blob: 1ad8b92c70f9d755486f83ed905fbefd9127b1c9 [file] [log] [blame]
ZhiQiang Fan39f97222013-09-20 04:49:44 +08001# Copyright 2012 OpenStack Foundation
Jay Pipesf38eaac2012-06-21 13:37:35 -04002# All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License"); you may
5# not use this file except in compliance with the License. You may obtain
6# a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13# License for the specific language governing permissions and limitations
14# under the License.
15
Doug Hellmann583ce2c2015-03-11 14:55:46 +000016from oslo_log import log as logging
Masayuki Igawabfa07602015-01-20 18:47:17 +090017from tempest_lib import exceptions as lib_exc
Jay Pipesf38eaac2012-06-21 13:37:35 -040018
Andrea Frittoli (andreaf)290b3e12015-10-08 10:25:02 +010019from tempest.common import credentials_factory as common_creds
Fei Long Wangd39431f2015-05-14 11:30:48 +120020from tempest.common.utils import data_utils
Matthew Treinishdb2c5972014-01-31 22:18:59 +000021from tempest import config
Attila Fazekasdc216422013-01-29 15:12:14 +010022import tempest.test
Rohit Karajgi6b1e1542012-05-14 05:55:54 -070023
Matthew Treinishdb2c5972014-01-31 22:18:59 +000024CONF = config.CONF
Masayuki Igawa630a3fa2014-03-12 19:51:45 +090025LOG = logging.getLogger(__name__)
Matthew Treinishdb2c5972014-01-31 22:18:59 +000026
Rohit Karajgi6b1e1542012-05-14 05:55:54 -070027
Chris Hoge4f6117a2015-03-20 12:39:33 -050028class BaseIdentityTest(tempest.test.BaseTestCase):
Jay Pipesf38eaac2012-06-21 13:37:35 -040029
Rohit Karajgi6b1e1542012-05-14 05:55:54 -070030 @classmethod
Matthew Treinishdb2c5972014-01-31 22:18:59 +000031 def disable_user(cls, user_name):
32 user = cls.get_user_by_name(user_name)
Daniel Mellado82c83a52015-12-09 15:16:49 +000033 cls.users_client.enable_disable_user(user['id'], enabled=False)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -070034
Matthew Treinishdb2c5972014-01-31 22:18:59 +000035 @classmethod
36 def disable_tenant(cls, tenant_name):
37 tenant = cls.get_tenant_by_name(tenant_name)
Daniel Melladob04da902015-11-20 17:43:12 +010038 cls.tenants_client.update_tenant(tenant['id'], enabled=False)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -070039
Matthew Treinishdb2c5972014-01-31 22:18:59 +000040 @classmethod
41 def get_user_by_name(cls, name):
Daniel Mellado82c83a52015-12-09 15:16:49 +000042 users = cls.users_client.list_users()['users']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -070043 user = [u for u in users if u['name'] == name]
44 if len(user) > 0:
45 return user[0]
46
Matthew Treinishdb2c5972014-01-31 22:18:59 +000047 @classmethod
48 def get_tenant_by_name(cls, name):
49 try:
Daniel Melladob04da902015-11-20 17:43:12 +010050 tenants = cls.tenants_client.list_tenants()['tenants']
Matthew Treinishdb2c5972014-01-31 22:18:59 +000051 except AttributeError:
John Warren56317e02015-08-12 20:48:32 +000052 tenants = cls.client.list_projects()['projects']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -070053 tenant = [t for t in tenants if t['name'] == name]
54 if len(tenant) > 0:
55 return tenant[0]
56
Matthew Treinishdb2c5972014-01-31 22:18:59 +000057 @classmethod
58 def get_role_by_name(cls, name):
Daniel Mellado6b16b922015-12-07 12:43:08 +000059 roles = cls.roles_client.list_roles()['roles']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -070060 role = [r for r in roles if r['name'] == name]
61 if len(role) > 0:
62 return role[0]
63
64
Chris Hoge4f6117a2015-03-20 12:39:33 -050065class BaseIdentityV2Test(BaseIdentityTest):
66
Andrea Frittolib21de6c2015-02-06 20:12:38 +000067 credentials = ['primary']
68
Andrea Frittoli (andreaf)41601412015-05-12 16:39:03 +010069 # identity v2 tests should obtain tokens and create accounts via v2
70 # regardless of the configured CONF.identity.auth_version
71 identity_version = 'v2'
Rohan Kanadeb645e172015-02-05 17:38:59 +053072
73 @classmethod
74 def setup_clients(cls):
Chris Hoge4f6117a2015-03-20 12:39:33 -050075 super(BaseIdentityV2Test, cls).setup_clients()
Jane Zadorozhnabfc72372015-06-16 17:32:59 +030076 cls.non_admin_client = cls.os.identity_public_client
Chris Hoge4f6117a2015-03-20 12:39:33 -050077 cls.non_admin_token_client = cls.os.token_client
Daniel Melladob04da902015-11-20 17:43:12 +010078 cls.non_admin_tenants_client = cls.os.tenants_public_client
Daniel Mellado6b16b922015-12-07 12:43:08 +000079 cls.non_admin_roles_client = cls.os.roles_public_client
Daniel Mellado82c83a52015-12-09 15:16:49 +000080 cls.non_admin_users_client = cls.os.users_public_client
Chris Hoge4f6117a2015-03-20 12:39:33 -050081
82 @classmethod
83 def resource_setup(cls):
84 super(BaseIdentityV2Test, cls).resource_setup()
85
86 @classmethod
87 def resource_cleanup(cls):
88 super(BaseIdentityV2Test, cls).resource_cleanup()
89
90
91class BaseIdentityV2AdminTest(BaseIdentityV2Test):
92
Andrea Frittoli (andreaf)41601412015-05-12 16:39:03 +010093 credentials = ['primary', 'admin']
Chris Hoge4f6117a2015-03-20 12:39:33 -050094
95 @classmethod
96 def setup_clients(cls):
Rohan Kanadeb645e172015-02-05 17:38:59 +053097 super(BaseIdentityV2AdminTest, cls).setup_clients()
Matthew Treinishdb2c5972014-01-31 22:18:59 +000098 cls.client = cls.os_adm.identity_client
Jane Zadorozhnabfc72372015-06-16 17:32:59 +030099 cls.non_admin_client = cls.os.identity_client
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000100 cls.token_client = cls.os_adm.token_client
Daniel Melladob04da902015-11-20 17:43:12 +0100101 cls.tenants_client = cls.os_adm.tenants_client
102 cls.non_admin_tenants_client = cls.os.tenants_client
Daniel Mellado6b16b922015-12-07 12:43:08 +0000103 cls.roles_client = cls.os_adm.roles_client
104 cls.non_admin_roles_client = cls.os.roles_client
Daniel Mellado82c83a52015-12-09 15:16:49 +0000105 cls.users_client = cls.os_adm.users_client
106 cls.non_admin_users_client = cls.os.users_client
Rohan Kanadeb645e172015-02-05 17:38:59 +0530107
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000108 @classmethod
Rohan Kanadeb645e172015-02-05 17:38:59 +0530109 def resource_setup(cls):
110 super(BaseIdentityV2AdminTest, cls).resource_setup()
Daniel Mellado6b16b922015-12-07 12:43:08 +0000111 cls.data = DataGenerator(cls.client, cls.tenants_client,
Daniel Mellado82c83a52015-12-09 15:16:49 +0000112 cls.roles_client, cls.users_client)
Rohan Kanadeb645e172015-02-05 17:38:59 +0530113
114 @classmethod
Andrea Frittoli7688e742014-09-15 12:38:22 +0100115 def resource_cleanup(cls):
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000116 cls.data.teardown_all()
Andrea Frittoli7688e742014-09-15 12:38:22 +0100117 super(BaseIdentityV2AdminTest, cls).resource_cleanup()
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000118
119
Chris Hoge4f6117a2015-03-20 12:39:33 -0500120class BaseIdentityV3Test(BaseIdentityTest):
121
Andrea Frittolib21de6c2015-02-06 20:12:38 +0000122 credentials = ['primary']
123
Andrea Frittoli (andreaf)41601412015-05-12 16:39:03 +0100124 # identity v3 tests should obtain tokens and create accounts via v3
125 # regardless of the configured CONF.identity.auth_version
126 identity_version = 'v3'
Rohan Kanadeb645e172015-02-05 17:38:59 +0530127
128 @classmethod
129 def setup_clients(cls):
Chris Hoge4f6117a2015-03-20 12:39:33 -0500130 super(BaseIdentityV3Test, cls).setup_clients()
131 cls.non_admin_client = cls.os.identity_v3_client
132 cls.non_admin_token = cls.os.token_v3_client
Chris Hoge4f6117a2015-03-20 12:39:33 -0500133
134 @classmethod
135 def resource_cleanup(cls):
136 super(BaseIdentityV3Test, cls).resource_cleanup()
137
138
139class BaseIdentityV3AdminTest(BaseIdentityV3Test):
140
Andrea Frittoli (andreaf)41601412015-05-12 16:39:03 +0100141 credentials = ['primary', 'admin']
Chris Hoge4f6117a2015-03-20 12:39:33 -0500142
143 @classmethod
144 def setup_clients(cls):
Rohan Kanadeb645e172015-02-05 17:38:59 +0530145 super(BaseIdentityV3AdminTest, cls).setup_clients()
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000146 cls.client = cls.os_adm.identity_v3_client
147 cls.token = cls.os_adm.token_v3_client
148 cls.endpoints_client = cls.os_adm.endpoints_client
Yaroslav Lobankov757d1a22015-12-18 11:43:02 +0300149 cls.regions_client = cls.os_adm.regions_client
Yaroslav Lobankov69d90562015-12-18 12:06:40 +0300150 cls.services_client = cls.os_adm.identity_services_client
Yaroslav Lobankoved4d15c2015-12-18 11:30:10 +0300151 cls.policies_client = cls.os_adm.policies_client
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000152 cls.creds_client = cls.os_adm.credentials_client
Yaroslav Lobankov997a1452015-11-19 17:11:37 +0300153 cls.groups_client = cls.os_adm.groups_client
154
155 cls.data = DataGenerator(cls.client)
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000156
157 @classmethod
Andrea Frittoli7688e742014-09-15 12:38:22 +0100158 def resource_cleanup(cls):
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000159 cls.data.teardown_all()
Andrea Frittoli7688e742014-09-15 12:38:22 +0100160 super(BaseIdentityV3AdminTest, cls).resource_cleanup()
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000161
David Kranzd8ccb792014-12-29 11:32:05 -0500162 @classmethod
163 def get_user_by_name(cls, name):
Ken'ichi Ohmichi402b8752015-11-09 10:47:16 +0000164 users = cls.client.list_users()['users']
David Kranzd8ccb792014-12-29 11:32:05 -0500165 user = [u for u in users if u['name'] == name]
166 if len(user) > 0:
167 return user[0]
168
169 @classmethod
170 def get_tenant_by_name(cls, name):
John Warren56317e02015-08-12 20:48:32 +0000171 tenants = cls.client.list_projects()['projects']
David Kranzd8ccb792014-12-29 11:32:05 -0500172 tenant = [t for t in tenants if t['name'] == name]
173 if len(tenant) > 0:
174 return tenant[0]
175
176 @classmethod
177 def get_role_by_name(cls, name):
John Warren56317e02015-08-12 20:48:32 +0000178 roles = cls.client.list_roles()['roles']
David Kranzd8ccb792014-12-29 11:32:05 -0500179 role = [r for r in roles if r['name'] == name]
180 if len(role) > 0:
181 return role[0]
182
BinBin Congc6e8ef52015-11-20 02:08:46 -0500183 @classmethod
184 def disable_user(cls, user_name):
185 user = cls.get_user_by_name(user_name)
186 cls.client.update_user(user['id'], user_name, enabled=False)
187
Martin Pavlasek4c3f2ab2014-04-15 17:15:15 +0200188 def delete_domain(self, domain_id):
189 # NOTE(mpavlase) It is necessary to disable the domain before deleting
190 # otherwise it raises Forbidden exception
191 self.client.update_domain(domain_id, enabled=False)
192 self.client.delete_domain(domain_id)
193
Matthew Treinishdb2c5972014-01-31 22:18:59 +0000194
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700195class DataGenerator(object):
196
Daniel Mellado82c83a52015-12-09 15:16:49 +0000197 def __init__(self, client, tenants_client=None, roles_client=None,
198 users_client=None):
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700199 self.client = client
Daniel Melladob04da902015-11-20 17:43:12 +0100200 # TODO(dmellado) split Datagenerator for v2 and v3
201 self.tenants_client = tenants_client
Daniel Mellado6b16b922015-12-07 12:43:08 +0000202 self.roles_client = roles_client
Daniel Mellado82c83a52015-12-09 15:16:49 +0000203 self.users_client = users_client
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700204 self.users = []
205 self.tenants = []
206 self.roles = []
207 self.role_name = None
Nayna Patele6331362013-08-12 06:59:48 +0000208 self.v3_users = []
209 self.projects = []
210 self.v3_roles = []
nayna-patel2db83b32014-05-15 11:41:03 +0000211 self.domains = []
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700212
Andrea Frittoli422fbdf2014-03-20 10:05:18 +0000213 @property
214 def test_credentials(self):
Andrea Frittoli (andreaf)290b3e12015-10-08 10:25:02 +0100215 return common_creds.get_credentials(username=self.test_user,
216 user_id=self.user['id'],
217 password=self.test_password,
218 tenant_name=self.test_tenant,
219 tenant_id=self.tenant['id'])
Andrea Frittoli422fbdf2014-03-20 10:05:18 +0000220
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700221 def setup_test_user(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500222 """Set up a test user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700223 self.setup_test_tenant()
Ken'ichi Ohmichi96508472015-03-23 01:43:42 +0000224 self.test_user = data_utils.rand_name('test_user')
Zack Feldsteind8c5f7a2015-12-14 10:44:07 -0600225 self.test_password = data_utils.rand_password()
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700226 self.test_email = self.test_user + '@testmail.tm'
Daniel Mellado82c83a52015-12-09 15:16:49 +0000227 self.user = self.users_client.create_user(self.test_user,
228 self.test_password,
229 self.tenant['id'],
230 self.test_email)['user']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700231 self.users.append(self.user)
232
233 def setup_test_tenant(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500234 """Set up a test tenant."""
Ken'ichi Ohmichi96508472015-03-23 01:43:42 +0000235 self.test_tenant = data_utils.rand_name('test_tenant')
236 self.test_description = data_utils.rand_name('desc')
Daniel Melladob04da902015-11-20 17:43:12 +0100237 self.tenant = self.tenants_client.create_tenant(
Zhongyue Luoa1343de2013-01-04 16:21:35 +0800238 name=self.test_tenant,
Anusha Ramineni0cfb4612015-08-24 08:49:10 +0530239 description=self.test_description)['tenant']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700240 self.tenants.append(self.tenant)
241
242 def setup_test_role(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500243 """Set up a test role."""
Masayuki Igawa259c1132013-10-31 17:48:44 +0900244 self.test_role = data_utils.rand_name('role')
piyush110786afaaf262015-12-11 18:54:05 +0530245 self.role = self.roles_client.create_role(
246 name=self.test_role)['role']
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700247 self.roles.append(self.role)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700248
Nayna Patele6331362013-08-12 06:59:48 +0000249 def setup_test_v3_user(self):
250 """Set up a test v3 user."""
251 self.setup_test_project()
Ken'ichi Ohmichi96508472015-03-23 01:43:42 +0000252 self.test_user = data_utils.rand_name('test_user')
Zack Feldsteind8c5f7a2015-12-14 10:44:07 -0600253 self.test_password = data_utils.rand_password()
Nayna Patele6331362013-08-12 06:59:48 +0000254 self.test_email = self.test_user + '@testmail.tm'
David Kranzd8ccb792014-12-29 11:32:05 -0500255 self.v3_user = self.client.create_user(
wanglianminb1ddea72014-02-25 17:17:30 +0800256 self.test_user,
257 password=self.test_password,
258 project_id=self.project['id'],
John Warren56317e02015-08-12 20:48:32 +0000259 email=self.test_email)['user']
Nayna Patele6331362013-08-12 06:59:48 +0000260 self.v3_users.append(self.v3_user)
261
262 def setup_test_project(self):
263 """Set up a test project."""
Ken'ichi Ohmichi96508472015-03-23 01:43:42 +0000264 self.test_project = data_utils.rand_name('test_project')
265 self.test_description = data_utils.rand_name('desc')
David Kranzd8ccb792014-12-29 11:32:05 -0500266 self.project = self.client.create_project(
Nayna Patele6331362013-08-12 06:59:48 +0000267 name=self.test_project,
John Warren56317e02015-08-12 20:48:32 +0000268 description=self.test_description)['project']
Nayna Patele6331362013-08-12 06:59:48 +0000269 self.projects.append(self.project)
270
271 def setup_test_v3_role(self):
272 """Set up a test v3 role."""
Masayuki Igawa259c1132013-10-31 17:48:44 +0900273 self.test_role = data_utils.rand_name('role')
piyush110786afaaf262015-12-11 18:54:05 +0530274 self.v3_role = self.client.create_role(name=self.test_role)['role']
Nayna Patele6331362013-08-12 06:59:48 +0000275 self.v3_roles.append(self.v3_role)
276
nayna-patel2db83b32014-05-15 11:41:03 +0000277 def setup_test_domain(self):
278 """Set up a test domain."""
279 self.test_domain = data_utils.rand_name('test_domain')
280 self.test_description = data_utils.rand_name('desc')
David Kranzd8ccb792014-12-29 11:32:05 -0500281 self.domain = self.client.create_domain(
nayna-patel2db83b32014-05-15 11:41:03 +0000282 name=self.test_domain,
John Warren56317e02015-08-12 20:48:32 +0000283 description=self.test_description)['domain']
nayna-patel2db83b32014-05-15 11:41:03 +0000284 self.domains.append(self.domain)
285
Masayuki Igawa630a3fa2014-03-12 19:51:45 +0900286 @staticmethod
287 def _try_wrapper(func, item, **kwargs):
288 try:
289 if kwargs:
David Kranz9e2ad372014-10-06 17:06:20 -0400290 func(item['id'], **kwargs)
Masayuki Igawa630a3fa2014-03-12 19:51:45 +0900291 else:
292 func(item['id'])
Masayuki Igawabfa07602015-01-20 18:47:17 +0900293 except lib_exc.NotFound:
Masayuki Igawa630a3fa2014-03-12 19:51:45 +0900294 pass
295 except Exception:
296 LOG.exception("Unexpected exception occurred in %s deletion."
297 " But ignored here." % item['id'])
298
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700299 def teardown_all(self):
Masayuki Igawa630a3fa2014-03-12 19:51:45 +0900300 # NOTE(masayukig): v3 client doesn't have v2 method.
301 # (e.g. delete_tenant) So we need to check resources existence
302 # before using client methods.
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700303 for user in self.users:
Daniel Mellado82c83a52015-12-09 15:16:49 +0000304 self._try_wrapper(self.users_client.delete_user, user)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700305 for tenant in self.tenants:
Daniel Melladob04da902015-11-20 17:43:12 +0100306 self._try_wrapper(self.tenants_client.delete_tenant, tenant)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700307 for role in self.roles:
Daniel Mellado6b16b922015-12-07 12:43:08 +0000308 self._try_wrapper(self.roles_client.delete_role, role)
Nayna Patele6331362013-08-12 06:59:48 +0000309 for v3_user in self.v3_users:
Masayuki Igawa630a3fa2014-03-12 19:51:45 +0900310 self._try_wrapper(self.client.delete_user, v3_user)
Nayna Patele6331362013-08-12 06:59:48 +0000311 for v3_project in self.projects:
Masayuki Igawa630a3fa2014-03-12 19:51:45 +0900312 self._try_wrapper(self.client.delete_project, v3_project)
Nayna Patele6331362013-08-12 06:59:48 +0000313 for v3_role in self.v3_roles:
Masayuki Igawa630a3fa2014-03-12 19:51:45 +0900314 self._try_wrapper(self.client.delete_role, v3_role)
nayna-patel2db83b32014-05-15 11:41:03 +0000315 for domain in self.domains:
Masayuki Igawa630a3fa2014-03-12 19:51:45 +0900316 self._try_wrapper(self.client.update_domain, domain,
317 enabled=False)
318 self._try_wrapper(self.client.delete_domain, domain)