Gitiles
Code Review Sign In
spfactory.storpool.com / tempest / 59bae805398f0604cabe0b30b092341c4db60565 / . / tempest / services / identity / v3 / xml / identity_client.py
blob: 63046288e558488de543be81969addf4d1ff9db3 [file] [log] [blame]
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]1# Copyright 2013 OpenStack Foundation
2# All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License"); you may
5# not use this file except in compliance with the License. You may obtain
6# a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13# License for the specific language governing permissions and limitations
14# under the License.
15
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]16import json
17import urlparse
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]18
19from lxml import etree
20
21from tempest.common.rest_client import RestClientXML
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]22from tempest import config
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]23from tempest import exceptions
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]24from tempest.services.compute.xml.common import Document
25from tempest.services.compute.xml.common import Element
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]26from tempest.services.compute.xml.common import Text
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]27from tempest.services.compute.xml.common import xml_to_json
28
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]29CONF = config.CONF
30
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]31XMLNS = "http://docs.openstack.org/identity/api/v3"
32
33
34class IdentityV3ClientXML(RestClientXML):
35
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]36 def __init__(self, auth_provider):
37 super(IdentityV3ClientXML, self).__init__(auth_provider)
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]38 self.service = CONF.identity.catalog_type
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]39 self.endpoint_url = 'adminURL'
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]40 self.api_version = "v3"
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]41
42 def _parse_projects(self, node):
43 array = []
44 for child in node.getchildren():
45 tag_list = child.tag.split('}', 1)
46 if tag_list[1] == "project":
47 array.append(xml_to_json(child))
48 return array
49
nayna-patel4df72dc2013-05-29 10:27:24 +0000[diff] [blame]50 def _parse_domains(self, node):
51 array = []
52 for child in node.getchildren():
53 tag_list = child.tag.split('}', 1)
54 if tag_list[1] == "domain":
55 array.append(xml_to_json(child))
56 return array
57
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]58 def _parse_group_users(self, node):
59 array = []
60 for child in node.getchildren():
61 tag_list = child.tag.split('}', 1)
62 if tag_list[1] == "user":
63 array.append(xml_to_json(child))
64 return array
65
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]66 def _parse_roles(self, node):
67 array = []
68 for child in node.getchildren():
69 tag_list = child.tag.split('}', 1)
70 if tag_list[1] == "role":
71 array.append(xml_to_json(child))
72 return array
73
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]74 def _parse_array(self, node):
75 array = []
76 for child in node.getchildren():
77 array.append(xml_to_json(child))
78 return array
79
80 def _parse_body(self, body):
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]81 _json = xml_to_json(body)
82 return _json
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]83
84 def create_user(self, user_name, **kwargs):
85 """Creates a user."""
86 password = kwargs.get('password', None)
87 email = kwargs.get('email', None)
88 en = kwargs.get('enabled', 'true')
89 project_id = kwargs.get('project_id', None)
90 description = kwargs.get('description', None)
91 domain_id = kwargs.get('domain_id', 'default')
92 post_body = Element("user",
93 xmlns=XMLNS,
94 name=user_name,
95 password=password,
96 description=description,
97 email=email,
98 enabled=str(en).lower(),
99 project_id=project_id,
100 domain_id=domain_id)
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]101 resp, body = self.post('users', str(Document(post_body)))
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]102 body = self._parse_body(etree.fromstring(body))
103 return resp, body
104
105 def update_user(self, user_id, name, **kwargs):
106 """Updates a user."""
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]107 resp, body = self.get_user(user_id)
108 email = kwargs.get('email', body['email'])
109 en = kwargs.get('enabled', body['enabled'])
110 project_id = kwargs.get('project_id', body['project_id'])
111 description = kwargs.get('description', body['description'])
112 domain_id = kwargs.get('domain_id', body['domain_id'])
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]113 update_user = Element("user",
114 xmlns=XMLNS,
115 name=name,
116 email=email,
117 project_id=project_id,
118 domain_id=domain_id,
119 description=description,
120 enabled=str(en).lower())
121 resp, body = self.patch('users/%s' % user_id,
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]122 str(Document(update_user)))
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]123 body = self._parse_body(etree.fromstring(body))
124 return resp, body
125
126 def list_user_projects(self, user_id):
127 """Lists the projects on which a user has roles assigned."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]128 resp, body = self.get('users/%s/projects' % user_id)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]129 body = self._parse_projects(etree.fromstring(body))
130 return resp, body
131
132 def get_users(self):
133 """Get the list of users."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]134 resp, body = self.get("users")
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]135 body = self._parse_array(etree.fromstring(body))
136 return resp, body
137
138 def get_user(self, user_id):
139 """GET a user."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]140 resp, body = self.get("users/%s" % user_id)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]141 body = self._parse_body(etree.fromstring(body))
142 return resp, body
143
144 def delete_user(self, user_id):
145 """Deletes a User."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]146 resp, body = self.delete("users/%s" % user_id)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]147 return resp, body
148
149 def create_project(self, name, **kwargs):
150 """Creates a project."""
151 description = kwargs.get('description', None)
152 en = kwargs.get('enabled', 'true')
153 domain_id = kwargs.get('domain_id', 'default')
154 post_body = Element("project",
155 xmlns=XMLNS,
156 description=description,
157 domain_id=domain_id,
158 enabled=str(en).lower(),
159 name=name)
160 resp, body = self.post('projects',
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]161 str(Document(post_body)))
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]162 body = self._parse_body(etree.fromstring(body))
163 return resp, body
164
Nayna Patele6331362013-08-12 06:59:48 +0000[diff] [blame]165 def list_projects(self):
166 """Get the list of projects."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]167 resp, body = self.get("projects")
Nayna Patele6331362013-08-12 06:59:48 +0000[diff] [blame]168 body = self._parse_projects(etree.fromstring(body))
169 return resp, body
170
171 def update_project(self, project_id, **kwargs):
172 """Updates a Project."""
173 resp, body = self.get_project(project_id)
174 name = kwargs.get('name', body['name'])
175 desc = kwargs.get('description', body['description'])
176 en = kwargs.get('enabled', body['enabled'])
177 domain_id = kwargs.get('domain_id', body['domain_id'])
178 post_body = Element("project",
179 xmlns=XMLNS,
180 name=name,
181 description=desc,
182 enabled=str(en).lower(),
183 domain_id=domain_id)
184 resp, body = self.patch('projects/%s' % project_id,
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]185 str(Document(post_body)))
Nayna Patele6331362013-08-12 06:59:48 +0000[diff] [blame]186 body = self._parse_body(etree.fromstring(body))
187 return resp, body
188
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]189 def get_project(self, project_id):
190 """GET a Project."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]191 resp, body = self.get("projects/%s" % project_id)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]192 body = self._parse_body(etree.fromstring(body))
193 return resp, body
194
195 def delete_project(self, project_id):
196 """Delete a project."""
197 resp, body = self.delete('projects/%s' % str(project_id))
198 return resp, body
199
200 def create_role(self, name):
201 """Create a Role."""
202 post_body = Element("role",
203 xmlns=XMLNS,
204 name=name)
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]205 resp, body = self.post('roles', str(Document(post_body)))
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]206 body = self._parse_body(etree.fromstring(body))
207 return resp, body
208
209 def get_role(self, role_id):
210 """GET a Role."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]211 resp, body = self.get('roles/%s' % str(role_id))
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]212 body = self._parse_body(etree.fromstring(body))
213 return resp, body
214
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]215 def update_role(self, name, role_id):
216 """Updates a Role."""
217 post_body = Element("role",
218 xmlns=XMLNS,
219 name=name)
220 resp, body = self.patch('roles/%s' % str(role_id),
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]221 str(Document(post_body)))
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]222 body = self._parse_body(etree.fromstring(body))
223 return resp, body
224
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]225 def delete_role(self, role_id):
226 """Delete a role."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]227 resp, body = self.delete('roles/%s' % str(role_id))
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]228 return resp, body
229
230 def assign_user_role(self, project_id, user_id, role_id):
231 """Add roles to a user on a tenant."""
232 resp, body = self.put('projects/%s/users/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]233 (project_id, user_id, role_id), '')
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]234 return resp, body
nayna-patel4df72dc2013-05-29 10:27:24 +0000[diff] [blame]235
236 def create_domain(self, name, **kwargs):
237 """Creates a domain."""
238 description = kwargs.get('description', None)
239 en = kwargs.get('enabled', True)
240 post_body = Element("domain",
241 xmlns=XMLNS,
242 name=name,
243 description=description,
244 enabled=str(en).lower())
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]245 resp, body = self.post('domains', str(Document(post_body)))
nayna-patel4df72dc2013-05-29 10:27:24 +0000[diff] [blame]246 body = self._parse_body(etree.fromstring(body))
247 return resp, body
248
249 def list_domains(self):
250 """Get the list of domains."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]251 resp, body = self.get("domains")
nayna-patel4df72dc2013-05-29 10:27:24 +0000[diff] [blame]252 body = self._parse_domains(etree.fromstring(body))
253 return resp, body
254
255 def delete_domain(self, domain_id):
256 """Delete a domain."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]257 resp, body = self.delete('domains/%s' % domain_id)
nayna-patel4df72dc2013-05-29 10:27:24 +0000[diff] [blame]258 return resp, body
259
260 def update_domain(self, domain_id, **kwargs):
261 """Updates a domain."""
262 resp, body = self.get_domain(domain_id)
263 description = kwargs.get('description', body['description'])
264 en = kwargs.get('enabled', body['enabled'])
265 name = kwargs.get('name', body['name'])
266 post_body = Element("domain",
267 xmlns=XMLNS,
268 name=name,
269 description=description,
270 enabled=str(en).lower())
271 resp, body = self.patch('domains/%s' % domain_id,
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]272 str(Document(post_body)))
nayna-patel4df72dc2013-05-29 10:27:24 +0000[diff] [blame]273 body = self._parse_body(etree.fromstring(body))
274 return resp, body
275
276 def get_domain(self, domain_id):
277 """Get Domain details."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]278 resp, body = self.get('domains/%s' % domain_id)
nayna-patel4df72dc2013-05-29 10:27:24 +0000[diff] [blame]279 body = self._parse_body(etree.fromstring(body))
280 return resp, body
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]281
282 def get_token(self, resp_token):
283 """GET a Token Details."""
284 headers = {'Content-Type': 'application/xml',
285 'Accept': 'application/xml',
286 'X-Subject-Token': resp_token}
287 resp, body = self.get("auth/tokens", headers=headers)
288 body = self._parse_body(etree.fromstring(body))
289 return resp, body
290
291 def delete_token(self, resp_token):
292 """Delete a Given Token."""
293 headers = {'X-Subject-Token': resp_token}
294 resp, body = self.delete("auth/tokens", headers=headers)
295 return resp, body
296
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]297 def create_group(self, name, **kwargs):
298 """Creates a group."""
299 description = kwargs.get('description', None)
300 domain_id = kwargs.get('domain_id', 'default')
301 project_id = kwargs.get('project_id', None)
302 post_body = Element("group",
303 xmlns=XMLNS,
304 name=name,
305 description=description,
306 domain_id=domain_id,
307 project_id=project_id)
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]308 resp, body = self.post('groups', str(Document(post_body)))
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]309 body = self._parse_body(etree.fromstring(body))
310 return resp, body
311
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]312 def get_group(self, group_id):
313 """Get group details."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]314 resp, body = self.get('groups/%s' % group_id)
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]315 body = self._parse_body(etree.fromstring(body))
316 return resp, body
317
318 def update_group(self, group_id, **kwargs):
319 """Updates a group."""
320 resp, body = self.get_group(group_id)
321 name = kwargs.get('name', body['name'])
322 description = kwargs.get('description', body['description'])
323 post_body = Element("group",
324 xmlns=XMLNS,
325 name=name,
326 description=description)
327 resp, body = self.patch('groups/%s' % group_id,
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]328 str(Document(post_body)))
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]329 body = self._parse_body(etree.fromstring(body))
330 return resp, body
331
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]332 def delete_group(self, group_id):
333 """Delete a group."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]334 resp, body = self.delete('groups/%s' % group_id)
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]335 return resp, body
336
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]337 def add_group_user(self, group_id, user_id):
338 """Add user into group."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]339 resp, body = self.put('groups/%s/users/%s' % (group_id, user_id), '')
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]340 return resp, body
341
342 def list_group_users(self, group_id):
343 """List users in group."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]344 resp, body = self.get('groups/%s/users' % group_id)
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]345 body = self._parse_group_users(etree.fromstring(body))
346 return resp, body
347
348 def delete_group_user(self, group_id, user_id):
349 """Delete user in group."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]350 resp, body = self.delete('groups/%s/users/%s' % (group_id, user_id))
Zhi Kun Liue8136f02014-01-07 18:56:28 +0800[diff] [blame]351 return resp, body
352
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]353 def assign_user_role_on_project(self, project_id, user_id, role_id):
354 """Add roles to a user on a project."""
355 resp, body = self.put('projects/%s/users/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]356 (project_id, user_id, role_id), '')
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]357 return resp, body
358
359 def assign_user_role_on_domain(self, domain_id, user_id, role_id):
360 """Add roles to a user on a domain."""
361 resp, body = self.put('domains/%s/users/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]362 (domain_id, user_id, role_id), '')
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]363 return resp, body
364
365 def list_user_roles_on_project(self, project_id, user_id):
366 """list roles of a user on a project."""
367 resp, body = self.get('projects/%s/users/%s/roles' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]368 (project_id, user_id))
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]369 body = self._parse_roles(etree.fromstring(body))
370 return resp, body
371
372 def list_user_roles_on_domain(self, domain_id, user_id):
373 """list roles of a user on a domain."""
374 resp, body = self.get('domains/%s/users/%s/roles' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]375 (domain_id, user_id))
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]376 body = self._parse_roles(etree.fromstring(body))
377 return resp, body
378
379 def revoke_role_from_user_on_project(self, project_id, user_id, role_id):
380 """Delete role of a user on a project."""
381 resp, body = self.delete('projects/%s/users/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]382 (project_id, user_id, role_id))
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]383 return resp, body
384
385 def revoke_role_from_user_on_domain(self, domain_id, user_id, role_id):
386 """Delete role of a user on a domain."""
387 resp, body = self.delete('domains/%s/users/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]388 (domain_id, user_id, role_id))
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]389 return resp, body
390
391 def assign_group_role_on_project(self, project_id, group_id, role_id):
392 """Add roles to a user on a project."""
393 resp, body = self.put('projects/%s/groups/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]394 (project_id, group_id, role_id), '')
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]395 return resp, body
396
397 def assign_group_role_on_domain(self, domain_id, group_id, role_id):
398 """Add roles to a user on a domain."""
399 resp, body = self.put('domains/%s/groups/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]400 (domain_id, group_id, role_id), '')
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]401 return resp, body
402
403 def list_group_roles_on_project(self, project_id, group_id):
404 """list roles of a user on a project."""
405 resp, body = self.get('projects/%s/groups/%s/roles' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]406 (project_id, group_id))
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]407 body = self._parse_roles(etree.fromstring(body))
408 return resp, body
409
410 def list_group_roles_on_domain(self, domain_id, group_id):
411 """list roles of a user on a domain."""
412 resp, body = self.get('domains/%s/groups/%s/roles' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]413 (domain_id, group_id))
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]414 body = self._parse_roles(etree.fromstring(body))
415 return resp, body
416
417 def revoke_role_from_group_on_project(self, project_id, group_id, role_id):
418 """Delete role of a user on a project."""
419 resp, body = self.delete('projects/%s/groups/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]420 (project_id, group_id, role_id))
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]421 return resp, body
422
423 def revoke_role_from_group_on_domain(self, domain_id, group_id, role_id):
424 """Delete role of a user on a domain."""
425 resp, body = self.delete('domains/%s/groups/%s/roles/%s' %
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]426 (domain_id, group_id, role_id))
nayna-patel755d8142013-07-16 06:45:34 +0000[diff] [blame]427 return resp, body
428
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]429
430class V3TokenClientXML(RestClientXML):
431
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]432 def __init__(self):
433 super(V3TokenClientXML, self).__init__(None)
434 auth_url = CONF.identity.uri_v3
435 # If the v3 url is not set, get it from the v2 one
436 if auth_url is None:
437 auth_url = CONF.identity.uri.replace(urlparse.urlparse(
438 CONF.identity.uri).path, "/v3")
439 if 'auth/tokens' not in auth_url:
440 auth_url = auth_url.rstrip('/') + '/auth/tokens'
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]441
442 self.auth_url = auth_url
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]443
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]444 def auth(self, user, password, tenant=None, user_type='id', domain=None):
445 """
446 :param user: user id or name, as specified in user_type
447
448 Accepts different combinations of credentials. Restrictions:
449 - tenant and domain are only name (no id)
450 - user domain and tenant domain are assumed identical
451 Sample sample valid combinations:
452 - user_id, password
453 - username, password, domain
454 - username, password, tenant, domain
455 Validation is left to the server side.
456 """
457 if user_type == 'id':
458 _user = Element('user', id=user, password=password)
459 else:
460 _user = Element('user', name=user, password=password)
461 if domain is not None:
462 _domain = Element('domain', name=domain)
463 _user.append(_domain)
464
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]465 password = Element('password')
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]466 password.append(_user)
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]467
468 method = Element('method')
469 method.append(Text('password'))
470 methods = Element('methods')
471 methods.append(method)
472 identity = Element('identity')
473 identity.append(methods)
474 identity.append(password)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]475
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]476 auth = Element('auth')
477 auth.append(identity)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]478
479 if tenant is not None:
480 project = Element('project', name=tenant)
481 project.append(_domain)
482 scope = Element('scope')
483 scope.append(project)
484 auth.append(scope)
485
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]486 resp, body = self.post(self.auth_url, body=str(Document(auth)))
nayna-patelb35f7232013-06-28 07:08:44 +0000[diff] [blame]487 return resp, body
488
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]489 def request(self, method, url, headers=None, body=None):
490 """A simple HTTP request interface."""
Valeriy Ponomaryov88686d82014-02-16 12:24:51 +0200[diff] [blame]491 if headers is None:
492 # Always accept 'json', for xml token client too.
493 # Because XML response is not easily
494 # converted to the corresponding JSON one
495 headers = self.get_headers(accept_type="json")
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]496 self._log_request(method, url, headers, body)
497 resp, resp_body = self.http_obj.request(url, method,
498 headers=headers, body=body)
499 self._log_response(resp, resp_body)
500
501 if resp.status in [401, 403]:
502 resp_body = json.loads(resp_body)
503 raise exceptions.Unauthorized(resp_body['error']['message'])
504 elif resp.status not in [200, 201, 204]:
505 raise exceptions.IdentityError(
506 'Unexpected status code {0}'.format(resp.status))
507
508 return resp, json.loads(resp_body)
509
510 def get_token(self, user, password, tenant, domain='Default',
511 auth_data=False):
512 """
513 :param user: username
514 Returns (token id, token data) for supplied credentials
515 """
516 resp, body = self.auth(user, password, tenant, user_type='name',
517 domain=domain)
518
519 token = resp.get('x-subject-token')
520 if auth_data:
521 return token, body['token']
522 else:
523 return token