def test_update_project_tenant_update_error(self):
project = self.tenants.first()
quota = self.quotas.first()
default_role = self.roles.first()
users = self.users.list()
roles = self.roles.list()
# get/init
api.tenant_get(IsA(http.HttpRequest), self.tenant.id, admin=True).AndReturn(project)
api.tenant_quota_get(IsA(http.HttpRequest), self.tenant.id).AndReturn(quota)
api.get_default_role(IsA(http.HttpRequest)).AndReturn(default_role)
api.keystone.user_list(IsA(http.HttpRequest)).AndReturn(users)
api.keystone.role_list(IsA(http.HttpRequest)).AndReturn(roles)
workflow_data = {}
for user in users:
api.roles_for_user(IsA(http.HttpRequest), user.id, self.tenant.id).AndReturn(roles)
role_ids = [role.id for role in roles]
if role_ids:
workflow_data.setdefault("role_" + role_ids[0], []).append(user.id)
# update some fields
project._info["name"] = "updated name"
project._info["description"] = "updated description"
quota.metadata_items = 444
quota.volumes = 444
updated_project = {
"tenant_name": project._info["name"],
"tenant_id": project.id,
"description": project._info["description"],
"enabled": project.enabled,
}
updated_quota = self._get_quota_info(quota)
# contribute
api.keystone.role_list(IsA(http.HttpRequest)).AndReturn(roles)
# handle
api.tenant_update(IsA(http.HttpRequest), **updated_project).AndRaise(self.exceptions.keystone)
self.mox.ReplayAll()
# submit form data
project_data = {
"name": project._info["name"],
"id": project.id,
"description": project._info["description"],
"enabled": project.enabled,
}
workflow_data.update(project_data)
workflow_data.update(updated_quota)
url = reverse("horizon:admin:projects:update", args=[self.tenant.id])
res = self.client.post(url, workflow_data)
self.assertNoFormErrors(res)
self.assertRedirectsNoFollow(res, INDEX_URL)
def __init__(self, request, *args, **kwargs):
super(UpdateProjectMembersAction, self).__init__(request,
*args,
**kwargs)
err_msg = _('Unable to retrieve user list. Please try again later.')
project_id = args[0]['project_id']
# set up the inline user creation
self.fields['new_user'] = forms.DynamicChoiceField(
required=False,
label=_("Create New User"),
add_item_link=ADD_USER_URL,
add_item_link_args=project_id)
# Get the default role
try:
default_role = api.get_default_role(self.request).id
except:
exceptions.handle(self.request,
err_msg,
redirect=reverse(INDEX_URL))
self.fields['default_role'].initial = default_role
# Get list of available users
all_users = []
try:
all_users = api.keystone.user_list(request)
except:
exceptions.handle(request, err_msg)
users_list = [(user.id, user.name) for user in all_users]
# Get list of roles
role_list = []
try:
role_list = api.keystone.role_list(request)
except:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
for role in role_list:
field_name = "role_" + role.id
label = _(role.name)
self.fields[field_name] = forms.MultipleChoiceField(required=False,
label=label)
self.fields[field_name].choices = users_list
self.fields[field_name].initial = []
# Figure out users & roles
for user in all_users:
try:
roles = api.roles_for_user(self.request, user.id, project_id)
except:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
if roles:
primary_role = roles[0].id
self.fields["role_" + primary_role].initial.append(user.id)
def test_update_project_get(self):
project = self.tenants.first()
quota = self.quotas.first()
default_role = self.roles.first()
users = self.users.list()
roles = self.roles.list()
api.tenant_get(IsA(http.HttpRequest), self.tenant.id, admin=True) \
.AndReturn(project)
api.tenant_quota_get(IsA(http.HttpRequest), self.tenant.id) \
.AndReturn(quota)
api.get_default_role(IsA(http.HttpRequest)).AndReturn(default_role)
api.keystone.user_list(IsA(http.HttpRequest)).AndReturn(users)
api.keystone.role_list(IsA(http.HttpRequest)).AndReturn(roles)
for user in users:
api.roles_for_user(IsA(http.HttpRequest),
user.id,
self.tenant.id).AndReturn(roles)
self.mox.ReplayAll()
url = reverse('horizon:syspanel:projects:update',
args=[self.tenant.id])
res = self.client.get(url)
self.assertTemplateUsed(res, 'syspanel/projects/update.html')
workflow = res.context['workflow']
self.assertEqual(res.context['workflow'].name, UpdateProject.name)
step = workflow.get_step("update_info")
self.assertEqual(step.action.initial['ram'], quota.ram)
self.assertEqual(step.action.initial['injected_files'],
quota.injected_files)
self.assertEqual(step.action.initial['name'], project.name)
self.assertEqual(step.action.initial['description'],
project.description)
self.assertQuerysetEqual(workflow.steps,
['<UpdateProjectInfo: update_info>',
'<UpdateProjectMembers: update_members>',
'<UpdateProjectQuota: update_quotas>'])
def test_update_project_get(self):
project = self.tenants.first()
quota = self.quotas.first()
default_role = self.roles.first()
users = self.users.list()
roles = self.roles.list()
api.tenant_get(IsA(http.HttpRequest), self.tenant.id, admin=True) \
.AndReturn(project)
api.tenant_quota_get(IsA(http.HttpRequest), self.tenant.id) \
.AndReturn(quota)
api.get_default_role(IsA(http.HttpRequest)).AndReturn(default_role)
api.keystone.user_list(IsA(http.HttpRequest)).AndReturn(users)
api.keystone.role_list(IsA(http.HttpRequest)).AndReturn(roles)
for user in users:
api.roles_for_user(IsA(http.HttpRequest),
user.id,
self.tenant.id).AndReturn(roles)
self.mox.ReplayAll()
url = reverse('horizon:syspanel:projects:update',
args=[self.tenant.id])
res = self.client.get(url)
self.assertTemplateUsed(res, 'syspanel/projects/update.html')
workflow = res.context['workflow']
self.assertEqual(res.context['workflow'].name, UpdateProject.name)
step = workflow.get_step("update_info")
self.assertEqual(step.action.initial['ram'], quota.ram)
self.assertEqual(step.action.initial['injected_files'],
quota.injected_files)
self.assertEqual(step.action.initial['name'], project.name)
self.assertEqual(step.action.initial['description'],
project.description)
self.assertQuerysetEqual(workflow.steps,
['<UpdateProjectInfo: update_info>',
'<UpdateProjectMembers: update_members>',
'<UpdateProjectQuota: update_quotas>'])
def test_update_project_get(self):
project = self.tenants.first()
quota = self.quotas.first()
default_role = self.roles.first()
users = self.users.list()
roles = self.roles.list()
api.tenant_get(IsA(http.HttpRequest), self.tenant.id, admin=True).AndReturn(project)
api.tenant_quota_get(IsA(http.HttpRequest), self.tenant.id).AndReturn(quota)
api.get_default_role(IsA(http.HttpRequest)).AndReturn(default_role)
api.keystone.user_list(IsA(http.HttpRequest)).AndReturn(users)
api.keystone.role_list(IsA(http.HttpRequest)).AndReturn(roles)
for user in users:
api.roles_for_user(IsA(http.HttpRequest), user.id, self.tenant.id).AndReturn(roles)
self.mox.ReplayAll()
url = reverse("horizon:admin:projects:update", args=[self.tenant.id])
res = self.client.get(url)
self.assertTemplateUsed(res, "admin/projects/update.html")
workflow = res.context["workflow"]
self.assertEqual(res.context["workflow"].name, UpdateProject.name)
step = workflow.get_step("update_info")
self.assertEqual(step.action.initial["ram"], quota.ram)
self.assertEqual(step.action.initial["injected_files"], quota.injected_files)
self.assertEqual(step.action.initial["name"], project.name)
self.assertEqual(step.action.initial["description"], project.description)
self.assertQuerysetEqual(
workflow.steps,
[
"<UpdateProjectInfo: update_info>",
"<UpdateProjectMembers: update_members>",
"<UpdateProjectQuota: update_quotas>",
],
)
def __init__(self, request, *args, **kwargs):
super(UpdateProjectMembersAction,
self).__init__(request, *args, **kwargs)
err_msg = _('Unable to retrieve user list. Please try again later.')
project_id = ''
if 'project_id' in args[0]:
project_id = args[0]['project_id']
# Get the default role
try:
default_role = api.get_default_role(self.request).id
except:
exceptions.handle(self.request,
err_msg,
redirect=reverse(INDEX_URL))
self.fields['default_role'].initial = default_role
# Get list of available users
all_users = []
try:
all_users = api.keystone.user_list(request)
except:
exceptions.handle(request, err_msg)
users_list = [(user.id, user.name) for user in all_users]
# Get list of roles
role_list = []
try:
role_list = api.keystone.role_list(request)
except:
exceptions.handle(request, err_msg, redirect=reverse(INDEX_URL))
for role in role_list:
field_name = "role_" + role.id
label = _(role.name)
self.fields[field_name] = forms.MultipleChoiceField(required=False,
label=label)
self.fields[field_name].choices = users_list
self.fields[field_name].initial = []
# Figure out users & roles
if project_id:
for user in all_users:
try:
roles = api.roles_for_user(self.request, user.id,
project_id)
except:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
if roles:
primary_role = roles[0].id
self.fields["role_" + primary_role].initial.append(user.id)
def test_update_project_post(self):
project = self.tenants.first()
quota = self.quotas.first()
default_role = self.roles.first()
users = self.users.list()
roles = self.roles.list()
current_roles = self.roles.list()
# get/init
api.tenant_get(IsA(http.HttpRequest), self.tenant.id, admin=True).AndReturn(project)
api.tenant_quota_get(IsA(http.HttpRequest), self.tenant.id).AndReturn(quota)
api.get_default_role(IsA(http.HttpRequest)).AndReturn(default_role)
api.keystone.user_list(IsA(http.HttpRequest)).AndReturn(users)
api.keystone.role_list(IsA(http.HttpRequest)).AndReturn(roles)
workflow_data = {}
for user in users:
api.roles_for_user(IsA(http.HttpRequest), user.id, self.tenant.id).AndReturn(roles)
role_ids = [role.id for role in roles]
if role_ids:
workflow_data.setdefault("role_" + role_ids[0], []).append(user.id)
# update some fields
project._info["name"] = "updated name"
project._info["description"] = "updated description"
quota.metadata_items = 444
quota.volumes = 444
updated_project = {
"tenant_name": project._info["name"],
"tenant_id": project.id,
"description": project._info["description"],
"enabled": project.enabled,
}
updated_quota = self._get_quota_info(quota)
# contribute
api.keystone.role_list(IsA(http.HttpRequest)).AndReturn(roles)
# handle
api.tenant_update(IsA(http.HttpRequest), **updated_project).AndReturn(project)
api.keystone.role_list(IsA(http.HttpRequest)).AndReturn(roles)
api.keystone.user_list(IsA(http.HttpRequest), tenant_id=self.tenant.id).AndReturn(users)
for user in users:
api.roles_for_user(IsA(http.HttpRequest), user.id, self.tenant.id).AndReturn(current_roles)
for role in roles:
if "role_" + role.id in workflow_data:
ulist = workflow_data["role_" + role.id]
if role not in current_roles:
api.add_tenant_user_role(
IsA(http.HttpRequest), tenant_id=self.tenant.id, user_id=user, role_id=role.id
)
else:
current_roles.pop(current_roles.index(role))
for to_delete in current_roles:
api.remove_tenant_user_role(
IsA(http.HttpRequest), tenant_id=self.tenant.id, user_id=user.id, role_id=to_delete.id
)
for role in roles:
if "role_" + role.id in workflow_data:
ulist = workflow_data["role_" + role.id]
for user in ulist:
if not filter(lambda x: user == x.id, users):
api.add_tenant_user_role(
IsA(http.HttpRequest), tenant_id=self.tenant.id, user_id=user, role_id=role.id
)
api.tenant_quota_update(IsA(http.HttpRequest), project.id, **updated_quota)
self.mox.ReplayAll()
# submit form data
project_data = {
"name": project._info["name"],
"id": project.id,
"description": project._info["description"],
"enabled": project.enabled,
}
workflow_data.update(project_data)
workflow_data.update(updated_quota)
url = reverse("horizon:admin:projects:update", args=[self.tenant.id])
res = self.client.post(url, workflow_data)
self.assertNoFormErrors(res)
self.assertRedirectsNoFollow(res, INDEX_URL)
def handle(self, request, data):
project_id = data['project_id']
# update project info
try:
api.tenant_update(request,
tenant_id=project_id,
tenant_name=data['name'],
description=data['description'],
enabled=data['enabled'])
except:
exceptions.handle(request, ignore=True)
return False
# update project members
users_to_modify = 0
try:
available_roles = api.keystone.role_list(request)
project_members = api.keystone.user_list(request,
tenant_id=project_id)
users_to_modify = len(project_members)
for user in project_members:
current_roles = api.roles_for_user(self.request,
user.id,
project_id)
for role in available_roles:
role_list = data["role_" + role.id]
if user.id in role_list:
if role not in current_roles:
# user role has changed
api.add_tenant_user_role(request,
tenant_id=project_id,
user_id=user.id,
role_id=role.id)
else:
# user role is unchanged
current_roles.pop(current_roles.index(role))
# delete user's removed roles
for to_delete in current_roles:
api.remove_tenant_user_role(request,
tenant_id=project_id,
user_id=user.id,
role_id=to_delete.id)
users_to_modify -= 1
# add new roles to project
for role in available_roles:
# count how many users may be added for exception handling
role_list = data["role_" + role.id]
users_to_modify += len(role_list)
for role in available_roles:
role_list = data["role_" + role.id]
users_added = 0
for user in role_list:
if not filter(lambda x: user == x.id, project_members):
api.add_tenant_user_role(request,
tenant_id=project_id,
user_id=user,
role_id=role.id)
users_added += 1
users_to_modify -= users_added
except:
exceptions.handle(request, _('Failed to modify %s project members '
'and update project quotas.'
% users_to_modify))
return True
# update the project quota
ifcb = data['injected_file_content_bytes']
try:
api.tenant_quota_update(request,
project_id,
metadata_items=data['metadata_items'],
injected_file_content_bytes=ifcb,
volumes=data['volumes'],
gigabytes=data['gigabytes'],
ram=data['ram'],
floating_ips=data['floating_ips'],
instances=data['instances'],
injected_files=data['injected_files'],
cores=data['cores'])
return True
except:
exceptions.handle(request, _('Modified project information and '
'members, but unable to modify '
'project quotas.'))
return True
def test_update_project_member_update_error(self):
project = self.tenants.first()
quota = self.quotas.first()
default_role = self.roles.first()
users = self.users.list()
roles = self.roles.list()
current_roles = self.roles.list()
# get/init
api.tenant_get(IsA(http.HttpRequest), self.tenant.id, admin=True) \
.AndReturn(project)
api.tenant_quota_get(IsA(http.HttpRequest), self.tenant.id) \
.AndReturn(quota)
api.get_default_role(IsA(http.HttpRequest)).AndReturn(default_role)
api.keystone.user_list(IsA(http.HttpRequest)).AndReturn(users)
api.keystone.role_list(IsA(http.HttpRequest)).AndReturn(roles)
workflow_data = {}
for user in users:
api.roles_for_user(IsA(http.HttpRequest), user.id,
self.tenant.id).AndReturn(roles)
role_ids = [role.id for role in roles]
if role_ids:
workflow_data.setdefault("role_" + role_ids[0], []) \
.append(user.id)
# update some fields
project._info["name"] = "updated name"
project._info["description"] = "updated description"
quota.metadata_items = 444
quota.volumes = 444
updated_project = {
"tenant_name": project._info["name"],
"tenant_id": project.id,
"description": project._info["description"],
"enabled": project.enabled
}
updated_quota = self._get_quota_info(quota)
# contribute
api.keystone.role_list(IsA(http.HttpRequest)).AndReturn(roles)
# handle
api.tenant_update(IsA(http.HttpRequest), **updated_project) \
.AndReturn(project)
api.keystone.role_list(IsA(http.HttpRequest)).AndReturn(roles)
api.keystone.user_list(IsA(http.HttpRequest),
tenant_id=self.tenant.id).AndReturn(users)
for user in users:
api.roles_for_user(IsA(http.HttpRequest),
user.id,
self.tenant.id) \
.AndReturn(current_roles)
for role in roles:
if "role_" + role.id in workflow_data:
if role not in current_roles:
api.add_tenant_user_role(IsA(http.HttpRequest),
tenant_id=self.tenant.id,
user_id=user,
role_id=role.id)
else:
current_roles.pop(current_roles.index(role))
for to_delete in current_roles:
api.remove_tenant_user_role(IsA(http.HttpRequest),
tenant_id=self.tenant.id,
user_id=user.id,
role_id=to_delete.id) \
.AndRaise(self.exceptions.nova)
break
break
self.mox.ReplayAll()
# submit form data
project_data = {
"name": project._info["name"],
"id": project.id,
"description": project._info["description"],
"enabled": project.enabled
}
workflow_data.update(project_data)
workflow_data.update(updated_quota)
url = reverse('horizon:admin:projects:update', args=[self.tenant.id])
res = self.client.post(url, workflow_data)
self.assertNoFormErrors(res)
self.assertRedirectsNoFollow(res, INDEX_URL)
def handle(self, request, data):
project_id = data['project_id']
# update project info
try:
api.tenant_update(request,
tenant_id=project_id,
tenant_name=data['name'],
description=data['description'],
enabled=data['enabled'])
except:
exceptions.handle(request, ignore=True)
return False
# update project members
users_to_modify = 0
try:
available_roles = api.keystone.role_list(request)
project_members = api.keystone.user_list(request,
tenant_id=project_id)
users_to_modify = len(project_members)
for user in project_members:
current_roles = api.roles_for_user(self.request, user.id,
project_id)
for role in available_roles:
role_list = data["role_" + role.id]
if user.id in role_list:
if role not in current_roles:
# user role has changed
api.add_tenant_user_role(request,
tenant_id=project_id,
user_id=user.id,
role_id=role.id)
else:
# user role is unchanged
current_roles.pop(current_roles.index(role))
# delete user's removed roles
for to_delete in current_roles:
api.remove_tenant_user_role(request,
tenant_id=project_id,
user_id=user.id,
role_id=to_delete.id)
users_to_modify -= 1
# add new roles to project
for role in available_roles:
# count how many users may be added for exception handling
role_list = data["role_" + role.id]
users_to_modify += len(role_list)
for role in available_roles:
role_list = data["role_" + role.id]
users_added = 0
for user in role_list:
if not filter(lambda x: user == x.id, project_members):
api.add_tenant_user_role(request,
tenant_id=project_id,
user_id=user,
role_id=role.id)
users_added += 1
users_to_modify -= users_added
except:
exceptions.handle(
request,
_('Failed to modify %s project members '
'and update project quotas.' % users_to_modify))
return True
# update the project quota
ifcb = data['injected_file_content_bytes']
try:
api.tenant_quota_update(request,
project_id,
metadata_items=data['metadata_items'],
injected_file_content_bytes=ifcb,
volumes=data['volumes'],
gigabytes=data['gigabytes'],
ram=data['ram'],
floating_ips=data['floating_ips'],
instances=data['instances'],
injected_files=data['injected_files'],
cores=data['cores'])
return True
except:
exceptions.handle(
request,
_('Modified project information and '
'members, but unable to modify '
'project quotas.'))
return True
def __init__(self, request, *args, **kwargs):
super(UpdateProjectMembersAction, self).__init__(request,
*args,
**kwargs)
err_msg = _('Unable to retrieve user list. Please try again later.')
project_id = ''
if 'project_id' in args[0]:
project_id = args[0]['project_id']
# Get the default role
try:
default_role = api.get_default_role(self.request)
# Default role is necessary to add members to a project
if default_role is None:
default = getattr(settings,
"OPENSTACK_KEYSTONE_DEFAULT_ROLE", None)
msg = _('Could not find default role "%s" in Keystone'
% default)
raise exceptions.NotFound(msg)
except:
exceptions.handle(self.request,
err_msg,
redirect=reverse(INDEX_URL))
self.fields['default_role'].initial = default_role.id
# Get list of available users
all_users = []
try:
all_users = api.keystone.user_list(request)
except:
exceptions.handle(request, err_msg)
users_list = [(user.id, user.name) for user in all_users]
# Get list of roles
role_list = []
try:
role_list = api.keystone.role_list(request)
except:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
for role in role_list:
field_name = "role_" + role.id
label = _(role.name)
self.fields[field_name] = forms.MultipleChoiceField(required=False,
label=label)
self.fields[field_name].choices = users_list
self.fields[field_name].initial = []
# Figure out users & roles
if project_id:
for user in all_users:
try:
roles = api.roles_for_user(self.request,
user.id,
project_id)
except:
exceptions.handle(request,
err_msg,
redirect=reverse(INDEX_URL))
if roles:
primary_role = roles[0].id
self.fields["role_" + primary_role].initial.append(user.id)