Test cases for V3 Project Actions
This submission adds a new test script "test_projects.py", so as
to verify the CRUD Operations of V3 Projects API. Required support
functions are added in client files under both XML/JSON interfaces.
Added methods to add resources (v3: users, projects, roles) in
DataGenerator class of base.py file.
Implements blueprint: add-keystone-v3-projects-tests
Change-Id: I1a0feb12e9ca503d7a03941b8e5bb1e5ae722fbc
diff --git a/tempest/api/identity/admin/v3/test_projects.py b/tempest/api/identity/admin/v3/test_projects.py
new file mode 100644
index 0000000..36ced70
--- /dev/null
+++ b/tempest/api/identity/admin/v3/test_projects.py
@@ -0,0 +1,256 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013 OpenStack, LLC
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+from tempest.api.identity import base
+from tempest.common.utils.data_utils import rand_name
+from tempest import exceptions
+from tempest.test import attr
+
+
+class ProjectsTestJSON(base.BaseIdentityAdminTest):
+ _interface = 'json'
+
+ def _delete_project(self, project_id):
+ resp, _ = self.v3_client.delete_project(project_id)
+ self.assertEqual(resp['status'], '204')
+ self.assertRaises(
+ exceptions.NotFound, self.v3_client.get_project, project_id)
+
+ @attr(type='gate')
+ def test_project_list_delete(self):
+ # Create several projects and delete them
+ for _ in xrange(3):
+ resp, project = self.v3_client.create_project(
+ rand_name('project-new'))
+ self.addCleanup(self._delete_project, project['id'])
+
+ resp, list_projects = self.v3_client.list_projects()
+ self.assertEqual(resp['status'], '200')
+
+ resp, get_project = self.v3_client.get_project(project['id'])
+ self.assertIn(get_project, list_projects)
+
+ @attr(type='gate')
+ def test_project_create_with_description(self):
+ # Create project with a description
+ project_name = rand_name('project-')
+ project_desc = rand_name('desc-')
+ resp, project = self.v3_client.create_project(
+ project_name, description=project_desc)
+ self.v3data.projects.append(project)
+ st1 = resp['status']
+ project_id = project['id']
+ desc1 = project['description']
+ self.assertEqual(st1, '201')
+ self.assertEqual(desc1, project_desc, 'Description should have '
+ 'been sent in response for create')
+ resp, body = self.v3_client.get_project(project_id)
+ desc2 = body['description']
+ self.assertEqual(desc2, project_desc, 'Description does not appear'
+ 'to be set')
+
+ @attr(type='gate')
+ def test_project_create_enabled(self):
+ # Create a project that is enabled
+ project_name = rand_name('project-')
+ resp, project = self.v3_client.create_project(
+ project_name, enabled=True)
+ self.v3data.projects.append(project)
+ project_id = project['id']
+ st1 = resp['status']
+ en1 = project['enabled']
+ self.assertEqual(st1, '201')
+ self.assertTrue(en1, 'Enable should be True in response')
+ resp, body = self.v3_client.get_project(project_id)
+ en2 = body['enabled']
+ self.assertTrue(en2, 'Enable should be True in lookup')
+
+ @attr(type='gate')
+ def test_project_create_not_enabled(self):
+ # Create a project that is not enabled
+ project_name = rand_name('project-')
+ resp, project = self.v3_client.create_project(
+ project_name, enabled=False)
+ self.v3data.projects.append(project)
+ st1 = resp['status']
+ en1 = project['enabled']
+ self.assertEqual(st1, '201')
+ self.assertEqual('false', str(en1).lower(),
+ 'Enable should be False in response')
+ resp, body = self.v3_client.get_project(project['id'])
+ en2 = body['enabled']
+ self.assertEqual('false', str(en2).lower(),
+ 'Enable should be False in lookup')
+
+ @attr(type='gate')
+ def test_project_update_name(self):
+ # Update name attribute of a project
+ p_name1 = rand_name('project-')
+ resp, project = self.v3_client.create_project(p_name1)
+ self.v3data.projects.append(project)
+
+ resp1_name = project['name']
+
+ p_name2 = rand_name('project2-')
+ resp, body = self.v3_client.update_project(project['id'], name=p_name2)
+ st2 = resp['status']
+ resp2_name = body['name']
+ self.assertEqual(st2, '200')
+ self.assertNotEqual(resp1_name, resp2_name)
+
+ resp, body = self.v3_client.get_project(project['id'])
+ resp3_name = body['name']
+
+ self.assertNotEqual(resp1_name, resp3_name)
+ self.assertEqual(p_name1, resp1_name)
+ self.assertEqual(resp2_name, resp3_name)
+
+ @attr(type='gate')
+ def test_project_update_desc(self):
+ # Update description attribute of a project
+ p_name = rand_name('project-')
+ p_desc = rand_name('desc-')
+ resp, project = self.v3_client.create_project(
+ p_name, description=p_desc)
+ self.v3data.projects.append(project)
+ resp1_desc = project['description']
+
+ p_desc2 = rand_name('desc2-')
+ resp, body = self.v3_client.update_project(
+ project['id'], description=p_desc2)
+ st2 = resp['status']
+ resp2_desc = body['description']
+ self.assertEqual(st2, '200')
+ self.assertNotEqual(resp1_desc, resp2_desc)
+
+ resp, body = self.v3_client.get_project(project['id'])
+ resp3_desc = body['description']
+
+ self.assertNotEqual(resp1_desc, resp3_desc)
+ self.assertEqual(p_desc, resp1_desc)
+ self.assertEqual(resp2_desc, resp3_desc)
+
+ @attr(type='gate')
+ def test_project_update_enable(self):
+ # Update the enabled attribute of a project
+ p_name = rand_name('project-')
+ p_en = False
+ resp, project = self.v3_client.create_project(p_name, enabled=p_en)
+ self.v3data.projects.append(project)
+
+ resp1_en = project['enabled']
+
+ p_en2 = True
+ resp, body = self.v3_client.update_project(
+ project['id'], enabled=p_en2)
+ st2 = resp['status']
+ resp2_en = body['enabled']
+ self.assertEqual(st2, '200')
+ self.assertNotEqual(resp1_en, resp2_en)
+
+ resp, body = self.v3_client.get_project(project['id'])
+ resp3_en = body['enabled']
+
+ self.assertNotEqual(resp1_en, resp3_en)
+ self.assertEqual('false', str(resp1_en).lower())
+ self.assertEqual(resp2_en, resp3_en)
+
+ @attr(type='gate')
+ def test_associate_user_to_project(self):
+ #Associate a user to a project
+ #Create a Project
+ p_name = rand_name('project-')
+ resp, project = self.v3_client.create_project(p_name)
+ self.v3data.projects.append(project)
+
+ #Create a User
+ u_name = rand_name('user-')
+ u_desc = u_name + 'description'
+ u_email = u_name + '@testmail.tm'
+ u_password = rand_name('pass-')
+ resp, user = self.v3_client.create_user(
+ u_name, description=u_desc, password=u_password,
+ email=u_email, project_id=project['id'])
+ self.assertEqual(resp['status'], '201')
+ # Delete the User at the end of this method
+ self.addCleanup(self.v3_client.delete_user, user['id'])
+
+ # Get User To validate the user details
+ resp, new_user_get = self.v3_client.get_user(user['id'])
+ #Assert response body of GET
+ self.assertEqual(u_name, new_user_get['name'])
+ self.assertEqual(u_desc, new_user_get['description'])
+ self.assertEqual(project['id'],
+ new_user_get['project_id'])
+ self.assertEqual(u_email, new_user_get['email'])
+
+ @attr(type=['negative', 'gate'])
+ def test_list_projects_by_unauthorized_user(self):
+ # Non-admin user should not be able to list projects
+ self.assertRaises(exceptions.Unauthorized,
+ self.v3_non_admin_client.list_projects)
+
+ @attr(type=['negative', 'gate'])
+ def test_project_create_duplicate(self):
+ # Project names should be unique
+ project_name = rand_name('project-dup-')
+ resp, project = self.v3_client.create_project(project_name)
+ self.v3data.projects.append(project)
+
+ self.assertRaises(
+ exceptions.Duplicate, self.v3_client.create_project, project_name)
+
+ @attr(type=['negative', 'gate'])
+ def test_create_project_by_unauthorized_user(self):
+ # Non-admin user should not be authorized to create a project
+ project_name = rand_name('project-')
+ self.assertRaises(
+ exceptions.Unauthorized, self.v3_non_admin_client.create_project,
+ project_name)
+
+ @attr(type=['negative', 'gate'])
+ def test_create_project_with_empty_name(self):
+ # Project name should not be empty
+ self.assertRaises(exceptions.BadRequest, self.v3_client.create_project,
+ name='')
+
+ @attr(type=['negative', 'gate'])
+ def test_create_projects_name_length_over_64(self):
+ # Project name length should not be greater than 64 characters
+ project_name = 'a' * 65
+ self.assertRaises(exceptions.BadRequest, self.v3_client.create_project,
+ project_name)
+
+ @attr(type=['negative', 'gate'])
+ def test_project_delete_by_unauthorized_user(self):
+ # Non-admin user should not be able to delete a project
+ project_name = rand_name('project-')
+ resp, project = self.v3_client.create_project(project_name)
+ self.v3data.projects.append(project)
+ self.assertRaises(
+ exceptions.Unauthorized, self.v3_non_admin_client.delete_project,
+ project['id'])
+
+ @attr(type=['negative', 'gate'])
+ def test_delete_non_existent_project(self):
+ # Attempt to delete a non existent project should fail
+ self.assertRaises(exceptions.NotFound, self.v3_client.delete_project,
+ 'junk_Project_123456abc')
+
+
+class ProjectsTestXML(ProjectsTestJSON):
+ _interface = 'xml'
diff --git a/tempest/api/identity/base.py b/tempest/api/identity/base.py
index 2a168de..9c95c4d 100644
--- a/tempest/api/identity/base.py
+++ b/tempest/api/identity/base.py
@@ -40,13 +40,16 @@
raise cls.skipException("Admin extensions disabled")
cls.data = DataGenerator(cls.client)
+ cls.v3data = DataGenerator(cls.v3_client)
os = clients.Manager(interface=cls._interface)
cls.non_admin_client = os.identity_client
+ cls.v3_non_admin_client = os.identity_v3_client
@classmethod
def tearDownClass(cls):
cls.data.teardown_all()
+ cls.v3data.teardown_all()
super(BaseIdentityAdminTest, cls).tearDownClass()
def disable_user(self, user_name):
@@ -84,6 +87,9 @@
self.tenants = []
self.roles = []
self.role_name = None
+ self.v3_users = []
+ self.projects = []
+ self.v3_roles = []
def setup_test_user(self):
"""Set up a test user."""
@@ -112,6 +118,33 @@
resp, self.role = self.client.create_role(self.test_role)
self.roles.append(self.role)
+ def setup_test_v3_user(self):
+ """Set up a test v3 user."""
+ self.setup_test_project()
+ self.test_user = rand_name('test_user_')
+ self.test_password = rand_name('pass_')
+ self.test_email = self.test_user + '@testmail.tm'
+ resp, self.v3_user = self.client.create_user(self.test_user,
+ self.test_password,
+ self.project['id'],
+ self.test_email)
+ self.v3_users.append(self.v3_user)
+
+ def setup_test_project(self):
+ """Set up a test project."""
+ self.test_project = rand_name('test_project_')
+ self.test_description = rand_name('desc_')
+ resp, self.project = self.client.create_project(
+ name=self.test_project,
+ description=self.test_description)
+ self.projects.append(self.project)
+
+ def setup_test_v3_role(self):
+ """Set up a test v3 role."""
+ self.test_role = rand_name('role')
+ resp, self.v3_role = self.client.create_role(self.test_role)
+ self.v3_roles.append(self.v3_role)
+
def teardown_all(self):
for user in self.users:
self.client.delete_user(user['id'])
@@ -119,3 +152,9 @@
self.client.delete_tenant(tenant['id'])
for role in self.roles:
self.client.delete_role(role['id'])
+ for v3_user in self.v3_users:
+ self.client.delete_user(v3_user['id'])
+ for v3_project in self.projects:
+ self.client.delete_project(v3_project['id'])
+ for v3_role in self.v3_roles:
+ self.client.delete_role(v3_role['id'])
diff --git a/tempest/services/identity/v3/json/identity_client.py b/tempest/services/identity/v3/json/identity_client.py
index 0a56e84..ec99d37 100644
--- a/tempest/services/identity/v3/json/identity_client.py
+++ b/tempest/services/identity/v3/json/identity_client.py
@@ -123,6 +123,30 @@
body = json.loads(body)
return resp, body['project']
+ def list_projects(self):
+ resp, body = self.get("projects")
+ body = json.loads(body)
+ return resp, body['projects']
+
+ def update_project(self, project_id, **kwargs):
+ resp, body = self.get_project(project_id)
+ name = kwargs.get('name', body['name'])
+ desc = kwargs.get('description', body['description'])
+ en = kwargs.get('enabled', body['enabled'])
+ domain_id = kwargs.get('domain_id', body['domain_id'])
+ post_body = {
+ 'id': project_id,
+ 'name': name,
+ 'description': desc,
+ 'enabled': en,
+ 'domain_id': domain_id,
+ }
+ post_body = json.dumps({'project': post_body})
+ resp, body = self.patch('projects/%s' % project_id, post_body,
+ self.headers)
+ body = json.loads(body)
+ return resp, body['project']
+
def get_project(self, project_id):
"""GET a Project."""
resp, body = self.get("projects/%s" % project_id)
diff --git a/tempest/services/identity/v3/xml/identity_client.py b/tempest/services/identity/v3/xml/identity_client.py
index 03e06dc..3fffc1f 100644
--- a/tempest/services/identity/v3/xml/identity_client.py
+++ b/tempest/services/identity/v3/xml/identity_client.py
@@ -163,6 +163,31 @@
body = self._parse_body(etree.fromstring(body))
return resp, body
+ def list_projects(self):
+ """Get the list of projects."""
+ resp, body = self.get("projects", self.headers)
+ body = self._parse_projects(etree.fromstring(body))
+ return resp, body
+
+ def update_project(self, project_id, **kwargs):
+ """Updates a Project."""
+ resp, body = self.get_project(project_id)
+ name = kwargs.get('name', body['name'])
+ desc = kwargs.get('description', body['description'])
+ en = kwargs.get('enabled', body['enabled'])
+ domain_id = kwargs.get('domain_id', body['domain_id'])
+ post_body = Element("project",
+ xmlns=XMLNS,
+ name=name,
+ description=desc,
+ enabled=str(en).lower(),
+ domain_id=domain_id)
+ resp, body = self.patch('projects/%s' % project_id,
+ str(Document(post_body)),
+ self.headers)
+ body = self._parse_body(etree.fromstring(body))
+ return resp, body
+
def get_project(self, project_id):
"""GET a Project."""
resp, body = self.get("projects/%s" % project_id, self.headers)