def _create_projects(self):
self.p1 = utils.create_project(self.admin_client, 'p1', self.d1.id)
utils.grant_project_role(self.admin_client, self.admin_role.id,
self.admin.id, self.p1.id)
self.p2 = utils.create_project(self.admin_client, 'p2', self.d1.id)
utils.grant_project_role(self.admin_client, self.admin_role.id,
self.admin.id, self.p2.id)
def test_grant_user_role_in_project(self):
test1 = self._create_test_user('test1', self.p1, self.d1)
with self.assertRaises(Exception):
utils.grant_project_role(self.client, self.member_role.id,
test1.id, self.p1.id)
self._delete_test_user(test1)
def test_grant_user_role_in_project(self):
test1 = self._create_test_user('test1', self.p1, self.d1)
with self.assertRaises(Exception):
utils.grant_project_role(self.client, self.member_role.id,
test1.id, self.p1.id)
self._delete_test_user(test1)
def test_grant_user_role_in_project(self):
test1 = self._create_test_user('test1', self.p1, self.d1)
try:
utils.grant_project_role(self.client, self.member_role.id,
test1.id, self.p1.id)
except:
self.fail('Unexpected exception raised: '
'utils.grant_project_role(self.client,'
'self.member_role.id, test1.id, self.p1.id)')
self._delete_test_user(test1)
def test_grant_user_role_in_project(self):
test1 = self._create_test_user('test1', self.p1, self.d1)
try:
utils.grant_project_role(self.client, self.member_role.id,
test1.id, self.p1.id)
except:
self.fail('Unexpected exception raised: '
'utils.grant_project_role(self.client,'
'self.member_role.id, test1.id, self.p1.id)')
self._delete_test_user(test1)
def _grant_roles(self):
# p1
utils.grant_project_role(self.admin_client, self.admin_role.id,
self.p1admin.id, self.p1.id)
utils.grant_project_role(self.admin_client, self.member_role.id,
self.p1member.id, self.p1.id)
utils.grant_group_project_role(self.admin_client, self.member_role.id,
self.g1.id, self.p1.id)
# p2
utils.grant_project_role(self.admin_client, self.admin_role.id,
self.p2admin.id, self.p2.id)
utils.grant_project_role(self.admin_client, self.member_role.id,
self.p2member.id, self.p2.id)
utils.grant_group_project_role(self.admin_client, self.member_role.id,
self.g2.id, self.p2.id)
# d1
utils.grant_domain_role(self.admin_client, self.admin_role.id,
self.d1admin.id, self.d1.id)
utils.grant_domain_role(self.admin_client, self.admin_role.id,
self.d1member.id, self.d1.id)
utils.grant_domain_role(self.admin_client, self.member_role.id,
self.p1admin.id, self.d1.id)
utils.grant_domain_role(self.admin_client, self.member_role.id,
self.p2admin.id, self.d2.id)
utils.grant_domain_role(self.admin_client, self.member_role.id,
self.p1member.id, self.d1.id)
utils.grant_domain_role(self.admin_client, self.member_role.id,
self.p2member.id, self.d2.id)
def _create_projects(self):
self.p1 = utils.create_project(self.admin_client, 'p1', self.d1.id)
utils.grant_project_role(self.admin_client, self.admin_role.id,
self.admin.id, self.p1.id)
utils.grant_project_role(self.admin_client, self.cloud_admin_role.id,
self.admin.id, self.p1.id)
self.p2 = utils.create_project(self.admin_client, 'p2', self.d1.id)
utils.grant_project_role(self.admin_client, self.admin_role.id,
self.admin.id, self.p2.id)
utils.grant_project_role(self.admin_client, self.cloud_admin_role.id,
self.admin.id, self.p2.id)
def test_grant_user_role_in_project(self):
test1 = self._create_test_user('test1', self.p1, self.d1)
test2 = self._create_test_user('test2', self.p2, self.d1)
# AUTHORIZED
try:
utils.grant_project_role(self.client, self.member_role.id,
test1.id, self.p1.id)
except:
self.fail('Unexpected exception raised: '
'utils.grant_project_role(self.client,'
'self.member_role.id, test1.id, self.p1.id)')
# NOT AUTHORIZED
with self.assertRaises(Exception):
utils.grant_project_role(self.client, self.member_role.id,
test2.id, self.p2.id)
self._delete_test_user(test1)
self._delete_test_user(test2)
def test_grant_user_role_in_project(self):
test1 = self._create_test_user('test1', self.p1, self.d1)
test2 = self._create_test_user('test2', self.p2, self.d1)
# AUTHORIZED
try:
utils.grant_project_role(self.client, self.member_role.id,
test1.id, self.p1.id)
except:
self.fail('Unexpected exception raised: '
'utils.grant_project_role(self.client,'
'self.member_role.id, test1.id, self.p1.id)')
# NOT AUTHORIZED
with self.assertRaises(Exception):
utils.grant_project_role(self.client, self.member_role.id,
test2.id, self.p2.id)
self._delete_test_user(test1)
self._delete_test_user(test2)
def _grant_roles(self):
# p1
utils.grant_project_role(self.admin_client, self.project_admin_role.id,
self.p1admin.id, self.p1.id)
utils.grant_project_role(self.admin_client,
self.project_member_role.id,
self.p1member.id, self.p1.id)
utils.grant_group_project_role(self.admin_client,
self.project_member_role.id,
self.g1.id, self.p1.id)
# p2
utils.grant_project_role(self.admin_client,
self.project_admin_role.id,
self.p2admin.id, self.p2.id)
utils.grant_project_role(self.admin_client,
self.project_member_role.id,
self.p2member.id, self.p2.id)
utils.grant_group_project_role(self.admin_client,
self.project_member_role.id,
self.g2.id, self.p2.id)
# d1
utils.grant_domain_role(self.admin_client,
self.domain_admin_role.id,
self.d1admin.id, self.d1.id)
utils.grant_domain_role(self.admin_client,
self.member_role.id,
self.d1member.id, self.d1.id)
utils.grant_domain_role(self.admin_client,
self.member_role.id,
self.p1admin.id, self.d1.id)
utils.grant_domain_role(self.admin_client,
self.member_role.id,
self.p2admin.id, self.d2.id)
utils.grant_domain_role(self.admin_client,
self.member_role.id,
self.p1member.id, self.d1.id)
utils.grant_domain_role(self.admin_client,
self.member_role.id,
self.p2member.id, self.d2.id)
and domain_id:cloud_admin_domain_id",
"""
# Regular admin login
admin_client = utils.create_client('admin', 'admin', 'admin', 'Default',
'Default', 'http://*****:*****@example.com', admin_project.id,
admin_domain.id)
# Create cloud_admin role (admin in this case)
admin_role = utils.create_role(admin_client, 'admin')
# Grant roles at cloud_admin_domain and cloud_admin_project
utils.grant_project_role(admin_client, admin_role.id, cloud_admin.id,
admin_project.id)
utils.grant_domain_role(admin_client, admin_role.id, cloud_admin.id,
admin_domain.id)
# Print cloud_admin_domain id to be used at domain_id rule
print admin_domain.id
'Default',
'Default',
'http://*****:*****@example.com',
admin_project.id,
admin_domain.id)
# Create cloud_admin role (admin in this case)
admin_role = utils.create_role(admin_client, 'admin')
# Grant roles at cloud_admin_domain and cloud_admin_project
utils.grant_project_role(admin_client, admin_role.id,
cloud_admin.id, admin_project.id)
utils.grant_domain_role(admin_client, admin_role.id,
cloud_admin.id, admin_domain.id)
# Print cloud_admin_domain id to be used at domain_id rule
print admin_domain.id
