kotovalexarian-likes-github
/
fog--fog
mirror of https://github.com/fog/fog.git
1
0
Fork 0
Code Releases Activity

Fixes #3084: Implement OpenStack Identity V3 API 

Fog::Identity::OpenStack.new() will return either a V2 API object or a V3 API object depending on the auth URL
Fog::OpenStack::Core.authenticate switches on the auth URL to call the V2 or V3 authentication API
This commit is contained in:
Darren Hague 2015-04-29 12:27:16 +01:00
parent 2ed8c48cec
commit 803dedb297
220 changed files with 17373 additions and 1595 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Rakefile
View File

@ -78,6 +78,9 @@ namespace :test do
task :openstack do
sh("export FOG_MOCK=#{mock} && bundle exec shindont tests/openstack")
end
task :openstack_idv3 do
sh("export FOG_MOCK=#{mock} && bundle exec rspec spec/fog/openstack/identity_v3_spec.rb")
end
task :cloudstack do
sh("export FOG_MOCK=#{mock} && bundle exec shindont tests/cloudstack")
end

3
fog.gemspec
View File

@ -84,6 +84,9 @@ Gem::Specification.new do |s|
s.add_development_dependency("simplecov")
s.add_development_dependency("thor")
s.add_development_dependency("yard")
s.add_development_dependency("rspec-core")
s.add_development_dependency("vcr")
s.add_development_dependency("webmock")
s.files = `git ls-files`.split("\n")
s.test_files = `git ls-files -- {spec,tests}/*`.split("\n")

2
lib/fog/openstack.rb
View File

@ -1,5 +1,5 @@
require 'fog/openstack/compute'
require 'fog/openstack/identity'
require 'fog/openstack/identity_v2'
require 'fog/openstack/image'
require 'fog/openstack/metering'
require 'fog/openstack/network'

2
lib/fog/openstack/baremetal.rb
View File

@ -337,7 +337,7 @@ module Fog
:openstack_endpoint_type => @openstack_endpoint_type
}
credentials = Fog::OpenStack.authenticate_v2(options, @connection_options)
credentials = Fog::OpenStack.authenticate(options, @connection_options)
@current_user = credentials[:user]
@current_tenant = credentials[:tenant]

8
lib/fog/openstack/compute.rb
View File

@ -414,13 +414,7 @@ module Fog
:openstack_endpoint_type => @openstack_endpoint_type
}
if @openstack_auth_uri.path =~ /\/v2.0/
credentials = Fog::OpenStack.authenticate_v2(options, @connection_options)
elsif @openstack_auth_uri.path =~ /\/v3/
credentials = Fog::OpenStack.authenticate_v3(options, @connection_options)
else
credentials = Fog::OpenStack.authenticate_v1(options, @connection_options)
end
credentials = Fog::OpenStack.authenticate(options, @connection_options)
@current_user = credentials[:user]
@current_tenant = credentials[:tenant]

49
lib/fog/openstack/core.rb
View File

@ -177,10 +177,11 @@ module Fog
def self.authenticate_v3(options, connection_options = {})
uri = options[:openstack_auth_uri]
tenant_name = options[:openstack_tenant]
project_name = options[:openstack_project_name]
service_type = options[:openstack_service_type]
service_name = options[:openstack_service_name]
identity_service_type = options[:openstack_identity_service_type]
endpoint_type = (options[:openstack_endpoint_type] || 'public').to_s
endpoint_type = map_endpoint_type(options[:openstack_endpoint_type] || 'publicURL')
openstack_region = options[:openstack_region]
body, token_headers = retrieve_tokens_v3(options, connection_options)
@ -190,6 +191,29 @@ module Fog
options[:unscoped_token] = token_headers['X-Subject-Token']
unless service
unless project_name
request_body = {
:expects => [200],
:headers => {'Content-Type' => 'application/json',
'Accept' => 'application/json',
'X-Auth-Token' => token_headers['X-Subject-Token']},
:method => 'GET'
}
user_id = body['token']['user']['id']
response = Fog::Core::Connection.new(
"#{uri.scheme}://#{uri.host}:#{uri.port}/v3/users/#{user_id}/projects", false, connection_options).request(request_body)
projects_body = Fog::JSON.decode(response.body)
if projects_body['projects'].empty?
raise Fog::Errors::NotFound.new('No Project Found')
else
options[:openstack_project_name] = projects_body['projects'].first['name']
options[:openstack_domain_name] = body['token']['user']['domain']['name']
end
end
tenant_name = options[:openstack_project_name]
unless tenant_name
response = Fog::Core::Connection.new(
"#{uri.scheme}://#{uri.host}:#{uri.port}/v3/projects", false, connection_options).request({
@ -211,8 +235,6 @@ module Fog
service = get_service(body, service_type, service_name)
end
endpoint_type = 'public'
service['endpoints'] = service['endpoints'].select do |endpoint|
endpoint['region'] == openstack_region && endpoint['interface'] == endpoint_type
end if openstack_region
@ -238,13 +260,14 @@ module Fog
admin = true if r["name"] == "admin"
end
if service['endpoints'].count > 1 and not admin
regions = service["endpoints"].map{ |e| e['region'] }.uniq.join(',')
raise Fog::Errors::NotFound.new("Multiple regions available choose one of these '#{regions}'")
regions = service["endpoints"].map{ |e| e['region'] }.uniq
if regions.count > 1 and not admin
raise Fog::Errors::NotFound.new("Multiple regions available choose one of these '#{regions.join(',')}'")
end
identity_service = get_service(body, identity_service_type) if identity_service_type
tenant = body['token']['project']['name']
tenant = body['token']['project']['name'] if body['token']['project']
tenant = body['token']['user']['project']['name'] unless body['token']['project']
user = body['token']['user']['name']
management_url = service['endpoints'].find{|s| s["interface"][endpoint_type]}["url"]
@ -411,5 +434,17 @@ module Fog
'%' + $1.unpack('H2' * $1.bytesize).join('%').upcase
end
end
def self.map_endpoint_type type
case type
when "publicURL"
"public"
when "internalURL"
"internal"
when "adminURL"
"admin"
end
end
end
end

283
lib/fog/openstack/identity.rb
View File

@ -3,269 +3,41 @@ require 'fog/openstack/core'
module Fog
module Identity
class OpenStack < Fog::Service
requires :openstack_auth_url
recognizes :openstack_auth_token, :openstack_management_url, :persistent,
:openstack_service_type, :openstack_service_name, :openstack_tenant,
:openstack_api_key, :openstack_username, :openstack_current_user_id,
:current_user, :current_tenant,
:openstack_endpoint_type, :openstack_region
model_path 'fog/openstack/models/identity'
model :tenant
collection :tenants
model :user
collection :users
model :role
collection :roles
model :ec2_credential
collection :ec2_credentials
request_path 'fog/openstack/requests/identity'
request :check_token
request :validate_token
request :list_tenants
request :create_tenant
request :get_tenant
request :get_tenants_by_id
request :get_tenants_by_name
request :update_tenant
request :delete_tenant
request :list_users
request :create_user
request :update_user
request :delete_user
request :get_user_by_id
request :get_user_by_name
request :add_user_to_tenant
request :remove_user_from_tenant
request :list_endpoints_for_token
request :list_roles_for_user_on_tenant
request :list_user_global_roles
request :create_role
request :delete_role
request :delete_user_role
request :create_user_role
request :get_role
request :list_roles
request :set_tenant
request :create_ec2_credential
request :delete_ec2_credential
request :get_ec2_credential
request :list_ec2_credentials
class Mock
attr_reader :auth_token
attr_reader :auth_token_expiration
attr_reader :current_user
attr_reader :current_tenant
attr_reader :unscoped_token
def self.data
@users ||= {}
@roles ||= {}
@tenants ||= {}
@ec2_credentials ||= Hash.new { |hash, key| hash[key] = {} }
@user_tenant_membership ||= {}
@data ||= Hash.new do |hash, key|
hash[key] = {
:users => @users,
:roles => @roles,
:tenants => @tenants,
:ec2_credentials => @ec2_credentials,
:user_tenant_membership => @user_tenant_membership
}
end
end
def self.reset!
@data = nil
@users = nil
@roles = nil
@tenants = nil
@ec2_credentials = nil
end
def initialize(options={})
@openstack_username = options[:openstack_username] || 'admin'
@openstack_tenant = options[:openstack_tenant] || 'admin'
@openstack_auth_uri = URI.parse(options[:openstack_auth_url])
@openstack_management_url = @openstack_auth_uri.to_s
@auth_token = Fog::Mock.random_base64(64)
@auth_token_expiration = (Time.now.utc + 86400).iso8601
@admin_tenant = self.data[:tenants].values.find do |u|
u['name'] == 'admin'
end
if @openstack_tenant
@current_tenant = self.data[:tenants].values.find do |u|
u['name'] == @openstack_tenant
# Fog::Identity::OpenStack.new() will return a Fog::Identity::OpenStack::V2 or a Fog::Identity::OpenStack::V3,
# depending on whether the auth URL is for an OpenStack Identity V2 or V3 API endpoint
def self.new(args = {})
if self.inspect == 'Fog::Identity::OpenStack'
if args[:openstack_auth_url]
@openstack_auth_uri = URI.parse(args[:openstack_auth_url])
if @openstack_auth_uri.path =~ /\/v3/
service = Fog::Identity::OpenStack::V3.new(args)
end
unless @current_tenant
@current_tenant_id = Fog::Mock.random_hex(32)
@current_tenant = self.data[:tenants][@current_tenant_id] = {
'id' => @current_tenant_id,
'name' => @openstack_tenant
}
else
@current_tenant_id = @current_tenant['id']
end
else
@current_tenant = @admin_tenant
end
@current_user = self.data[:users].values.find do |u|
u['name'] == @openstack_username
end
@current_tenant_id = Fog::Mock.random_hex(32)
unless @current_user
@current_user_id = Fog::Mock.random_hex(32)
@current_user = self.data[:users][@current_user_id] = {
'id' => @current_user_id,
'name' => @openstack_username,
'email' => "#{@openstack_username}@mock.com",
'tenantId' => Fog::Mock.random_numbers(6).to_s,
'enabled' => true
}
else
@current_user_id = @current_user['id']
end
service ||= Fog::Identity::OpenStack::V2.new(args)
else
service = Fog::Service.new(args)
end
def data
self.class.data[@openstack_username]
end
def reset_data
self.class.data.delete(@openstack_username)
end
def credentials
{ :provider => 'openstack',
:openstack_auth_url => @openstack_auth_uri.to_s,
:openstack_auth_token => @auth_token,
:openstack_management_url => @openstack_management_url,
:openstack_current_user_id => @openstack_current_user_id,
:current_user => @current_user,
:current_tenant => @current_tenant}
end
service
end
class Real
attr_reader :current_user
attr_reader :current_tenant
attr_reader :unscoped_token
def initialize(options={})
@openstack_auth_token = options[:openstack_auth_token]
unless @openstack_auth_token
missing_credentials = Array.new
@openstack_api_key = options[:openstack_api_key]
@openstack_username = options[:openstack_username]
@openstack_region = options[:openstack_region]
missing_credentials << :openstack_api_key unless @openstack_api_key
missing_credentials << :openstack_username unless @openstack_username
raise ArgumentError, "Missing required arguments: #{missing_credentials.join(', ')}" unless missing_credentials.empty?
end
@openstack_tenant = options[:openstack_tenant]
@openstack_auth_uri = URI.parse(options[:openstack_auth_url])
@openstack_management_url = options[:openstack_management_url]
@openstack_must_reauthenticate = false
@openstack_service_type = options[:openstack_service_type] || ['identity']
@openstack_service_name = options[:openstack_service_name]
@connection_options = options[:connection_options] || {}
@openstack_current_user_id = options[:openstack_current_user_id]
@openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL'
@current_user = options[:current_user]
@current_tenant = options[:current_tenant]
authenticate
@persistent = options[:persistent] || false
@connection = Fog::Core::Connection.new("#{@scheme}://#{@host}:#{@port}", @persistent, @connection_options)
end
def credentials
{ :provider => 'openstack',
:openstack_auth_url => @openstack_auth_uri.to_s,
:openstack_auth_token => @auth_token,
:openstack_management_url => @openstack_management_url,
:openstack_current_user_id => @openstack_current_user_id,
:current_user => @current_user,
:current_tenant => @current_tenant }
end
def reload
@connection.reset
end
def request(params)
retried = false
begin
response = @connection.request(params.merge({
:headers => {
'Content-Type' => 'application/json',
'Accept' => 'application/json',
'X-Auth-Token' => @auth_token
}.merge!(params[:headers] || {}),
:path => "#{@path}/#{params[:path]}"#,
}))
rescue Excon::Errors::Unauthorized => error
raise if retried
retried = true
@openstack_must_reauthenticate = true
authenticate
retry
rescue Excon::Errors::HTTPStatusError => error
raise case error
when Excon::Errors::NotFound
Fog::Identity::OpenStack::NotFound.slurp(error)
else
error
end
end
unless response.body.empty?
response.body = Fog::JSON.decode(response.body)
end
response
end
private
module Common
def authenticate
if !@openstack_management_url || @openstack_must_reauthenticate
options = {
:openstack_api_key => @openstack_api_key,
:openstack_username => @openstack_username,
:openstack_auth_token => @openstack_must_reauthenticate ? nil : @openstack_auth_token,
:openstack_auth_uri => @openstack_auth_uri,
:openstack_tenant => @openstack_tenant,
:openstack_service_type => @openstack_service_type,
:openstack_service_name => @openstack_service_name,
:openstack_endpoint_type => @openstack_endpoint_type,
:openstack_region => @openstack_region
:openstack_api_key => @openstack_api_key,
:openstack_username => @openstack_username,
:openstack_auth_token => @openstack_must_reauthenticate ? nil : @openstack_auth_token,
:openstack_auth_uri => @openstack_auth_uri,
:openstack_tenant => @openstack_tenant,
:openstack_service_type => @openstack_service_type,
:openstack_service_name => @openstack_service_name,
:openstack_endpoint_type => @openstack_endpoint_type,
:openstack_region => @openstack_region
}
credentials = Fog::OpenStack.authenticate_v2(options, @connection_options)
credentials = Fog::OpenStack.authenticate(options, @connection_options)
@current_user = credentials[:user]
@current_tenant = credentials[:tenant]
@ -281,14 +53,17 @@ module Fog
uri = URI.parse(@openstack_management_url)
end
@host = uri.host
@path = uri.path
@host = uri.host
@path = uri.path
@path.sub!(/\/$/, '')
@port = uri.port
@port = uri.port
@scheme = uri.scheme
true
end
end
end
end
end

264
lib/fog/openstack/identity_v2.rb Normal file
View File

@ -0,0 +1,264 @@
require 'fog/openstack/core'
require 'fog/openstack/identity'
module Fog
module Identity
class OpenStack
class V2 < Fog::Service
requires :openstack_auth_url
recognizes :openstack_auth_token, :openstack_management_url, :persistent,
:openstack_service_type, :openstack_service_name, :openstack_tenant,
:openstack_api_key, :openstack_username, :openstack_current_user_id,
:current_user, :current_tenant,
:openstack_endpoint_type, :openstack_region
model_path 'fog/openstack/models/identity_v2'
model :tenant
collection :tenants
model :user
collection :users
model :role
collection :roles
model :ec2_credential
collection :ec2_credentials
request_path 'fog/openstack/requests/identity_v2'
request :check_token
request :validate_token
request :list_tenants
request :create_tenant
request :get_tenant
request :get_tenants_by_id
request :get_tenants_by_name
request :update_tenant
request :delete_tenant
request :list_users
request :create_user
request :update_user
request :delete_user
request :get_user_by_id
request :get_user_by_name
request :add_user_to_tenant
request :remove_user_from_tenant
request :list_endpoints_for_token
request :list_roles_for_user_on_tenant
request :list_user_global_roles
request :create_role
request :delete_role
request :delete_user_role
request :create_user_role
request :get_role
request :list_roles
request :set_tenant
request :create_ec2_credential
request :delete_ec2_credential
request :get_ec2_credential
request :list_ec2_credentials
class Mock
attr_reader :auth_token
attr_reader :auth_token_expiration
attr_reader :current_user
attr_reader :current_tenant
attr_reader :unscoped_token
def self.data
@users ||= {}
@roles ||= {}
@tenants ||= {}
@ec2_credentials ||= Hash.new { |hash, key| hash[key] = {} }
@user_tenant_membership ||= {}
@data ||= Hash.new do |hash, key|
hash[key] = {
:users => @users,
:roles => @roles,
:tenants => @tenants,
:ec2_credentials => @ec2_credentials,
:user_tenant_membership => @user_tenant_membership
}
end
end
def self.reset!
@data = nil
@users = nil
@roles = nil
@tenants = nil
@ec2_credentials = nil
end
def initialize(options={})
@openstack_username = options[:openstack_username] || 'admin'
@openstack_tenant = options[:openstack_tenant] || 'admin'
@openstack_auth_uri = URI.parse(options[:openstack_auth_url])
@openstack_management_url = @openstack_auth_uri.to_s
@auth_token = Fog::Mock.random_base64(64)
@auth_token_expiration = (Time.now.utc + 86400).iso8601
@admin_tenant = self.data[:tenants].values.find do |u|
u['name'] == 'admin'
end
if @openstack_tenant
@current_tenant = self.data[:tenants].values.find do |u|
u['name'] == @openstack_tenant
end
unless @current_tenant
@current_tenant_id = Fog::Mock.random_hex(32)
@current_tenant = self.data[:tenants][@current_tenant_id] = {
'id' => @current_tenant_id,
'name' => @openstack_tenant
}
else
@current_tenant_id = @current_tenant['id']
end
else
@current_tenant = @admin_tenant
end
@current_user = self.data[:users].values.find do |u|
u['name'] == @openstack_username
end
@current_tenant_id = Fog::Mock.random_hex(32)
unless @current_user
@current_user_id = Fog::Mock.random_hex(32)
@current_user = self.data[:users][@current_user_id] = {
'id' => @current_user_id,
'name' => @openstack_username,
'email' => "#{@openstack_username}@mock.com",
'tenantId' => Fog::Mock.random_numbers(6).to_s,
'enabled' => true
}
else
@current_user_id = @current_user['id']
end
end
def data
self.class.data[@openstack_username]
end
def reset_data
self.class.data.delete(@openstack_username)
end
def credentials
{:provider => 'openstack',
:openstack_auth_url => @openstack_auth_uri.to_s,
:openstack_auth_token => @auth_token,
:openstack_management_url => @openstack_management_url,
:openstack_current_user_id => @openstack_current_user_id,
:current_user => @current_user,
:current_tenant => @current_tenant}
end
end
class Real
attr_reader :current_user
attr_reader :current_tenant
attr_reader :unscoped_token
include Fog::Identity::OpenStack::Common
def initialize(options={})
@openstack_auth_token = options[:openstack_auth_token]
unless @openstack_auth_token
missing_credentials = Array.new
@openstack_api_key = options[:openstack_api_key]
@openstack_username = options[:openstack_username]
@openstack_region = options[:openstack_region]
missing_credentials << :openstack_api_key unless @openstack_api_key
missing_credentials << :openstack_username unless @openstack_username
raise ArgumentError, "Missing required arguments: #{missing_credentials.join(', ')}" unless missing_credentials.empty?
end
@openstack_tenant = options[:openstack_tenant]
@openstack_auth_uri = URI.parse(options[:openstack_auth_url])
@openstack_management_url = options[:openstack_management_url]
@openstack_must_reauthenticate = false
@openstack_service_type = options[:openstack_service_type] || ['identity']
@openstack_service_name = options[:openstack_service_name]
@connection_options = options[:connection_options] || {}
@openstack_current_user_id = options[:openstack_current_user_id]
@openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL'
@current_user = options[:current_user]
@current_tenant = options[:current_tenant]
authenticate
@persistent = options[:persistent] || false
@connection = Fog::Core::Connection.new("#{@scheme}://#{@host}:#{@port}", @persistent, @connection_options)
end
def credentials
{:provider => 'openstack',
:openstack_auth_url => @openstack_auth_uri.to_s,
:openstack_auth_token => @auth_token,
:openstack_management_url => @openstack_management_url,
:openstack_current_user_id => @openstack_current_user_id,
:current_user => @current_user,
:current_tenant => @current_tenant}
end
def reload
@connection.reset
end
def request(params)
retried = false
begin
response = @connection.request(params.merge({
:headers => {
'Content-Type' => 'application/json',
'Accept' => 'application/json',
'X-Auth-Token' => @auth_token
}.merge!(params[:headers] || {}),
:path => "#{@path}/#{params[:path]}" #,
}))
rescue Excon::Errors::Unauthorized => error
raise if retried
retried = true
@openstack_must_reauthenticate = true
authenticate
retry
rescue Excon::Errors::HTTPStatusError => error
raise case error
when Excon::Errors::NotFound
Fog::Identity::OpenStack::NotFound.slurp(error)
else
error
end
end
unless response.body.empty?
response.body = Fog::JSON.decode(response.body)
end
response
end
private
end
end
end
end
end

249
lib/fog/openstack/identity_v3.rb Normal file
View File

@ -0,0 +1,249 @@
require 'fog/openstack/core'
require 'fog/openstack/identity'
module Fog
module Identity
class OpenStack
class V3 < Fog::Service
requires :openstack_auth_url
recognizes :openstack_auth_token, :openstack_management_url, :persistent,
:openstack_service_type, :openstack_service_name, :openstack_tenant,
:openstack_project_name, :openstack_domain_name, :openstack_userid,
:openstack_api_key, :openstack_username, :openstack_current_user_id,
:current_user, :current_tenant,
:openstack_endpoint_type, :openstack_region, :openstack_domain_id,
:openstack_domain, :openstack_project, :provider
model_path 'fog/openstack/models/identity_v3'
model :domain
collection :domains
model :endpoint
collection :endpoints
model :project
collection :projects
model :service
collection :services
model :token
collection :tokens
model :user
collection :users
model :group
collection :groups
model :role
collection :roles
model :role_assignment
collection :role_assignments
model :os_credential
collection :os_credentials
model :policy
collection :policies
request_path 'fog/openstack/requests/identity_v3'
request :list_users
request :get_user
request :create_user
request :update_user
request :delete_user
request :list_user_groups
request :list_user_projects
request :list_groups
request :get_group
request :create_group
request :update_group
request :delete_group
request :add_user_to_group
request :remove_user_from_group
request :group_user_check
request :list_group_users
request :list_roles
request :list_role_assignments
request :get_role
request :create_role
request :update_role
request :delete_role
request :auth_domains
request :auth_projects
request :list_domains
request :get_domain
request :create_domain
request :update_domain
request :delete_domain
request :list_domain_user_roles
request :grant_domain_user_role
request :check_domain_user_role
request :revoke_domain_user_role
request :list_domain_group_roles
request :grant_domain_group_role
request :check_domain_group_role
request :revoke_domain_group_role
request :list_endpoints
request :get_endpoint
request :create_endpoint
request :update_endpoint
request :delete_endpoint
request :list_projects
request :get_project
request :create_project
request :update_project
request :delete_project
request :list_project_user_roles
request :grant_project_user_role
request :check_project_user_role
request :revoke_project_user_role
request :list_project_group_roles
request :grant_project_group_role
request :check_project_group_role
request :revoke_project_group_role
request :list_services
request :get_service
request :create_service
request :update_service
request :delete_service
request :token_authenticate
request :token_validate
request :token_check
request :token_revoke
request :list_os_credentials
request :get_os_credential
request :create_os_credential
request :update_os_credential
request :delete_os_credential
request :list_policies
request :get_policy
request :create_policy
request :update_policy
request :delete_policy
class Mock
def initialize(options={})
end
end
def self.get_api_version uri, connection_options={}
connection = Fog::Core::Connection.new(uri, false, connection_options)
response = connection.request({
:expects => [200],
:headers => {'Content-Type' => 'application/json',
'Accept' => 'application/json'},
:method => 'GET'
})
body = Fog::JSON.decode(response.body)
version = nil
unless body['version'].empty?
version = body['version']['id']
end
if version.nil?
raise Fog::OpenStack::Errors::ServiceUnavailable.new(
"No version available at #{uri}")
end
version
end
class Real
attr_reader :current_user
attr_reader :current_tenant
attr_reader :unscoped_token
attr_reader :auth_token
include Fog::Identity::OpenStack::Common
def initialize(options={})
@openstack_auth_token = options[:openstack_auth_token]
@openstack_region = options[:openstack_region]
unless @openstack_auth_token
missing_credentials = Array.new
@openstack_api_key = options[:openstack_api_key]
@openstack_username = options[:openstack_username]
@openstack_userid = options[:openstack_userid]
missing_credentials << :openstack_api_key unless @openstack_api_key
unless @openstack_username || @openstack_userid
missing_credentials << 'openstack_username or openstack_userid'
end
raise ArgumentError, "Missing required arguments: #{missing_credentials.join(', ')}" unless missing_credentials.empty?
end
@openstack_tenant = options[:openstack_tenant]
@openstack_auth_uri = URI.parse(options[:openstack_auth_url])
@openstack_management_url = options[:openstack_management_url]
@openstack_must_reauthenticate = false
@openstack_service_type = options[:openstack_service_type] || ['identity_v3','identityv3','identity']
@openstack_service_name = options[:openstack_service_name]
@connection_options = options[:connection_options] || {}
@openstack_current_user_id = options[:openstack_current_user_id]
@openstack_endpoint_type = options[:openstack_endpoint_type] || 'adminURL'
@current_user = options[:current_user]
@current_tenant = options[:current_tenant]
authenticate
@persistent = options[:persistent] || false
@connection = Fog::Core::Connection.new("#{@scheme}://#{@host}:#{@port}", @persistent, @connection_options)
end
def credentials
{:provider => 'openstack',
:openstack_auth_url => @openstack_auth_uri.to_s,
:openstack_auth_token => @auth_token,
:openstack_management_url => @openstack_management_url,
:openstack_current_user_id => @openstack_current_user_id,
:current_user => @current_user,
:current_tenant => @current_tenant}
end
def reload
@connection.reset
end
def request(params)
retried = false
begin
response = @connection.request(params.merge({
:headers => {
'Content-Type' => 'application/json',
'Accept' => 'application/json',
'X-Auth-Token' => @auth_token
}.merge!(params[:headers] || {}),
:path => "#{@path}/#{params[:path]}" #,
}))
rescue Excon::Errors::Unauthorized => error
raise if retried
retried = true
@openstack_must_reauthenticate = true
authenticate
retry
rescue Excon::Errors::HTTPStatusError => error
raise case error
when Excon::Errors::NotFound
Fog::Identity::OpenStack::NotFound.slurp(error)
else
error
end
end
unless response.body.empty?
response.body = Fog::JSON.decode(response.body)
end
response
end
end
end
end
end
end

2
lib/fog/openstack/image.rb
View File

@ -185,7 +185,7 @@ module Fog
:openstack_endpoint_type => @openstack_endpoint_type
}
credentials = Fog::OpenStack.authenticate_v2(options, @connection_options)
credentials = Fog::OpenStack.authenticate(options, @connection_options)
@current_user = credentials[:user]
@current_tenant = credentials[:tenant]

2
lib/fog/openstack/metering.rb
View File

@ -178,7 +178,7 @@ module Fog
:openstack_endpoint_type => @openstack_endpoint_type
}
credentials = Fog::OpenStack.authenticate_v2(options, @connection_options)
credentials = Fog::OpenStack.authenticate(options, @connection_options)
@current_user = credentials[:user]
@current_tenant = credentials[:tenant]

44
lib/fog/openstack/models/identity/ec2_credential.rb
View File

@ -1,44 +0,0 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class Ec2Credential < Fog::Model
identity :access, :aliases => 'access_key'
attribute :secret, :aliases => 'secret_key'
attribute :tenant_id
attribute :user_id
def initialize(attributes)
# Old 'connection' is renamed as service and should be used instead
prepare_service_value(attributes)
super
end
def destroy
requires :access
requires :user_id
service.delete_ec2_credential user_id, access
true
end
def save
raise Fog::Errors::Error, 'Existing credentials cannot be altered' if
access
self.user_id ||= user.id
self.tenant_id ||= user.tenant_id
requires :user_id, :tenant_id
data = service.create_ec2_credential user_id, tenant_id
merge_attributes(data.body['credential'])
true
end
end
end
end
end

53
lib/fog/openstack/models/identity/ec2_credentials.rb
View File

@ -1,53 +0,0 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity/ec2_credential'
module Fog
module Identity
class OpenStack
class Ec2Credentials < Fog::Collection
model Fog::Identity::OpenStack::Ec2Credential
attribute :user
def all
user_id = user ? user.id : nil
ec2_credentials = service.list_ec2_credentials(user_id)
load(ec2_credentials.body['credentials'])
end
def create(attributes = {})
if user then
attributes[:user_id] ||= user.id
attributes[:tenant_id] ||= user.tenant_id
end
super attributes
end
def destroy(access_key)
ec2_credential = self.find_by_access_key(access_key)
ec2_credential.destroy
end
def find_by_access_key(access_key)
user_id = user ? user.id : nil
ec2_credential =
self.find { |ec2_credential| ec2_credential.access == access_key }
unless ec2_credential then
response = service.get_ec2_credential(user_id, access_key)
body = response.body['credential']
body = body.merge 'service' => service
ec2_credential = Fog::Identity::OpenStack::EC2Credential.new(body)
end
ec2_credential
end
end
end
end
end

50
lib/fog/openstack/models/identity/role.rb
View File

@ -1,50 +0,0 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class Role < Fog::Model
identity :id
attribute :name
def save
requires :name
data = service.create_role(name)
merge_attributes(data.body['role'])
true
end
def destroy
requires :id
service.delete_role(id)
true
end
def add_to_user(user, tenant)
add_remove_to_user(user, tenant, :add)
end
def remove_to_user(user, tenant)
add_remove_to_user(user, tenant, :remove)
end
private
def add_remove_to_user(user, tenant, ops)
requires :id
user_id = get_id(user)
tenant_id = get_id(tenant)
case ops
when :add
service.create_user_role(tenant_id, user_id, id).status == 200
when :remove
service.delete_user_role(tenant_id, user_id, id).status == 204
end
end
def get_id(_)
_.is_a?(String) ? _ : _.id
end
end # class Role
end # class OpenStack
end # module Identity
end # module Fog

20
lib/fog/openstack/models/identity/roles.rb
View File

@ -1,20 +0,0 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity/role'
module Fog
module Identity
class OpenStack
class Roles < Fog::Collection
model Fog::Identity::OpenStack::Role
def all
load(service.list_roles.body['roles'])
end
def get(id)
service.get_role(id)
end
end
end # class OpenStack
end # module Compute
end # module Fog

62
lib/fog/openstack/models/identity/tenant.rb
View File

@ -1,62 +0,0 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class Tenant < Fog::Model
identity :id
attribute :description
attribute :enabled
attribute :name
def to_s
self.name
end
def roles_for(user)
service.roles(
:tenant => self,
:user => user)
end
def users
requires :id
service.users(:tenant_id => self.id)
end
def destroy
requires :id
service.delete_tenant(self.id)
true
end
def update(attr = nil)
requires :id
merge_attributes(
service.update_tenant(self.id, attr || attributes).body['tenant'])
self
end
def save
requires :name
identity ? update : create
end
def create
merge_attributes(
service.create_tenant(attributes).body['tenant'])
self
end
def grant_user_role(user_id, role_id)
service.add_user_to_tenant(self.id, user_id, role_id)
end
def revoke_user_role(user_id, role_id)
service.remove_user_from_tenant(self.id, user_id, role_id)
end
end # class Tenant
end # class OpenStack
end # module Identity
end # module Fog

29
lib/fog/openstack/models/identity/tenants.rb
View File

@ -1,29 +0,0 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity/tenant'
module Fog
module Identity
class OpenStack
class Tenants < Fog::Collection
model Fog::Identity::OpenStack::Tenant
def all
load(service.list_tenants.body['tenants'])
end
def find_by_id(id)
cached_tenant = self.find {|tenant| tenant.id == id}
return cached_tenant if cached_tenant
tenant_hash = service.get_tenant(id).body['tenant']
Fog::Identity::OpenStack::Tenant.new(
tenant_hash.merge(:service => service))
end
def destroy(id)
tenant = self.find_by_id(id)
tenant.destroy
end
end # class Tenants
end # class OpenStack
end # module Compute
end # module Fog

69
lib/fog/openstack/models/identity/user.rb
View File

@ -1,69 +0,0 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class User < Fog::Model
identity :id
attribute :email
attribute :enabled
attribute :name
attribute :tenant_id, :aliases => 'tenantId'
attribute :password
attr_accessor :email, :name, :tenant_id, :enabled, :password
def initialize(attributes)
# Old 'connection' is renamed as service and should be used instead
prepare_service_value(attributes)
super
end
def ec2_credentials
requires :id
service.ec2_credentials(:user => self)
end
def save
raise Fog::Errors::Error.new('Resaving an existing object may create a duplicate') if persisted?
requires :name, :tenant_id, :password
enabled = true if enabled.nil?
data = service.create_user(name, password, email, tenant_id, enabled)
merge_attributes(data.body['user'])
true
end
def update(options = {})
requires :id
options.merge('id' => id)
response = service.update_user(id, options)
true
end
def update_password(password)
update({'password' => password, 'url' => "/users/#{id}/OS-KSADM/password"})
end
def update_tenant(tenant)
tenant = tenant.id if tenant.class != String
update({:tenantId => tenant, 'url' => "/users/#{id}/OS-KSADM/tenant"})
end
def update_enabled(enabled)
update({:enabled => enabled, 'url' => "/users/#{id}/OS-KSADM/enabled"})
end
def destroy
requires :id
service.delete_user(id)
true
end
def roles(tenant_id = self.tenant_id)
service.list_roles_for_user_on_tenant(tenant_id, self.id).body['roles']
end
end # class User
end # class OpenStack
end # module Identity
end # module Fog

41
lib/fog/openstack/models/identity/users.rb
View File

@ -1,41 +0,0 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity/user'
module Fog
module Identity
class OpenStack
class Users < Fog::Collection
model Fog::Identity::OpenStack::User
attribute :tenant_id
def all
load(service.list_users(tenant_id).body['users'])
end
def find_by_id(id)
self.find {|user| user.id == id} ||
Fog::Identity::OpenStack::User.new(
service.get_user_by_id(id).body['user'].merge(
'service' => service
)
)
end
def find_by_name(name)
self.find {|user| user.name == name} ||
Fog::Identity::OpenStack::User.new(
service.get_user_by_name(name).body['user'].merge(
'service' => service
)
)
end
def destroy(id)
user = self.find_by_id(id)
user.destroy
end
end # class Users
end # class OpenStack
end # module Identity
end # module Fog

45
lib/fog/openstack/models/identity_v2/ec2_credential.rb Normal file
View File

@ -0,0 +1,45 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V2
class Ec2Credential < Fog::Model
identity :access, :aliases => 'access_key'
attribute :secret, :aliases => 'secret_key'
attribute :tenant_id
attribute :user_id
def initialize(attributes)
# Old 'connection' is renamed as service and should be used instead
prepare_service_value(attributes)
super
end
def destroy
requires :access
requires :user_id
service.delete_ec2_credential user_id, access
true
end
def save
raise Fog::Errors::Error, 'Existing credentials cannot be altered' if access
self.user_id ||= user.id
self.tenant_id ||= user.tenant_id
requires :user_id, :tenant_id
data = service.create_ec2_credential user_id, tenant_id
merge_attributes(data.body['credential'])
true
end
end
end
end
end
end

55
lib/fog/openstack/models/identity_v2/ec2_credentials.rb Normal file
View File

@ -0,0 +1,55 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v2/ec2_credential'
module Fog
module Identity
class OpenStack
class V2
class Ec2Credentials < Fog::Collection
model Fog::Identity::OpenStack::V2::Ec2Credential
attribute :user
def all
user_id = user ? user.id : nil
ec2_credentials = service.list_ec2_credentials(user_id)
load(ec2_credentials.body['credentials'])
end
def create(attributes = {})
if user then
attributes[:user_id] ||= user.id
attributes[:tenant_id] ||= user.tenant_id
end
super attributes
end
def destroy(access_key)
ec2_credential = self.find_by_access_key(access_key)
ec2_credential.destroy
end
def find_by_access_key(access_key)
user_id = user ? user.id : nil
ec2_credential =
self.find { |ec2_credential| ec2_credential.access == access_key }
unless ec2_credential then
response = service.get_ec2_credential(user_id, access_key)
body = response.body['credential']
body = body.merge 'service' => service
ec2_credential = Fog::Identity::OpenStack::V2::EC2Credential.new(body)
end
ec2_credential
end
end
end
end
end
end

52
lib/fog/openstack/models/identity_v2/role.rb Normal file
View File

@ -0,0 +1,52 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V2
class Role < Fog::Model
identity :id
attribute :name
def save
requires :name
data = service.create_role(name)
merge_attributes(data.body['role'])
true
end
def destroy
requires :id
service.delete_role(id)
true
end
def add_to_user(user, tenant)
add_remove_to_user(user, tenant, :add)
end
def remove_to_user(user, tenant)
add_remove_to_user(user, tenant, :remove)
end
private
def add_remove_to_user(user, tenant, ops)
requires :id
user_id = get_id(user)
tenant_id = get_id(tenant)
case ops
when :add
service.create_user_role(tenant_id, user_id, id).status == 200
when :remove
service.delete_user_role(tenant_id, user_id, id).status == 204
end
end
def get_id(_)
_.is_a?(String) ? _ : _.id
end
end # class Role
end # class V2
end # class OpenStack
end # module Identity
end # module Fog

22
lib/fog/openstack/models/identity_v2/roles.rb Normal file
View File

@ -0,0 +1,22 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v2/role'
module Fog
module Identity
class OpenStack
class V2
class Roles < Fog::Collection
model Fog::Identity::OpenStack::V2::Role
def all
load(service.list_roles.body['roles'])
end
def get(id)
service.get_role(id)
end
end
end # class V2
end # class OpenStack
end # module Identity
end # module Fog

64
lib/fog/openstack/models/identity_v2/tenant.rb Normal file
View File

@ -0,0 +1,64 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V2
class Tenant < Fog::Model
identity :id
attribute :description
attribute :enabled
attribute :name
def to_s
self.name
end
def roles_for(user)
service.roles(
:tenant => self,
:user => user)
end
def users
requires :id
service.users(:tenant_id => self.id)
end
def destroy
requires :id
service.delete_tenant(self.id)
true
end
def update(attr = nil)
requires :id
merge_attributes(
service.update_tenant(self.id, attr || attributes).body['tenant'])
self
end
def save
requires :name
identity ? update : create
end
def create
merge_attributes(
service.create_tenant(attributes).body['tenant'])
self
end
def grant_user_role(user_id, role_id)
service.add_user_to_tenant(self.id, user_id, role_id)
end
def revoke_user_role(user_id, role_id)
service.remove_user_from_tenant(self.id, user_id, role_id)
end
end # class Tenant
end # class V2
end # class OpenStack
end # module Identity
end # module Fog

31
lib/fog/openstack/models/identity_v2/tenants.rb Normal file
View File

@ -0,0 +1,31 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v2/tenant'
module Fog
module Identity
class OpenStack
class V2
class Tenants < Fog::Collection
model Fog::Identity::OpenStack::V2::Tenant
def all
load(service.list_tenants.body['tenants'])
end
def find_by_id(id)
cached_tenant = self.find { |tenant| tenant.id == id }
return cached_tenant if cached_tenant
tenant_hash = service.get_tenant(id).body['tenant']
Fog::Identity::OpenStack::V2::Tenant.new(
tenant_hash.merge(:service => service))
end
def destroy(id)
tenant = self.find_by_id(id)
tenant.destroy
end
end # class Tenants
end # class V2
end # class OpenStack
end # module Compute
end # module Fog

71
lib/fog/openstack/models/identity_v2/user.rb Normal file
View File

@ -0,0 +1,71 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V2
class User < Fog::Model
identity :id
attribute :email
attribute :enabled
attribute :name
attribute :tenant_id, :aliases => 'tenantId'
attribute :password
attr_accessor :email, :name, :tenant_id, :enabled, :password
def initialize(attributes)
# Old 'connection' is renamed as service and should be used instead
prepare_service_value(attributes)
super
end
def ec2_credentials
requires :id
service.ec2_credentials(:user => self)
end
def save
raise Fog::Errors::Error.new('Resaving an existing object may create a duplicate') if persisted?
requires :name, :tenant_id, :password
enabled = true if enabled.nil?
data = service.create_user(name, password, email, tenant_id, enabled)
merge_attributes(data.body['user'])
true
end
def update(options = {})
requires :id
options.merge('id' => id)
response = service.update_user(id, options)
true
end
def update_password(password)
update({'password' => password, 'url' => "/users/#{id}/OS-KSADM/password"})
end
def update_tenant(tenant)
tenant = tenant.id if tenant.class != String
update({:tenantId => tenant, 'url' => "/users/#{id}/OS-KSADM/tenant"})
end
def update_enabled(enabled)
update({:enabled => enabled, 'url' => "/users/#{id}/OS-KSADM/enabled"})
end
def destroy
requires :id
service.delete_user(id)
true
end
def roles(tenant_id = self.tenant_id)
service.list_roles_for_user_on_tenant(tenant_id, self.id).body['roles']
end
end # class User
end # class V2
end # class OpenStack
end # module Identity
end # module Fog

43
lib/fog/openstack/models/identity_v2/users.rb Normal file
View File

@ -0,0 +1,43 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v2/user'
module Fog
module Identity
class OpenStack
class V2
class Users < Fog::Collection
model Fog::Identity::OpenStack::V2::User
attribute :tenant_id
def all
load(service.list_users(tenant_id).body['users'])
end
def find_by_id(id)
self.find { |user| user.id == id } ||
Fog::Identity::OpenStack::V2::User.new(
service.get_user_by_id(id).body['user'].merge(
'service' => service
)
)
end
def find_by_name(name)
self.find { |user| user.name == name } ||
Fog::Identity::OpenStack::V2::User.new(
service.get_user_by_name(name).body['user'].merge(
'service' => service
)
)
end
def destroy(id)
user = self.find_by_id(id)
user.destroy
end
end # class Users
end # class V2
end # class OpenStack
end # module Identity
end # module Fog

47
lib/fog/openstack/models/identity_v3/domain.rb Normal file
View File

@ -0,0 +1,47 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V3
class Domain < Fog::Model
identity :id
attribute :description
attribute :enabled
attribute :name
attribute :links
def to_s
self.name
end
def destroy
requires :id
service.delete_domain(self.id)
true
end
def update(attr = nil)
requires :id
merge_attributes(
service.update_domain(self.id, attr || attributes).body['domain'])
self
end
def save
requires :name
identity ? update : create
end
def create
merge_attributes(
service.create_domain(attributes).body['domain'])
self
end
end
end
end
end
end

36
lib/fog/openstack/models/identity_v3/domains.rb Normal file
View File

@ -0,0 +1,36 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v3/domain'
module Fog
module Identity
class OpenStack
class V3
class Domains < Fog::Collection
model Fog::Identity::OpenStack::V3::Domain
def all params={}
load(service.list_domains(params).body['domains'])
end
def auth_domains params={}
load(service.auth_domains(params).body['domains'])
end
def find_by_id(id)
cached_domain = self.find { |domain| domain.id == id }
return cached_domain if cached_domain
domain_hash = service.get_domain(id).body['domain']
Fog::Identity::OpenStack::V3::Domain.new(
domain_hash.merge(:service => service))
end
def destroy(id)
domain = self.find_by_id(id)
domain.destroy
end
end
end
end
end
end

50
lib/fog/openstack/models/identity_v3/endpoint.rb Normal file
View File

@ -0,0 +1,50 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V3
class Endpoint < Fog::Model
identity :id
attribute :description
attribute :interface
attribute :service_id
attribute :name
attribute :region
attribute :url
attribute :links
def to_s
self.name
end
def destroy
requires :id
service.delete_endpoint(self.id)
true
end
def update(attr = nil)
requires :id
merge_attributes(
service.update_endpoint(self.id, attr || attributes).body['endpoint'])
self
end
def save
requires :name
identity ? update : create
end
def create
merge_attributes(
service.create_endpoint(attributes).body['endpoint'])
self
end
end
end
end
end
end

27
lib/fog/openstack/models/identity_v3/endpoints.rb Normal file
View File

@ -0,0 +1,27 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v3/service'
module Fog
module Identity
class OpenStack
class V3
class Endpoints < Fog::Collection
model Fog::Identity::OpenStack::V3::Endpoint
def all params = {}
load(service.list_endpoints(params).body['endpoints'])
end
def find_by_id(id)
cached_endpoint = self.find { |endpoint| endpoint.id == id }
return cached_endpoint if cached_endpoint
endpoint_hash = service.get_endpoint(id).body['endpoint']
Fog::Identity::OpenStack::V3::Endpoint.new(
endpoint_hash.merge(:service => service))
end
end
end
end
end
end

96
lib/fog/openstack/models/identity_v3/group.rb Normal file
View File

@ -0,0 +1,96 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V3
class Group < Fog::Model
identity :id
attribute :description
attribute :domain_id
attribute :name
attribute :links
def to_s
self.name
end
def destroy
requires :id
service.delete_group(self.id)
true
end
def update(attr = nil)
requires :id
merge_attributes(
service.update_group(self.id, attr || attributes).body['group'])
self
end
def save
requires :name
identity ? update : create
end
def create
merge_attributes(
service.create_group(attributes).body['group'])
self
end
def add_user user_id
requires :id
service.add_user_to_group(self.id, user_id)
end
def remove_user user_id
requires :id
service.remove_user_from_group(self.id, user_id)
end
def contains_user? user_id
requires :id
begin
service.group_user_check(self.id, user_id)
rescue Fog::Identity::OpenStack::NotFound
return false
end
return true
end
def roles
requires :id, :domain_id
service.list_domain_group_roles(self.domain_id, self.id).body['roles']
end
def grant_role(role_id)
requires :id, :domain_id
service.grant_domain_group_role(self.domain_id, self.id, role_id)
end
def check_role(role_id)
requires :id, :domain_id
begin
service.check_domain_group_role(self.domain_id, self.id, role_id)
rescue Fog::Identity::OpenStack::NotFound
return false
end
return true
end
def revoke_role(role_id)
requires :id, :domain_id
service.revoke_domain_group_role(self.domain_id, self.id, role_id)
end
def users(attr = {})
requires :id
service.list_group_users(self.id, attr).body['users']
end
end
end
end
end
end

31
lib/fog/openstack/models/identity_v3/groups.rb Normal file
View File

@ -0,0 +1,31 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v3/group'
module Fog
module Identity
class OpenStack
class V3
class Groups < Fog::Collection
model Fog::Identity::OpenStack::V3::Group
def all params={}
load(service.list_groups(params).body['groups'])
end
def find_by_id(id)
cached_group = self.find { |group| group.id == id }
return cached_group if cached_group
group_hash = service.get_group(id).body['group']
Fog::Identity::OpenStack::V3::group.new(
group_hash.merge(:service => service))
end
def destroy(id)
group = self.find_by_id(id)
group.destroy
end
end
end
end
end
end

73
lib/fog/openstack/models/identity_v3/os_credential.rb Normal file
View File

@ -0,0 +1,73 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V3
class OsCredential < Fog::Model
identity :id
attribute :project_id
attribute :type
attribute :blob
attribute :user_id
attribute :links
def to_s
self.name
end
def destroy
requires :id
service.delete_os_credential(self.id)
@parsed_blob = nil
true
end
def update(attr = nil)
requires :id
merge_attributes(
service.update_os_credential(self.id, attr || attributes).body['credential'])
@parsed_blob = nil
self
end
def save
requires :blob, :type
@parsed_blob = nil
identity ? update : create
end
def create
merge_attributes(
service.create_os_credential(attributes).body['credential'])
@parsed_blob = nil
self
end
def parsed_blob
@parsed_blob = ::JSON.parse(blob) unless @parsed_blob
@parsed_blob
end
def name
parsed_blob['name'] if blob
end
def public_key
parsed_blob['public_key'] if blob
end
def fingerprint
parsed_blob['fingerprint'] if blob
end
def private_key
parsed_blob['private_key'] if blob
end
end
end
end
end
end

31
lib/fog/openstack/models/identity_v3/os_credentials.rb Normal file
View File

@ -0,0 +1,31 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v3/os_credential'
module Fog
module Identity
class OpenStack
class V3
class OsCredentials < Fog::Collection
model Fog::Identity::OpenStack::V3::OsCredential
def all params={}
load(service.list_os_credentials(params).body['credentials'])
end
def find_by_id(id)
cached_credential = self.find { |credential| credential.id == id }
return cached_credential if cached_credential
credential_hash = service.get_os_credential(id).body['credential']
Fog::Identity::OpenStack::V3::Credential.new(
credential_hash.merge(:service => service))
end
def destroy(id)
credential = self.find_by_id(id)
credential.destroy
end
end
end
end
end
end

31
lib/fog/openstack/models/identity_v3/policies.rb Normal file
View File

@ -0,0 +1,31 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v3/policy'
module Fog
module Identity
class OpenStack
class V3
class Policies < Fog::Collection
model Fog::Identity::OpenStack::V3::Policy
def all params={}
load(service.list_policies(params).body['policies'])
end
def find_by_id(id)
cached_policy = self.find { |policy| policy.id == id }
return cached_policy if cached_policy
policy_hash = service.get_policy(id).body['policy']
Fog::Identity::OpenStack::V3::Policy.new(
policy_hash.merge(:service => service))
end
def destroy(id)
policy = self.find_by_id(id)
policy.destroy
end
end
end
end
end
end

46
lib/fog/openstack/models/identity_v3/policy.rb Normal file
View File

@ -0,0 +1,46 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V3
class Policy < Fog::Model
identity :id
attribute :type
attribute :blob
attribute :links
def to_s
self.name
end
def destroy
requires :id
service.delete_policy(self.id)
true
end
def update(attr = nil)
requires :id
merge_attributes(
service.update_policy(self.id, attr || attributes).body['policy'])
self
end
def save
requires :blob, :type
identity ? update : create
end
def create
merge_attributes(
service.create_policy(attributes).body['policy'])
self
end
end
end
end
end
end

98
lib/fog/openstack/models/identity_v3/project.rb Normal file
View File

@ -0,0 +1,98 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V3
class Project < Fog::Model
identity :id
attribute :domain_id
attribute :description
attribute :enabled
attribute :name
attribute :links
def to_s
self.name
end
def destroy
requires :id
service.delete_project(self.id)
true
end
def update(attr = nil)
requires :id
merge_attributes(
service.update_project(self.id, attr || attributes).body['project'])
self
end
def save
requires :name
identity ? update : create
end
def create
merge_attributes(
service.create_project(attributes).body['project'])
self
end
def user_roles(user_id)
requires :id
service.list_project_user_roles(self.id, user_id).body['roles']
end
def grant_role_to_user(role_id, user_id)
requires :id
service.grant_project_user_role(self.id, user_id, role_id)
end
def check_user_role(user_id, role_id)
requires :id
begin
service.check_project_user_role(self.id, user_id, role_id)
rescue Fog::Identity::OpenStack::NotFound
return false
end
return true
end
def revoke_role_from_user(role_id, user_id)
requires :id
service.revoke_project_user_role(self.id, user_id, role_id)
end
def group_roles(group_id)
requires :id
service.list_project_group_roles(self.id, group_id).body['roles']
end
def grant_role_to_group(role_id, group_id)
requires :id
service.grant_project_group_role(self.id, group_id, role_id)
end
def check_group_role(group_id, role_id)
requires :id
begin
service.check_project_group_role(self.id, group_id, role_id)
rescue Fog::Identity::OpenStack::NotFound
return false
end
return true
end
def revoke_role_from_group(role_id, group_id)
requires :id
service.revoke_project_group_role(self.id, group_id, role_id)
end
end
end
end
end
end

31
lib/fog/openstack/models/identity_v3/projects.rb Normal file
View File

@ -0,0 +1,31 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v3/project'
module Fog
module Identity
class OpenStack
class V3
class Projects < Fog::Collection
model Fog::Identity::OpenStack::V3::Project
def all params={}
load(service.list_projects(params).body['projects'])
end
def auth_projects params={}
load(service.auth_projects(params).body['projects'])
end
def find_by_id(id)
cached_project = self.find { |project| project.id == id }
return cached_project if cached_project
project_hash = service.get_project(id).body['project']
Fog::Identity::OpenStack::V3::Project.new(
project_hash.merge(:service => service))
end
end
end
end
end
end

45
lib/fog/openstack/models/identity_v3/role.rb Normal file
View File

@ -0,0 +1,45 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V3
class Role < Fog::Model
identity :id
attribute :name
attribute :links
def to_s
self.name
end
def destroy
requires :id
service.delete_role(self.id)
true
end
def update(attr = nil)
requires :id
merge_attributes(
service.update_role(self.id, attr || attributes).body['role'])
self
end
def save
requires :name
identity ? update : create
end
def create
merge_attributes(
service.create_role(attributes).body['role'])
self
end
end
end
end
end
end

22
lib/fog/openstack/models/identity_v3/role_assignment.rb Normal file
View File

@ -0,0 +1,22 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V3
class RoleAssignment < Fog::Model
attribute :scope
attribute :role
attribute :user
attribute :group
attribute :links
def to_s
self.links['assignment']
end
end
end
end
end
end

22
lib/fog/openstack/models/identity_v3/role_assignments.rb Normal file
View File

@ -0,0 +1,22 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v3/role'
module Fog
module Identity
class OpenStack
class V3
class RoleAssignments < Fog::Collection
model Fog::Identity::OpenStack::V3::RoleAssignment
def all
filter_by {}
end
def filter_by params={}
load(service.list_role_assignments(params).body['role_assignments'])
end
end
end
end
end
end

35
lib/fog/openstack/models/identity_v3/roles.rb Normal file
View File

@ -0,0 +1,35 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v3/role'
module Fog
module Identity
class OpenStack
class V3
class Roles < Fog::Collection
model Fog::Identity::OpenStack::V3::Role
def all params={}
load(service.list_roles(params).body['roles'])
end
def assignments params={}
load(service.list_role_assignments(params).body['role_assignments'])
end
def find_by_id(id)
cached_role = self.find { |role| role.id == id }
return cached_role if cached_role
role_hash = service.get_role(id).body['role']
Fog::Identity::OpenStack::V3::role.new(
role_hash.merge(:service => service))
end
def destroy(id)
role = self.find_by_id(id)
role.destroy
end
end
end
end
end
end

47
lib/fog/openstack/models/identity_v3/service.rb Normal file
View File

@ -0,0 +1,47 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V3
class Service < Fog::Model
identity :id
attribute :description
attribute :type
attribute :name
attribute :links
def to_s
self.name
end
def destroy
requires :id
service.delete_service(self.id)
true
end
def update(attr = nil)
requires :id
merge_attributes(
service.update_service(self.id, attr || attributes).body['service'])
self
end
def save
requires :name
identity ? update : create
end
def create
merge_attributes(
service.create_service(attributes).body['service'])
self
end
end
end
end
end
end

31
lib/fog/openstack/models/identity_v3/services.rb Normal file
View File

@ -0,0 +1,31 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v3/service'
module Fog
module Identity
class OpenStack
class V3
class Services < Fog::Collection
model Fog::Identity::OpenStack::V3::Service
def all params={}
load(service.list_services(params).body['services'])
end
def find_by_id(id)
cached_service = self.find { |service| service.id == id }
return cached_service if cached_service
service_hash = service.get_service(id).body['service']
Fog::Identity::OpenStack::V3::Service.new(
service_hash.merge(:service => service))
end
def destroy(id)
service = self.find_by_id(id)
service.destroy
end
end
end
end
end
end

26
lib/fog/openstack/models/identity_v3/token.rb Normal file
View File

@ -0,0 +1,26 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V3
class Token < Fog::Model
attribute :value
attribute :catalog
attribute :expires_at
attribute :issued_at
attribute :methods
attribute :project
attribute :roles
attribute :user
def to_s
self.value
end
end
end
end
end
end

40
lib/fog/openstack/models/identity_v3/tokens.rb Normal file
View File

@ -0,0 +1,40 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v3/service'
module Fog
module Identity
class OpenStack
class V3
class Tokens < Fog::Collection
model Fog::Identity::OpenStack::V3::Token
def authenticate(auth)
response = service.token_authenticate(auth)
token_hash = response.body['token']
Fog::Identity::OpenStack::V3::Token.new(
token_hash.merge(:service => service, :value => response.headers['X-Subject-Token']))
end
def validate(subject_token)
response = service.token_validate(subject_token)
token_hash = response.body['token']
Fog::Identity::OpenStack::V3::Token.new(
token_hash.merge(:service => service, :value => response.headers['X-Subject-Token']))
end
def check(subject_token)
service.token_check(subject_token)
return true
end
def revoke(subject_token)
service.token_revoke(subject_token)
return true
end
end
end
end
end
end

87
lib/fog/openstack/models/identity_v3/user.rb Normal file
View File

@ -0,0 +1,87 @@
require 'fog/core/model'
module Fog
module Identity
class OpenStack
class V3
class User < Fog::Model
identity :id
attribute :default_project_id
attribute :description
attribute :domain_id
attribute :email
attribute :enabled
attribute :name
attribute :links
attribute :password
def to_s
self.name
end
def groups
requires :id
service.list_user_groups(self.id).body['groups']
end
def projects
requires :id
service.list_user_projects(self.id).body['projects']
end
def roles
requires :id, :domain_id
service.list_domain_user_roles(self.domain_id, self.id).body['roles']
end
def grant_role(role_id)
requires :id, :domain_id
service.grant_domain_user_role(self.domain_id, self.id, role_id)
end
def check_role(role_id)
requires :id, :domain_id
begin
service.check_domain_user_role(self.domain_id, self.id, role_id)
rescue Fog::Identity::OpenStack::NotFound
return false
end
return true
end
def revoke_role(role_id)
requires :id, :domain_id
service.revoke_domain_user_role(self.domain_id, self.id, role_id)
end
def destroy
requires :id
service.delete_user(self.id)
true
end
def update(attr = nil)
requires :id
merge_attributes(
service.update_user(self.id, attr || attributes).body['user'])
self
end
def save
requires :name
identity ? update : create
end
def create
merge_attributes(
service.create_user(attributes).body['user'])
self
end
end
end
end
end
end

35
lib/fog/openstack/models/identity_v3/users.rb Normal file
View File

@ -0,0 +1,35 @@
require 'fog/core/collection'
require 'fog/openstack/models/identity_v3/domain'
module Fog
module Identity
class OpenStack
class V3
class Users < Fog::Collection
model Fog::Identity::OpenStack::V3::User
def all params={}
load(service.list_users(params).body['users'])
end
def find_by_id(id)
cached_user = self.find { |user| user.id == id }
return cached_user if cached_user
user_hash = service.get_user(id).body['user']
Fog::Identity::OpenStack::V3::User.new(
user_hash.merge(:service => service))
end
def find_by_name(name)
load(service.list_users(:name => name).body['users'])
end
def destroy(id)
user = self.find_by_id(id)
user.destroy
end
end
end
end
end
end

10
lib/fog/openstack/network.rb
View File

@ -337,15 +337,7 @@ module Fog
:openstack_region => @openstack_region
}
case @openstack_auth_uri.path
when %r{/v2.0}
credentials = Fog::OpenStack.authenticate_v2(options, @connection_options)
when %r{/v3}
credentials = Fog::OpenStack.authenticate_v3(options, @connection_options)
else
credentials = Fog::OpenStack.authenticate_v2(options, @connection_options)
end
credentials = Fog::OpenStack.authenticate(options, @connection_options)
@current_user = credentials[:user]
@current_tenant = credentials[:tenant]

7
lib/fog/openstack/orchestration.rb
View File

@ -232,12 +232,7 @@ module Fog
:openstack_endpoint_type => @openstack_endpoint_type
}
if @openstack_auth_uri.path =~ /\/v2.0\//
credentials = Fog::OpenStack.authenticate_v2(options, @connection_options)
else
credentials = Fog::OpenStack.authenticate_v1(options, @connection_options)
end
credentials = Fog::OpenStack.authenticate(options, @connection_options)
@current_user = credentials[:user]
@current_tenant = credentials[:tenant]

2
lib/fog/openstack/planning.rb
View File

@ -185,7 +185,7 @@ module Fog
:openstack_endpoint_type => @openstack_endpoint_type
}
credentials = Fog::OpenStack.authenticate_v2(options, @connection_options)
credentials = Fog::OpenStack.authenticate(options, @connection_options)
@current_user = credentials[:user]
@current_tenant = credentials[:tenant]

2
lib/fog/openstack/requests/compute/create_security_group.rb
View File

@ -22,7 +22,7 @@ module Fog
class Mock
def create_security_group(name, description)
Fog::Identity::OpenStack.new(:openstack_auth_url => credentials[:openstack_auth_url])
tenant_id = Fog::Identity::OpenStack::Mock.data[current_tenant][:tenants].keys.first
tenant_id = Fog::Identity::OpenStack::V2::Mock.data[current_tenant][:tenants].keys.first
security_group_id = Fog::Mock.random_numbers(2).to_i + 1
self.data[:security_groups][security_group_id.to_s] = {
'tenant_id' => tenant_id,

34
lib/fog/openstack/requests/identity/add_user_to_tenant.rb
View File

@ -1,34 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def add_user_to_tenant(tenant_id, user_id, role_id)
request(
:expects => 200,
:method => 'PUT',
:path => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
)
end
end # class Real
class Mock
def add_user_to_tenant(tenant_id, user_id, role_id)
role = self.data[:roles][role_id]
self.data[:user_tenant_membership][tenant_id] ||= {}
self.data[:user_tenant_membership][tenant_id][user_id] ||= []
self.data[:user_tenant_membership][tenant_id][user_id].push(role['id']).uniq!
response = Excon::Response.new
response.status = 200
response.body = {
'role' => {
'id' => role['id'],
'name' => role['name']
}
}
response
end # def add_user_to_tenant
end # class Mock
end # class OpenStack
end # module Identity
end

20
lib/fog/openstack/requests/identity/check_token.rb
View File

@ -1,20 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def check_token(token_id, tenant_id=nil)
request(
:expects => [200, 203],
:method => 'HEAD',
:path => "tokens/#{token_id}"+(tenant_id ? "?belongsTo=#{tenant_id}" : '')
)
end
end
class Mock
def check_token(token_id, tenant_id=nil)
end
end
end
end
end

57
lib/fog/openstack/requests/identity/create_ec2_credential.rb
View File

@ -1,57 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
##
# Create an EC2 credential for a user in a tenant. Requires
# administrator credentials.
#
# ==== Parameters
# * user_id<~String>: The id of the user to create an EC2 credential
# for
# * tenant_id<~String>: The id of the tenant to create the credential
# in
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'credential'<~Hash>: Created EC2 credential
# * 'access'<~String>: The access key
# * 'secret'<~String>: The secret key
# * 'user_id'<~String>: The user id
# * 'tenant_id'<~String>: The tenant id
def create_ec2_credential(user_id, tenant_id)
data = { 'tenant_id' => tenant_id }
request(
:body => Fog::JSON.encode(data),
:expects => [200, 202],
:method => 'POST',
:path => "users/#{user_id}/credentials/OS-EC2"
)
end
end
class Mock
def create_ec2_credential(user_id, tenant_id)
response = Excon::Response.new
response.status = 200
data = {
'access' => Fog::Mock.random_hex(32),
'secret' => Fog::Mock.random_hex(32),
'tenant_id' => tenant_id,
'user_id' => user_id,
}
self.data[:ec2_credentials][user_id][data['access']] = data
response.body = { 'credential' => data }
response
end
end
end
end
end

36
lib/fog/openstack/requests/identity/create_role.rb
View File

@ -1,36 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def create_role(name)
data = {
'role' => {
'name' => name
}
}
request(
:body => Fog::JSON.encode(data),
:expects => [200, 202],
:method => 'POST',
:path => '/OS-KSADM/roles'
)
end
end
class Mock
def create_role(name)
data = {
'id' => Fog::Mock.random_hex(32),
'name' => name
}
self.data[:roles][data['id']] = data
Excon::Response.new(
:body => { 'role' => data },
:status => 202
)
end
end
end
end
end

32
lib/fog/openstack/requests/identity/create_tenant.rb
View File

@ -1,32 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def create_tenant(attributes)
request(
:expects => [200],
:method => 'POST',
:path => "tenants",
:body => Fog::JSON.encode({ 'tenant' => attributes })
)
end # def create_tenant
end # class Real
class Mock
def create_tenant(attributes)
response = Excon::Response.new
response.status = [200, 204][rand(1)]
response.body = {
'tenant' => {
'id' => "df9a815161eba9b76cc748fd5c5af73e",
'description' => attributes[:description] || 'normal tenant',
'enabled' => true,
'name' => attributes[:name] || 'default'
}
}
response
end # def create_tenant
end # class Mock
end # class OpenStack
end # module Identity
end # module Fog

43
lib/fog/openstack/requests/identity/create_user.rb
View File

@ -1,43 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def create_user(name, password, email, tenantId=nil, enabled=true)
data = {
'user' => {
'name' => name,
'password' => password,
'tenantId' => tenantId,
'email' => email,
'enabled' => enabled,
}
}
request(
:body => Fog::JSON.encode(data),
:expects => [200, 202],
:method => 'POST',
:path => '/users'
)
end
end
class Mock
def create_user(name, password, email, tenantId=nil, enabled=true)
response = Excon::Response.new
response.status = 200
data = {
'id' => Fog::Mock.random_hex(32),
'name' => name,
'email' => email,
'tenantId' => tenantId,
'enabled' => enabled
}
self.data[:users][data['id']] = data
response.body = { 'user' => data }
response
end
end
end
end
end

24
lib/fog/openstack/requests/identity/create_user_role.rb
View File

@ -1,24 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def create_user_role(tenant_id, user_id, role_id)
request(
:expects => 200,
:method => 'PUT',
:path => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
)
end
end
class Mock
def create_user_role(tenant_id, user_id, role_id)
Excon::Response.new(
:body => { 'role' => self.data[:roles][role_id] },
:status => 200
)
end
end
end
end
end

42
lib/fog/openstack/requests/identity/delete_ec2_credential.rb
View File

@ -1,42 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
##
# Destroy an EC2 credential for a user. Requires administrator
# credentials.
#
# ==== Parameters
# * user_id<~String>: The id of the user to delete the credential
# for
# * access<~String>: The access key of the credential to destroy
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~String>: Empty string
def delete_ec2_credential(user_id, access)
request(
:expects => [200, 204],
:method => 'DELETE',
:path => "users/#{user_id}/credentials/OS-EC2/#{access}"
)
end
end
class Mock
def delete_ec2_credential(user_id, access)
raise Fog::Identity::OpenStack::NotFound unless
self.data[:ec2_credentials][user_id][access]
self.data[:ec2_credentials][user_id].delete access
response = Excon::Response.new
response.status = 204
response
rescue
end
end
end
end
end

28
lib/fog/openstack/requests/identity/delete_role.rb
View File

@ -1,28 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def delete_role(role_id)
request(
:expects => [200, 204],
:method => 'DELETE',
:path => "/OS-KSADM/roles/#{role_id}"
)
end
end
class Mock
def delete_role(role_id)
response = Excon::Response.new
if self.data[:roles][role_id]
self.data[:roles].delete(role_id)
response.status = 204
response
else
raise Fog::Identity::OpenStack::NotFound
end
end
end
end
end
end

31
lib/fog/openstack/requests/identity/delete_tenant.rb
View File

@ -1,31 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def delete_tenant(id)
request(
:expects => [200, 204],
:method => 'DELETE',
:path => "tenants/#{id}"
)
end # def create_tenant
end # class Real
class Mock
def delete_tenant(attributes)
response = Excon::Response.new
response.status = [200, 204][rand(1)]
response.body = {
'tenant' => {
'id' => '1',
'description' => 'Has access to everything',
'enabled' => true,
'name' => 'admin'
}
}
response
end # def create_tenant
end # class Mock
end # class OpenStack
end # module Identity
end # module Fog

28
lib/fog/openstack/requests/identity/delete_user.rb
View File

@ -1,28 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def delete_user(user_id)
request(
:expects => [200, 204],
:method => 'DELETE',
:path => "users/#{user_id}"
)
end
end
class Mock
def delete_user(user_id)
self.data[:users].delete(
list_users.body['users'].find {|x| x['id'] == user_id }['id'])
response = Excon::Response.new
response.status = 204
response
rescue
raise Fog::Identity::OpenStack::NotFound
end
end
end
end
end

23
lib/fog/openstack/requests/identity/delete_user_role.rb
View File

@ -1,23 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def delete_user_role(tenant_id, user_id, role_id)
request(
:expects => 204,
:method => 'DELETE',
:path => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
)
end
end
class Mock
def delete_user_role(tenant_id, user_id, role_id)
response = Excon::Response.new
response.status = 204
response
end
end
end
end
end

48
lib/fog/openstack/requests/identity/get_ec2_credential.rb
View File

@ -1,48 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
##
# Retrieves an EC2 credential for a user. Requires administrator
# credentials.
#
# ==== Parameters
# * user_id<~String>: The id of the user to retrieve the credential
# for
# * access<~String>: The access key of the credential to retrieve
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'credential'<~Hash>: The EC2 credential
# * 'access'<~String>: The access key
# * 'secret'<~String>: The secret key
# * 'user_id'<~String>: The user id
# * 'tenant_id'<~String>: The tenant id
def get_ec2_credential(user_id, access)
request(
:expects => [200, 202],
:method => 'GET',
:path => "users/#{user_id}/credentials/OS-EC2/#{access}"
)
rescue Excon::Errors::Unauthorized
raise Fog::Identity::OpenStack::NotFound
end
end
class Mock
def get_ec2_credential(user_id, access)
ec2_credential = self.data[:ec2_credentials][user_id][access]
raise Fog::OpenStack::Identity::NotFound unless ec2_credential
response = Excon::Response.new
response.status = 200
response.body = { 'credential' => ec2_credential }
response
end
end
end
end
end

28
lib/fog/openstack/requests/identity/get_role.rb
View File

@ -1,28 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def get_role(id)
request(
:expects => [200, 204],
:method => 'GET',
:path => "/OS-KSADM/roles/#{id}"
)
end
end
class Mock
def get_role(id)
response = Excon::Response.new
if data = self.data[:roles][id]
response.status = 200
response.body = { 'role' => data }
response
else
raise Fog::Identity::OpenStack::NotFound
end
end
end # class Mock
end # class OpenStack
end # module Identity
end # module Fog

31
lib/fog/openstack/requests/identity/get_tenant.rb
View File

@ -1,31 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def get_tenant(id)
request(
:expects => [200, 204],
:method => 'GET',
:path => "tenants/#{id}"
)
end
end # class Real
class Mock
def get_tenant(id)
response = Excon::Response.new
response.status = [200, 204][rand(1)]
response.body = {
'tenant' => {
'id' => id,
'description' => 'Has access to everything',
'enabled' => true,
'name' => 'admin'
}
}
response
end # def list_tenants
end # class Mock
end # class OpenStack
end # module Identity
end # module Fog

18
lib/fog/openstack/requests/identity/get_tenants_by_id.rb
View File

@ -1,18 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def get_tenants_by_id(tenant_id)
request(
:expects => [200],
:method => 'GET',
:path => "tenants/#{tenant_id}"
)
end
end
class Mock
end
end
end
end

18
lib/fog/openstack/requests/identity/get_tenants_by_name.rb
View File

@ -1,18 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def get_tenants_by_name(name)
request(
:expects => [200],
:method => 'GET',
:path => "tenants?name=#{name}"
)
end
end
class Mock
end
end
end
end

32
lib/fog/openstack/requests/identity/get_user_by_id.rb
View File

@ -1,32 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def get_user_by_id(user_id)
request(
:expects => [200, 203],
:method => 'GET',
:path => "users/#{user_id}"
)
end
end
class Mock
def get_user_by_id(user_id)
response = Excon::Response.new
response.status = 200
existing_user = self.data[:users].find do |u|
u[0] == user_id || u[1]['name'] == 'mock'
end
existing_user = existing_user[1] if existing_user
response.body = {
'user' => existing_user || create_user('mock', 'mock', 'mock@email.com').body['user']
}
response
end
end
end
end
end

27
lib/fog/openstack/requests/identity/get_user_by_name.rb
View File

@ -1,27 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def get_user_by_name(name)
request(
:expects => [200, 203],
:method => 'GET',
:path => "users?name=#{name}"
)
end
end
class Mock
def get_user_by_name(name)
response = Excon::Response.new
response.status = 200
user = self.data[:users].values.select {|user| user['name'] == name}[0]
response.body = {
'user' => user
}
response
end
end
end
end
end

43
lib/fog/openstack/requests/identity/list_ec2_credentials.rb
View File

@ -1,43 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
##
# List EC2 credentials for a user. Requires administrator
# credentials.
#
# ==== Parameters
# * user_id<~String>: The id of the user to retrieve the credential
# for
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'credentials'<~Array>: The user's EC2 credentials
# * 'access'<~String>: The access key
# * 'secret'<~String>: The secret key
# * 'user_id'<~String>: The user id
# * 'tenant_id'<~String>: The tenant id
def list_ec2_credentials(user_id)
request(
:expects => [200, 202],
:method => 'GET',
:path => "users/#{user_id}/credentials/OS-EC2"
)
end
end
class Mock
def list_ec2_credentials(user_id)
ec2_credentials = self.data[:ec2_credentials][user_id].values
response = Excon::Response.new
response.status = 200
response.body = { 'credentials' => ec2_credentials }
response
end
end
end
end
end

18
lib/fog/openstack/requests/identity/list_endpoints_for_token.rb
View File

@ -1,18 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def list_endpoints_for_token(token_id)
request(
:expects => [200, 203],
:method => 'HEAD',
:path => "tokens/#{token_id}/endpoints"
)
end
end
class Mock
end
end
end
end

31
lib/fog/openstack/requests/identity/list_roles.rb
View File

@ -1,31 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def list_roles
request(
:expects => 200,
:method => 'GET',
:path => '/OS-KSADM/roles'
)
end
end
class Mock
def list_roles
if self.data[:roles].empty?
['admin', 'Member'].each do |name|
id = Fog::Mock.random_hex(32)
self.data[:roles][id] = {'id' => id, 'name' => name}
end
end
Excon::Response.new(
:body => { 'roles' => self.data[:roles].values },
:status => 200
)
end
end
end
end
end

30
lib/fog/openstack/requests/identity/list_roles_for_user_on_tenant.rb
View File

@ -1,30 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def list_roles_for_user_on_tenant(tenant_id, user_id)
request(
:expects => [200],
:method => 'GET',
:path => "tenants/#{tenant_id}/users/#{user_id}/roles"
)
end # def list_roles_for_user_on_tenant
end # class Real
class Mock
def list_roles_for_user_on_tenant(tenant_id, user_id)
self.data[:user_tenant_membership][tenant_id] ||= {}
self.data[:user_tenant_membership][tenant_id][user_id] ||= []
roles = self.data[:user_tenant_membership][tenant_id][user_id].map do |role_id|
self.data[:roles][role_id]
end
Excon::Response.new(
:body => { 'roles' => roles },
:status => 200
)
end # def list_roles_for_user_on_tenant
end # class Mock
end # class OpenStack
end # module Identity
end # module Fog

45
lib/fog/openstack/requests/identity/list_tenants.rb
View File

@ -1,45 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def list_tenants(limit = nil, marker = nil)
params = Hash.new
params['limit'] = limit if limit
params['marker'] = marker if marker
request(
:expects => [200, 204],
:method => 'GET',
:path => "tenants",
:query => params
)
end
end # class Real
class Mock
def list_tenants
Excon::Response.new(
:body => {
'tenants_links' => [],
'tenants' => [
{'id' => '1',
'description' => 'Has access to everything',
'enabled' => true,
'name' => 'admin'},
{'id' => '2',
'description' => 'Normal tenant',
'enabled' => true,
'name' => 'default'},
{'id' => '3',
'description' => 'Disabled tenant',
'enabled' => false,
'name' => 'disabled'}
]
},
:status => [200, 204][rand(1)]
)
end # def list_tenants
end # class Mock
end # class OpenStack
end # module Identity
end # module Fog

18
lib/fog/openstack/requests/identity/list_user_global_roles.rb
View File

@ -1,18 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def list_user_global_roles(user_id)
request(
:expects => [200],
:method => 'GET',
:path => "users/#{user_id}/roles"
)
end
end
class Mock
end
end
end
end

33
lib/fog/openstack/requests/identity/list_users.rb
View File

@ -1,33 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def list_users(tenant_id = nil)
path = tenant_id ? "tenants/#{tenant_id}/users" : 'users'
request(
:expects => [200, 204],
:method => 'GET',
:path => path
)
end
end # class Real
class Mock
def list_users(tenant_id = nil)
users = self.data[:users].values
if tenant_id
users = users.select {
|user| user['tenantId'] == tenant_id
}
end
Excon::Response.new(
:body => { 'users' => users },
:status => 200
)
end
end # class Mock
end # class OpenStack
end # module Identity
end # module Fog

20
lib/fog/openstack/requests/identity/remove_user_from_tenant.rb
View File

@ -1,20 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def remove_user_from_tenant(tenant_id, user_id, role_id)
request(
:expects => [200, 204],
:method => 'DELETE',
:path => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
)
end
end # class Real
class Mock
def remove_user_from_tenant(tenant_id, user_id, role_id)
end # def remove_user_from_tenant
end # class Mock
end # class OpenStack
end # module Identity
end

19
lib/fog/openstack/requests/identity/set_tenant.rb
View File

@ -1,19 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def set_tenant(tenant)
@openstack_must_reauthenticate = true
@openstack_tenant = tenant.to_s
authenticate
end
end
class Mock
def set_tenant(tenant)
true
end
end
end # class OpenStack
end # module Identity
end # module Fog

28
lib/fog/openstack/requests/identity/update_tenant.rb
View File

@ -1,28 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def update_tenant(id, attributes)
request(
:expects => [200],
:method => 'PUT',
:path => "tenants/#{id}",
:body => Fog::JSON.encode({ 'tenant' => attributes })
)
end # def create_tenant
end # class Real
class Mock
def update_tenant(id, attributes)
response = Excon::Response.new
response.status = [200, 204][rand(1)]
attributes = {'enabled' => true, 'id' => '1'}.merge(attributes)
response.body = {
'tenant' => attributes
}
response
end # def create_tenant
end # class Mock
end # class OpenStack
end # module Identity
end # module Fog

32
lib/fog/openstack/requests/identity/update_user.rb
View File

@ -1,32 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def update_user(user_id, options = {})
url = options.delete('url') || "/users/#{user_id}"
request(
:body => Fog::JSON.encode({ 'user' => options }),
:expects => 200,
:method => 'PUT',
:path => url
)
end
end
class Mock
def update_user(user_id, options)
response = Excon::Response.new
if user = self.data[:users][user_id]
if options['name']
user['name'] = options['name']
end
response.status = 200
response
else
raise Fog::Identity::OpenStack::NotFound
end
end
end
end
end
end

20
lib/fog/openstack/requests/identity/validate_token.rb
View File

@ -1,20 +0,0 @@
module Fog
module Identity
class OpenStack
class Real
def validate_token(token_id, tenant_id=nil)
request(
:expects => [200, 203],
:method => 'GET',
:path => "tokens/#{token_id}"+(tenant_id ? "?belongsTo=#{tenant_id}" : '')
)
end
end
class Mock
def validate_token(token_id, tenant_id=nil)
end
end
end
end
end

36
lib/fog/openstack/requests/identity_v2/add_user_to_tenant.rb Normal file
View File

@ -0,0 +1,36 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def add_user_to_tenant(tenant_id, user_id, role_id)
request(
:expects => 200,
:method => 'PUT',
:path => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
)
end
end # class Real
class Mock
def add_user_to_tenant(tenant_id, user_id, role_id)
role = self.data[:roles][role_id]
self.data[:user_tenant_membership][tenant_id] ||= {}
self.data[:user_tenant_membership][tenant_id][user_id] ||= []
self.data[:user_tenant_membership][tenant_id][user_id].push(role['id']).uniq!
response = Excon::Response.new
response.status = 200
response.body = {
'role' => {
'id' => role['id'],
'name' => role['name']
}
}
response
end # def add_user_to_tenant
end # class Mock
end # class V2
end # class OpenStack
end # module Identity
end

22
lib/fog/openstack/requests/identity_v2/check_token.rb Normal file
View File

@ -0,0 +1,22 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def check_token(token_id, tenant_id=nil)
request(
:expects => [200, 203],
:method => 'HEAD',
:path => "tokens/#{token_id}"+(tenant_id ? "?belongsTo=#{tenant_id}" : '')
)
end
end
class Mock
def check_token(token_id, tenant_id=nil)
end
end
end
end
end
end

59
lib/fog/openstack/requests/identity_v2/create_ec2_credential.rb Normal file
View File

@ -0,0 +1,59 @@
module Fog
module Identity
class OpenStack
class V2
class Real
##
# Create an EC2 credential for a user in a tenant. Requires
# administrator credentials.
#
# ==== Parameters
# * user_id<~String>: The id of the user to create an EC2 credential
# for
# * tenant_id<~String>: The id of the tenant to create the credential
# in
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'credential'<~Hash>: Created EC2 credential
# * 'access'<~String>: The access key
# * 'secret'<~String>: The secret key
# * 'user_id'<~String>: The user id
# * 'tenant_id'<~String>: The tenant id
def create_ec2_credential(user_id, tenant_id)
data = {'tenant_id' => tenant_id}
request(
:body => Fog::JSON.encode(data),
:expects => [200, 202],
:method => 'POST',
:path => "users/#{user_id}/credentials/OS-EC2"
)
end
end
class Mock
def create_ec2_credential(user_id, tenant_id)
response = Excon::Response.new
response.status = 200
data = {
'access' => Fog::Mock.random_hex(32),
'secret' => Fog::Mock.random_hex(32),
'tenant_id' => tenant_id,
'user_id' => user_id,
}
self.data[:ec2_credentials][user_id][data['access']] = data
response.body = {'credential' => data}
response
end
end
end # class V2
end
end
end

38
lib/fog/openstack/requests/identity_v2/create_role.rb Normal file
View File

@ -0,0 +1,38 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def create_role(name)
data = {
'role' => {
'name' => name
}
}
request(
:body => Fog::JSON.encode(data),
:expects => [200, 202],
:method => 'POST',
:path => '/OS-KSADM/roles'
)
end
end
class Mock
def create_role(name)
data = {
'id' => Fog::Mock.random_hex(32),
'name' => name
}
self.data[:roles][data['id']] = data
Excon::Response.new(
:body => {'role' => data},
:status => 202
)
end
end
end # class V2
end
end
end

34
lib/fog/openstack/requests/identity_v2/create_tenant.rb Normal file
View File

@ -0,0 +1,34 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def create_tenant(attributes)
request(
:expects => [200],
:method => 'POST',
:path => "tenants",
:body => Fog::JSON.encode({'tenant' => attributes})
)
end # def create_tenant
end # class Real
class Mock
def create_tenant(attributes)
response = Excon::Response.new
response.status = [200, 204][rand(1)]
response.body = {
'tenant' => {
'id' => "df9a815161eba9b76cc748fd5c5af73e",
'description' => attributes[:description] || 'normal tenant',
'enabled' => true,
'name' => attributes[:name] || 'default'
}
}
response
end # def create_tenant
end # class Mock
end # class V2
end # class OpenStack
end # module Identity
end # module Fog

45
lib/fog/openstack/requests/identity_v2/create_user.rb Normal file
View File

@ -0,0 +1,45 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def create_user(name, password, email, tenantId=nil, enabled=true)
data = {
'user' => {
'name' => name,
'password' => password,
'tenantId' => tenantId,
'email' => email,
'enabled' => enabled,
}
}
request(
:body => Fog::JSON.encode(data),
:expects => [200, 202],
:method => 'POST',
:path => '/users'
)
end
end
class Mock
def create_user(name, password, email, tenantId=nil, enabled=true)
response = Excon::Response.new
response.status = 200
data = {
'id' => Fog::Mock.random_hex(32),
'name' => name,
'email' => email,
'tenantId' => tenantId,
'enabled' => enabled
}
self.data[:users][data['id']] = data
response.body = {'user' => data}
response
end
end
end # class V2
end
end
end

26
lib/fog/openstack/requests/identity_v2/create_user_role.rb Normal file
View File

@ -0,0 +1,26 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def create_user_role(tenant_id, user_id, role_id)
request(
:expects => 200,
:method => 'PUT',
:path => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
)
end
end
class Mock
def create_user_role(tenant_id, user_id, role_id)
Excon::Response.new(
:body => {'role' => self.data[:roles][role_id]},
:status => 200
)
end
end
end # class V2
end
end
end

43
lib/fog/openstack/requests/identity_v2/delete_ec2_credential.rb Normal file
View File

@ -0,0 +1,43 @@
module Fog
module Identity
class OpenStack
class V2
class Real
##
# Destroy an EC2 credential for a user. Requires administrator
# credentials.
#
# ==== Parameters
# * user_id<~String>: The id of the user to delete the credential
# for
# * access<~String>: The access key of the credential to destroy
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~String>: Empty string
def delete_ec2_credential(user_id, access)
request(
:expects => [200, 204],
:method => 'DELETE',
:path => "users/#{user_id}/credentials/OS-EC2/#{access}"
)
end
end
class Mock
def delete_ec2_credential(user_id, access)
raise Fog::Identity::OpenStack::NotFound unless self.data[:ec2_credentials][user_id][access]
self.data[:ec2_credentials][user_id].delete access
response = Excon::Response.new
response.status = 204
response
rescue
end
end
end # class V2
end
end
end

30
lib/fog/openstack/requests/identity_v2/delete_role.rb Normal file
View File

@ -0,0 +1,30 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def delete_role(role_id)
request(
:expects => [200, 204],
:method => 'DELETE',
:path => "/OS-KSADM/roles/#{role_id}"
)
end
end
class Mock
def delete_role(role_id)
response = Excon::Response.new
if self.data[:roles][role_id]
self.data[:roles].delete(role_id)
response.status = 204
response
else
raise Fog::Identity::OpenStack::NotFound
end
end
end
end # class V2
end
end
end

33
lib/fog/openstack/requests/identity_v2/delete_tenant.rb Normal file
View File

@ -0,0 +1,33 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def delete_tenant(id)
request(
:expects => [200, 204],
:method => 'DELETE',
:path => "tenants/#{id}"
)
end # def create_tenant
end # class Real
class Mock
def delete_tenant(attributes)
response = Excon::Response.new
response.status = [200, 204][rand(1)]
response.body = {
'tenant' => {
'id' => '1',
'description' => 'Has access to everything',
'enabled' => true,
'name' => 'admin'
}
}
response
end # def create_tenant
end # class Mock
end # class V2
end # class OpenStack
end # module Identity
end # module Fog

30
lib/fog/openstack/requests/identity_v2/delete_user.rb Normal file
View File

@ -0,0 +1,30 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def delete_user(user_id)
request(
:expects => [200, 204],
:method => 'DELETE',
:path => "users/#{user_id}"
)
end
end
class Mock
def delete_user(user_id)
self.data[:users].delete(
list_users.body['users'].find { |x| x['id'] == user_id }['id'])
response = Excon::Response.new
response.status = 204
response
rescue
raise Fog::Identity::OpenStack::NotFound
end
end
end # class V2
end
end
end

25
lib/fog/openstack/requests/identity_v2/delete_user_role.rb Normal file
View File

@ -0,0 +1,25 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def delete_user_role(tenant_id, user_id, role_id)
request(
:expects => 204,
:method => 'DELETE',
:path => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
)
end
end
class Mock
def delete_user_role(tenant_id, user_id, role_id)
response = Excon::Response.new
response.status = 204
response
end
end
end # class V2
end
end
end

50
lib/fog/openstack/requests/identity_v2/get_ec2_credential.rb Normal file
View File

@ -0,0 +1,50 @@
module Fog
module Identity
class OpenStack
class V2
class Real
##
# Retrieves an EC2 credential for a user. Requires administrator
# credentials.
#
# ==== Parameters
# * user_id<~String>: The id of the user to retrieve the credential
# for
# * access<~String>: The access key of the credential to retrieve
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'credential'<~Hash>: The EC2 credential
# * 'access'<~String>: The access key
# * 'secret'<~String>: The secret key
# * 'user_id'<~String>: The user id
# * 'tenant_id'<~String>: The tenant id
def get_ec2_credential(user_id, access)
request(
:expects => [200, 202],
:method => 'GET',
:path => "users/#{user_id}/credentials/OS-EC2/#{access}"
)
rescue Excon::Errors::Unauthorized
raise Fog::Identity::OpenStack::NotFound
end
end
class Mock
def get_ec2_credential(user_id, access)
ec2_credential = self.data[:ec2_credentials][user_id][access]
raise Fog::OpenStack::Identity::NotFound unless ec2_credential
response = Excon::Response.new
response.status = 200
response.body = {'credential' => ec2_credential}
response
end
end
end # class V2
end
end
end

30
lib/fog/openstack/requests/identity_v2/get_role.rb Normal file
View File

@ -0,0 +1,30 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def get_role(id)
request(
:expects => [200, 204],
:method => 'GET',
:path => "/OS-KSADM/roles/#{id}"
)
end
end
class Mock
def get_role(id)
response = Excon::Response.new
if data = self.data[:roles][id]
response.status = 200
response.body = {'role' => data}
response
else
raise Fog::Identity::OpenStack::NotFound
end
end
end # class Mock
end # class V2
end # class OpenStack
end # module Identity
end # module Fog

33
lib/fog/openstack/requests/identity_v2/get_tenant.rb Normal file
View File

@ -0,0 +1,33 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def get_tenant(id)
request(
:expects => [200, 204],
:method => 'GET',
:path => "tenants/#{id}"
)
end
end # class Real
class Mock
def get_tenant(id)
response = Excon::Response.new
response.status = [200, 204][rand(1)]
response.body = {
'tenant' => {
'id' => id,
'description' => 'Has access to everything',
'enabled' => true,
'name' => 'admin'
}
}
response
end # def list_tenants
end # class Mock
end # class V2
end # class OpenStack
end # module Identity
end # module Fog

20
lib/fog/openstack/requests/identity_v2/get_tenants_by_id.rb Normal file
View File

@ -0,0 +1,20 @@
module Fog
module Identity
class OpenStack
class V2
class Real
def get_tenants_by_id(tenant_id)
request(
:expects => [200],
:method => 'GET',
:path => "tenants/#{tenant_id}"
)
end
end
class Mock
end
end # class V2
end
end
end

Some files were not shown because too many files have changed in this diff Show More