:ensure => 'present',
|
||||
:password => 'secrete',
|
||||
:email => 'neutron@localhost',
|
||||
:tenant => 'services',
|
||||
:domain => 'defaultdomain',
|
||||
)}
|
||||
it { is_expected.to contain_keystone_domain('defaultdomain').with(
|
||||
|
||||
@@ -31,7 +31,6 @@ describe provider_class do
|
||||
:ensure => :present,
|
||||
:enabled => 'True',
|
||||
:password => 'secret',
|
||||
:tenant => 'project2::domain2',
|
||||
:email => 'user1@example.com',
|
||||
:domain => 'domain1',
|
||||
}
|
||||
@@ -50,11 +49,6 @@ describe provider_class do
|
||||
describe 'when managing a user' do
|
||||
describe '#create' do
|
||||
it 'creates a user' do
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'show', '--format', 'shell', '_member_')
|
||||
.returns('name="_member_"')
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'add', ['_member_', '--project', 'project2_id', '--user', 'user1_id'])
|
||||
provider.class.expects(:openstack)
|
||||
.with('user', 'create', '--format', 'shell', ['user1', '--enable', '--password', 'secret', '--email', 'user1@example.com', '--domain', 'domain1'])
|
||||
.returns('email="user1@example.com"
|
||||
@@ -62,11 +56,6 @@ enabled="True"
|
||||
id="user1_id"
|
||||
name="user1"
|
||||
username="user1"
|
||||
')
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'show', '--format', 'shell', ['project2', '--domain', 'domain2'])
|
||||
.returns('name="project2"
|
||||
id="project2_id"
|
||||
')
|
||||
provider.create
|
||||
expect(provider.exists?).to be_truthy
|
||||
@@ -139,114 +128,6 @@ name="domain3"
|
||||
expect(instances[2].name).to eq('user3::domain3')
|
||||
end
|
||||
end
|
||||
|
||||
describe '#tenant' do
|
||||
it 'gets the tenant with default backend' do
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', 'user1_id', '--long'])
|
||||
.returns('"ID","Name","Domain ID","Description","Enabled"
|
||||
"project2_id","project2","domain2_id","",True
|
||||
')
|
||||
provider.instance_variable_get('@property_hash')[:id] = 'user1_id'
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'show', '--format', 'shell', ['project2', '--domain', 'domain2'])
|
||||
.returns('name="project2"
|
||||
id="project2_id"
|
||||
')
|
||||
tenant = provider.tenant
|
||||
expect(tenant).to eq('project2::domain2')
|
||||
end
|
||||
|
||||
it 'gets the tenant with LDAP backend' do
|
||||
provider.instance_variable_get('@property_hash')[:id] = 'user1_id'
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'list', '--quiet', '--format', 'csv', ['--user', 'user1_id', '--long'])
|
||||
.returns('"ID","Name","Domain ID","Description","Enabled"
|
||||
"project1_id","project1","domain1_id","",True
|
||||
"project2_id","project2","domain2_id","",True
|
||||
"project3_id","project3","domain3_id","",True
|
||||
')
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'show', '--format', 'shell', ['project2', '--domain', 'domain2'])
|
||||
.returns('name="project2"
|
||||
id="project2_id"
|
||||
')
|
||||
tenant = provider.tenant
|
||||
expect(tenant).to eq('project2::domain2')
|
||||
end
|
||||
end
|
||||
|
||||
describe '#tenant=' do
|
||||
context 'when using default backend' do
|
||||
it 'sets the tenant' do
|
||||
provider.instance_variable_get('@property_hash')[:id] = 'user1_id'
|
||||
provider.instance_variable_get('@property_hash')[:domain] = 'domain1'
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'show', '--format', 'shell', '_member_')
|
||||
.returns('name="_member_"')
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'add', ['_member_', '--project', 'project2_id', '--user', 'user1_id'])
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'show', '--format', 'shell', ['project2', '--domain', 'domain2'])
|
||||
.returns('name="project2"
|
||||
id="project2_id"
|
||||
')
|
||||
provider.tenant=('project2::domain2')
|
||||
end
|
||||
end
|
||||
context 'when using LDAP read-write backend' do
|
||||
it 'sets the tenant when _member_ role exists' do
|
||||
provider.instance_variable_get('@property_hash')[:id] = 'user1_id'
|
||||
provider.instance_variable_get('@property_hash')[:domain] = 'domain1'
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'show', '--format', 'shell', '_member_')
|
||||
.returns('name="_member_"')
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'add', ['_member_', '--project', 'project2_id', '--user', 'user1_id'])
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'show', '--format', 'shell', ['project2', '--domain', 'domain2'])
|
||||
.returns('name="project2"
|
||||
id="project2_id"
|
||||
')
|
||||
provider.tenant=('project2::domain2')
|
||||
end
|
||||
it 'sets the tenant when _member_ role does not exist' do
|
||||
provider.instance_variable_get('@property_hash')[:id] = 'user1_id'
|
||||
provider.instance_variable_get('@property_hash')[:domain] = 'domain1'
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'show', '--format', 'shell', '_member_')
|
||||
.raises(Puppet::ExecutionFailure, 'no such role _member_')
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'create', '--format', 'shell', '_member_')
|
||||
.returns('name="_member_"')
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'add', ['_member_', '--project', 'project2_id', '--user', 'user1_id'])
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'show', '--format', 'shell', ['project2', '--domain', 'domain2'])
|
||||
.returns('name="project2"
|
||||
id="project2_id"
|
||||
')
|
||||
provider.tenant=('project2::domain2')
|
||||
end
|
||||
end
|
||||
context 'when using LDAP read-only backend' do
|
||||
it 'sets the tenant when _member_ role exists' do
|
||||
provider.instance_variable_get('@property_hash')[:id] = 'user1_id'
|
||||
provider.instance_variable_get('@property_hash')[:domain] = 'domain1'
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'show', '--format', 'shell', '_member_')
|
||||
.returns('name="_member_"')
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'add', ['_member_', '--project', 'project2_id', '--user', 'user1_id'])
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'show', '--format', 'shell', ['project2', '--domain', 'domain2'])
|
||||
.returns('name="project2"
|
||||
id="project2_id"
|
||||
')
|
||||
provider.tenant=('project2::domain2')
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe "#password" do
|
||||
@@ -256,7 +137,6 @@ id="project2_id"
|
||||
:ensure => 'present',
|
||||
:enabled => 'True',
|
||||
:password => 'foo',
|
||||
:tenant => 'foo',
|
||||
:email => 'foo@example.com',
|
||||
:domain => 'domain1',
|
||||
}
|
||||
@@ -366,7 +246,6 @@ ac43ec53d5a74a0b9f51523ae41a29f0
|
||||
:enabled => 'True',
|
||||
:password => 'secret',
|
||||
:replace_password => 'False',
|
||||
:tenant => 'project2',
|
||||
:email => 'user1@example.com',
|
||||
:domain => 'domain1',
|
||||
}
|
||||
@@ -393,7 +272,6 @@ ac43ec53d5a74a0b9f51523ae41a29f0
|
||||
:ensure => 'present',
|
||||
:enabled => 'True',
|
||||
:password => 'secret',
|
||||
:tenant => 'project1::domain2',
|
||||
:email => 'user1@example.com',
|
||||
}
|
||||
end
|
||||
@@ -448,18 +326,12 @@ id="project1_id"
|
||||
:ensure => 'present',
|
||||
:enabled => 'True',
|
||||
:password => 'secret',
|
||||
:tenant => 'project1::domain2',
|
||||
:email => 'user1@example.com',
|
||||
:domain => 'domain1',
|
||||
}
|
||||
end
|
||||
|
||||
it 'uses given domain in commands' do
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'show', '--format', 'shell', '_member_')
|
||||
.returns('name="_member_"')
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'add', ['_member_', '--project', 'project1_id', '--user', 'user1_id'])
|
||||
provider.class.expects(:openstack)
|
||||
.with('user', 'create', '--format', 'shell', ['user1', '--enable', '--password', 'secret', '--email', 'user1@example.com', '--domain', 'domain1'])
|
||||
.returns('email="user1@example.com"
|
||||
@@ -467,11 +339,6 @@ enabled="True"
|
||||
id="user1_id"
|
||||
name="user1"
|
||||
username="user1"
|
||||
')
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'show', '--format', 'shell', ['project1', '--domain', 'domain2'])
|
||||
.returns('name="projec1"
|
||||
id="project1_id"
|
||||
')
|
||||
provider.create
|
||||
expect(provider.exists?).to be_truthy
|
||||
@@ -486,17 +353,11 @@ id="project1_id"
|
||||
:ensure => 'present',
|
||||
:enabled => 'True',
|
||||
:password => 'secret',
|
||||
:tenant => 'project1::domain2',
|
||||
:email => 'user1@example.com',
|
||||
}
|
||||
end
|
||||
|
||||
it 'uses given domain in commands' do
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'show', '--format', 'shell', '_member_')
|
||||
.returns('name="_member_"')
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'add', ['_member_', '--project', 'project1_id', '--user', 'user1_id'])
|
||||
provider.class.expects(:openstack)
|
||||
.with('user', 'create', '--format', 'shell', ['user1', '--enable', '--password', 'secret', '--email', 'user1@example.com', '--domain', 'domain1'])
|
||||
.returns('email="user1@example.com"
|
||||
@@ -504,11 +365,6 @@ enabled="True"
|
||||
id="user1_id"
|
||||
name="user1"
|
||||
username="user1"
|
||||
')
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'show', '--format', 'shell', ['project1', '--domain', 'domain2'])
|
||||
.returns('name="project1"
|
||||
id="project1_id"
|
||||
')
|
||||
provider.create
|
||||
expect(provider.exists?).to be_truthy
|
||||
@@ -524,18 +380,12 @@ id="project1_id"
|
||||
:ensure => 'present',
|
||||
:enabled => 'True',
|
||||
:password => 'secret',
|
||||
:tenant => 'project1::domain2',
|
||||
:email => 'user1@example.com',
|
||||
:domain => 'domain1',
|
||||
}
|
||||
end
|
||||
|
||||
it 'uses the resource domain in commands' do
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'show', '--format', 'shell', '_member_')
|
||||
.returns('name="_member_"')
|
||||
provider.class.expects(:openstack)
|
||||
.with('role', 'add', ['_member_', '--project', 'project1_id', '--user', 'user1_id'])
|
||||
provider.class.expects(:openstack)
|
||||
.with('user', 'create', '--format', 'shell', ['user1', '--enable', '--password', 'secret', '--email', 'user1@example.com', '--domain', 'domain1'])
|
||||
.returns('email="user1@example.com"
|
||||
@@ -543,11 +393,6 @@ enabled="True"
|
||||
id="user1_id"
|
||||
name="user1"
|
||||
username="user1"
|
||||
')
|
||||
provider.class.expects(:openstack)
|
||||
.with('project', 'show', '--format', 'shell', ['project1', '--domain', 'domain2'])
|
||||
.returns('name="project1"
|
||||
id="project1_id"
|
||||
')
|
||||
provider.create
|
||||
expect(provider.exists?).to be_truthy
|
||||
|
||||
Reference in New Issue
Block a user