Split out keystone tenant client
Removes tenant client from identity client v2 into an own one.
Partially implements blueprint consistent-service-method-names
Change-Id: Ib164a108e2fea2c7c28d3a43b96c2881733bf34d
diff --git a/tempest/api/identity/admin/v2/test_tenant_negative.py b/tempest/api/identity/admin/v2/test_tenant_negative.py
index 74558d1..a02dbc1 100644
--- a/tempest/api/identity/admin/v2/test_tenant_negative.py
+++ b/tempest/api/identity/admin/v2/test_tenant_negative.py
@@ -29,7 +29,7 @@
def test_list_tenants_by_unauthorized_user(self):
# Non-administrator user should not be able to list tenants
self.assertRaises(lib_exc.Forbidden,
- self.non_admin_client.list_tenants)
+ self.non_admin_tenants_client.list_tenants)
@test.attr(type=['negative'])
@test.idempotent_id('df33926c-1c96-4d8d-a762-79cc6b0c3cf4')
@@ -37,7 +37,8 @@
# Request to list tenants without a valid token should fail
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
- self.assertRaises(lib_exc.Unauthorized, self.client.list_tenants)
+ self.assertRaises(lib_exc.Unauthorized,
+ self.tenants_client.list_tenants)
self.client.auth_provider.clear_auth()
@test.attr(type=['negative'])
@@ -45,21 +46,23 @@
def test_tenant_delete_by_unauthorized_user(self):
# Non-administrator user should not be able to delete a tenant
tenant_name = data_utils.rand_name(name='tenant')
- tenant = self.client.create_tenant(tenant_name)['tenant']
+ tenant = self.tenants_client.create_tenant(tenant_name)['tenant']
self.data.tenants.append(tenant)
self.assertRaises(lib_exc.Forbidden,
- self.non_admin_client.delete_tenant, tenant['id'])
+ self.non_admin_tenants_client.delete_tenant,
+ tenant['id'])
@test.attr(type=['negative'])
@test.idempotent_id('e450db62-2e9d-418f-893a-54772d6386b1')
def test_tenant_delete_request_without_token(self):
# Request to delete a tenant without a valid token should fail
tenant_name = data_utils.rand_name(name='tenant')
- tenant = self.client.create_tenant(tenant_name)['tenant']
+ tenant = self.tenants_client.create_tenant(tenant_name)['tenant']
self.data.tenants.append(tenant)
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
- self.assertRaises(lib_exc.Unauthorized, self.client.delete_tenant,
+ self.assertRaises(lib_exc.Unauthorized,
+ self.tenants_client.delete_tenant,
tenant['id'])
self.client.auth_provider.clear_auth()
@@ -67,7 +70,7 @@
@test.idempotent_id('9c9a2aed-6e3c-467a-8f5c-89da9d1b516b')
def test_delete_non_existent_tenant(self):
# Attempt to delete a non existent tenant should fail
- self.assertRaises(lib_exc.NotFound, self.client.delete_tenant,
+ self.assertRaises(lib_exc.NotFound, self.tenants_client.delete_tenant,
str(uuid.uuid4().hex))
@test.attr(type=['negative'])
@@ -75,14 +78,14 @@
def test_tenant_create_duplicate(self):
# Tenant names should be unique
tenant_name = data_utils.rand_name(name='tenant')
- body = self.client.create_tenant(tenant_name)['tenant']
+ body = self.tenants_client.create_tenant(tenant_name)['tenant']
tenant = body
self.data.tenants.append(tenant)
tenant1_id = body.get('id')
- self.addCleanup(self.client.delete_tenant, tenant1_id)
+ self.addCleanup(self.tenants_client.delete_tenant, tenant1_id)
self.addCleanup(self.data.tenants.remove, tenant)
- self.assertRaises(lib_exc.Conflict, self.client.create_tenant,
+ self.assertRaises(lib_exc.Conflict, self.tenants_client.create_tenant,
tenant_name)
@test.attr(type=['negative'])
@@ -91,7 +94,8 @@
# Non-administrator user should not be authorized to create a tenant
tenant_name = data_utils.rand_name(name='tenant')
self.assertRaises(lib_exc.Forbidden,
- self.non_admin_client.create_tenant, tenant_name)
+ self.non_admin_tenants_client.create_tenant,
+ tenant_name)
@test.attr(type=['negative'])
@test.idempotent_id('a3ee9d7e-6920-4dd5-9321-d4b2b7f0a638')
@@ -100,7 +104,8 @@
tenant_name = data_utils.rand_name(name='tenant')
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
- self.assertRaises(lib_exc.Unauthorized, self.client.create_tenant,
+ self.assertRaises(lib_exc.Unauthorized,
+ self.tenants_client.create_tenant,
tenant_name)
self.client.auth_provider.clear_auth()
@@ -108,7 +113,8 @@
@test.idempotent_id('5a2e4ca9-b0c0-486c-9c48-64a94fba2395')
def test_create_tenant_with_empty_name(self):
# Tenant name should not be empty
- self.assertRaises(lib_exc.BadRequest, self.client.create_tenant,
+ self.assertRaises(lib_exc.BadRequest,
+ self.tenants_client.create_tenant,
name='')
@test.attr(type=['negative'])
@@ -116,14 +122,15 @@
def test_create_tenants_name_length_over_64(self):
# Tenant name length should not be greater than 64 characters
tenant_name = 'a' * 65
- self.assertRaises(lib_exc.BadRequest, self.client.create_tenant,
+ self.assertRaises(lib_exc.BadRequest,
+ self.tenants_client.create_tenant,
tenant_name)
@test.attr(type=['negative'])
@test.idempotent_id('bd20dc2a-9557-4db7-b755-f48d952ad706')
def test_update_non_existent_tenant(self):
# Attempt to update a non existent tenant should fail
- self.assertRaises(lib_exc.NotFound, self.client.update_tenant,
+ self.assertRaises(lib_exc.NotFound, self.tenants_client.update_tenant,
str(uuid.uuid4().hex))
@test.attr(type=['negative'])
@@ -131,20 +138,22 @@
def test_tenant_update_by_unauthorized_user(self):
# Non-administrator user should not be able to update a tenant
tenant_name = data_utils.rand_name(name='tenant')
- tenant = self.client.create_tenant(tenant_name)['tenant']
+ tenant = self.tenants_client.create_tenant(tenant_name)['tenant']
self.data.tenants.append(tenant)
self.assertRaises(lib_exc.Forbidden,
- self.non_admin_client.update_tenant, tenant['id'])
+ self.non_admin_tenants_client.update_tenant,
+ tenant['id'])
@test.attr(type=['negative'])
@test.idempotent_id('7a421573-72c7-4c22-a98e-ce539219c657')
def test_tenant_update_request_without_token(self):
# Request to update a tenant without a valid token should fail
tenant_name = data_utils.rand_name(name='tenant')
- tenant = self.client.create_tenant(tenant_name)['tenant']
+ tenant = self.tenants_client.create_tenant(tenant_name)['tenant']
self.data.tenants.append(tenant)
token = self.client.auth_provider.get_token()
self.client.delete_token(token)
- self.assertRaises(lib_exc.Unauthorized, self.client.update_tenant,
+ self.assertRaises(lib_exc.Unauthorized,
+ self.tenants_client.update_tenant,
tenant['id'])
self.client.auth_provider.clear_auth()
diff --git a/tempest/api/identity/admin/v2/test_tenants.py b/tempest/api/identity/admin/v2/test_tenants.py
index 4632b1e..8d0b9b1 100644
--- a/tempest/api/identity/admin/v2/test_tenants.py
+++ b/tempest/api/identity/admin/v2/test_tenants.py
@@ -28,19 +28,19 @@
tenants = []
for _ in moves.xrange(3):
tenant_name = data_utils.rand_name(name='tenant-new')
- tenant = self.client.create_tenant(tenant_name)['tenant']
+ tenant = self.tenants_client.create_tenant(tenant_name)['tenant']
self.data.tenants.append(tenant)
tenants.append(tenant)
tenant_ids = map(lambda x: x['id'], tenants)
- body = self.client.list_tenants()['tenants']
+ body = self.tenants_client.list_tenants()['tenants']
found = [t for t in body if t['id'] in tenant_ids]
self.assertEqual(len(found), len(tenants), 'Tenants not created')
for tenant in tenants:
- self.client.delete_tenant(tenant['id'])
+ self.tenants_client.delete_tenant(tenant['id'])
self.data.tenants.remove(tenant)
- body = self.client.list_tenants()['tenants']
+ body = self.tenants_client.list_tenants()['tenants']
found = [tenant for tenant in body if tenant['id'] in tenant_ids]
self.assertFalse(any(found), 'Tenants failed to delete')
@@ -49,60 +49,60 @@
# Create tenant with a description
tenant_name = data_utils.rand_name(name='tenant')
tenant_desc = data_utils.rand_name(name='desc')
- body = self.client.create_tenant(tenant_name,
- description=tenant_desc)['tenant']
- tenant = body
+ body = self.tenants_client.create_tenant(tenant_name,
+ description=tenant_desc)
+ tenant = body['tenant']
self.data.tenants.append(tenant)
- tenant_id = body['id']
- desc1 = body['description']
+ tenant_id = tenant['id']
+ desc1 = tenant['description']
self.assertEqual(desc1, tenant_desc, 'Description should have '
'been sent in response for create')
- body = self.client.show_tenant(tenant_id)['tenant']
+ body = self.tenants_client.show_tenant(tenant_id)['tenant']
desc2 = body['description']
self.assertEqual(desc2, tenant_desc, 'Description does not appear'
'to be set')
- self.client.delete_tenant(tenant_id)
+ self.tenants_client.delete_tenant(tenant_id)
self.data.tenants.remove(tenant)
@test.idempotent_id('670bdddc-1cd7-41c7-b8e2-751cfb67df50')
def test_tenant_create_enabled(self):
# Create a tenant that is enabled
tenant_name = data_utils.rand_name(name='tenant')
- body = self.client.create_tenant(tenant_name, enabled=True)['tenant']
- tenant = body
+ body = self.tenants_client.create_tenant(tenant_name, enabled=True)
+ tenant = body['tenant']
self.data.tenants.append(tenant)
- tenant_id = body['id']
- en1 = body['enabled']
+ tenant_id = tenant['id']
+ en1 = tenant['enabled']
self.assertTrue(en1, 'Enable should be True in response')
- body = self.client.show_tenant(tenant_id)['tenant']
+ body = self.tenants_client.show_tenant(tenant_id)['tenant']
en2 = body['enabled']
self.assertTrue(en2, 'Enable should be True in lookup')
- self.client.delete_tenant(tenant_id)
+ self.tenants_client.delete_tenant(tenant_id)
self.data.tenants.remove(tenant)
@test.idempotent_id('3be22093-b30f-499d-b772-38340e5e16fb')
def test_tenant_create_not_enabled(self):
# Create a tenant that is not enabled
tenant_name = data_utils.rand_name(name='tenant')
- body = self.client.create_tenant(tenant_name, enabled=False)['tenant']
- tenant = body
+ body = self.tenants_client.create_tenant(tenant_name, enabled=False)
+ tenant = body['tenant']
self.data.tenants.append(tenant)
- tenant_id = body['id']
- en1 = body['enabled']
+ tenant_id = tenant['id']
+ en1 = tenant['enabled']
self.assertEqual('false', str(en1).lower(),
'Enable should be False in response')
- body = self.client.show_tenant(tenant_id)['tenant']
+ body = self.tenants_client.show_tenant(tenant_id)['tenant']
en2 = body['enabled']
self.assertEqual('false', str(en2).lower(),
'Enable should be False in lookup')
- self.client.delete_tenant(tenant_id)
+ self.tenants_client.delete_tenant(tenant_id)
self.data.tenants.remove(tenant)
@test.idempotent_id('781f2266-d128-47f3-8bdb-f70970add238')
def test_tenant_update_name(self):
# Update name attribute of a tenant
t_name1 = data_utils.rand_name(name='tenant')
- body = self.client.create_tenant(t_name1)['tenant']
+ body = self.tenants_client.create_tenant(t_name1)['tenant']
tenant = body
self.data.tenants.append(tenant)
@@ -110,18 +110,18 @@
resp1_name = body['name']
t_name2 = data_utils.rand_name(name='tenant2')
- body = self.client.update_tenant(t_id, name=t_name2)['tenant']
+ body = self.tenants_client.update_tenant(t_id, name=t_name2)['tenant']
resp2_name = body['name']
self.assertNotEqual(resp1_name, resp2_name)
- body = self.client.show_tenant(t_id)['tenant']
+ body = self.tenants_client.show_tenant(t_id)['tenant']
resp3_name = body['name']
self.assertNotEqual(resp1_name, resp3_name)
self.assertEqual(t_name1, resp1_name)
self.assertEqual(resp2_name, resp3_name)
- self.client.delete_tenant(t_id)
+ self.tenants_client.delete_tenant(t_id)
self.data.tenants.remove(tenant)
@test.idempotent_id('859fcfe1-3a03-41ef-86f9-b19a47d1cd87')
@@ -129,26 +129,27 @@
# Update description attribute of a tenant
t_name = data_utils.rand_name(name='tenant')
t_desc = data_utils.rand_name(name='desc')
- body = self.client.create_tenant(t_name, description=t_desc)['tenant']
- tenant = body
+ body = self.tenants_client.create_tenant(t_name, description=t_desc)
+ tenant = body['tenant']
self.data.tenants.append(tenant)
- t_id = body['id']
- resp1_desc = body['description']
+ t_id = tenant['id']
+ resp1_desc = tenant['description']
t_desc2 = data_utils.rand_name(name='desc2')
- body = self.client.update_tenant(t_id, description=t_desc2)['tenant']
- resp2_desc = body['description']
+ body = self.tenants_client.update_tenant(t_id, description=t_desc2)
+ updated_tenant = body['tenant']
+ resp2_desc = updated_tenant['description']
self.assertNotEqual(resp1_desc, resp2_desc)
- body = self.client.show_tenant(t_id)['tenant']
+ body = self.tenants_client.show_tenant(t_id)['tenant']
resp3_desc = body['description']
self.assertNotEqual(resp1_desc, resp3_desc)
self.assertEqual(t_desc, resp1_desc)
self.assertEqual(resp2_desc, resp3_desc)
- self.client.delete_tenant(t_id)
+ self.tenants_client.delete_tenant(t_id)
self.data.tenants.remove(tenant)
@test.idempotent_id('8fc8981f-f12d-4c66-9972-2bdcf2bc2e1a')
@@ -156,24 +157,25 @@
# Update the enabled attribute of a tenant
t_name = data_utils.rand_name(name='tenant')
t_en = False
- body = self.client.create_tenant(t_name, enabled=t_en)['tenant']
- tenant = body
+ body = self.tenants_client.create_tenant(t_name, enabled=t_en)
+ tenant = body['tenant']
self.data.tenants.append(tenant)
- t_id = body['id']
- resp1_en = body['enabled']
+ t_id = tenant['id']
+ resp1_en = tenant['enabled']
t_en2 = True
- body = self.client.update_tenant(t_id, enabled=t_en2)['tenant']
- resp2_en = body['enabled']
+ body = self.tenants_client.update_tenant(t_id, enabled=t_en2)
+ updated_tenant = body['tenant']
+ resp2_en = updated_tenant['enabled']
self.assertNotEqual(resp1_en, resp2_en)
- body = self.client.show_tenant(t_id)['tenant']
+ body = self.tenants_client.show_tenant(t_id)['tenant']
resp3_en = body['enabled']
self.assertNotEqual(resp1_en, resp3_en)
self.assertEqual('false', str(resp1_en).lower())
self.assertEqual(resp2_en, resp3_en)
- self.client.delete_tenant(t_id)
+ self.tenants_client.delete_tenant(t_id)
self.data.tenants.remove(tenant)
diff --git a/tempest/api/identity/admin/v2/test_tokens.py b/tempest/api/identity/admin/v2/test_tokens.py
index 0e7a480..cb9250b 100644
--- a/tempest/api/identity/admin/v2/test_tokens.py
+++ b/tempest/api/identity/admin/v2/test_tokens.py
@@ -27,7 +27,7 @@
user_password = data_utils.rand_name(name='pass')
# first:create a tenant
tenant_name = data_utils.rand_name(name='tenant')
- tenant = self.client.create_tenant(tenant_name)['tenant']
+ tenant = self.tenants_client.create_tenant(tenant_name)['tenant']
self.data.tenants.append(tenant)
# second:create a user
user = self.client.create_user(user_name, user_password,
@@ -68,11 +68,11 @@
# Create a couple tenants.
tenant1_name = data_utils.rand_name(name='tenant')
- tenant1 = self.client.create_tenant(tenant1_name)['tenant']
+ tenant1 = self.tenants_client.create_tenant(tenant1_name)['tenant']
self.data.tenants.append(tenant1)
tenant2_name = data_utils.rand_name(name='tenant')
- tenant2 = self.client.create_tenant(tenant2_name)['tenant']
+ tenant2 = self.tenants_client.create_tenant(tenant2_name)['tenant']
self.data.tenants.append(tenant2)
# Create a role
diff --git a/tempest/api/identity/admin/v2/test_users.py b/tempest/api/identity/admin/v2/test_users.py
index 6341106..13d6137 100644
--- a/tempest/api/identity/admin/v2/test_users.py
+++ b/tempest/api/identity/admin/v2/test_users.py
@@ -146,7 +146,7 @@
user_ids.append(user2['id'])
self.data.users.append(user2)
# List of users for the respective tenant ID
- body = (self.client.list_tenant_users(self.data.tenant['id'])
+ body = (self.tenants_client.list_tenant_users(self.data.tenant['id'])
['users'])
for i in body:
fetched_user_ids.append(i['id'])
@@ -182,7 +182,7 @@
second_user['id'],
role['id'])['role']
# List of users with roles for the respective tenant ID
- body = (self.client.list_tenant_users(self.data.tenant['id'])
+ body = (self.tenants_client.list_tenant_users(self.data.tenant['id'])
['users'])
for i in body:
fetched_user_ids.append(i['id'])
diff --git a/tempest/api/identity/admin/v2/test_users_negative.py b/tempest/api/identity/admin/v2/test_users_negative.py
index a88053d..0c7afe8 100644
--- a/tempest/api/identity/admin/v2/test_users_negative.py
+++ b/tempest/api/identity/admin/v2/test_users_negative.py
@@ -247,4 +247,4 @@
# List the users with invalid tenant id
for invalid in invalid_id:
self.assertRaises(lib_exc.NotFound,
- self.client.list_tenant_users, invalid)
+ self.tenants_client.list_tenant_users, invalid)
diff --git a/tempest/api/identity/base.py b/tempest/api/identity/base.py
index 0364f3a..03a0391 100644
--- a/tempest/api/identity/base.py
+++ b/tempest/api/identity/base.py
@@ -35,7 +35,7 @@
@classmethod
def disable_tenant(cls, tenant_name):
tenant = cls.get_tenant_by_name(tenant_name)
- cls.client.update_tenant(tenant['id'], enabled=False)
+ cls.tenants_client.update_tenant(tenant['id'], enabled=False)
@classmethod
def get_user_by_name(cls, name):
@@ -47,7 +47,7 @@
@classmethod
def get_tenant_by_name(cls, name):
try:
- tenants = cls.client.list_tenants()['tenants']
+ tenants = cls.tenants_client.list_tenants()['tenants']
except AttributeError:
tenants = cls.client.list_projects()['projects']
tenant = [t for t in tenants if t['name'] == name]
@@ -75,6 +75,7 @@
super(BaseIdentityV2Test, cls).setup_clients()
cls.non_admin_client = cls.os.identity_public_client
cls.non_admin_token_client = cls.os.token_client
+ cls.non_admin_tenants_client = cls.os.tenants_public_client
@classmethod
def resource_setup(cls):
@@ -95,11 +96,13 @@
cls.client = cls.os_adm.identity_client
cls.non_admin_client = cls.os.identity_client
cls.token_client = cls.os_adm.token_client
+ cls.tenants_client = cls.os_adm.tenants_client
+ cls.non_admin_tenants_client = cls.os.tenants_client
@classmethod
def resource_setup(cls):
super(BaseIdentityV2AdminTest, cls).resource_setup()
- cls.data = DataGenerator(cls.client)
+ cls.data = DataGenerator(cls.client, cls.tenants_client)
@classmethod
def resource_cleanup(cls):
@@ -184,8 +187,10 @@
class DataGenerator(object):
- def __init__(self, client):
+ def __init__(self, client, tenants_client=None):
self.client = client
+ # TODO(dmellado) split Datagenerator for v2 and v3
+ self.tenants_client = tenants_client
self.users = []
self.tenants = []
self.roles = []
@@ -219,7 +224,7 @@
"""Set up a test tenant."""
self.test_tenant = data_utils.rand_name('test_tenant')
self.test_description = data_utils.rand_name('desc')
- self.tenant = self.client.create_tenant(
+ self.tenant = self.tenants_client.create_tenant(
name=self.test_tenant,
description=self.test_description)['tenant']
self.tenants.append(self.tenant)
@@ -287,7 +292,7 @@
for user in self.users:
self._try_wrapper(self.client.delete_user, user)
for tenant in self.tenants:
- self._try_wrapper(self.client.delete_tenant, tenant)
+ self._try_wrapper(self.tenants_client.delete_tenant, tenant)
for role in self.roles:
self._try_wrapper(self.client.delete_role, role)
for v3_user in self.v3_users:
diff --git a/tempest/api/identity/v2/test_tenants.py b/tempest/api/identity/v2/test_tenants.py
index 1fcff8d..4e31557 100644
--- a/tempest/api/identity/v2/test_tenants.py
+++ b/tempest/api/identity/v2/test_tenants.py
@@ -26,7 +26,7 @@
@test.idempotent_id('ecae2459-243d-4ba1-ad02-65f15dc82b78')
def test_list_tenants_returns_only_authorized_tenants(self):
alt_tenant_name = self.alt_manager.credentials.credentials.tenant_name
- resp = self.non_admin_client.list_tenants()
+ resp = self.non_admin_tenants_client.list_tenants()
# check that user can see only that tenants that he presents in so user
# can successfully authenticate using his credentials and tenant name
diff --git a/tempest/clients.py b/tempest/clients.py
index 0a3f2dd..b89340d 100644
--- a/tempest/clients.py
+++ b/tempest/clients.py
@@ -89,6 +89,8 @@
DatabaseVersionsClient
from tempest.services.identity.v2.json.identity_client import \
IdentityClient
+from tempest.services.identity.v2.json.tenants_client import \
+ TenantsClient
from tempest.services.identity.v3.json.credentials_client import \
CredentialsClient as CredentialsV3Client
from tempest.services.identity.v3.json.endpoints_client import \
@@ -423,12 +425,16 @@
# Client uses admin endpoint type of Keystone API v2
self.identity_client = IdentityClient(self.auth_provider,
**params_v2_admin)
+ self.tenants_client = TenantsClient(self.auth_provider,
+ **params_v2_admin)
params_v2_public = params.copy()
params_v2_public['endpoint_type'] = (
CONF.identity.v2_public_endpoint_type)
# Client uses public endpoint type of Keystone API v2
self.identity_public_client = IdentityClient(self.auth_provider,
**params_v2_public)
+ self.tenants_public_client = TenantsClient(self.auth_provider,
+ **params_v2_public)
params_v3 = params.copy()
params_v3['endpoint_type'] = CONF.identity.v3_endpoint_type
# Clients below use the endpoint type of Keystone API v3
diff --git a/tempest/cmd/account_generator.py b/tempest/cmd/account_generator.py
index 613fb26..64c9b00 100755
--- a/tempest/cmd/account_generator.py
+++ b/tempest/cmd/account_generator.py
@@ -93,6 +93,7 @@
from tempest import config
from tempest import exceptions as exc
from tempest.services.identity.v2.json import identity_client
+from tempest.services.identity.v2.json import tenants_client
from tempest.services.network.json import network_client
from tempest.services.network.json import networks_client
from tempest.services.network.json import subnets_client
@@ -138,6 +139,13 @@
endpoint_type='adminURL',
**params
)
+ tenants_admin = tenants_client.TenantsClient(
+ _auth,
+ CONF.identity.catalog_type,
+ CONF.identity.region,
+ endpoint_type='adminURL',
+ **params
+ )
network_admin = None
networks_admin = None
subnets_admin = None
@@ -163,12 +171,12 @@
CONF.network.region or CONF.identity.region,
endpoint_type='adminURL',
**params)
- return (identity_admin, neutron_iso_networks, network_admin,
+ return (identity_admin, tenants_admin, neutron_iso_networks, network_admin,
networks_admin, subnets_admin)
def create_resources(opts, resources):
- (identity_admin, neutron_iso_networks,
+ (identity_admin, tenants_admin, neutron_iso_networks,
network_admin, networks_admin, subnets_admin) = get_admin_clients(opts)
roles = identity_admin.list_roles()['roles']
for u in resources['users']:
@@ -180,22 +188,22 @@
msg = "Role: %s doesn't exist" % r
raise exc.InvalidConfiguration(msg)
u['role_ids'] += [role['id']]
- existing = [x['name'] for x in identity_admin.list_tenants()['tenants']]
+ existing = [x['name'] for x in tenants_admin.list_tenants()['tenants']]
for tenant in resources['tenants']:
if tenant not in existing:
- identity_admin.create_tenant(tenant)
+ tenants_admin.create_tenant(tenant)
else:
LOG.warn("Tenant '%s' already exists in this environment" % tenant)
LOG.info('Tenants created')
for u in resources['users']:
try:
- tenant = identity.get_tenant_by_name(identity_admin, u['tenant'])
+ tenant = identity.get_tenant_by_name(tenants_admin, u['tenant'])
except tempest_lib.exceptions.NotFound:
LOG.error("Tenant: %s - not found" % u['tenant'])
continue
while True:
try:
- identity.get_user_by_username(identity_admin,
+ identity.get_user_by_username(tenants_admin,
tenant['id'], u['name'])
except tempest_lib.exceptions.NotFound:
identity_admin.create_user(
@@ -211,7 +219,7 @@
LOG.info('Users created')
if neutron_iso_networks:
for u in resources['users']:
- tenant = identity.get_tenant_by_name(identity_admin, u['tenant'])
+ tenant = identity.get_tenant_by_name(tenants_admin, u['tenant'])
network_name, router_name = create_network_resources(
network_admin, networks_admin, subnets_admin, tenant['id'],
u['name'])
@@ -220,12 +228,12 @@
LOG.info('Networks created')
for u in resources['users']:
try:
- tenant = identity.get_tenant_by_name(identity_admin, u['tenant'])
+ tenant = identity.get_tenant_by_name(tenants_admin, u['tenant'])
except tempest_lib.exceptions.NotFound:
LOG.error("Tenant: %s - not found" % u['tenant'])
continue
try:
- user = identity.get_user_by_username(identity_admin,
+ user = identity.get_user_by_username(tenants_admin,
tenant['id'], u['name'])
except tempest_lib.exceptions.NotFound:
LOG.error("User: %s - not found" % u['user'])
diff --git a/tempest/cmd/cleanup_service.py b/tempest/cmd/cleanup_service.py
index 98af9c1..4455083 100644
--- a/tempest/cmd/cleanup_service.py
+++ b/tempest/cmd/cleanup_service.py
@@ -85,10 +85,10 @@
def _get_network_id(net_name, tenant_name):
am = credentials.AdminManager()
net_cl = am.networks_client
- id_cl = am.identity_client
+ tn_cl = am.tenants_client
networks = net_cl.list_networks()
- tenant = identity.get_tenant_by_name(id_cl, tenant_name)
+ tenant = identity.get_tenant_by_name(tn_cl, tenant_name)
t_id = tenant['id']
n_id = None
for net in networks['networks']:
@@ -895,9 +895,12 @@
class TenantService(IdentityService):
+ def __init__(self, manager, **kwargs):
+ super(TenantService, self).__init__(kwargs)
+ self.client = manager.tenants_client
+
def list(self):
- client = self.client
- tenants = client.list_tenants()['tenants']
+ tenants = self.client.list_tenants()['tenants']
if not self.is_save_state:
tenants = [tenant for tenant in tenants if (tenant['id']
not in self.saved_state_json['tenants'].keys()
@@ -911,11 +914,10 @@
return tenants
def delete(self):
- client = self.client
tenants = self.list()
for tenant in tenants:
try:
- client.delete_tenant(tenant['id'])
+ self.client.delete_tenant(tenant['id'])
except Exception:
LOG.exception("Delete Tenant exception.")
diff --git a/tempest/cmd/javelin.py b/tempest/cmd/javelin.py
index c5e4a7e..a4574b2 100755
--- a/tempest/cmd/javelin.py
+++ b/tempest/cmd/javelin.py
@@ -128,6 +128,7 @@
from tempest.services.compute.json import security_group_rules_client
from tempest.services.compute.json import servers_client
from tempest.services.identity.v2.json import identity_client
+from tempest.services.identity.v2.json import tenants_client
from tempest.services.image.v2.json import images_client
from tempest.services.network.json import network_client
from tempest.services.network.json import subnets_client
@@ -199,6 +200,12 @@
CONF.identity.region,
endpoint_type='adminURL',
**default_params_with_timeout_values)
+ self.tenants = tenants_client.TenantsClient(
+ _auth,
+ CONF.identity.catalog_type,
+ CONF.identity.region,
+ endpoint_type='adminURL',
+ **default_params_with_timeout_values)
self.servers = servers_client.ServersClient(_auth,
**compute_params)
self.flavors = flavors_client.FlavorsClient(_auth,
@@ -291,11 +298,11 @@
Don't create the tenants if they already exist.
"""
admin = keystone_admin()
- body = admin.identity.list_tenants()['tenants']
+ body = admin.tenants.list_tenants()['tenants']
existing = [x['name'] for x in body]
for tenant in tenants:
if tenant not in existing:
- admin.identity.create_tenant(tenant)['tenant']
+ admin.tenants.create_tenant(tenant)['tenant']
else:
LOG.warn("Tenant '%s' already exists in this environment" % tenant)
@@ -303,8 +310,8 @@
def destroy_tenants(tenants):
admin = keystone_admin()
for tenant in tenants:
- tenant_id = identity.get_tenant_by_name(admin.identity, tenant)['id']
- admin.identity.delete_tenant(tenant_id)
+ tenant_id = identity.get_tenant_by_name(admin.tenant, tenant)['id']
+ admin.tenants.delete_tenant(tenant_id)
##############
#
@@ -355,7 +362,7 @@
admin = keystone_admin()
for u in users:
try:
- tenant = identity.get_tenant_by_name(admin.identity, u['tenant'])
+ tenant = identity.get_tenant_by_name(admin.tenants, u['tenant'])
except lib_exc.NotFound:
LOG.error("Tenant: %s - not found" % u['tenant'])
continue
@@ -374,7 +381,7 @@
def destroy_users(users):
admin = keystone_admin()
for user in users:
- tenant_id = identity.get_tenant_by_name(admin.identity,
+ tenant_id = identity.get_tenant_by_name(admin.tenants,
user['tenant'])['id']
user_id = identity.get_user_by_username(admin.identity,
tenant_id, user['name'])['id']
@@ -386,7 +393,7 @@
LOG.info("Collecting users")
admin = keystone_admin()
for u in users:
- tenant = identity.get_tenant_by_name(admin.identity, u['tenant'])
+ tenant = identity.get_tenant_by_name(admin.tenants, u['tenant'])
u['tenant_id'] = tenant['id']
USERS[u['name']] = u
body = identity.get_user_by_username(admin.identity,
diff --git a/tempest/common/cred_client.py b/tempest/common/cred_client.py
index 13baafb..94515dc 100644
--- a/tempest/common/cred_client.py
+++ b/tempest/common/cred_client.py
@@ -31,9 +31,12 @@
admin credentials used for generating credentials.
"""
- def __init__(self, identity_client):
+ def __init__(self, identity_client, projects_client=None):
# The client implies version and credentials
self.identity_client = identity_client
+ # this is temporary until the v3 project client is
+ # separated, then projects_client will become mandatory
+ self.projects_client = projects_client or identity_client
def create_user(self, username, password, project, email):
user = self.identity_client.create_user(
@@ -91,8 +94,11 @@
class V2CredsClient(CredsClient):
+ def __init__(self, identity_client, projects_client):
+ super(V2CredsClient, self).__init__(identity_client, projects_client)
+
def create_project(self, name, description):
- tenant = self.identity_client.create_tenant(
+ tenant = self.projects_client.create_tenant(
name=name, description=description)['tenant']
return tenant
@@ -108,7 +114,7 @@
password=password)
def delete_project(self, project_id):
- self.identity_client.delete_tenant(project_id)
+ self.projects_client.delete_tenant(project_id)
class V3CredsClient(CredsClient):
@@ -152,8 +158,10 @@
return roles
-def get_creds_client(identity_client, project_domain_name=None):
+def get_creds_client(identity_client,
+ projects_client=None,
+ project_domain_name=None):
if isinstance(identity_client, v2_identity.IdentityClient):
- return V2CredsClient(identity_client)
+ return V2CredsClient(identity_client, projects_client)
else:
return V3CredsClient(identity_client, project_domain_name)
diff --git a/tempest/common/dynamic_creds.py b/tempest/common/dynamic_creds.py
index e950c3e..813d94f 100644
--- a/tempest/common/dynamic_creds.py
+++ b/tempest/common/dynamic_creds.py
@@ -57,7 +57,8 @@
self._creds = {}
self.ports = []
self.default_admin_creds = admin_creds
- (self.identity_admin_client, self.network_admin_client,
+ (self.identity_admin_client, self.tenants_admin_client,
+ self.network_admin_client,
self.networks_admin_client,
self.subnets_admin_client,
self.ports_admin_client) = self._get_admin_clients()
@@ -69,7 +70,9 @@
self.default_admin_creds.project_domain_name or
self.credentials_domain)
self.creds_client = cred_client.get_creds_client(
- self.identity_admin_client, self.creds_domain_name)
+ self.identity_admin_client,
+ self.tenants_admin_client,
+ self.creds_domain_name)
def _get_admin_clients(self):
"""Returns a tuple with instances of the following admin clients
@@ -80,10 +83,10 @@
"""
os = clients.Manager(self.default_admin_creds)
if self.identity_version == 'v2':
- return (os.identity_client, os.network_client, os.networks_client,
- os.subnets_client, os.ports_client)
+ return (os.identity_client, os.tenants_client, os.network_client,
+ os.networks_client, os.subnets_client, os.ports_client)
else:
- return (os.identity_v3_client, os.network_client,
+ return (os.identity_v3_client, None, os.network_client,
os.networks_client, os.subnets_client, os.ports_client)
def _create_creds(self, suffix="", admin=False, roles=None):
diff --git a/tempest/services/identity/v2/json/identity_client.py b/tempest/services/identity/v2/json/identity_client.py
index 3e7a598..f80e22d 100644
--- a/tempest/services/identity/v2/json/identity_client.py
+++ b/tempest/services/identity/v2/json/identity_client.py
@@ -44,24 +44,6 @@
body = json.loads(body)
return service_client.ResponseBody(resp, body)
- def create_tenant(self, name, **kwargs):
- """Create a tenant
-
- name (required): New tenant name
- description: Description of new tenant (default is none)
- enabled <true|false>: Initial tenant status (default is true)
- """
- post_body = {
- 'name': name,
- 'description': kwargs.get('description', ''),
- 'enabled': kwargs.get('enabled', True),
- }
- post_body = json.dumps({'tenant': post_body})
- resp, body = self.post('tenants', post_body)
- self.expected_success(200, resp.status)
- body = json.loads(body)
- return service_client.ResponseBody(resp, body)
-
def delete_role(self, role_id):
"""Delete a role."""
resp, body = self.delete('OS-KSADM/roles/%s' % str(role_id))
@@ -91,19 +73,6 @@
self.expected_success(204, resp.status)
return service_client.ResponseBody(resp, body)
- def delete_tenant(self, tenant_id):
- """Delete a tenant."""
- resp, body = self.delete('tenants/%s' % str(tenant_id))
- self.expected_success(204, resp.status)
- return service_client.ResponseBody(resp, body)
-
- def show_tenant(self, tenant_id):
- """Get tenant details."""
- resp, body = self.get('tenants/%s' % str(tenant_id))
- self.expected_success(200, resp.status)
- body = json.loads(body)
- return service_client.ResponseBody(resp, body)
-
def list_roles(self):
"""Returns roles."""
resp, body = self.get('OS-KSADM/roles')
@@ -111,31 +80,6 @@
body = json.loads(body)
return service_client.ResponseBody(resp, body)
- def list_tenants(self):
- """Returns tenants."""
- resp, body = self.get('tenants')
- self.expected_success(200, resp.status)
- body = json.loads(body)
- return service_client.ResponseBody(resp, body)
-
- def update_tenant(self, tenant_id, **kwargs):
- """Updates a tenant."""
- body = self.show_tenant(tenant_id)['tenant']
- name = kwargs.get('name', body['name'])
- desc = kwargs.get('description', body['description'])
- en = kwargs.get('enabled', body['enabled'])
- post_body = {
- 'id': tenant_id,
- 'name': name,
- 'description': desc,
- 'enabled': en,
- }
- post_body = json.dumps({'tenant': post_body})
- resp, body = self.post('tenants/%s' % tenant_id, post_body)
- self.expected_success(200, resp.status)
- body = json.loads(body)
- return service_client.ResponseBody(resp, body)
-
def create_user(self, name, password, tenant_id, email, **kwargs):
"""Create a user."""
post_body = {
@@ -205,13 +149,6 @@
self.expected_success(204, resp.status)
return service_client.ResponseBody(resp, body)
- def list_tenant_users(self, tenant_id):
- """List users for a Tenant."""
- resp, body = self.get('/tenants/%s/users' % tenant_id)
- self.expected_success(200, resp.status)
- body = json.loads(body)
- return service_client.ResponseBody(resp, body)
-
def create_service(self, name, type, **kwargs):
"""Create a service."""
post_body = {
diff --git a/tempest/services/identity/v2/json/tenants_client.py b/tempest/services/identity/v2/json/tenants_client.py
new file mode 100644
index 0000000..937ae6f
--- /dev/null
+++ b/tempest/services/identity/v2/json/tenants_client.py
@@ -0,0 +1,84 @@
+# Copyright 2015 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from oslo_serialization import jsonutils as json
+
+from tempest.common import service_client
+
+
+class TenantsClient(service_client.ServiceClient):
+ api_version = "v2.0"
+
+ def create_tenant(self, name, **kwargs):
+ """Create a tenant
+
+ name (required): New tenant name
+ description: Description of new tenant (default is none)
+ enabled <true|false>: Initial tenant status (default is true)
+ """
+ post_body = {
+ 'name': name,
+ 'description': kwargs.get('description', ''),
+ 'enabled': kwargs.get('enabled', True),
+ }
+ post_body = json.dumps({'tenant': post_body})
+ resp, body = self.post('tenants', post_body)
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return service_client.ResponseBody(resp, body)
+
+ def delete_tenant(self, tenant_id):
+ """Delete a tenant."""
+ resp, body = self.delete('tenants/%s' % str(tenant_id))
+ self.expected_success(204, resp.status)
+ return service_client.ResponseBody(resp, body)
+
+ def show_tenant(self, tenant_id):
+ """Get tenant details."""
+ resp, body = self.get('tenants/%s' % str(tenant_id))
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return service_client.ResponseBody(resp, body)
+
+ def list_tenants(self):
+ """Returns tenants."""
+ resp, body = self.get('tenants')
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return service_client.ResponseBody(resp, body)
+
+ def update_tenant(self, tenant_id, **kwargs):
+ """Updates a tenant."""
+ body = self.show_tenant(tenant_id)['tenant']
+ name = kwargs.get('name', body['name'])
+ desc = kwargs.get('description', body['description'])
+ en = kwargs.get('enabled', body['enabled'])
+ post_body = {
+ 'id': tenant_id,
+ 'name': name,
+ 'description': desc,
+ 'enabled': en,
+ }
+ post_body = json.dumps({'tenant': post_body})
+ resp, body = self.post('tenants/%s' % tenant_id, post_body)
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return service_client.ResponseBody(resp, body)
+
+ def list_tenant_users(self, tenant_id):
+ """List users for a Tenant."""
+ resp, body = self.get('/tenants/%s/users' % tenant_id)
+ self.expected_success(200, resp.status)
+ body = json.loads(body)
+ return service_client.ResponseBody(resp, body)
diff --git a/tempest/stress/cleanup.py b/tempest/stress/cleanup.py
index 993359d..0ec197d 100644
--- a/tempest/stress/cleanup.py
+++ b/tempest/stress/cleanup.py
@@ -74,12 +74,11 @@
for user in users:
if user['name'].startswith("stress_user"):
admin_manager.identity_client.delete_user(user['id'])
-
- tenants = admin_manager.identity_client.list_tenants()['tenants']
+ tenants = admin_manager.tenants_client.list_tenants()['tenants']
LOG.info("Cleanup::remove %s tenants" % len(tenants))
for tenant in tenants:
if tenant['name'].startswith("stress_tenant"):
- admin_manager.identity_client.delete_tenant(tenant['id'])
+ admin_manager.tenants_client.delete_tenant(tenant['id'])
# We have to delete snapshots first or
# volume deletion may block
diff --git a/tempest/stress/driver.py b/tempest/stress/driver.py
index 8359efd..cac848b 100644
--- a/tempest/stress/driver.py
+++ b/tempest/stress/driver.py
@@ -146,14 +146,16 @@
password = "pass"
if CONF.identity.auth_version == 'v2':
identity_client = admin_manager.identity_client
+ projects_client = admin_manager.tenants_client
else:
identity_client = admin_manager.identity_v3_client
+ projects_client = None
credentials_client = cred_client.get_creds_client(
- identity_client)
+ identity_client, projects_client)
project = credentials_client.create_project(
name=tenant_name, description=tenant_name)
user = credentials_client.create_user(username, password,
- project['id'], "email")
+ project, "email")
# Add roles specified in config file
for conf_role in CONF.auth.tempest_roles:
credentials_client.assign_user_role(user, project,
diff --git a/tempest/test.py b/tempest/test.py
index 30eb93d..8e961f4 100644
--- a/tempest/test.py
+++ b/tempest/test.py
@@ -436,15 +436,18 @@
"""
if CONF.identity.auth_version == 'v2':
client = self.os_admin.identity_client
+ project_client = self.os_admin.tenants_client
else:
client = self.os_admin.identity_v3_client
+ project_client = None
try:
domain = client.auth_provider.credentials.project_domain_name
except AttributeError:
domain = 'Default'
- return cred_client.get_creds_client(client, domain)
+ return cred_client.get_creds_client(client, project_client,
+ project_domain_name=domain)
@classmethod
def get_identity_version(cls):
diff --git a/tempest/tests/cmd/test_javelin.py b/tempest/tests/cmd/test_javelin.py
index d328d56..56bc96c 100644
--- a/tempest/tests/cmd/test_javelin.py
+++ b/tempest/tests/cmd/test_javelin.py
@@ -85,24 +85,24 @@
class TestCreateResources(JavelinUnitTest):
def test_create_tenants(self):
- self.fake_client.identity.list_tenants.return_value = {'tenants': []}
+ self.fake_client.tenants.list_tenants.return_value = {'tenants': []}
self.useFixture(mockpatch.PatchObject(javelin, "keystone_admin",
return_value=self.fake_client))
javelin.create_tenants([self.fake_object['name']])
- mocked_function = self.fake_client.identity.create_tenant
+ mocked_function = self.fake_client.tenants.create_tenant
mocked_function.assert_called_once_with(self.fake_object['name'])
def test_create_duplicate_tenant(self):
- self.fake_client.identity.list_tenants.return_value = {'tenants': [
+ self.fake_client.tenants.list_tenants.return_value = {'tenants': [
{'name': self.fake_object['name']}]}
self.useFixture(mockpatch.PatchObject(javelin, "keystone_admin",
return_value=self.fake_client))
javelin.create_tenants([self.fake_object['name']])
- mocked_function = self.fake_client.identity.create_tenant
+ mocked_function = self.fake_client.tenants.create_tenant
self.assertFalse(mocked_function.called)
def test_create_users(self):
@@ -299,7 +299,7 @@
return_value=fake_auth))
javelin.destroy_tenants([fake_tenant])
- mocked_function = fake_auth.identity.delete_tenant
+ mocked_function = fake_auth.tenants.delete_tenant
mocked_function.assert_called_once_with(fake_tenant['id'])
def test_destroy_users(self):
@@ -308,7 +308,7 @@
fake_tenant = self.fake_object['tenant']
fake_auth = self.fake_client
- fake_auth.identity.list_tenants.return_value = \
+ fake_auth.tenants.list_tenants.return_value = \
{'tenants': [fake_tenant]}
fake_auth.identity.list_users.return_value = {'users': [fake_user]}
diff --git a/tempest/tests/common/test_dynamic_creds.py b/tempest/tests/common/test_dynamic_creds.py
index 78064a7..10acd14 100644
--- a/tempest/tests/common/test_dynamic_creds.py
+++ b/tempest/tests/common/test_dynamic_creds.py
@@ -24,6 +24,8 @@
from tempest import exceptions
from tempest.services.identity.v2.json import identity_client as \
json_iden_client
+from tempest.services.identity.v2.json import tenants_client as \
+ json_tenants_client
from tempest.services.network.json import network_client as json_network_client
from tempest.tests import base
from tempest.tests import fake_config
@@ -74,7 +76,7 @@
def _mock_tenant_create(self, id, name):
tenant_fix = self.useFixture(mockpatch.PatchObject(
- json_iden_client.IdentityClient,
+ json_tenants_client.TenantsClient,
'create_tenant',
return_value=(service_client.ResponseBody
(200, {'tenant': {'id': id, 'name': name}}))))
@@ -240,8 +242,8 @@
'tempest.services.identity.v2.json.identity_client.'
'IdentityClient.delete_user')
tenant_mock = self.patch(
- 'tempest.services.identity.v2.json.identity_client.'
- 'IdentityClient.delete_tenant')
+ 'tempest.services.identity.v2.json.tenants_client.'
+ 'TenantsClient.delete_tenant')
creds.clear_creds()
# Verify user delete calls
calls = user_mock.mock_calls
@@ -371,8 +373,8 @@
creds.get_admin_creds()
self.patch('tempest.services.identity.v2.json.identity_client.'
'IdentityClient.delete_user')
- self.patch('tempest.services.identity.v2.json.identity_client.'
- 'IdentityClient.delete_tenant')
+ self.patch('tempest.services.identity.v2.json.tenants_client.'
+ 'TenantsClient.delete_tenant')
net = mock.patch.object(creds.networks_admin_client,
'delete_network')
net_mock = net.start()