python-openstackclient/openstackclient/tests/functional/identity/v3/test_access_rule.py

# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

import ast
import json

from tempest.lib.common.utils import data_utils

from openstackclient.tests.functional.identity.v3 import common


class AccessRuleTests(common.IdentityTests):
    ACCESS_RULE_FIELDS = [
        'ID',
        'Service',
        'Method',
        'Path',
    ]
    ACCESS_RULE_LIST_HEADERS = [
        'ID',
        'Service',
        'Method',
        'Path',
    ]

    def setUp(self):
        super().setUp()

        application_credential_name = data_utils.rand_name('name')
        access_rules = json.dumps(
            [
                {
                    'method': 'GET',
                    'path': '/v2.1/servers',
                    'service': 'compute',
                },
                {
                    'method': 'GET',
                    'path': '/v2.0/networks',
                    'service': 'networking',
                },
            ]
        )
        raw_output = self.openstack(
            f"application credential create {application_credential_name} "
            f"--access-rules '{access_rules}'"
        )
        # we immediately delete the application credential since it will leave
        # the access rules around
        self.openstack(
            f'application credential delete {application_credential_name}'
        )

        items = self.parse_show_as_object(raw_output)
        self.access_rule_ids = [
            x['id'] for x in ast.literal_eval(items['access_rules'])
        ]
        self.addCleanup(
            self.openstack,
            'access rule delete '
            + ' '.join([x for x in self.access_rule_ids]),
        )

    def test_access_rule(self):
        # list

        raw_output = self.openstack('access rule list')
        items = self.parse_listing(raw_output)
        self.assert_table_structure(items, self.ACCESS_RULE_LIST_HEADERS)

        # show

        raw_output = self.openstack(
            f'access rule show {self.access_rule_ids[0]}'
        )
        items = self.parse_show(raw_output)
        self.assert_show_fields(items, self.ACCESS_RULE_FIELDS)