openstack/python-keystoneclient
Code Issues Proposed changes

Add role ids to the AccessInfo

Browse Source 
Role Names are already there, add ids as well.

Change-Id: Ie6f14a60b182ec2f4ab97c6ced564e63a2f5169a
This commit is contained in:
Jamie Lennox
2014-06-18 11:48:56 +10:00
parent 8247200e37
commit 0aa9df3b76
5 changed files with 50 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
keystoneclient/access.py
View File

@@ -163,6 +163,15 @@ class AccessInfo(dict):
"""
raise NotImplementedError()
@property
def role_ids(self):
"""Returns a list of role ids of the user associated with the
authentication request.
:returns: a list of strings of role ids
"""
raise NotImplementedError()
@property
def role_names(self):
"""Returns a list of role names of the user associated with the
@@ -370,6 +379,10 @@ class AccessInfoV2(AccessInfo):
def user_domain_name(self):
return 'Default'
@property
def role_ids(self):
return self.get('metadata', {}).get('roles', [])
@property
def role_names(self):
return [r['name'] for r in self['user'].get('roles', [])]
@@ -528,6 +541,10 @@ class AccessInfoV3(AccessInfo):
def user_domain_name(self):
return self['user']['domain']['name']
@property
def role_ids(self):
return [r['id'] for r in self.get('roles', [])]
@property
def role_names(self):
return [r['name'] for r in self.get('roles', [])]

13
keystoneclient/fixture/v2.py
View File

@@ -129,6 +129,10 @@ class Token(dict):
def tenant_name(self, value):
self._token.setdefault('tenant', {})['name'] = value
@property
def _metadata(self):
return self.root.setdefault('metadata', {})
def validate(self):
scoped = 'tenant' in self.token
catalog = self.root.get('serviceCatalog')
@@ -142,11 +146,12 @@ class Token(dict):
raise exception.FixtureValidationError(msg)
def add_role(self, name=None, id=None):
id = id or uuid.uuid4().hex
name = name or uuid.uuid4().hex
roles = self._user.setdefault('roles', [])
data = {'id': id or uuid.uuid4().hex,
'name': name or uuid.uuid4().hex}
roles.append(data)
return data
roles.append({'name': name})
self._metadata.setdefault('roles', []).append(id)
return {'id': id, 'name': name}
def add_service(self, type, name=None):
name = name or uuid.uuid4().hex

3
keystoneclient/tests/v2_0/client_fixtures.py
View File

@@ -32,8 +32,7 @@ def project_scoped_token():
user_id='c4da488862bd435c9e6c0275a0d0e49a',
user_name='exampleuser')
f.add_role(id='edc12489faa74ee0aca0b8a0b4d74a74',
name='Member')
f.add_role(id='member_id', name='Member')
s = f.add_service('volume', 'Volume Service')
s.add_endpoint(public='http://public.com:8776/v1/%s' % _TENANT_ID,

22
keystoneclient/tests/v2_0/test_access.py
View File

@@ -15,6 +15,7 @@ import datetime
import testresources
from keystoneclient import access
from keystoneclient import fixture
from keystoneclient.openstack.common import timeutils
from keystoneclient.tests import client_fixtures as token_data
from keystoneclient.tests.v2_0 import client_fixtures
@@ -37,6 +38,7 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase):
self.assertEqual(auth_ref.username, 'exampleuser')
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
self.assertEqual(auth_ref.role_ids, [])
self.assertEqual(auth_ref.role_names, [])
self.assertIsNone(auth_ref.tenant_name)
@@ -67,8 +69,8 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase):
self.assertFalse(auth_ref.will_expire_soon())
def test_building_scoped_accessinfo(self):
auth_ref = access.AccessInfo.factory(
body=client_fixtures.project_scoped_token())
token = client_fixtures.project_scoped_token()
auth_ref = access.AccessInfo.factory(body=token)
self.assertTrue(auth_ref)
self.assertIn('token', auth_ref)
@@ -80,6 +82,7 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase):
self.assertEqual(auth_ref.username, 'exampleuser')
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
self.assertEqual(auth_ref.role_ids, ['member_id'])
self.assertEqual(auth_ref.role_names, ['Member'])
self.assertEqual(auth_ref.tenant_name, 'exampleproject')
@@ -130,6 +133,21 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase):
self.assertEqual(auth_ref.user_domain_name, 'Default')
self.assertEqual(auth_ref.role_names, ['role1', 'role2'])
def test_v2_roles(self):
role_id = 'a'
role_name = 'b'
token = fixture.V2Token()
token.set_scope()
token.add_role(id=role_id, name=role_name)
auth_ref = access.AccessInfo.factory(body=token)
self.assertEqual([role_id], auth_ref.role_ids)
self.assertEqual([role_id], auth_ref['metadata']['roles'])
self.assertEqual([role_name], auth_ref.role_names)
self.assertEqual([{'name': role_name}], auth_ref['user']['roles'])
def load_tests(loader, tests, pattern):
return testresources.OptimisingTestSuite(tests)

3
keystoneclient/tests/v3/test_access.py
View File

@@ -40,6 +40,7 @@ class AccessInfoTest(utils.TestCase):
self.assertEqual(auth_ref.username, 'exampleuser')
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
self.assertEqual(auth_ref.role_ids, [])
self.assertEqual(auth_ref.role_names, [])
self.assertIsNone(auth_ref.project_name)
@@ -84,6 +85,7 @@ class AccessInfoTest(utils.TestCase):
self.assertEqual(auth_ref.username, 'exampleuser')
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
self.assertEqual(auth_ref.role_ids, ['76e72a', 'f4f392'])
self.assertEqual(auth_ref.role_names, ['admin', 'member'])
self.assertEqual(auth_ref.domain_name, 'anotherdomain')
@@ -117,6 +119,7 @@ class AccessInfoTest(utils.TestCase):
self.assertEqual(auth_ref.username, 'exampleuser')
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
self.assertEqual(auth_ref.role_ids, ['76e72a', 'f4f392'])
self.assertEqual(auth_ref.role_names, ['admin', 'member'])
self.assertIsNone(auth_ref.domain_name)