Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / packaging / sources / tempest / a4cfe0c92cc308ccbede29b1d782036d83b97795 / . / tempest / services / identity / json / identity_client.py
blob: 99b40367d27d9602addc3d8f11b1d36ea214c69f [file] [log] [blame]
Sean Dague556add52013-07-19 14:28:44 -0400[diff] [blame]1# Licensed under the Apache License, Version 2.0 (the "License"); you may
2# not use this file except in compliance with the License. You may obtain
3# a copy of the License at
4#
5# http://www.apache.org/licenses/LICENSE-2.0
6#
7# Unless required by applicable law or agreed to in writing, software
8# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
9# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
10# License for the specific language governing permissions and limitations
11# under the License.
12
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]13import json
14
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]15from tempest.common import rest_client
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]16from tempest import config
Matthew Treinisha83a16e2012-12-07 13:44:02 -0500[diff] [blame]17from tempest import exceptions
18
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]19CONF = config.CONF
20
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]21
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]22class IdentityClientJSON(rest_client.RestClient):
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]23
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]24 def __init__(self, auth_provider):
25 super(IdentityClientJSON, self).__init__(auth_provider)
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]26 self.service = CONF.identity.catalog_type
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]27 self.endpoint_url = 'adminURL'
28
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]29 # Needed for xml service client
30 self.list_tags = ["roles", "tenants", "users", "services"]
31
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]32 def has_admin_extensions(self):
33 """
34 Returns True if the KSADM Admin Extensions are supported
35 False otherwise
36 """
37 if hasattr(self, '_has_admin_extensions'):
38 return self._has_admin_extensions
39 resp, body = self.list_roles()
40 self._has_admin_extensions = ('status' in resp and resp.status != 503)
41 return self._has_admin_extensions
42
43 def create_role(self, name):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]44 """Create a role."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]45 post_body = {
46 'name': name,
47 }
48 post_body = json.dumps({'role': post_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]49 resp, body = self.post('OS-KSADM/roles', post_body)
50 return resp, self._parse_resp(body)
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]51
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]52 def create_tenant(self, name, **kwargs):
53 """
54 Create a tenant
55 name (required): New tenant name
56 description: Description of new tenant (default is none)
57 enabled <true|false>: Initial tenant status (default is true)
58 """
59 post_body = {
60 'name': name,
61 'description': kwargs.get('description', ''),
Gordon Chungad873602013-02-18 19:26:27 -0500[diff] [blame]62 'enabled': kwargs.get('enabled', True),
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]63 }
64 post_body = json.dumps({'tenant': post_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]65 resp, body = self.post('tenants', post_body)
66 return resp, self._parse_resp(body)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]67
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]68 def delete_role(self, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]69 """Delete a role."""
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]70 return self.delete('OS-KSADM/roles/%s' % str(role_id))
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]71
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]72 def list_user_roles(self, tenant_id, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]73 """Returns a list of roles assigned to a user for a tenant."""
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]74 url = '/tenants/%s/users/%s/roles' % (tenant_id, user_id)
75 resp, body = self.get(url)
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]76 return resp, self._parse_resp(body)
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]77
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]78 def assign_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]79 """Add roles to a user on a tenant."""
Zhongyue Luoe0884a32012-09-25 17:24:17 +0800[diff] [blame]80 resp, body = self.put('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]81 (tenant_id, user_id, role_id), "")
82 return resp, self._parse_resp(body)
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]83
rajalakshmi-ganesan8ba945e2012-08-01 15:43:19 +0530[diff] [blame]84 def remove_user_role(self, tenant_id, user_id, role_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]85 """Removes a role assignment for a user on a tenant."""
Zhongyue Luo79d8d362012-09-25 13:49:27 +0800[diff] [blame]86 return self.delete('/tenants/%s/users/%s/roles/OS-KSADM/%s' %
87 (tenant_id, user_id, role_id))
Rohit Karajgi69e80a02012-05-15 03:54:04 -0700[diff] [blame]88
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]89 def delete_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]90 """Delete a tenant."""
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]91 return self.delete('tenants/%s' % str(tenant_id))
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]92
93 def get_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]94 """Get tenant details."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]95 resp, body = self.get('tenants/%s' % str(tenant_id))
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]96 return resp, self._parse_resp(body)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]97
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]98 def list_roles(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]99 """Returns roles."""
chris fattarsi8ed39ac2012-04-30 14:11:27 -0700[diff] [blame]100 resp, body = self.get('OS-KSADM/roles')
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]101 return resp, self._parse_resp(body)
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]102
103 def list_tenants(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]104 """Returns tenants."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]105 resp, body = self.get('tenants')
106 body = json.loads(body)
107 return resp, body['tenants']
108
Dan Smithd6ff6b72012-08-23 10:29:41 -0700[diff] [blame]109 def get_tenant_by_name(self, tenant_name):
110 resp, tenants = self.list_tenants()
111 for tenant in tenants:
112 if tenant['name'] == tenant_name:
113 return tenant
114 raise exceptions.NotFound('No such tenant')
115
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]116 def update_tenant(self, tenant_id, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]117 """Updates a tenant."""
chris fattarsi9ba7b0e2012-05-07 13:55:51 -0700[diff] [blame]118 resp, body = self.get_tenant(tenant_id)
119 name = kwargs.get('name', body['name'])
120 desc = kwargs.get('description', body['description'])
121 en = kwargs.get('enabled', body['enabled'])
122 post_body = {
123 'id': tenant_id,
124 'name': name,
125 'description': desc,
126 'enabled': en,
127 }
128 post_body = json.dumps({'tenant': post_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]129 resp, body = self.post('tenants/%s' % tenant_id, post_body)
130 return resp, self._parse_resp(body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]131
huangtianhuafc8db4f2013-10-08 12:05:58 +0800[diff] [blame]132 def create_user(self, name, password, tenant_id, email, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]133 """Create a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]134 post_body = {
135 'name': name,
136 'password': password,
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]137 'email': email
138 }
Brant Knudsona4cfe0c2014-03-15 09:36:45 -0500[diff] [blame^]139 if tenant_id is not None:
140 post_body['tenantId'] = tenant_id
huangtianhuafc8db4f2013-10-08 12:05:58 +0800[diff] [blame]141 if kwargs.get('enabled') is not None:
142 post_body['enabled'] = kwargs.get('enabled')
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]143 post_body = json.dumps({'user': post_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]144 resp, body = self.post('users', post_body)
145 return resp, self._parse_resp(body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]146
Chang Bo Guob36b2f12013-09-13 04:52:00 -0700[diff] [blame]147 def update_user(self, user_id, **kwargs):
148 """Updates a user."""
149 put_body = json.dumps({'user': kwargs})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]150 resp, body = self.put('users/%s' % user_id, put_body)
151 return resp, self._parse_resp(body)
Chang Bo Guob36b2f12013-09-13 04:52:00 -0700[diff] [blame]152
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]153 def get_user(self, user_id):
154 """GET a user."""
155 resp, body = self.get("users/%s" % user_id)
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]156 return resp, self._parse_resp(body)
rajalakshmi-ganesan7312bb52013-01-29 20:03:42 +0530[diff] [blame]157
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]158 def delete_user(self, user_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]159 """Delete a user."""
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]160 return self.delete("users/%s" % user_id)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]161
162 def get_users(self):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]163 """Get the list of users."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]164 resp, body = self.get("users")
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]165 return resp, self._parse_resp(body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]166
167 def enable_disable_user(self, user_id, enabled):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]168 """Enables or disables a user."""
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]169 put_body = {
Sean Dague14c68182013-04-14 15:34:30 -0400[diff] [blame]170 'enabled': enabled
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]171 }
172 put_body = json.dumps({'user': put_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]173 resp, body = self.put('users/%s/enabled' % user_id, put_body)
174 return resp, self._parse_resp(body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]175
Zhi Kun Liu30caeae2014-02-26 15:30:24 +0800[diff] [blame]176 def get_token(self, token_id):
177 """Get token details."""
178 resp, body = self.get("tokens/%s" % token_id)
179 return resp, self._parse_resp(body)
180
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]181 def delete_token(self, token_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]182 """Delete a token."""
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]183 return self.delete("tokens/%s" % token_id)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]184
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]185 def list_users_for_tenant(self, tenant_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]186 """List users for a Tenant."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]187 resp, body = self.get('/tenants/%s/users' % tenant_id)
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]188 return resp, self._parse_resp(body)
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]189
Dan Smithd6ff6b72012-08-23 10:29:41 -0700[diff] [blame]190 def get_user_by_username(self, tenant_id, username):
191 resp, users = self.list_users_for_tenant(tenant_id)
192 for user in users:
193 if user['name'] == username:
194 return user
195 raise exceptions.NotFound('No such user')
196
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]197 def create_service(self, name, type, **kwargs):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]198 """Create a service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]199 post_body = {
Zhongyue Luoa1343de2013-01-04 16:21:35 +0800[diff] [blame]200 'name': name,
201 'type': type,
202 'description': kwargs.get('description')
203 }
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]204 post_body = json.dumps({'OS-KSADM:service': post_body})
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]205 resp, body = self.post('/OS-KSADM/services', post_body)
206 return resp, self._parse_resp(body)
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]207
208 def get_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]209 """Get Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]210 url = '/OS-KSADM/services/%s' % service_id
211 resp, body = self.get(url)
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]212 return resp, self._parse_resp(body)
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]213
umamohanb51ad002013-01-24 18:13:15 +0000[diff] [blame]214 def list_services(self):
215 """List Service - Returns Services."""
216 resp, body = self.get('/OS-KSADM/services/')
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]217 return resp, self._parse_resp(body)
umamohanb51ad002013-01-24 18:13:15 +0000[diff] [blame]218
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]219 def delete_service(self, service_id):
Sean Daguef237ccb2013-01-04 15:19:14 -0500[diff] [blame]220 """Delete Service."""
rajalakshmi-ganesanefc8bd72012-05-30 17:52:11 +0530[diff] [blame]221 url = '/OS-KSADM/services/%s' % service_id
222 return self.delete(url)
223
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]224
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]225class TokenClientJSON(IdentityClientJSON):
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]226
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]227 def __init__(self):
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]228 super(TokenClientJSON, self).__init__(None)
Matthew Treinish684d8992014-01-30 16:27:40 +0000[diff] [blame]229 auth_url = CONF.identity.uri
Jay Pipes7c88eb22013-01-16 21:32:43 -0500[diff] [blame]230
Jay Pipes7c88eb22013-01-16 21:32:43 -0500[diff] [blame]231 # Normalize URI to ensure /tokens is in it.
232 if 'tokens' not in auth_url:
233 auth_url = auth_url.rstrip('/') + '/tokens'
234
235 self.auth_url = auth_url
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]236
Brant Knudsona4cfe0c2014-03-15 09:36:45 -0500[diff] [blame^]237 def auth(self, user, password, tenant=None):
Zhongyue Luo30a563f2012-09-30 23:43:50 +0900[diff] [blame]238 creds = {
239 'auth': {
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]240 'passwordCredentials': {
241 'username': user,
242 'password': password,
243 },
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]244 }
245 }
Brant Knudsona4cfe0c2014-03-15 09:36:45 -0500[diff] [blame^]246
247 if tenant:
248 creds['auth']['tenantName'] = tenant
249
250 body = json.dumps(creds)
251 resp, body = self.post(self.auth_url, body=body)
252
253 return resp, body['access']
254
255 def auth_token(self, token_id, tenant=None):
256 creds = {
257 'auth': {
258 'token': {
259 'id': token_id,
260 },
261 }
262 }
263
264 if tenant:
265 creds['auth']['tenantName'] = tenant
266
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]267 body = json.dumps(creds)
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]268 resp, body = self.post(self.auth_url, body=body)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]269
270 return resp, body['access']
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]271
272 def request(self, method, url, headers=None, body=None):
273 """A simple HTTP request interface."""
Zhongyue Luoe471d6e2012-09-17 17:02:43 +0800[diff] [blame]274 if headers is None:
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]275 # Always accept 'json', for TokenClientXML too.
276 # Because XML response is not easily
277 # converted to the corresponding JSON one
278 headers = self.get_headers(accept_type="json")
Attila Fazekas7b487be2013-02-12 11:14:41 +0100[diff] [blame]279 self._log_request(method, url, headers, body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]280 resp, resp_body = self.http_obj.request(url, method,
281 headers=headers, body=body)
Attila Fazekas7b487be2013-02-12 11:14:41 +0100[diff] [blame]282 self._log_response(resp, resp_body)
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]283
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]284 if resp.status in [401, 403]:
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]285 resp_body = json.loads(resp_body)
286 raise exceptions.Unauthorized(resp_body['error']['message'])
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]287 elif resp.status not in [200, 201]:
288 raise exceptions.IdentityError(
289 'Unexpected status code {0}'.format(resp.status))
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]290
vponomaryov67b58fe2014-02-06 19:05:41 +0200[diff] [blame]291 if isinstance(resp_body, str):
292 resp_body = json.loads(resp_body)
293 return resp, resp_body
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]294
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]295 def get_token(self, user, password, tenant, auth_data=False):
296 """
297 Returns (token id, token data) for supplied credentials
298 """
Rohit Karajgi6b1e1542012-05-14 05:55:54 -0700[diff] [blame]299 resp, body = self.auth(user, password, tenant)
Andrea Frittoli8bbdb162014-01-06 11:06:13 +0000[diff] [blame]300
301 if auth_data:
302 return body['token']['id'], body
303 else:
304 return body['token']['id']