openstack/python-keystoneclient
Code Issues Proposed changes

Add EC2 CRUD credential support to v3 API

Browse Source 
The keystone V3 API ships with EC2 in the pipeline by default. The CRUD
manager is available for the V2 API and we should also make it available
for v3.

Change-Id: I635a12b1647d5187ded7d0aea9c0277dfbb15eff
Closes-Bug: #1236326
This commit is contained in:
Jamie Lennox
2015-06-01 13:13:38 +10:00
parent ab12c353fc
commit f6ab133f25
3 changed files with 170 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
keystoneclient/tests/unit/v3/test_ec2.py Normal file
View File

@@ -0,0 +1,107 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from keystoneclient.tests.unit.v3 import utils
from keystoneclient.v3 import ec2
class EC2Tests(utils.TestCase):
def test_create(self):
user_id = 'usr'
tenant_id = 'tnt'
req_body = {
"tenant_id": tenant_id,
}
resp_body = {
"credential": {
"access": "access",
"secret": "secret",
"tenant_id": tenant_id,
"created": "12/12/12",
"enabled": True,
}
}
self.stub_url('POST', ['users', user_id, 'credentials',
'OS-EC2'], json=resp_body)
cred = self.client.ec2.create(user_id, tenant_id)
self.assertIsInstance(cred, ec2.EC2)
self.assertEqual(cred.tenant_id, tenant_id)
self.assertEqual(cred.enabled, True)
self.assertEqual(cred.access, 'access')
self.assertEqual(cred.secret, 'secret')
self.assertRequestBodyIs(json=req_body)
def test_get(self):
user_id = 'usr'
tenant_id = 'tnt'
resp_body = {
"credential": {
"access": "access",
"secret": "secret",
"tenant_id": tenant_id,
"created": "12/12/12",
"enabled": True,
}
}
self.stub_url('GET', ['users', user_id, 'credentials',
'OS-EC2', 'access'], json=resp_body)
cred = self.client.ec2.get(user_id, 'access')
self.assertIsInstance(cred, ec2.EC2)
self.assertEqual(cred.tenant_id, tenant_id)
self.assertEqual(cred.enabled, True)
self.assertEqual(cred.access, 'access')
self.assertEqual(cred.secret, 'secret')
def test_list(self):
user_id = 'usr'
tenant_id = 'tnt'
resp_body = {
"credentials": {
"values": [
{
"access": "access",
"secret": "secret",
"tenant_id": tenant_id,
"created": "12/12/12",
"enabled": True,
},
{
"access": "another",
"secret": "key",
"tenant_id": tenant_id,
"created": "12/12/31",
"enabled": True,
}
]
}
}
self.stub_url('GET', ['users', user_id, 'credentials',
'OS-EC2'], json=resp_body)
creds = self.client.ec2.list(user_id)
self.assertEqual(len(creds), 2)
cred = creds[0]
self.assertIsInstance(cred, ec2.EC2)
self.assertEqual(cred.tenant_id, tenant_id)
self.assertEqual(cred.enabled, True)
self.assertEqual(cred.access, 'access')
self.assertEqual(cred.secret, 'secret')
def test_delete(self):
user_id = 'usr'
access = 'access'
self.stub_url('DELETE', ['users', user_id, 'credentials',
'OS-EC2', access], status_code=204)
self.client.ec2.delete(user_id, access)

6
keystoneclient/v3/client.py
View File

@@ -29,6 +29,7 @@ from keystoneclient.v3.contrib import simple_cert
from keystoneclient.v3.contrib import trusts
from keystoneclient.v3 import credentials
from keystoneclient.v3 import domains
from keystoneclient.v3 import ec2
from keystoneclient.v3 import endpoints
from keystoneclient.v3 import groups
from keystoneclient.v3 import policies
@@ -100,6 +101,10 @@ class Client(httpclient.HTTPClient):
:py:class:`keystoneclient.v3.credentials.CredentialManager`
.. py:attribute:: ec2
:py:class:`keystoneclient.v3.ec2.EC2Manager`
.. py:attribute:: endpoint_filter
:py:class:`keystoneclient.v3.contrib.endpoint_filter.\
@@ -175,6 +180,7 @@ EndpointPolicyManager`
super(Client, self).__init__(**kwargs)
self.credentials = credentials.CredentialManager(self._adapter)
self.ec2 = ec2.EC2Manager(self._adapter)
self.endpoint_filter = endpoint_filter.EndpointFilterManager(
self._adapter)
self.endpoint_policy = endpoint_policy.EndpointPolicyManager(

57
keystoneclient/v3/ec2.py Normal file
View File

@@ -0,0 +1,57 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from keystoneclient import base
class EC2(base.Resource):
def __repr__(self):
return "<EC2 %s>" % self._info
class EC2Manager(base.ManagerWithFind):
resource_class = EC2
def create(self, user_id, project_id):
"""Create a new access/secret pair for the user/project pair.
:rtype: object of type :class:`EC2`
"""
# NOTE(jamielennox): Yes, this uses tenant_id as a key even though we
# are in the v3 API.
return self._create('/users/%s/credentials/OS-EC2' % user_id,
body={'tenant_id': project_id},
response_key="credential")
def list(self, user_id):
"""Get a list of access/secret pairs for a user_id.
:rtype: list of :class:`EC2`
"""
return self._list("/users/%s/credentials/OS-EC2" % user_id,
response_key="credentials")
def get(self, user_id, access):
"""Get the access/secret pair for a given access key.
:rtype: object of type :class:`EC2`
"""
url = "/users/%s/credentials/OS-EC2/%s" % (user_id, base.getid(access))
return self._get(url, response_key="credential")
def delete(self, user_id, access):
"""Delete an access/secret pair for a user."""
return self._delete("/users/%s/credentials/OS-EC2/%s" %
(user_id, base.getid(access)))