identity: Migrate 'access rule' commands to SDK
Change-Id: Id5740cc61474650f22f9efe8d148c8c666c3b91e
This commit is contained in:
Antonia Gaete
committed by
Stephen Finucane
Stephen Finucane
parent
bbe04238a8
commit
415f68016c
@@ -42,15 +42,15 @@ class DeleteAccessRule(command.Command):
|
|||||||
return parser
|
return parser
|
||||||
|
|
||||||
def take_action(self, parsed_args):
|
def take_action(self, parsed_args):
|
||||||
identity_client = self.app.client_manager.identity
|
identity_client = self.app.client_manager.sdk_connection.identity
|
||||||
|
conn = self.app.client_manager.sdk_connection
|
||||||
|
user_id = conn.config.get_auth().get_user_id(conn.identity)
|
||||||
|
|
||||||
errors = 0
|
errors = 0
|
||||||
for ac in parsed_args.access_rule:
|
for ac in parsed_args.access_rule:
|
||||||
try:
|
try:
|
||||||
access_rule = common.get_resource_by_id(
|
access_rule = identity_client.get_access_rule(user_id, ac)
|
||||||
identity_client.access_rules, ac
|
identity_client.delete_access_rule(user_id, access_rule.id)
|
||||||
)
|
|
||||||
identity_client.access_rules.delete(access_rule.id)
|
|
||||||
except Exception as e:
|
except Exception as e:
|
||||||
errors += 1
|
errors += 1
|
||||||
LOG.error(
|
LOG.error(
|
||||||
@@ -83,16 +83,17 @@ class ListAccessRule(command.Lister):
|
|||||||
return parser
|
return parser
|
||||||
|
|
||||||
def take_action(self, parsed_args):
|
def take_action(self, parsed_args):
|
||||||
identity_client = self.app.client_manager.identity
|
identity_client = self.app.client_manager.sdk_connection.identity
|
||||||
if parsed_args.user:
|
if parsed_args.user:
|
||||||
user_id = common.find_user(
|
user_id = common.find_user(
|
||||||
identity_client, parsed_args.user, parsed_args.user_domain
|
identity_client, parsed_args.user, parsed_args.user_domain
|
||||||
).id
|
).id
|
||||||
else:
|
else:
|
||||||
user_id = None
|
conn = self.app.client_manager.sdk_connection
|
||||||
|
user_id = conn.config.get_auth().get_user_id(conn.identity)
|
||||||
|
|
||||||
columns = ('ID', 'Service', 'Method', 'Path')
|
columns = ('ID', 'Service', 'Method', 'Path')
|
||||||
data = identity_client.access_rules.list(user=user_id)
|
data = identity_client.access_rules(user=user_id)
|
||||||
return (
|
return (
|
||||||
columns,
|
columns,
|
||||||
(
|
(
|
||||||
@@ -119,11 +120,22 @@ class ShowAccessRule(command.ShowOne):
|
|||||||
return parser
|
return parser
|
||||||
|
|
||||||
def take_action(self, parsed_args):
|
def take_action(self, parsed_args):
|
||||||
identity_client = self.app.client_manager.identity
|
identity_client = self.app.client_manager.sdk_connection.identity
|
||||||
access_rule = common.get_resource_by_id(
|
conn = self.app.client_manager.sdk_connection
|
||||||
identity_client.access_rules, parsed_args.access_rule
|
user_id = conn.config.get_auth().get_user_id(conn.identity)
|
||||||
|
|
||||||
|
access_rule = identity_client.get_access_rule(
|
||||||
|
user_id, parsed_args.access_rule
|
||||||
)
|
)
|
||||||
|
|
||||||
access_rule._info.pop('links', None)
|
columns = ('ID', 'Method', 'Path', 'Service')
|
||||||
|
return (
|
||||||
return zip(*sorted(access_rule._info.items()))
|
columns,
|
||||||
|
(
|
||||||
|
utils.get_item_properties(
|
||||||
|
access_rule,
|
||||||
|
columns,
|
||||||
|
formatters={},
|
||||||
|
)
|
||||||
|
),
|
||||||
|
)
|
||||||
|
|||||||
@@ -20,10 +20,10 @@ from openstackclient.tests.functional.identity.v3 import common
|
|||||||
|
|
||||||
class AccessRuleTests(common.IdentityTests):
|
class AccessRuleTests(common.IdentityTests):
|
||||||
ACCESS_RULE_FIELDS = [
|
ACCESS_RULE_FIELDS = [
|
||||||
'id',
|
'ID',
|
||||||
'service',
|
'Service',
|
||||||
'method',
|
'Method',
|
||||||
'path',
|
'Path',
|
||||||
]
|
]
|
||||||
ACCESS_RULE_LIST_HEADERS = [
|
ACCESS_RULE_LIST_HEADERS = [
|
||||||
'ID',
|
'ID',
|
||||||
|
|||||||
@@ -13,72 +13,66 @@
|
|||||||
# under the License.
|
# under the License.
|
||||||
#
|
#
|
||||||
|
|
||||||
import copy
|
from unittest.mock import call
|
||||||
|
|
||||||
from keystoneclient import exceptions as identity_exc
|
from openstack import exceptions as sdk_exceptions
|
||||||
|
from openstack.identity.v3 import access_rule as _access_rule
|
||||||
|
from openstack.test import fakes as sdk_fakes
|
||||||
from osc_lib import exceptions
|
from osc_lib import exceptions
|
||||||
|
|
||||||
from openstackclient.identity.v3 import access_rule
|
from openstackclient.identity.v3 import access_rule
|
||||||
from openstackclient.tests.unit import fakes
|
|
||||||
from openstackclient.tests.unit.identity.v3 import fakes as identity_fakes
|
from openstackclient.tests.unit.identity.v3 import fakes as identity_fakes
|
||||||
|
|
||||||
|
|
||||||
class TestAccessRule(identity_fakes.TestIdentityv3):
|
class TestAccessRuleDelete(identity_fakes.TestIdentityv3):
|
||||||
|
access_rule = sdk_fakes.generate_fake_resource(_access_rule.AccessRule)
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super().setUp()
|
super().setUp()
|
||||||
|
|
||||||
identity_manager = self.identity_client
|
self.identity_sdk_client.get_access_rule.return_value = (
|
||||||
self.access_rules_mock = identity_manager.access_rules
|
self.access_rule
|
||||||
self.access_rules_mock.reset_mock()
|
|
||||||
self.roles_mock = identity_manager.roles
|
|
||||||
self.roles_mock.reset_mock()
|
|
||||||
|
|
||||||
|
|
||||||
class TestAccessRuleDelete(TestAccessRule):
|
|
||||||
def setUp(self):
|
|
||||||
super().setUp()
|
|
||||||
|
|
||||||
# This is the return value for utils.find_resource()
|
|
||||||
self.access_rules_mock.get.return_value = fakes.FakeResource(
|
|
||||||
None,
|
|
||||||
copy.deepcopy(identity_fakes.ACCESS_RULE),
|
|
||||||
loaded=True,
|
|
||||||
)
|
)
|
||||||
self.access_rules_mock.delete.return_value = None
|
self.identity_sdk_client.delete_access_rule.return_value = None
|
||||||
|
|
||||||
# Get the command object to test
|
# Get the command object to test
|
||||||
self.cmd = access_rule.DeleteAccessRule(self.app, None)
|
self.cmd = access_rule.DeleteAccessRule(self.app, None)
|
||||||
|
|
||||||
def test_access_rule_delete(self):
|
def test_access_rule_delete(self):
|
||||||
arglist = [
|
arglist = [self.access_rule.id]
|
||||||
identity_fakes.access_rule_id,
|
verifylist = [('access_rule', [self.access_rule.id])]
|
||||||
]
|
|
||||||
verifylist = [('access_rule', [identity_fakes.access_rule_id])]
|
|
||||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||||
|
|
||||||
|
conn = self.app.client_manager.sdk_connection
|
||||||
|
user_id = conn.config.get_auth().get_user_id(conn.identity)
|
||||||
|
|
||||||
result = self.cmd.take_action(parsed_args)
|
result = self.cmd.take_action(parsed_args)
|
||||||
|
|
||||||
self.access_rules_mock.delete.assert_called_with(
|
self.identity_sdk_client.delete_access_rule.assert_called_with(
|
||||||
identity_fakes.access_rule_id,
|
user_id,
|
||||||
|
self.access_rule.id,
|
||||||
)
|
)
|
||||||
self.assertIsNone(result)
|
self.assertIsNone(result)
|
||||||
|
|
||||||
def test_delete_multi_access_rules_with_exception(self):
|
def test_delete_multi_access_rules_with_exception(self):
|
||||||
# mock returns for common.get_resource_by_id
|
self.identity_sdk_client.get_access_rule.side_effect = [
|
||||||
mock_get = self.access_rules_mock.get
|
self.access_rule,
|
||||||
mock_get.side_effect = [
|
sdk_exceptions.NotFoundException,
|
||||||
mock_get.return_value,
|
|
||||||
identity_exc.NotFound,
|
|
||||||
]
|
]
|
||||||
|
|
||||||
arglist = [
|
arglist = [
|
||||||
identity_fakes.access_rule_id,
|
self.access_rule.id,
|
||||||
'nonexistent_access_rule',
|
'nonexistent_access_rule',
|
||||||
]
|
]
|
||||||
verifylist = [
|
verifylist = [
|
||||||
('access_rule', arglist),
|
('access_rule', arglist),
|
||||||
]
|
]
|
||||||
|
|
||||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||||
|
|
||||||
|
conn = self.app.client_manager.sdk_connection
|
||||||
|
user_id = conn.config.get_auth().get_user_id(conn.identity)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
self.cmd.take_action(parsed_args)
|
self.cmd.take_action(parsed_args)
|
||||||
self.fail('CommandError should be raised.')
|
self.fail('CommandError should be raised.')
|
||||||
@@ -87,26 +81,27 @@ class TestAccessRuleDelete(TestAccessRule):
|
|||||||
'1 of 2 access rules failed to' ' delete.', str(e)
|
'1 of 2 access rules failed to' ' delete.', str(e)
|
||||||
)
|
)
|
||||||
|
|
||||||
mock_get.assert_any_call(identity_fakes.access_rule_id)
|
calls = []
|
||||||
mock_get.assert_any_call('nonexistent_access_rule')
|
for a in arglist:
|
||||||
|
calls.append(call(user_id, a))
|
||||||
|
|
||||||
self.assertEqual(2, mock_get.call_count)
|
self.identity_sdk_client.get_access_rule.assert_has_calls(calls)
|
||||||
self.access_rules_mock.delete.assert_called_once_with(
|
|
||||||
identity_fakes.access_rule_id
|
self.assertEqual(
|
||||||
|
2, self.identity_sdk_client.get_access_rule.call_count
|
||||||
|
)
|
||||||
|
self.identity_sdk_client.delete_access_rule.assert_called_once_with(
|
||||||
|
user_id, self.access_rule.id
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class TestAccessRuleList(TestAccessRule):
|
class TestAccessRuleList(identity_fakes.TestIdentityv3):
|
||||||
|
access_rule = sdk_fakes.generate_fake_resource(_access_rule.AccessRule)
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super().setUp()
|
super().setUp()
|
||||||
|
|
||||||
self.access_rules_mock.list.return_value = [
|
self.identity_sdk_client.access_rules.return_value = [self.access_rule]
|
||||||
fakes.FakeResource(
|
|
||||||
None,
|
|
||||||
copy.deepcopy(identity_fakes.ACCESS_RULE),
|
|
||||||
loaded=True,
|
|
||||||
),
|
|
||||||
]
|
|
||||||
|
|
||||||
# Get the command object to test
|
# Get the command object to test
|
||||||
self.cmd = access_rule.ListAccessRule(self.app, None)
|
self.cmd = access_rule.ListAccessRule(self.app, None)
|
||||||
@@ -116,31 +111,34 @@ class TestAccessRuleList(TestAccessRule):
|
|||||||
verifylist = []
|
verifylist = []
|
||||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||||
|
|
||||||
|
conn = self.app.client_manager.sdk_connection
|
||||||
|
user_id = conn.config.get_auth().get_user_id(conn.identity)
|
||||||
|
|
||||||
columns, data = self.cmd.take_action(parsed_args)
|
columns, data = self.cmd.take_action(parsed_args)
|
||||||
|
|
||||||
self.access_rules_mock.list.assert_called_with(user=None)
|
self.identity_sdk_client.access_rules.assert_called_with(user=user_id)
|
||||||
|
|
||||||
collist = ('ID', 'Service', 'Method', 'Path')
|
collist = ('ID', 'Service', 'Method', 'Path')
|
||||||
self.assertEqual(collist, columns)
|
self.assertEqual(collist, columns)
|
||||||
datalist = (
|
datalist = (
|
||||||
(
|
(
|
||||||
identity_fakes.access_rule_id,
|
self.access_rule.id,
|
||||||
identity_fakes.access_rule_service,
|
self.access_rule.service,
|
||||||
identity_fakes.access_rule_method,
|
self.access_rule.method,
|
||||||
identity_fakes.access_rule_path,
|
self.access_rule.path,
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
self.assertEqual(datalist, tuple(data))
|
self.assertEqual(datalist, tuple(data))
|
||||||
|
|
||||||
|
|
||||||
class TestAccessRuleShow(TestAccessRule):
|
class TestAccessRuleShow(identity_fakes.TestIdentityv3):
|
||||||
|
access_rule = sdk_fakes.generate_fake_resource(_access_rule.AccessRule)
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
super().setUp()
|
super().setUp()
|
||||||
|
|
||||||
self.access_rules_mock.get.return_value = fakes.FakeResource(
|
self.identity_sdk_client.get_access_rule.return_value = (
|
||||||
None,
|
self.access_rule
|
||||||
copy.deepcopy(identity_fakes.ACCESS_RULE),
|
|
||||||
loaded=True,
|
|
||||||
)
|
)
|
||||||
|
|
||||||
# Get the command object to test
|
# Get the command object to test
|
||||||
@@ -148,25 +146,28 @@ class TestAccessRuleShow(TestAccessRule):
|
|||||||
|
|
||||||
def test_access_rule_show(self):
|
def test_access_rule_show(self):
|
||||||
arglist = [
|
arglist = [
|
||||||
identity_fakes.access_rule_id,
|
self.access_rule.id,
|
||||||
]
|
]
|
||||||
verifylist = [
|
verifylist = [
|
||||||
('access_rule', identity_fakes.access_rule_id),
|
('access_rule', self.access_rule.id),
|
||||||
]
|
]
|
||||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||||
|
|
||||||
|
conn = self.app.client_manager.sdk_connection
|
||||||
|
user_id = conn.config.get_auth().get_user_id(conn.identity)
|
||||||
|
|
||||||
columns, data = self.cmd.take_action(parsed_args)
|
columns, data = self.cmd.take_action(parsed_args)
|
||||||
|
|
||||||
self.access_rules_mock.get.assert_called_with(
|
self.identity_sdk_client.get_access_rule.assert_called_with(
|
||||||
identity_fakes.access_rule_id
|
user_id, self.access_rule.id
|
||||||
)
|
)
|
||||||
|
|
||||||
collist = ('id', 'method', 'path', 'service')
|
collist = ('ID', 'Method', 'Path', 'Service')
|
||||||
self.assertEqual(collist, columns)
|
self.assertEqual(collist, columns)
|
||||||
datalist = (
|
datalist = (
|
||||||
identity_fakes.access_rule_id,
|
self.access_rule.id,
|
||||||
identity_fakes.access_rule_method,
|
self.access_rule.method,
|
||||||
identity_fakes.access_rule_path,
|
self.access_rule.path,
|
||||||
identity_fakes.access_rule_service,
|
self.access_rule.service,
|
||||||
)
|
)
|
||||||
self.assertEqual(datalist, data)
|
self.assertEqual(datalist, data)
|
||||||
|
|||||||
@@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
upgrade:
|
||||||
|
- |
|
||||||
|
The following commands have been migrated to SDK:
|
||||||
|
|
||||||
|
- ``access rule list``
|
||||||
|
- ``access rule delete``
|
||||||
|
- ``access rule show``
|
||||||
Reference in New Issue
Block a user