Gitiles
Code Review Sign In
spfactory.storpool.com / tempest / 6fe8eb4f9744ff23a198de8b265f8559d54c3618 / . / tempest / api / identity / base.py
blob: 5722f0e73ef15aba53630065458ea1ee6c77dce0 [file] [log] [blame]
ZhiQiang Fan39f97222013-09-20 04:49:44 +0800[diff] [blame]1# Copyright 2012 OpenStack Foundation
Jay Pipesf38eaac2012-06-21 13:37:35 -0400[diff] [blame]2# All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License"); you may
5# not use this file except in compliance with the License. You may obtain
6# a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13# License for the specific language governing permissions and limitations
14# under the License.
15
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000[diff] [blame]16from tempest import config
Ken'ichi Ohmichi7bd25752017-03-10 10:45:39 -0800[diff] [blame]17from tempest.lib.common.utils import data_utils
Samantha Blancodf33c782017-03-06 14:29:52 -0500[diff] [blame]18from tempest.lib.common.utils import test_utils
Attila Fazekasdc216422013-01-29 15:12:14 +0100[diff] [blame]19import tempest.test
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]20
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000[diff] [blame]21CONF = config.CONF
22
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]23
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]24class BaseIdentityTest(tempest.test.BaseTestCase):
Jay Pipesf38eaac2012-06-21 13:37:35 -0400[diff] [blame]25
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]26 @classmethod
Jordan Pittierf7da5e52016-09-06 18:00:52 +0200[diff] [blame]27 def setup_credentials(cls):
28 # Create no network resources for these test.
29 cls.set_network_resources()
30 super(BaseIdentityTest, cls).setup_credentials()
31
32 @classmethod
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000[diff] [blame]33 def disable_user(cls, user_name):
34 user = cls.get_user_by_name(user_name)
ghanshyam9c257a72016-06-21 10:15:10 +0900[diff] [blame]35 cls.users_client.update_user_enabled(user['id'], enabled=False)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]36
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000[diff] [blame]37 @classmethod
38 def disable_tenant(cls, tenant_name):
39 tenant = cls.get_tenant_by_name(tenant_name)
Daniel Melladob04da902015-11-20 17:43:12 +0100[diff] [blame]40 cls.tenants_client.update_tenant(tenant['id'], enabled=False)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]41
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000[diff] [blame]42 @classmethod
Tom Cocozzello5544c172016-02-23 17:50:28 -0600[diff] [blame]43 def get_user_by_name(cls, name, domain_id=None):
44 if domain_id:
45 params = {'domain_id': domain_id}
ghanshyam7f817db2016-08-01 18:37:13 +0900[diff] [blame]46 users = cls.users_client.list_users(**params)['users']
Tom Cocozzello5544c172016-02-23 17:50:28 -0600[diff] [blame]47 else:
48 users = cls.users_client.list_users()['users']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]49 user = [u for u in users if u['name'] == name]
Masayuki Igawa0c0f0142017-04-10 17:22:02 +0900[diff] [blame]50 if user:
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]51 return user[0]
52
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000[diff] [blame]53 @classmethod
54 def get_tenant_by_name(cls, name):
55 try:
Daniel Melladob04da902015-11-20 17:43:12 +0100[diff] [blame]56 tenants = cls.tenants_client.list_tenants()['tenants']
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000[diff] [blame]57 except AttributeError:
Yaroslav Lobankov47a93ab2016-02-07 16:32:49 -0600[diff] [blame]58 tenants = cls.projects_client.list_projects()['projects']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]59 tenant = [t for t in tenants if t['name'] == name]
Masayuki Igawa0c0f0142017-04-10 17:22:02 +0900[diff] [blame]60 if tenant:
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]61 return tenant[0]
62
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000[diff] [blame]63 @classmethod
64 def get_role_by_name(cls, name):
Daniel Mellado6b16b922015-12-07 12:43:08 +0000[diff] [blame]65 roles = cls.roles_client.list_roles()['roles']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]66 role = [r for r in roles if r['name'] == name]
Masayuki Igawa0c0f0142017-04-10 17:22:02 +0900[diff] [blame]67 if role:
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]68 return role[0]
69
zhufl75d51a92017-04-11 16:02:39 +0800[diff] [blame]70 def create_test_user(self, **kwargs):
Nicolas Helgesondffb8672017-01-26 14:43:06 -0800[diff] [blame]71 if kwargs.get('password', None) is None:
zhufl75d51a92017-04-11 16:02:39 +0800[diff] [blame]72 kwargs['password'] = data_utils.rand_password()
73 if 'name' not in kwargs:
74 kwargs['name'] = data_utils.rand_name('test_user')
75 if 'email' not in kwargs:
76 kwargs['email'] = kwargs['name'] + '@testmail.tm'
77
Castulo J. Martineze3adee42016-07-14 10:40:08 -0700[diff] [blame]78 user = self.users_client.create_user(**kwargs)['user']
79 # Delete the user at the end of the test
Samantha Blancodf33c782017-03-06 14:29:52 -0500[diff] [blame]80 self.addCleanup(
81 test_utils.call_and_ignore_notfound_exc,
82 self.users_client.delete_user, user['id'])
Castulo J. Martineze3adee42016-07-14 10:40:08 -0700[diff] [blame]83 return user
84
zhufl66b616a2017-04-11 15:00:32 +0800[diff] [blame]85 def setup_test_role(self, name=None, domain_id=None):
Castulo J. Martineze3adee42016-07-14 10:40:08 -0700[diff] [blame]86 """Set up a test role."""
zhufl66b616a2017-04-11 15:00:32 +0800[diff] [blame]87 params = {'name': name or data_utils.rand_name('test_role')}
Rodrigo Duarte34a65122017-01-27 11:28:26 -0300[diff] [blame]88 if domain_id:
89 params['domain_id'] = domain_id
90
91 role = self.roles_client.create_role(**params)['role']
Castulo J. Martineze3adee42016-07-14 10:40:08 -0700[diff] [blame]92 # Delete the role at the end of the test
Samantha Blancodf33c782017-03-06 14:29:52 -0500[diff] [blame]93 self.addCleanup(
94 test_utils.call_and_ignore_notfound_exc,
95 self.roles_client.delete_role, role['id'])
Castulo J. Martineze3adee42016-07-14 10:40:08 -0700[diff] [blame]96 return role
97
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]98
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]99class BaseIdentityV2Test(BaseIdentityTest):
100
Andrea Frittolib21de6c2015-02-06 20:12:38 +0000[diff] [blame]101 credentials = ['primary']
102
Andrea Frittoli (andreaf)41601412015-05-12 16:39:03 +0100[diff] [blame]103 # identity v2 tests should obtain tokens and create accounts via v2
104 # regardless of the configured CONF.identity.auth_version
105 identity_version = 'v2'
Rohan Kanadeb645e172015-02-05 17:38:59 +0530[diff] [blame]106
107 @classmethod
108 def setup_clients(cls):
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]109 super(BaseIdentityV2Test, cls).setup_clients()
Jordan Pittier8160d312017-04-18 11:52:23 +0200[diff] [blame]110 cls.non_admin_client = cls.os_primary.identity_public_client
111 cls.non_admin_token_client = cls.os_primary.token_client
112 cls.non_admin_tenants_client = cls.os_primary.tenants_public_client
113 cls.non_admin_users_client = cls.os_primary.users_public_client
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]114
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]115
116class BaseIdentityV2AdminTest(BaseIdentityV2Test):
117
Andrea Frittoli (andreaf)41601412015-05-12 16:39:03 +0100[diff] [blame]118 credentials = ['primary', 'admin']
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]119
Andrea Frittoli00882b62016-12-19 23:22:44 +0000[diff] [blame]120 # NOTE(andreaf) Identity tests work with credentials, so it is safer
121 # for them to always use disposable credentials. Forcing dynamic creds
122 # on regular identity tests would be however to restrictive, since it
123 # would prevent any identity test from being executed against clouds where
124 # admin credentials are not available.
125 # Since All admin tests require admin credentials to be
126 # executed, so this will not impact the ability to execute tests.
127 force_tenant_isolation = True
128
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]129 @classmethod
Andrea Frittoli1413ba92017-04-21 14:33:23 +0100[diff] [blame]130 def skip_checks(cls):
131 super(BaseIdentityV2AdminTest, cls).skip_checks()
132 if not CONF.identity_feature_enabled.api_v2_admin:
133 raise cls.skipException('Identity v2 admin not available')
134
135 @classmethod
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]136 def setup_clients(cls):
Rohan Kanadeb645e172015-02-05 17:38:59 +0530[diff] [blame]137 super(BaseIdentityV2AdminTest, cls).setup_clients()
Jordan Pittier8160d312017-04-18 11:52:23 +0200[diff] [blame]138 cls.client = cls.os_admin.identity_client
139 cls.non_admin_client = cls.os_primary.identity_client
140 cls.token_client = cls.os_admin.token_client
141 cls.tenants_client = cls.os_admin.tenants_client
142 cls.non_admin_tenants_client = cls.os_primary.tenants_client
143 cls.roles_client = cls.os_admin.roles_client
144 cls.non_admin_roles_client = cls.os_primary.roles_client
145 cls.users_client = cls.os_admin.users_client
146 cls.non_admin_users_client = cls.os_primary.users_client
147 cls.services_client = cls.os_admin.identity_services_client
148 cls.endpoints_client = cls.os_admin.endpoints_client
Rohan Kanadeb645e172015-02-05 17:38:59 +0530[diff] [blame]149
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000[diff] [blame]150 @classmethod
Rohan Kanadeb645e172015-02-05 17:38:59 +0530[diff] [blame]151 def resource_setup(cls):
152 super(BaseIdentityV2AdminTest, cls).resource_setup()
Castulo J. Martineze3adee42016-07-14 10:40:08 -0700[diff] [blame]153 cls.projects_client = cls.tenants_client
Rohan Kanadeb645e172015-02-05 17:38:59 +0530[diff] [blame]154
Castulo J. Martineze3adee42016-07-14 10:40:08 -0700[diff] [blame]155 def setup_test_user(self, password=None):
156 """Set up a test user."""
157 tenant = self.setup_test_tenant()
zhufl75d51a92017-04-11 16:02:39 +0800[diff] [blame]158 user = self.create_test_user(tenantId=tenant['id'], password=password)
Castulo J. Martineze3adee42016-07-14 10:40:08 -0700[diff] [blame]159 return user
160
zhufl963d2c32017-04-20 15:44:58 +0800[diff] [blame]161 def setup_test_tenant(self, **kwargs):
Castulo J. Martineze3adee42016-07-14 10:40:08 -0700[diff] [blame]162 """Set up a test tenant."""
zhufl963d2c32017-04-20 15:44:58 +0800[diff] [blame]163 if 'name' not in kwargs:
164 kwargs['name'] = data_utils.rand_name('test_tenant')
165 if 'description' not in kwargs:
166 kwargs['description'] = data_utils.rand_name('desc')
167 tenant = self.projects_client.create_tenant(**kwargs)['tenant']
Castulo J. Martineze3adee42016-07-14 10:40:08 -0700[diff] [blame]168 # Delete the tenant at the end of the test
Samantha Blancodf33c782017-03-06 14:29:52 -0500[diff] [blame]169 self.addCleanup(
170 test_utils.call_and_ignore_notfound_exc,
171 self.tenants_client.delete_tenant, tenant['id'])
Castulo J. Martineze3adee42016-07-14 10:40:08 -0700[diff] [blame]172 return tenant
173
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000[diff] [blame]174
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]175class BaseIdentityV3Test(BaseIdentityTest):
176
Andrea Frittolib21de6c2015-02-06 20:12:38 +0000[diff] [blame]177 credentials = ['primary']
178
Andrea Frittoli (andreaf)41601412015-05-12 16:39:03 +0100[diff] [blame]179 # identity v3 tests should obtain tokens and create accounts via v3
180 # regardless of the configured CONF.identity.auth_version
181 identity_version = 'v3'
Rohan Kanadeb645e172015-02-05 17:38:59 +0530[diff] [blame]182
183 @classmethod
184 def setup_clients(cls):
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]185 super(BaseIdentityV3Test, cls).setup_clients()
Jordan Pittier8160d312017-04-18 11:52:23 +0200[diff] [blame]186 cls.non_admin_client = cls.os_primary.identity_v3_client
187 cls.non_admin_users_client = cls.os_primary.users_v3_client
188 cls.non_admin_token = cls.os_primary.token_v3_client
189 cls.non_admin_projects_client = cls.os_primary.projects_client
Megan Guineyd0295162017-05-23 23:57:53 -0700[diff] [blame]190 cls.non_admin_catalog_client = cls.os_primary.catalog_client
Jordan Pittier8160d312017-04-18 11:52:23 +0200[diff] [blame]191 cls.non_admin_versions_client =\
192 cls.os_primary.identity_versions_v3_client
Colleen Murphy0e52d4e2018-02-17 21:29:40 +0100[diff] [blame]193 cls.non_admin_app_creds_client = \
194 cls.os_primary.application_credentials_client
Colleen Murphyd2cbd3a2019-12-17 16:31:14 -0800[diff] [blame]195 cls.non_admin_access_rules_client = cls.os_primary.access_rules_client
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]196
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]197
198class BaseIdentityV3AdminTest(BaseIdentityV3Test):
199
Andrea Frittoli (andreaf)41601412015-05-12 16:39:03 +0100[diff] [blame]200 credentials = ['primary', 'admin']
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]201
Andrea Frittoli00882b62016-12-19 23:22:44 +0000[diff] [blame]202 # NOTE(andreaf) Identity tests work with credentials, so it is safer
203 # for them to always use disposable credentials. Forcing dynamic creds
204 # on regular identity tests would be however to restrictive, since it
205 # would prevent any identity test from being executed against clouds where
206 # admin credentials are not available.
207 # Since All admin tests require admin credentials to be
208 # executed, so this will not impact the ability to execute tests.
209 force_tenant_isolation = True
210
Chris Hoge4f6117a2015-03-20 12:39:33 -0500[diff] [blame]211 @classmethod
212 def setup_clients(cls):
Rohan Kanadeb645e172015-02-05 17:38:59 +0530[diff] [blame]213 super(BaseIdentityV3AdminTest, cls).setup_clients()
Jordan Pittier8160d312017-04-18 11:52:23 +0200[diff] [blame]214 cls.client = cls.os_admin.identity_v3_client
215 cls.domains_client = cls.os_admin.domains_client
216 cls.users_client = cls.os_admin.users_v3_client
217 cls.trusts_client = cls.os_admin.trusts_client
218 cls.roles_client = cls.os_admin.roles_v3_client
219 cls.inherited_roles_client = cls.os_admin.inherited_roles_client
220 cls.token = cls.os_admin.token_v3_client
221 cls.endpoints_client = cls.os_admin.endpoints_v3_client
222 cls.regions_client = cls.os_admin.regions_client
223 cls.services_client = cls.os_admin.identity_services_v3_client
224 cls.policies_client = cls.os_admin.policies_client
225 cls.creds_client = cls.os_admin.credentials_client
226 cls.groups_client = cls.os_admin.groups_client
227 cls.projects_client = cls.os_admin.projects_client
Rodrigo Duarte12f8d4a2016-07-08 11:53:53 -0300[diff] [blame]228 cls.role_assignments = cls.os_admin.role_assignments_client
Jordan Pittier8160d312017-04-18 11:52:23 +0200[diff] [blame]229 cls.oauth_consumers_client = cls.os_admin.oauth_consumers_client
Hemanth Nakkinad9594f52017-04-19 11:14:40 +0530[diff] [blame]230 cls.oauth_token_client = cls.os_admin.oauth_token_client
Jordan Pittier8160d312017-04-18 11:52:23 +0200[diff] [blame]231 cls.domain_config_client = cls.os_admin.domain_config_client
232 cls.endpoint_filter_client = cls.os_admin.endpoint_filter_client
Chi Lod0ed8b02017-04-22 05:35:53 -0500[diff] [blame]233 cls.endpoint_groups_client = cls.os_admin.endpoint_groups_client
Felipe Monteiroa3b2d8e2018-03-15 04:47:52 +0000[diff] [blame]234 cls.project_tags_client = cls.os_admin.project_tags_client
Jordan Pittier8160d312017-04-18 11:52:23 +0200[diff] [blame]235
Andrea Frittoli (andreaf)100d18d2016-05-05 23:34:52 +0100[diff] [blame]236 if CONF.identity.admin_domain_scope:
237 # NOTE(andreaf) When keystone policy requires it, the identity
238 # admin clients for these tests shall use 'domain' scoped tokens.
239 # As the client manager is already created by the base class,
240 # we set the scope for the inner auth provider.
Jordan Pittier8160d312017-04-18 11:52:23 +0200[diff] [blame]241 cls.os_admin.auth_provider.scope = 'domain'
Yaroslav Lobankov997a1452015-11-19 17:11:37 +0300[diff] [blame]242
Yaroslav Lobankov2c2f0362016-01-13 18:07:22 +0300[diff] [blame]243 @classmethod
Tom Cocozzello5544c172016-02-23 17:50:28 -0600[diff] [blame]244 def disable_user(cls, user_name, domain_id=None):
245 user = cls.get_user_by_name(user_name, domain_id)
ghanshyam7f817db2016-08-01 18:37:13 +0900[diff] [blame]246 cls.users_client.update_user(user['id'], name=user_name, enabled=False)
BinBin Congc6e8ef52015-11-20 02:08:46 -0500[diff] [blame]247
Castulo J. Martinez19b81b22016-07-15 08:58:25 -0700[diff] [blame]248 @classmethod
zhufl2b33c1a2017-04-24 17:33:48 +0800[diff] [blame]249 def create_domain(cls, **kwargs):
Castulo J. Martinez19b81b22016-07-15 08:58:25 -0700[diff] [blame]250 """Create a domain."""
zhufl2b33c1a2017-04-24 17:33:48 +0800[diff] [blame]251 if 'name' not in kwargs:
252 kwargs['name'] = data_utils.rand_name('test_domain')
253 if 'description' not in kwargs:
254 kwargs['description'] = data_utils.rand_name('desc')
255 domain = cls.domains_client.create_domain(**kwargs)['domain']
zhufleed21d72017-11-07 13:03:31 +0800[diff] [blame]256 cls.addClassResourceCleanup(test_utils.call_and_ignore_notfound_exc,
257 cls.delete_domain, domain['id'])
Castulo J. Martinez19b81b22016-07-15 08:58:25 -0700[diff] [blame]258 return domain
259
zhufleed21d72017-11-07 13:03:31 +0800[diff] [blame]260 @classmethod
261 def delete_domain(cls, domain_id):
Martin Pavlasek4c3f2ab2014-04-15 17:15:15 +0200[diff] [blame]262 # NOTE(mpavlase) It is necessary to disable the domain before deleting
263 # otherwise it raises Forbidden exception
zhufleed21d72017-11-07 13:03:31 +0800[diff] [blame]264 cls.domains_client.update_domain(domain_id, enabled=False)
265 cls.domains_client.delete_domain(domain_id)
Martin Pavlasek4c3f2ab2014-04-15 17:15:15 +0200[diff] [blame]266
Castulo J. Martinez19b81b22016-07-15 08:58:25 -0700[diff] [blame]267 def setup_test_user(self, password=None):
268 """Set up a test user."""
269 project = self.setup_test_project()
zhufl75d51a92017-04-11 16:02:39 +0800[diff] [blame]270 user = self.create_test_user(project_id=project['id'],
271 password=password)
Castulo J. Martinez19b81b22016-07-15 08:58:25 -0700[diff] [blame]272 return user
273
zhuflf2f47052017-04-20 15:08:02 +0800[diff] [blame]274 def setup_test_project(self, **kwargs):
Castulo J. Martinez19b81b22016-07-15 08:58:25 -0700[diff] [blame]275 """Set up a test project."""
zhuflf2f47052017-04-20 15:08:02 +0800[diff] [blame]276 if 'name' not in kwargs:
277 kwargs['name'] = data_utils.rand_name('test_project')
278 if 'description' not in kwargs:
279 kwargs['description'] = data_utils.rand_name('test_description')
280 project = self.projects_client.create_project(**kwargs)['project']
Castulo J. Martinez19b81b22016-07-15 08:58:25 -0700[diff] [blame]281 # Delete the project at the end of the test
Samantha Blancodf33c782017-03-06 14:29:52 -0500[diff] [blame]282 self.addCleanup(
283 test_utils.call_and_ignore_notfound_exc,
284 self.projects_client.delete_project, project['id'])
Castulo J. Martinez19b81b22016-07-15 08:58:25 -0700[diff] [blame]285 return project
286
287 def setup_test_domain(self):
288 """Set up a test domain."""
289 domain = self.create_domain()
290 # Delete the domain at the end of the test
Samantha Blancodf33c782017-03-06 14:29:52 -0500[diff] [blame]291 self.addCleanup(
292 test_utils.call_and_ignore_notfound_exc,
293 self.delete_domain, domain['id'])
Castulo J. Martinez19b81b22016-07-15 08:58:25 -0700[diff] [blame]294 return domain
Colleen Murphy0e52d4e2018-02-17 21:29:40 +0100[diff] [blame]295
Felipe Monteirod4415072018-07-03 14:09:02 -0400[diff] [blame]296 def setup_test_group(self, **kwargs):
297 """Set up a test group."""
298 if 'name' not in kwargs:
299 kwargs['name'] = data_utils.rand_name(
300 self.__class__.__name__ + '_test_project')
301 if 'description' not in kwargs:
302 kwargs['description'] = data_utils.rand_name(
303 self.__class__.__name__ + '_test_description')
304 group = self.groups_client.create_group(**kwargs)['group']
305 self.addCleanup(
306 test_utils.call_and_ignore_notfound_exc,
307 self.groups_client.delete_group, group['id'])
308 return group
309
Colleen Murphy0e52d4e2018-02-17 21:29:40 +0100[diff] [blame]310
311class BaseApplicationCredentialsV3Test(BaseIdentityV3Test):
312
313 @classmethod
314 def skip_checks(cls):
315 super(BaseApplicationCredentialsV3Test, cls).skip_checks()
316 if not CONF.identity_feature_enabled.application_credentials:
317 raise cls.skipException("Application credentials are not available"
318 " in this environment")
319
320 @classmethod
321 def resource_setup(cls):
322 super(BaseApplicationCredentialsV3Test, cls).resource_setup()
323 cls.user_id = cls.os_primary.credentials.user_id
324 cls.project_id = cls.os_primary.credentials.project_id
325
326 def create_application_credential(self, name=None, **kwargs):
327 name = name or data_utils.rand_name('application_credential')
328 application_credential = (
329 self.non_admin_app_creds_client.create_application_credential(
330 self.user_id, name=name, **kwargs))['application_credential']
331 self.addCleanup(
332 self.non_admin_app_creds_client.delete_application_credential,
333 self.user_id,
334 application_credential['id'])
335 return application_credential