def _create_projects(self): self.p1 = utils.create_project(self.admin_client, 'p1', self.d1.id) utils.grant_project_role(self.admin_client, self.admin_role.id, self.admin.id, self.p1.id) self.p2 = utils.create_project(self.admin_client, 'p2', self.d1.id) utils.grant_project_role(self.admin_client, self.admin_role.id, self.admin.id, self.p2.id)
def test_grant_user_role_in_project(self): test1 = self._create_test_user('test1', self.p1, self.d1) with self.assertRaises(Exception): utils.grant_project_role(self.client, self.member_role.id, test1.id, self.p1.id) self._delete_test_user(test1)
def test_grant_user_role_in_project(self): test1 = self._create_test_user('test1', self.p1, self.d1) try: utils.grant_project_role(self.client, self.member_role.id, test1.id, self.p1.id) except: self.fail('Unexpected exception raised: ' 'utils.grant_project_role(self.client,' 'self.member_role.id, test1.id, self.p1.id)') self._delete_test_user(test1)
def _grant_roles(self): # p1 utils.grant_project_role(self.admin_client, self.admin_role.id, self.p1admin.id, self.p1.id) utils.grant_project_role(self.admin_client, self.member_role.id, self.p1member.id, self.p1.id) utils.grant_group_project_role(self.admin_client, self.member_role.id, self.g1.id, self.p1.id) # p2 utils.grant_project_role(self.admin_client, self.admin_role.id, self.p2admin.id, self.p2.id) utils.grant_project_role(self.admin_client, self.member_role.id, self.p2member.id, self.p2.id) utils.grant_group_project_role(self.admin_client, self.member_role.id, self.g2.id, self.p2.id) # d1 utils.grant_domain_role(self.admin_client, self.admin_role.id, self.d1admin.id, self.d1.id) utils.grant_domain_role(self.admin_client, self.admin_role.id, self.d1member.id, self.d1.id) utils.grant_domain_role(self.admin_client, self.member_role.id, self.p1admin.id, self.d1.id) utils.grant_domain_role(self.admin_client, self.member_role.id, self.p2admin.id, self.d2.id) utils.grant_domain_role(self.admin_client, self.member_role.id, self.p1member.id, self.d1.id) utils.grant_domain_role(self.admin_client, self.member_role.id, self.p2member.id, self.d2.id)
def _create_projects(self): self.p1 = utils.create_project(self.admin_client, 'p1', self.d1.id) utils.grant_project_role(self.admin_client, self.admin_role.id, self.admin.id, self.p1.id) utils.grant_project_role(self.admin_client, self.cloud_admin_role.id, self.admin.id, self.p1.id) self.p2 = utils.create_project(self.admin_client, 'p2', self.d1.id) utils.grant_project_role(self.admin_client, self.admin_role.id, self.admin.id, self.p2.id) utils.grant_project_role(self.admin_client, self.cloud_admin_role.id, self.admin.id, self.p2.id)
def test_grant_user_role_in_project(self): test1 = self._create_test_user('test1', self.p1, self.d1) test2 = self._create_test_user('test2', self.p2, self.d1) # AUTHORIZED try: utils.grant_project_role(self.client, self.member_role.id, test1.id, self.p1.id) except: self.fail('Unexpected exception raised: ' 'utils.grant_project_role(self.client,' 'self.member_role.id, test1.id, self.p1.id)') # NOT AUTHORIZED with self.assertRaises(Exception): utils.grant_project_role(self.client, self.member_role.id, test2.id, self.p2.id) self._delete_test_user(test1) self._delete_test_user(test2)
def _grant_roles(self): # p1 utils.grant_project_role(self.admin_client, self.project_admin_role.id, self.p1admin.id, self.p1.id) utils.grant_project_role(self.admin_client, self.project_member_role.id, self.p1member.id, self.p1.id) utils.grant_group_project_role(self.admin_client, self.project_member_role.id, self.g1.id, self.p1.id) # p2 utils.grant_project_role(self.admin_client, self.project_admin_role.id, self.p2admin.id, self.p2.id) utils.grant_project_role(self.admin_client, self.project_member_role.id, self.p2member.id, self.p2.id) utils.grant_group_project_role(self.admin_client, self.project_member_role.id, self.g2.id, self.p2.id) # d1 utils.grant_domain_role(self.admin_client, self.domain_admin_role.id, self.d1admin.id, self.d1.id) utils.grant_domain_role(self.admin_client, self.member_role.id, self.d1member.id, self.d1.id) utils.grant_domain_role(self.admin_client, self.member_role.id, self.p1admin.id, self.d1.id) utils.grant_domain_role(self.admin_client, self.member_role.id, self.p2admin.id, self.d2.id) utils.grant_domain_role(self.admin_client, self.member_role.id, self.p1member.id, self.d1.id) utils.grant_domain_role(self.admin_client, self.member_role.id, self.p2member.id, self.d2.id)
and domain_id:cloud_admin_domain_id", """ # Regular admin login admin_client = utils.create_client('admin', 'admin', 'admin', 'Default', 'Default', 'http://*****:*****@example.com', admin_project.id, admin_domain.id) # Create cloud_admin role (admin in this case) admin_role = utils.create_role(admin_client, 'admin') # Grant roles at cloud_admin_domain and cloud_admin_project utils.grant_project_role(admin_client, admin_role.id, cloud_admin.id, admin_project.id) utils.grant_domain_role(admin_client, admin_role.id, cloud_admin.id, admin_domain.id) # Print cloud_admin_domain id to be used at domain_id rule print admin_domain.id
'Default', 'Default', 'http://*****:*****@example.com', admin_project.id, admin_domain.id) # Create cloud_admin role (admin in this case) admin_role = utils.create_role(admin_client, 'admin') # Grant roles at cloud_admin_domain and cloud_admin_project utils.grant_project_role(admin_client, admin_role.id, cloud_admin.id, admin_project.id) utils.grant_domain_role(admin_client, admin_role.id, cloud_admin.id, admin_domain.id) # Print cloud_admin_domain id to be used at domain_id rule print admin_domain.id