[openstack|identity] Keystone Roles

lib/fog/openstack/identity.rb

@@ -38,6 +38,15 @@ module Fog
       request :list_roles_for_user_on_tenant
       request :list_user_global_roles
 
+      request :create_role
+      request :delete_role
+      request :delete_user_role
+      request :create_user_role
+      request :get_role
+      request :list_roles
+
+
+
       class Mock
         def self.data
           @data ||= Hash.new do |hash, key|

lib/fog/openstack/models/identity/role.rb

@@ -6,6 +6,19 @@ module Fog
       class Role < Fog::Model
         identity :id
         attribute :name
+        attribute :description
+
+        def save
+          requires :name
+          data = connection.create_role(name)
+          merge_attributes(data.body['role'])
+          true
+        end
+
+        def destroy
+          connection.delete_role(id)
+          true
+        end
       end # class Role
     end # class OpenStack
   end # module Identity

lib/fog/openstack/models/identity/roles.rb

@@ -15,7 +15,26 @@ module Fog
           load(connection.
             list_roles_for_user_on_tenant(tenant.id, user.id).body['roles'])
         end
-      end # class Tenants
+
+        def get(role)
+          connection.get_role(id)
+        end
+
+        def add_user_role(user, role, tenant)
+          user_id = user.class == String ? user : user.id
+          role_id = role.class == String ? role : role.id
+          tenant_id = tenant.class == String ? tenant : tenant.id
+          connection.create_user_role(tenant_id, user_id, role_id).status == 200
+        end
+
+        def remove_user_role(user, role, tenant)
+          user_id = user.class == String ? user : user.id
+          role_id = role.class == String ? role : role.id
+          tenant_id = tenant.class == String ? tenant : tenant.id
+          connection.delete_user_role(tenant_id, user_id, role_id).status == 200
+        end
+
+      end
     end # class OpenStack
   end # module Compute
 end # module Fog

lib/fog/openstack/requests/identity/create_role.rb

@@ -0,0 +1,39 @@
+module Fog
+  module Identity
+    class OpenStack
+      class Real
+        def create_role(name)
+          data = {
+            'role' => {
+              'name' => name
+            }
+          }
+
+          request(
+            :body     => MultiJson.encode(data),
+            :expects  => [200, 202],
+            :method   => 'POST',
+            :path   => '/OS-KSADM/roles'
+          )
+        end
+      end
+
+      class Mock
+        def create_role(name)
+          response = Excon::Response.new
+          response.status = 202
+
+          data = {
+            'id'          => Fog::Mock.random_numbers(6).to_s,
+            'name'        => name
+          }
+          self.data[:roles][data['id']] = data
+          self.data[:roles][data['id']][:last_modified] = Time.now
+          response.body = { 'role' => data }
+          response
+        end
+
+      end
+    end
+  end
+end

lib/fog/openstack/requests/identity/create_user_role.rb

@@ -0,0 +1,21 @@
+module Fog
+  module Identity
+    class OpenStack
+      class Real
+
+        def create_user_role(tenant_id, user_id, role_id)
+          request(
+            :expects  => 200,
+            :method   => 'PUT',
+            :path     => '/tenants/%s/users/%s/roles/OS-KSADM/%s' % [tenant_id, user_id, role_id]
+          )
+        end
+
+      end
+
+      class Mock
+
+      end
+    end
+  end
+end

lib/fog/openstack/requests/identity/delete_role.rb

@@ -0,0 +1,32 @@
+module Fog
+  module Identity
+    class OpenStack
+      class Real
+
+        def delete_role(role_id)
+          request(
+            :expects => [200, 204],
+            :method => 'DELETE',
+            :path   => '/OS-KSADM/roles/%s' % role_id
+          )
+        end
+
+      end
+
+      class Mock
+
+        def delete_role(role_id)
+          response = Excon::Response.new
+          if role = list_roles.body['roles'].detect {|_| _['id'] == role_id}
+            self.data[:roles].delete(role_id)
+            response.status = 204
+            response
+          else
+            raise Fog::Identity::OpenStack::NotFound
+          end
+        end
+
+      end
+    end
+  end
+end

lib/fog/openstack/requests/identity/delete_user_role.rb

@@ -0,0 +1,22 @@
+module Fog
+  module Identity
+    class OpenStack
+      class Real
+
+        def delete_user_role(tenant_id, user_id, role_id)
+          request(
+            :expects  => 200,
+            :method   => 'DELETE',
+            :path     => '/tenants/%s/users/%s/roles/OS-KSADM/%s' % [tenant_id, user_id, role_id]
+          )
+        end
+
+      end
+
+      class Mock
+
+      end
+    end
+  end
+end
+

lib/fog/openstack/requests/identity/get_role.rb

@@ -0,0 +1,30 @@
+module Fog
+  module Identity
+    class OpenStack
+      class Real
+        def get_role(id)
+          request(
+            :expects => [200, 204],
+            :method  => 'GET',
+            :path    => "/OS-KSADM/roles/%s" % id
+          )
+        end
+      end
+
+      class Mock
+        def get_role(id)
+          response = Excon::Response.new
+          response.status = [200, 204][rand(1)]
+          response.body = {
+            'role' => {
+              'id' => '1',
+              'name' => 'System Admin',
+              'description' => 'Role description',
+            }
+          }
+          response
+        end
+      end # class Mock
+    end # class OpenStack
+  end # module Identity
+end # module Fog

lib/fog/openstack/requests/identity/list_roles.rb

@@ -0,0 +1,29 @@
+module Fog
+  module Identity
+    class OpenStack
+      class Real
+
+        def list_roles
+          request(
+            :expects => 200,
+            :method => 'GET',
+            :path   => '/OS-KSADM/roles'
+          )
+        end
+
+      end
+
+      class Mock
+
+        def list_roles
+          response = Excon::Response.new
+          response.status = 200
+          response.body = { 'roles' => self.data[:roles] }
+          response
+        end
+
+      end
+    end
+  end
+end
+

lib/fog/openstack/requests/identity/list_roles_for_user_on_tenant.rb

@@ -6,7 +6,7 @@ module Fog
           request(
             :expects  => [200],
             :method   => 'GET',
-            :path     => "tenants/#{tenant_id}/users/#{user_id}/roles"
+            :path     => 'tenants/%s/users/%s/roles' % [tenant_id, user_id]
           )
         end # def list_roles_for_user_on_tenant
       end # class Real

tests/openstack/models/identity/role_tests.rb

@@ -0,0 +1,14 @@
+Shindo.tests("Fog::Identity[:openstack] | role", ['openstack']) do
+  @instance = Fog::Identity[:openstack].roles.new({:name => 'Role Name', :user_id => 1, :role_id => 1})
+
+  tests('success') do
+    tests('#save').returns(true) do
+      @instance.save
+    end
+
+    tests('#destroy').returns(true) do
+      @instance.destroy
+    end
+  end
+end
+

tests/openstack/models/identity/roles_tests.rb

@@ -0,0 +1,20 @@
+Shindo.tests("Fog::Identity[:openstack] | roles", ['openstack']) do
+  @user   = Fog::Identity[:openstack].users.all.first
+  @tenant = Fog::Identity[:openstack].tenants.all.first
+  @roles  = Fog::Identity[:openstack].roles(:user => @user, :tenant => @tenant)
+
+  tests('success') do
+    tests('#all').succeeds do
+      @roles.all
+    end
+
+    @role = @roles.all.first
+    tests('#add_user_role(@user.id, @tenant.id, @role.id)').returns(true) do
+      @roles.add_user_role(@user.id, @tenant.id, @role.id)
+    end
+
+    tests('#remove_user_role(@user.id, @tenant.id, @role.id)').returns(true) do
+      @roles.remove_user_role(@user.id, @tenant.id, @role.id)
+    end
+  end
+end

tests/openstack/requests/identity/role_tests.rb

@@ -0,0 +1,41 @@
+Shindo.tests('Fog::Identity[:openstack] | role requests', ['openstack']) do
+
+  @role_format = {
+    'id'   => String,
+    'name' => String
+  }
+  @user   = Fog::Identity[:openstack].list_users.body['users'].first
+  @tenant = Fog::Identity[:openstack].list_tenants.body['tenants'].first
+  tests('success') do
+
+    tests('#create_role("Role Name", "Descriptio")').formats(@role_format, false) do
+      @role = Fog::Identity[:openstack].create_role("Role Name").body['role']
+    end
+
+    tests('#list_roles').formats({'roles' => [@role_format]}) do
+      Fog::Identity[:openstack].list_roles.body
+    end
+
+    tests("#get_role('#{@role['id']}')").formats(@role_format) do
+      Fog::Identity[:openstack].get_role(@role['id']).body['role']
+    end
+
+    tests('#create_user_role(@tenant["id"], @user["id"], @role["id"])').formats(@role_format) do
+      Fog::Identity[:openstack].create_user_role(@tenant['id'], @user['id'], @role['id']).body['role']
+    end
+
+    tests("#list_roles_for_user_on_tenant('#{@tenant['id']}','#{@user['id']}')").formats([@role_format]) do
+      Fog::Identity[:openstack].list_roles_for_user_on_tenant(@tenant['id'], @user['id']).body['roles']
+    end
+
+    tests("#delete_user_role with tenant").formats(@role_format) do
+      Fog::Identity[:openstack].delete_user_role(@tenant['id'], @user['id'], @role['id']).body
+    end
+
+    tests("#delete_role('#{@role['id']}')").formats(@role_format) do
+      Fog::Identity[:openstack].delete_role(@role['id']).body
+    end
+
+  end
+end
+