Merge "Add role ids to the AccessInfo"
This commit is contained in:
Jenkins
@@ -163,6 +163,15 @@ class AccessInfo(dict):
|
|||||||
"""
|
"""
|
||||||
raise NotImplementedError()
|
raise NotImplementedError()
|
||||||
|
|
||||||
|
@property
|
||||||
|
def role_ids(self):
|
||||||
|
"""Returns a list of role ids of the user associated with the
|
||||||
|
authentication request.
|
||||||
|
|
||||||
|
:returns: a list of strings of role ids
|
||||||
|
"""
|
||||||
|
raise NotImplementedError()
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def role_names(self):
|
def role_names(self):
|
||||||
"""Returns a list of role names of the user associated with the
|
"""Returns a list of role names of the user associated with the
|
||||||
@@ -370,6 +379,10 @@ class AccessInfoV2(AccessInfo):
|
|||||||
def user_domain_name(self):
|
def user_domain_name(self):
|
||||||
return 'Default'
|
return 'Default'
|
||||||
|
|
||||||
|
@property
|
||||||
|
def role_ids(self):
|
||||||
|
return self.get('metadata', {}).get('roles', [])
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def role_names(self):
|
def role_names(self):
|
||||||
return [r['name'] for r in self['user'].get('roles', [])]
|
return [r['name'] for r in self['user'].get('roles', [])]
|
||||||
@@ -528,6 +541,10 @@ class AccessInfoV3(AccessInfo):
|
|||||||
def user_domain_name(self):
|
def user_domain_name(self):
|
||||||
return self['user']['domain']['name']
|
return self['user']['domain']['name']
|
||||||
|
|
||||||
|
@property
|
||||||
|
def role_ids(self):
|
||||||
|
return [r['id'] for r in self.get('roles', [])]
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def role_names(self):
|
def role_names(self):
|
||||||
return [r['name'] for r in self.get('roles', [])]
|
return [r['name'] for r in self.get('roles', [])]
|
||||||
|
|||||||
@@ -129,6 +129,10 @@ class Token(dict):
|
|||||||
def tenant_name(self, value):
|
def tenant_name(self, value):
|
||||||
self._token.setdefault('tenant', {})['name'] = value
|
self._token.setdefault('tenant', {})['name'] = value
|
||||||
|
|
||||||
|
@property
|
||||||
|
def _metadata(self):
|
||||||
|
return self.root.setdefault('metadata', {})
|
||||||
|
|
||||||
def validate(self):
|
def validate(self):
|
||||||
scoped = 'tenant' in self.token
|
scoped = 'tenant' in self.token
|
||||||
catalog = self.root.get('serviceCatalog')
|
catalog = self.root.get('serviceCatalog')
|
||||||
@@ -142,11 +146,12 @@ class Token(dict):
|
|||||||
raise exception.FixtureValidationError(msg)
|
raise exception.FixtureValidationError(msg)
|
||||||
|
|
||||||
def add_role(self, name=None, id=None):
|
def add_role(self, name=None, id=None):
|
||||||
|
id = id or uuid.uuid4().hex
|
||||||
|
name = name or uuid.uuid4().hex
|
||||||
roles = self._user.setdefault('roles', [])
|
roles = self._user.setdefault('roles', [])
|
||||||
data = {'id': id or uuid.uuid4().hex,
|
roles.append({'name': name})
|
||||||
'name': name or uuid.uuid4().hex}
|
self._metadata.setdefault('roles', []).append(id)
|
||||||
roles.append(data)
|
return {'id': id, 'name': name}
|
||||||
return data
|
|
||||||
|
|
||||||
def add_service(self, type, name=None):
|
def add_service(self, type, name=None):
|
||||||
name = name or uuid.uuid4().hex
|
name = name or uuid.uuid4().hex
|
||||||
|
|||||||
@@ -32,8 +32,7 @@ def project_scoped_token():
|
|||||||
user_id='c4da488862bd435c9e6c0275a0d0e49a',
|
user_id='c4da488862bd435c9e6c0275a0d0e49a',
|
||||||
user_name='exampleuser')
|
user_name='exampleuser')
|
||||||
|
|
||||||
f.add_role(id='edc12489faa74ee0aca0b8a0b4d74a74',
|
f.add_role(id='member_id', name='Member')
|
||||||
name='Member')
|
|
||||||
|
|
||||||
s = f.add_service('volume', 'Volume Service')
|
s = f.add_service('volume', 'Volume Service')
|
||||||
s.add_endpoint(public='http://public.com:8776/v1/%s' % _TENANT_ID,
|
s.add_endpoint(public='http://public.com:8776/v1/%s' % _TENANT_ID,
|
||||||
|
|||||||
@@ -15,6 +15,7 @@ import datetime
|
|||||||
import testresources
|
import testresources
|
||||||
|
|
||||||
from keystoneclient import access
|
from keystoneclient import access
|
||||||
|
from keystoneclient import fixture
|
||||||
from keystoneclient.openstack.common import timeutils
|
from keystoneclient.openstack.common import timeutils
|
||||||
from keystoneclient.tests import client_fixtures as token_data
|
from keystoneclient.tests import client_fixtures as token_data
|
||||||
from keystoneclient.tests.v2_0 import client_fixtures
|
from keystoneclient.tests.v2_0 import client_fixtures
|
||||||
@@ -37,6 +38,7 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase):
|
|||||||
self.assertEqual(auth_ref.username, 'exampleuser')
|
self.assertEqual(auth_ref.username, 'exampleuser')
|
||||||
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
|
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
|
||||||
|
|
||||||
|
self.assertEqual(auth_ref.role_ids, [])
|
||||||
self.assertEqual(auth_ref.role_names, [])
|
self.assertEqual(auth_ref.role_names, [])
|
||||||
|
|
||||||
self.assertIsNone(auth_ref.tenant_name)
|
self.assertIsNone(auth_ref.tenant_name)
|
||||||
@@ -67,8 +69,8 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase):
|
|||||||
self.assertFalse(auth_ref.will_expire_soon())
|
self.assertFalse(auth_ref.will_expire_soon())
|
||||||
|
|
||||||
def test_building_scoped_accessinfo(self):
|
def test_building_scoped_accessinfo(self):
|
||||||
auth_ref = access.AccessInfo.factory(
|
token = client_fixtures.project_scoped_token()
|
||||||
body=client_fixtures.project_scoped_token())
|
auth_ref = access.AccessInfo.factory(body=token)
|
||||||
|
|
||||||
self.assertTrue(auth_ref)
|
self.assertTrue(auth_ref)
|
||||||
self.assertIn('token', auth_ref)
|
self.assertIn('token', auth_ref)
|
||||||
@@ -80,6 +82,7 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase):
|
|||||||
self.assertEqual(auth_ref.username, 'exampleuser')
|
self.assertEqual(auth_ref.username, 'exampleuser')
|
||||||
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
|
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
|
||||||
|
|
||||||
|
self.assertEqual(auth_ref.role_ids, ['member_id'])
|
||||||
self.assertEqual(auth_ref.role_names, ['Member'])
|
self.assertEqual(auth_ref.role_names, ['Member'])
|
||||||
|
|
||||||
self.assertEqual(auth_ref.tenant_name, 'exampleproject')
|
self.assertEqual(auth_ref.tenant_name, 'exampleproject')
|
||||||
@@ -130,6 +133,21 @@ class AccessInfoTest(utils.TestCase, testresources.ResourcedTestCase):
|
|||||||
self.assertEqual(auth_ref.user_domain_name, 'Default')
|
self.assertEqual(auth_ref.user_domain_name, 'Default')
|
||||||
self.assertEqual(auth_ref.role_names, ['role1', 'role2'])
|
self.assertEqual(auth_ref.role_names, ['role1', 'role2'])
|
||||||
|
|
||||||
|
def test_v2_roles(self):
|
||||||
|
role_id = 'a'
|
||||||
|
role_name = 'b'
|
||||||
|
|
||||||
|
token = fixture.V2Token()
|
||||||
|
token.set_scope()
|
||||||
|
token.add_role(id=role_id, name=role_name)
|
||||||
|
|
||||||
|
auth_ref = access.AccessInfo.factory(body=token)
|
||||||
|
|
||||||
|
self.assertEqual([role_id], auth_ref.role_ids)
|
||||||
|
self.assertEqual([role_id], auth_ref['metadata']['roles'])
|
||||||
|
self.assertEqual([role_name], auth_ref.role_names)
|
||||||
|
self.assertEqual([{'name': role_name}], auth_ref['user']['roles'])
|
||||||
|
|
||||||
|
|
||||||
def load_tests(loader, tests, pattern):
|
def load_tests(loader, tests, pattern):
|
||||||
return testresources.OptimisingTestSuite(tests)
|
return testresources.OptimisingTestSuite(tests)
|
||||||
|
|||||||
@@ -40,6 +40,7 @@ class AccessInfoTest(utils.TestCase):
|
|||||||
self.assertEqual(auth_ref.username, 'exampleuser')
|
self.assertEqual(auth_ref.username, 'exampleuser')
|
||||||
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
|
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
|
||||||
|
|
||||||
|
self.assertEqual(auth_ref.role_ids, [])
|
||||||
self.assertEqual(auth_ref.role_names, [])
|
self.assertEqual(auth_ref.role_names, [])
|
||||||
|
|
||||||
self.assertIsNone(auth_ref.project_name)
|
self.assertIsNone(auth_ref.project_name)
|
||||||
@@ -84,6 +85,7 @@ class AccessInfoTest(utils.TestCase):
|
|||||||
self.assertEqual(auth_ref.username, 'exampleuser')
|
self.assertEqual(auth_ref.username, 'exampleuser')
|
||||||
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
|
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
|
||||||
|
|
||||||
|
self.assertEqual(auth_ref.role_ids, ['76e72a', 'f4f392'])
|
||||||
self.assertEqual(auth_ref.role_names, ['admin', 'member'])
|
self.assertEqual(auth_ref.role_names, ['admin', 'member'])
|
||||||
|
|
||||||
self.assertEqual(auth_ref.domain_name, 'anotherdomain')
|
self.assertEqual(auth_ref.domain_name, 'anotherdomain')
|
||||||
@@ -117,6 +119,7 @@ class AccessInfoTest(utils.TestCase):
|
|||||||
self.assertEqual(auth_ref.username, 'exampleuser')
|
self.assertEqual(auth_ref.username, 'exampleuser')
|
||||||
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
|
self.assertEqual(auth_ref.user_id, 'c4da488862bd435c9e6c0275a0d0e49a')
|
||||||
|
|
||||||
|
self.assertEqual(auth_ref.role_ids, ['76e72a', 'f4f392'])
|
||||||
self.assertEqual(auth_ref.role_names, ['admin', 'member'])
|
self.assertEqual(auth_ref.role_names, ['admin', 'member'])
|
||||||
|
|
||||||
self.assertIsNone(auth_ref.domain_name)
|
self.assertIsNone(auth_ref.domain_name)
|
||||||
|
|||||||
Reference in New Issue
Block a user