Merge "Add create/delete for keystone roles"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
9b5b05a718
@ -4744,3 +4744,45 @@ class OperatorCloud(OpenStackCloud):
|
||||
:raises: OpenStackCloudException on operation error.
|
||||
"""
|
||||
self._mod_flavor_access('remove', flavor_id, project_id)
|
||||
|
||||
def create_role(self, name):
|
||||
"""Create a Keystone role.
|
||||
|
||||
:param string name: The name of the role.
|
||||
|
||||
:returns: a dict containing the role description
|
||||
|
||||
:raise OpenStackCloudException: if the role cannot be created
|
||||
"""
|
||||
try:
|
||||
role = self.manager.submitTask(
|
||||
_tasks.RoleCreate(name=name)
|
||||
)
|
||||
except Exception as e:
|
||||
raise OpenStackCloudException(str(e))
|
||||
return meta.obj_to_dict(role)
|
||||
|
||||
def delete_role(self, name_or_id):
|
||||
"""Delete a Keystone role.
|
||||
|
||||
:param string id: Name or id of the role to delete.
|
||||
|
||||
:returns: True if delete succeeded, False otherwise.
|
||||
|
||||
:raises: ``OpenStackCloudException`` if something goes wrong during
|
||||
the openstack API call.
|
||||
"""
|
||||
role = self.get_role(name_or_id)
|
||||
if role is None:
|
||||
self.log.debug(
|
||||
"Role {0} not found for deleting".format(name_or_id))
|
||||
return False
|
||||
|
||||
try:
|
||||
self.manager.submitTask(_tasks.RoleDelete(role=role['id']))
|
||||
except Exception as e:
|
||||
raise OpenStackCloudException(
|
||||
"Unable to delete role {0}: {1}".format(name_or_id, e)
|
||||
)
|
||||
|
||||
return True
|
||||
|
||||
@ -589,3 +589,13 @@ class RecordGet(task_manager.Task):
|
||||
class RoleList(task_manager.Task):
|
||||
def main(self, client):
|
||||
return client.keystone_client.roles.list()
|
||||
|
||||
|
||||
class RoleCreate(task_manager.Task):
|
||||
def main(self, client):
|
||||
return client.keystone_client.roles.create(**self.args)
|
||||
|
||||
|
||||
class RoleDelete(task_manager.Task):
|
||||
def main(self, client):
|
||||
return client.keystone_client.roles.delete(**self.args)
|
||||
|
||||
@ -19,7 +19,11 @@ test_identity
|
||||
Functional tests for `shade` identity methods.
|
||||
"""
|
||||
|
||||
import random
|
||||
import string
|
||||
|
||||
from shade import operator_cloud
|
||||
from shade import OpenStackCloudException
|
||||
from shade.tests import base
|
||||
|
||||
|
||||
@ -27,6 +31,22 @@ class TestIdentity(base.TestCase):
|
||||
def setUp(self):
|
||||
super(TestIdentity, self).setUp()
|
||||
self.cloud = operator_cloud(cloud='devstack-admin')
|
||||
self.role_prefix = 'test_role' + ''.join(
|
||||
random.choice(string.ascii_lowercase) for _ in range(5))
|
||||
self.addCleanup(self._cleanup_roles)
|
||||
|
||||
def _cleanup_roles(self):
|
||||
exception_list = list()
|
||||
for role in self.cloud.list_roles():
|
||||
if role['name'].startswith(self.role_prefix):
|
||||
try:
|
||||
self.cloud.delete_role(role['name'])
|
||||
except Exception as e:
|
||||
exception_list.append(str(e))
|
||||
continue
|
||||
|
||||
if exception_list:
|
||||
raise OpenStackCloudException('\n'.join(exception_list))
|
||||
|
||||
def test_list_roles(self):
|
||||
roles = self.cloud.list_roles()
|
||||
@ -45,3 +65,17 @@ class TestIdentity(base.TestCase):
|
||||
self.assertIsNotNone(roles)
|
||||
self.assertEqual(1, len(roles))
|
||||
self.assertEqual('admin', roles[0]['name'])
|
||||
|
||||
def test_create_role(self):
|
||||
role_name = self.role_prefix + '_create_role'
|
||||
role = self.cloud.create_role(role_name)
|
||||
self.assertIsNotNone(role)
|
||||
self.assertIn('id', role)
|
||||
self.assertIn('name', role)
|
||||
self.assertEqual(role_name, role['name'])
|
||||
|
||||
def test_delete_role(self):
|
||||
role_name = self.role_prefix + '_delete_role'
|
||||
role = self.cloud.create_role(role_name)
|
||||
self.assertIsNotNone(role)
|
||||
self.assertTrue(self.cloud.delete_role(role_name))
|
||||
|
||||
@ -14,6 +14,7 @@
|
||||
import mock
|
||||
|
||||
import shade
|
||||
from shade import meta
|
||||
from shade.tests.unit import base
|
||||
from shade.tests import fakes
|
||||
|
||||
@ -40,3 +41,25 @@ class TestIdentityRoles(base.TestCase):
|
||||
self.assertIsNotNone(role)
|
||||
self.assertEqual('1234', role['id'])
|
||||
self.assertEqual('fake_role', role['name'])
|
||||
|
||||
@mock.patch.object(shade.OpenStackCloud, 'keystone_client')
|
||||
def test_create_role(self, mock_keystone):
|
||||
role_name = 'tootsie_roll'
|
||||
role_obj = fakes.FakeRole(id='1234', name=role_name)
|
||||
mock_keystone.roles.create.return_value = role_obj
|
||||
|
||||
role = self.cloud.create_role(role_name)
|
||||
|
||||
mock_keystone.roles.create.assert_called_once_with(
|
||||
name=role_name
|
||||
)
|
||||
self.assertIsNotNone(role)
|
||||
self.assertEqual(role_name, role['name'])
|
||||
|
||||
@mock.patch.object(shade.OperatorCloud, 'get_role')
|
||||
@mock.patch.object(shade.OpenStackCloud, 'keystone_client')
|
||||
def test_delete_role(self, mock_keystone, mock_get):
|
||||
role_obj = fakes.FakeRole(id='1234', name='aaa')
|
||||
mock_get.return_value = meta.obj_to_dict(role_obj)
|
||||
self.assertTrue(self.cloud.delete_role('1234'))
|
||||
self.assertTrue(mock_keystone.roles.delete.called)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user