Blame - tempest/api/identity/admin/v2/test_tokens.py - tempest

2013-10-10 11:12:44 +0800

[diff] [blame]

#

# Licensed under the Apache License, Version 2.0 (the "License"); you may

5

# not use this file except in compliance with the License. You may obtain

6

# a copy of the License at

7

#

8

# http://www.apache.org/licenses/LICENSE-2.0

9

#

10

# Unless required by applicable law or agreed to in writing, software

11

# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT

12

# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the

13

# License for the specific language governing permissions and limitations

14

# under the License.

15

Matthew Treinish

01472ff

2015-02-20 17:26:52 -0500

[diff] [blame]

16

from tempest_lib.common.utils import data_utils

17

huangtianhua

2013-10-10 11:12:44 +0800

[diff] [blame]

18

from tempest.api.identity import base

Matthew Treinish

5c660ab

2014-05-18 21:14:36 -0400

[diff] [blame]

19

from tempest import test

huangtianhua

2013-10-10 11:12:44 +0800

[diff] [blame]

20

21

Matthew Treinish

db2c597

2014-01-31 22:18:59 +0000

[diff] [blame]

22

class TokensTestJSON(base.BaseIdentityV2AdminTest):

huangtianhua

2013-10-10 11:12:44 +0800

[diff] [blame]

23

Matthew Treinish

5c660ab

2014-05-18 21:14:36 -0400

[diff] [blame]

24

@test.attr(type='gate')

Chris Hoge

7579c1a

2015-02-26 14:12:15 -0800

[diff] [blame]

25

@test.idempotent_id('453ad4d5-e486-4b2f-be72-cffc8149e586')

Zhi Kun Liu

30caeae

2014-02-26 15:30:24 +0800

[diff] [blame]

26

def test_create_get_delete_token(self):

huangtianhua

2013-10-10 11:12:44 +0800

[diff] [blame]

27

# get a token by username and password

Ken'ichi Ohmichi

2015-03-23 01:43:42 +0000

[diff] [blame^]

28

user_name = data_utils.rand_name(name='user')

29

user_password = data_utils.rand_name(name='pass')

huangtianhua

2013-10-10 11:12:44 +0800

[diff] [blame]

30

# first:create a tenant

Ken'ichi Ohmichi

2015-03-23 01:43:42 +0000

[diff] [blame^]

31

tenant_name = data_utils.rand_name(name='tenant')

David Kranz

2014-12-30 10:56:26 -0500

[diff] [blame]

32

tenant = self.client.create_tenant(tenant_name)

huangtianhua

2013-10-10 11:12:44 +0800

[diff] [blame]

33

self.data.tenants.append(tenant)

34

# second:create a user

David Kranz

2014-12-30 10:56:26 -0500

[diff] [blame]

35

user = self.client.create_user(user_name, user_password,

36

tenant['id'], '')

huangtianhua

2013-10-10 11:12:44 +0800

[diff] [blame]

37

self.data.users.append(user)

38

# then get a token for the user

David Kranz

2014-12-30 10:56:26 -0500

[diff] [blame]

39

body = self.token_client.auth(user_name,

40

user_password,

41

tenant['name'])

Andrea Frittoli

8bbdb16

2014-01-06 11:06:13 +0000

[diff] [blame]

42

self.assertEqual(body['token']['tenant']['name'],

huangtianhua

2013-10-10 11:12:44 +0800

[diff] [blame]

43

tenant['name'])

Zhi Kun Liu

30caeae

2014-02-26 15:30:24 +0800

[diff] [blame]

44

# Perform GET Token

Andrea Frittoli

8bbdb16

2014-01-06 11:06:13 +0000

[diff] [blame]

45

token_id = body['token']['id']

David Kranz

2014-12-30 10:56:26 -0500

[diff] [blame]

46

token_details = self.client.get_token(token_id)

Zhi Kun Liu

30caeae

2014-02-26 15:30:24 +0800

[diff] [blame]

47

self.assertEqual(token_id, token_details['token']['id'])

48

self.assertEqual(user['id'], token_details['user']['id'])

49

self.assertEqual(user_name, token_details['user']['name'])

50

self.assertEqual(tenant['name'],

51

token_details['token']['tenant']['name'])

52

# then delete the token

David Kranz

2014-07-02 13:57:41 -0400

[diff] [blame]

53

self.client.delete_token(token_id)

huangtianhua

2013-10-10 11:12:44 +0800

[diff] [blame]

54

Matthew Treinish

5c660ab

2014-05-18 21:14:36 -0400

[diff] [blame]

55

@test.attr(type='gate')

Chris Hoge

7579c1a

2015-02-26 14:12:15 -0800

[diff] [blame]

56

@test.idempotent_id('25ba82ee-8a32-4ceb-8f50-8b8c71e8765e')

Brant Knudson

2014-03-15 09:36:45 -0500

[diff] [blame]

57

def test_rescope_token(self):

58

"""An unscoped token can be requested, that token can be used to

59

request a scoped token.

60

"""

61

62

# Create a user.

Ken'ichi Ohmichi

2015-03-23 01:43:42 +0000

[diff] [blame^]

63

user_name = data_utils.rand_name(name='user')

64

user_password = data_utils.rand_name(name='pass')

Brant Knudson

2014-03-15 09:36:45 -0500

[diff] [blame]

65

tenant_id = None # No default tenant so will get unscoped token.

66

email = ''

David Kranz

2014-12-30 10:56:26 -0500

[diff] [blame]

67

user = self.client.create_user(user_name, user_password,

68

tenant_id, email)

Brant Knudson

2014-03-15 09:36:45 -0500

[diff] [blame]

69

self.data.users.append(user)

70

Brant Knudson

2014-03-16 11:14:14 -0500

[diff] [blame]

71

# Create a couple tenants.

Ken'ichi Ohmichi

2015-03-23 01:43:42 +0000

[diff] [blame^]

72

tenant1_name = data_utils.rand_name(name='tenant')

David Kranz

2014-12-30 10:56:26 -0500

[diff] [blame]

73

tenant1 = self.client.create_tenant(tenant1_name)

Brant Knudson

2014-03-16 11:14:14 -0500

[diff] [blame]

74

self.data.tenants.append(tenant1)

75

Ken'ichi Ohmichi

2015-03-23 01:43:42 +0000

[diff] [blame^]

76

tenant2_name = data_utils.rand_name(name='tenant')

David Kranz

2014-12-30 10:56:26 -0500

[diff] [blame]

77

tenant2 = self.client.create_tenant(tenant2_name)

Brant Knudson

2014-03-16 11:14:14 -0500

[diff] [blame]

78

self.data.tenants.append(tenant2)

Brant Knudson

2014-03-15 09:36:45 -0500

[diff] [blame]

79

80

# Create a role

Ken'ichi Ohmichi

2015-03-23 01:43:42 +0000

[diff] [blame^]

81

role_name = data_utils.rand_name(name='role')

David Kranz

2014-12-30 10:56:26 -0500

[diff] [blame]

82

role = self.client.create_role(role_name)

Brant Knudson

2014-03-15 09:36:45 -0500

[diff] [blame]

83

self.data.roles.append(role)

84

Brant Knudson

2014-03-16 11:14:14 -0500

[diff] [blame]

85

# Grant the user the role on the tenants.

David Kranz

2014-07-02 13:57:41 -0400

[diff] [blame]

86

self.client.assign_user_role(tenant1['id'], user['id'],

87

role['id'])

Brant Knudson

2014-03-16 11:14:14 -0500

[diff] [blame]

88

David Kranz

2014-07-02 13:57:41 -0400

[diff] [blame]

89

self.client.assign_user_role(tenant2['id'], user['id'],

90

role['id'])

Brant Knudson

2014-03-15 09:36:45 -0500

[diff] [blame]

91

92

# Get an unscoped token.

David Kranz

2014-12-30 10:56:26 -0500

[diff] [blame]

93

body = self.token_client.auth(user_name, user_password)

Brant Knudson

2014-03-15 09:36:45 -0500

[diff] [blame]

94

95

token_id = body['token']['id']

96

Brant Knudson

2014-03-16 11:14:14 -0500

[diff] [blame]

97

# Use the unscoped token to get a token scoped to tenant1

David Kranz

2014-12-30 10:56:26 -0500

[diff] [blame]

98

body = self.token_client.auth_token(token_id,

99

tenant=tenant1_name)

Brant Knudson

2014-03-15 09:36:45 -0500

[diff] [blame]

100

Brant Knudson

2014-03-16 11:14:14 -0500

[diff] [blame]

101

scoped_token_id = body['token']['id']

102

103

# Revoke the scoped token

David Kranz

2014-07-02 13:57:41 -0400

[diff] [blame]

104

self.client.delete_token(scoped_token_id)

Brant Knudson

2014-03-16 11:14:14 -0500

[diff] [blame]

105

106

# Use the unscoped token to get a token scoped to tenant2

David Kranz