Update Ranger keystone group tempest tests
Included the following test cases test_add_delete_default_user test_add_delete_region_user test_add_delete_group_regions Change-Id: Iba74784e0c4256f8b62a5381ba3ff89791b2ec82
This commit is contained in:
parent
265761babd
commit
a214d88a64
@ -50,6 +50,18 @@ _group = {
|
||||
'required': ['id', 'links', 'created']
|
||||
}
|
||||
|
||||
_users = {
|
||||
'type': 'object',
|
||||
'properties': {
|
||||
'id': {
|
||||
'type': 'array',
|
||||
'items': {'type': 'string'}
|
||||
},
|
||||
'domain': {'type': 'string'},
|
||||
},
|
||||
'required': ['id', 'domain']
|
||||
}
|
||||
|
||||
create_group = {
|
||||
'status_code': [201],
|
||||
'response_body': {
|
||||
@ -73,7 +85,8 @@ get_group = {
|
||||
'domain': {'type': 'string'},
|
||||
'name': {'type': 'string'},
|
||||
'regions': {'type': 'array'},
|
||||
'description': {'type': 'string'}
|
||||
'description': {'type': 'string'},
|
||||
'users': {'type': 'array'}
|
||||
},
|
||||
'required': ['status', 'uuid', 'enabled', 'domain', 'name',
|
||||
'regions', 'description']
|
||||
@ -113,6 +126,7 @@ list_groups = {
|
||||
delete_group = _delete
|
||||
delete_groups_region = _delete
|
||||
|
||||
|
||||
_roles = {
|
||||
'type': 'object',
|
||||
'properties': {
|
||||
@ -158,3 +172,37 @@ list_group_roles = {
|
||||
'required': ['roles']
|
||||
}
|
||||
}
|
||||
|
||||
add_groups_region = {
|
||||
'status_code': [200],
|
||||
'response_body': {
|
||||
'type': 'object',
|
||||
'properties': {
|
||||
'regions': {
|
||||
'type': 'array',
|
||||
'items': _region
|
||||
},
|
||||
'transaction_id': {'type': 'string'}
|
||||
},
|
||||
'required': ['regions', 'transaction_id']
|
||||
}
|
||||
}
|
||||
|
||||
add_groups_users = {
|
||||
'status_code': [200],
|
||||
'response_body': {
|
||||
'type': 'object',
|
||||
'properties': {
|
||||
'transaction_id': {'type': 'string'},
|
||||
'users': {
|
||||
'type': 'array',
|
||||
'items': _users
|
||||
},
|
||||
'links': _links,
|
||||
'created': {'type': 'string', 'format': 'date-time'}
|
||||
},
|
||||
'required': ['transaction_id', 'users', 'links', 'created']
|
||||
}
|
||||
}
|
||||
|
||||
delete_groups_user = _delete
|
||||
|
@ -45,6 +45,12 @@ class GrpClient(base_client.RangerClientBase):
|
||||
uri += '?' + urllib.urlencode(filter)
|
||||
return self.get_request(uri, schema.list_groups)
|
||||
|
||||
def add_groups_region(self, group_id, *args):
|
||||
uri = '%s/%s/orm/groups/%s/regions' % (
|
||||
self.cms_url, self.version, group_id)
|
||||
post_body = json.dumps(args)
|
||||
return self.post_request(uri, post_body, schema.add_groups_region)
|
||||
|
||||
def delete_groups_region(self, group_id, region_id):
|
||||
uri = '%s/%s/orm/groups/%s/regions/%s' % (
|
||||
self.cms_url, self.version, group_id, region_id)
|
||||
@ -75,3 +81,27 @@ class GrpClient(base_client.RangerClientBase):
|
||||
uri = '%s/%s/orm/groups/%s/roles/%s' % (
|
||||
self.cms_url, self.version, group_id, params)
|
||||
return self.get_request(uri, schema.list_group_roles)
|
||||
|
||||
def add_group_default_user(self, group_id, *args):
|
||||
uri = '%s/%s/orm/groups/%s/users' \
|
||||
% (self.cms_url, self.version, group_id)
|
||||
post_body = json.dumps(args)
|
||||
return self.post_request(uri, post_body, schema.add_groups_users)
|
||||
|
||||
def delete_group_default_user(self, group_id, user_id, user_domain):
|
||||
uri = '%s/%s/orm/groups/%s/users/%s/%s' % (
|
||||
self.cms_url, self.version, group_id, user_id, user_domain)
|
||||
return self.delete_request(uri, schema.delete_groups_region)
|
||||
|
||||
def add_group_region_user(self, group_id, region_id, *args):
|
||||
uri = '%s/%s/orm/groups/%s/regions/%s/users' \
|
||||
% (self.cms_url, self.version, group_id, region_id)
|
||||
post_body = json.dumps(args)
|
||||
return self.post_request(uri, post_body, schema.add_groups_users)
|
||||
|
||||
def delete_groups_region_user(self, group_id, region_id,
|
||||
user_id, user_domain):
|
||||
uri = '%s/%s/orm/groups/%s/regions/%s/users/%s/%s' % (
|
||||
self.cms_url, self.version, group_id, region_id,
|
||||
user_id, user_domain)
|
||||
return self.delete_request(uri, schema.delete_groups_region)
|
||||
|
@ -34,28 +34,33 @@ class GrpBaseOrmTest(CmsBaseOrmTest):
|
||||
cls.grp_client = cls.os_primary.grp_client
|
||||
|
||||
@classmethod
|
||||
def _get_group_params(cls, enabled=True):
|
||||
region, payload = {}, {}
|
||||
def _get_group_params(cls, enabled=True, region_users=True,
|
||||
default_users=True):
|
||||
region, user, payload = {}, {}, {}
|
||||
grp_name = data_utils.rand_name('ormTempestGrp')
|
||||
region['name'] = CONF.identity.region
|
||||
region['type'] = 'single'
|
||||
user['id'] = [cls.os_primary.credentials.username]
|
||||
user['domain'] = CONF.ranger.domain
|
||||
region["users"] = [user] if region_users else []
|
||||
regions = [region]
|
||||
payload["description"] = grp_name
|
||||
payload["domain"] = CONF.ranger.domain
|
||||
payload["enabled"] = True if enabled else False
|
||||
payload["name"] = grp_name
|
||||
payload["regions"] = regions
|
||||
payload['users'] = [user] if default_users else []
|
||||
return payload
|
||||
|
||||
@classmethod
|
||||
def _get_user_params(cls, alt=False):
|
||||
users = []
|
||||
if not alt:
|
||||
users.append({'id': cls.os_primary.credentials.username,
|
||||
'role': ['admin']})
|
||||
users.append({'id': [cls.os_primary.credentials.username],
|
||||
'domain': CONF.ranger.domain})
|
||||
else:
|
||||
users.append({'id': cls.os_alt.credentials.username,
|
||||
'role': ['admin_viewer', 'admin_support']})
|
||||
users.append({'id': [cls.os_alt.credentials.username],
|
||||
'domain': CONF.ranger.domain})
|
||||
return users
|
||||
|
||||
@classmethod
|
||||
@ -63,7 +68,7 @@ class GrpBaseOrmTest(CmsBaseOrmTest):
|
||||
region = {}
|
||||
region['name'] = CONF.identity.region
|
||||
region['type'] = 'single'
|
||||
return [region]
|
||||
return region
|
||||
|
||||
@classmethod
|
||||
def _create_grp_validate_creation_on_dcp_and_lcp(self, **kwargs):
|
||||
|
@ -88,23 +88,6 @@ class TestTempestGrp(grp_base.GrpBaseOrmTest):
|
||||
groups = [grp['id'] for grp in body['groups']]
|
||||
self.assertIn(self.setup_group_id, groups)
|
||||
|
||||
@decorators.idempotent_id('880f614f-6317-4973-a244-f2e44443f551')
|
||||
def test_delete_regions(self):
|
||||
# setup data for delete_region
|
||||
post_body = self._get_group_params()
|
||||
region_name = post_body["regions"][0]["name"]
|
||||
test_group_id = self._create_grp_validate_creation_on_dcp_and_lcp(
|
||||
**post_body)
|
||||
self.addCleanup(self._del_group_validate_deletion_on_dcp_and_lcp,
|
||||
test_group_id)
|
||||
_, group = self.grp_client.get_group(test_group_id)
|
||||
self.assertTrue(group["regions"])
|
||||
_, body = self.grp_client.delete_groups_region(test_group_id,
|
||||
region_name)
|
||||
self._wait_for_group_status(test_group_id, 'no regions')
|
||||
_, group = self.grp_client.get_group(test_group_id)
|
||||
self.assertFalse(group["regions"])
|
||||
|
||||
@decorators.idempotent_id('bba25028-d962-47df-9566-557eec48f22d')
|
||||
def test_create_group(self):
|
||||
post_body = self._get_group_params()
|
||||
@ -198,3 +181,83 @@ class TestTempestGrp(grp_base.GrpBaseOrmTest):
|
||||
_, body = self.grp_client.list_group_roles(self.setup_group_id,
|
||||
list_filter)
|
||||
self.assertEqual(body['roles'], [])
|
||||
|
||||
@decorators.idempotent_id('880f614f-6317-4973-a244-f2e44443f551')
|
||||
def test_add_delete_group_regions(self):
|
||||
|
||||
# using the group record created by tempest setup, we'll test
|
||||
# delete region first before before add region
|
||||
region_name = self.setup_group['regions'][0]['name']
|
||||
_, body = self.grp_client.delete_groups_region(self.setup_group_id,
|
||||
region_name)
|
||||
self._wait_for_group_status(self.setup_group_id, 'no regions')
|
||||
_, group = self.grp_client.get_group(self.setup_group_id)
|
||||
self.assertFalse(group["regions"])
|
||||
|
||||
# now we test add group region to add region back to the setup_group
|
||||
post_region_body = self._get_region_params()
|
||||
_, body = self.grp_client.add_groups_region(self.setup_group_id,
|
||||
post_region_body)
|
||||
self._wait_for_group_status(self.setup_group_id, 'Success')
|
||||
_, group = self.grp_client.get_group(self.setup_group_id)
|
||||
self.assertTrue(group["regions"])
|
||||
|
||||
@decorators.idempotent_id('1f23fe95-b05a-4368-baf7-5a526b13bea3')
|
||||
def test_add_delete_default_user(self):
|
||||
|
||||
# using the existing setup group record, delete the default user
|
||||
default_user_id = self.setup_group['users'][0]['id'][0]
|
||||
user_domain = self.setup_group['users'][0]['domain']
|
||||
# user[0]['id'] for user in self.setup_group['users']]
|
||||
_, body =\
|
||||
self.grp_client.delete_group_default_user(self.setup_group_id,
|
||||
default_user_id,
|
||||
user_domain)
|
||||
self._wait_for_group_status(self.setup_group_id, 'Success')
|
||||
_, group = self.grp_client.get_group(self.setup_group_id)
|
||||
|
||||
# validate delete operation success by confirming that the default
|
||||
# users list and region user lists are empty after delete operation
|
||||
self.assertFalse(group['users'])
|
||||
self.assertFalse(group['regions'][0]['users'])
|
||||
|
||||
# now add back the default user, then validate that new user is
|
||||
# added to group AND region levels successfully
|
||||
post_default_user = self._get_user_params()
|
||||
default_user_id = post_default_user[0]["id"][0]
|
||||
_, body = self.grp_client.add_group_default_user(self.setup_group_id,
|
||||
*post_default_user)
|
||||
self._wait_for_group_status(self.setup_group_id, 'Success')
|
||||
_, group = self.grp_client.get_group(self.setup_group_id,)
|
||||
self.assertIn(default_user_id, [x['id'][0] for x in group['users']])
|
||||
self.assertIn(default_user_id,
|
||||
[x['id'][0] for x in group['regions'][0]['users']])
|
||||
|
||||
@decorators.idempotent_id('3390b5cd-3229-4db2-a5b8-aec3e840a6a0')
|
||||
def test_add_delete_region_user(self):
|
||||
|
||||
# using the tempest setup group record, creare new region user
|
||||
post_region_user = self._get_user_params(alt=True)
|
||||
region_user_id = post_region_user[0]["id"][0]
|
||||
region_user_domain = post_region_user[0]["domain"]
|
||||
|
||||
_, body =\
|
||||
self.grp_client.add_group_region_user(self.setup_group_id,
|
||||
CONF.identity.region,
|
||||
*post_region_user)
|
||||
self._wait_for_group_status(self.setup_group_id, 'Success')
|
||||
_, group = self.grp_client.get_group(self.setup_group_id)
|
||||
self.assertTrue(
|
||||
region_user_id in group['regions'][0]['users'][0]['id'])
|
||||
|
||||
# now delete the region_user_id from the tempest setup record
|
||||
_, body =\
|
||||
self.grp_client.delete_groups_region_user(self.setup_group_id,
|
||||
CONF.identity.region,
|
||||
region_user_id,
|
||||
region_user_domain)
|
||||
self._wait_for_group_status(self.setup_group_id, 'Success')
|
||||
_, group = self.grp_client.get_group(self.setup_group_id)
|
||||
# assert region user id is removed from the group
|
||||
self.assertFalse(
|
||||
region_user_id in group['regions'][0]['users'][0]['id'])
|
||||
|
Loading…
Reference in New Issue
Block a user