openstack
/
tempest
Code Issues Proposed changes
tempest/tempest/lib/services/identity/v3/inherited_roles_client.py

150 lines
6.6 KiB
Python
Raw Blame History

# Copyright 2016 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from oslo_serialization import jsonutils as json
from tempest.lib.common import rest_client
class InheritedRolesClient(rest_client.RestClient):
api_version = "v3"
def create_inherited_role_on_domains_user(
self, domain_id, user_id, role_id):
"""Assigns a role to a user on projects owned by a domain."""
resp, body = self.put(
"OS-INHERIT/domains/%s/users/%s/roles/%s/inherited_to_projects"
% (domain_id, user_id, role_id), None)
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp, body)
def delete_inherited_role_from_user_on_domain(
self, domain_id, user_id, role_id):
"""Revokes an inherited project role from a user on a domain."""
resp, body = self.delete(
"OS-INHERIT/domains/%s/users/%s/roles/%s/inherited_to_projects"
% (domain_id, user_id, role_id))
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp, body)
def list_inherited_project_role_for_user_on_domain(
self, domain_id, user_id):
"""Lists the inherited project roles on a domain for a user."""
resp, body = self.get(
"OS-INHERIT/domains/%s/users/%s/roles/inherited_to_projects"
% (domain_id, user_id))
self.expected_success(200, resp.status)
body = json.loads(body)
return rest_client.ResponseBody(resp, body)
def check_user_inherited_project_role_on_domain(
self, domain_id, user_id, role_id):
"""Checks whether a user has an inherited project role on a domain."""
resp, _ = self.head(
"OS-INHERIT/domains/%s/users/%s/roles/%s/inherited_to_projects"
% (domain_id, user_id, role_id))
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp)
def create_inherited_role_on_domains_group(
self, domain_id, group_id, role_id):
"""Assigns a role to a group on projects owned by a domain."""
resp, body = self.put(
"OS-INHERIT/domains/%s/groups/%s/roles/%s/inherited_to_projects"
% (domain_id, group_id, role_id), None)
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp, body)
def delete_inherited_role_from_group_on_domain(
self, domain_id, group_id, role_id):
"""Revokes an inherited project role from a group on a domain."""
resp, body = self.delete(
"OS-INHERIT/domains/%s/groups/%s/roles/%s/inherited_to_projects"
% (domain_id, group_id, role_id))
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp, body)
def list_inherited_project_role_for_group_on_domain(
self, domain_id, group_id):
"""Lists the inherited project roles on a domain for a group."""
resp, body = self.get(
"OS-INHERIT/domains/%s/groups/%s/roles/inherited_to_projects"
% (domain_id, group_id))
self.expected_success(200, resp.status)
body = json.loads(body)
return rest_client.ResponseBody(resp, body)
def check_group_inherited_project_role_on_domain(
self, domain_id, group_id, role_id):
"""Checks whether a group has an inherited project role on a domain."""
resp, _ = self.head(
"OS-INHERIT/domains/%s/groups/%s/roles/%s/inherited_to_projects"
% (domain_id, group_id, role_id))
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp)
def create_inherited_role_on_projects_user(
self, project_id, user_id, role_id):
"""Assigns a role to a user on projects in a subtree."""
resp, body = self.put(
"OS-INHERIT/projects/%s/users/%s/roles/%s/inherited_to_projects"
% (project_id, user_id, role_id), None)
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp, body)
def delete_inherited_role_from_user_on_project(
self, project_id, user_id, role_id):
"""Revokes an inherited role from a user on a project."""
resp, body = self.delete(
"OS-INHERIT/projects/%s/users/%s/roles/%s/inherited_to_projects"
% (project_id, user_id, role_id))
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp, body)
def check_user_has_flag_on_inherited_to_project(
self, project_id, user_id, role_id):
"""Check if user has an inherited project role on project"""
resp, _ = self.head(
"OS-INHERIT/projects/%s/users/%s/roles/%s/inherited_to_projects"
% (project_id, user_id, role_id))
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp)
def create_inherited_role_on_projects_group(
self, project_id, group_id, role_id):
"""Assigns a role to a group on projects in a subtree."""
resp, body = self.put(
"OS-INHERIT/projects/%s/groups/%s/roles/%s/inherited_to_projects"
% (project_id, group_id, role_id), None)
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp, body)
def delete_inherited_role_from_group_on_project(
self, project_id, group_id, role_id):
"""Revokes an inherited role from a group on a project."""
resp, body = self.delete(
"OS-INHERIT/projects/%s/groups/%s/roles/%s/inherited_to_projects"
% (project_id, group_id, role_id))
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp, body)
def check_group_has_flag_on_inherited_to_project(
self, project_id, group_id, role_id):
"""Check if group has an inherited project role on project"""
resp, _ = self.head(
"OS-INHERIT/projects/%s/groups/%s/roles/%s/inherited_to_projects"
% (project_id, group_id, role_id))
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp)
View Git Blame Copy Permalink