1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 """Identity API v3 Test (Roles/Projects/Groups/Users)"""
18
19
20 import hashlib
21 import os
22 import sys
23 import tempfile
24
25 from yakumo.smoketest import *
26 from yakumo import utils
27
28
30
31
32 if c._session.config[u'identity_api_version'] != '3':
33 return
34
35 LOG.info("Create Domain #1")
36 name = get_random_str('domain')
37 with c.domain.create(name=name,
38 description='domain 1',
39 is_enabled=False) as d:
40
41 test("Doamin #1: name is %s" % name, d.name == name)
42 test("Domain #1: description is 'domain 1'",
43 d.description == 'domain 1')
44 test("Domain #1: is disabled", not d.is_enabled)
45
46 LOG.info("Update domain properties")
47
48 name = get_random_str('domain')
49 d.update(name=name, description='domain 1-1', is_enabled=True)
50
51 test("Doamin #1: name is %s" % name, d.name == name)
52 test("Domain #1: description is 'domain 1-1'",
53 d.description == 'domain 1-1')
54 test("Domain #1: is enabled", d.is_enabled)
55
56 LOG.info("Create Role #1")
57 name = get_random_str('role')
58 with c.role.create(name=name) as r:
59
60 test("Role #1: name is %s" % name, r.name == name)
61
62 LOG.info("Create Project #1")
63 name = get_random_str('project')
64 with c.project.create(name=name,
65 description='project 1',
66 domain=d,
67 is_enabled=False) as p:
68
69 test("Project #1: name is %s" % name, p.name == name)
70 test("Project #1: description is 'project 1'",
71 p.description == 'project 1')
72 test("Project #1: is disabled", not p.is_enabled)
73
74 LOG.info("Update project properties")
75
76 name = get_random_str('project')
77 p.update(name=name, description='project 1-1', is_enabled=True)
78
79 test("Project #1: name is %s" % name, p.name == name)
80 test("Project #1: description is 'project 1-1'",
81 p.description == 'project 1-1')
82 test("Project #1: is enabled", p.is_enabled)
83
84 LOG.info("Create Group #1")
85 name = get_random_str('group')
86 password = get_random_str('pass')
87 with c.group.create(name=name,
88 description='group 1',
89 domain=d) as g:
90
91 test("Group #1: name is %s" % name, g.name == name)
92 test("Group #1: description is 'group 1'",
93 g.description == 'group 1')
94 test("Group #1: is in Domain #1", g.domain == d)
95
96 LOG.info("Update group properties")
97
98 name = get_random_str('group')
99 password = get_random_str('pass')
100 g.update(name=name, description='group 1-1')
101
102 test("Group #1: name is %s" % name, g.name == name)
103 test("Group #1: description is 'group 1-1'",
104 g.description == 'group 1-1')
105
106 test("Group #1: no Role #1 for Project #1",
107 p.check_roles(groups=g, roles=r) == [False])
108
109 LOG.info("Grant Role #1 to Group #1 for Project #1")
110 p.grant_roles(groups=g, roles=r)
111
112 test("Group #1: Role #1 for Project #1",
113 p.check_roles(groups=g, roles=r) == [True])
114
115 LOG.info("Revoke Role #1 from Group #1 for Project #1")
116 p.revoke_roles(groups=g, roles=r)
117
118 test("Group #1: no Role #1 for Project #1",
119 p.check_roles(groups=g, roles=r) == [False])
120
121 test("Group #1: no Role #1 for Domain #1",
122 d.check_roles(groups=g, roles=r) == [False])
123
124 LOG.info("Grant Role #1 to Group #1 for Domain #1")
125 d.grant_roles(groups=g, roles=r)
126
127 test("Group #1: Role #1 for Domain #1",
128 d.check_roles(groups=g, roles=r) == [True])
129
130 LOG.info("Revoke Role #1 from Group #1 for Domain #1")
131 d.revoke_roles(groups=g, roles=r)
132
133 test("Group #1: no Role #1 for Domain #1",
134 d.check_roles(groups=g, roles=r) == [False])
135
136 LOG.info("Create User #1")
137 name = get_random_str('user')
138 password = get_random_str('pass')
139 with c.user.create(name=name,
140 email='user@example.com',
141 password=password,
142 domain=d,
143 is_enabled=False) as u:
144
145 test("User #1: name is %s" % name, u.name == name)
146 test("User #1: email is 'user@example.com'",
147 u.email == 'user@example.com')
148 test("User #1: is in Domain #1", u.domain == d)
149 test("User #1: is disabled", not u.is_enabled)
150
151 LOG.info("Update user properties")
152
153 name = get_random_str('user')
154 password = get_random_str('pass')
155 u.update(name=name,
156 email='user@example.net',
157 password=password,
158 is_enabled=True)
159
160 test("User #1: name is %s" % name, u.name == name)
161 test("User #1: email is 'user@example.net'",
162 u.email == 'user@example.net')
163 test("User #1: is enabled", u.is_enabled)
164
165 test("Group #1: no User #1 for Project #1",
166 p.check_roles(users=u, roles=r) == [False])
167
168 LOG.info("Grant Role #1 to User #1 for Project #1")
169 p.grant_roles(users=u, roles=r)
170
171 test("Group #1: User #1 for Project #1",
172 p.check_roles(users=u, roles=r) == [True])
173
174 LOG.info("Revoke Role #1 from User #1 for Project #1")
175 p.revoke_roles(users=u, roles=r)
176
177 test("Group #1: no User #1 for Project #1",
178 p.check_roles(users=u, roles=r) == [False])
179
180 test("Group #1: no User #1 for Domain #1",
181 d.check_roles(users=u, roles=r) == [False])
182
183 LOG.info("Grant Role #1 to User #1 for Domain #1")
184 d.grant_roles(users=u, roles=r)
185
186 test("Group #1: User #1 for Domain #1",
187 d.check_roles(users=u, roles=r) == [True])
188
189 LOG.info("Revoke Role #1 from User #1 for Domain #1")
190 d.revoke_roles(users=u, roles=r)
191
192 test("Group #1: no User #1 for Domain #1",
193 d.check_roles(users=u, roles=r) == [False])
194
195 LOG.debug("Domain #1: disabled to delete")
196 d.update(is_enabled=False)
197
198
199 if __name__ == '__main__':
200 c = utils.get_client()
201 if c._session.config[u'identity_api_version'] != '3':
202 sys.exit(0)
203
204 LOG.debug("list domains: %s", [_.name for _ in c.domain.list()])
205 LOG.debug("list roles: %s", [_.name for _ in c.role.list()])
206 LOG.debug("list projects: %s", [_.name for _ in c.project.list()])
207 LOG.debug("list groups: %s", [_.name for _ in c.group.list()])
208 LOG.debug("list users: %s", [_.name for _ in c.user.list()])
209 main(c)
210 LOG.debug("list domains: %s", [_.name for _ in c.domain.list()])
211 LOG.debug("list roles: %s", [_.name for _ in c.role.list()])
212 LOG.debug("list projects: %s", [_.name for _ in c.project.list()])
213 LOG.debug("list groups: %s", [_.name for _ in c.group.list()])
214 LOG.debug("list users: %s", [_.name for _ in c.user.list()])
215
216 show_test_summary()
217