diff --git a/senlin/policies/base.py b/senlin/policies/base.py index b2568b9c8..67b4fd4be 100644 --- a/senlin/policies/base.py +++ b/senlin/policies/base.py @@ -10,8 +10,10 @@ # License for the specific language governing permissions and limitations # under the License. +from oslo_context import context as oslo_context from oslo_utils import timeutils +from senlin.common import context as senlin_context from senlin.common import exception from senlin.common.i18n import _ from senlin.common import schema @@ -270,3 +272,24 @@ class Policy(object): type_name = kwargs.pop('type') name = kwargs.pop('name') return cls(type_name, name, **kwargs) + + def _build_connection_params(self, cluster): + """Build a trust-based context for connection parameters. + + :param cluster: the cluste for which the trust will be checked. + """ + service_creds = senlin_context.get_service_context() + params = { + 'username': service_creds.get('username'), + 'password': service_creds.get('password'), + 'auth_url': service_creds.get('auth_url'), + 'user_domain_name': service_creds.get('user_domain_name') + } + + cred = db_api.cred_get(oslo_context.get_current(), + cluster.user, cluster.project) + if cred is None: + raise exception.TrustNotFound(trustor=cluster.user) + params['trusts'] = [cred.cred['openstack']['trust']] + + return params diff --git a/senlin/policies/lb_policy.py b/senlin/policies/lb_policy.py index 93e345479..88578bfc6 100644 --- a/senlin/policies/lb_policy.py +++ b/senlin/policies/lb_policy.py @@ -15,13 +15,10 @@ from oslo_log import log as logging from senlin.common import constraints from senlin.common import consts -from senlin.common import exception from senlin.common.i18n import _ from senlin.common.i18n import _LW from senlin.common import schema -from senlin.db import api as db_api from senlin.drivers import base as driver_base -from senlin.drivers.openstack import keystone_v3 from senlin.engine import cluster_policy from senlin.engine import node as node_mod from senlin.policies import base @@ -333,17 +330,3 @@ class LoadBalancingPolicy(base.Policy): node.store(action.context) return - - def _build_connection_params(self, cluster): - """Build a trust-based context for connection parameters. - - :param cluster: the cluste for which the trust will be checked. - """ - params = keystone_v3.get_service_credentials() - cred = db_api.cred_get(oslo_context.get_current(), - cluster.user, cluster.project) - if cred is None: - raise exception.TrustNotFound(trustor=cluster.user) - params['trusts'] = [cred.cred['openstack']['trust']] - - return params diff --git a/senlin/profiles/base.py b/senlin/profiles/base.py index be52d2673..3887b0fa8 100644 --- a/senlin/profiles/base.py +++ b/senlin/profiles/base.py @@ -197,9 +197,6 @@ class Profile(object): params = { 'auth_url': self.context.get('auth_url'), - 'domain_id': self.context.get('domain'), - 'project_name': self.context.get('project_name'), - 'project_domain_name': self.context.get('project_domain_name'), 'user_domain_name': self.context.get('user_domain_name'), 'username': self.context.get('username'), 'user_id': self.context.get('user'), diff --git a/senlin/tests/unit/policies/test_lb_policy.py b/senlin/tests/unit/policies/test_lb_policy.py index f074ff4bc..98c1f563e 100644 --- a/senlin/tests/unit/policies/test_lb_policy.py +++ b/senlin/tests/unit/policies/test_lb_policy.py @@ -12,14 +12,9 @@ import mock from oslo_context import context as oslo_context -import six from senlin.common import consts -from senlin.common import context -from senlin.common import exception -from senlin.db import api as db_api from senlin.drivers import base as driver_base -from senlin.drivers.openstack import keystone_v3 from senlin.engine import cluster_policy from senlin.engine import node as node_mod from senlin.policies import base as policy_base @@ -118,78 +113,6 @@ class TestLoadBalancingPolicy(base.SenlinTestCase): policy.validate() mock_validate.assert_called_with() - @mock.patch.object(db_api, 'cred_get') - @mock.patch.object(keystone_v3, 'get_service_credentials') - @mock.patch.object(oslo_context, 'get_current') - def test_lb_policy_build_connection_params(self, mock_get_current, - mock_get_service_credentials, - mock_cred_get): - service_cred = { - 'auth_url': 'AUTH_URL', - 'username': 'senlin', - 'user_domain_name': 'default', - 'password': '123' - } - current_ctx = { - 'auth_url': 'auth_url', - 'user_name': 'user1', - 'user_domain_name': 'default', - 'password': '456' - } - cred_info = { - 'openstack': { - 'trust': 'TRUST_ID', - } - } - - cluster = mock.Mock() - cluster.user = 'user1' - cluster.project = 'project1' - cred = mock.Mock() - cred.cred = cred_info - mock_get_service_credentials.return_value = service_cred - mock_get_current.return_value = current_ctx - mock_cred_get.return_value = cred - - kwargs = { - 'spec': self.spec - } - policy = lb_policy.LoadBalancingPolicy('LoadBalancingPolicy', - 'test-policy', **kwargs) - expected_result = { - 'auth_url': 'AUTH_URL', - 'username': 'senlin', - 'user_domain_name': 'default', - 'password': '123', - 'trusts': ['TRUST_ID'] - } - res = policy._build_connection_params(cluster) - self.assertEqual(expected_result, res) - mock_get_service_credentials.assert_called_once_with() - mock_cred_get.assert_called_once_with(current_ctx, 'user1', 'project1') - - @mock.patch.object(context, 'get_service_context') - @mock.patch.object(db_api, 'cred_get') - def test_lb_policy_build_connection_params_trust_not_found( - self, mock_cred_get, mock_get_service_context): - - self.patchobject(oslo_context, 'get_current') - mock_cred_get.return_value = None - cluster = mock.Mock() - cluster.user = 'user1' - cluster.project = 'project1' - - kwargs = { - 'spec': self.spec - } - policy = lb_policy.LoadBalancingPolicy('LoadBalancingPolicy', - 'test-policy', **kwargs) - ex = self.assertRaises(exception.TrustNotFound, - policy._build_connection_params, - cluster) - msg = "The trust for trustor (user1) could not be found." - self.assertEqual(msg, six.text_type(ex)) - @mock.patch.object(lb_policy.LoadBalancingPolicy, '_build_policy_data') @mock.patch.object(node_mod.Node, 'load_all') @mock.patch.object(policy_base.Policy, 'attach') diff --git a/senlin/tests/unit/policies/test_policy.py b/senlin/tests/unit/policies/test_policy.py index 170109144..0d4140ce3 100644 --- a/senlin/tests/unit/policies/test_policy.py +++ b/senlin/tests/unit/policies/test_policy.py @@ -11,12 +11,14 @@ # under the License. import mock +from oslo_context import context as oslo_context import six +from senlin.common import context as senlin_context from senlin.common import exception from senlin.common.i18n import _ from senlin.common import schema -from senlin.db.sqlalchemy import api as db_api +from senlin.db import api as db_api from senlin.engine import environment from senlin.policies import base as policy_base from senlin.policies import deletion_policy @@ -405,3 +407,83 @@ class TestPolicy(base.SenlinTestCase): res, data = policy.detach(cluster) self.assertTrue(res) self.assertIsNone(data) + + @mock.patch.object(db_api, 'cred_get') + @mock.patch.object(senlin_context, 'get_service_context') + @mock.patch.object(oslo_context, 'get_current') + def test_policy_build_connection_params(self, mock_get_current, + mock_get_service_context, + mock_cred_get): + service_cred = { + 'auth_url': 'AUTH_URL', + 'username': 'senlin', + 'user_domain_name': 'default', + 'password': '123' + } + current_ctx = { + 'auth_url': 'auth_url', + 'user_name': 'user1', + 'user_domain_name': 'default', + 'password': '456' + } + cred_info = { + 'openstack': { + 'trust': 'TRUST_ID', + } + } + + cluster = mock.Mock() + cluster.user = 'user1' + cluster.project = 'project1' + cred = mock.Mock() + cred.cred = cred_info + mock_get_service_context.return_value = service_cred + mock_get_current.return_value = current_ctx + mock_cred_get.return_value = cred + + kwargs = { + 'spec': {} + } + policy = deletion_policy.DeletionPolicy('DeletionPolicy', + 'test-policy', **kwargs) + expected_result = { + 'auth_url': 'AUTH_URL', + 'username': 'senlin', + 'user_domain_name': 'default', + 'password': '123', + 'trusts': ['TRUST_ID'] + } + res = policy._build_connection_params(cluster) + self.assertEqual(expected_result, res) + mock_get_service_context.assert_called_once_with() + mock_cred_get.assert_called_once_with(current_ctx, 'user1', 'project1') + + @mock.patch.object(db_api, 'cred_get') + @mock.patch.object(senlin_context, 'get_service_context') + def test_policy_build_connection_params_trust_not_found( + self, mock_get_service_context, mock_cred_get): + + service_cred = { + 'auth_url': 'AUTH_URL', + 'username': 'senlin', + 'user_domain_name': 'default', + 'password': '123' + } + + self.patchobject(oslo_context, 'get_current') + mock_get_service_context.return_value = service_cred + mock_cred_get.return_value = None + cluster = mock.Mock() + cluster.user = 'user1' + cluster.project = 'project1' + + kwargs = { + 'spec': {} + } + policy = deletion_policy.DeletionPolicy('DeletionPolicy', + 'test-policy', **kwargs) + ex = self.assertRaises(exception.TrustNotFound, + policy._build_connection_params, + cluster) + msg = "The trust for trustor (user1) could not be found." + self.assertEqual(msg, six.text_type(ex))