Skip to content

Commit

Permalink
Merge "Enforces the use of Credentials (part2)"
Browse files Browse the repository at this point in the history
  • Loading branch information
@openstack-gerrit
Jenkins authored and openstack-gerrit committed May 8, 2014
2 parents da54360 + 422fbdf commit 83e8fa8
Show file tree
Hide file tree
Showing 26 changed files with 209 additions and 350 deletions.
42 changes: 18 additions & 24 deletions tempest/api/compute/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,8 @@ def setUpClass(cls):
cls.set_network_resources()
super(BaseComputeTest, cls).setUpClass()

# TODO(andreaf) WE should care also for the alt_manager here
# but only once client lazy load in the manager is done
os = cls.get_client_manager()

cls.os = os
Expand Down Expand Up @@ -348,23 +350,19 @@ class BaseV2ComputeAdminTest(BaseV2ComputeTest):
@classmethod
def setUpClass(cls):
super(BaseV2ComputeAdminTest, cls).setUpClass()
admin_username = CONF.compute_admin.username
admin_password = CONF.compute_admin.password
admin_tenant = CONF.compute_admin.tenant_name
if not (admin_username and admin_password and admin_tenant):
msg = ("Missing Compute Admin API credentials "
"in configuration.")
raise cls.skipException(msg)
if (CONF.compute.allow_tenant_isolation or
cls.force_tenant_isolation is True):
creds = cls.isolated_creds.get_admin_creds()
admin_username, admin_tenant_name, admin_password = creds
cls.os_adm = clients.Manager(username=admin_username,
password=admin_password,
tenant_name=admin_tenant_name,
cls.os_adm = clients.Manager(credentials=creds,
interface=cls._interface)
else:
cls.os_adm = clients.ComputeAdminManager(interface=cls._interface)
try:
cls.os_adm = clients.ComputeAdminManager(
interface=cls._interface)
except exceptions.InvalidCredentials:
msg = ("Missing Compute Admin API credentials "
"in configuration.")
raise cls.skipException(msg)


class BaseV3ComputeTest(BaseComputeTest):
Expand All @@ -378,22 +376,18 @@ class BaseV3ComputeAdminTest(BaseV3ComputeTest):
@classmethod
def setUpClass(cls):
super(BaseV3ComputeAdminTest, cls).setUpClass()
admin_username = CONF.compute_admin.username
admin_password = CONF.compute_admin.password
admin_tenant = CONF.compute_admin.tenant_name
if not (admin_username and admin_password and admin_tenant):
msg = ("Missing Compute Admin API credentials "
"in configuration.")
raise cls.skipException(msg)
if CONF.compute.allow_tenant_isolation:
creds = cls.isolated_creds.get_admin_creds()
admin_username, admin_tenant_name, admin_password = creds
os_adm = clients.Manager(username=admin_username,
password=admin_password,
tenant_name=admin_tenant_name,
os_adm = clients.Manager(credentials=creds,
interface=cls._interface)
else:
os_adm = clients.ComputeAdminManager(interface=cls._interface)
try:
cls.os_adm = clients.ComputeAdminManager(
interface=cls._interface)
except exceptions.InvalidCredentials:
msg = ("Missing Compute Admin API credentials "
"in configuration.")
raise cls.skipException(msg)

cls.os_adm = os_adm
cls.servers_admin_client = cls.os_adm.servers_v3_client
Expand Down
5 changes: 1 addition & 4 deletions tempest/api/compute/test_authorization.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,10 +43,7 @@ def setUpClass(cls):

if CONF.compute.allow_tenant_isolation:
creds = cls.isolated_creds.get_alt_creds()
username, tenant_name, password = creds
cls.alt_manager = clients.Manager(username=username,
password=password,
tenant_name=tenant_name)
cls.alt_manager = clients.Manager(credentials=creds)
else:
# Use the alt_XXX credentials in the config file
cls.alt_manager = clients.AltManager()
Expand Down
12 changes: 8 additions & 4 deletions tempest/api/identity/admin/v3/test_trusts.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
import datetime
import re
from tempest.api.identity import base
from tempest import auth
from tempest import clients
from tempest.common.utils import data_utils
from tempest import config
Expand Down Expand Up @@ -88,10 +89,13 @@ def create_trustor_and_roles(self):
self.assertIsNotNone(self.trustee_user_id)

# Initialize a new client with the trustor credentials
os = clients.Manager(username=self.trustor_username,
password=self.trustor_password,
tenant_name=self.trustor_project_name,
interface=self._interface)
creds = auth.get_credentials(
username=self.trustor_username,
password=self.trustor_password,
tenant_name=self.trustor_project_name)
os = clients.Manager(
credentials=creds,
interface=self._interface)
self.trustor_client = os.identity_v3_client

def cleanup_user_and_roles(self):
Expand Down
9 changes: 9 additions & 0 deletions tempest/api/identity/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
# under the License.


from tempest import auth
from tempest import clients
from tempest.common.utils import data_utils
from tempest import config
Expand Down Expand Up @@ -120,6 +121,14 @@ def __init__(self, client):
self.projects = []
self.v3_roles = []

@property
def test_credentials(self):
return auth.get_credentials(username=self.test_user,
user_id=self.user['id'],
password=self.test_password,
tenant_name=self.test_tenant,
tenant_id=self.tenant['id'])

def setup_test_user(self):
"""Set up a test user."""
self.setup_test_tenant()
Expand Down
20 changes: 4 additions & 16 deletions tempest/api/image/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,11 +42,7 @@ def setUpClass(cls):
skip_msg = ("%s skipped as glance is not available" % cls.__name__)
raise cls.skipException(skip_msg)
if CONF.compute.allow_tenant_isolation:
creds = cls.isolated_creds.get_primary_creds()
username, tenant_name, password = creds
cls.os = clients.Manager(username=username,
password=password,
tenant_name=tenant_name)
cls.os = clients.Manager(cls.isolated_creds.get_primary_creds())
else:
cls.os = clients.Manager()

Expand Down Expand Up @@ -96,11 +92,7 @@ class BaseV1ImageMembersTest(BaseV1ImageTest):
def setUpClass(cls):
super(BaseV1ImageMembersTest, cls).setUpClass()
if CONF.compute.allow_tenant_isolation:
creds = cls.isolated_creds.get_alt_creds()
username, tenant_name, password = creds
cls.os_alt = clients.Manager(username=username,
password=password,
tenant_name=tenant_name)
cls.os_alt = clients.Manager(cls.isolated_creds.get_alt_creds())
cls.alt_tenant_id = cls.isolated_creds.get_alt_tenant()['id']
else:
cls.os_alt = clients.AltManager()
Expand Down Expand Up @@ -139,12 +131,8 @@ def setUpClass(cls):
super(BaseV2MemberImageTest, cls).setUpClass()
if CONF.compute.allow_tenant_isolation:
creds = cls.isolated_creds.get_alt_creds()
username, tenant_name, password = creds
cls.os_alt = clients.Manager(username=username,
password=password,
tenant_name=tenant_name,
interface=cls._interface)
cls.alt_tenant_id = cls.isolated_creds.get_alt_tenant()['id']
cls.os_alt = clients.Manager(creds)
cls.alt_tenant_id = cls.isolated_creds.get_alt_creds().tenant_id
else:
cls.os_alt = clients.AltManager()
alt_tenant_name = cls.os_alt.credentials['tenant_name']
Expand Down
4 changes: 2 additions & 2 deletions tempest/api/network/admin/test_load_balancer_admin_actions.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,9 @@ def setUpClass(cls):
cls.force_tenant_isolation = True
manager = cls.get_client_manager()
cls.client = manager.network_client
username, tenant_name, passwd = cls.isolated_creds.get_primary_creds()
primary_creds = cls.isolated_creds.get_primary_creds()
cls.tenant_id = cls.os_adm.identity_client.get_tenant_by_name(
tenant_name)['id']
primary_creds.tenant_name)['id']
cls.network = cls.create_network()
cls.subnet = cls.create_subnet(cls.network)
cls.pool = cls.create_pool(data_utils.rand_name('pool-'),
Expand Down
6 changes: 1 addition & 5 deletions tempest/api/network/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -352,11 +352,7 @@ def setUpClass(cls):
raise cls.skipException(msg)
if (CONF.compute.allow_tenant_isolation or
cls.force_tenant_isolation is True):
creds = cls.isolated_creds.get_admin_creds()
admin_username, admin_tenant_name, admin_password = creds
cls.os_adm = clients.Manager(username=admin_username,
password=admin_password,
tenant_name=admin_tenant_name,
cls.os_adm = clients.Manager(cls.isolated_creds.get_admin_creds(),
interface=cls._interface)
else:
cls.os_adm = clients.ComputeAdminManager(interface=cls._interface)
Expand Down
29 changes: 9 additions & 20 deletions tempest/api/object_storage/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,23 +38,12 @@ def setUpClass(cls):
cls.__name__, network_resources=cls.network_resources)
if CONF.compute.allow_tenant_isolation:
# Get isolated creds for normal user
creds = cls.isolated_creds.get_primary_creds()
username, tenant_name, password = creds
cls.os = clients.Manager(username=username,
password=password,
tenant_name=tenant_name)
cls.os = clients.Manager(cls.isolated_creds.get_primary_creds())
# Get isolated creds for admin user
admin_creds = cls.isolated_creds.get_admin_creds()
admin_username, admin_tenant_name, admin_password = admin_creds
cls.os_admin = clients.Manager(username=admin_username,
password=admin_password,
tenant_name=admin_tenant_name)
cls.os_admin = clients.Manager(
cls.isolated_creds.get_admin_creds())
# Get isolated creds for alt user
alt_creds = cls.isolated_creds.get_alt_creds()
alt_username, alt_tenant, alt_password = alt_creds
cls.os_alt = clients.Manager(username=alt_username,
password=alt_password,
tenant_name=alt_tenant)
cls.os_alt = clients.Manager(cls.isolated_creds.get_alt_creds())
# Add isolated users to operator role so that they can create a
# container in swift.
cls._assign_member_role()
Expand Down Expand Up @@ -92,18 +81,18 @@ def tearDownClass(cls):

@classmethod
def _assign_member_role(cls):
primary_user = cls.isolated_creds.get_primary_user()
alt_user = cls.isolated_creds.get_alt_user()
primary_creds = cls.isolated_creds.get_primary_creds()
alt_creds = cls.isolated_creds.get_alt_creds()
swift_role = CONF.object_storage.operator_role
try:
resp, roles = cls.os_admin.identity_client.list_roles()
role = next(r for r in roles if r['name'] == swift_role)
except StopIteration:
msg = "No role named %s found" % swift_role
raise exceptions.NotFound(msg)
for user in [primary_user, alt_user]:
cls.os_admin.identity_client.assign_user_role(user['tenantId'],
user['id'],
for creds in [primary_creds, alt_creds]:
cls.os_admin.identity_client.assign_user_role(creds.tenant_id,
creds.user_id,
role['id'])

@classmethod
Expand Down
5 changes: 1 addition & 4 deletions tempest/api/object_storage/test_account_quotas.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,10 +35,7 @@ def setUpClass(cls):

cls.data.setup_test_user()

cls.os_reselleradmin = clients.Manager(
cls.data.test_user,
cls.data.test_password,
cls.data.test_tenant)
cls.os_reselleradmin = clients.Manager(cls.data.test_credentials)

# Retrieve the ResellerAdmin role id
reseller_role_id = None
Expand Down
5 changes: 1 addition & 4 deletions tempest/api/object_storage/test_account_quotas_negative.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,10 +35,7 @@ def setUpClass(cls):

cls.data.setup_test_user()

cls.os_reselleradmin = clients.Manager(
cls.data.test_user,
cls.data.test_password,
cls.data.test_tenant)
cls.os_reselleradmin = clients.Manager(cls.data.test_credentials)

# Retrieve the ResellerAdmin role id
reseller_role_id = None
Expand Down
4 changes: 1 addition & 3 deletions tempest/api/object_storage/test_account_services.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,9 +67,7 @@ def test_list_no_containers(self):
self.data.setup_test_user()

os_test_user = clients.Manager(
self.data.test_user,
self.data.test_password,
self.data.test_tenant)
self.data.test_credentials)

# Retrieve the id of an operator role of object storage
test_role_id = None
Expand Down
4 changes: 1 addition & 3 deletions tempest/api/object_storage/test_account_services_negative.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,7 @@ def test_list_containers_with_non_authorized_user(self):

# create user
self.data.setup_test_user()
test_os = clients.Manager(self.data.test_user,
self.data.test_password,
self.data.test_tenant)
test_os = clients.Manager(self.data.test_credentials)
test_auth_provider = test_os.auth_provider
# Get auth for the test user
test_auth_provider.auth_data
Expand Down
4 changes: 1 addition & 3 deletions tempest/api/object_storage/test_container_acl.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,7 @@ class ObjectTestACLs(base.BaseObjectTest):
def setUpClass(cls):
super(ObjectTestACLs, cls).setUpClass()
cls.data.setup_test_user()
test_os = clients.Manager(cls.data.test_user,
cls.data.test_password,
cls.data.test_tenant)
test_os = clients.Manager(cls.data.test_credentials)
cls.test_auth_data = test_os.auth_provider.auth_data

@classmethod
Expand Down
4 changes: 1 addition & 3 deletions tempest/api/object_storage/test_container_acl_negative.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,9 +26,7 @@ class ObjectACLsNegativeTest(base.BaseObjectTest):
def setUpClass(cls):
super(ObjectACLsNegativeTest, cls).setUpClass()
cls.data.setup_test_user()
test_os = clients.Manager(cls.data.test_user,
cls.data.test_password,
cls.data.test_tenant)
test_os = clients.Manager(cls.data.test_credentials)
cls.test_auth_data = test_os.auth_provider.auth_data

@classmethod
Expand Down
5 changes: 1 addition & 4 deletions tempest/api/object_storage/test_crossdomain.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,10 +29,7 @@ def setUpClass(cls):
# endpoint and test the healthcheck feature.
cls.data.setup_test_user()

cls.os_test_user = clients.Manager(
cls.data.test_user,
cls.data.test_password,
cls.data.test_tenant)
cls.os_test_user = clients.Manager(cls.data.test_credentials)

cls.xml_start = '<?xml version="1.0"?>\n' \
'<!DOCTYPE cross-domain-policy SYSTEM ' \
Expand Down
6 changes: 1 addition & 5 deletions tempest/api/volume/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,11 +136,7 @@ def setUpClass(cls):
"in configuration.")
raise cls.skipException(msg)
if CONF.compute.allow_tenant_isolation:
creds = cls.isolated_creds.get_admin_creds()
admin_username, admin_tenant_name, admin_password = creds
cls.os_adm = clients.Manager(username=admin_username,
password=admin_password,
tenant_name=admin_tenant_name,
cls.os_adm = clients.Manager(cls.isolated_creds.get_admin_creds(),
interface=cls._interface)
else:
cls.os_adm = clients.AdminManager(interface=cls._interface)
Expand Down
14 changes: 3 additions & 11 deletions tempest/api/volume/test_volume_transfers.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,21 +32,13 @@ def setUpClass(cls):

# Add another tenant to test volume-transfer
if CONF.compute.allow_tenant_isolation:
creds = cls.isolated_creds.get_alt_creds()
username, tenant_name, password = creds
cls.os_alt = clients.Manager(username=username,
password=password,
tenant_name=tenant_name,
cls.os_alt = clients.Manager(cls.isolated_creds.get_alt_creds(),
interface=cls._interface)
cls.alt_tenant_id = cls.isolated_creds.get_alt_tenant()['id']

# Add admin tenant to cleanup resources
adm_creds = cls.isolated_creds.get_admin_creds()
admin_username, admin_tenant_name, admin_password = adm_creds
cls.os_adm = clients.Manager(username=admin_username,
password=admin_password,
tenant_name=admin_tenant_name,
cls.os_adm = clients.Manager(cls.isolated_creds.get_admin_creds(),
interface=cls._interface)

else:
cls.os_alt = clients.AltManager()
alt_tenant_name = cls.os_alt.credentials['tenant_name']
Expand Down

0 comments on commit 83e8fa8

Please sign in to comment.