Merge "Add ou to security service tests"
diff --git a/manila_tempest_tests/config.py b/manila_tempest_tests/config.py
index 4e6c99b..e737cb4 100644
--- a/manila_tempest_tests/config.py
+++ b/manila_tempest_tests/config.py
@@ -30,7 +30,7 @@
                help="The minimum api microversion is configured to be the "
                     "value of the minimum microversion supported by Manila."),
     cfg.StrOpt("max_api_microversion",
-               default="2.42",
+               default="2.44",
                help="The maximum api microversion is configured to be the "
                     "value of the latest microversion supported by Manila."),
     cfg.StrOpt("region",
diff --git a/manila_tempest_tests/services/share/v2/json/shares_client.py b/manila_tempest_tests/services/share/v2/json/shares_client.py
index 115aab3..3f1c8a1 100644
--- a/manila_tempest_tests/services/share/v2/json/shares_client.py
+++ b/manila_tempest_tests/services/share/v2/json/shares_client.py
@@ -1734,3 +1734,54 @@
                            ' the required time (%s s).' %
                            (resource_id, self.build_timeout))
                 raise exceptions.TimeoutException(message)
+
+###############
+
+    def create_security_service(self, ss_type="ldap",
+                                version=LATEST_MICROVERSION, **kwargs):
+        """Creates Security Service.
+
+        :param ss_type: ldap, kerberos, active_directory
+        :param version: microversion string
+        :param kwargs: name, description, dns_ip, server, ou, domain, user,
+        :param kwargs: password
+        """
+        post_body = {"type": ss_type}
+        post_body.update(kwargs)
+        body = json.dumps({"security_service": post_body})
+        resp, body = self.post("security-services", body, version=version)
+        self.expected_success(200, resp.status)
+        return self._parse_resp(body)
+
+    def update_security_service(self, ss_id, version=LATEST_MICROVERSION,
+                                **kwargs):
+        """Updates Security Service.
+
+        :param ss_id: id of security-service entity
+        :param version: microversion string
+        :param kwargs: dns_ip, server, ou, domain, user, password, name,
+        :param kwargs: description
+        :param kwargs: for 'active' status can be changed
+        :param kwargs: only 'name' and 'description' fields
+        """
+        body = json.dumps({"security_service": kwargs})
+        resp, body = self.put("security-services/%s" % ss_id, body,
+                              version=version)
+        self.expected_success(200, resp.status)
+        return self._parse_resp(body)
+
+    def get_security_service(self, ss_id, version=LATEST_MICROVERSION):
+        resp, body = self.get("security-services/%s" % ss_id, version=version)
+        self.expected_success(200, resp.status)
+        return self._parse_resp(body)
+
+    def list_security_services(self, detailed=False, params=None,
+                               version=LATEST_MICROVERSION):
+        uri = "security-services"
+        if detailed:
+            uri += '/detail'
+        if params:
+            uri += "?%s" % urlparse.urlencode(params)
+        resp, body = self.get(uri, version=version)
+        self.expected_success(200, resp.status)
+        return self._parse_resp(body)
diff --git a/manila_tempest_tests/tests/api/base.py b/manila_tempest_tests/tests/api/base.py
index 401c089..759b723 100644
--- a/manila_tempest_tests/tests/api/base.py
+++ b/manila_tempest_tests/tests/api/base.py
@@ -954,7 +954,7 @@
         return data
 
     @classmethod
-    def generate_security_service_data(self):
+    def generate_security_service_data(self, set_ou=False):
         data = {
             "name": data_utils.rand_name("ss-name"),
             "description": data_utils.rand_name("ss-desc"),
@@ -964,6 +964,9 @@
             "user": data_utils.rand_name("ss-user"),
             "password": data_utils.rand_name("ss-password"),
         }
+        if set_ou:
+            data["ou"] = data_utils.rand_name("ss-ou")
+
         return data
 
     # Useful assertions
diff --git a/manila_tempest_tests/tests/api/test_security_services.py b/manila_tempest_tests/tests/api/test_security_services.py
index 30cf6a9..78350a0 100644
--- a/manila_tempest_tests/tests/api/test_security_services.py
+++ b/manila_tempest_tests/tests/api/test_security_services.py
@@ -13,6 +13,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
+import ddt
 from oslo_log import log
 import six
 from tempest import config
@@ -20,11 +21,14 @@
 from testtools import testcase as tc
 
 from manila_tempest_tests.tests.api import base
+from manila_tempest_tests import utils
 
 CONF = config.CONF
+LATEST_MICROVERSION = CONF.share.max_api_microversion
 LOG = log.getLogger(__name__)
 
 
+@ddt.ddt
 class SecurityServiceListMixin(object):
 
     @tc.attr(base.TAG_POSITIVE, base.TAG_API)
@@ -39,8 +43,15 @@
         [self.assertIn(key, s_s.keys()) for s_s in listed for key in keys]
 
     @tc.attr(base.TAG_POSITIVE, base.TAG_API)
-    def test_list_security_services_with_detail(self):
-        listed = self.shares_client.list_security_services(detailed=True)
+    @ddt.data(*set(['1.0', '2.42', '2.44', LATEST_MICROVERSION]))
+    def test_list_security_services_with_detail(self, version):
+        with_ou = True if utils.is_microversion_ge(version, '2.44') else False
+        if utils.is_microversion_ge(version, '2.0'):
+            listed = self.shares_v2_client.list_security_services(
+                detailed=True, version=version)
+        else:
+            listed = self.shares_client.list_security_services(detailed=True)
+
         self.assertTrue(any(self.ss_ldap['id'] == ss['id'] for ss in listed))
         self.assertTrue(any(self.ss_kerberos['id'] == ss['id']
                             for ss in listed))
@@ -53,6 +64,9 @@
         ]
         [self.assertIn(key, s_s.keys()) for s_s in listed for key in keys]
 
+        for ss in listed:
+            self.assertEqual(with_ou, 'ou' in ss.keys())
+
     @tc.attr(base.TAG_POSITIVE, base.TAG_API)
     @testtools.skipIf(
         not CONF.share.multitenancy_enabled, "Only for multitenancy.")
@@ -98,6 +112,7 @@
                                 in search_opts.items()))
 
 
+@ddt.ddt
 class SecurityServicesTest(base.BaseSharesTest,
                            SecurityServiceListMixin):
     def setUp(self):
@@ -110,6 +125,8 @@
             'user': 'fake_user',
             'password': 'pass',
         }
+        if utils.is_microversion_ge(CONF.share.max_api_microversion, '2.44'):
+            ss_ldap_data['ou'] = 'OU=fake_unit_1'
         ss_kerberos_data = {
             'name': 'ss_kerberos',
             'dns_ip': '2.2.2.2',
@@ -118,6 +135,8 @@
             'user': 'test_user',
             'password': 'word',
         }
+        if utils.is_microversion_ge(CONF.share.max_api_microversion, '2.44'):
+            ss_kerberos_data['ou'] = 'OU=fake_unit_2'
         self.ss_ldap = self.create_security_service('ldap', **ss_ldap_data)
         self.ss_kerberos = self.create_security_service(
             'kerberos', **ss_kerberos_data)
@@ -133,13 +152,24 @@
             self.shares_client.delete_security_service(ss["id"])
 
     @tc.attr(base.TAG_POSITIVE, base.TAG_API)
-    def test_get_security_service(self):
-        data = self.generate_security_service_data()
-        ss = self.create_security_service(**data)
-        self.assertDictContainsSubset(data, ss)
+    @ddt.data(*set(['1.0', '2.43', '2.44', LATEST_MICROVERSION]))
+    def test_get_security_service(self, version):
+        with_ou = True if utils.is_microversion_ge(version, '2.44') else False
+        data = self.generate_security_service_data(set_ou=with_ou)
 
-        get = self.shares_client.get_security_service(ss["id"])
+        if utils.is_microversion_ge(version, '2.0'):
+            ss = self.create_security_service(
+                client=self.shares_v2_client, version=version, **data)
+            get = self.shares_v2_client.get_security_service(
+                ss["id"], version=version)
+        else:
+            ss = self.create_security_service(**data)
+            get = self.shares_client.get_security_service(ss["id"])
+
+        self.assertDictContainsSubset(data, ss)
+        self.assertEqual(with_ou, 'ou' in ss)
         self.assertDictContainsSubset(data, get)
+        self.assertEqual(with_ou, 'ou' in get)
 
     @tc.attr(base.TAG_POSITIVE, base.TAG_API)
     def test_update_security_service(self):
@@ -155,6 +185,16 @@
         self.assertDictContainsSubset(upd_data, updated)
         self.assertDictContainsSubset(upd_data, get)
 
+        if utils.is_microversion_ge(CONF.share.max_api_microversion, '2.44'):
+            # update again with ou
+            upd_data_ou = self.generate_security_service_data(set_ou=True)
+            updated_ou = self.shares_v2_client.update_security_service(
+                ss["id"], **upd_data_ou)
+
+            get_ou = self.shares_v2_client.get_security_service(ss["id"])
+            self.assertDictContainsSubset(upd_data_ou, updated_ou)
+            self.assertDictContainsSubset(upd_data_ou, get_ou)
+
     @tc.attr(base.TAG_POSITIVE, base.TAG_API_WITH_BACKEND)
     @testtools.skipIf(
         not CONF.share.multitenancy_enabled, "Only for multitenancy.")