コード例 #1
0
    def check_user_roles(self, roles):
        """Check if roles provided by user (or the default one) exist.

        :param roles: value returned by roles_client.list_roles
        :type roles: dict
        :return: List of the existing roles given by user (or by defaults)
        :rtype: list
        """
        roles_names = [r['name'] for r in roles['roles']]
        user_roles = self._conf.get('auth', 'tempest_roles').split(',')
        available_roles = []
        for r in user_roles:
            if r in roles_names:
                available_roles.append(r)
            else:
                LOG.debug("Provided %s role is not present in the system.", r)

        if len(available_roles) == 0:
            # try 'member' or 'Member', they might present in a system
            if 'member' in roles_names:
                self._conf.set('auth', 'tempest_roles', 'member')
            elif 'Member' in roles_names:
                self._conf.set('auth', 'tempest_roles', 'Member')
            else:
                LOG.debug("Setting auth.tempest_roles to an empty list "
                          "because none of the provided roles exists.")
                self._conf.set('auth', 'tempest_roles', "")
        return available_roles
コード例 #2
0
    def give_role_to_user(self, username, role_name, role_required=True):
        """Give the user a role in the project.

        :type username: string
        :type role_name: string
        :type role_required: boolean
        """
        project_name = self._conf.get('identity', 'project_name')
        proj_id = self.projects_client.get_project_by_name(project_name)['id']
        users = self.users_client.list_users()
        user_ids = [u['id'] for u in users['users'] if u['name'] == username]
        user_id = user_ids[0]
        roles = self.roles_client.list_roles()
        self.check_user_roles(roles)
        role_ids = [r['id'] for r in roles['roles'] if r['name'] == role_name]
        if not role_ids:
            if role_required:
                raise Exception("required role %s not found" % role_name)
            LOG.debug("%s role not required", role_name)
            return
        role_id = role_ids[0]
        try:
            self.roles_client.create_user_role_on_project(
                proj_id, user_id, role_id)
            LOG.debug("User '%s' was given the '%s' role in project '%s'",
                      username, role_name, project_name)
        except exceptions.Conflict:
            LOG.debug(
                "(no change) User '%s' already has the '%s' role in"
                " project '%s'", username, role_name, project_name)
コード例 #3
0
def load_basic_defaults(conf):
    """Load basic default options into conf file.

    :type conf: TempestConf object
    """
    LOG.debug("Setting basic default values")
    default_values = {
        "DEFAULT": [("debug", "true"), ("use_stderr", "false"),
                    ("log_file", "tempest.log")],
        "identity": [("username", "demo_tempestconf"), ("password", "secrete"),
                     ("project_name", "demo"),
                     ("alt_username", "alt_demo_tempestconf"),
                     ("alt_password", "secrete"),
                     ("alt_project_name", "alt_demo"),
                     ("disable_ssl_certificate_validation", "true")],
        "scenario": [("img_dir", "etc")],
        "auth": [("tempest_roles", "_member_"), ("admin_username", "admin"),
                 ("admin_project_name", "admin"),
                 ("admin_domain_name", "Default")],
        "object-storage": [("reseller_admin_role", "ResellerAdmin")],
        "oslo-concurrency": [("lock_path", "/tmp")],
        "compute-feature-enabled": [
            # Default deployment does not use shared storage
            ("live_migration", "false"),
            ("live_migrate_paused_instances", "true"),
            ("preserve_ports", "true")
        ],
        "network-feature-enabled": [("ipv6_subnet_attributes", "true")]
    }

    for section in default_values.keys():
        if section != "DEFAULT" and not conf.has_section(section):
            conf.add_section(section)
        for key, value in default_values[section]:
            if not conf.has_option(section, key):
                conf.set(section, key, value)