Gitiles
Code Review Sign In
spfactory.storpool.com / tempest / 037deed40c77e6254b5a0519e8e7683f79bdc9a6 / . / tempest / services / identity / json / identity_client.py
blob: c0182152df0ce8ac84f91c74a35219f605625b4c [file] [log] [blame]
Sean Dague556add52013-07-19 14:28:44 -0400[diff] [blame]1# Licensed under the Apache License, Version 2.0 (the "License"); you may
2# not use this file except in compliance with the License. You may obtain
3# a copy of the License at
4#
5# http://www.apache.org/licenses/LICENSE-2.0
6#
7# Unless required by applicable law or agreed to in writing, software
8# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
9# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
10# License for the specific language governing permissions and limitations
11# under the License.
12
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]13import json
14
Matthew Treinisha83a16e2012-12-07 13:44:02 -0500[diff] [blame]15from tempest.common.rest_client import RestClient
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]16from tempest import config
Matthew Treinisha83a16e2012-12-07 13:44:02 -0500[diff] [blame]17from tempest import exceptions
18
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]19CONF = config.CONF
20
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]21
Attila Fazekas407b6db2013-01-19 12:48:36 +0100[diff] [blame]22class IdentityClientJSON(RestClient):
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]23
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]24 def __init__(self, auth_provider):
25 super(IdentityClientJSON, self).__init__(auth_provider)
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]26 self.service = CONF.identity.catalog_type
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]27 self.endpoint_url = 'adminURL'
28
29 def has_admin_extensions(self):
30 """
31 Returns True if the KSADM Admin Extensions are supported
32 False otherwise
33 """
34 if hasattr(self, '_has_admin_extensions'):
35 return self._has_admin_extensions
36 resp, body = self.list_roles()
37 self._has_admin_extensions = ('status' in resp and resp.status != 503)
38 return self._has_admin_extensions
39
40 def create_role(self, name):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]41 """Create a role."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]42 post_body = {
43 'name': name,
44 }
45 post_body = json.dumps({'role': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]46 resp, body = self.post('OS-KSADM/roles', post_body, self.headers)
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]47 body = json.loads(body)
48 return resp, body['role']
49
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]50 def create_tenant(self, name, **kwargs):
51 """
52 Create a tenant
53 name (required): New tenant name
54 description: Description of new tenant (default is none)
55 enabled <true|false>: Initial tenant status (default is true)
56 """
57 post_body = {
58 'name': name,
59 'description': kwargs.get('description', ''),
Gordon Chungad873602013-02-18 19:26:27 -0500[diff] [blame]60 'enabled': kwargs.get('enabled', True),
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]61 }
62 post_body = json.dumps({'tenant': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]63 resp, body = self.post('tenants', post_body, self.headers)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]64 body = json.loads(body)
65 return resp, body['tenant']
66
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]67 def delete_role(self, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]68 """Delete a role."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]69 resp, body = self.delete('OS-KSADM/roles/%s' % str(role_id))
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]70 return resp, body
71
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]72 def list_user_roles(self, tenant_id, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]73 """Returns a list of roles assigned to a user for a tenant."""
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]74 url = '/tenants/%s/users/%s/roles' % (tenant_id, user_id)
75 resp, body = self.get(url)
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]76 body = json.loads(body)
77 return resp, body['roles']
78
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]79 def assign_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]80 """Add roles to a user on a tenant."""
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]81 post_body = json.dumps({})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]82 resp, body = self.put('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
83 (tenant_id, user_id, role_id), post_body,
84 self.headers)
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]85 body = json.loads(body)
86 return resp, body['role']
87
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]88 def remove_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]89 """Removes a role assignment for a user on a tenant."""
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]90 return self.delete('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
91 (tenant_id, user_id, role_id))
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]92
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]93 def delete_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]94 """Delete a tenant."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]95 resp, body = self.delete('tenants/%s' % str(tenant_id))
96 return resp, body
97
98 def get_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]99 """Get tenant details."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]100 resp, body = self.get('tenants/%s' % str(tenant_id))
101 body = json.loads(body)
102 return resp, body['tenant']
103
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]104 def list_roles(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]105 """Returns roles."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]106 resp, body = self.get('OS-KSADM/roles')
107 body = json.loads(body)
108 return resp, body['roles']
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]109
110 def list_tenants(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]111 """Returns tenants."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]112 resp, body = self.get('tenants')
113 body = json.loads(body)
114 return resp, body['tenants']
115
Dan Smithd6ff6b72012-08-23 10:29:41 -0700[diff] [blame]116 def get_tenant_by_name(self, tenant_name):
117 resp, tenants = self.list_tenants()
118 for tenant in tenants:
119 if tenant['name'] == tenant_name:
120 return tenant
121 raise exceptions.NotFound('No such tenant')
122
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]123 def update_tenant(self, tenant_id, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]124 """Updates a tenant."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]125 resp, body = self.get_tenant(tenant_id)
126 name = kwargs.get('name', body['name'])
127 desc = kwargs.get('description', body['description'])
128 en = kwargs.get('enabled', body['enabled'])
129 post_body = {
130 'id': tenant_id,
131 'name': name,
132 'description': desc,
133 'enabled': en,
134 }
135 post_body = json.dumps({'tenant': post_body})
136 resp, body = self.post('tenants/%s' % tenant_id, post_body,
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]137 self.headers)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]138 body = json.loads(body)
139 return resp, body['tenant']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]140
huangtianhuafc8db4f2013-10-08 12:05:58 +0800[diff] [blame]141 def create_user(self, name, password, tenant_id, email, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]142 """Create a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]143 post_body = {
144 'name': name,
145 'password': password,
146 'tenantId': tenant_id,
147 'email': email
148 }
huangtianhuafc8db4f2013-10-08 12:05:58 +0800[diff] [blame]149 if kwargs.get('enabled') is not None:
150 post_body['enabled'] = kwargs.get('enabled')
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]151 post_body = json.dumps({'user': post_body})
152 resp, body = self.post('users', post_body, self.headers)
153 body = json.loads(body)
154 return resp, body['user']
155
Chang Bo Guob36b2f12013-09-13 04:52:00 -0700[diff] [blame]156 def update_user(self, user_id, **kwargs):
157 """Updates a user."""
158 put_body = json.dumps({'user': kwargs})
159 resp, body = self.put('users/%s' % user_id, put_body,
160 self.headers)
161 body = json.loads(body)
162 return resp, body['user']
163
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]164 def get_user(self, user_id):
165 """GET a user."""
166 resp, body = self.get("users/%s" % user_id)
167 body = json.loads(body)
168 return resp, body['user']
169
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]170 def delete_user(self, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]171 """Delete a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]172 resp, body = self.delete("users/%s" % user_id)
173 return resp, body
174
175 def get_users(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]176 """Get the list of users."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]177 resp, body = self.get("users")
178 body = json.loads(body)
179 return resp, body['users']
180
181 def enable_disable_user(self, user_id, enabled):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]182 """Enables or disables a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]183 put_body = {
Sean Dague14c68182013-04-14 15:34:30 -0400[diff] [blame]184 'enabled': enabled
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]185 }
186 put_body = json.dumps({'user': put_body})
187 resp, body = self.put('users/%s/enabled' % user_id,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]188 put_body, self.headers)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]189 body = json.loads(body)
190 return resp, body
191
192 def delete_token(self, token_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]193 """Delete a token."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]194 resp, body = self.delete("tokens/%s" % token_id)
195 return resp, body
196
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]197 def list_users_for_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]198 """List users for a Tenant."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]199 resp, body = self.get('/tenants/%s/users' % tenant_id)
200 body = json.loads(body)
201 return resp, body['users']
202
Dan Smithd6ff6b72012-08-23 10:29:41 -0700[diff] [blame]203 def get_user_by_username(self, tenant_id, username):
204 resp, users = self.list_users_for_tenant(tenant_id)
205 for user in users:
206 if user['name'] == username:
207 return user
208 raise exceptions.NotFound('No such user')
209
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]210 def create_service(self, name, type, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]211 """Create a service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]212 post_body = {
Zhongyue Luoa1343de2013-01-04 16:21:35 +0800[diff] [blame]213 'name': name,
214 'type': type,
215 'description': kwargs.get('description')
216 }
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]217 post_body = json.dumps({'OS-KSADM:service': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]218 resp, body = self.post('/OS-KSADM/services', post_body, self.headers)
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]219 body = json.loads(body)
220 return resp, body['OS-KSADM:service']
221
222 def get_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]223 """Get Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]224 url = '/OS-KSADM/services/%s' % service_id
225 resp, body = self.get(url)
226 body = json.loads(body)
227 return resp, body['OS-KSADM:service']
228
umamohanb51ad002013-01-24 18:13:15 +0000[diff] [blame]229 def list_services(self):
230 """List Service - Returns Services."""
231 resp, body = self.get('/OS-KSADM/services/')
232 body = json.loads(body)
233 return resp, body['OS-KSADM:services']
234
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]235 def delete_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]236 """Delete Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]237 url = '/OS-KSADM/services/%s' % service_id
238 return self.delete(url)
239
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]240
Vincent Hou6b8a7b72012-08-25 01:24:33 +0800[diff] [blame]241class TokenClientJSON(RestClient):
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]242
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]243 def __init__(self):
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]244 super(TokenClientJSON, self).__init__(None)
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]245 auth_url = CONF.identity.uri
Jay Pipes7c88eb22013-01-16 21:32:43 -0500[diff] [blame]246
Jay Pipes7c88eb22013-01-16 21:32:43 -0500[diff] [blame]247 # Normalize URI to ensure /tokens is in it.
248 if 'tokens' not in auth_url:
249 auth_url = auth_url.rstrip('/') + '/tokens'
250
251 self.auth_url = auth_url
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]252
253 def auth(self, user, password, tenant):
Zhongyue Luo30a563f2012-09-30 23:43:50 +0900[diff] [blame]254 creds = {
255 'auth': {
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]256 'passwordCredentials': {
257 'username': user,
258 'password': password,
259 },
Zhongyue Luo30a563f2012-09-30 23:43:50 +0900[diff] [blame]260 'tenantName': tenant,
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]261 }
262 }
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]263 body = json.dumps(creds)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]264 resp, body = self.post(self.auth_url, headers=self.headers, body=body)
265
266 return resp, body['access']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]267
268 def request(self, method, url, headers=None, body=None):
269 """A simple HTTP request interface."""
Zhongyue Luoe471d6e2012-09-17 17:02:43 +0800[diff] [blame]270 if headers is None:
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]271 headers = {}
272
Attila Fazekas7b487be2013-02-12 11:14:41 +0100[diff] [blame]273 self._log_request(method, url, headers, body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]274 resp, resp_body = self.http_obj.request(url, method,
275 headers=headers, body=body)
Attila Fazekas7b487be2013-02-12 11:14:41 +0100[diff] [blame]276 self._log_response(resp, resp_body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]277
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]278 if resp.status in [401, 403]:
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]279 resp_body = json.loads(resp_body)
280 raise exceptions.Unauthorized(resp_body['error']['message'])
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]281 elif resp.status not in [200, 201]:
282 raise exceptions.IdentityError(
283 'Unexpected status code {0}'.format(resp.status))
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]284
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]285 return resp, json.loads(resp_body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]286
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]287 def get_token(self, user, password, tenant, auth_data=False):
288 """
289 Returns (token id, token data) for supplied credentials
290 """
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]291 resp, body = self.auth(user, password, tenant)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]292
293 if auth_data:
294 return body['token']['id'], body
295 else:
296 return body['token']['id']