[openstack|identity] Keystone Roles and Users

2022-11-09 13:51:43 -05:00 · 2012-02-27 10:43:42 +08:00 · 2012-02-27 10:43:42 +08:00 · b122f0c85e
commit b122f0c85e
parent c623858312
21 changed files with 280 additions and 63 deletions
--- a/lib/fog/openstack/identity.rb
+++ b/lib/fog/openstack/identity.rb
@ -31,6 +31,9 @@ module Fog
      request :delete_tenant
      request :list_users
      request :create_user
      request :update_user
      request :delete_user
      request :get_user_by_id
      request :get_user_by_name
@ -52,6 +55,7 @@ module Fog
          @data ||= Hash.new do |hash, key|
            hash[key] = {
              :users => {},
              :roles => {},
              :tenants => {}
            }
          end
--- a/lib/fog/openstack/models/identity/role.rb
+++ b/lib/fog/openstack/models/identity/role.rb
@ -6,7 +6,6 @@ module Fog
      class Role < Fog::Model
        identity :id
        attribute :name
        attribute :description
        def save
          requires :name
@ -16,9 +15,35 @@ module Fog
        end
        def destroy
          requires :id
          connection.delete_role(id)
          true
        end
        def add_to_user(user, tenant)
          add_remove_to_user(user, tenant, :add)
        end
        def remove_to_user(user, tenant)
          add_remove_to_user(user, tenant, :remove)
        end
        private
        def add_remove_to_user(user, tenant, ops)
          requires :id
          user_id = get_id(user)
          tenant_id = get_id(tenant)
          case ops
          when :add
            connection.create_user_role(tenant_id, user_id, id).status == 200
          when :remove
            connection.delete_user_role(tenant_id, user_id, id).status == 200
          end
        end
        def get_id(_)
          _.is_a?(String) ? _ : _.id
        end
      end # class Role
    end # class OpenStack
  end # module Identity
--- a/lib/fog/openstack/models/identity/roles.rb
+++ b/lib/fog/openstack/models/identity/roles.rb
@ -16,24 +16,10 @@ module Fog
            list_roles_for_user_on_tenant(tenant.id, user.id).body['roles'])
        end
-        def get(role)
+        def get(id)
          connection.get_role(id)
        end
        def add_user_role(user, role, tenant)
          user_id = user.class == String ? user : user.id
          role_id = role.class == String ? role : role.id
          tenant_id = tenant.class == String ? tenant : tenant.id
          connection.create_user_role(tenant_id, user_id, role_id).status == 200
        end
        def remove_user_role(user, role, tenant)
          user_id = user.class == String ? user : user.id
          role_id = role.class == String ? role : role.id
          tenant_id = tenant.class == String ? tenant : tenant.id
          connection.delete_user_role(tenant_id, user_id, role_id).status == 200
        end
      end
    end # class OpenStack
  end # module Compute
--- a/lib/fog/openstack/models/identity/user.rb
+++ b/lib/fog/openstack/models/identity/user.rb
@ -9,18 +9,61 @@ module Fog
        attribute :email
        attribute :enabled
        attribute :name
-        attribute :tenantId
+        attribute :tenantId, :aliases => 'tenant_id'
        attribute :password
        attr_accessor :email, :name, :tenant_id, :enabled, :password
        def initialize(attributes)
          @connection = attributes[:connection]
          attributes[:enabled] ||= true
          super
        end
        def save
          raise Fog::Errors::Error.new('Resaving an existing object may create a duplicate') if identity
          requires :name, :tenant_id, :password
          data = connection.create_user(name, password, email, tenant_id, enabled)
          merge_attributes(data.body['user'])
          true
        end
        def update(options = {})
          requires :id
          options.merge('id' => id)
          response = connection.update_user(id, options)
          true
        end
        def update_password(password)
          update({'password' => password, 'url' => "/users/#{id}/OS-KSADM/password"})
        end
        def update_tenant(tenant)
          tenant = tenant.id if tenant.class != String
          update({:tenantId => tenant, 'url' => "/users/#{id}/OS-KSADM/tenant"})
        end
        def update_enabled(enabled)
          update({:enabled => enabled, 'url' => "/users/#{id}/OS-KSADM/enabled"})
        end
        def destroy
          requires :id
          connection.delete_user(id)
          true
        end
        def roles
-          return Array.new unless tenantId
+          return Array.new unless tenant_id
          tenant = Fog::Identity::OpenStack::Tenant.
-            new(connection.get_tenant(tenantId).body['tenant'])
+            new(connection.get_tenant(tenant_id).body['tenant'])
          connection.roles(
            :tenant => tenant,
            :user   => self)
        end
-      end # class Tenant
+      end # class User
    end # class OpenStack
  end # module Identity
 end # module Fog
--- a/lib/fog/openstack/models/identity/users.rb
+++ b/lib/fog/openstack/models/identity/users.rb
@ -10,7 +10,7 @@ module Fog
        def all
          load(connection.list_users.body['users'])
        end
-      end # class Tenants
+      end # class Users
    end # class OpenStack
-  end # module Compute
+  end # module Identity
 end # module Fog
--- a/lib/fog/openstack/requests/identity/create_role.rb
+++ b/lib/fog/openstack/requests/identity/create_role.rb
@ -22,13 +22,11 @@ module Fog
        def create_role(name)
          response = Excon::Response.new
          response.status = 202
          data = {
            'id'          => Fog::Mock.random_numbers(6).to_s,
            'name'        => name
          }
          self.data[:roles][data['id']] = data
          self.data[:roles][data['id']][:last_modified] = Time.now
          response.body = { 'role' => data }
          response
        end
--- a/lib/fog/openstack/requests/identity/create_user.rb
+++ b/lib/fog/openstack/requests/identity/create_user.rb
@ -0,0 +1,47 @@
 module Fog
  module Identity
    class OpenStack
      class Real
        def create_user(name, password, email, tenantId=nil, enabled=true)
          data = {
            'user' => {
              'name'      => name,
              'password'  => password,
              'tenantId'  => tenantId,
              'email'     => email,
              'enabled'   => enabled,
            }
          }
          request(
            :body     => MultiJson.encode(data),
            :expects  => [200, 202],
            :method   => 'POST',
            :path     => '/users'
          )
        end
      end
      class Mock
        def create_user(name, password, email, tenantId=nil, enabled=true)
          response = Excon::Response.new
          response.status = 200
          data = {
            'id'       => Fog::Mock.random_numbers(6).to_s,
            'name'     => name,
            'email'    => email,
            'tenantId' => tenantId,
            'enabled'  => enabled
          }
          self.data[:users][data['id']] = data
          response.body = { 'user' => data }
          response
        end
      end
    end
  end
 end
--- a/lib/fog/openstack/requests/identity/create_user_role.rb
+++ b/lib/fog/openstack/requests/identity/create_user_role.rb
@ -7,7 +7,7 @@ module Fog
          request(
            :expects  => 200,
            :method   => 'PUT',
-            :path     => '/tenants/%s/users/%s/roles/OS-KSADM/%s' % [tenant_id, user_id, role_id]
+            :path     => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
          )
        end
--- a/lib/fog/openstack/requests/identity/delete_role.rb
+++ b/lib/fog/openstack/requests/identity/delete_role.rb
@ -7,7 +7,7 @@ module Fog
          request(
            :expects => [200, 204],
            :method => 'DELETE',
-            :path   => '/OS-KSADM/roles/%s' % role_id
+            :path   => "/OS-KSADM/roles/#{role_id}"
          )
        end
@ -17,7 +17,7 @@ module Fog
        def delete_role(role_id)
          response = Excon::Response.new
-          if role = list_roles.body['roles'].detect {|_| _['id'] == role_id}
+          if role = list_roles.body['roles'][role_id]
            self.data[:roles].delete(role_id)
            response.status = 204
            response
--- a/lib/fog/openstack/requests/identity/delete_user.rb
+++ b/lib/fog/openstack/requests/identity/delete_user.rb
@ -0,0 +1,32 @@
 module Fog
  module Identity
    class OpenStack
      class Real
        def delete_user(user_id)
          request(
            :expects => 200,
            :method => 'DELETE',
            :path   => "users/#{user_id}"
          )
        end
      end
      class Mock
        def delete_user(user_id)
          response = Excon::Response.new
          if user = list_users.body['users'][user_id]
            self.data[:users].delete(user_id)
            response.status = 204
            response
          else
            raise Fog::Identity::OpenStack::NotFound
          end
        end
      end
    end
  end
 end
--- a/lib/fog/openstack/requests/identity/delete_user_role.rb
+++ b/lib/fog/openstack/requests/identity/delete_user_role.rb
@ -7,7 +7,7 @@ module Fog
          request(
            :expects  => 200,
            :method   => 'DELETE',
-            :path     => '/tenants/%s/users/%s/roles/OS-KSADM/%s' % [tenant_id, user_id, role_id]
+            :path     => "/tenants/#{tenant_id}/users/#{user_id}/roles/OS-KSADM/#{role_id}"
          )
        end
--- a/lib/fog/openstack/requests/identity/get_role.rb
+++ b/lib/fog/openstack/requests/identity/get_role.rb
@ -6,7 +6,7 @@ module Fog
          request(
            :expects => [200, 204],
            :method  => 'GET',
-            :path    => "/OS-KSADM/roles/%s" % id
+            :path    => "/OS-KSADM/roles/#{id}"
          )
        end
      end
@ -14,15 +14,13 @@ module Fog
      class Mock
        def get_role(id)
          response = Excon::Response.new
-          response.status = [200, 204][rand(1)]
+          if data = self.data[:roles][id]
-          response.body = {
+            response.status = 200
-            'role' => {
+            response.body = { 'role' => data }
-              'id' => '1',
+            response
-              'name' => 'System Admin',
+          else
-              'description' => 'Role description',
+            raise Fog::Identity::OpenStack::NotFound
-            }
+          end
          }
          response
        end
      end # class Mock
    end # class OpenStack
--- a/lib/fog/openstack/requests/identity/list_roles_for_user_on_tenant.rb
+++ b/lib/fog/openstack/requests/identity/list_roles_for_user_on_tenant.rb
@ -6,7 +6,7 @@ module Fog
          request(
            :expects  => [200],
            :method   => 'GET',
-            :path     => 'tenants/%s/users/%s/roles' % [tenant_id, user_id]
+            :path     => "tenants/#{tenant_id}/users/#{user_id}/roles"
          )
        end # def list_roles_for_user_on_tenant
      end # class Real
--- a/lib/fog/openstack/requests/identity/list_users.rb
+++ b/lib/fog/openstack/requests/identity/list_users.rb
@ -14,18 +14,10 @@ module Fog
      class Mock
        def list_users
          response = Excon::Response.new
-          response.status = [200, 204][rand(1)]
+          response.status = 200
-          response.body = {
+          response.body = { 'users' => self.data[:users] }
            'users' => [
              {'id' => '1',
               'enabled' => true,
               'name' => 'admin',
               'email' => 'admin@example.com',
               'tenantId' => nil}
            ]
          }
          response
-        end # def list_tenants
+        end
      end # class Mock
    end # class OpenStack
  end # module Identity
--- a/lib/fog/openstack/requests/identity/update_user.rb
+++ b/lib/fog/openstack/requests/identity/update_user.rb
@ -0,0 +1,37 @@
 module Fog
  module Identity
    class OpenStack
      class Real
        def update_user(user_id, options = {})
          url = options.delete('url') || "/users/#{user_id}"
          request(
            :body     => MultiJson.encode({ 'user' => options }),
            :expects  => 200,
            :method   => 'PUT',
            :path     => url
          )
        end
      end
      class Mock
        def update_user(user_id, options)
          response = Excon::Response.new
          if user = list_users.body['users'][user_id]
            if options['name']
              user['name'] = options['name']
            end
            self.data[:users][data['id']] = user
            response.status = 200
            response
          else
            raise Fog::Identity::OpenStack::NotFound
          end
        end
      end
    end
  end
 end
--- a/tests/openstack/models/identity/role_tests.rb
+++ b/tests/openstack/models/identity/role_tests.rb
@ -1,11 +1,21 @@
 Shindo.tests("Fog::Identity[:openstack] | role", ['openstack']) do
  @instance = Fog::Identity[:openstack].roles.new({:name => 'Role Name', :user_id => 1, :role_id => 1})
  @user     = Fog::Identity[:openstack].users.all.first
  @tenant   = Fog::Identity[:openstack].tenants.all.first
  tests('success') do
    tests('#save').returns(true) do
      @instance.save
    end
    tests('#add_to_user(@user.id, @tenant.id)').returns(true) do
      @instance.add_to_user(@user.id, @tenant.id)
    end
    tests('#remove_to_user(@user.id, @tenant.id)').returns(true) do
      @instance.remove_to_user(@user.id, @tenant.id)
    end
    tests('#destroy').returns(true) do
      @instance.destroy
    end
--- a/tests/openstack/models/identity/roles_tests.rb
+++ b/tests/openstack/models/identity/roles_tests.rb
@ -1,6 +1,6 @@
 Shindo.tests("Fog::Identity[:openstack] | roles", ['openstack']) do
-  @user   = Fog::Identity[:openstack].users.all.first
+  @user     = Fog::Identity[:openstack].users.all.first
-  @tenant = Fog::Identity[:openstack].tenants.all.first
+  @tenant   = Fog::Identity[:openstack].tenants.all.first
  @roles  = Fog::Identity[:openstack].roles(:user => @user, :tenant => @tenant)
  tests('success') do
@ -8,13 +8,8 @@ Shindo.tests("Fog::Identity[:openstack] | roles", ['openstack']) do
      @roles.all
    end
-    @role = @roles.all.first
+    tests('#get').succeeds do
-    tests('#add_user_role(@user.id, @tenant.id, @role.id)').returns(true) do
+      @roles.get @roles.first.id
      @roles.add_user_role(@user.id, @tenant.id, @role.id)
    end
    tests('#remove_user_role(@user.id, @tenant.id, @role.id)').returns(true) do
      @roles.remove_user_role(@user.id, @tenant.id, @role.id)
    end
  end
 end
--- a/tests/openstack/models/identity/tenant_tests.rb
+++ b/tests/openstack/models/identity/tenant_tests.rb
@ -1,4 +1,4 @@
-Shindo.tests("Fog::Compute[:openstack] | tenant", ['openstack']) do
+Shindo.tests("Fog::Identity[:openstack] | tenant", ['openstack']) do
  tests('success') do
    tests('#roles_for(0)').succeeds do
      instance = Fog::Identity[:openstack].tenants.first
--- a/tests/openstack/models/identity/user_tests.rb
+++ b/tests/openstack/models/identity/user_tests.rb
@ -1,9 +1,46 @@
-Shindo.tests("Fog::Compute[:openstack] | user", ['openstack']) do
+Shindo.tests("Fog::Identity[:openstack] | user", ['openstack']) do
-  @instance = Fog::Identity[:openstack].users.first
+  tenant_id = Fog::Identity[:openstack].list_tenants.body['tenants'].first['id']
  @instance = Fog::Identity[:openstack].users.new({
    :name      => 'User Name',
    :email     => 'test@fog.com',
    :tenant_id => tenant_id,
    :password  => 'spoof',
    :enabled   => true
  })
  tests('success') do
    tests('#save').returns(true) do
      @instance.save
    end
    tests('#roles').succeeds do
      @instance.roles
    end
    tests('#update').returns(true) do
      @instance.update({:name => 'updatename', :email => 'new@email.com'})
    end
    tests('#update_password').returns(true) do
      @instance.update_password('swordfish')
    end
    tests('#update_tenant').returns(true) do
      @instance.update_tenant('swordfish')
    end
    tests('#update_enabled').returns(true) do
      @instance.update_enabled('swordfish')
    end
    tests('#destroy').returns(true) do
      @instance.destroy
    end
  end
  tests('failure') do
    tests('#save').raises(Fog::Errors::Error) do
      @instance.save
    end
  end
 end
--- a/tests/openstack/requests/identity/role_tests.rb
+++ b/tests/openstack/requests/identity/role_tests.rb
@ -8,7 +8,7 @@ Shindo.tests('Fog::Identity[:openstack] | role requests', ['openstack']) do
  @tenant = Fog::Identity[:openstack].list_tenants.body['tenants'].first
  tests('success') do
-    tests('#create_role("Role Name", "Descriptio")').formats(@role_format, false) do
+    tests('#create_role("Role Name")').formats(@role_format, false) do
      @role = Fog::Identity[:openstack].create_role("Role Name").body['role']
    end
--- a/tests/openstack/requests/identity/user_tests.rb
+++ b/tests/openstack/requests/identity/user_tests.rb
@ -9,8 +9,21 @@ Shindo.tests('Fog::Identity[:openstack] | user requests', ['openstack']) do
  }
  tests('success') do
    tests('#create_user("Onamae", "spoof", "user@email.com", "t3n4nt1d", true)').formats(@user_format, false) do
      @user = Fog::Identity[:openstack].create_user("Onamae", "spoof", "morph@example.com", "m0rPh1d").body['user']
    end
    tests('#list_users').formats({'users' => [@user_format]}) do
      Fog::Identity[:openstack].list_users.body
    end
    tests("#update_user(#{@user['id']}, :name => 'fogupdateduser')").succeeds do
      Fog::Identity[:openstack].update_user(@user['id'], :name => 'fogupdateduser', :email => 'fog@test.com')
    end
    tests("#delete_user(#{@user['id']})").succeeds do
      Fog::Identity[:openstack].delete_user(@user['id'])
    end
  end
 end