Merge "Add notifications for identity authenticate events"

2014-08-12 20:15:19 +00:00 · 2014-08-12 20:15:19 +00:00 · bb3deafd12
commit bb3deafd12
parent 2a1d42451c fff27cb949
3 changed files with 102 additions and 6 deletions
--- a/ceilometer/identity/notifications.py
+++ b/ceilometer/identity/notifications.py
@ -46,6 +46,8 @@ class _Base(plugin.NotificationBase):
                                      exchange=conf.keystone_control_exchange)
                for topic in conf.notification_topics]
 class IdentityCRUD(_Base):
    def process_notification(self, message):
        yield sample.Sample.from_notification(
            name=message['event_type'],
@ -58,7 +60,7 @@ class _Base(plugin.NotificationBase):
            message=message)
-class User(_Base):
+class User(IdentityCRUD):
    resource_type = 'user'
    resource_name = '%s.%s' % (SERVICE, resource_type)
@ -68,7 +70,7 @@ class User(_Base):
        return ['%s.*' % (self.resource_name)]
-class Group(_Base):
+class Group(IdentityCRUD):
    resource_type = 'group'
    resource_name = '%s.%s' % (SERVICE, resource_type)
@ -78,7 +80,7 @@ class Group(_Base):
        return ['%s.*' % (self.resource_name)]
-class Project(_Base):
+class Project(IdentityCRUD):
    resource_type = 'project'
    resource_name = '%s.%s' % (SERVICE, resource_type)
@ -88,7 +90,7 @@ class Project(_Base):
        return ['%s.*' % (self.resource_name)]
-class Role(_Base):
+class Role(IdentityCRUD):
    resource_type = 'role'
    resource_name = '%s.%s' % (SERVICE, resource_type)
@ -98,7 +100,7 @@ class Role(_Base):
        return ['%s.*' % (self.resource_name)]
-class Trust(_Base):
+class Trust(IdentityCRUD):
    resource_type = 'trust'
    resource_name = '%s.%s' % (SERVICE, resource_type)
@ -109,3 +111,28 @@ class Trust(_Base):
            '%s.created' % (self.resource_name),
            '%s.deleted' % (self.resource_name)
        ]
 class Authenticate(_Base):
    """Convert identity authentication notifications into Samples."""
    resource_type = 'authenticate'
    event_name = '%s.%s' % (SERVICE, resource_type)
    def process_notification(self, message):
        outcome = message['payload']['outcome']
        meter_name = '%s.%s.%s' % (SERVICE, self.resource_type, outcome)
        yield sample.Sample.from_notification(
            name=meter_name,
            type=sample.TYPE_DELTA,
            unit='user',
            volume=1,
            resource_id=message['payload']['initiator']['id'],
            user_id=message['payload']['initiator']['id'],
            project_id=None,
            message=message)
    @property
    def event_types(self):
        return [self.event_name]
--- a/ceilometer/tests/identity/test_notifications.py
+++ b/ceilometer/tests/identity/test_notifications.py
@ -44,7 +44,43 @@ def notification_for(resource_type, operation, resource_id):
    }
-class TestNotification(test.BaseTestCase):
+def authn_notification_for(outcome):
    return {
        u'event_type': u'identity.authenticate',
        u'message_id': u'1371a590-d5fd-448f-b3bb-a14dead6f4cb',
        u'payload': {
            u'typeURI': u'http://schemas.dmtf.org/cloud/audit/1.0/event',
            u'initiator': {
                u'typeURI': u'service/security/account/user',
                u'host': {
                    u'agent': u'python-keystoneclient',
                    u'address': u'10.0.2.15'
                },
                u'id': USER_ID,
                u'name': u'openstack:demo_user'
            },
            u'target': {
                u'typeURI': u'service/security/account/user',
                u'id': u'openstack:44b3d8cb-5f16-46e9-9b1b-ac90b64c2530'
            },
            u'observer': {
                u'typeURI': u'service/security',
                u'id': u'openstack:55a9e88c-a4b1-4864-9339-62b7e6ecb6a7'
            },
            u'eventType': u'activity',
            u'eventTime': u'2014-08-04T05:38:59.978898+0000',
            u'action': u'authenticate',
            u'outcome': outcome,
            u'id': u'openstack:eca02fef-9394-4008-8fb3-c434133ca4b2'
        },
        u'priority': u'INFO',
        u'publisher_id': PUBLISHER_ID,
        u'timestamp': NOW
    }
 class TestCRUDNotification(test.BaseTestCase):
    def _verify_common_sample(self, s):
        self.assertIsNotNone(s)
@ -110,3 +146,35 @@ class TestNotification(test.BaseTestCase):
    def test_delete_trust(self):
        self._test_operation('trust', 'deleted', TRUST_ID, notifications.Trust)
 class TestAuthenticationNotification(test.BaseTestCase):
    def _verify_common_sample(self, s):
        self.assertIsNotNone(s)
        self.assertEqual(NOW, s.timestamp)
        self.assertEqual(sample.TYPE_DELTA, s.type)
        self.assertIsNone(s.project_id)
        self.assertEqual(USER_ID, s.user_id)
        self.assertEqual(USER_ID, s.resource_id)
        self.assertEqual('user', s.unit)
        metadata = s.resource_metadata
        self.assertEqual(PUBLISHER_ID, metadata.get('host'))
    def _test_operation(self, outcome):
        notif = authn_notification_for(outcome)
        handler = notifications.Authenticate(mock.Mock())
        data = list(handler.process_notification(notif))
        self.assertEqual(1, len(data))
        name = '%s.%s.%s' % (notifications.SERVICE, 'authenticate', outcome)
        self.assertEqual(name, data[0].name)
        self._verify_common_sample(data[0])
    def test_authn_success(self):
        self._test_operation('success')
    def test_authn_failure(self):
        self._test_operation('failure')
    def test_authn_pending(self):
        self._test_operation('pending')
--- a/setup.cfg
+++ b/setup.cfg
@ -51,6 +51,7 @@ ceilometer.notification =
    volume_size = ceilometer.volume.notifications:VolumeSize
    snapshot = ceilometer.volume.notifications:Snapshot
    snapshot_size = ceilometer.volume.notifications:SnapshotSize
    authenticate = ceilometer.identity.notifications:Authenticate
    user = ceilometer.identity.notifications:User
    group = ceilometer.identity.notifications:Group
    role = ceilometer.identity.notifications:Role