Gitiles
Code Review Sign In
spfactory.storpool.com / tempest / 7704f283488afe1db9f0ac61176f807962f8b7b2 / . / tempest / services / identity / json / identity_client.py
blob: 349a9e9ab29d20b5d7f1498fdaf3ea88ee0dbf34 [file] [log] [blame]
Sean Dague556add52013-07-19 14:28:44 -0400[diff] [blame]1# Licensed under the Apache License, Version 2.0 (the "License"); you may
2# not use this file except in compliance with the License. You may obtain
3# a copy of the License at
4#
5# http://www.apache.org/licenses/LICENSE-2.0
6#
7# Unless required by applicable law or agreed to in writing, software
8# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
9# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
10# License for the specific language governing permissions and limitations
11# under the License.
12
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]13import json
14
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]15from tempest.common import rest_client
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]16from tempest import config
Matthew Treinisha83a16e2012-12-07 13:44:02 -0500[diff] [blame]17from tempest import exceptions
18
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]19CONF = config.CONF
20
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]21
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]22class IdentityClientJSON(rest_client.RestClient):
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]23
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]24 def __init__(self, auth_provider):
25 super(IdentityClientJSON, self).__init__(auth_provider)
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]26 self.service = CONF.identity.catalog_type
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]27 self.endpoint_url = 'adminURL'
28
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]29 # Needed for xml service client
30 self.list_tags = ["roles", "tenants", "users", "services"]
31
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]32 def has_admin_extensions(self):
33 """
34 Returns True if the KSADM Admin Extensions are supported
35 False otherwise
36 """
37 if hasattr(self, '_has_admin_extensions'):
38 return self._has_admin_extensions
39 resp, body = self.list_roles()
40 self._has_admin_extensions = ('status' in resp and resp.status != 503)
41 return self._has_admin_extensions
42
43 def create_role(self, name):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]44 """Create a role."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]45 post_body = {
46 'name': name,
47 }
48 post_body = json.dumps({'role': post_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]49 resp, body = self.post('OS-KSADM/roles', post_body)
50 return resp, self._parse_resp(body)
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]51
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]52 def create_tenant(self, name, **kwargs):
53 """
54 Create a tenant
55 name (required): New tenant name
56 description: Description of new tenant (default is none)
57 enabled <true|false>: Initial tenant status (default is true)
58 """
59 post_body = {
60 'name': name,
61 'description': kwargs.get('description', ''),
Gordon Chungad873602013-02-18 19:26:27 -0500[diff] [blame]62 'enabled': kwargs.get('enabled', True),
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]63 }
64 post_body = json.dumps({'tenant': post_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]65 resp, body = self.post('tenants', post_body)
66 return resp, self._parse_resp(body)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]67
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]68 def delete_role(self, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]69 """Delete a role."""
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]70 return self.delete('OS-KSADM/roles/%s' % str(role_id))
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]71
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]72 def list_user_roles(self, tenant_id, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]73 """Returns a list of roles assigned to a user for a tenant."""
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]74 url = '/tenants/%s/users/%s/roles' % (tenant_id, user_id)
75 resp, body = self.get(url)
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]76 return resp, self._parse_resp(body)
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]77
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]78 def assign_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]79 """Add roles to a user on a tenant."""
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]80 resp, body = self.put('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]81 (tenant_id, user_id, role_id), "")
82 return resp, self._parse_resp(body)
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]83
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]84 def remove_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]85 """Removes a role assignment for a user on a tenant."""
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]86 return self.delete('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
87 (tenant_id, user_id, role_id))
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]88
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]89 def delete_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]90 """Delete a tenant."""
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]91 return self.delete('tenants/%s' % str(tenant_id))
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]92
93 def get_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]94 """Get tenant details."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]95 resp, body = self.get('tenants/%s' % str(tenant_id))
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]96 return resp, self._parse_resp(body)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]97
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]98 def list_roles(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]99 """Returns roles."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]100 resp, body = self.get('OS-KSADM/roles')
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]101 return resp, self._parse_resp(body)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]102
103 def list_tenants(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]104 """Returns tenants."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]105 resp, body = self.get('tenants')
106 body = json.loads(body)
107 return resp, body['tenants']
108
Dan Smithd6ff6b72012-08-23 10:29:41 -0700[diff] [blame]109 def get_tenant_by_name(self, tenant_name):
110 resp, tenants = self.list_tenants()
111 for tenant in tenants:
112 if tenant['name'] == tenant_name:
113 return tenant
114 raise exceptions.NotFound('No such tenant')
115
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]116 def update_tenant(self, tenant_id, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]117 """Updates a tenant."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]118 resp, body = self.get_tenant(tenant_id)
119 name = kwargs.get('name', body['name'])
120 desc = kwargs.get('description', body['description'])
121 en = kwargs.get('enabled', body['enabled'])
122 post_body = {
123 'id': tenant_id,
124 'name': name,
125 'description': desc,
126 'enabled': en,
127 }
128 post_body = json.dumps({'tenant': post_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]129 resp, body = self.post('tenants/%s' % tenant_id, post_body)
130 return resp, self._parse_resp(body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]131
huangtianhuafc8db4f2013-10-08 12:05:58 +0800[diff] [blame]132 def create_user(self, name, password, tenant_id, email, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]133 """Create a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]134 post_body = {
135 'name': name,
136 'password': password,
137 'tenantId': tenant_id,
138 'email': email
139 }
huangtianhuafc8db4f2013-10-08 12:05:58 +0800[diff] [blame]140 if kwargs.get('enabled') is not None:
141 post_body['enabled'] = kwargs.get('enabled')
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]142 post_body = json.dumps({'user': post_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]143 resp, body = self.post('users', post_body)
144 return resp, self._parse_resp(body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]145
Chang Bo Guob36b2f12013-09-13 04:52:00 -0700[diff] [blame]146 def update_user(self, user_id, **kwargs):
147 """Updates a user."""
148 put_body = json.dumps({'user': kwargs})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]149 resp, body = self.put('users/%s' % user_id, put_body)
150 return resp, self._parse_resp(body)
Chang Bo Guob36b2f12013-09-13 04:52:00 -0700[diff] [blame]151
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]152 def get_user(self, user_id):
153 """GET a user."""
154 resp, body = self.get("users/%s" % user_id)
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]155 return resp, self._parse_resp(body)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]156
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]157 def delete_user(self, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]158 """Delete a user."""
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]159 return self.delete("users/%s" % user_id)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]160
161 def get_users(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]162 """Get the list of users."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]163 resp, body = self.get("users")
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]164 return resp, self._parse_resp(body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]165
166 def enable_disable_user(self, user_id, enabled):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]167 """Enables or disables a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]168 put_body = {
Sean Dague14c68182013-04-14 15:34:30 -0400[diff] [blame]169 'enabled': enabled
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]170 }
171 put_body = json.dumps({'user': put_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]172 resp, body = self.put('users/%s/enabled' % user_id, put_body)
173 return resp, self._parse_resp(body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]174
175 def delete_token(self, token_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]176 """Delete a token."""
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]177 return self.delete("tokens/%s" % token_id)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]178
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]179 def list_users_for_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]180 """List users for a Tenant."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]181 resp, body = self.get('/tenants/%s/users' % tenant_id)
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]182 return resp, self._parse_resp(body)
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]183
Dan Smithd6ff6b72012-08-23 10:29:41 -0700[diff] [blame]184 def get_user_by_username(self, tenant_id, username):
185 resp, users = self.list_users_for_tenant(tenant_id)
186 for user in users:
187 if user['name'] == username:
188 return user
189 raise exceptions.NotFound('No such user')
190
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]191 def create_service(self, name, type, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]192 """Create a service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]193 post_body = {
Zhongyue Luoa1343de2013-01-04 16:21:35 +0800[diff] [blame]194 'name': name,
195 'type': type,
196 'description': kwargs.get('description')
197 }
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]198 post_body = json.dumps({'OS-KSADM:service': post_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]199 resp, body = self.post('/OS-KSADM/services', post_body)
200 return resp, self._parse_resp(body)
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]201
202 def get_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]203 """Get Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]204 url = '/OS-KSADM/services/%s' % service_id
205 resp, body = self.get(url)
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]206 return resp, self._parse_resp(body)
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]207
umamohanb51ad002013-01-24 18:13:15 +0000[diff] [blame]208 def list_services(self):
209 """List Service - Returns Services."""
210 resp, body = self.get('/OS-KSADM/services/')
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]211 return resp, self._parse_resp(body)
umamohanb51ad002013-01-24 18:13:15 +0000[diff] [blame]212
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]213 def delete_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]214 """Delete Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]215 url = '/OS-KSADM/services/%s' % service_id
216 return self.delete(url)
217
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]218
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]219class TokenClientJSON(IdentityClientJSON):
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]220
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]221 def __init__(self):
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]222 super(TokenClientJSON, self).__init__(None)
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]223 auth_url = CONF.identity.uri
Jay Pipes7c88eb22013-01-16 21:32:43 -0500[diff] [blame]224
Jay Pipes7c88eb22013-01-16 21:32:43 -0500[diff] [blame]225 # Normalize URI to ensure /tokens is in it.
226 if 'tokens' not in auth_url:
227 auth_url = auth_url.rstrip('/') + '/tokens'
228
229 self.auth_url = auth_url
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]230
231 def auth(self, user, password, tenant):
Zhongyue Luo30a563f2012-09-30 23:43:50 +0900[diff] [blame]232 creds = {
233 'auth': {
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]234 'passwordCredentials': {
235 'username': user,
236 'password': password,
237 },
Zhongyue Luo30a563f2012-09-30 23:43:50 +0900[diff] [blame]238 'tenantName': tenant,
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]239 }
240 }
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]241 body = json.dumps(creds)
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]242 resp, body = self.post(self.auth_url, body=body)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]243
244 return resp, body['access']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]245
246 def request(self, method, url, headers=None, body=None):
247 """A simple HTTP request interface."""
Zhongyue Luoe471d6e2012-09-17 17:02:43 +0800[diff] [blame]248 if headers is None:
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]249 # Always accept 'json', for TokenClientXML too.
250 # Because XML response is not easily
251 # converted to the corresponding JSON one
252 headers = self.get_headers(accept_type="json")
Attila Fazekas7b487be2013-02-12 11:14:41 +0100[diff] [blame]253 self._log_request(method, url, headers, body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]254 resp, resp_body = self.http_obj.request(url, method,
255 headers=headers, body=body)
Attila Fazekas7b487be2013-02-12 11:14:41 +0100[diff] [blame]256 self._log_response(resp, resp_body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]257
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]258 if resp.status in [401, 403]:
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]259 resp_body = json.loads(resp_body)
260 raise exceptions.Unauthorized(resp_body['error']['message'])
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]261 elif resp.status not in [200, 201]:
262 raise exceptions.IdentityError(
263 'Unexpected status code {0}'.format(resp.status))
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]264
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]265 if isinstance(resp_body, str):
266 resp_body = json.loads(resp_body)
267 return resp, resp_body
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]268
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]269 def get_token(self, user, password, tenant, auth_data=False):
270 """
271 Returns (token id, token data) for supplied credentials
272 """
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]273 resp, body = self.auth(user, password, tenant)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]274
275 if auth_data:
276 return body['token']['id'], body
277 else:
278 return body['token']['id']