Add domain parameter to Identity Provider

Identity providers are now associated with domains. This change
allows a user to specify a domain by ID or by name when creating
an identity provider. [0]

This also adds the column for Domain ID in listing.
Updating a domain for an identity provider is not supported, so
that isn't changed.

[0]. Id18b8b2fe853b97631bc990df8188ed64a6e1275

Closes-Bug: 1698390

Change-Id: Icc408e2fe88f257d5863bd3df716a777d52befcc

doc/source/cli/command-objects/identity-provider.rst

@@ -17,6 +17,7 @@ Create new identity provider
     openstack identity provider create
         [--remote-id <remote-id> [...] | --remote-id-file <file-name>]
         [--description <description>]
+        [--domain <domain>]
         [--enable | --disable]
         <name>
 
@@ -34,6 +35,11 @@ Create new identity provider
 
     New identity provider description
 
+.. option:: --domain
+
+    Name or ID of the domain to associate with the identity provider. If not
+    specified, one will be created automatically
+
 .. option:: --enable
 
     Enable the identity provider (default)

openstackclient/identity/v3/identity_provider.py

@@ -21,6 +21,7 @@ from osc_lib import utils
 import six
 
 from openstackclient.i18n import _
+from openstackclient.identity import common
 
 
 LOG = logging.getLogger(__name__)
@@ -55,6 +56,13 @@ class CreateIdentityProvider(command.ShowOne):
             metavar='<description>',
             help=_('New identity provider description'),
         )
+        parser.add_argument(
+            '--domain',
+            metavar='<domain>',
+            help=_('Domain to associate with the identity provider. If not '
+                   'specified, a domain will be created automatically. '
+                   '(Name or ID)'),
+        )
         enable_identity_provider = parser.add_mutually_exclusive_group()
         enable_identity_provider.add_argument(
             '--enable',
@@ -81,10 +89,17 @@ class CreateIdentityProvider(command.ShowOne):
         else:
             remote_ids = (parsed_args.remote_id
                           if parsed_args.remote_id else None)
+
+        domain_id = None
+        if parsed_args.domain:
+            domain_id = common.find_domain(identity_client,
+                                           parsed_args.domain).id
+
         idp = identity_client.federation.identity_providers.create(
             id=parsed_args.identity_provider_id,
             remote_ids=remote_ids,
             description=parsed_args.description,
+            domain_id=domain_id,
             enabled=parsed_args.enabled)
 
         idp._info.pop('links', None)
@@ -129,7 +144,7 @@ class ListIdentityProvider(command.Lister):
     _description = _("List identity providers")
 
     def take_action(self, parsed_args):
-        columns = ('ID', 'Enabled', 'Description')
+        columns = ('ID', 'Enabled', 'Domain ID', 'Description')
         identity_client = self.app.client_manager.identity
         data = identity_client.federation.identity_providers.list()
         return (columns,

openstackclient/tests/unit/identity/v3/fakes.py

@@ -284,7 +284,8 @@ IDENTITY_PROVIDER = {
     'id': idp_id,
     'remote_ids': idp_remote_ids,
     'enabled': True,
-    'description': idp_description
+    'description': idp_description,
+    'domain_id': domain_id,
 }
 
 protocol_id = 'protocol'

openstackclient/tests/unit/identity/v3/test_identity_provider.py

@@ -25,21 +25,33 @@ class TestIdentityProvider(identity_fakes.TestFederatedIdentity):
     def setUp(self):
         super(TestIdentityProvider, self).setUp()
 
+        # Identity Provider mocks
         federation_lib = self.app.client_manager.identity.federation
         self.identity_providers_mock = federation_lib.identity_providers
         self.identity_providers_mock.reset_mock()
 
+        # Domain mocks
+        self.domains_mock = self.app.client_manager.identity.domains
+        self.domains_mock.reset_mock()
+        self.domain = identity_fakes.FakeDomain.create_one_domain(
+            identity_fakes.DOMAIN
+        )
+        self.domains_mock.list.return_value = [self.domain]
+        self.domains_mock.get.return_value = self.domain
+
 
 class TestIdentityProviderCreate(TestIdentityProvider):
 
     columns = (
         'description',
+        'domain_id',
         'enabled',
         'id',
         'remote_ids',
     )
     datalist = (
         identity_fakes.idp_description,
+        identity_fakes.domain_id,
         True,
         identity_fakes.idp_id,
         identity_fakes.formatted_idp_remote_ids,
@@ -68,6 +80,7 @@ class TestIdentityProviderCreate(TestIdentityProvider):
             'remote_ids': None,
             'enabled': True,
             'description': None,
+            'domain_id': None,
         }
 
         self.identity_providers_mock.create.assert_called_with(
@@ -94,6 +107,7 @@ class TestIdentityProviderCreate(TestIdentityProvider):
         kwargs = {
             'remote_ids': None,
             'description': identity_fakes.idp_description,
+            'domain_id': None,
             'enabled': True,
         }
 
@@ -121,6 +135,7 @@ class TestIdentityProviderCreate(TestIdentityProvider):
         kwargs = {
             'remote_ids': identity_fakes.idp_remote_ids[:1],
             'description': None,
+            'domain_id': None,
             'enabled': True,
         }
 
@@ -149,6 +164,7 @@ class TestIdentityProviderCreate(TestIdentityProvider):
         kwargs = {
             'remote_ids': identity_fakes.idp_remote_ids,
             'description': None,
+            'domain_id': None,
             'enabled': True,
         }
 
@@ -181,6 +197,7 @@ class TestIdentityProviderCreate(TestIdentityProvider):
         kwargs = {
             'remote_ids': identity_fakes.idp_remote_ids,
             'description': None,
+            'domain_id': None,
             'enabled': True,
         }
 
@@ -217,6 +234,7 @@ class TestIdentityProviderCreate(TestIdentityProvider):
             'remote_ids': None,
             'enabled': False,
             'description': None,
+            'domain_id': None,
         }
 
         self.identity_providers_mock.create.assert_called_with(
@@ -227,12 +245,69 @@ class TestIdentityProviderCreate(TestIdentityProvider):
         self.assertEqual(self.columns, columns)
         datalist = (
             None,
+            identity_fakes.domain_id,
             False,
             identity_fakes.idp_id,
             identity_fakes.formatted_idp_remote_ids
         )
         self.assertEqual(datalist, data)
 
+    def test_create_identity_provider_domain_name(self):
+        arglist = [
+            '--domain', identity_fakes.domain_name,
+            identity_fakes.idp_id,
+        ]
+        verifylist = [
+            ('identity_provider_id', identity_fakes.idp_id),
+            ('domain', identity_fakes.domain_name),
+        ]
+        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+        columns, data = self.cmd.take_action(parsed_args)
+
+        # Set expected values
+        kwargs = {
+            'remote_ids': None,
+            'description': None,
+            'domain_id': identity_fakes.domain_id,
+            'enabled': True,
+        }
+
+        self.identity_providers_mock.create.assert_called_with(
+            id=identity_fakes.idp_id,
+            **kwargs
+        )
+
+        self.assertEqual(self.columns, columns)
+        self.assertEqual(self.datalist, data)
+
+    def test_create_identity_provider_domain_id(self):
+        arglist = [
+            '--domain', identity_fakes.domain_id,
+            identity_fakes.idp_id,
+        ]
+        verifylist = [
+            ('identity_provider_id', identity_fakes.idp_id),
+            ('domain', identity_fakes.domain_id),
+        ]
+        parsed_args = self.check_parser(self.cmd, arglist, verifylist)
+        columns, data = self.cmd.take_action(parsed_args)
+
+        # Set expected values
+        kwargs = {
+            'remote_ids': None,
+            'description': None,
+            'domain_id': identity_fakes.domain_id,
+            'enabled': True,
+        }
+
+        self.identity_providers_mock.create.assert_called_with(
+            id=identity_fakes.idp_id,
+            **kwargs
+        )
+
+        self.assertEqual(self.columns, columns)
+        self.assertEqual(self.datalist, data)
+
 
 class TestIdentityProviderDelete(TestIdentityProvider):
 
@@ -299,11 +374,12 @@ class TestIdentityProviderList(TestIdentityProvider):
 
         self.identity_providers_mock.list.assert_called_with()
 
-        collist = ('ID', 'Enabled', 'Description')
+        collist = ('ID', 'Enabled', 'Domain ID', 'Description')
         self.assertEqual(collist, columns)
         datalist = ((
             identity_fakes.idp_id,
             True,
+            identity_fakes.domain_id,
             identity_fakes.idp_description,
         ), )
         self.assertEqual(datalist, tuple(data))
@@ -582,10 +658,11 @@ class TestIdentityProviderShow(TestIdentityProvider):
             id='test_idp'
         )
 
-        collist = ('description', 'enabled', 'id', 'remote_ids')
+        collist = ('description', 'domain_id', 'enabled', 'id', 'remote_ids')
         self.assertEqual(collist, columns)
         datalist = (
             identity_fakes.idp_description,
+            identity_fakes.domain_id,
             True,
             identity_fakes.idp_id,
             identity_fakes.formatted_idp_remote_ids

releasenotes/notes/bug-1698390-0df8f0ec4fe354de.yaml

@@ -0,0 +1,7 @@
+---
+features:
+  - |
+    Added the ``--domain`` option to the ``identity provider create`` command to
+    associate an existing domain with an identity provider on its creation.
+
+    [Bug `1698390 <https://bugs.launchpad.net/python-openstackclient/+bug/1698390>`_]