Make v2 and v3 identity apis configurable
This commit adds a config option to the identity feature enabled group
to specify whether the v2 and/or v3 apis are enabled in keystone. In
the process of adding this feature the logical split between v2 and v3
tests in the identity api tests is made more clear. Additionally as part,
of the split several bugs are fixed where the v2 api was being called
in the v3 tests.
Change-Id: I0d727f3567c82fe512b956110bb813119ced0b3d
diff --git a/etc/tempest.conf.sample b/etc/tempest.conf.sample
index 990cb37..3978024 100644
--- a/etc/tempest.conf.sample
+++ b/etc/tempest.conf.sample
@@ -454,6 +454,12 @@
# enabled (boolean value)
#trust=true
+# Is the v2 identity API enabled (boolean value)
+#api_v2=true
+
+# Is the v3 identity API enabled (boolean value)
+#api_v3=true
+
[image]
diff --git a/tempest/api/identity/admin/test_roles.py b/tempest/api/identity/admin/test_roles.py
index f1124e4..aa64969 100644
--- a/tempest/api/identity/admin/test_roles.py
+++ b/tempest/api/identity/admin/test_roles.py
@@ -18,7 +18,7 @@
from tempest.test import attr
-class RolesTestJSON(base.BaseIdentityAdminTest):
+class RolesTestJSON(base.BaseIdentityV2AdminTest):
_interface = 'json'
@classmethod
diff --git a/tempest/api/identity/admin/test_roles_negative.py b/tempest/api/identity/admin/test_roles_negative.py
index e5c04de..7a0bdea 100644
--- a/tempest/api/identity/admin/test_roles_negative.py
+++ b/tempest/api/identity/admin/test_roles_negative.py
@@ -21,7 +21,7 @@
from tempest.test import attr
-class RolesNegativeTestJSON(base.BaseIdentityAdminTest):
+class RolesNegativeTestJSON(base.BaseIdentityV2AdminTest):
_interface = 'json'
def _get_role_params(self):
diff --git a/tempest/api/identity/admin/test_services.py b/tempest/api/identity/admin/test_services.py
index 8ba333f..cbf6b58 100644
--- a/tempest/api/identity/admin/test_services.py
+++ b/tempest/api/identity/admin/test_services.py
@@ -20,7 +20,7 @@
from tempest.test import attr
-class ServicesTestJSON(base.BaseIdentityAdminTest):
+class ServicesTestJSON(base.BaseIdentityV2AdminTest):
_interface = 'json'
def _del_service(self, service_id):
diff --git a/tempest/api/identity/admin/test_tenant_negative.py b/tempest/api/identity/admin/test_tenant_negative.py
index e9eddc8..44b54b8 100644
--- a/tempest/api/identity/admin/test_tenant_negative.py
+++ b/tempest/api/identity/admin/test_tenant_negative.py
@@ -21,7 +21,7 @@
from tempest.test import attr
-class TenantsNegativeTestJSON(base.BaseIdentityAdminTest):
+class TenantsNegativeTestJSON(base.BaseIdentityV2AdminTest):
_interface = 'json'
@attr(type=['negative', 'gate'])
diff --git a/tempest/api/identity/admin/test_tenants.py b/tempest/api/identity/admin/test_tenants.py
index 46fa7a9..c7cacb4 100644
--- a/tempest/api/identity/admin/test_tenants.py
+++ b/tempest/api/identity/admin/test_tenants.py
@@ -18,7 +18,7 @@
from tempest.test import attr
-class TenantsTestJSON(base.BaseIdentityAdminTest):
+class TenantsTestJSON(base.BaseIdentityV2AdminTest):
_interface = 'json'
@attr(type='gate')
diff --git a/tempest/api/identity/admin/test_tokens.py b/tempest/api/identity/admin/test_tokens.py
index 620e293..239433b 100644
--- a/tempest/api/identity/admin/test_tokens.py
+++ b/tempest/api/identity/admin/test_tokens.py
@@ -18,7 +18,7 @@
from tempest.test import attr
-class TokensTestJSON(base.BaseIdentityAdminTest):
+class TokensTestJSON(base.BaseIdentityV2AdminTest):
_interface = 'json'
@attr(type='gate')
diff --git a/tempest/api/identity/admin/test_users.py b/tempest/api/identity/admin/test_users.py
index 39ef947..898cccc 100644
--- a/tempest/api/identity/admin/test_users.py
+++ b/tempest/api/identity/admin/test_users.py
@@ -20,7 +20,7 @@
from tempest.test import attr
-class UsersTestJSON(base.BaseIdentityAdminTest):
+class UsersTestJSON(base.BaseIdentityV2AdminTest):
_interface = 'json'
@classmethod
diff --git a/tempest/api/identity/admin/test_users_negative.py b/tempest/api/identity/admin/test_users_negative.py
index e9e7818..195e558 100644
--- a/tempest/api/identity/admin/test_users_negative.py
+++ b/tempest/api/identity/admin/test_users_negative.py
@@ -20,7 +20,7 @@
import uuid
-class UsersNegativeTestJSON(base.BaseIdentityAdminTest):
+class UsersNegativeTestJSON(base.BaseIdentityV2AdminTest):
_interface = 'json'
@classmethod
diff --git a/tempest/api/identity/admin/v3/test_credentials.py b/tempest/api/identity/admin/v3/test_credentials.py
index 753eaa6..5f22d43 100644
--- a/tempest/api/identity/admin/v3/test_credentials.py
+++ b/tempest/api/identity/admin/v3/test_credentials.py
@@ -18,7 +18,7 @@
from tempest.test import attr
-class CredentialsTestJSON(base.BaseIdentityAdminTest):
+class CredentialsTestJSON(base.BaseIdentityV3AdminTest):
_interface = 'json'
@classmethod
@@ -32,23 +32,23 @@
u_email = '%s@testmail.tm' % u_name
u_password = data_utils.rand_name('pass-')
for i in range(2):
- resp, cls.project = cls.v3_client.create_project(
+ resp, cls.project = cls.client.create_project(
data_utils.rand_name('project-'),
description=data_utils.rand_name('project-desc-'))
assert resp['status'] == '201', "Expected %s" % resp['status']
cls.projects.append(cls.project['id'])
- resp, cls.user_body = cls.v3_client.create_user(
+ resp, cls.user_body = cls.client.create_user(
u_name, description=u_desc, password=u_password,
email=u_email, project_id=cls.projects[0])
assert resp['status'] == '201', "Expected: %s" % resp['status']
@classmethod
def tearDownClass(cls):
- resp, _ = cls.v3_client.delete_user(cls.user_body['id'])
+ resp, _ = cls.client.delete_user(cls.user_body['id'])
assert resp['status'] == '204', "Expected: %s" % resp['status']
for p in cls.projects:
- resp, _ = cls.v3_client.delete_project(p)
+ resp, _ = cls.client.delete_project(p)
assert resp['status'] == '204', "Expected: %s" % resp['status']
super(CredentialsTestJSON, cls).tearDownClass()
diff --git a/tempest/api/identity/admin/v3/test_domains.py b/tempest/api/identity/admin/v3/test_domains.py
index 4017b62..086d235 100644
--- a/tempest/api/identity/admin/v3/test_domains.py
+++ b/tempest/api/identity/admin/v3/test_domains.py
@@ -19,14 +19,14 @@
from tempest.test import attr
-class DomainsTestJSON(base.BaseIdentityAdminTest):
+class DomainsTestJSON(base.BaseIdentityV3AdminTest):
_interface = 'json'
def _delete_domain(self, domain_id):
# It is necessary to disable the domain before deleting,
# or else it would result in unauthorized error
- _, body = self.v3_client.update_domain(domain_id, enabled=False)
- resp, _ = self.v3_client.delete_domain(domain_id)
+ _, body = self.client.update_domain(domain_id, enabled=False)
+ resp, _ = self.client.delete_domain(domain_id)
self.assertEqual(204, resp.status)
@attr(type='smoke')
@@ -35,14 +35,14 @@
domain_ids = list()
fetched_ids = list()
for _ in range(3):
- _, domain = self.v3_client.create_domain(
+ _, domain = self.client.create_domain(
data_utils.rand_name('domain-'),
description=data_utils.rand_name('domain-desc-'))
# Delete the domain at the end of this method
self.addCleanup(self._delete_domain, domain['id'])
domain_ids.append(domain['id'])
# List and Verify Domains
- resp, body = self.v3_client.list_domains()
+ resp, body = self.client.list_domains()
self.assertEqual(resp['status'], '200')
for d in body:
fetched_ids.append(d['id'])
@@ -53,7 +53,7 @@
def test_create_update_delete_domain(self):
d_name = data_utils.rand_name('domain-')
d_desc = data_utils.rand_name('domain-desc-')
- resp_1, domain = self.v3_client.create_domain(
+ resp_1, domain = self.client.create_domain(
d_name, description=d_desc)
self.assertEqual(resp_1['status'], '201')
self.addCleanup(self._delete_domain, domain['id'])
@@ -72,7 +72,7 @@
new_desc = data_utils.rand_name('new-desc-')
new_name = data_utils.rand_name('new-name-')
- resp_2, updated_domain = self.v3_client.update_domain(
+ resp_2, updated_domain = self.client.update_domain(
domain['id'], name=new_name, description=new_desc)
self.assertEqual(resp_2['status'], '200')
self.assertIn('id', updated_domain)
@@ -85,7 +85,7 @@
self.assertEqual(new_desc, updated_domain['description'])
self.assertEqual('true', str(updated_domain['enabled']).lower())
- resp_3, fetched_domain = self.v3_client.get_domain(domain['id'])
+ resp_3, fetched_domain = self.client.get_domain(domain['id'])
self.assertEqual(resp_3['status'], '200')
self.assertEqual(new_name, fetched_domain['name'])
self.assertEqual(new_desc, fetched_domain['description'])
diff --git a/tempest/api/identity/admin/v3/test_endpoints.py b/tempest/api/identity/admin/v3/test_endpoints.py
index 4ae7884..78ecf93 100644
--- a/tempest/api/identity/admin/v3/test_endpoints.py
+++ b/tempest/api/identity/admin/v3/test_endpoints.py
@@ -18,7 +18,7 @@
from tempest.test import attr
-class EndPointsTestJSON(base.BaseIdentityAdminTest):
+class EndPointsTestJSON(base.BaseIdentityV3AdminTest):
_interface = 'json'
@classmethod
@@ -31,8 +31,8 @@
s_type = data_utils.rand_name('type--')
s_description = data_utils.rand_name('description-')
resp, cls.service_data =\
- cls.identity_client.create_service(s_name, s_type,
- description=s_description)
+ cls.service_client.create_service(s_name, s_type,
+ description=s_description)
cls.service_id = cls.service_data['id']
cls.service_ids.append(cls.service_id)
# Create endpoints so as to use for LIST and GET test cases
@@ -50,7 +50,7 @@
for e in cls.setup_endpoints:
cls.client.delete_endpoint(e['id'])
for s in cls.service_ids:
- cls.identity_client.delete_service(s)
+ cls.service_client.delete_service(s)
super(EndPointsTestJSON, cls).tearDownClass()
@attr(type='gate')
@@ -107,8 +107,8 @@
s_type = data_utils.rand_name('type--')
s_description = data_utils.rand_name('description-')
resp, self.service2 =\
- self.identity_client.create_service(s_name, s_type,
- description=s_description)
+ self.service_client.create_service(s_name, s_type,
+ description=s_description)
self.service_ids.append(self.service2['id'])
# Updating endpoint with new values
region2 = data_utils.rand_name('region')
diff --git a/tempest/api/identity/admin/v3/test_groups.py b/tempest/api/identity/admin/v3/test_groups.py
index 70afec7..6e898b2 100644
--- a/tempest/api/identity/admin/v3/test_groups.py
+++ b/tempest/api/identity/admin/v3/test_groups.py
@@ -18,7 +18,7 @@
from tempest import test
-class GroupsV3TestJSON(base.BaseIdentityAdminTest):
+class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):
_interface = 'json'
@classmethod
@@ -29,23 +29,23 @@
def test_group_create_update_get(self):
name = data_utils.rand_name('Group')
description = data_utils.rand_name('Description')
- resp, group = self.v3_client.create_group(name,
- description=description)
- self.addCleanup(self.v3_client.delete_group, group['id'])
+ resp, group = self.client.create_group(name,
+ description=description)
+ self.addCleanup(self.client.delete_group, group['id'])
self.assertEqual(resp['status'], '201')
self.assertEqual(group['name'], name)
self.assertEqual(group['description'], description)
new_name = data_utils.rand_name('UpdateGroup')
new_desc = data_utils.rand_name('UpdateDescription')
- resp, updated_group = self.v3_client.update_group(group['id'],
- name=new_name,
- description=new_desc)
+ resp, updated_group = self.client.update_group(group['id'],
+ name=new_name,
+ description=new_desc)
self.assertEqual(resp['status'], '200')
self.assertEqual(updated_group['name'], new_name)
self.assertEqual(updated_group['description'], new_desc)
- resp, new_group = self.v3_client.get_group(group['id'])
+ resp, new_group = self.client.get_group(group['id'])
self.assertEqual(resp['status'], '200')
self.assertEqual(group['id'], new_group['id'])
self.assertEqual(new_name, new_group['name'])
@@ -54,27 +54,27 @@
@test.attr(type='smoke')
def test_group_users_add_list_delete(self):
name = data_utils.rand_name('Group')
- resp, group = self.v3_client.create_group(name)
- self.addCleanup(self.v3_client.delete_group, group['id'])
+ resp, group = self.client.create_group(name)
+ self.addCleanup(self.client.delete_group, group['id'])
# add user into group
users = []
for i in range(3):
name = data_utils.rand_name('User')
- resp, user = self.v3_client.create_user(name)
+ resp, user = self.client.create_user(name)
users.append(user)
- self.addCleanup(self.v3_client.delete_user, user['id'])
- self.v3_client.add_group_user(group['id'], user['id'])
+ self.addCleanup(self.client.delete_user, user['id'])
+ self.client.add_group_user(group['id'], user['id'])
# list users in group
- resp, group_users = self.v3_client.list_group_users(group['id'])
+ resp, group_users = self.client.list_group_users(group['id'])
self.assertEqual(resp['status'], '200')
self.assertEqual(users.sort(), group_users.sort())
# delete user in group
for user in users:
- resp, body = self.v3_client.delete_group_user(group['id'],
- user['id'])
+ resp, body = self.client.delete_group_user(group['id'],
+ user['id'])
self.assertEqual(resp['status'], '204')
- resp, group_users = self.v3_client.list_group_users(group['id'])
+ resp, group_users = self.client.list_group_users(group['id'])
self.assertEqual(len(group_users), 0)
diff --git a/tempest/api/identity/admin/v3/test_policies.py b/tempest/api/identity/admin/v3/test_policies.py
index 0e8e4c3..3e04b5f 100644
--- a/tempest/api/identity/admin/v3/test_policies.py
+++ b/tempest/api/identity/admin/v3/test_policies.py
@@ -18,7 +18,7 @@
from tempest.test import attr
-class PoliciesTestJSON(base.BaseIdentityAdminTest):
+class PoliciesTestJSON(base.BaseIdentityV3AdminTest):
_interface = 'json'
def _delete_policy(self, policy_id):
diff --git a/tempest/api/identity/admin/v3/test_projects.py b/tempest/api/identity/admin/v3/test_projects.py
index 1fc5a6a..f309897 100644
--- a/tempest/api/identity/admin/v3/test_projects.py
+++ b/tempest/api/identity/admin/v3/test_projects.py
@@ -19,27 +19,27 @@
from tempest.test import attr
-class ProjectsTestJSON(base.BaseIdentityAdminTest):
+class ProjectsTestJSON(base.BaseIdentityV3AdminTest):
_interface = 'json'
def _delete_project(self, project_id):
- resp, _ = self.v3_client.delete_project(project_id)
+ resp, _ = self.client.delete_project(project_id)
self.assertEqual(resp['status'], '204')
self.assertRaises(
- exceptions.NotFound, self.v3_client.get_project, project_id)
+ exceptions.NotFound, self.client.get_project, project_id)
@attr(type='gate')
def test_project_list_delete(self):
# Create several projects and delete them
for _ in xrange(3):
- resp, project = self.v3_client.create_project(
+ resp, project = self.client.create_project(
data_utils.rand_name('project-new'))
self.addCleanup(self._delete_project, project['id'])
- resp, list_projects = self.v3_client.list_projects()
+ resp, list_projects = self.client.list_projects()
self.assertEqual(resp['status'], '200')
- resp, get_project = self.v3_client.get_project(project['id'])
+ resp, get_project = self.client.get_project(project['id'])
self.assertIn(get_project, list_projects)
@attr(type='gate')
@@ -47,16 +47,16 @@
# Create project with a description
project_name = data_utils.rand_name('project-')
project_desc = data_utils.rand_name('desc-')
- resp, project = self.v3_client.create_project(
+ resp, project = self.client.create_project(
project_name, description=project_desc)
- self.v3data.projects.append(project)
+ self.data.projects.append(project)
st1 = resp['status']
project_id = project['id']
desc1 = project['description']
self.assertEqual(st1, '201')
self.assertEqual(desc1, project_desc, 'Description should have '
'been sent in response for create')
- resp, body = self.v3_client.get_project(project_id)
+ resp, body = self.client.get_project(project_id)
desc2 = body['description']
self.assertEqual(desc2, project_desc, 'Description does not appear'
'to be set')
@@ -65,15 +65,15 @@
def test_project_create_enabled(self):
# Create a project that is enabled
project_name = data_utils.rand_name('project-')
- resp, project = self.v3_client.create_project(
+ resp, project = self.client.create_project(
project_name, enabled=True)
- self.v3data.projects.append(project)
+ self.data.projects.append(project)
project_id = project['id']
st1 = resp['status']
en1 = project['enabled']
self.assertEqual(st1, '201')
self.assertTrue(en1, 'Enable should be True in response')
- resp, body = self.v3_client.get_project(project_id)
+ resp, body = self.client.get_project(project_id)
en2 = body['enabled']
self.assertTrue(en2, 'Enable should be True in lookup')
@@ -81,15 +81,15 @@
def test_project_create_not_enabled(self):
# Create a project that is not enabled
project_name = data_utils.rand_name('project-')
- resp, project = self.v3_client.create_project(
+ resp, project = self.client.create_project(
project_name, enabled=False)
- self.v3data.projects.append(project)
+ self.data.projects.append(project)
st1 = resp['status']
en1 = project['enabled']
self.assertEqual(st1, '201')
self.assertEqual('false', str(en1).lower(),
'Enable should be False in response')
- resp, body = self.v3_client.get_project(project['id'])
+ resp, body = self.client.get_project(project['id'])
en2 = body['enabled']
self.assertEqual('false', str(en2).lower(),
'Enable should be False in lookup')
@@ -98,19 +98,19 @@
def test_project_update_name(self):
# Update name attribute of a project
p_name1 = data_utils.rand_name('project-')
- resp, project = self.v3_client.create_project(p_name1)
- self.v3data.projects.append(project)
+ resp, project = self.client.create_project(p_name1)
+ self.data.projects.append(project)
resp1_name = project['name']
p_name2 = data_utils.rand_name('project2-')
- resp, body = self.v3_client.update_project(project['id'], name=p_name2)
+ resp, body = self.client.update_project(project['id'], name=p_name2)
st2 = resp['status']
resp2_name = body['name']
self.assertEqual(st2, '200')
self.assertNotEqual(resp1_name, resp2_name)
- resp, body = self.v3_client.get_project(project['id'])
+ resp, body = self.client.get_project(project['id'])
resp3_name = body['name']
self.assertNotEqual(resp1_name, resp3_name)
@@ -122,20 +122,20 @@
# Update description attribute of a project
p_name = data_utils.rand_name('project-')
p_desc = data_utils.rand_name('desc-')
- resp, project = self.v3_client.create_project(
+ resp, project = self.client.create_project(
p_name, description=p_desc)
- self.v3data.projects.append(project)
+ self.data.projects.append(project)
resp1_desc = project['description']
p_desc2 = data_utils.rand_name('desc2-')
- resp, body = self.v3_client.update_project(
+ resp, body = self.client.update_project(
project['id'], description=p_desc2)
st2 = resp['status']
resp2_desc = body['description']
self.assertEqual(st2, '200')
self.assertNotEqual(resp1_desc, resp2_desc)
- resp, body = self.v3_client.get_project(project['id'])
+ resp, body = self.client.get_project(project['id'])
resp3_desc = body['description']
self.assertNotEqual(resp1_desc, resp3_desc)
@@ -147,20 +147,20 @@
# Update the enabled attribute of a project
p_name = data_utils.rand_name('project-')
p_en = False
- resp, project = self.v3_client.create_project(p_name, enabled=p_en)
- self.v3data.projects.append(project)
+ resp, project = self.client.create_project(p_name, enabled=p_en)
+ self.data.projects.append(project)
resp1_en = project['enabled']
p_en2 = True
- resp, body = self.v3_client.update_project(
+ resp, body = self.client.update_project(
project['id'], enabled=p_en2)
st2 = resp['status']
resp2_en = body['enabled']
self.assertEqual(st2, '200')
self.assertNotEqual(resp1_en, resp2_en)
- resp, body = self.v3_client.get_project(project['id'])
+ resp, body = self.client.get_project(project['id'])
resp3_en = body['enabled']
self.assertNotEqual(resp1_en, resp3_en)
@@ -172,23 +172,23 @@
#Associate a user to a project
#Create a Project
p_name = data_utils.rand_name('project-')
- resp, project = self.v3_client.create_project(p_name)
- self.v3data.projects.append(project)
+ resp, project = self.client.create_project(p_name)
+ self.data.projects.append(project)
#Create a User
u_name = data_utils.rand_name('user-')
u_desc = u_name + 'description'
u_email = u_name + '@testmail.tm'
u_password = data_utils.rand_name('pass-')
- resp, user = self.v3_client.create_user(
+ resp, user = self.client.create_user(
u_name, description=u_desc, password=u_password,
email=u_email, project_id=project['id'])
self.assertEqual(resp['status'], '201')
# Delete the User at the end of this method
- self.addCleanup(self.v3_client.delete_user, user['id'])
+ self.addCleanup(self.client.delete_user, user['id'])
# Get User To validate the user details
- resp, new_user_get = self.v3_client.get_user(user['id'])
+ resp, new_user_get = self.client.get_user(user['id'])
#Assert response body of GET
self.assertEqual(u_name, new_user_get['name'])
self.assertEqual(u_desc, new_user_get['description'])
@@ -200,53 +200,53 @@
def test_list_projects_by_unauthorized_user(self):
# Non-admin user should not be able to list projects
self.assertRaises(exceptions.Unauthorized,
- self.v3_non_admin_client.list_projects)
+ self.non_admin_client.list_projects)
@attr(type=['negative', 'gate'])
def test_project_create_duplicate(self):
# Project names should be unique
project_name = data_utils.rand_name('project-dup-')
- resp, project = self.v3_client.create_project(project_name)
- self.v3data.projects.append(project)
+ resp, project = self.client.create_project(project_name)
+ self.data.projects.append(project)
self.assertRaises(
- exceptions.Conflict, self.v3_client.create_project, project_name)
+ exceptions.Conflict, self.client.create_project, project_name)
@attr(type=['negative', 'gate'])
def test_create_project_by_unauthorized_user(self):
# Non-admin user should not be authorized to create a project
project_name = data_utils.rand_name('project-')
self.assertRaises(
- exceptions.Unauthorized, self.v3_non_admin_client.create_project,
+ exceptions.Unauthorized, self.non_admin_client.create_project,
project_name)
@attr(type=['negative', 'gate'])
def test_create_project_with_empty_name(self):
# Project name should not be empty
- self.assertRaises(exceptions.BadRequest, self.v3_client.create_project,
+ self.assertRaises(exceptions.BadRequest, self.client.create_project,
name='')
@attr(type=['negative', 'gate'])
def test_create_projects_name_length_over_64(self):
# Project name length should not be greater than 64 characters
project_name = 'a' * 65
- self.assertRaises(exceptions.BadRequest, self.v3_client.create_project,
+ self.assertRaises(exceptions.BadRequest, self.client.create_project,
project_name)
@attr(type=['negative', 'gate'])
def test_project_delete_by_unauthorized_user(self):
# Non-admin user should not be able to delete a project
project_name = data_utils.rand_name('project-')
- resp, project = self.v3_client.create_project(project_name)
- self.v3data.projects.append(project)
+ resp, project = self.client.create_project(project_name)
+ self.data.projects.append(project)
self.assertRaises(
- exceptions.Unauthorized, self.v3_non_admin_client.delete_project,
+ exceptions.Unauthorized, self.non_admin_client.delete_project,
project['id'])
@attr(type=['negative', 'gate'])
def test_delete_non_existent_project(self):
# Attempt to delete a non existent project should fail
- self.assertRaises(exceptions.NotFound, self.v3_client.delete_project,
+ self.assertRaises(exceptions.NotFound, self.client.delete_project,
'junk_Project_123456abc')
diff --git a/tempest/api/identity/admin/v3/test_roles.py b/tempest/api/identity/admin/v3/test_roles.py
index efaed39..467d28b 100644
--- a/tempest/api/identity/admin/v3/test_roles.py
+++ b/tempest/api/identity/admin/v3/test_roles.py
@@ -18,7 +18,7 @@
from tempest.test import attr
-class RolesV3TestJSON(base.BaseIdentityAdminTest):
+class RolesV3TestJSON(base.BaseIdentityV3AdminTest):
_interface = 'json'
@classmethod
@@ -30,20 +30,20 @@
u_email = '%s@testmail.tm' % u_name
u_password = data_utils.rand_name('pass-')
resp = [None] * 5
- resp[0], cls.project = cls.v3_client.create_project(
+ resp[0], cls.project = cls.client.create_project(
data_utils.rand_name('project-'),
description=data_utils.rand_name('project-desc-'))
- resp[1], cls.domain = cls.v3_client.create_domain(
+ resp[1], cls.domain = cls.client.create_domain(
data_utils.rand_name('domain-'),
description=data_utils.rand_name('domain-desc-'))
- resp[2], cls.group_body = cls.v3_client.create_group(
+ resp[2], cls.group_body = cls.client.create_group(
data_utils.rand_name('Group-'), project_id=cls.project['id'],
domain_id=cls.domain['id'])
- resp[3], cls.user_body = cls.v3_client.create_user(
+ resp[3], cls.user_body = cls.client.create_user(
u_name, description=u_desc, password=u_password,
email=u_email, project_id=cls.project['id'],
domain_id=cls.domain['id'])
- resp[4], cls.role = cls.v3_client.create_role(
+ resp[4], cls.role = cls.client.create_role(
data_utils.rand_name('Role-'))
for r in resp:
assert r['status'] == '201', "Expected: %s" % r['status']
@@ -51,14 +51,14 @@
@classmethod
def tearDownClass(cls):
resp = [None] * 5
- resp[0], _ = cls.v3_client.delete_role(cls.role['id'])
- resp[1], _ = cls.v3_client.delete_group(cls.group_body['id'])
- resp[2], _ = cls.v3_client.delete_user(cls.user_body['id'])
- resp[3], _ = cls.v3_client.delete_project(cls.project['id'])
+ resp[0], _ = cls.client.delete_role(cls.role['id'])
+ resp[1], _ = cls.client.delete_group(cls.group_body['id'])
+ resp[2], _ = cls.client.delete_user(cls.user_body['id'])
+ resp[3], _ = cls.client.delete_project(cls.project['id'])
# NOTE(harika-vakadi): It is necessary to disable the domain
# before deleting,or else it would result in unauthorized error
- cls.v3_client.update_domain(cls.domain['id'], enabled=False)
- resp[4], _ = cls.v3_client.delete_domain(cls.domain['id'])
+ cls.client.update_domain(cls.domain['id'], enabled=False)
+ resp[4], _ = cls.client.delete_domain(cls.domain['id'])
for r in resp:
assert r['status'] == '204', "Expected: %s" % r['status']
super(RolesV3TestJSON, cls).tearDownClass()
@@ -71,32 +71,32 @@
@attr(type='smoke')
def test_role_create_update_get(self):
r_name = data_utils.rand_name('Role-')
- resp, role = self.v3_client.create_role(r_name)
- self.addCleanup(self.v3_client.delete_role, role['id'])
+ resp, role = self.client.create_role(r_name)
+ self.addCleanup(self.client.delete_role, role['id'])
self.assertEqual(resp['status'], '201')
self.assertIn('name', role)
self.assertEqual(role['name'], r_name)
new_name = data_utils.rand_name('NewRole-')
- resp, updated_role = self.v3_client.update_role(new_name, role['id'])
+ resp, updated_role = self.client.update_role(new_name, role['id'])
self.assertEqual(resp['status'], '200')
self.assertIn('name', updated_role)
self.assertIn('id', updated_role)
self.assertIn('links', updated_role)
self.assertNotEqual(r_name, updated_role['name'])
- resp, new_role = self.v3_client.get_role(role['id'])
+ resp, new_role = self.client.get_role(role['id'])
self.assertEqual(resp['status'], '200')
self.assertEqual(new_name, new_role['name'])
self.assertEqual(updated_role['id'], new_role['id'])
@attr(type='smoke')
def test_grant_list_revoke_role_to_user_on_project(self):
- resp, _ = self.v3_client.assign_user_role_on_project(
+ resp, _ = self.client.assign_user_role_on_project(
self.project['id'], self.user_body['id'], self.role['id'])
self.assertEqual(resp['status'], '204')
- resp, roles = self.v3_client.list_user_roles_on_project(
+ resp, roles = self.client.list_user_roles_on_project(
self.project['id'], self.user_body['id'])
for i in roles:
@@ -105,17 +105,17 @@
self._list_assertions(resp, roles, self.fetched_role_ids,
self.role['id'])
- resp, _ = self.v3_client.revoke_role_from_user_on_project(
+ resp, _ = self.client.revoke_role_from_user_on_project(
self.project['id'], self.user_body['id'], self.role['id'])
self.assertEqual(resp['status'], '204')
@attr(type='smoke')
def test_grant_list_revoke_role_to_user_on_domain(self):
- resp, _ = self.v3_client.assign_user_role_on_domain(
+ resp, _ = self.client.assign_user_role_on_domain(
self.domain['id'], self.user_body['id'], self.role['id'])
self.assertEqual(resp['status'], '204')
- resp, roles = self.v3_client.list_user_roles_on_domain(
+ resp, roles = self.client.list_user_roles_on_domain(
self.domain['id'], self.user_body['id'])
for i in roles:
@@ -124,17 +124,17 @@
self._list_assertions(resp, roles, self.fetched_role_ids,
self.role['id'])
- resp, _ = self.v3_client.revoke_role_from_user_on_domain(
+ resp, _ = self.client.revoke_role_from_user_on_domain(
self.domain['id'], self.user_body['id'], self.role['id'])
self.assertEqual(resp['status'], '204')
@attr(type='smoke')
def test_grant_list_revoke_role_to_group_on_project(self):
- resp, _ = self.v3_client.assign_group_role_on_project(
+ resp, _ = self.client.assign_group_role_on_project(
self.project['id'], self.group_body['id'], self.role['id'])
self.assertEqual(resp['status'], '204')
- resp, roles = self.v3_client.list_group_roles_on_project(
+ resp, roles = self.client.list_group_roles_on_project(
self.project['id'], self.group_body['id'])
for i in roles:
@@ -143,17 +143,17 @@
self._list_assertions(resp, roles, self.fetched_role_ids,
self.role['id'])
- resp, _ = self.v3_client.revoke_role_from_group_on_project(
+ resp, _ = self.client.revoke_role_from_group_on_project(
self.project['id'], self.group_body['id'], self.role['id'])
self.assertEqual(resp['status'], '204')
@attr(type='smoke')
def test_grant_list_revoke_role_to_group_on_domain(self):
- resp, _ = self.v3_client.assign_group_role_on_domain(
+ resp, _ = self.client.assign_group_role_on_domain(
self.domain['id'], self.group_body['id'], self.role['id'])
self.assertEqual(resp['status'], '204')
- resp, roles = self.v3_client.list_group_roles_on_domain(
+ resp, roles = self.client.list_group_roles_on_domain(
self.domain['id'], self.group_body['id'])
for i in roles:
@@ -162,7 +162,7 @@
self._list_assertions(resp, roles, self.fetched_role_ids,
self.role['id'])
- resp, _ = self.v3_client.revoke_role_from_group_on_domain(
+ resp, _ = self.client.revoke_role_from_group_on_domain(
self.domain['id'], self.group_body['id'], self.role['id'])
self.assertEqual(resp['status'], '204')
diff --git a/tempest/api/identity/admin/v3/test_services.py b/tempest/api/identity/admin/v3/test_services.py
index 4d6c22f..c5d4ddf 100644
--- a/tempest/api/identity/admin/v3/test_services.py
+++ b/tempest/api/identity/admin/v3/test_services.py
@@ -19,20 +19,20 @@
from tempest.test import attr
-class ServicesTestJSON(base.BaseIdentityAdminTest):
+class ServicesTestJSON(base.BaseIdentityV3AdminTest):
_interface = 'json'
@attr(type='gate')
def test_update_service(self):
# Update description attribute of service
name = data_utils.rand_name('service-')
- type = data_utils.rand_name('type--')
- description = data_utils.rand_name('description-')
- resp, body = self.client.create_service(
- name, type, description=description)
- self.assertEqual('200', resp['status'])
+ serv_type = data_utils.rand_name('type--')
+ desc = data_utils.rand_name('description-')
+ resp, body = self.service_client.create_service(name, serv_type,
+ description=desc)
+ self.assertEqual('201', resp['status'])
# Deleting the service created in this method
- self.addCleanup(self.client.delete_service, body['id'])
+ self.addCleanup(self.service_client.delete_service, body['id'])
s_id = body['id']
resp1_desc = body['description']
@@ -45,7 +45,7 @@
self.assertNotEqual(resp1_desc, resp2_desc)
# Get service
- resp, body = self.client.get_service(s_id)
+ resp, body = self.service_client.get_service(s_id)
resp3_desc = body['description']
self.assertNotEqual(resp1_desc, resp3_desc)
diff --git a/tempest/api/identity/admin/v3/test_tokens.py b/tempest/api/identity/admin/v3/test_tokens.py
index d17dc4a..802113a 100644
--- a/tempest/api/identity/admin/v3/test_tokens.py
+++ b/tempest/api/identity/admin/v3/test_tokens.py
@@ -19,7 +19,7 @@
from tempest.test import attr
-class UsersTestJSON(base.BaseIdentityAdminTest):
+class UsersTestJSON(base.BaseIdentityV3AdminTest):
_interface = 'json'
@attr(type='smoke')
@@ -30,24 +30,24 @@
u_desc = '%s-description' % u_name
u_email = '%s@testmail.tm' % u_name
u_password = data_utils.rand_name('pass-')
- resp, user = self.v3_client.create_user(
+ resp, user = self.client.create_user(
u_name, description=u_desc, password=u_password,
email=u_email)
self.assertTrue(resp['status'].startswith('2'))
- self.addCleanup(self.v3_client.delete_user, user['id'])
+ self.addCleanup(self.client.delete_user, user['id'])
# Perform Authentication
- resp, body = self.v3_token.auth(user['id'], u_password)
+ resp, body = self.token.auth(user['id'], u_password)
self.assertEqual(resp['status'], '201')
subject_token = resp['x-subject-token']
# Perform GET Token
- resp, token_details = self.v3_client.get_token(subject_token)
+ resp, token_details = self.client.get_token(subject_token)
self.assertEqual(resp['status'], '200')
self.assertEqual(resp['x-subject-token'], subject_token)
self.assertEqual(token_details['user']['id'], user['id'])
self.assertEqual(token_details['user']['name'], u_name)
# Perform Delete Token
- resp, _ = self.v3_client.delete_token(subject_token)
- self.assertRaises(exceptions.NotFound, self.v3_client.get_token,
+ resp, _ = self.client.delete_token(subject_token)
+ self.assertRaises(exceptions.NotFound, self.client.get_token,
subject_token)
diff --git a/tempest/api/identity/admin/v3/test_trusts.py b/tempest/api/identity/admin/v3/test_trusts.py
index 1bebad4..c2eef36 100644
--- a/tempest/api/identity/admin/v3/test_trusts.py
+++ b/tempest/api/identity/admin/v3/test_trusts.py
@@ -23,7 +23,7 @@
CONF = config.CONF
-class BaseTrustsV3Test(base.BaseIdentityAdminTest):
+class BaseTrustsV3Test(base.BaseIdentityV3AdminTest):
def setUp(self):
super(BaseTrustsV3Test, self).setUp()
@@ -43,7 +43,7 @@
def create_trustor_and_roles(self):
# Get trustor project ID, use the admin project
- self.trustor_project_name = self.v3_client.tenant_name
+ self.trustor_project_name = self.client.tenant_name
self.trustor_project_id = self.get_tenant_by_name(
self.trustor_project_name)['id']
self.assertIsNotNone(self.trustor_project_id)
@@ -53,7 +53,7 @@
u_desc = self.trustor_username + 'description'
u_email = self.trustor_username + '@testmail.xx'
self.trustor_password = rand_name('pass-')
- resp, user = self.v3_client.create_user(
+ resp, user = self.client.create_user(
self.trustor_username,
description=u_desc,
password=self.trustor_password,
@@ -66,24 +66,24 @@
self.delegated_role = rand_name('DelegatedRole-')
self.not_delegated_role = rand_name('NotDelegatedRole-')
- resp, role = self.v3_client.create_role(self.delegated_role)
+ resp, role = self.client.create_role(self.delegated_role)
self.assertEqual(resp['status'], '201')
self.delegated_role_id = role['id']
- resp, role = self.v3_client.create_role(self.not_delegated_role)
+ resp, role = self.client.create_role(self.not_delegated_role)
self.assertEqual(resp['status'], '201')
self.not_delegated_role_id = role['id']
# Assign roles to trustor
- self.v3_client.assign_user_role(self.trustor_project_id,
- self.trustor_user_id,
- self.delegated_role_id)
- self.v3_client.assign_user_role(self.trustor_project_id,
- self.trustor_user_id,
- self.not_delegated_role_id)
+ self.client.assign_user_role(self.trustor_project_id,
+ self.trustor_user_id,
+ self.delegated_role_id)
+ self.client.assign_user_role(self.trustor_project_id,
+ self.trustor_user_id,
+ self.not_delegated_role_id)
# Get trustee user ID, use the demo user
- trustee_username = self.v3_non_admin_client.user
+ trustee_username = self.non_admin_client.user
self.trustee_user_id = self.get_user_by_name(trustee_username)['id']
self.assertIsNotNone(self.trustee_user_id)
@@ -92,19 +92,19 @@
password=self.trustor_password,
tenant_name=self.trustor_project_name,
interface=self._interface)
- self.trustor_v3_client = os.identity_v3_client
+ self.trustor_client = os.identity_v3_client
def cleanup_user_and_roles(self):
if self.trustor_user_id:
- self.v3_client.delete_user(self.trustor_user_id)
+ self.client.delete_user(self.trustor_user_id)
if self.delegated_role_id:
- self.v3_client.delete_role(self.delegated_role_id)
+ self.client.delete_role(self.delegated_role_id)
if self.not_delegated_role_id:
- self.v3_client.delete_role(self.not_delegated_role_id)
+ self.client.delete_role(self.not_delegated_role_id)
def create_trust(self, impersonate=True, expires=None):
- resp, trust_create = self.trustor_v3_client.create_trust(
+ resp, trust_create = self.trustor_client.create_trust(
trustor_user_id=self.trustor_user_id,
trustee_user_id=self.trustee_user_id,
project_id=self.trustor_project_id,
@@ -137,7 +137,7 @@
self.assertEqual(1, len(trust['roles']))
def get_trust(self):
- resp, trust_get = self.trustor_v3_client.get_trust(self.trust_id)
+ resp, trust_get = self.trustor_client.get_trust(self.trust_id)
self.assertEqual('200', resp['status'])
return trust_get
@@ -153,37 +153,37 @@
def check_trust_roles(self):
# Check we find the delegated role
- resp, roles_get = self.trustor_v3_client.get_trust_roles(
+ resp, roles_get = self.trustor_client.get_trust_roles(
self.trust_id)
self.assertEqual('200', resp['status'])
self.assertEqual(1, len(roles_get))
self.validate_role(roles_get[0])
- resp, role_get = self.trustor_v3_client.get_trust_role(
+ resp, role_get = self.trustor_client.get_trust_role(
self.trust_id, self.delegated_role_id)
self.assertEqual('200', resp['status'])
self.validate_role(role_get)
- resp, role_get = self.trustor_v3_client.check_trust_role(
+ resp, role_get = self.trustor_client.check_trust_role(
self.trust_id, self.delegated_role_id)
self.assertEqual('204', resp['status'])
# And that we don't find not_delegated_role
self.assertRaises(exceptions.NotFound,
- self.trustor_v3_client.get_trust_role,
+ self.trustor_client.get_trust_role,
self.trust_id,
self.not_delegated_role_id)
self.assertRaises(exceptions.NotFound,
- self.trustor_v3_client.check_trust_role,
+ self.trustor_client.check_trust_role,
self.trust_id,
self.not_delegated_role_id)
def delete_trust(self):
- resp, trust_delete = self.trustor_v3_client.delete_trust(self.trust_id)
+ resp, trust_delete = self.trustor_client.delete_trust(self.trust_id)
self.assertEqual('204', resp['status'])
self.assertRaises(exceptions.NotFound,
- self.trustor_v3_client.get_trust,
+ self.trustor_client.get_trust,
self.trust_id)
self.trust_id = None
@@ -249,7 +249,7 @@
@attr(type='smoke')
def test_get_trusts_query(self):
self.create_trust()
- resp, trusts_get = self.trustor_v3_client.get_trusts(
+ resp, trusts_get = self.trustor_client.get_trusts(
trustor_user_id=self.trustor_user_id)
self.assertEqual('200', resp['status'])
self.assertEqual(1, len(trusts_get))
@@ -258,7 +258,7 @@
@attr(type='smoke')
def test_get_trusts_all(self):
self.create_trust()
- resp, trusts_get = self.v3_client.get_trusts()
+ resp, trusts_get = self.client.get_trusts()
self.assertEqual('200', resp['status'])
trusts = [t for t in trusts_get
if t['id'] == self.trust_id]
diff --git a/tempest/api/identity/admin/v3/test_users.py b/tempest/api/identity/admin/v3/test_users.py
index 7cae856..a78d542 100644
--- a/tempest/api/identity/admin/v3/test_users.py
+++ b/tempest/api/identity/admin/v3/test_users.py
@@ -18,7 +18,7 @@
from tempest.test import attr
-class UsersV3TestJSON(base.BaseIdentityAdminTest):
+class UsersV3TestJSON(base.BaseIdentityV3AdminTest):
_interface = 'json'
@attr(type='gate')
@@ -29,22 +29,22 @@
u_desc = u_name + 'description'
u_email = u_name + '@testmail.tm'
u_password = data_utils.rand_name('pass-')
- resp, user = self.v3_client.create_user(
+ resp, user = self.client.create_user(
u_name, description=u_desc, password=u_password,
email=u_email, enabled=False)
# Delete the User at the end of this method
- self.addCleanup(self.v3_client.delete_user, user['id'])
+ self.addCleanup(self.client.delete_user, user['id'])
# Creating second project for updation
- resp, project = self.v3_client.create_project(
+ resp, project = self.client.create_project(
data_utils.rand_name('project-'),
description=data_utils.rand_name('project-desc-'))
# Delete the Project at the end of this method
- self.addCleanup(self.v3_client.delete_project, project['id'])
+ self.addCleanup(self.client.delete_project, project['id'])
# Updating user details with new values
u_name2 = data_utils.rand_name('user2-')
u_email2 = u_name2 + '@testmail.tm'
u_description2 = u_name2 + ' description'
- resp, update_user = self.v3_client.update_user(
+ resp, update_user = self.client.update_user(
user['id'], name=u_name2, description=u_description2,
project_id=project['id'],
email=u_email2, enabled=False)
@@ -57,7 +57,7 @@
self.assertEqual(u_email2, update_user['email'])
self.assertEqual('false', str(update_user['enabled']).lower())
# GET by id after updation
- resp, new_user_get = self.v3_client.get_user(user['id'])
+ resp, new_user_get = self.client.get_user(user['id'])
# Assert response body of GET after updation
self.assertEqual(u_name2, new_user_get['name'])
self.assertEqual(u_description2, new_user_get['description'])
@@ -71,43 +71,43 @@
# List the projects that a user has access upon
assigned_project_ids = list()
fetched_project_ids = list()
- _, u_project = self.v3_client.create_project(
+ _, u_project = self.client.create_project(
data_utils.rand_name('project-'),
description=data_utils.rand_name('project-desc-'))
# Delete the Project at the end of this method
- self.addCleanup(self.v3_client.delete_project, u_project['id'])
+ self.addCleanup(self.client.delete_project, u_project['id'])
# Create a user.
u_name = data_utils.rand_name('user-')
u_desc = u_name + 'description'
u_email = u_name + '@testmail.tm'
u_password = data_utils.rand_name('pass-')
- _, user_body = self.v3_client.create_user(
+ _, user_body = self.client.create_user(
u_name, description=u_desc, password=u_password,
email=u_email, enabled=False, project_id=u_project['id'])
# Delete the User at the end of this method
- self.addCleanup(self.v3_client.delete_user, user_body['id'])
+ self.addCleanup(self.client.delete_user, user_body['id'])
# Creating Role
- _, role_body = self.v3_client.create_role(
+ _, role_body = self.client.create_role(
data_utils.rand_name('role-'))
# Delete the Role at the end of this method
- self.addCleanup(self.v3_client.delete_role, role_body['id'])
+ self.addCleanup(self.client.delete_role, role_body['id'])
- _, user = self.v3_client.get_user(user_body['id'])
- _, role = self.v3_client.get_role(role_body['id'])
+ _, user = self.client.get_user(user_body['id'])
+ _, role = self.client.get_role(role_body['id'])
for i in range(2):
# Creating project so as to assign role
- _, project_body = self.v3_client.create_project(
+ _, project_body = self.client.create_project(
data_utils.rand_name('project-'),
description=data_utils.rand_name('project-desc-'))
- _, project = self.v3_client.get_project(project_body['id'])
+ _, project = self.client.get_project(project_body['id'])
# Delete the Project at the end of this method
- self.addCleanup(self.v3_client.delete_project, project_body['id'])
+ self.addCleanup(self.client.delete_project, project_body['id'])
# Assigning roles to user on project
- self.v3_client.assign_user_role(project['id'],
- user['id'],
- role['id'])
+ self.client.assign_user_role(project['id'],
+ user['id'],
+ role['id'])
assigned_project_ids.append(project['id'])
- resp, body = self.v3_client.list_user_projects(user['id'])
+ resp, body = self.client.list_user_projects(user['id'])
self.assertEqual(200, resp.status)
for i in body:
fetched_project_ids.append(i['id'])
diff --git a/tempest/api/identity/base.py b/tempest/api/identity/base.py
index a3fc65a..10f5217 100644
--- a/tempest/api/identity/base.py
+++ b/tempest/api/identity/base.py
@@ -16,67 +16,98 @@
from tempest import clients
from tempest.common.utils import data_utils
+from tempest import config
import tempest.test
+CONF = config.CONF
+
class BaseIdentityAdminTest(tempest.test.BaseTestCase):
@classmethod
def setUpClass(cls):
super(BaseIdentityAdminTest, cls).setUpClass()
- os = clients.AdminManager(interface=cls._interface)
- cls.client = os.identity_client
- cls.token_client = os.token_client
- cls.endpoints_client = os.endpoints_client
- cls.v3_client = os.identity_v3_client
- cls.service_client = os.service_client
- cls.policy_client = os.policy_client
- cls.v3_token = os.token_v3_client
- cls.creds_client = os.credentials_client
-
- if not cls.client.has_admin_extensions():
- raise cls.skipException("Admin extensions disabled")
-
- cls.data = DataGenerator(cls.client)
- cls.v3data = DataGenerator(cls.v3_client)
-
- os = clients.Manager(interface=cls._interface)
- cls.non_admin_client = os.identity_client
- cls.v3_non_admin_client = os.identity_v3_client
+ cls.os_adm = clients.AdminManager(interface=cls._interface)
+ cls.os = clients.Manager(interface=cls._interface)
@classmethod
- def tearDownClass(cls):
- cls.data.teardown_all()
- cls.v3data.teardown_all()
- super(BaseIdentityAdminTest, cls).tearDownClass()
+ def disable_user(cls, user_name):
+ user = cls.get_user_by_name(user_name)
+ cls.client.enable_disable_user(user['id'], False)
- def disable_user(self, user_name):
- user = self.get_user_by_name(user_name)
- self.client.enable_disable_user(user['id'], False)
+ @classmethod
+ def disable_tenant(cls, tenant_name):
+ tenant = cls.get_tenant_by_name(tenant_name)
+ cls.client.update_tenant(tenant['id'], enabled=False)
- def disable_tenant(self, tenant_name):
- tenant = self.get_tenant_by_name(tenant_name)
- self.client.update_tenant(tenant['id'], enabled=False)
-
- def get_user_by_name(self, name):
- _, users = self.client.get_users()
+ @classmethod
+ def get_user_by_name(cls, name):
+ _, users = cls.client.get_users()
user = [u for u in users if u['name'] == name]
if len(user) > 0:
return user[0]
- def get_tenant_by_name(self, name):
- _, tenants = self.client.list_tenants()
+ @classmethod
+ def get_tenant_by_name(cls, name):
+ try:
+ _, tenants = cls.client.list_tenants()
+ except AttributeError:
+ _, tenants = cls.client.list_projects()
tenant = [t for t in tenants if t['name'] == name]
if len(tenant) > 0:
return tenant[0]
- def get_role_by_name(self, name):
- _, roles = self.client.list_roles()
+ @classmethod
+ def get_role_by_name(cls, name):
+ _, roles = cls.client.list_roles()
role = [r for r in roles if r['name'] == name]
if len(role) > 0:
return role[0]
+class BaseIdentityV2AdminTest(BaseIdentityAdminTest):
+
+ @classmethod
+ def setUpClass(cls):
+ if not CONF.identity_feature_enabled.api_v2:
+ raise cls.skipException("Identity api v2 is not enabled")
+ super(BaseIdentityV2AdminTest, cls).setUpClass()
+ cls.client = cls.os_adm.identity_client
+ cls.token_client = cls.os_adm.token_client
+ if not cls.client.has_admin_extensions():
+ raise cls.skipException("Admin extensions disabled")
+ cls.data = DataGenerator(cls.client)
+ cls.non_admin_client = cls.os.identity_client
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.data.teardown_all()
+ super(BaseIdentityV2AdminTest, cls).tearDownClass()
+
+
+class BaseIdentityV3AdminTest(BaseIdentityAdminTest):
+
+ @classmethod
+ def setUpClass(cls):
+ if not CONF.identity_feature_enabled.api_v3:
+ raise cls.skipException("Identity api v3 is not enabled")
+ super(BaseIdentityV3AdminTest, cls).setUpClass()
+ cls.client = cls.os_adm.identity_v3_client
+ cls.token = cls.os_adm.token_v3_client
+ cls.endpoints_client = cls.os_adm.endpoints_client
+ cls.data = DataGenerator(cls.client)
+ cls.non_admin_client = cls.os.identity_v3_client
+ cls.service_client = cls.os_adm.service_client
+ cls.policy_client = cls.os_adm.policy_client
+ cls.creds_client = cls.os_adm.credentials_client
+ cls.non_admin_client = cls.os.identity_v3_client
+
+ @classmethod
+ def tearDownClass(cls):
+ cls.data.teardown_all()
+ super(BaseIdentityV3AdminTest, cls).tearDownClass()
+
+
class DataGenerator(object):
def __init__(self, client):
diff --git a/tempest/config.py b/tempest/config.py
index 068193b..a9b4808 100644
--- a/tempest/config.py
+++ b/tempest/config.py
@@ -100,7 +100,13 @@
cfg.BoolOpt('trust',
default=True,
help='Does the identity service have delegation and '
- 'impersonation enabled')
+ 'impersonation enabled'),
+ cfg.BoolOpt('api_v2',
+ default=True,
+ help='Is the v2 identity API enabled'),
+ cfg.BoolOpt('api_v3',
+ default=True,
+ help='Is the v3 identity API enabled'),
]
compute_group = cfg.OptGroup(name='compute',
diff --git a/tempest/services/identity/v3/json/identity_client.py b/tempest/services/identity/v3/json/identity_client.py
index ab1dc94..f5de5df 100644
--- a/tempest/services/identity/v3/json/identity_client.py
+++ b/tempest/services/identity/v3/json/identity_client.py
@@ -14,7 +14,6 @@
# under the License.
import json
-import urlparse
from tempest.common.rest_client import RestClient
from tempest import config
@@ -457,11 +456,10 @@
def __init__(self):
super(V3TokenClientJSON, self).__init__(None)
auth_url = CONF.identity.uri_v3
- # If the v3 url is not set, get it from the v2 one
- if auth_url is None:
- auth_url = CONF.identity.uri.replace(urlparse.urlparse(
- CONF.identity.uri).path, "/v3")
-
+ if not auth_url and CONF.identity_feature_enabled.api_v3:
+ raise exceptions.InvalidConfiguration('you must specify a v3 uri '
+ 'if using the v3 identity '
+ 'api')
if 'auth/tokens' not in auth_url:
auth_url = auth_url.rstrip('/') + '/auth/tokens'
diff --git a/tempest/services/identity/v3/json/service_client.py b/tempest/services/identity/v3/json/service_client.py
index 92f7629..11b4974 100644
--- a/tempest/services/identity/v3/json/service_client.py
+++ b/tempest/services/identity/v3/json/service_client.py
@@ -52,3 +52,21 @@
resp, body = self.get(url)
body = json.loads(body)
return resp, body['service']
+
+ def create_service(self, serv_type, name=None, description=None,
+ enabled=True):
+ body_dict = {
+ "name": name,
+ 'type': serv_type,
+ 'enabled': enabled,
+ "description": description,
+ }
+ body = json.dumps({'service': body_dict})
+ resp, body = self.post("services", body, self.headers)
+ body = json.loads(body)
+ return resp, body["service"]
+
+ def delete_service(self, serv_id):
+ url = "services/" + serv_id
+ resp, body = self.delete(url, self.headers)
+ return resp, body
diff --git a/tempest/services/identity/v3/xml/identity_client.py b/tempest/services/identity/v3/xml/identity_client.py
index e7b85c1..03c637b 100644
--- a/tempest/services/identity/v3/xml/identity_client.py
+++ b/tempest/services/identity/v3/xml/identity_client.py
@@ -14,7 +14,6 @@
# under the License.
import json
-import urlparse
from lxml import etree
@@ -450,10 +449,10 @@
def __init__(self):
super(V3TokenClientXML, self).__init__(None)
auth_url = CONF.identity.uri_v3
- # If the v3 url is not set, get it from the v2 one
- if auth_url is None:
- auth_url = CONF.identity.uri.replace(urlparse.urlparse(
- CONF.identity.uri).path, "/v3")
+ if not auth_url and CONF.identity_feature_enabled.api_v3:
+ raise exceptions.InvalidConfiguration('you must specify a v3 uri '
+ 'if using the v3 identity '
+ 'api')
if 'auth/tokens' not in auth_url:
auth_url = auth_url.rstrip('/') + '/auth/tokens'
diff --git a/tempest/services/identity/v3/xml/service_client.py b/tempest/services/identity/v3/xml/service_client.py
index df9b234..d02cb41 100644
--- a/tempest/services/identity/v3/xml/service_client.py
+++ b/tempest/services/identity/v3/xml/service_client.py
@@ -68,3 +68,19 @@
resp, body = self.get(url, self.headers)
body = self._parse_body(etree.fromstring(body))
return resp, body
+
+ def create_service(self, serv_type, name=None, description=None):
+ post_body = Element("service",
+ xmlns=XMLNS,
+ name=name,
+ description=description,
+ type=serv_type)
+ resp, body = self.post("services", str(Document(post_body)),
+ self.headers)
+ body = self._parse_body(etree.fromstring(body))
+ return resp, body
+
+ def delete_service(self, serv_id):
+ url = "services/" + serv_id
+ resp, body = self.delete(url, self.headers)
+ return resp, body