def token_create_scoped(request, tenant, token):
'''
Creates a scoped token using the tenant id and unscoped token; retrieves
the service catalog for the given tenant.
'''
if hasattr(request, '_keystone'):
del request._keystone
c = keystoneclient(request,
tenant_id=tenant,
token_id=token,
endpoint=_get_endpoint_url(request, 'internalURL'))
raw_token = c.tokens.authenticate(tenant_id=tenant,
token=token,
return_raw=True)
c.service_catalog = service_catalog.ServiceCatalog(raw_token)
if request.user.is_admin():
c.management_url = c.service_catalog.url_for(service_type='identity',
endpoint_type='adminURL')
else:
endpoint_type = getattr(settings, 'OPENSTACK_ENDPOINT_TYPE',
'internalURL')
c.management_url = c.service_catalog.url_for(
service_type='identity', endpoint_type=endpoint_type)
scoped_token = tokens.Token(tokens.TokenManager, raw_token)
return scoped_token
def token_create_scoped(request, tenant, token):
'''
Creates a scoped token using the tenant id and unscoped token; retrieves
the service catalog for the given tenant.
'''
if hasattr(request, '_keystone'):
del request._keystone
c = keystoneclient(request, tenant_id=tenant, token_id=token,
endpoint=settings.OPENSTACK_KEYSTONE_URL)
raw_token = c.tokens.authenticate(tenant=tenant,
token=token,
return_raw=True)
c.service_catalog = service_catalog.ServiceCatalog(raw_token)
if request.user.is_admin():
c.management_url = c.service_catalog.url_for(service_type='identity',
endpoint_type='adminURL')
else:
c.management_url = c.service_catalog.url_for(service_type='identity',
endpoint_type='publicURL')
scoped_token = tokens.Token(tokens.TokenManager, raw_token)
return Token(scoped_token)
def scoped_token_create(token_id, tenant_id):
"""
Creates a scoped token using the tenant id and unscoped token; retrieves
the service catalog for the given tenant.
"""
c = _keystoneclient(tenant_id=tenant_id, token_id=token_id)
raw_token = c.tokens.authenticate(tenant_id=tenant_id,
token=token_id,
return_raw=True)
# LOG.debug('got raw_token: %s' % raw_token)
# FIXME need to modify c3 ?
# c.service_catalog = service_catalog.ServiceCatalog(raw_token)
# if request.ouser.is_admin():
# c.management_url = c.service_catalog.url_for(service_type='identity',
# endpoint_type='adminURL')
# else:
# c.management_url = c.service_catalog.url_for(service_type='identity',
# endpoint_type='publicURL')
scoped_token = tokens.Token(tokens.TokenManager, raw_token)
return scoped_token
def data(TEST):
TEST.service_catalog = SERVICE_CATALOG
TEST.tokens = TestDataContainer()
TEST.domains = TestDataContainer()
TEST.users = TestDataContainer()
TEST.groups = TestDataContainer()
TEST.tenants = TestDataContainer()
TEST.roles = TestDataContainer()
TEST.ec2 = TestDataContainer()
admin_role_dict = {'id': '1',
'name': 'admin'}
admin_role = roles.Role(roles.RoleManager, admin_role_dict)
member_role_dict = {'id': "2",
'name': settings.OPENSTACK_KEYSTONE_DEFAULT_ROLE}
member_role = roles.Role(roles.RoleManager, member_role_dict)
TEST.roles.add(admin_role, member_role)
TEST.roles.admin = admin_role
TEST.roles.member = member_role
domain_dict = {'id': "1",
'name': 'test_domain',
'description': "a test domain.",
'enabled': True}
domain_dict_2 = {'id': "2",
'name': 'disabled_domain',
'description': "a disabled test domain.",
'enabled': False}
domain = domains.Domain(domains.DomainManager, domain_dict)
disabled_domain = domains.Domain(domains.DomainManager, domain_dict_2)
TEST.domains.add(domain, disabled_domain)
TEST.domain = domain # Your "current" domain
user_dict = {'id': "1",
'name': 'test_user',
'email': '*****@*****.**',
'password': '******',
'token': 'test_token',
'project_id': '1',
'enabled': True,
'domain_id': "1"}
user = users.User(users.UserManager(None), user_dict)
user_dict = {'id': "2",
'name': 'user_two',
'email': '*****@*****.**',
'password': '******',
'token': 'test_token',
'project_id': '1',
'enabled': True,
'domain_id': "1"}
user2 = users.User(users.UserManager(None), user_dict)
user_dict = {'id': "3",
'name': 'user_three',
'email': '*****@*****.**',
'password': '******',
'token': 'test_token',
'project_id': '1',
'enabled': True,
'domain_id': "1"}
user3 = users.User(users.UserManager(None), user_dict)
user_dict = {'id': "4",
'name': 'user_four',
'email': '*****@*****.**',
'password': '******',
'token': 'test_token',
'project_id': '2',
'enabled': True,
'domain_id': "2"}
user4 = users.User(users.UserManager(None), user_dict)
TEST.users.add(user, user2, user3, user4)
TEST.user = user # Your "current" user
TEST.user.service_catalog = SERVICE_CATALOG
group_dict = {'id': "1",
'name': 'group_one',
'description': 'group one description',
'domain_id': '1'}
group = groups.Group(groups.GroupManager(None), group_dict)
group_dict = {'id': "2",
'name': 'group_two',
'description': 'group two description',
'domain_id': '1'}
group2 = groups.Group(groups.GroupManager(None), group_dict)
group_dict = {'id': "3",
'name': 'group_three',
'description': 'group three description',
'domain_id': '2'}
group3 = groups.Group(groups.GroupManager(None), group_dict)
TEST.groups.add(group, group2, group3)
tenant_dict = {'id': "1",
'name': 'test_tenant',
'description': "a test tenant.",
'enabled': True,
'domain_id': '1'}
tenant_dict_2 = {'id': "2",
'name': 'disabled_tenant',
'description': "a disabled test tenant.",
'enabled': False,
'domain_id': '2'}
tenant_dict_3 = {'id': "3",
'name': u'\u4e91\u89c4\u5219',
'description': "an unicode-named tenant.",
'enabled': True,
'domain_id': '2'}
tenant = tenants.Tenant(tenants.TenantManager, tenant_dict)
disabled_tenant = tenants.Tenant(tenants.TenantManager, tenant_dict_2)
tenant_unicode = tenants.Tenant(tenants.TenantManager, tenant_dict_3)
TEST.tenants.add(tenant, disabled_tenant, tenant_unicode)
TEST.tenant = tenant # Your "current" tenant
tomorrow = datetime_safe.datetime.now() + timedelta(days=1)
expiration = datetime_safe.datetime.isoformat(tomorrow)
scoped_token = tokens.Token(tokens.TokenManager,
dict(token={"id": "test_token_id",
"expires": expiration,
"tenant": tenant_dict,
"tenants": [tenant_dict]},
user={"id": "test_user_id",
"name": "test_user",
"roles": [member_role_dict]},
serviceCatalog=TEST.service_catalog))
unscoped_token = tokens.Token(tokens.TokenManager,
dict(token={"id": "test_token_id",
"expires": expiration},
user={"id": "test_user_id",
"name": "test_user",
"roles": [member_role_dict]},
serviceCatalog=TEST.service_catalog))
TEST.tokens.add(scoped_token, unscoped_token)
TEST.token = scoped_token # your "current" token.
TEST.tokens.scoped_token = scoped_token
TEST.tokens.unscoped_token = unscoped_token
access_secret = ec2.EC2(ec2.CredentialsManager, {"access": "access",
"secret": "secret"})
TEST.ec2.add(access_secret)
def data(TEST):
TEST.service_catalog = SERVICE_CATALOG
TEST.tokens = TestDataContainer()
TEST.users = TestDataContainer()
TEST.tenants = TestDataContainer()
TEST.roles = TestDataContainer()
TEST.ec2 = TestDataContainer()
admin_role_dict = {'id': '1', 'name': 'admin'}
admin_role = roles.Role(roles.RoleManager, admin_role_dict)
member_role_dict = {
'id': "2",
'name': settings.OPENSTACK_KEYSTONE_DEFAULT_ROLE
}
member_role = roles.Role(roles.RoleManager, member_role_dict)
TEST.roles.add(admin_role, member_role)
TEST.roles.admin = admin_role
TEST.roles.member = member_role
user_dict = {
'id': "1",
'name': 'test_user',
'email': '*****@*****.**',
'password': '******',
'token': 'test_token',
'enabled': True
}
user = users.User(users.UserManager(None), user_dict)
user_dict = {
'id': "2",
'name': 'user_two',
'email': '*****@*****.**',
'password': '******',
'token': 'test_token',
'enabled': True
}
user2 = users.User(users.UserManager(None), user_dict)
user_dict = {
'id': "3",
'name': 'user_three',
'email': '*****@*****.**',
'password': '******',
'token': 'test_token',
'enabled': True
}
user3 = users.User(users.UserManager(None), user_dict)
TEST.users.add(user, user2, user3)
TEST.user = user # Your "current" user
TEST.user.service_catalog = SERVICE_CATALOG
tenant_dict = {
'id': "1",
'name': 'test_tenant',
'description': "a test tenant.",
'enabled': True
}
tenant_dict_2 = {
'id': "2",
'name': 'disabled_tenant',
'description': "a disabled test tenant.",
'enabled': False
}
tenant = tenants.Tenant(tenants.TenantManager, tenant_dict)
disabled_tenant = tenants.Tenant(tenants.TenantManager, tenant_dict_2)
TEST.tenants.add(tenant, disabled_tenant)
TEST.tenant = tenant # Your "current" tenant
tomorrow = datetime_safe.datetime.now() + timedelta(days=1)
expiration = datetime_safe.datetime.isoformat(tomorrow)
scoped_token = tokens.Token(
tokens.TokenManager,
dict(token={
"id": "test_token_id",
"expires": expiration,
"tenant": tenant_dict,
"tenants": [tenant_dict]
},
user={
"id": "test_user_id",
"name": "test_user",
"roles": [member_role_dict]
},
serviceCatalog=TEST.service_catalog))
unscoped_token = tokens.Token(
tokens.TokenManager,
dict(token={
"id": "test_token_id",
"expires": expiration
},
user={
"id": "test_user_id",
"name": "test_user",
"roles": [member_role_dict]
},
serviceCatalog=TEST.service_catalog))
TEST.tokens.add(scoped_token, unscoped_token)
TEST.token = scoped_token # your "current" token.
TEST.tokens.scoped_token = scoped_token
TEST.tokens.unscoped_token = unscoped_token
access_secret = ec2.EC2(ec2.CredentialsManager, {
"access": "access",
"secret": "secret"
})
TEST.ec2.add(access_secret)
