302 lines
9.8 KiB
Python
302 lines
9.8 KiB
Python
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
import uuid
|
|
|
|
from keystoneclient.tests.unit.v2_0 import utils
|
|
from keystoneclient.v2_0 import roles
|
|
from keystoneclient.v2_0 import users
|
|
|
|
|
|
class UserTests(utils.ClientTestCase):
|
|
def setUp(self):
|
|
super(UserTests, self).setUp()
|
|
self.ADMIN_USER_ID = uuid.uuid4().hex
|
|
self.DEMO_USER_ID = uuid.uuid4().hex
|
|
self.TEST_USERS = {
|
|
"users": {
|
|
"values": [
|
|
{
|
|
"email": "None",
|
|
"enabled": True,
|
|
"id": self.ADMIN_USER_ID,
|
|
"name": "admin",
|
|
},
|
|
{
|
|
"email": "None",
|
|
"enabled": True,
|
|
"id": self.DEMO_USER_ID,
|
|
"name": "demo",
|
|
},
|
|
]
|
|
}
|
|
}
|
|
|
|
def test_create(self):
|
|
tenant_id = uuid.uuid4().hex
|
|
user_id = uuid.uuid4().hex
|
|
password = uuid.uuid4().hex
|
|
req_body = {
|
|
"user": {
|
|
"name": "gabriel",
|
|
"password": password,
|
|
"tenantId": tenant_id,
|
|
"email": "test@example.com",
|
|
"enabled": True,
|
|
}
|
|
}
|
|
|
|
resp_body = {
|
|
"user": {
|
|
"name": "gabriel",
|
|
"enabled": True,
|
|
"tenantId": tenant_id,
|
|
"id": user_id,
|
|
"password": password,
|
|
"email": "test@example.com",
|
|
}
|
|
}
|
|
|
|
self.stub_url('POST', ['users'], json=resp_body)
|
|
|
|
user = self.client.users.create(req_body['user']['name'],
|
|
req_body['user']['password'],
|
|
req_body['user']['email'],
|
|
tenant_id=req_body['user']['tenantId'],
|
|
enabled=req_body['user']['enabled'])
|
|
self.assertIsInstance(user, users.User)
|
|
self.assertEqual(user.id, user_id)
|
|
self.assertEqual(user.name, "gabriel")
|
|
self.assertEqual(user.email, "test@example.com")
|
|
self.assertRequestBodyIs(json=req_body)
|
|
self.assertNotIn(password, self.logger.output)
|
|
|
|
def test_create_user_without_email(self):
|
|
tenant_id = uuid.uuid4().hex
|
|
req_body = {
|
|
"user": {
|
|
"name": "gabriel",
|
|
"password": "test",
|
|
"tenantId": tenant_id,
|
|
"enabled": True,
|
|
"email": None,
|
|
}
|
|
}
|
|
|
|
user_id = uuid.uuid4().hex
|
|
resp_body = {
|
|
"user": {
|
|
"name": "gabriel",
|
|
"enabled": True,
|
|
"tenantId": tenant_id,
|
|
"id": user_id,
|
|
"password": "test",
|
|
}
|
|
}
|
|
|
|
self.stub_url('POST', ['users'], json=resp_body)
|
|
|
|
user = self.client.users.create(
|
|
req_body['user']['name'],
|
|
req_body['user']['password'],
|
|
tenant_id=req_body['user']['tenantId'],
|
|
enabled=req_body['user']['enabled'])
|
|
self.assertIsInstance(user, users.User)
|
|
self.assertEqual(user.id, user_id)
|
|
self.assertEqual(user.name, "gabriel")
|
|
self.assertRequestBodyIs(json=req_body)
|
|
|
|
def test_create_user_without_password(self):
|
|
user_name = 'test'
|
|
user_id = uuid.uuid4().hex
|
|
tenant_id = uuid.uuid4().hex
|
|
user_enabled = True
|
|
req_body = {
|
|
'user': {
|
|
'name': user_name,
|
|
'password': None,
|
|
'tenantId': tenant_id,
|
|
'enabled': user_enabled,
|
|
'email': None,
|
|
}
|
|
}
|
|
resp_body = {
|
|
'user': {
|
|
'name': user_name,
|
|
'enabled': user_enabled,
|
|
'tenantId': tenant_id,
|
|
'id': user_id,
|
|
}
|
|
}
|
|
|
|
self.stub_url('POST', ['users'], json=resp_body)
|
|
|
|
user = self.client.users.create(user_name, tenant_id=tenant_id,
|
|
enabled=user_enabled)
|
|
self.assertIsInstance(user, users.User)
|
|
self.assertEqual(user_id, user.id)
|
|
self.assertEqual(user_name, user.name)
|
|
self.assertRequestBodyIs(json=req_body)
|
|
|
|
def test_delete(self):
|
|
self.stub_url('DELETE', ['users', self.ADMIN_USER_ID], status_code=204)
|
|
self.client.users.delete(self.ADMIN_USER_ID)
|
|
|
|
def test_get(self):
|
|
self.stub_url('GET', ['users', self.ADMIN_USER_ID],
|
|
json={'user': self.TEST_USERS['users']['values'][0]})
|
|
|
|
u = self.client.users.get(self.ADMIN_USER_ID)
|
|
self.assertIsInstance(u, users.User)
|
|
self.assertEqual(u.id, self.ADMIN_USER_ID)
|
|
self.assertEqual(u.name, 'admin')
|
|
|
|
def test_list(self):
|
|
self.stub_url('GET', ['users'], json=self.TEST_USERS)
|
|
|
|
user_list = self.client.users.list()
|
|
[self.assertIsInstance(u, users.User) for u in user_list]
|
|
|
|
def test_list_limit(self):
|
|
self.stub_url('GET', ['users'], json=self.TEST_USERS)
|
|
|
|
user_list = self.client.users.list(limit=1)
|
|
self.assertQueryStringIs('limit=1')
|
|
[self.assertIsInstance(u, users.User) for u in user_list]
|
|
|
|
def test_list_marker(self):
|
|
self.stub_url('GET', ['users'], json=self.TEST_USERS)
|
|
|
|
user_list = self.client.users.list(marker='foo')
|
|
self.assertQueryStringIs('marker=foo')
|
|
[self.assertIsInstance(u, users.User) for u in user_list]
|
|
|
|
def test_list_limit_marker(self):
|
|
self.stub_url('GET', ['users'], json=self.TEST_USERS)
|
|
|
|
user_list = self.client.users.list(limit=1, marker='foo')
|
|
|
|
self.assertQueryStringIs('marker=foo&limit=1')
|
|
[self.assertIsInstance(u, users.User) for u in user_list]
|
|
|
|
def test_update(self):
|
|
req_1 = {
|
|
"user": {
|
|
"email": "gabriel@example.com",
|
|
"name": "gabriel",
|
|
}
|
|
}
|
|
password = uuid.uuid4().hex
|
|
req_2 = {
|
|
"user": {
|
|
"password": password,
|
|
}
|
|
}
|
|
tenant_id = uuid.uuid4().hex
|
|
req_3 = {
|
|
"user": {
|
|
"tenantId": tenant_id,
|
|
}
|
|
}
|
|
req_4 = {
|
|
"user": {
|
|
"enabled": False,
|
|
}
|
|
}
|
|
|
|
self.stub_url('PUT', ['users', self.DEMO_USER_ID], json=req_1)
|
|
self.stub_url('PUT',
|
|
['users', self.DEMO_USER_ID, 'OS-KSADM', 'password'],
|
|
json=req_2)
|
|
self.stub_url('PUT',
|
|
['users', self.DEMO_USER_ID, 'OS-KSADM', 'tenant'],
|
|
json=req_3)
|
|
self.stub_url('PUT',
|
|
['users', self.DEMO_USER_ID, 'OS-KSADM', 'enabled'],
|
|
json=req_4)
|
|
|
|
self.client.users.update(self.DEMO_USER_ID,
|
|
name='gabriel',
|
|
email='gabriel@example.com')
|
|
self.assertRequestBodyIs(json=req_1)
|
|
self.client.users.update_password(self.DEMO_USER_ID, password)
|
|
self.assertRequestBodyIs(json=req_2)
|
|
self.client.users.update_tenant(self.DEMO_USER_ID, tenant_id)
|
|
self.assertRequestBodyIs(json=req_3)
|
|
self.client.users.update_enabled(self.DEMO_USER_ID, False)
|
|
self.assertRequestBodyIs(json=req_4)
|
|
self.assertNotIn(password, self.logger.output)
|
|
|
|
def test_update_own_password(self):
|
|
old_password = uuid.uuid4().hex
|
|
new_password = uuid.uuid4().hex
|
|
req_body = {
|
|
'user': {
|
|
'password': new_password,
|
|
'original_password': old_password
|
|
}
|
|
}
|
|
resp_body = {
|
|
'access': {}
|
|
}
|
|
self.stub_url('PATCH',
|
|
['OS-KSCRUD', 'users', self.TEST_USER_ID],
|
|
json=resp_body)
|
|
|
|
self.client.users.update_own_password(old_password, new_password)
|
|
self.assertRequestBodyIs(json=req_body)
|
|
self.assertNotIn(old_password, self.logger.output)
|
|
self.assertNotIn(new_password, self.logger.output)
|
|
|
|
def test_user_role_listing(self):
|
|
user_id = uuid.uuid4().hex
|
|
role_id1 = uuid.uuid4().hex
|
|
role_id2 = uuid.uuid4().hex
|
|
tenant_id = uuid.uuid4().hex
|
|
|
|
user_resp = {
|
|
'user': {
|
|
'id': user_id,
|
|
'email': uuid.uuid4().hex,
|
|
'name': uuid.uuid4().hex,
|
|
}
|
|
}
|
|
|
|
roles_resp = {
|
|
'roles': {
|
|
'values': [
|
|
{
|
|
'name': uuid.uuid4().hex,
|
|
'id': role_id1,
|
|
},
|
|
{
|
|
'name': uuid.uuid4().hex,
|
|
'id': role_id2,
|
|
}
|
|
]
|
|
}
|
|
}
|
|
|
|
self.stub_url('GET', ['users', user_id], json=user_resp)
|
|
self.stub_url('GET',
|
|
['tenants', tenant_id, 'users', user_id, 'roles'],
|
|
json=roles_resp)
|
|
|
|
user = self.client.users.get(user_id)
|
|
role_objs = user.list_roles(tenant_id)
|
|
|
|
for r in role_objs:
|
|
self.assertIsInstance(r, roles.Role)
|
|
|
|
self.assertEqual(set([role_id1, role_id2]),
|
|
set([r.id for r in role_objs]))
|