Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / tempest / 71ed599d57a9673ae93e0c1f02eef44cdc8b4c8b / . / tempest / tests / lib / test_credentials.py
blob: c910d6d6d90b3e4124e1d94a058e7bdae894e659 [file] [log] [blame]
Matthew Treinish9e26ca82016-02-23 11:43:20 -0500[diff] [blame]1# Copyright 2014 Hewlett-Packard Development Company, L.P.
2# All Rights Reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License"); you may
5# not use this file except in compliance with the License. You may obtain
6# a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
12# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
13# License for the specific language governing permissions and limitations
14# under the License.
15
16import copy
17
18from tempest.lib import auth
19from tempest.lib import exceptions
20from tempest.lib.services.identity.v2 import token_client as v2_client
21from tempest.lib.services.identity.v3 import token_client as v3_client
Matthew Treinishffad78a2016-04-16 14:39:52 -0400[diff] [blame]22from tempest.tests import base
Matthew Treinish9e26ca82016-02-23 11:43:20 -0500[diff] [blame]23from tempest.tests.lib import fake_identity
24
25
26class CredentialsTests(base.TestCase):
27 attributes = {}
28 credentials_class = auth.Credentials
29
30 def _get_credentials(self, attributes=None):
31 if attributes is None:
32 attributes = self.attributes
33 return self.credentials_class(**attributes)
34
35 def _check(self, credentials, credentials_class, filled):
36 # Check the right version of credentials has been returned
37 self.assertIsInstance(credentials, credentials_class)
38 # Check the id attributes are filled in
Andrea Frittoli (andreaf)52deb8b2016-05-18 19:14:22 +0100[diff] [blame]39 # NOTE(andreaf) project_* attributes are accepted as input but
40 # never set on the credentials object
Matthew Treinish9e26ca82016-02-23 11:43:20 -0500[diff] [blame]41 attributes = [x for x in credentials.ATTRIBUTES if (
Andrea Frittoli (andreaf)52deb8b2016-05-18 19:14:22 +0100[diff] [blame]42 '_id' in x and x != 'domain_id' and x != 'project_id')]
Matthew Treinish9e26ca82016-02-23 11:43:20 -0500[diff] [blame]43 for attr in attributes:
44 if filled:
45 self.assertIsNotNone(getattr(credentials, attr))
46 else:
47 self.assertIsNone(getattr(credentials, attr))
48
49 def test_create(self):
50 creds = self._get_credentials()
51 self.assertEqual(self.attributes, creds._initial)
52
53 def test_create_invalid_attr(self):
54 self.assertRaises(exceptions.InvalidCredentials,
55 self._get_credentials,
56 attributes=dict(invalid='fake'))
57
58 def test_is_valid(self):
59 creds = self._get_credentials()
60 self.assertRaises(NotImplementedError, creds.is_valid)
61
62
63class KeystoneV2CredentialsTests(CredentialsTests):
64 attributes = {
65 'username': 'fake_username',
66 'password': 'fake_password',
67 'tenant_name': 'fake_tenant_name'
68 }
69
70 identity_response = fake_identity._fake_v2_response
71 credentials_class = auth.KeystoneV2Credentials
72 tokenclient_class = v2_client.TokenClient
73 identity_version = 'v2'
74
75 def setUp(self):
76 super(KeystoneV2CredentialsTests, self).setUp()
Jordan Pittier0021c292016-03-29 21:33:34 +0200[diff] [blame]77 self.patchobject(self.tokenclient_class, 'raw_request',
78 self.identity_response)
Matthew Treinish9e26ca82016-02-23 11:43:20 -0500[diff] [blame]79
80 def _verify_credentials(self, credentials_class, creds_dict, filled=True):
81 creds = auth.get_credentials(fake_identity.FAKE_AUTH_URL,
82 fill_in=filled,
83 identity_version=self.identity_version,
84 **creds_dict)
85 self._check(creds, credentials_class, filled)
86
87 def test_get_credentials(self):
88 self._verify_credentials(credentials_class=self.credentials_class,
89 creds_dict=self.attributes)
90
91 def test_get_credentials_not_filled(self):
92 self._verify_credentials(credentials_class=self.credentials_class,
93 creds_dict=self.attributes,
94 filled=False)
95
96 def test_is_valid(self):
97 creds = self._get_credentials()
98 self.assertTrue(creds.is_valid())
99
100 def _test_is_not_valid(self, ignore_key):
101 creds = self._get_credentials()
Joe H. Rahmea72f2c62016-07-11 16:28:19 +0200[diff] [blame]102 for attr in self.attributes:
Matthew Treinish9e26ca82016-02-23 11:43:20 -0500[diff] [blame]103 if attr == ignore_key:
104 continue
105 temp_attr = getattr(creds, attr)
106 delattr(creds, attr)
107 self.assertFalse(creds.is_valid(),
108 "Credentials should be invalid without %s" % attr)
109 setattr(creds, attr, temp_attr)
110
111 def test_is_not_valid(self):
112 # NOTE(mtreinish): A KeystoneV2 credential object is valid without
113 # a tenant_name. So skip that check. See tempest.auth for the valid
114 # credential requirements
115 self._test_is_not_valid('tenant_name')
116
117 def test_reset_all_attributes(self):
118 creds = self._get_credentials()
119 initial_creds = copy.deepcopy(creds)
120 set_attr = creds.__dict__.keys()
121 missing_attr = set(creds.ATTRIBUTES).difference(set_attr)
122 # Set all unset attributes, then reset
123 for attr in missing_attr:
124 setattr(creds, attr, 'fake' + attr)
125 creds.reset()
126 # Check reset credentials are same as initial ones
127 self.assertEqual(creds, initial_creds)
128
129 def test_reset_single_attribute(self):
130 creds = self._get_credentials()
131 initial_creds = copy.deepcopy(creds)
132 set_attr = creds.__dict__.keys()
133 missing_attr = set(creds.ATTRIBUTES).difference(set_attr)
134 # Set one unset attributes, then reset
135 for attr in missing_attr:
136 setattr(creds, attr, 'fake' + attr)
137 creds.reset()
138 # Check reset credentials are same as initial ones
139 self.assertEqual(creds, initial_creds)
140
141
142class KeystoneV3CredentialsTests(KeystoneV2CredentialsTests):
143 attributes = {
144 'username': 'fake_username',
145 'password': 'fake_password',
146 'project_name': 'fake_project_name',
147 'user_domain_name': 'fake_domain_name'
148 }
149
150 credentials_class = auth.KeystoneV3Credentials
151 identity_response = fake_identity._fake_v3_response
152 tokenclient_class = v3_client.V3TokenClient
153 identity_version = 'v3'
154
155 def test_is_not_valid(self):
156 # NOTE(mtreinish) For a Keystone V3 credential object a project name
157 # is not required to be valid, so we skip that check. See tempest.auth
158 # for the valid credential requirements
159 self._test_is_not_valid('project_name')
160
161 def test_synced_attributes(self):
162 attributes = self.attributes
163 # Create V3 credentials with tenant instead of project, and user_domain
164 for attr in ['project_id', 'user_domain_id']:
165 attributes[attr] = 'fake_' + attr
166 creds = self._get_credentials(attributes)
167 self.assertEqual(creds.project_name, creds.tenant_name)
168 self.assertEqual(creds.project_id, creds.tenant_id)
169 self.assertEqual(creds.user_domain_name, creds.project_domain_name)
170 self.assertEqual(creds.user_domain_id, creds.project_domain_id)
171 # Replace user_domain with project_domain
172 del attributes['user_domain_name']
173 del attributes['user_domain_id']
174 del attributes['project_name']
175 del attributes['project_id']
176 for attr in ['project_domain_name', 'project_domain_id',
177 'tenant_name', 'tenant_id']:
178 attributes[attr] = 'fake_' + attr
179 self.assertEqual(creds.tenant_name, creds.project_name)
180 self.assertEqual(creds.tenant_id, creds.project_id)
181 self.assertEqual(creds.project_domain_name, creds.user_domain_name)
182 self.assertEqual(creds.project_domain_id, creds.user_domain_id)