libcloud-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From to...@apache.org
Subject git commit: Rename grant_role_to_user to grant_domain_role_to_user and revoke_role_from user to revoke_domain_role_from_user and also add methods for granting and removing project roles.
Date Thu, 14 Aug 2014 17:20:24 GMT
Repository: libcloud
Updated Branches:
  refs/heads/trunk b7a6c783d -> 988b1392a


Rename grant_role_to_user to grant_domain_role_to_user and revoke_role_from user to revoke_domain_role_from_user
and also add methods for granting and removing project roles.


Project: http://git-wip-us.apache.org/repos/asf/libcloud/repo
Commit: http://git-wip-us.apache.org/repos/asf/libcloud/commit/988b1392
Tree: http://git-wip-us.apache.org/repos/asf/libcloud/tree/988b1392
Diff: http://git-wip-us.apache.org/repos/asf/libcloud/diff/988b1392

Branch: refs/heads/trunk
Commit: 988b1392a7aa061b220318f2fd85f727db2e9f61
Parents: b7a6c78
Author: Tomaz Muraus <tomaz@apache.org>
Authored: Thu Aug 14 19:16:35 2014 +0200
Committer: Tomaz Muraus <tomaz@apache.org>
Committed: Thu Aug 14 19:16:35 2014 +0200

----------------------------------------------------------------------
 libcloud/common/openstack_identity.py           | 69 ++++++++++++++++++--
 libcloud/test/common/test_openstack_identity.py | 53 ++++++++++++---
 2 files changed, 107 insertions(+), 15 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/libcloud/blob/988b1392/libcloud/common/openstack_identity.py
----------------------------------------------------------------------
diff --git a/libcloud/common/openstack_identity.py b/libcloud/common/openstack_identity.py
index d468e73..c0a3697 100644
--- a/libcloud/common/openstack_identity.py
+++ b/libcloud/common/openstack_identity.py
@@ -1087,11 +1087,14 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection):
         result = self._to_roles(data=response.object['roles'])
         return result
 
-    def grant_role_to_user(self, domain, role, user):
+    def grant_domain_role_to_user(self, domain, role, user):
         """
-        Grant role to the domain user.
+        Grant domain role to a user.
 
-        Note: This function appeats to be idempodent.
+        Note: This function appears to be idempodent.
+
+        :param domain: Domain to grant the role to.
+        :type domain: :class:`.OpenStackIdentityDomain`
 
         :param role: Role to grant.
         :type role: :class:`.OpenStackIdentityRole`
@@ -1107,15 +1110,71 @@ class OpenStackIdentity_3_0_Connection(OpenStackIdentityConnection):
         response = self.authenticated_request(path, method='PUT')
         return response.status == httplib.NO_CONTENT
 
-    def revoke_role_from_user(self, domain, user, role):
+    def revoke_domain_role_from_user(self, domain, user, role):
         """
-        Revoke role from a domain user.
+        Revoke domain role from a user.
+
+        :param domain: Domain to revoke the role from.
+        :type domain: :class:`.OpenStackIdentityDomain`
+
+        :param role: Role to revoke.
+        :type role: :class:`.OpenStackIdentityRole`
+
+        :param user: User to revoke the role from.
+        :type user: :class:`.OpenStackIdentityUser`
+
+        :return: ``True`` on success.
+        :rtype: ``bool``
         """
         path = ('/v3/domains/%s/users/%s/roles/%s' %
                 (domain.id, user.id, role.id))
         response = self.authenticated_request(path, method='DELETE')
         return response.status == httplib.NO_CONTENT
 
+    def grant_project_role_to_user(self, project, role, user):
+        """
+        Grant project role to a user.
+
+        Note: This function appeats to be idempodent.
+
+        :param project: Project to grant the role to.
+        :type project: :class:`.OpenStackIdentityDomain`
+
+        :param role: Role to grant.
+        :type role: :class:`.OpenStackIdentityRole`
+
+        :param user: User to grant the role to.
+        :type user: :class:`.OpenStackIdentityUser`
+
+        :return: ``True`` on success.
+        :rtype: ``bool``
+        """
+        path = ('/v3/projects/%s/users/%s/roles/%s' %
+                (project.id, user.id, role.id))
+        response = self.authenticated_request(path, method='PUT')
+        return response.status == httplib.NO_CONTENT
+
+    def revoke_project_role_from_user(self, project, role, user):
+        """
+        Revoke project role from a user.
+
+        :param project: Project to revoke the role from.
+        :type project: :class:`.OpenStackIdentityDomain`
+
+        :param role: Role to revoke.
+        :type role: :class:`.OpenStackIdentityRole`
+
+        :param user: User to revoke the role from.
+        :type user: :class:`.OpenStackIdentityUser`
+
+        :return: ``True`` on success.
+        :rtype: ``bool``
+        """
+        path = ('/v3/projects/%s/users/%s/roles/%s' %
+                (project.id, user.id, role.id))
+        response = self.authenticated_request(path, method='DELETE')
+        return response.status == httplib.NO_CONTENT
+
     def create_user(self, email, password, name, description=None,
                     domain_id=None, default_project_id=None, enabled=True):
         """

http://git-wip-us.apache.org/repos/asf/libcloud/blob/988b1392/libcloud/test/common/test_openstack_identity.py
----------------------------------------------------------------------
diff --git a/libcloud/test/common/test_openstack_identity.py b/libcloud/test/common/test_openstack_identity.py
index 3cbab15..1c1320e 100644
--- a/libcloud/test/common/test_openstack_identity.py
+++ b/libcloud/test/common/test_openstack_identity.py
@@ -342,24 +342,44 @@ class OpenStackIdentity_3_0_ConnectionTests(unittest.TestCase):
         self.assertEqual(user.id, 'c')
         self.assertEqual(user.name, 'test2')
 
-    def test_grant_role_to_user(self):
+    def test_grant_domain_role_to_user(self):
         domain = self.auth_instance.list_domains()[0]
         role = self.auth_instance.list_roles()[0]
         user = self.auth_instance.list_users()[0]
 
-        result = self.auth_instance.grant_role_to_user(domain=domain,
-                                                       role=role,
-                                                       user=user)
+        result = self.auth_instance.grant_domain_role_to_user(domain=domain,
+                                                              role=role,
+                                                              user=user)
         self.assertTrue(result)
 
-    def test_revoke_role_from_user(self):
+    def test_revoke_domain_role_from_user(self):
         domain = self.auth_instance.list_domains()[0]
         role = self.auth_instance.list_roles()[0]
         user = self.auth_instance.list_users()[0]
 
-        result = self.auth_instance.revoke_role_from_user(domain=domain,
-                                                          role=role,
-                                                          user=user)
+        result = self.auth_instance.revoke_domain_role_from_user(domain=domain,
+                                                                 role=role,
+                                                                 user=user)
+        self.assertTrue(result)
+
+    def test_grant_project_role_to_user(self):
+        project = self.auth_instance.list_projects()[0]
+        role = self.auth_instance.list_roles()[0]
+        user = self.auth_instance.list_users()[0]
+
+        result = self.auth_instance.grant_project_role_to_user(project=project,
+                                                               role=role,
+                                                               user=user)
+        self.assertTrue(result)
+
+    def test_revoke_project_role_from_user(self):
+        project = self.auth_instance.list_projects()[0]
+        role = self.auth_instance.list_roles()[0]
+        user = self.auth_instance.list_users()[0]
+
+        result = self.auth_instance.revoke_project_role_from_user(project=project,
+                                                                  role=role,
+                                                                  user=user)
         self.assertTrue(result)
 
 
@@ -531,12 +551,25 @@ class OpenStackIdentity_3_0_MockHttp(MockHttp):
 
     def _v3_domains_default_users_a_roles_a(self, method, url, body, headers):
         if method == 'PUT':
-            # grant role
+            # grant domain role
+            body = ''
+            return (httplib.NO_CONTENT, body, self.json_content_headers,
+                    httplib.responses[httplib.NO_CONTENT])
+        elif method == 'DELETE':
+            # revoke domain role
+            body = ''
+            return (httplib.NO_CONTENT, body, self.json_content_headers,
+                    httplib.responses[httplib.NO_CONTENT])
+        raise NotImplementedError()
+
+    def _v3_projects_a_users_a_roles_a(self, method, url, body, headers):
+        if method == 'PUT':
+            # grant project role
             body = ''
             return (httplib.NO_CONTENT, body, self.json_content_headers,
                     httplib.responses[httplib.NO_CONTENT])
         elif method == 'DELETE':
-            # revoke role
+            # revoke project role
             body = ''
             return (httplib.NO_CONTENT, body, self.json_content_headers,
                     httplib.responses[httplib.NO_CONTENT])


Mime
View raw message