Merge "Add keystone v3 EC2 credential tests and client"
This commit is contained in:
commit
24ffe96042
@ -0,0 +1,5 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
Added missing clients and tests for keystone's v3 EC2 API which already
|
||||
existed for keystone v2.
|
113
tempest/api/identity/v3/test_ec2_credentials.py
Normal file
113
tempest/api/identity/v3/test_ec2_credentials.py
Normal file
@ -0,0 +1,113 @@
|
||||
# Copyright 2020 SUSE LLC
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from tempest.api.identity import base
|
||||
from tempest.common import utils
|
||||
from tempest.lib import decorators
|
||||
from tempest.lib import exceptions as lib_exc
|
||||
|
||||
|
||||
class EC2CredentialsTest(base.BaseIdentityV3Test):
|
||||
|
||||
@classmethod
|
||||
def skip_checks(cls):
|
||||
super(EC2CredentialsTest, cls).skip_checks()
|
||||
if not utils.is_extension_enabled('OS-EC2', 'identity'):
|
||||
msg = "OS-EC2 identity extension not enabled."
|
||||
raise cls.skipException(msg)
|
||||
|
||||
@classmethod
|
||||
def resource_setup(cls):
|
||||
super(EC2CredentialsTest, cls).resource_setup()
|
||||
cls.creds = cls.os_primary.credentials
|
||||
|
||||
@decorators.idempotent_id('b0f55a29-54e5-4166-999d-712347e0c920')
|
||||
def test_create_ec2_credential(self):
|
||||
"""Create user ec2 credential."""
|
||||
resp = self.non_admin_users_client.create_user_ec2_credential(
|
||||
self.creds.user_id,
|
||||
tenant_id=self.creds.tenant_id)["credential"]
|
||||
access = resp['access']
|
||||
self.addCleanup(
|
||||
self.non_admin_users_client.delete_user_ec2_credential,
|
||||
self.creds.user_id, access)
|
||||
self.assertNotEmpty(resp['access'])
|
||||
self.assertNotEmpty(resp['secret'])
|
||||
self.assertEqual(self.creds.user_id, resp['user_id'])
|
||||
self.assertEqual(self.creds.tenant_id, resp['tenant_id'])
|
||||
|
||||
@decorators.idempotent_id('897813f0-160c-4fdc-aabc-24ee635ce4a9')
|
||||
def test_list_ec2_credentials(self):
|
||||
"""Get the list of user ec2 credentials."""
|
||||
created_creds = []
|
||||
# create first ec2 credentials
|
||||
creds1 = self.non_admin_users_client.create_user_ec2_credential(
|
||||
self.creds.user_id,
|
||||
tenant_id=self.creds.tenant_id)["credential"]
|
||||
created_creds.append(creds1['access'])
|
||||
self.addCleanup(
|
||||
self.non_admin_users_client.delete_user_ec2_credential,
|
||||
self.creds.user_id, creds1['access'])
|
||||
|
||||
# create second ec2 credentials
|
||||
creds2 = self.non_admin_users_client.create_user_ec2_credential(
|
||||
self.creds.user_id,
|
||||
tenant_id=self.creds.tenant_id)["credential"]
|
||||
created_creds.append(creds2['access'])
|
||||
self.addCleanup(
|
||||
self.non_admin_users_client.delete_user_ec2_credential,
|
||||
self.creds.user_id, creds2['access'])
|
||||
|
||||
# get the list of user ec2 credentials
|
||||
resp = self.non_admin_users_client.list_user_ec2_credentials(
|
||||
self.creds.user_id)["credentials"]
|
||||
fetched_creds = [cred['access'] for cred in resp]
|
||||
# created credentials should be in a fetched list
|
||||
missing = [cred for cred in created_creds
|
||||
if cred not in fetched_creds]
|
||||
self.assertEmpty(missing,
|
||||
"Failed to find ec2_credentials %s in fetched list" %
|
||||
', '.join(cred for cred in missing))
|
||||
|
||||
@decorators.idempotent_id('8b8d1010-5958-48df-a6cd-5e3df72e6bcf')
|
||||
def test_show_ec2_credential(self):
|
||||
"""Get the definite user ec2 credential."""
|
||||
resp = self.non_admin_users_client.create_user_ec2_credential(
|
||||
self.creds.user_id,
|
||||
tenant_id=self.creds.tenant_id)["credential"]
|
||||
self.addCleanup(
|
||||
self.non_admin_users_client.delete_user_ec2_credential,
|
||||
self.creds.user_id, resp['access'])
|
||||
|
||||
ec2_creds = self.non_admin_users_client.show_user_ec2_credential(
|
||||
self.creds.user_id, resp['access']
|
||||
)["credential"]
|
||||
for key in ['access', 'secret', 'user_id', 'tenant_id']:
|
||||
self.assertEqual(ec2_creds[key], resp[key])
|
||||
|
||||
@decorators.idempotent_id('9408d61b-8be0-4a8d-9b85-14f61edb456b')
|
||||
def test_delete_ec2_credential(self):
|
||||
"""Delete user ec2 credential."""
|
||||
resp = self.non_admin_users_client.create_user_ec2_credential(
|
||||
self.creds.user_id,
|
||||
tenant_id=self.creds.tenant_id)["credential"]
|
||||
access = resp['access']
|
||||
self.non_admin_users_client.delete_user_ec2_credential(
|
||||
self.creds.user_id, access)
|
||||
self.assertRaises(
|
||||
lib_exc.NotFound,
|
||||
self.non_admin_users_client.show_user_ec2_credential,
|
||||
self.creds.user_id,
|
||||
access)
|
@ -118,3 +118,30 @@ class UsersClient(rest_client.RestClient):
|
||||
self.expected_success(200, resp.status)
|
||||
body = json.loads(body)
|
||||
return rest_client.ResponseBody(resp, body)
|
||||
|
||||
def create_user_ec2_credential(self, user_id, **kwargs):
|
||||
post_body = json.dumps(kwargs)
|
||||
resp, body = self.post('/users/%s/credentials/OS-EC2' % user_id,
|
||||
post_body)
|
||||
self.expected_success(201, resp.status)
|
||||
body = json.loads(body)
|
||||
return rest_client.ResponseBody(resp, body)
|
||||
|
||||
def delete_user_ec2_credential(self, user_id, access):
|
||||
resp, body = self.delete('/users/%s/credentials/OS-EC2/%s' %
|
||||
(user_id, access))
|
||||
self.expected_success(204, resp.status)
|
||||
return rest_client.ResponseBody(resp, body)
|
||||
|
||||
def list_user_ec2_credentials(self, user_id):
|
||||
resp, body = self.get('/users/%s/credentials/OS-EC2' % user_id)
|
||||
self.expected_success(200, resp.status)
|
||||
body = json.loads(body)
|
||||
return rest_client.ResponseBody(resp, body)
|
||||
|
||||
def show_user_ec2_credential(self, user_id, access):
|
||||
resp, body = self.get('/users/%s/credentials/OS-EC2/%s' %
|
||||
(user_id, access))
|
||||
self.expected_success(200, resp.status)
|
||||
body = json.loads(body)
|
||||
return rest_client.ResponseBody(resp, body)
|
||||
|
@ -141,6 +141,35 @@ class TestUsersClient(base.BaseServiceTest):
|
||||
]
|
||||
}
|
||||
|
||||
FAKE_USER_EC2_CREDENTIAL_INFO = {
|
||||
"credential": {
|
||||
'user_id': '9beb0e12f3e5416db8d7cccfc785db3b',
|
||||
'access': '79abf59acc77492a86170cbe2f1feafa',
|
||||
'secret': 'c4e7d3a691fd4563873d381a40320f46',
|
||||
'trust_id': None,
|
||||
'tenant_id': '596557269d7b4dd78631a602eb9f151d'
|
||||
}
|
||||
}
|
||||
|
||||
FAKE_LIST_USER_EC2_CREDENTIALS = {
|
||||
"credentials": [
|
||||
{
|
||||
'user_id': '9beb0e12f3e5416db8d7cccfc785db3b',
|
||||
'access': '79abf59acc77492a86170cbe2f1feafa',
|
||||
'secret': 'c4e7d3a691fd4563873d381a40320f46',
|
||||
'trust_id': None,
|
||||
'tenant_id': '596557269d7b4dd78631a602eb9f151d'
|
||||
},
|
||||
{
|
||||
'user_id': '3beb0e12f3e5416db8d7cccfc785de4r',
|
||||
'access': '45abf59acc77492a86170cbe2f1fesde',
|
||||
'secret': 'g4e7d3a691fd4563873d381a40320e45',
|
||||
'trust_id': None,
|
||||
'tenant_id': '123557269d7b4dd78631a602eb9f112f'
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
def setUp(self):
|
||||
super(TestUsersClient, self).setUp()
|
||||
fake_auth = fake_auth_provider.FakeAuthProvider()
|
||||
@ -201,6 +230,33 @@ class TestUsersClient(base.BaseServiceTest):
|
||||
user_id='817fb3c23fd7465ba6d7fe1b1320121d',
|
||||
)
|
||||
|
||||
def _test_create_user_ec2_credential(self, bytes_body=False):
|
||||
self.check_service_client_function(
|
||||
self.client.create_user_ec2_credential,
|
||||
'tempest.lib.common.rest_client.RestClient.post',
|
||||
self.FAKE_USER_EC2_CREDENTIAL_INFO,
|
||||
bytes_body,
|
||||
status=201,
|
||||
user_id="1",
|
||||
tenant_id="123")
|
||||
|
||||
def _test_show_user_ec2_credential(self, bytes_body=False):
|
||||
self.check_service_client_function(
|
||||
self.client.show_user_ec2_credential,
|
||||
'tempest.lib.common.rest_client.RestClient.get',
|
||||
self.FAKE_USER_EC2_CREDENTIAL_INFO,
|
||||
bytes_body,
|
||||
user_id="1",
|
||||
access="123")
|
||||
|
||||
def _test_list_user_ec2_credentials(self, bytes_body=False):
|
||||
self.check_service_client_function(
|
||||
self.client.list_user_ec2_credentials,
|
||||
'tempest.lib.common.rest_client.RestClient.get',
|
||||
self.FAKE_LIST_USER_EC2_CREDENTIALS,
|
||||
bytes_body,
|
||||
user_id="1")
|
||||
|
||||
def test_create_user_with_string_body(self):
|
||||
self._test_create_user()
|
||||
|
||||
@ -255,3 +311,30 @@ class TestUsersClient(base.BaseServiceTest):
|
||||
user_id='817fb3c23fd7465ba6d7fe1b1320121d',
|
||||
password='NewTempestPassword',
|
||||
original_password='OldTempestPassword')
|
||||
|
||||
def test_create_user_ec2_credential_with_str_body(self):
|
||||
self._test_create_user_ec2_credential()
|
||||
|
||||
def test_create_user_ec2_credential_with_bytes_body(self):
|
||||
self._test_create_user_ec2_credential(bytes_body=True)
|
||||
|
||||
def test_show_user_ec2_credential_with_str_body(self):
|
||||
self._test_show_user_ec2_credential()
|
||||
|
||||
def test_show_user_ec2_credential_with_bytes_body(self):
|
||||
self._test_show_user_ec2_credential(bytes_body=True)
|
||||
|
||||
def test_list_user_ec2_credentials_with_str_body(self):
|
||||
self._test_list_user_ec2_credentials()
|
||||
|
||||
def test_list_user_ec2_credentials_with_bytes_body(self):
|
||||
self._test_list_user_ec2_credentials(bytes_body=True)
|
||||
|
||||
def test_delete_user_ec2_credential(self):
|
||||
self.check_service_client_function(
|
||||
self.client.delete_user_ec2_credential,
|
||||
'tempest.lib.common.rest_client.RestClient.delete',
|
||||
{},
|
||||
user_id="123",
|
||||
access="1234",
|
||||
status=204)
|
||||
|
Loading…
Reference in New Issue
Block a user