From 9ccc2029f92e48b923972a3e2800d771e0388921 Mon Sep 17 00:00:00 2001 From: Ilya Kharin Date: Mon, 13 Jan 2014 16:50:34 +0400 Subject: [PATCH] Return role names by AccessInfo.role_names A new method was introduced on AccessInfo class. The method role_names returns a list of role names of a user associated to the authorization request. bp keystoneclient-auth-ref-get-roles DocImpact Change-Id: I0862aaaa27193119dc83ef38100c88b48a1d24a4 --- keystoneclient/access.py | 17 ++++++++ keystoneclient/tests/v2_0/test_access.py | 6 +++ keystoneclient/tests/v3/client_fixtures.py | 50 +++++++++++++++++++++- keystoneclient/tests/v3/test_access.py | 6 +++ 4 files changed, 78 insertions(+), 1 deletion(-) diff --git a/keystoneclient/access.py b/keystoneclient/access.py index e2ba5c0e3..50b7a2adf 100644 --- a/keystoneclient/access.py +++ b/keystoneclient/access.py @@ -163,6 +163,15 @@ class AccessInfo(dict): """ raise NotImplementedError() + @property + def role_names(self): + """Returns a list of role names of the user associated with the + authentication request. + + :returns: a list of strings of role names + """ + raise NotImplementedError() + @property def domain_name(self): """Returns the domain name associated with the authentication token. @@ -361,6 +370,10 @@ class AccessInfoV2(AccessInfo): def user_domain_name(self): return 'Default' + @property + def role_names(self): + return [r['name'] for r in self['user']['roles']] + @property def domain_name(self): return None @@ -515,6 +528,10 @@ class AccessInfoV3(AccessInfo): def user_domain_name(self): return self['user']['domain']['name'] + @property + def role_names(self): + return [r['name'] for r in self['user'].get('roles', [])] + @property def username(self): return self['user']['name'] diff --git a/keystoneclient/tests/v2_0/test_access.py b/keystoneclient/tests/v2_0/test_access.py index 6aacf2d8a..5d1cb309b 100644 --- a/keystoneclient/tests/v2_0/test_access.py +++ b/keystoneclient/tests/v2_0/test_access.py @@ -43,6 +43,8 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase): self.assertEqual(auth_ref.username, 'exampleuser') self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a') + self.assertEqual(auth_ref.role_names, []) + self.assertEqual(auth_ref.tenant_name, None) self.assertEqual(auth_ref.tenant_id, None) @@ -83,6 +85,8 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase): self.assertEqual(auth_ref.username, 'exampleuser') self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a') + self.assertEqual(auth_ref.role_names, ['Member']) + self.assertEqual(auth_ref.tenant_name, 'exampleproject') self.assertEqual(auth_ref.tenant_id, '225da22d3ce34b15877ea70b2a575f58') @@ -115,6 +119,7 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase): self.assertEqual(auth_ref.project_domain_name, 'Default') self.assertEqual(auth_ref.user_domain_id, 'default') self.assertEqual(auth_ref.user_domain_name, 'Default') + self.assertEqual(auth_ref.role_names, ['role1', 'role2']) self.assertFalse(auth_ref.scoped) def test_grizzly_token(self): @@ -128,6 +133,7 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase): self.assertEqual(auth_ref.project_domain_name, 'Default') self.assertEqual(auth_ref.user_domain_id, 'default') self.assertEqual(auth_ref.user_domain_name, 'Default') + self.assertEqual(auth_ref.role_names, ['role1', 'role2']) def load_tests(loader, tests, pattern): diff --git a/keystoneclient/tests/v3/client_fixtures.py b/keystoneclient/tests/v3/client_fixtures.py index 8970dee9f..4ac3ee577 100644 --- a/keystoneclient/tests/v3/client_fixtures.py +++ b/keystoneclient/tests/v3/client_fixtures.py @@ -128,6 +128,22 @@ DOMAIN_SCOPED_TOKEN = { }, 'id': 'c4da488862bd435c9e6c0275a0d0e49a', 'name': 'exampleuser', + 'roles': [ + { + "id": "76e72a", + "links": { + "self": "http://identity:35357/v3/roles/76e72a" + }, + "name": "admin" + }, + { + "id": "f4f392", + "links": { + "self": "http://identity:35357/v3/roles/f4f392" + }, + "name": "member" + } + ], }, 'domain': { 'id': '8e9283b7ba0b1038840c3842058b86ab', @@ -231,6 +247,22 @@ PROJECT_SCOPED_TOKEN = { }, 'id': 'c4da488862bd435c9e6c0275a0d0e49a', 'name': 'exampleuser', + 'roles': [ + { + "id": "76e72a", + "links": { + "self": "http://identity:35357/v3/roles/76e72a" + }, + "name": "admin" + }, + { + "id": "f4f392", + "links": { + "self": "http://identity:35357/v3/roles/f4f392" + }, + "name": "member" + } + ], }, 'project': { 'domain': { @@ -269,7 +301,23 @@ AUTH_RESPONSE_BODY = { 'name': 'aDomain' }, 'id': '567', - 'name': 'test' + 'name': 'test', + 'roles': [ + { + "id": "76e72a", + "links": { + "self": "http://identity:35357/v3/roles/76e72a" + }, + "name": "admin" + }, + { + "id": "f4f392", + "links": { + "self": "http://identity:35357/v3/roles/f4f392" + }, + "name": "member" + } + ], }, 'issued_at': '2010-10-31T03:32:15-05:00', 'catalog': [{ diff --git a/keystoneclient/tests/v3/test_access.py b/keystoneclient/tests/v3/test_access.py index 1ade338ac..7f5bcd8a2 100644 --- a/keystoneclient/tests/v3/test_access.py +++ b/keystoneclient/tests/v3/test_access.py @@ -42,6 +42,8 @@ class AccessInfoTest(utils.TestCase): self.assertEqual(auth_ref.username, 'exampleuser') self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a') + self.assertEqual(auth_ref.role_names, []) + self.assertIsNone(auth_ref.project_name) self.assertIsNone(auth_ref.project_id) @@ -84,6 +86,8 @@ class AccessInfoTest(utils.TestCase): self.assertEqual(auth_ref.username, 'exampleuser') self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a') + self.assertEqual(auth_ref.role_names, ['admin', 'member']) + self.assertEqual(auth_ref.domain_name, 'anotherdomain') self.assertEqual(auth_ref.domain_id, '8e9283b7ba0b1038840c3842058b86ab') @@ -115,6 +119,8 @@ class AccessInfoTest(utils.TestCase): self.assertEqual(auth_ref.username, 'exampleuser') self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a') + self.assertEqual(auth_ref.role_names, ['admin', 'member']) + self.assertIsNone(auth_ref.domain_name) self.assertIsNone(auth_ref.domain_id)