| Andrea Frittoli | 17347f0 | 2017-07-26 16:18:30 +0100 | [diff] [blame] | 1 | # Copyright 2017 IBM Corp. |
| 2 | # All Rights Reserved. |
| 3 | # |
| 4 | # Licensed under the Apache License, Version 2.0 (the "License"); you may |
| 5 | # not use this file except in compliance with the License. You may obtain |
| 6 | # a copy of the License at |
| 7 | # |
| 8 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | # |
| 10 | # Unless required by applicable law or agreed to in writing, software |
| 11 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| 12 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
| 13 | # License for the specific language governing permissions and limitations |
| 14 | # under the License. |
| 15 | |
| 16 | import mock |
| 17 | from oslo_config import cfg |
| 18 | import testtools |
| 19 | |
| 20 | from tempest.common import credentials_factory as cf |
| 21 | from tempest import config |
| 22 | from tempest.lib.common import dynamic_creds |
| 23 | from tempest.lib.common import preprov_creds |
| 24 | from tempest.lib import exceptions |
| 25 | from tempest.tests import base |
| 26 | from tempest.tests import fake_config |
| 27 | from tempest.tests.lib import fake_credentials |
| 28 | |
| 29 | |
| 30 | class TestCredentialsFactory(base.TestCase): |
| 31 | |
| 32 | def setUp(self): |
| 33 | super(TestCredentialsFactory, self).setUp() |
| 34 | self.useFixture(fake_config.ConfigFixture()) |
| 35 | self.patchobject(config, 'TempestConfigPrivate', |
| 36 | fake_config.FakePrivate) |
| 37 | |
| 38 | def test_get_dynamic_provider_params_creds_v2(self): |
| 39 | expected_uri = 'EXPECTED_V2_URI' |
| 40 | cfg.CONF.set_default('uri', expected_uri, group='identity') |
| 41 | admin_creds = fake_credentials.FakeCredentials() |
| 42 | params = cf.get_dynamic_provider_params('v2', admin_creds=admin_creds) |
| 43 | expected_params = dict(identity_uri=expected_uri, |
| 44 | admin_creds=admin_creds) |
| 45 | for key in expected_params: |
| 46 | self.assertIn(key, params) |
| 47 | self.assertEqual(expected_params[key], params[key]) |
| 48 | |
| 49 | def test_get_dynamic_provider_params_creds_v3(self): |
| 50 | expected_uri = 'EXPECTED_V3_URI' |
| 51 | cfg.CONF.set_default('uri_v3', expected_uri, group='identity') |
| 52 | admin_creds = fake_credentials.FakeCredentials() |
| 53 | params = cf.get_dynamic_provider_params('v3', admin_creds=admin_creds) |
| 54 | expected_params = dict(identity_uri=expected_uri, |
| 55 | admin_creds=admin_creds) |
| 56 | for key in expected_params: |
| 57 | self.assertIn(key, params) |
| 58 | self.assertEqual(expected_params[key], params[key]) |
| 59 | |
| 60 | def test_get_dynamic_provider_params_creds_vx(self): |
| 61 | admin_creds = fake_credentials.FakeCredentials() |
| 62 | invalid_version = 'invalid_version_x' |
| 63 | with testtools.ExpectedException( |
| 64 | exc_type=exceptions.InvalidIdentityVersion, |
| 65 | value_re='Invalid version ' + invalid_version): |
| 66 | cf.get_dynamic_provider_params(invalid_version, |
| 67 | admin_creds=admin_creds) |
| 68 | |
| 69 | def test_get_dynamic_provider_params_no_creds(self): |
| 70 | expected_identity_version = 'v3' |
| 71 | with mock.patch.object( |
| 72 | cf, 'get_configured_admin_credentials') as admin_creds_mock: |
| 73 | cf.get_dynamic_provider_params(expected_identity_version) |
| 74 | admin_creds_mock.assert_called_once_with( |
| 75 | fill_in=True, identity_version=expected_identity_version) |
| 76 | |
| 77 | def test_get_preprov_provider_params_creds_v2(self): |
| 78 | expected_uri = 'EXPECTED_V2_URI' |
| 79 | cfg.CONF.set_default('uri', expected_uri, group='identity') |
| 80 | params = cf.get_preprov_provider_params('v2') |
| 81 | self.assertIn('identity_uri', params) |
| 82 | self.assertEqual(expected_uri, params['identity_uri']) |
| 83 | |
| 84 | def test_get_preprov_provider_params_creds_v3(self): |
| 85 | expected_uri = 'EXPECTED_V3_URI' |
| 86 | cfg.CONF.set_default('uri_v3', expected_uri, group='identity') |
| 87 | params = cf.get_preprov_provider_params('v3') |
| 88 | self.assertIn('identity_uri', params) |
| 89 | self.assertEqual(expected_uri, params['identity_uri']) |
| 90 | |
| 91 | def test_get_preprov_provider_params_creds_vx(self): |
| 92 | invalid_version = 'invalid_version_x' |
| 93 | with testtools.ExpectedException( |
| 94 | exc_type=exceptions.InvalidIdentityVersion, |
| 95 | value_re='Invalid version ' + invalid_version): |
| 96 | cf.get_dynamic_provider_params(invalid_version) |
| 97 | |
| 98 | @mock.patch.object(dynamic_creds, 'DynamicCredentialProvider') |
| 99 | @mock.patch.object(cf, 'get_dynamic_provider_params') |
| 100 | def test_get_credentials_provider_dynamic( |
| 101 | self, mock_dynamic_provider_params, |
| 102 | mock_dynamic_credentials_provider_class): |
| 103 | cfg.CONF.set_default('use_dynamic_credentials', True, group='auth') |
| 104 | expected_params = {'foo': 'bar'} |
| 105 | mock_dynamic_provider_params.return_value = expected_params |
| 106 | expected_name = 'my_name' |
| 107 | expected_network_resources = {'network': 'resources'} |
| 108 | expected_identity_version = 'identity_version' |
| 109 | cf.get_credentials_provider( |
| 110 | expected_name, |
| 111 | network_resources=expected_network_resources, |
| 112 | force_tenant_isolation=False, |
| 113 | identity_version=expected_identity_version) |
| 114 | mock_dynamic_provider_params.assert_called_once_with( |
| 115 | expected_identity_version) |
| 116 | mock_dynamic_credentials_provider_class.assert_called_once_with( |
| 117 | name=expected_name, network_resources=expected_network_resources, |
| 118 | **expected_params) |
| 119 | |
| 120 | @mock.patch.object(preprov_creds, 'PreProvisionedCredentialProvider') |
| 121 | @mock.patch.object(cf, 'get_preprov_provider_params') |
| 122 | def test_get_credentials_provider_preprov( |
| 123 | self, mock_preprov_provider_params, |
| 124 | mock_preprov_credentials_provider_class): |
| 125 | cfg.CONF.set_default('use_dynamic_credentials', False, group='auth') |
| 126 | cfg.CONF.set_default('test_accounts_file', '/some/file', group='auth') |
| 127 | expected_params = {'foo': 'bar'} |
| 128 | mock_preprov_provider_params.return_value = expected_params |
| 129 | expected_name = 'my_name' |
| 130 | expected_identity_version = 'identity_version' |
| 131 | cf.get_credentials_provider( |
| 132 | expected_name, |
| 133 | force_tenant_isolation=False, |
| 134 | identity_version=expected_identity_version) |
| 135 | mock_preprov_provider_params.assert_called_once_with( |
| 136 | expected_identity_version) |
| 137 | mock_preprov_credentials_provider_class.assert_called_once_with( |
| 138 | name=expected_name, **expected_params) |
| 139 | |
| 140 | def test_get_credentials_provider_preprov_no_file(self): |
| 141 | cfg.CONF.set_default('use_dynamic_credentials', False, group='auth') |
| 142 | cfg.CONF.set_default('test_accounts_file', None, group='auth') |
| 143 | with testtools.ExpectedException( |
| 144 | exc_type=exceptions.InvalidConfiguration): |
| 145 | cf.get_credentials_provider( |
| 146 | 'some_name', |
| 147 | force_tenant_isolation=False, |
| 148 | identity_version='some_version') |
| 149 | |
| 150 | @mock.patch.object(dynamic_creds, 'DynamicCredentialProvider') |
| 151 | @mock.patch.object(cf, 'get_dynamic_provider_params') |
| 152 | def test_get_credentials_provider_force_dynamic( |
| 153 | self, mock_dynamic_provider_params, |
| 154 | mock_dynamic_credentials_provider_class): |
| 155 | cfg.CONF.set_default('use_dynamic_credentials', False, group='auth') |
| 156 | expected_params = {'foo': 'bar'} |
| 157 | mock_dynamic_provider_params.return_value = expected_params |
| 158 | expected_name = 'my_name' |
| 159 | expected_network_resources = {'network': 'resources'} |
| 160 | expected_identity_version = 'identity_version' |
| 161 | cf.get_credentials_provider( |
| 162 | expected_name, |
| 163 | network_resources=expected_network_resources, |
| 164 | force_tenant_isolation=True, |
| 165 | identity_version=expected_identity_version) |
| 166 | mock_dynamic_provider_params.assert_called_once_with( |
| 167 | expected_identity_version) |
| 168 | mock_dynamic_credentials_provider_class.assert_called_once_with( |
| 169 | name=expected_name, network_resources=expected_network_resources, |
| 170 | **expected_params) |
| 171 | |
| 172 | @mock.patch.object(cf, 'get_credentials') |
| 173 | def test_get_configured_admin_credentials(self, mock_get_credentials): |
| 174 | cfg.CONF.set_default('auth_version', 'v3', 'identity') |
| 175 | all_params = [('admin_username', 'username', 'my_name'), |
| 176 | ('admin_password', 'password', 'secret'), |
| 177 | ('admin_project_name', 'project_name', 'my_pname'), |
| 178 | ('admin_domain_name', 'domain_name', 'my_dname')] |
| 179 | expected_result = 'my_admin_credentials' |
| 180 | mock_get_credentials.return_value = expected_result |
| 181 | for config_item, _, value in all_params: |
| 182 | cfg.CONF.set_default(config_item, value, 'auth') |
| 183 | # Build the expected params |
| 184 | expected_params = dict( |
| 185 | [(field, value) for _, field, value in all_params]) |
| 186 | expected_params.update(cf.DEFAULT_PARAMS) |
| 187 | admin_creds = cf.get_configured_admin_credentials() |
| 188 | mock_get_credentials.assert_called_once_with( |
| 189 | fill_in=True, identity_version='v3', **expected_params) |
| 190 | self.assertEqual(expected_result, admin_creds) |
| 191 | |
| 192 | @mock.patch.object(cf, 'get_credentials') |
| 193 | def test_get_configured_admin_credentials_not_fill_valid( |
| 194 | self, mock_get_credentials): |
| 195 | cfg.CONF.set_default('auth_version', 'v2', 'identity') |
| 196 | all_params = [('admin_username', 'username', 'my_name'), |
| 197 | ('admin_password', 'password', 'secret'), |
| 198 | ('admin_project_name', 'project_name', 'my_pname'), |
| 199 | ('admin_domain_name', 'domain_name', 'my_dname')] |
| 200 | expected_result = mock.Mock() |
| 201 | expected_result.is_valid.return_value = True |
| 202 | mock_get_credentials.return_value = expected_result |
| 203 | for config_item, _, value in all_params: |
| 204 | cfg.CONF.set_default(config_item, value, 'auth') |
| 205 | # Build the expected params |
| 206 | expected_params = dict( |
| 207 | [(field, value) for _, field, value in all_params]) |
| 208 | expected_params.update(cf.DEFAULT_PARAMS) |
| 209 | admin_creds = cf.get_configured_admin_credentials( |
| 210 | fill_in=False, identity_version='v3') |
| 211 | mock_get_credentials.assert_called_once_with( |
| 212 | fill_in=False, identity_version='v3', **expected_params) |
| 213 | self.assertEqual(expected_result, admin_creds) |
| 214 | expected_result.is_valid.assert_called_once() |
| 215 | |
| 216 | @mock.patch.object(cf, 'get_credentials') |
| 217 | def test_get_configured_admin_credentials_not_fill_not_valid( |
| 218 | self, mock_get_credentials): |
| 219 | cfg.CONF.set_default('auth_version', 'v2', 'identity') |
| 220 | expected_result = mock.Mock() |
| 221 | expected_result.is_valid.return_value = False |
| 222 | mock_get_credentials.return_value = expected_result |
| 223 | with testtools.ExpectedException(exceptions.InvalidConfiguration, |
| 224 | value_re='.*\n.*identity version v2'): |
| 225 | cf.get_configured_admin_credentials(fill_in=False) |
| 226 | |
| 227 | @mock.patch('tempest.lib.auth.get_credentials') |
| 228 | def test_get_credentials_v2(self, mock_auth_get_credentials): |
| 229 | expected_uri = 'V2_URI' |
| 230 | expected_result = 'my_creds' |
| 231 | mock_auth_get_credentials.return_value = expected_result |
| 232 | cfg.CONF.set_default('uri', expected_uri, 'identity') |
| 233 | params = {'foo': 'bar'} |
| 234 | expected_params = params.copy() |
| 235 | expected_params.update(cf.DEFAULT_PARAMS) |
| 236 | result = cf.get_credentials(identity_version='v2', **params) |
| 237 | self.assertEqual(expected_result, result) |
| 238 | mock_auth_get_credentials.assert_called_once_with( |
| 239 | expected_uri, fill_in=True, identity_version='v2', |
| 240 | **expected_params) |
| 241 | |
| 242 | @mock.patch('tempest.lib.auth.get_credentials') |
| 243 | def test_get_credentials_v3_no_domain(self, mock_auth_get_credentials): |
| 244 | expected_uri = 'V3_URI' |
| 245 | expected_result = 'my_creds' |
| 246 | expected_domain = 'my_domain' |
| 247 | mock_auth_get_credentials.return_value = expected_result |
| 248 | cfg.CONF.set_default('uri_v3', expected_uri, 'identity') |
| 249 | cfg.CONF.set_default('default_credentials_domain_name', |
| 250 | expected_domain, 'auth') |
| 251 | params = {'foo': 'bar'} |
| 252 | expected_params = params.copy() |
| 253 | expected_params['domain_name'] = expected_domain |
| 254 | expected_params.update(cf.DEFAULT_PARAMS) |
| 255 | result = cf.get_credentials(fill_in=False, identity_version='v3', |
| 256 | **params) |
| 257 | self.assertEqual(expected_result, result) |
| 258 | mock_auth_get_credentials.assert_called_once_with( |
| 259 | expected_uri, fill_in=False, identity_version='v3', |
| 260 | **expected_params) |
| 261 | |
| 262 | @mock.patch('tempest.lib.auth.get_credentials') |
| 263 | def test_get_credentials_v3_domain(self, mock_auth_get_credentials): |
| 264 | expected_uri = 'V3_URI' |
| 265 | expected_result = 'my_creds' |
| 266 | expected_domain = 'my_domain' |
| 267 | mock_auth_get_credentials.return_value = expected_result |
| 268 | cfg.CONF.set_default('uri_v3', expected_uri, 'identity') |
| 269 | cfg.CONF.set_default('default_credentials_domain_name', |
| 270 | expected_domain, 'auth') |
| 271 | params = {'foo': 'bar', 'user_domain_name': expected_domain} |
| 272 | expected_params = params.copy() |
| 273 | expected_params.update(cf.DEFAULT_PARAMS) |
| 274 | result = cf.get_credentials(fill_in=False, identity_version='v3', |
| 275 | **params) |
| 276 | self.assertEqual(expected_result, result) |
| 277 | mock_auth_get_credentials.assert_called_once_with( |
| 278 | expected_uri, fill_in=False, identity_version='v3', |
| 279 | **expected_params) |