blob: c0182152df0ce8ac84f91c74a35219f605625b4c [file] [log] [blame]
Sean Dague556add52013-07-19 14:28:44 -04001# Licensed under the Apache License, Version 2.0 (the "License"); you may
2# not use this file except in compliance with the License. You may obtain
3# a copy of the License at
4#
5# http://www.apache.org/licenses/LICENSE-2.0
6#
7# Unless required by applicable law or agreed to in writing, software
8# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
9# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
10# License for the specific language governing permissions and limitations
11# under the License.
12
chris fattarsi8ed39ac2012-04-30 14:11:27 -070013import json
14
Matthew Treinisha83a16e2012-12-07 13:44:02 -050015from tempest.common.rest_client import RestClient
Matthew Treinish684d8992014-01-30 16:27:40 +000016from tempest import config
Matthew Treinisha83a16e2012-12-07 13:44:02 -050017from tempest import exceptions
18
Matthew Treinish684d8992014-01-30 16:27:40 +000019CONF = config.CONF
20
chris fattarsi8ed39ac2012-04-30 14:11:27 -070021
Attila Fazekas407b6db2013-01-19 12:48:36 +010022class IdentityClientJSON(RestClient):
chris fattarsi8ed39ac2012-04-30 14:11:27 -070023
Andrea Frittoli8bbdb162014-01-06 11:06:13 +000024 def __init__(self, auth_provider):
25 super(IdentityClientJSON, self).__init__(auth_provider)
Matthew Treinish684d8992014-01-30 16:27:40 +000026 self.service = CONF.identity.catalog_type
chris fattarsi8ed39ac2012-04-30 14:11:27 -070027 self.endpoint_url = 'adminURL'
28
29 def has_admin_extensions(self):
30 """
31 Returns True if the KSADM Admin Extensions are supported
32 False otherwise
33 """
34 if hasattr(self, '_has_admin_extensions'):
35 return self._has_admin_extensions
36 resp, body = self.list_roles()
37 self._has_admin_extensions = ('status' in resp and resp.status != 503)
38 return self._has_admin_extensions
39
40 def create_role(self, name):
Sean Daguef237ccb2013-01-04 15:19:14 -050041 """Create a role."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -070042 post_body = {
43 'name': name,
44 }
45 post_body = json.dumps({'role': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +080046 resp, body = self.post('OS-KSADM/roles', post_body, self.headers)
chris fattarsi8ed39ac2012-04-30 14:11:27 -070047 body = json.loads(body)
48 return resp, body['role']
49
chris fattarsi9ba7b0e2012-05-07 13:55:51 -070050 def create_tenant(self, name, **kwargs):
51 """
52 Create a tenant
53 name (required): New tenant name
54 description: Description of new tenant (default is none)
55 enabled <true|false>: Initial tenant status (default is true)
56 """
57 post_body = {
58 'name': name,
59 'description': kwargs.get('description', ''),
Gordon Chungad873602013-02-18 19:26:27 -050060 'enabled': kwargs.get('enabled', True),
chris fattarsi9ba7b0e2012-05-07 13:55:51 -070061 }
62 post_body = json.dumps({'tenant': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +080063 resp, body = self.post('tenants', post_body, self.headers)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -070064 body = json.loads(body)
65 return resp, body['tenant']
66
chris fattarsi8ed39ac2012-04-30 14:11:27 -070067 def delete_role(self, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -050068 """Delete a role."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -070069 resp, body = self.delete('OS-KSADM/roles/%s' % str(role_id))
chris fattarsi8ed39ac2012-04-30 14:11:27 -070070 return resp, body
71
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +053072 def list_user_roles(self, tenant_id, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -050073 """Returns a list of roles assigned to a user for a tenant."""
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +053074 url = '/tenants/%s/users/%s/roles' % (tenant_id, user_id)
75 resp, body = self.get(url)
Rohit Karajgi69e80a02012-05-15 03:54:04 -070076 body = json.loads(body)
77 return resp, body['roles']
78
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +053079 def assign_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -050080 """Add roles to a user on a tenant."""
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +053081 post_body = json.dumps({})
Zhongyue Luoe0884a32012-09-25 17:24:17 +080082 resp, body = self.put('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
83 (tenant_id, user_id, role_id), post_body,
84 self.headers)
Rohit Karajgi69e80a02012-05-15 03:54:04 -070085 body = json.loads(body)
86 return resp, body['role']
87
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +053088 def remove_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -050089 """Removes a role assignment for a user on a tenant."""
Zhongyue Luo79d8d362012-09-25 13:49:27 +080090 return self.delete('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
91 (tenant_id, user_id, role_id))
Rohit Karajgi69e80a02012-05-15 03:54:04 -070092
chris fattarsi9ba7b0e2012-05-07 13:55:51 -070093 def delete_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -050094 """Delete a tenant."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -070095 resp, body = self.delete('tenants/%s' % str(tenant_id))
96 return resp, body
97
98 def get_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -050099 """Get tenant details."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700100 resp, body = self.get('tenants/%s' % str(tenant_id))
101 body = json.loads(body)
102 return resp, body['tenant']
103
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700104 def list_roles(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500105 """Returns roles."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700106 resp, body = self.get('OS-KSADM/roles')
107 body = json.loads(body)
108 return resp, body['roles']
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700109
110 def list_tenants(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500111 """Returns tenants."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700112 resp, body = self.get('tenants')
113 body = json.loads(body)
114 return resp, body['tenants']
115
Dan Smithd6ff6b72012-08-23 10:29:41 -0700116 def get_tenant_by_name(self, tenant_name):
117 resp, tenants = self.list_tenants()
118 for tenant in tenants:
119 if tenant['name'] == tenant_name:
120 return tenant
121 raise exceptions.NotFound('No such tenant')
122
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700123 def update_tenant(self, tenant_id, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500124 """Updates a tenant."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700125 resp, body = self.get_tenant(tenant_id)
126 name = kwargs.get('name', body['name'])
127 desc = kwargs.get('description', body['description'])
128 en = kwargs.get('enabled', body['enabled'])
129 post_body = {
130 'id': tenant_id,
131 'name': name,
132 'description': desc,
133 'enabled': en,
134 }
135 post_body = json.dumps({'tenant': post_body})
136 resp, body = self.post('tenants/%s' % tenant_id, post_body,
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800137 self.headers)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700138 body = json.loads(body)
139 return resp, body['tenant']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700140
huangtianhuafc8db4f2013-10-08 12:05:58 +0800141 def create_user(self, name, password, tenant_id, email, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500142 """Create a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700143 post_body = {
144 'name': name,
145 'password': password,
146 'tenantId': tenant_id,
147 'email': email
148 }
huangtianhuafc8db4f2013-10-08 12:05:58 +0800149 if kwargs.get('enabled') is not None:
150 post_body['enabled'] = kwargs.get('enabled')
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700151 post_body = json.dumps({'user': post_body})
152 resp, body = self.post('users', post_body, self.headers)
153 body = json.loads(body)
154 return resp, body['user']
155
Chang Bo Guob36b2f12013-09-13 04:52:00 -0700156 def update_user(self, user_id, **kwargs):
157 """Updates a user."""
158 put_body = json.dumps({'user': kwargs})
159 resp, body = self.put('users/%s' % user_id, put_body,
160 self.headers)
161 body = json.loads(body)
162 return resp, body['user']
163
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530164 def get_user(self, user_id):
165 """GET a user."""
166 resp, body = self.get("users/%s" % user_id)
167 body = json.loads(body)
168 return resp, body['user']
169
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700170 def delete_user(self, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500171 """Delete a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700172 resp, body = self.delete("users/%s" % user_id)
173 return resp, body
174
175 def get_users(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500176 """Get the list of users."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700177 resp, body = self.get("users")
178 body = json.loads(body)
179 return resp, body['users']
180
181 def enable_disable_user(self, user_id, enabled):
Sean Daguef237ccb2013-01-04 15:19:14 -0500182 """Enables or disables a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700183 put_body = {
Sean Dague14c68182013-04-14 15:34:30 -0400184 'enabled': enabled
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700185 }
186 put_body = json.dumps({'user': put_body})
187 resp, body = self.put('users/%s/enabled' % user_id,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800188 put_body, self.headers)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700189 body = json.loads(body)
190 return resp, body
191
192 def delete_token(self, token_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500193 """Delete a token."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700194 resp, body = self.delete("tokens/%s" % token_id)
195 return resp, body
196
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530197 def list_users_for_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500198 """List users for a Tenant."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530199 resp, body = self.get('/tenants/%s/users' % tenant_id)
200 body = json.loads(body)
201 return resp, body['users']
202
Dan Smithd6ff6b72012-08-23 10:29:41 -0700203 def get_user_by_username(self, tenant_id, username):
204 resp, users = self.list_users_for_tenant(tenant_id)
205 for user in users:
206 if user['name'] == username:
207 return user
208 raise exceptions.NotFound('No such user')
209
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530210 def create_service(self, name, type, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500211 """Create a service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530212 post_body = {
Zhongyue Luoa1343de2013-01-04 16:21:35 +0800213 'name': name,
214 'type': type,
215 'description': kwargs.get('description')
216 }
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530217 post_body = json.dumps({'OS-KSADM:service': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800218 resp, body = self.post('/OS-KSADM/services', post_body, self.headers)
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530219 body = json.loads(body)
220 return resp, body['OS-KSADM:service']
221
222 def get_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500223 """Get Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530224 url = '/OS-KSADM/services/%s' % service_id
225 resp, body = self.get(url)
226 body = json.loads(body)
227 return resp, body['OS-KSADM:service']
228
umamohanb51ad002013-01-24 18:13:15 +0000229 def list_services(self):
230 """List Service - Returns Services."""
231 resp, body = self.get('/OS-KSADM/services/')
232 body = json.loads(body)
233 return resp, body['OS-KSADM:services']
234
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530235 def delete_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500236 """Delete Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530237 url = '/OS-KSADM/services/%s' % service_id
238 return self.delete(url)
239
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700240
Vincent Hou6b8a7b72012-08-25 01:24:33 +0800241class TokenClientJSON(RestClient):
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700242
Matthew Treinish684d8992014-01-30 16:27:40 +0000243 def __init__(self):
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000244 super(TokenClientJSON, self).__init__(None)
Matthew Treinish684d8992014-01-30 16:27:40 +0000245 auth_url = CONF.identity.uri
Jay Pipes7c88eb22013-01-16 21:32:43 -0500246
Jay Pipes7c88eb22013-01-16 21:32:43 -0500247 # Normalize URI to ensure /tokens is in it.
248 if 'tokens' not in auth_url:
249 auth_url = auth_url.rstrip('/') + '/tokens'
250
251 self.auth_url = auth_url
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700252
253 def auth(self, user, password, tenant):
Zhongyue Luo30a563f2012-09-30 23:43:50 +0900254 creds = {
255 'auth': {
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700256 'passwordCredentials': {
257 'username': user,
258 'password': password,
259 },
Zhongyue Luo30a563f2012-09-30 23:43:50 +0900260 'tenantName': tenant,
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700261 }
262 }
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700263 body = json.dumps(creds)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000264 resp, body = self.post(self.auth_url, headers=self.headers, body=body)
265
266 return resp, body['access']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700267
268 def request(self, method, url, headers=None, body=None):
269 """A simple HTTP request interface."""
Zhongyue Luoe471d6e2012-09-17 17:02:43 +0800270 if headers is None:
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700271 headers = {}
272
Attila Fazekas7b487be2013-02-12 11:14:41 +0100273 self._log_request(method, url, headers, body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700274 resp, resp_body = self.http_obj.request(url, method,
275 headers=headers, body=body)
Attila Fazekas7b487be2013-02-12 11:14:41 +0100276 self._log_response(resp, resp_body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700277
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000278 if resp.status in [401, 403]:
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700279 resp_body = json.loads(resp_body)
280 raise exceptions.Unauthorized(resp_body['error']['message'])
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000281 elif resp.status not in [200, 201]:
282 raise exceptions.IdentityError(
283 'Unexpected status code {0}'.format(resp.status))
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700284
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000285 return resp, json.loads(resp_body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700286
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000287 def get_token(self, user, password, tenant, auth_data=False):
288 """
289 Returns (token id, token data) for supplied credentials
290 """
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700291 resp, body = self.auth(user, password, tenant)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000292
293 if auth_data:
294 return body['token']['id'], body
295 else:
296 return body['token']['id']