Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / tempest / 2c471398f23c5c007dbbbc9b3b880ce4fcab9de8 / . / tempest / services / identity / json / identity_client.py
blob: 68e7d4b42f704e201c6908d1110a1d2408a5d709 [file] [log] [blame]
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]1import httplib2
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]2import json
3
Matthew Treinisha83a16e2012-12-07 13:44:02 -0500[diff] [blame]4from tempest.common.rest_client import RestClient
5from tempest import exceptions
6
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]7
Attila Fazekas407b6db2013-01-19 12:48:36 +0100[diff] [blame]8class IdentityClientJSON(RestClient):
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]9
10 def __init__(self, config, username, password, auth_url, tenant_name=None):
Attila Fazekas407b6db2013-01-19 12:48:36 +0100[diff] [blame]11 super(IdentityClientJSON, self).__init__(config, username, password,
12 auth_url, tenant_name)
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]13 self.service = self.config.identity.catalog_type
14 self.endpoint_url = 'adminURL'
15
16 def has_admin_extensions(self):
17 """
18 Returns True if the KSADM Admin Extensions are supported
19 False otherwise
20 """
21 if hasattr(self, '_has_admin_extensions'):
22 return self._has_admin_extensions
23 resp, body = self.list_roles()
24 self._has_admin_extensions = ('status' in resp and resp.status != 503)
25 return self._has_admin_extensions
26
27 def create_role(self, name):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]28 """Create a role."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]29 post_body = {
30 'name': name,
31 }
32 post_body = json.dumps({'role': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]33 resp, body = self.post('OS-KSADM/roles', post_body, self.headers)
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]34 body = json.loads(body)
35 return resp, body['role']
36
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]37 def create_tenant(self, name, **kwargs):
38 """
39 Create a tenant
40 name (required): New tenant name
41 description: Description of new tenant (default is none)
42 enabled <true|false>: Initial tenant status (default is true)
43 """
44 post_body = {
45 'name': name,
46 'description': kwargs.get('description', ''),
47 'enabled': kwargs.get('enabled', 'true'),
48 }
49 post_body = json.dumps({'tenant': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]50 resp, body = self.post('tenants', post_body, self.headers)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]51 body = json.loads(body)
52 return resp, body['tenant']
53
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]54 def delete_role(self, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]55 """Delete a role."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]56 resp, body = self.delete('OS-KSADM/roles/%s' % str(role_id))
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]57 return resp, body
58
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]59 def list_user_roles(self, tenant_id, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]60 """Returns a list of roles assigned to a user for a tenant."""
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]61 url = '/tenants/%s/users/%s/roles' % (tenant_id, user_id)
62 resp, body = self.get(url)
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]63 body = json.loads(body)
64 return resp, body['roles']
65
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]66 def assign_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]67 """Add roles to a user on a tenant."""
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]68 post_body = json.dumps({})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]69 resp, body = self.put('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
70 (tenant_id, user_id, role_id), post_body,
71 self.headers)
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]72 body = json.loads(body)
73 return resp, body['role']
74
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]75 def remove_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]76 """Removes a role assignment for a user on a tenant."""
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]77 return self.delete('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
78 (tenant_id, user_id, role_id))
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]79
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]80 def delete_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]81 """Delete a tenant."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]82 resp, body = self.delete('tenants/%s' % str(tenant_id))
83 return resp, body
84
85 def get_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]86 """Get tenant details."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]87 resp, body = self.get('tenants/%s' % str(tenant_id))
88 body = json.loads(body)
89 return resp, body['tenant']
90
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]91 def list_roles(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]92 """Returns roles."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]93 resp, body = self.get('OS-KSADM/roles')
94 body = json.loads(body)
95 return resp, body['roles']
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]96
97 def list_tenants(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]98 """Returns tenants."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]99 resp, body = self.get('tenants')
100 body = json.loads(body)
101 return resp, body['tenants']
102
Dan Smithd6ff6b72012-08-23 10:29:41 -0700[diff] [blame]103 def get_tenant_by_name(self, tenant_name):
104 resp, tenants = self.list_tenants()
105 for tenant in tenants:
106 if tenant['name'] == tenant_name:
107 return tenant
108 raise exceptions.NotFound('No such tenant')
109
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]110 def update_tenant(self, tenant_id, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]111 """Updates a tenant."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]112 resp, body = self.get_tenant(tenant_id)
113 name = kwargs.get('name', body['name'])
114 desc = kwargs.get('description', body['description'])
115 en = kwargs.get('enabled', body['enabled'])
116 post_body = {
117 'id': tenant_id,
118 'name': name,
119 'description': desc,
120 'enabled': en,
121 }
122 post_body = json.dumps({'tenant': post_body})
123 resp, body = self.post('tenants/%s' % tenant_id, post_body,
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]124 self.headers)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]125 body = json.loads(body)
126 return resp, body['tenant']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]127
128 def create_user(self, name, password, tenant_id, email):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]129 """Create a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]130 post_body = {
131 'name': name,
132 'password': password,
133 'tenantId': tenant_id,
134 'email': email
135 }
136 post_body = json.dumps({'user': post_body})
137 resp, body = self.post('users', post_body, self.headers)
138 body = json.loads(body)
139 return resp, body['user']
140
141 def delete_user(self, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]142 """Delete a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]143 resp, body = self.delete("users/%s" % user_id)
144 return resp, body
145
146 def get_users(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]147 """Get the list of users."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]148 resp, body = self.get("users")
149 body = json.loads(body)
150 return resp, body['users']
151
152 def enable_disable_user(self, user_id, enabled):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]153 """Enables or disables a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]154 put_body = {
155 'enabled': enabled
156 }
157 put_body = json.dumps({'user': put_body})
158 resp, body = self.put('users/%s/enabled' % user_id,
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]159 put_body, self.headers)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]160 body = json.loads(body)
161 return resp, body
162
163 def delete_token(self, token_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]164 """Delete a token."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]165 resp, body = self.delete("tokens/%s" % token_id)
166 return resp, body
167
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]168 def list_users_for_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]169 """List users for a Tenant."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]170 resp, body = self.get('/tenants/%s/users' % tenant_id)
171 body = json.loads(body)
172 return resp, body['users']
173
Dan Smithd6ff6b72012-08-23 10:29:41 -0700[diff] [blame]174 def get_user_by_username(self, tenant_id, username):
175 resp, users = self.list_users_for_tenant(tenant_id)
176 for user in users:
177 if user['name'] == username:
178 return user
179 raise exceptions.NotFound('No such user')
180
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]181 def create_service(self, name, type, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]182 """Create a service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]183 post_body = {
Zhongyue Luoa1343de2013-01-04 16:21:35 +0800[diff] [blame]184 'name': name,
185 'type': type,
186 'description': kwargs.get('description')
187 }
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]188 post_body = json.dumps({'OS-KSADM:service': post_body})
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]189 resp, body = self.post('/OS-KSADM/services', post_body, self.headers)
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]190 body = json.loads(body)
191 return resp, body['OS-KSADM:service']
192
193 def get_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]194 """Get Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]195 url = '/OS-KSADM/services/%s' % service_id
196 resp, body = self.get(url)
197 body = json.loads(body)
198 return resp, body['OS-KSADM:service']
199
umamohanb51ad002013-01-24 18:13:15 +0000[diff] [blame]200 def list_services(self):
201 """List Service - Returns Services."""
202 resp, body = self.get('/OS-KSADM/services/')
203 body = json.loads(body)
204 return resp, body['OS-KSADM:services']
205
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]206 def delete_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]207 """Delete Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]208 url = '/OS-KSADM/services/%s' % service_id
209 return self.delete(url)
210
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]211
Vincent Hou6b8a7b72012-08-25 01:24:33 +0800[diff] [blame]212class TokenClientJSON(RestClient):
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]213
214 def __init__(self, config):
Jay Pipes7c88eb22013-01-16 21:32:43 -0500[diff] [blame]215 auth_url = config.identity.uri
216
217 # TODO(jaypipes) Why is this all repeated code in here?
218 # Normalize URI to ensure /tokens is in it.
219 if 'tokens' not in auth_url:
220 auth_url = auth_url.rstrip('/') + '/tokens'
221
222 self.auth_url = auth_url
Jay Pipescd8eaec2013-01-16 21:03:48 -0500[diff] [blame]223 self.config = config
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]224
225 def auth(self, user, password, tenant):
Zhongyue Luo30a563f2012-09-30 23:43:50 +0900[diff] [blame]226 creds = {
227 'auth': {
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]228 'passwordCredentials': {
229 'username': user,
230 'password': password,
231 },
Zhongyue Luo30a563f2012-09-30 23:43:50 +0900[diff] [blame]232 'tenantName': tenant,
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]233 }
234 }
235 headers = {'Content-Type': 'application/json'}
236 body = json.dumps(creds)
237 resp, body = self.post(self.auth_url, headers=headers, body=body)
238 return resp, body
239
240 def request(self, method, url, headers=None, body=None):
241 """A simple HTTP request interface."""
Jay Pipescd8eaec2013-01-16 21:03:48 -0500[diff] [blame]242 dscv = self.config.identity.disable_ssl_certificate_validation
243 self.http_obj = httplib2.Http(disable_ssl_certificate_validation=dscv)
Zhongyue Luoe471d6e2012-09-17 17:02:43 +0800[diff] [blame]244 if headers is None:
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]245 headers = {}
246
Attila Fazekas7b487be2013-02-12 11:14:41 +0100[diff] [blame]247 self._log_request(method, url, headers, body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]248 resp, resp_body = self.http_obj.request(url, method,
249 headers=headers, body=body)
Attila Fazekas7b487be2013-02-12 11:14:41 +0100[diff] [blame]250 self._log_response(resp, resp_body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]251
252 if resp.status in (401, 403):
253 resp_body = json.loads(resp_body)
254 raise exceptions.Unauthorized(resp_body['error']['message'])
255
256 return resp, resp_body
257
258 def get_token(self, user, password, tenant):
259 resp, body = self.auth(user, password, tenant)
260 if resp['status'] != '202':
261 body = json.loads(body)
262 access = body['access']
263 token = access['token']
264 return token['id']