From 914b471f2e4bfd47c787ea2bdf7cc39e71f342b8 Mon Sep 17 00:00:00 2001 From: nayna-patel Date: Tue, 16 Jul 2013 08:29:05 +0000 Subject: [PATCH] Credentials Keystone V3 API Tests This submission adds new test script 'test_credentials.py' so as to verify CRUD Operations on Credentials API. And also added required support functions in 'credentials_client.py' for both JSON/XMl interfaces Implements blueprint: add-credentials-test-keystone-v3 Change-Id: I00269eaeb01af821c47300a80d89fae3dd2598a2 --- .../api/identity/admin/v3/test_credentials.py | 120 +++++++++++++++++ tempest/api/identity/base.py | 1 + tempest/clients.py | 11 ++ .../identity/v3/json/credentials_client.py | 97 ++++++++++++++ .../identity/v3/xml/credentials_client.py | 121 ++++++++++++++++++ 5 files changed, 350 insertions(+) create mode 100644 tempest/api/identity/admin/v3/test_credentials.py create mode 100644 tempest/services/identity/v3/json/credentials_client.py create mode 100644 tempest/services/identity/v3/xml/credentials_client.py diff --git a/tempest/api/identity/admin/v3/test_credentials.py b/tempest/api/identity/admin/v3/test_credentials.py new file mode 100644 index 0000000000..efd2f83ef8 --- /dev/null +++ b/tempest/api/identity/admin/v3/test_credentials.py @@ -0,0 +1,120 @@ +# vim: tabstop=4 shiftwidth=4 softtabstop=4 + +# Copyright 2013 OpenStack Foundation +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from tempest.api.identity import base +from tempest.common.utils.data_utils import rand_name +from tempest.test import attr + + +class CredentialsTestJSON(base.BaseIdentityAdminTest): + _interface = 'json' + + @classmethod + def setUpClass(cls): + super(CredentialsTestJSON, cls).setUpClass() + cls.projects = list() + cls.creds_list = [['project_id', 'user_id', 'id'], + ['access', 'secret']] + u_name = rand_name('user-') + u_desc = '%s description' % u_name + u_email = '%s@testmail.tm' % u_name + u_password = rand_name('pass-') + for i in range(2): + resp, cls.project = cls.v3_client.create_project( + rand_name('project-'), description=rand_name('project-desc-')) + assert resp['status'] == '201', "Expected %s" % resp['status'] + cls.projects.append(cls.project['id']) + + resp, cls.user_body = cls.v3_client.create_user( + u_name, description=u_desc, password=u_password, + email=u_email, project_id=cls.projects[0]) + assert resp['status'] == '201', "Expected: %s" % resp['status'] + + @classmethod + def tearDownClass(cls): + resp, _ = cls.v3_client.delete_user(cls.user_body['id']) + assert resp['status'] == '204', "Expected: %s" % resp['status'] + for p in cls.projects: + resp, _ = cls.v3_client.delete_project(p) + assert resp['status'] == '204', "Expected: %s" % resp['status'] + super(CredentialsTestJSON, cls).tearDownClass() + + def _delete_credential(self, cred_id): + resp, body = self.creds_client.delete_credential(cred_id) + self.assertEqual(resp['status'], '204') + + @attr(type='smoke') + def test_credentials_create_get_update_delete(self): + keys = [rand_name('Access-'), rand_name('Secret-')] + resp, cred = self.creds_client.create_credential( + keys[0], keys[1], self.user_body['id'], + self.projects[0]) + self.addCleanup(self._delete_credential, cred['id']) + self.assertEqual(resp['status'], '201') + for value1 in self.creds_list[0]: + self.assertIn(value1, cred) + for value2 in self.creds_list[1]: + self.assertIn(value2, cred['blob']) + + new_keys = [rand_name('NewAccess-'), rand_name('NewSecret-')] + resp, update_body = self.creds_client.update_credential( + cred['id'], access_key=new_keys[0], secret_key=new_keys[1], + project_id=self.projects[1]) + self.assertEqual(resp['status'], '200') + self.assertEqual(cred['id'], update_body['id']) + self.assertEqual(self.projects[1], update_body['project_id']) + self.assertEqual(self.user_body['id'], update_body['user_id']) + self.assertEqual(update_body['blob']['access'], new_keys[0]) + self.assertEqual(update_body['blob']['secret'], new_keys[1]) + + resp, get_body = self.creds_client.get_credential(cred['id']) + self.assertEqual(resp['status'], '200') + for value1 in self.creds_list[0]: + self.assertEqual(update_body[value1], + get_body[value1]) + for value2 in self.creds_list[1]: + self.assertEqual(update_body['blob'][value2], + get_body['blob'][value2]) + + @attr(type='smoke') + def test_credentials_list_delete(self): + created_cred_ids = list() + fetched_cred_ids = list() + + for i in range(2): + resp, cred = self.creds_client.create_credential( + rand_name('Access-'), rand_name('Secret-'), + self.user_body['id'], self.projects[0]) + self.assertEqual(resp['status'], '201') + created_cred_ids.append(cred['id']) + self.addCleanup(self._delete_credential, cred['id']) + + resp, creds = self.creds_client.list_credentials() + self.assertEqual(resp['status'], '200') + + for i in creds: + fetched_cred_ids.append(i['id']) + missing_creds = [c for c in created_cred_ids + if c not in fetched_cred_ids] + self.assertEqual(0, len(missing_creds), + "Failed to find cred %s in fetched list" % + ', '.join(m_cred for m_cred + in missing_creds)) + + +class CredentialsTestXML(CredentialsTestJSON): + _interface = 'xml' diff --git a/tempest/api/identity/base.py b/tempest/api/identity/base.py index bfb53723fc..2a168de647 100644 --- a/tempest/api/identity/base.py +++ b/tempest/api/identity/base.py @@ -34,6 +34,7 @@ class BaseIdentityAdminTest(tempest.test.BaseTestCase): cls.service_client = os.service_client cls.policy_client = os.policy_client cls.v3_token = os.token_v3_client + cls.creds_client = os.credentials_client if not cls.client.has_admin_extensions(): raise cls.skipException("Admin extensions disabled") diff --git a/tempest/clients.py b/tempest/clients.py index 48e4939ae6..49b92830c8 100644 --- a/tempest/clients.py +++ b/tempest/clients.py @@ -71,6 +71,8 @@ from tempest.services.compute.xml.volumes_extensions_client import \ VolumesExtensionsClientXML from tempest.services.identity.json.identity_client import IdentityClientJSON from tempest.services.identity.json.identity_client import TokenClientJSON +from tempest.services.identity.v3.json.credentials_client import \ + CredentialsClientJSON from tempest.services.identity.v3.json.endpoints_client import \ EndPointClientJSON from tempest.services.identity.v3.json.identity_client import \ @@ -79,6 +81,8 @@ from tempest.services.identity.v3.json.identity_client import V3TokenClientJSON from tempest.services.identity.v3.json.policy_client import PolicyClientJSON from tempest.services.identity.v3.json.service_client import \ ServiceClientJSON +from tempest.services.identity.v3.xml.credentials_client import \ + CredentialsClientXML from tempest.services.identity.v3.xml.endpoints_client import EndPointClientXML from tempest.services.identity.v3.xml.identity_client import \ IdentityV3ClientXML @@ -252,6 +256,11 @@ V3_TOKEN_CLIENT = { "xml": V3TokenClientXML, } +CREDENTIALS_CLIENT = { + "json": CredentialsClientJSON, + "xml": CredentialsClientXML, +} + class Manager(object): @@ -336,6 +345,8 @@ class Manager(object): self.policy_client = POLICY_CLIENT[interface](*client_args) self.hypervisor_client = HYPERVISOR_CLIENT[interface](*client_args) self.token_v3_client = V3_TOKEN_CLIENT[interface](*client_args) + self.credentials_client = \ + CREDENTIALS_CLIENT[interface](*client_args) if client_args_v3_auth: self.servers_client_v3_auth = SERVERS_CLIENTS[interface]( diff --git a/tempest/services/identity/v3/json/credentials_client.py b/tempest/services/identity/v3/json/credentials_client.py new file mode 100644 index 0000000000..c3f788afc3 --- /dev/null +++ b/tempest/services/identity/v3/json/credentials_client.py @@ -0,0 +1,97 @@ +# vim: tabstop=4 shiftwidth=4 softtabstop=4 + +# Copyright 2013 OpenStack Foundation +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +import json +from urlparse import urlparse + +from tempest.common.rest_client import RestClient + + +class CredentialsClientJSON(RestClient): + + def __init__(self, config, username, password, auth_url, tenant_name=None): + super(CredentialsClientJSON, self).__init__(config, username, password, + auth_url, tenant_name) + self.service = self.config.identity.catalog_type + self.endpoint_url = 'adminURL' + + def request(self, method, url, headers=None, body=None, wait=None): + """Overriding the existing HTTP request in super class rest_client.""" + self._set_auth() + self.base_url = self.base_url.replace(urlparse(self.base_url).path, + "/v3") + return super(CredentialsClientJSON, self).request(method, url, + headers=headers, + body=body) + + def create_credential(self, access_key, secret_key, user_id, project_id): + """Creates a credential.""" + blob = "{\"access\": \"%s\", \"secret\": \"%s\"}" % ( + access_key, secret_key) + post_body = { + "blob": blob, + "project_id": project_id, + "type": "ec2", + "user_id": user_id + } + post_body = json.dumps({'credential': post_body}) + resp, body = self.post('credentials', post_body, + self.headers) + body = json.loads(body) + body['credential']['blob'] = json.loads(body['credential']['blob']) + return resp, body['credential'] + + def update_credential(self, credential_id, **kwargs): + """Updates a credential.""" + resp, body = self.get_credential(credential_id) + cred_type = kwargs.get('type', body['type']) + access_key = kwargs.get('access_key', body['blob']['access']) + secret_key = kwargs.get('secret_key', body['blob']['secret']) + project_id = kwargs.get('project_id', body['project_id']) + user_id = kwargs.get('user_id', body['user_id']) + blob = "{\"access\": \"%s\", \"secret\": \"%s\"}" % ( + access_key, secret_key) + post_body = { + "blob": blob, + "project_id": project_id, + "type": cred_type, + "user_id": user_id + } + post_body = json.dumps({'credential': post_body}) + resp, body = self.patch('credentials/%s' % credential_id, post_body, + self.headers) + body = json.loads(body) + body['credential']['blob'] = json.loads(body['credential']['blob']) + return resp, body['credential'] + + def get_credential(self, credential_id): + """To GET Details of a credential.""" + resp, body = self.get('credentials/%s' % credential_id) + body = json.loads(body) + body['credential']['blob'] = json.loads(body['credential']['blob']) + return resp, body['credential'] + + def list_credentials(self): + """Lists out all the available credentials.""" + resp, body = self.get('credentials') + body = json.loads(body) + return resp, body['credentials'] + + def delete_credential(self, credential_id): + """Deletes a credential.""" + resp, body = self.delete('credentials/%s' % credential_id) + return resp, body diff --git a/tempest/services/identity/v3/xml/credentials_client.py b/tempest/services/identity/v3/xml/credentials_client.py new file mode 100644 index 0000000000..dc0ade1ff0 --- /dev/null +++ b/tempest/services/identity/v3/xml/credentials_client.py @@ -0,0 +1,121 @@ +# vim: tabstop=4 shiftwidth=4 softtabstop=4 + +# Copyright 2013 OpenStack Foundation +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +import json +from urlparse import urlparse + +from lxml import etree + +from tempest.common.rest_client import RestClientXML +from tempest.services.compute.xml.common import Document +from tempest.services.compute.xml.common import Element +from tempest.services.compute.xml.common import Text +from tempest.services.compute.xml.common import xml_to_json + + +XMLNS = "http://docs.openstack.org/identity/api/v3" + + +class CredentialsClientXML(RestClientXML): + + def __init__(self, config, username, password, auth_url, tenant_name=None): + super(CredentialsClientXML, self).__init__(config, username, password, + auth_url, tenant_name) + self.service = self.config.identity.catalog_type + self.endpoint_url = 'adminURL' + + def request(self, method, url, headers=None, body=None, wait=None): + """Overriding the existing HTTP request in super class rest_client.""" + self._set_auth() + self.base_url = self.base_url.replace(urlparse(self.base_url).path, + "/v3") + return super(CredentialsClientXML, self).request(method, url, + headers=headers, + body=body) + + def _parse_body(self, body): + data = xml_to_json(body) + return data + + def _parse_creds(self, node): + array = [] + for child in node.getchildren(): + tag_list = child.tag.split('}', 1) + if tag_list[1] == "credential": + array.append(xml_to_json(child)) + return array + + def create_credential(self, access_key, secret_key, user_id, project_id): + """Creates a credential.""" + cred_type = 'ec2' + access = ""access": "%s"" % access_key + secret = ""secret": "%s"" % secret_key + blob = Element('blob', + xmlns=XMLNS) + blob.append(Text("{%s , %s}" + % (access, secret))) + credential = Element('credential', project_id=project_id, + type=cred_type, user_id=user_id) + credential.append(blob) + resp, body = self.post('credentials', str(Document(credential)), + self.headers) + body = self._parse_body(etree.fromstring(body)) + body['blob'] = json.loads(body['blob']) + return resp, body + + def update_credential(self, credential_id, **kwargs): + """Updates a credential.""" + resp, body = self.get_credential(credential_id) + cred_type = kwargs.get('type', body['type']) + access_key = kwargs.get('access_key', body['blob']['access']) + secret_key = kwargs.get('secret_key', body['blob']['secret']) + project_id = kwargs.get('project_id', body['project_id']) + user_id = kwargs.get('user_id', body['user_id']) + access = ""access": "%s"" % access_key + secret = ""secret": "%s"" % secret_key + blob = Element('blob', + xmlns=XMLNS) + blob.append(Text("{%s , %s}" + % (access, secret))) + credential = Element('credential', project_id=project_id, + type=cred_type, user_id=user_id) + credential.append(blob) + resp, body = self.patch('credentials/%s' % credential_id, + str(Document(credential)), + self.headers) + body = self._parse_body(etree.fromstring(body)) + body['blob'] = json.loads(body['blob']) + return resp, body + + def get_credential(self, credential_id): + """To GET Details of a credential.""" + resp, body = self.get('credentials/%s' % credential_id, self.headers) + body = self._parse_body(etree.fromstring(body)) + body['blob'] = json.loads(body['blob']) + return resp, body + + def list_credentials(self): + """Lists out all the available credentials.""" + resp, body = self.get('credentials', self.headers) + body = self._parse_creds(etree.fromstring(body)) + return resp, body + + def delete_credential(self, credential_id): + """Deletes a credential.""" + resp, body = self.delete('credentials/%s' % credential_id, + self.headers) + return resp, body