Merge "Add test case for Keystone API "GET /v3/auth/projects""
diff --git a/releasenotes/notes/add-list-auth-project-client-5905076d914a3943.yaml b/releasenotes/notes/add-list-auth-project-client-5905076d914a3943.yaml
new file mode 100644
index 0000000..471f8f0
--- /dev/null
+++ b/releasenotes/notes/add-list-auth-project-client-5905076d914a3943.yaml
@@ -0,0 +1,6 @@
+---
+features:
+ - |
+ Add the list auth projects API to the identity client library. This feature
+ enables the possibility to list projects that are available to be scoped
+ to based on the X-Auth-Token provided in the request.
diff --git a/tempest/api/identity/admin/v3/test_tokens.py b/tempest/api/identity/admin/v3/test_tokens.py
index ed4d31a..fabb91c 100644
--- a/tempest/api/identity/admin/v3/test_tokens.py
+++ b/tempest/api/identity/admin/v3/test_tokens.py
@@ -16,10 +16,13 @@
import six
from tempest.api.identity import base
+from tempest import config
from tempest.lib.common.utils import data_utils
from tempest.lib import decorators
from tempest.lib import exceptions as lib_exc
+CONF = config.CONF
+
class TokensV3TestJSON(base.BaseIdentityV3AdminTest):
@@ -150,3 +153,34 @@
token_auth['token']['project']['id'])
self.assertEqual(project2['name'],
token_auth['token']['project']['name'])
+
+ @decorators.idempotent_id('08ed85ce-2ba8-4864-b442-bcc61f16ae89')
+ def test_get_available_project_scopes(self):
+ manager_project_id = self.manager.credentials.project_id
+ admin_user_id = self.os_adm.credentials.user_id
+ admin_role_id = self.get_role_by_name(CONF.identity.admin_role)['id']
+
+ # Grant the user the role on both projects.
+ self.roles_client.create_user_role_on_project(
+ manager_project_id, admin_user_id, admin_role_id)
+ self.addCleanup(
+ self.roles_client.delete_role_from_user_on_project,
+ manager_project_id, admin_user_id, admin_role_id)
+
+ assigned_project_ids = [self.os_adm.credentials.project_id,
+ manager_project_id]
+
+ # Get available project scopes
+ available_projects =\
+ self.client.list_auth_projects()['projects']
+
+ # create list to save fetched project's id
+ fetched_project_ids = [i['id'] for i in available_projects]
+
+ # verifying the project ids in list
+ missing_project_ids = \
+ [p for p in assigned_project_ids
+ if p not in fetched_project_ids]
+ self.assertEmpty(missing_project_ids,
+ "Failed to find project_id %s in fetched list" %
+ ', '.join(missing_project_ids))
diff --git a/tempest/lib/services/identity/v3/identity_client.py b/tempest/lib/services/identity/v3/identity_client.py
index 8177e35..755c14b 100644
--- a/tempest/lib/services/identity/v3/identity_client.py
+++ b/tempest/lib/services/identity/v3/identity_client.py
@@ -43,3 +43,10 @@
resp, body = self.delete("auth/tokens", headers=headers)
self.expected_success(204, resp.status)
return rest_client.ResponseBody(resp, body)
+
+ def list_auth_projects(self):
+ """Get available project scopes."""
+ resp, body = self.get("auth/projects")
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return rest_client.ResponseBody(resp, body)
diff --git a/tempest/tests/lib/services/identity/v3/test_identity_client.py b/tempest/tests/lib/services/identity/v3/test_identity_client.py
index 9eaaaaf..e435fe2 100644
--- a/tempest/tests/lib/services/identity/v3/test_identity_client.py
+++ b/tempest/tests/lib/services/identity/v3/test_identity_client.py
@@ -32,6 +32,34 @@
"description": "test_description"
}
+ FAKE_AUTH_PROJECTS = {
+ "projects": [
+ {
+ "domain_id": "1789d1",
+ "enabled": True,
+ "id": "263fd9",
+ "links": {
+ "self": "https://example.com/identity/v3/projects/263fd9"
+ },
+ "name": "Test Group"
+ },
+ {
+ "domain_id": "1789d1",
+ "enabled": True,
+ "id": "50ef01",
+ "links": {
+ "self": "https://example.com/identity/v3/projects/50ef01"
+ },
+ "name": "Build Group"
+ }
+ ],
+ "links": {
+ "self": "https://example.com/identity/v3/auth/projects",
+ "previous": None,
+ "next": None
+ }
+ }
+
def setUp(self):
super(TestIdentityClient, self).setUp()
fake_auth = fake_auth_provider.FakeAuthProvider()
@@ -54,6 +82,13 @@
bytes_body,
resp_token="cbc36478b0bd8e67e89")
+ def _test_list_auth_projects(self, bytes_body=False):
+ self.check_service_client_function(
+ self.client.list_auth_projects,
+ 'tempest.lib.common.rest_client.RestClient.get',
+ self.FAKE_AUTH_PROJECTS,
+ bytes_body)
+
def test_show_api_description_with_str_body(self):
self._test_show_api_description()
@@ -73,3 +108,9 @@
{},
resp_token="cbc36478b0bd8e67e89",
status=204)
+
+ def test_list_auth_projects_with_str_body(self):
+ self._test_list_auth_projects()
+
+ def test_list_auth_projects_with_bytes_body(self):
+ self._test_list_auth_projects(bytes_body=True)