Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / tempest / 04d40f73b7f6130adbc11d70cf74410bd0ba4775 / . / tempest / services / identity / json / identity_client.py
blob: 1ed7044bffd5ce4547ce5d1409fe24394a16d31f [file] [log] [blame]
Sean Dague556add52013-07-19 14:28:44 -0400[diff] [blame]1# Licensed under the Apache License, Version 2.0 (the "License"); you may
2# not use this file except in compliance with the License. You may obtain
3# a copy of the License at
4#
5# http://www.apache.org/licenses/LICENSE-2.0
6#
7# Unless required by applicable law or agreed to in writing, software
8# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
9# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
10# License for the specific language governing permissions and limitations
11# under the License.
12
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]13import json
14
Mate Lakat23a58a32013-08-23 02:06:22 +0100[diff] [blame]15from tempest.common import http
Matthew Treinisha83a16e2012-12-07 13:44:02 -0500[diff] [blame]16from tempest.common.rest_client import RestClient
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]17from tempest import config
Matthew Treinisha83a16e2012-12-07 13:44:02 -0500[diff] [blame]18from tempest import exceptions
19
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]20CONF = config.CONF
21
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]22
Attila Fazekas407b6db2013-01-19 12:48:36 +0100[diff] [blame]23class IdentityClientJSON(RestClient):
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]24
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]25 def __init__(self, username, password, auth_url, tenant_name=None):
26 super(IdentityClientJSON, self).__init__(username, password,
Attila Fazekas407b6db2013-01-19 12:48:36 +0100[diff] [blame]27 auth_url, tenant_name)
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]28 self.service = CONF.identity.catalog_type
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]29 self.endpoint_url = 'adminURL'
30
31 def has_admin_extensions(self):
32 """
33 Returns True if the KSADM Admin Extensions are supported
34 False otherwise
35 """
36 if hasattr(self, '_has_admin_extensions'):
37 return self._has_admin_extensions
38 resp, body = self.list_roles()
39 self._has_admin_extensions = ('status' in resp and resp.status != 503)
40 return self._has_admin_extensions
41
42 def create_role(self, name):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]43 """Create a role."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]44 post_body = {
45 'name': name,
46 }
47 post_body = json.dumps({'role': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]48 resp, body = self.post('OS-KSADM/roles', post_body, self.headers)
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]49 body = json.loads(body)
50 return resp, body['role']
51
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]52 def create_tenant(self, name, **kwargs):
53 """
54 Create a tenant
55 name (required): New tenant name
56 description: Description of new tenant (default is none)
57 enabled <true|false>: Initial tenant status (default is true)
58 """
59 post_body = {
60 'name': name,
61 'description': kwargs.get('description', ''),
Gordon Chungad873602013-02-18 19:26:27 -0500[diff] [blame]62 'enabled': kwargs.get('enabled', True),
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]63 }
64 post_body = json.dumps({'tenant': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]65 resp, body = self.post('tenants', post_body, self.headers)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]66 body = json.loads(body)
67 return resp, body['tenant']
68
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]69 def delete_role(self, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]70 """Delete a role."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]71 resp, body = self.delete('OS-KSADM/roles/%s' % str(role_id))
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]72 return resp, body
73
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]74 def list_user_roles(self, tenant_id, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]75 """Returns a list of roles assigned to a user for a tenant."""
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]76 url = '/tenants/%s/users/%s/roles' % (tenant_id, user_id)
77 resp, body = self.get(url)
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]78 body = json.loads(body)
79 return resp, body['roles']
80
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]81 def assign_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]82 """Add roles to a user on a tenant."""
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]83 post_body = json.dumps({})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]84 resp, body = self.put('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
85 (tenant_id, user_id, role_id), post_body,
86 self.headers)
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]87 body = json.loads(body)
88 return resp, body['role']
89
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]90 def remove_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]91 """Removes a role assignment for a user on a tenant."""
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]92 return self.delete('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
93 (tenant_id, user_id, role_id))
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]94
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]95 def delete_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]96 """Delete a tenant."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]97 resp, body = self.delete('tenants/%s' % str(tenant_id))
98 return resp, body
99
100 def get_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]101 """Get tenant details."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]102 resp, body = self.get('tenants/%s' % str(tenant_id))
103 body = json.loads(body)
104 return resp, body['tenant']
105
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]106 def list_roles(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]107 """Returns roles."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]108 resp, body = self.get('OS-KSADM/roles')
109 body = json.loads(body)
110 return resp, body['roles']
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]111
112 def list_tenants(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]113 """Returns tenants."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]114 resp, body = self.get('tenants')
115 body = json.loads(body)
116 return resp, body['tenants']
117
Dan Smithd6ff6b72012-08-23 10:29:41 -0700[diff] [blame]118 def get_tenant_by_name(self, tenant_name):
119 resp, tenants = self.list_tenants()
120 for tenant in tenants:
121 if tenant['name'] == tenant_name:
122 return tenant
123 raise exceptions.NotFound('No such tenant')
124
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]125 def update_tenant(self, tenant_id, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]126 """Updates a tenant."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]127 resp, body = self.get_tenant(tenant_id)
128 name = kwargs.get('name', body['name'])
129 desc = kwargs.get('description', body['description'])
130 en = kwargs.get('enabled', body['enabled'])
131 post_body = {
132 'id': tenant_id,
133 'name': name,
134 'description': desc,
135 'enabled': en,
136 }
137 post_body = json.dumps({'tenant': post_body})
138 resp, body = self.post('tenants/%s' % tenant_id, post_body,
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]139 self.headers)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]140 body = json.loads(body)
141 return resp, body['tenant']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]142
huangtianhuafc8db4f2013-10-08 12:05:58 +0800[diff] [blame]143 def create_user(self, name, password, tenant_id, email, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]144 """Create a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]145 post_body = {
146 'name': name,
147 'password': password,
148 'tenantId': tenant_id,
149 'email': email
150 }
huangtianhuafc8db4f2013-10-08 12:05:58 +0800[diff] [blame]151 if kwargs.get('enabled') is not None:
152 post_body['enabled'] = kwargs.get('enabled')
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]153 post_body = json.dumps({'user': post_body})
154 resp, body = self.post('users', post_body, self.headers)
155 body = json.loads(body)
156 return resp, body['user']
157
Chang Bo Guob36b2f12013-09-13 04:52:00 -0700[diff] [blame]158 def update_user(self, user_id, **kwargs):
159 """Updates a user."""
160 put_body = json.dumps({'user': kwargs})
161 resp, body = self.put('users/%s' % user_id, put_body,
162 self.headers)
163 body = json.loads(body)
164 return resp, body['user']
165
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]166 def get_user(self, user_id):
167 """GET a user."""
168 resp, body = self.get("users/%s" % user_id)
169 body = json.loads(body)
170 return resp, body['user']
171
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]172 def delete_user(self, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]173 """Delete a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]174 resp, body = self.delete("users/%s" % user_id)
175 return resp, body
176
177 def get_users(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]178 """Get the list of users."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]179 resp, body = self.get("users")
180 body = json.loads(body)
181 return resp, body['users']
182
183 def enable_disable_user(self, user_id, enabled):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]184 """Enables or disables a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]185 put_body = {
Sean Dague14c68182013-04-14 15:34:30 -0400[diff] [blame]186 'enabled': enabled
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]187 }
188 put_body = json.dumps({'user': put_body})
189 resp, body = self.put('users/%s/enabled' % user_id,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]190 put_body, self.headers)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]191 body = json.loads(body)
192 return resp, body
193
194 def delete_token(self, token_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]195 """Delete a token."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]196 resp, body = self.delete("tokens/%s" % token_id)
197 return resp, body
198
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]199 def list_users_for_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]200 """List users for a Tenant."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]201 resp, body = self.get('/tenants/%s/users' % tenant_id)
202 body = json.loads(body)
203 return resp, body['users']
204
Dan Smithd6ff6b72012-08-23 10:29:41 -0700[diff] [blame]205 def get_user_by_username(self, tenant_id, username):
206 resp, users = self.list_users_for_tenant(tenant_id)
207 for user in users:
208 if user['name'] == username:
209 return user
210 raise exceptions.NotFound('No such user')
211
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]212 def create_service(self, name, type, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]213 """Create a service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]214 post_body = {
Zhongyue Luoa1343de2013-01-04 16:21:35 +0800[diff] [blame]215 'name': name,
216 'type': type,
217 'description': kwargs.get('description')
218 }
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]219 post_body = json.dumps({'OS-KSADM:service': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]220 resp, body = self.post('/OS-KSADM/services', post_body, self.headers)
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]221 body = json.loads(body)
222 return resp, body['OS-KSADM:service']
223
224 def get_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]225 """Get Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]226 url = '/OS-KSADM/services/%s' % service_id
227 resp, body = self.get(url)
228 body = json.loads(body)
229 return resp, body['OS-KSADM:service']
230
umamohanb51ad002013-01-24 18:13:15 +0000[diff] [blame]231 def list_services(self):
232 """List Service - Returns Services."""
233 resp, body = self.get('/OS-KSADM/services/')
234 body = json.loads(body)
235 return resp, body['OS-KSADM:services']
236
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]237 def delete_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]238 """Delete Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]239 url = '/OS-KSADM/services/%s' % service_id
240 return self.delete(url)
241
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]242
Vincent Hou6b8a7b72012-08-25 01:24:33 +0800[diff] [blame]243class TokenClientJSON(RestClient):
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]244
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]245 def __init__(self):
246 auth_url = CONF.identity.uri
Jay Pipes7c88eb22013-01-16 21:32:43 -0500[diff] [blame]247
248 # TODO(jaypipes) Why is this all repeated code in here?
249 # Normalize URI to ensure /tokens is in it.
250 if 'tokens' not in auth_url:
251 auth_url = auth_url.rstrip('/') + '/tokens'
252
253 self.auth_url = auth_url
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]254
255 def auth(self, user, password, tenant):
Zhongyue Luo30a563f2012-09-30 23:43:50 +0900[diff] [blame]256 creds = {
257 'auth': {
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]258 'passwordCredentials': {
259 'username': user,
260 'password': password,
261 },
Zhongyue Luo30a563f2012-09-30 23:43:50 +0900[diff] [blame]262 'tenantName': tenant,
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]263 }
264 }
265 headers = {'Content-Type': 'application/json'}
266 body = json.dumps(creds)
267 resp, body = self.post(self.auth_url, headers=headers, body=body)
268 return resp, body
269
270 def request(self, method, url, headers=None, body=None):
271 """A simple HTTP request interface."""
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]272 dscv = CONF.identity.disable_ssl_certificate_validation
Mate Lakat23a58a32013-08-23 02:06:22 +0100[diff] [blame]273 self.http_obj = http.ClosingHttp(
274 disable_ssl_certificate_validation=dscv)
Zhongyue Luoe471d6e2012-09-17 17:02:43 +0800[diff] [blame]275 if headers is None:
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]276 headers = {}
277
Attila Fazekas7b487be2013-02-12 11:14:41 +0100[diff] [blame]278 self._log_request(method, url, headers, body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]279 resp, resp_body = self.http_obj.request(url, method,
280 headers=headers, body=body)
Attila Fazekas7b487be2013-02-12 11:14:41 +0100[diff] [blame]281 self._log_response(resp, resp_body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]282
283 if resp.status in (401, 403):
284 resp_body = json.loads(resp_body)
285 raise exceptions.Unauthorized(resp_body['error']['message'])
286
287 return resp, resp_body
288
289 def get_token(self, user, password, tenant):
290 resp, body = self.auth(user, password, tenant)
291 if resp['status'] != '202':
292 body = json.loads(body)
293 access = body['access']
294 token = access['token']
295 return token['id']