def create_users(users):
"""Create tenants from resource definition.
Don't create the tenants if they already exist.
"""
global USERS
LOG.info("Creating users")
admin = keystone_admin()
for u in users:
try:
tenant = identity.get_tenant_by_name(admin.tenants, u['tenant'])
except lib_exc.NotFound:
LOG.error("Tenant: %s - not found" % u['tenant'])
continue
try:
identity.get_user_by_username(admin.tenants, tenant['id'],
u['name'])
LOG.warning("User '%s' already exists in this environment" %
u['name'])
except lib_exc.NotFound:
admin.users.create_user(u['name'],
u['pass'],
tenant['id'],
"%s@%s" % (u['name'], tenant['id']),
enabled=True)
def create_users(users):
"""Create tenants from resource definition.
Don't create the tenants if they already exist.
"""
global USERS
LOG.info("Creating users")
admin = keystone_admin()
for u in users:
try:
tenant = identity.get_tenant_by_name(admin.tenants, u['tenant'])
except lib_exc.NotFound:
LOG.error("Tenant: %s - not found" % u['tenant'])
continue
try:
identity.get_user_by_username(admin.tenants,
tenant['id'], u['name'])
LOG.warning("User '%s' already exists in this environment"
% u['name'])
except lib_exc.NotFound:
admin.users.create_user(
name=u['name'], password=u['pass'],
tenantId=tenant['id'],
email="%s@%s" % (u['name'], tenant['id']),
enabled=True)
def create_user_with_tenant(tenants_client, users_client, username,
password, tenant_name):
"""Create user and tenant if he doesn't exist.
Sets password even for existing user.
"""
LOG.info("Creating user '%s' with tenant '%s' and password '%s'",
username, tenant_name, password)
tenant_description = "Tenant for Tempest %s user" % username
email = "*****@*****.**" % username
# create tenant
try:
tenants_client.create_tenant(name=tenant_name,
description=tenant_description)
except exceptions.Conflict:
LOG.info("(no change) Tenant '%s' already exists", tenant_name)
tenant_id = identity.get_tenant_by_name(tenants_client, tenant_name)['id']
# create user
try:
users_client.create_user(**{'name': username, 'password': password,
'tenantId': tenant_id, 'email': email})
except exceptions.Conflict:
LOG.info("User '%s' already exists. Setting password to '%s'",
username, password)
user = identity.get_user_by_username(tenants_client, tenant_id,
username)
users_client.update_user_password(user['id'], password=password)
def create_user_with_tenant(tenants_client, users_client, username,
password, tenant_name):
"""Create user and tenant if he doesn't exist.
Sets password even for existing user.
"""
LOG.info("Creating user '%s' with tenant '%s' and password '%s'",
username, tenant_name, password)
tenant_description = "Tenant for Tempest %s user" % username
email = "*****@*****.**" % username
# create tenant
try:
tenants_client.create_tenant(tenant_name,
description=tenant_description)
except exceptions.Conflict:
LOG.info("(no change) Tenant '%s' already exists", tenant_name)
tenant_id = identity.get_tenant_by_name(tenants_client, tenant_name)['id']
# create user
try:
users_client.create_user(username, password, tenant_id, email)
except exceptions.Conflict:
LOG.info("User '%s' already exists. Setting password to '%s'",
username, password)
user = identity.get_user_by_username(tenants_client, tenant_id,
username)
users_client.update_user_password(user['id'], password=password)
def destroy_users(users):
admin = keystone_admin()
for user in users:
tenant_id = identity.get_tenant_by_name(admin.tenants,
user['tenant'])['id']
user_id = identity.get_user_by_username(admin.tenants,
tenant_id, user['name'])['id']
admin.users.delete_user(user_id)
def destroy_users(users):
admin = keystone_admin()
for user in users:
tenant_id = identity.get_tenant_by_name(admin.tenants,
user['tenant'])['id']
user_id = identity.get_user_by_username(admin.tenants, tenant_id,
user['name'])['id']
admin.users.delete_user(user_id)
def collect_users(users):
global USERS
LOG.info("Collecting users")
admin = keystone_admin()
for u in users:
tenant = identity.get_tenant_by_name(admin.tenants, u['tenant'])
u['tenant_id'] = tenant['id']
USERS[u['name']] = u
body = identity.get_user_by_username(admin.tenants,
tenant['id'], u['name'])
USERS[u['name']]['id'] = body['id']
def collect_users(users):
global USERS
LOG.info("Collecting users")
admin = keystone_admin()
for u in users:
tenant = identity.get_tenant_by_name(admin.tenants, u['tenant'])
u['tenant_id'] = tenant['id']
USERS[u['name']] = u
body = identity.get_user_by_username(admin.tenants, tenant['id'],
u['name'])
USERS[u['name']]['id'] = body['id']
def _init_admin_ids(self):
id_cl = self.admin_mgr.identity_client
tenant = identity.get_tenant_by_name(id_cl, CONF.auth.admin_tenant_name)
self.admin_tenant_id = tenant["id"]
user = identity.get_user_by_username(id_cl, self.admin_tenant_id, CONF.auth.admin_username)
self.admin_id = user["id"]
roles = id_cl.list_roles()["roles"]
for role in roles:
if role["name"] == CONF.identity.admin_role:
self.admin_role_id = role["id"]
break
def test_invite_user_new(self):
"""Test for inviting a new user."""
project_setup = self.create_project_and_owner(username_is_email=True)
new_email = uuid4().hex + "@stacktask-tempest.com"
new_password = uuid4().hex
auth = {
"name": project_setup['owner']['username'],
"password": project_setup['owner']['password'],
"project_id": project_setup['project']['id'],
"url": self.identity_utils.identity_client.base_url,
}
api.user_invite(
auth,
{"username": new_email, "email": new_email, "roles": ["Member"]}
)
tasks = api.get_tasks(auth, {}).json()
auth['user_token'] = self.identity_utils.identity_client.token
tokens = api.get_tokens(
auth,
{},
{'task_id': {"exact": tasks['tasks'][0]['uuid']}}
).json()
token = tokens['tokens'][0]['token']
api.token_submit(auth, token, {"password": new_password}).json()
# confirm user has been created
user = identity.get_user_by_username(
self.identity_utils.identity_client,
project_setup['project']['id'], new_email
)
self.add_clean_up_user(user['id'])
# and has member role:
roles = self.identity_utils.identity_client.list_user_roles(
project_setup['project']['id'], user['id'])
has_member = False
for role in roles['roles']:
if role['name'] == "Member":
has_member = True
self.assertTrue(has_member)
def _init_admin_ids(self):
id_cl = self.admin_mgr.identity_client
tenant = identity.get_tenant_by_name(id_cl,
CONF.auth.admin_tenant_name)
self.admin_tenant_id = tenant['id']
user = identity.get_user_by_username(id_cl, self.admin_tenant_id,
CONF.auth.admin_username)
self.admin_id = user['id']
roles = id_cl.list_roles()['roles']
for role in roles:
if role['name'] == CONF.identity.admin_role:
self.admin_role_id = role['id']
break
def _init_admin_ids(self):
tn_cl = self.admin_mgr.tenants_client
rl_cl = self.admin_mgr.roles_client
tenant = identity.get_tenant_by_name(tn_cl,
CONF.auth.admin_tenant_name)
self.admin_tenant_id = tenant['id']
user = identity.get_user_by_username(tn_cl, self.admin_tenant_id,
CONF.auth.admin_username)
self.admin_id = user['id']
roles = rl_cl.list_roles()['roles']
for role in roles:
if role['name'] == CONF.identity.admin_role:
self.admin_role_id = role['id']
break
def create_resources(opts, resources):
(identity_admin, tenants_admin, roles_admin, users_admin,
neutron_iso_networks, network_admin, networks_admin,
subnets_admin) = get_admin_clients(opts)
roles = roles_admin.list_roles()['roles']
for u in resources['users']:
u['role_ids'] = []
for r in u.get('roles', ()):
try:
role = filter(lambda r_: r_['name'] == r, roles)[0]
except IndexError:
msg = "Role: %s doesn't exist" % r
raise exc.InvalidConfiguration(msg)
u['role_ids'] += [role['id']]
existing = [x['name'] for x in tenants_admin.list_tenants()['tenants']]
for tenant in resources['tenants']:
if tenant not in existing:
tenants_admin.create_tenant(tenant)
else:
LOG.warning("Tenant '%s' already exists in this environment" %
tenant)
LOG.info('Tenants created')
for u in resources['users']:
try:
tenant = identity.get_tenant_by_name(tenants_admin, u['tenant'])
except tempest_lib.exceptions.NotFound:
LOG.error("Tenant: %s - not found" % u['tenant'])
continue
while True:
try:
identity.get_user_by_username(tenants_admin, tenant['id'],
u['name'])
except tempest_lib.exceptions.NotFound:
users_admin.create_user(u['name'],
u['pass'],
tenant['id'],
"%s@%s" % (u['name'], tenant['id']),
enabled=True)
break
else:
LOG.warning("User '%s' already exists in this environment. "
"New name generated" % u['name'])
u['name'] = random_user_name(opts.tag, u['prefix'])
LOG.info('Users created')
if neutron_iso_networks:
for u in resources['users']:
tenant = identity.get_tenant_by_name(tenants_admin, u['tenant'])
network_name, router_name = create_network_resources(
network_admin, networks_admin, subnets_admin, tenant['id'],
u['name'])
u['network'] = network_name
u['router'] = router_name
LOG.info('Networks created')
for u in resources['users']:
try:
tenant = identity.get_tenant_by_name(tenants_admin, u['tenant'])
except tempest_lib.exceptions.NotFound:
LOG.error("Tenant: %s - not found" % u['tenant'])
continue
try:
user = identity.get_user_by_username(tenants_admin, tenant['id'],
u['name'])
except tempest_lib.exceptions.NotFound:
LOG.error("User: %s - not found" % u['user'])
continue
for r in u['role_ids']:
try:
roles_admin.assign_user_role(tenant['id'], user['id'], r)
except tempest_lib.exceptions.Conflict:
# don't care if it's already assigned
pass
LOG.info('Roles assigned')
LOG.info('Resources deployed successfully!')
def create_resources(opts, resources):
(identity_admin, neutron_iso_networks,
network_admin, networks_admin, subnets_admin) = get_admin_clients(opts)
roles = identity_admin.list_roles()['roles']
for u in resources['users']:
u['role_ids'] = []
for r in u.get('roles', ()):
try:
role = filter(lambda r_: r_['name'] == r, roles)[0]
except IndexError:
msg = "Role: %s doesn't exist" % r
raise exc.InvalidConfiguration(msg)
u['role_ids'] += [role['id']]
existing = [x['name'] for x in identity_admin.list_tenants()['tenants']]
for tenant in resources['tenants']:
if tenant not in existing:
identity_admin.create_tenant(tenant)
else:
LOG.warn("Tenant '%s' already exists in this environment" % tenant)
LOG.info('Tenants created')
for u in resources['users']:
try:
tenant = identity.get_tenant_by_name(identity_admin, u['tenant'])
except tempest_lib.exceptions.NotFound:
LOG.error("Tenant: %s - not found" % u['tenant'])
continue
while True:
try:
identity.get_user_by_username(identity_admin,
tenant['id'], u['name'])
except tempest_lib.exceptions.NotFound:
identity_admin.create_user(
u['name'], u['pass'], tenant['id'],
"%s@%s" % (u['name'], tenant['id']),
enabled=True)
break
else:
LOG.warn("User '%s' already exists in this environment. "
"New name generated" % u['name'])
u['name'] = random_user_name(opts.tag, u['prefix'])
LOG.info('Users created')
if neutron_iso_networks:
for u in resources['users']:
tenant = identity.get_tenant_by_name(identity_admin, u['tenant'])
network_name, router_name = create_network_resources(
network_admin, networks_admin, subnets_admin, tenant['id'],
u['name'])
u['network'] = network_name
u['router'] = router_name
LOG.info('Networks created')
for u in resources['users']:
try:
tenant = identity.get_tenant_by_name(identity_admin, u['tenant'])
except tempest_lib.exceptions.NotFound:
LOG.error("Tenant: %s - not found" % u['tenant'])
continue
try:
user = identity.get_user_by_username(identity_admin,
tenant['id'], u['name'])
except tempest_lib.exceptions.NotFound:
LOG.error("User: %s - not found" % u['user'])
continue
for r in u['role_ids']:
try:
identity_admin.assign_user_role(tenant['id'], user['id'], r)
except tempest_lib.exceptions.Conflict:
# don't care if it's already assigned
pass
LOG.info('Roles assigned')
LOG.info('Resources deployed successfully!')