Surface the user_id and project_id beyond the plugin

Having the user_id and project_id exposed in the plugin is a good first step however we don't really expect the user to be interacting with the plugins directly often - particularly as you need to pass session to the methods. Exposing get_user_id and get_project_id on the session and the adapter in this way is very similar to the way we expose get_token and get_endpoint on the session and adapter for use higher up. Related-Bug: #1364724 Change-Id: If2f868c3ddc19133f18446e74f8e1b560a4798fa
2014-10-30 15:12:05 +01:00
parent eaab62aca5
commit 496a0efc43
3 changed files with 104 additions and 20 deletions
--- a/keystoneclient/adapter.py
+++ b/keystoneclient/adapter.py
@@ -126,6 +126,40 @@ class Adapter(object):
        """Invalidate an authentication plugin."""
        return self.session.invalidate(auth or self.auth)

+    def get_user_id(self, auth=None):
+        """Return the authenticated user_id as provided by the auth plugin.
+
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns: Current `user_id` or None if not supported by plugin.
+        :rtype: string
+        """
+        return self.session.get_user_id(auth or self.auth)
+
+    def get_project_id(self, auth=None):
+        """Return the authenticated project_id as provided by the auth plugin.
+
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns: Current `project_id` or None if not supported by plugin.
+        :rtype: string
+        """
+        return self.session.get_project_id(auth or self.auth)
+
    def get(self, url, **kwargs):
        return self.request(url, 'GET', **kwargs)

--- a/keystoneclient/session.py
+++ b/keystoneclient/session.py
@@ -549,6 +549,16 @@ class Session(object):

        return cls(verify=verify, cert=cert, **kwargs)

+    def _auth_required(self, auth, msg):
+        if not auth:
+            auth = self.auth
+
+        if not auth:
+            msg_fmt = _('An auth plugin is required to %s')
+            raise exceptions.MissingAuthPlugin(msg_fmt % msg)
+
+        return auth
+
    def get_token(self, auth=None):
        """Return a token as provided by the auth plugin.

@@ -564,11 +574,7 @@ class Session(object):
        :returns: A valid token.
        :rtype: string
        """
-        if not auth:
-            auth = self.auth
-
-        if not auth:
-            raise exceptions.MissingAuthPlugin(_("Token Required"))
+        auth = self._auth_required(auth, 'fetch a token')

        try:
            return auth.get_token(self)
@@ -589,14 +595,7 @@ class Session(object):
        :returns: An endpoint if available or None.
        :rtype: string
        """
-        if not auth:
-            auth = self.auth
-
-        if not auth:
-            raise exceptions.MissingAuthPlugin(
-                _('An auth plugin is required to determine the endpoint '
-                  'URL.'))
-
+        auth = self._auth_required(auth, 'determine endpoint URL')
        return auth.get_endpoint(self, **kwargs)

    def invalidate(self, auth=None):
@@ -607,15 +606,43 @@ class Session(object):
        :type auth: :py:class:`keystoneclient.auth.base.BaseAuthPlugin`

        """
-        if not auth:
-            auth = self.auth
-
-        if not auth:
-            msg = _('Auth plugin not available to invalidate')
-            raise exceptions.MissingAuthPlugin(msg)
-
+        auth = self._auth_required(auth, 'validate')
        return auth.invalidate()

+    def get_user_id(self, auth=None):
+        """Return the authenticated user_id as provided by the auth plugin.
+
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns string: Current user_id or None if not supported by plugin.
+        """
+        auth = self._auth_required(auth, 'get user_id')
+        return auth.get_user_id(self)
+
+    def get_project_id(self, auth=None):
+        """Return the authenticated project_id as provided by the auth plugin.
+
+        :param auth: The auth plugin to use for token. Overrides the plugin
+                     on the session. (optional)
+        :type auth: keystoneclient.auth.base.BaseAuthPlugin
+
+        :raises keystoneclient.exceptions.AuthorizationFailure:
+            if a new token fetch fails.
+        :raises keystoneclient.exceptions.MissingAuthPlugin:
+            if a plugin is not available.
+
+        :returns string: Current project_id or None if not supported by plugin.
+        """
+        auth = self._auth_required(auth, 'get project_id')
+        return auth.get_project_id(self)
+
    @utils.positional.classmethod()
    def get_conf_options(cls, deprecated_opts=None):
        """Get the oslo.config options that are needed for a
--- a/keystoneclient/tests/test_session.py
+++ b/keystoneclient/tests/test_session.py
@@ -321,6 +321,8 @@ class AuthPlugin(base.BaseAuthPlugin):
    """

    TEST_TOKEN = 'aToken'
+    TEST_USER_ID = 'aUser'
+    TEST_PROJECT_ID = 'aProject'

    SERVICE_URLS = {
        'identity': {'public': 'http://identity-public:1111/v2.0',
@@ -348,6 +350,12 @@ class AuthPlugin(base.BaseAuthPlugin):
    def invalidate(self):
        return self._invalidate

+    def get_user_id(self, session):
+        return self.TEST_USER_ID
+
+    def get_project_id(self, session):
+        return self.TEST_PROJECT_ID
+

 class CalledAuthPlugin(base.BaseAuthPlugin):

@@ -582,6 +590,13 @@ class SessionAuthTests(utils.TestCase):
        self.assertTrue(auth.get_token_called)
        self.assertFalse(auth.get_endpoint_called)

+    def test_user_and_project_id(self):
+        auth = AuthPlugin()
+        sess = client_session.Session(auth=auth)
+
+        self.assertEqual(auth.TEST_USER_ID, sess.get_user_id())
+        self.assertEqual(auth.TEST_PROJECT_ID, sess.get_project_id())
+

 class AdapterTest(utils.TestCase):

@@ -737,6 +752,14 @@ class AdapterTest(utils.TestCase):
        self.assertThat(self.requests.request_history,
                        matchers.HasLength(retries + 1))

+    def test_user_and_project_id(self):
+        auth = AuthPlugin()
+        sess = client_session.Session()
+        adpt = adapter.Adapter(sess, auth=auth)
+
+        self.assertEqual(auth.TEST_USER_ID, adpt.get_user_id())
+        self.assertEqual(auth.TEST_PROJECT_ID, adpt.get_project_id())
+

 class ConfLoadingTests(utils.TestCase):