X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=3rdparty%2Fmodules%2Fkeystone%2Fspec%2Funit%2Fprovider%2Fkeystone_user_role%2Fopenstack_spec.rb;h=7a88d85c3641a743218ce3991bb30aad15e36e03;hb=2dc39f2a756f82040d82cba324b21f44fad8ef3f;hp=2490adc52be37d08f0aa3d78cb3fc55f3692d98e;hpb=d4b6110c989169c702f039a4c7dc1b309685bba3;p=mirror%2Fdsa-puppet.git diff --git a/3rdparty/modules/keystone/spec/unit/provider/keystone_user_role/openstack_spec.rb b/3rdparty/modules/keystone/spec/unit/provider/keystone_user_role/openstack_spec.rb index 2490adc52..7a88d85c3 100644 --- a/3rdparty/modules/keystone/spec/unit/provider/keystone_user_role/openstack_spec.rb +++ b/3rdparty/modules/keystone/spec/unit/provider/keystone_user_role/openstack_spec.rb @@ -3,9 +3,183 @@ require 'spec_helper' require 'puppet/provider/keystone_user_role/openstack' provider_class = Puppet::Type.type(:keystone_user_role).provider(:openstack) +def user_class + Puppet::Type.type(:keystone_user).provider(:openstack) +end +def project_class + Puppet::Type.type(:keystone_tenant).provider(:openstack) +end describe provider_class do + # assumes Enabled is the last column - no quotes + def list_to_csv(thelist) + if thelist.is_a?(String) + return '' + end + str="" + thelist.each do |rec| + if rec.is_a?(String) + return '' + end + rec.each do |xx| + if xx.equal?(rec.last) + # True/False have no quotes + if xx == 'True' or xx == 'False' + str = str + xx + "\n" + else + str = str + '"' + xx + '"' + "\n" + end + else + str = str + '"' + xx + '",' + end + end + end + str + end + + def before_need_instances + provider.class.expects(:openstack).once + .with('domain', 'list', '--quiet', '--format', 'csv') + .returns('"ID","Name","Enabled","Description" +"foo_domain_id","foo_domain",True,"foo domain" +"bar_domain_id","bar_domain",True,"bar domain" +"another_domain_id","another_domain",True,"another domain" +"disabled_domain_id","disabled_domain",False,"disabled domain" +') + project_list = [['project-id-1','foo','foo_domain_id','foo project in foo domain','True'], + ['project-id-2','foo','bar_domain_id','foo project in bar domain','True'], + ['project-id-3','bar','foo_domain_id','bar project in foo domain','True'], + ['project-id-4','etc','another_domain_id','another project','True']] + + user_list_for_project = { + 'project-id-1' => [['user-id-1','foo@example.com','foo','foo_domain','foo user','foo@foo_domain','True'], + ['user-id-2','bar@example.com','foo','foo_domain','bar user','bar@foo_domain','True']], + 'project-id-2' => [['user-id-3','foo@bar.com','foo','bar_domain','foo user','foo@bar_domain','True'], + ['user-id-4','bar@bar.com','foo','bar_domain','bar user','bar@bar_domain','True']] + } + user_list_for_project.default = '' + + user_list_for_domain = { + 'foo_domain_id' => [['user-id-1','foo@example.com','foo','foo_domain','foo user','foo@foo_domain','True'], + ['user-id-2','bar@example.com','foo','foo_domain','bar user','bar@foo_domain','True']], + 'bar_domain_id' => [['user-id-3','foo@bar.com','foo','bar_domain','foo user','foo@bar_domain','True'], + ['user-id-4','bar@bar.com','foo','bar_domain','bar user','bar@bar_domain','True']] + } + user_list_for_domain.default = '' + + role_list_for_project_user = { + 'project-id-1' => { + 'user-id-1' => [['role-id-1','foo','foo','foo'], + ['role-id-2','bar','foo','foo']] + }, + 'project-id-2' => { + 'user-id-3' => [['role-id-1','foo','foo','foo'], + ['role-id-2','bar','foo','foo']] + } + } + role_list_for_project_user.default = '' + + role_list_for_domain_user = { + 'foo_domain_id' => { + 'user-id-2' => [['role-id-1','foo','foo_domain','foo'], + ['role-id-2','bar','foo_domain','foo']] + }, + 'bar_domain_id' => { + 'user-id-4' => [['role-id-1','foo','bar_domain','foo'], + ['role-id-2','bar','bar_domain','foo']] + } + } + role_list_for_project_user.default = '' + + provider.class.expects(:openstack).once + .with('project', 'list', '--quiet', '--format', 'csv', ['--long']) + .returns('"ID","Name","Domain ID","Description","Enabled"' + "\n" + list_to_csv(project_list)) + project_list.each do |rec| + csvlist = list_to_csv(user_list_for_project[rec[0]]) + provider.class.expects(:openstack) + .with('user', 'list', '--quiet', '--format', 'csv', ['--long', '--project', rec[0]]) + .returns('"ID","Name","Project","Domain","Description","Email","Enabled"' + "\n" + csvlist) + next if csvlist == '' + user_list_for_project[rec[0]].each do |urec| + csvlist = '' + if role_list_for_project_user.has_key?(rec[0]) and + role_list_for_project_user[rec[0]].has_key?(urec[0]) + csvlist = list_to_csv(role_list_for_project_user[rec[0]][urec[0]]) + end + provider.class.expects(:openstack) + .with('role', 'list', '--quiet', '--format', 'csv', ['--project', rec[0], '--user', urec[0]]) + .returns('"ID","Name","Project","User"' + "\n" + csvlist) + end + end + ['foo_domain_id', 'bar_domain_id'].each do |domid| + csvlist = list_to_csv(user_list_for_domain[domid]) + provider.class.expects(:openstack) + .with('user', 'list', '--quiet', '--format', 'csv', ['--long', '--domain', domid]) + .returns('"ID","Name","Project","Domain","Description","Email","Enabled"' + "\n" + csvlist) + next if csvlist == '' + user_list_for_domain[domid].each do |urec| + csvlist = '' + if role_list_for_domain_user.has_key?(domid) and + role_list_for_domain_user[domid].has_key?(urec[0]) + csvlist = list_to_csv(role_list_for_domain_user[domid][urec[0]]) + end + provider.class.expects(:openstack) + .with('role', 'list', '--quiet', '--format', 'csv', ['--domain', domid, '--user', urec[0]]) + .returns('"ID","Name","Domain","User"' + "\n" + csvlist) + end + end + end + + def before_common(destroy, nolist=false, instances=false) + rolelistprojectuser = [['role-id-1','foo','foo','foo'], + ['role-id-2','bar','foo','foo']] + csvlist = list_to_csv(rolelistprojectuser) + rolelistreturns = ['"ID","Name","Project","User"' + "\n" + csvlist] + nn = 1 + if destroy + rolelistreturns = [''] + nn = 1 + end + unless nolist + provider.class.expects(:openstack).times(nn) + .with('role', 'list', '--quiet', '--format', 'csv', ['--project', 'project-id-1', '--user', 'user-id-1']) + .returns(*rolelistreturns) + end + + userhash = {:id => 'user-id-1', :name => 'foo@example.com'} + usermock = user_class.new(userhash) + unless instances + usermock.expects(:exists?).with(any_parameters).returns(true) + user_class.expects(:new).twice.with(any_parameters).returns(usermock) + end + user_class.expects(:instances).with(any_parameters).returns([usermock]) + + projecthash = {:id => 'project-id-1', :name => 'foo'} + projectmock = project_class.new(projecthash) + unless instances + projectmock.expects(:exists?).with(any_parameters).returns(true) + project_class.expects(:new).with(any_parameters).returns(projectmock) + end + project_class.expects(:instances).with(any_parameters).returns([projectmock]) + end + + before :each, :default => true do + before_common(false) + end + + before :each, :destroy => true do + before_common(true) + end + + before :each, :nolist => true do + before_common(true, true) + end + + before :each, :instances => true do + before_common(true, true, true) + end + shared_examples 'authenticated with environment variables' do ENV['OS_USERNAME'] = 'test' ENV['OS_PASSWORD'] = 'abc123' @@ -31,59 +205,83 @@ describe provider_class do provider_class.new(resource) end - before(:each) do - provider.class.stubs(:openstack) - .with('user', 'list', '--quiet', '--format', 'csv', ['foo', '--project', 'foo']) - .returns('"ID","Name","Project","User" -"1cb05cfed7c24279be884ba4f6520262","foo","foo","foo" -') - end - - describe '#create' do + describe '#create', :default => true do it 'adds all the roles to the user' do - provider.class.stubs(:openstack) - .with('role', 'add', ['foo', '--project', 'foo', '--user', 'foo']) - provider.class.stubs(:openstack) - .with('role', 'add', ['bar', '--project', 'foo', '--user', 'foo']) - provider.class.stubs(:openstack) - .with('user role', 'list', '--quiet', '--format', 'csv', ['foo', '--project', 'foo']) - .returns('"ID","Name","Project","User" -"1cb05ed7c24279be884ba4f6520262","foo","foo","foo" -"2cb05ed7c24279be884ba4f6520262","bar","foo","foo" -') + provider.class.expects(:openstack) + .with('role', 'add', ['foo', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.class.expects(:openstack) + .with('role', 'add', ['bar', '--project', 'project-id-1', '--user', 'user-id-1']) provider.create expect(provider.exists?).to be_truthy end end - describe '#destroy' do + describe '#destroy', :destroy => true do it 'removes all the roles from a user' do - provider.class.stubs(:openstack) - .with('user role', 'list', '--quiet', '--format', 'csv', ['foo', '--project', 'foo']) - .returns('"ID","Name","Project","User"') - provider.class.stubs(:openstack) - .with('role', 'remove', ['foo', '--project', 'foo', '--user', 'foo']) - provider.class.stubs(:openstack) - .with('role', 'remove', ['bar', '--project', 'foo', '--user', 'foo']) + provider.instance_variable_get('@property_hash')[:roles] = ['foo', 'bar'] + provider.class.expects(:openstack) + .with('role', 'remove', ['foo', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.class.expects(:openstack) + .with('role', 'remove', ['bar', '--project', 'project-id-1', '--user', 'user-id-1']) provider.destroy expect(provider.exists?).to be_falsey end end - describe '#exists' do + describe '#exists', :default => true do subject(:response) do - provider.class.stubs(:openstack) - .with('user role', 'list', '--quiet', '--format', 'csv', ['foo', '--project', 'foo']) - .returns('"ID","Name","Project","User" -"1cb05ed7c24279be884ba4f6520262","foo","foo","foo" -') response = provider.exists? end it { is_expected.to be_truthy } end + + describe '#instances', :instances => true do + it 'finds every user role' do + provider.class.expects(:openstack) + .with('role', 'list', '--quiet', '--format', 'csv', []) + .returns('"ID","Name" +"foo-role-id","foo" +"bar-role-id","bar" +') + provider.class.expects(:openstack) + .with('role assignment', 'list', '--quiet', '--format', 'csv', []) + .returns(' +"Role","User","Group","Project","Domain" +"foo-role-id","user-id-1","","project-id-1","" +"bar-role-id","user-id-1","","project-id-1","" +') + instances = provider.class.instances + expect(instances.count).to eq(1) + expect(instances[0].name).to eq('foo@example.com@foo') + expect(instances[0].roles).to eq(['foo', 'bar']) + end + end + + describe '#roles=', :nolist => true do + let(:user_role_attrs) do + { + :name => 'foo@foo', + :ensure => 'present', + :roles => ['one', 'two'], + } + end + + it 'applies the new roles' do + provider.instance_variable_get('@property_hash')[:roles] = ['foo', 'bar'] + provider.class.expects(:openstack) + .with('role', 'remove', ['foo', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.class.expects(:openstack) + .with('role', 'remove', ['bar', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.class.expects(:openstack) + .with('role', 'add', ['one', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.class.expects(:openstack) + .with('role', 'add', ['two', '--project', 'project-id-1', '--user', 'user-id-1']) + provider.roles=(['one', 'two']) + end + end end end end