# Copyright 2018 SUSE Linux GmbH # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # import datetime from unittest import mock from unittest.mock import call from osc_lib import exceptions from openstack import exceptions as sdk_exceptions from openstack.identity.v3 import ( application_credential as _application_credential, ) from openstack.identity.v3 import role as _role from openstack.test import fakes as sdk_fakes from openstackclient.identity.v3 import application_credential from openstackclient.tests.unit.identity.v3 import fakes as identity_fakes class TestApplicationCredentialCreate(identity_fakes.TestIdentityv3): columns = ( 'id', 'name', 'description', 'project_id', 'roles', 'unrestricted', 'access_rules', 'expires_at', 'secret', ) def setUp(self): super().setUp() self.roles = sdk_fakes.generate_fake_resource(_role.Role) self.application_credential = sdk_fakes.generate_fake_resource( resource_type=_application_credential.ApplicationCredential, roles=[], ) self.datalist = ( self.application_credential.id, self.application_credential.name, self.application_credential.description, self.application_credential.project_id, self.application_credential.roles, self.application_credential.unrestricted, self.application_credential.access_rules, self.application_credential.expires_at, self.application_credential.secret, ) self.identity_sdk_client.create_application_credential.return_value = ( self.application_credential ) # Get the command object to test self.cmd = application_credential.CreateApplicationCredential( self.app, None ) def test_application_credential_create_basic(self): name = self.application_credential.name arglist = [name] verifylist = [('name', self.application_credential.name)] parsed_args = self.check_parser(self.cmd, arglist, verifylist) conn = self.app.client_manager.sdk_connection user_id = conn.config.get_auth().get_user_id(conn.identity) # In base command class ShowOne in cliff, abstract method take_action() # returns a two-part tuple with a tuple of column names and a tuple of # data to be shown. columns, data = self.cmd.take_action(parsed_args) # Set expected values kwargs = { 'roles': [], 'expires_at': None, 'description': None, 'secret': None, 'unrestricted': False, 'access_rules': [], } self.identity_sdk_client.create_application_credential.assert_called_with( user_id, name, **kwargs ) self.assertEqual(self.columns, columns) self.assertEqual(self.datalist, data) def test_application_credential_create_with_options(self): name = self.application_credential.name arglist = [ name, '--secret', 'moresecuresecret', '--role', self.roles.id, '--expiration', '2024-01-01T00:00:00', '--description', 'credential for testing', ] verifylist = [ ('name', self.application_credential.name), ('secret', 'moresecuresecret'), ('role', [self.roles.id]), ('expiration', '2024-01-01T00:00:00'), ('description', 'credential for testing'), ] parsed_args = self.check_parser(self.cmd, arglist, verifylist) conn = self.app.client_manager.sdk_connection user_id = conn.config.get_auth().get_user_id(conn.identity) # In base command class ShowOne in cliff, abstract method take_action() # returns a two-part tuple with a tuple of column names and a tuple of # data to be shown. columns, data = self.cmd.take_action(parsed_args) # Set expected values kwargs = { 'roles': [{'id': self.roles.id}], 'expires_at': datetime.datetime(2024, 1, 1, 0, 0), 'description': 'credential for testing', 'secret': 'moresecuresecret', 'unrestricted': False, 'access_rules': [], } self.identity_sdk_client.create_application_credential.assert_called_with( user_id, name, **kwargs ) self.assertEqual(self.columns, columns) self.assertEqual(self.datalist, data) def test_application_credential_create_with_access_rules_string(self): name = self.application_credential.name arglist = [ name, '--access-rules', '[{"path": "/v2.1/servers", "method": "GET", "service": "compute"}]', ] verifylist = [ ('name', self.application_credential.name), ( 'access_rules', '[{"path": "/v2.1/servers", "method": "GET", "service": "compute"}]', ), ] parsed_args = self.check_parser(self.cmd, arglist, verifylist) conn = self.app.client_manager.sdk_connection user_id = conn.config.get_auth().get_user_id(conn.identity) columns, data = self.cmd.take_action(parsed_args) # Set expected values kwargs = { 'roles': [], 'expires_at': None, 'description': None, 'secret': None, 'unrestricted': False, 'access_rules': [ { "path": "/v2.1/servers", "method": "GET", "service": "compute", } ], } self.identity_sdk_client.create_application_credential.assert_called_with( user_id, name, **kwargs ) self.assertEqual(self.columns, columns) self.assertEqual(self.datalist, data) @mock.patch('openstackclient.identity.v3.application_credential.json.load') @mock.patch('openstackclient.identity.v3.application_credential.open') def test_application_credential_create_with_access_rules_file( self, _, mock_json_load ): mock_json_load.return_value = '/tmp/access_rules.json' name = self.application_credential.name arglist = [ name, '--access-rules', '/tmp/access_rules.json', ] verifylist = [ ('name', self.application_credential.name), ('access_rules', '/tmp/access_rules.json'), ] parsed_args = self.check_parser(self.cmd, arglist, verifylist) conn = self.app.client_manager.sdk_connection user_id = conn.config.get_auth().get_user_id(conn.identity) columns, data = self.cmd.take_action(parsed_args) # Set expected values kwargs = { 'roles': [], 'expires_at': None, 'description': None, 'secret': None, 'unrestricted': False, 'access_rules': '/tmp/access_rules.json', } self.identity_sdk_client.create_application_credential.assert_called_with( user_id, name, **kwargs ) self.assertEqual(self.columns, columns) self.assertEqual(self.datalist, data) class TestApplicationCredentialDelete(identity_fakes.TestIdentityv3): def setUp(self): super().setUp() self.application_credential = sdk_fakes.generate_fake_resource( resource_type=_application_credential.ApplicationCredential, roles=[], ) self.identity_sdk_client.find_application_credential.return_value = ( self.application_credential ) self.identity_sdk_client.delete_application_credential.return_value = ( None ) # Get the command object to test self.cmd = application_credential.DeleteApplicationCredential( self.app, None ) def test_application_credential_delete(self): arglist = [ self.application_credential.id, ] verifylist = [ ('application_credential', [self.application_credential.id]) ] parsed_args = self.check_parser(self.cmd, arglist, verifylist) conn = self.app.client_manager.sdk_connection user_id = conn.config.get_auth().get_user_id(conn.identity) result = self.cmd.take_action(parsed_args) self.identity_sdk_client.delete_application_credential.assert_called_with( user_id, self.application_credential.id, ) self.assertIsNone(result) def test_delete_multi_app_creds_with_exception(self): self.identity_sdk_client.find_application_credential.side_effect = [ self.application_credential, sdk_exceptions.NotFoundException, ] arglist = [ self.application_credential.id, 'nonexistent_app_cred', ] verifylist = [ ('application_credential', arglist), ] parsed_args = self.check_parser(self.cmd, arglist, verifylist) conn = self.app.client_manager.sdk_connection user_id = conn.config.get_auth().get_user_id(conn.identity) try: self.cmd.take_action(parsed_args) self.fail('CommandError should be raised.') except exceptions.CommandError as e: self.assertEqual( '1 of 2 application credentials failed to delete.', str(e) ) calls = [] for a in arglist: calls.append(call(user_id, a)) self.identity_sdk_client.find_application_credential.assert_has_calls( calls ) self.assertEqual( 2, self.identity_sdk_client.find_application_credential.call_count ) self.identity_sdk_client.delete_application_credential.assert_called_once_with( user_id, self.application_credential.id ) class TestApplicationCredentialList(identity_fakes.TestIdentityv3): def setUp(self): super().setUp() self.application_credential = sdk_fakes.generate_fake_resource( resource_type=_application_credential.ApplicationCredential, roles=[], ) self.identity_sdk_client.application_credentials.return_value = [ self.application_credential ] # Get the command object to test self.cmd = application_credential.ListApplicationCredential( self.app, None ) def test_application_credential_list(self): arglist = [] verifylist = [] parsed_args = self.check_parser(self.cmd, arglist, verifylist) conn = self.app.client_manager.sdk_connection user_id = conn.config.get_auth().get_user_id(conn.identity) # In base command class Lister in cliff, abstract method take_action() # returns a tuple containing the column names and an iterable # containing the data to be listed. columns, data = self.cmd.take_action(parsed_args) self.identity_sdk_client.application_credentials.assert_called_with( user=user_id ) collist = ( 'ID', 'Name', 'Description', 'Project ID', 'Roles', 'Unrestricted', 'Access Rules', 'Expires At', ) self.assertEqual(collist, columns) datalist = ( ( self.application_credential.id, self.application_credential.name, self.application_credential.description, self.application_credential.project_id, self.application_credential.roles, self.application_credential.unrestricted, self.application_credential.access_rules, self.application_credential.expires_at, ), ) self.assertEqual(datalist, tuple(data)) class TestApplicationCredentialShow(identity_fakes.TestIdentityv3): def setUp(self): super().setUp() self.application_credential = sdk_fakes.generate_fake_resource( resource_type=_application_credential.ApplicationCredential, roles=[], ) self.identity_sdk_client.find_application_credential.return_value = ( self.application_credential ) # Get the command object to test self.cmd = application_credential.ShowApplicationCredential( self.app, None ) def test_application_credential_show(self): arglist = [ self.application_credential.id, ] verifylist = [ ('application_credential', self.application_credential.id), ] parsed_args = self.check_parser(self.cmd, arglist, verifylist) conn = self.app.client_manager.sdk_connection user_id = conn.config.get_auth().get_user_id(conn.identity) # In base command class ShowOne in cliff, abstract method take_action() # returns a two-part tuple with a tuple of column names and a tuple of # data to be shown. columns, data = self.cmd.take_action(parsed_args) self.identity_sdk_client.find_application_credential.assert_called_with( user_id, self.application_credential.id ) collist = ( 'id', 'name', 'description', 'project_id', 'roles', 'unrestricted', 'access_rules', 'expires_at', ) self.assertEqual(collist, columns) datalist = ( self.application_credential.id, self.application_credential.name, self.application_credential.description, self.application_credential.project_id, self.application_credential.roles, self.application_credential.unrestricted, self.application_credential.access_rules, self.application_credential.expires_at, ) self.assertEqual(datalist, data)