diff options
Diffstat (limited to 'aria/multivim-plugin/keystone_plugin')
| -rw-r--r-- | aria/multivim-plugin/keystone_plugin/__init__.py | 14 | ||||
| -rw-r--r-- | aria/multivim-plugin/keystone_plugin/project.py | 150 | ||||
| -rw-r--r-- | aria/multivim-plugin/keystone_plugin/tests/__init__.py | 0 | ||||
| -rw-r--r-- | aria/multivim-plugin/keystone_plugin/tests/test.py | 115 |
4 files changed, 0 insertions, 279 deletions
diff --git a/aria/multivim-plugin/keystone_plugin/__init__.py b/aria/multivim-plugin/keystone_plugin/__init__.py deleted file mode 100644 index 809f033a55..0000000000 --- a/aria/multivim-plugin/keystone_plugin/__init__.py +++ /dev/null @@ -1,14 +0,0 @@ -######### -# Copyright (c) 2015 GigaSpaces Technologies Ltd. All rights reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# * See the License for the specific language governing permissions and -# * limitations under the License. diff --git a/aria/multivim-plugin/keystone_plugin/project.py b/aria/multivim-plugin/keystone_plugin/project.py deleted file mode 100644 index 223ffbbb5c..0000000000 --- a/aria/multivim-plugin/keystone_plugin/project.py +++ /dev/null @@ -1,150 +0,0 @@ -######### -# Copyright (c) 2015 GigaSpaces Technologies Ltd. All rights reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# * See the License for the specific language governing permissions and -# * limitations under the License. - -from cloudify import ctx -from cloudify.decorators import operation -from cloudify.exceptions import NonRecoverableError - -from openstack_plugin_common import (with_keystone_client, - with_nova_client, - with_cinder_client, - with_neutron_client, - get_resource_id, - use_external_resource, - delete_resource_and_runtime_properties, - validate_resource, - COMMON_RUNTIME_PROPERTIES_KEYS, - OPENSTACK_ID_PROPERTY, - OPENSTACK_TYPE_PROPERTY, - OPENSTACK_NAME_PROPERTY) - - -PROJECT_OPENSTACK_TYPE = 'project' - -TENANT_QUOTA_TYPE = 'quota' - -RUNTIME_PROPERTIES_KEYS = COMMON_RUNTIME_PROPERTIES_KEYS - - -@operation -@with_keystone_client -def create(keystone_client, **kwargs): - if use_external_resource(ctx, keystone_client, PROJECT_OPENSTACK_TYPE): - return - - project_dict = { - 'name': get_resource_id(ctx, PROJECT_OPENSTACK_TYPE), - 'domain': 'default' - } - - project_dict.update(ctx.node.properties['project']) - project = keystone_client.projects.create(**project_dict) - - ctx.instance.runtime_properties[OPENSTACK_ID_PROPERTY] = project.id - ctx.instance.runtime_properties[OPENSTACK_TYPE_PROPERTY] = \ - PROJECT_OPENSTACK_TYPE - ctx.instance.runtime_properties[OPENSTACK_NAME_PROPERTY] = project.name - - -@operation -@with_keystone_client -@with_nova_client -@with_cinder_client -@with_neutron_client -def start(keystone_client, nova_client, cinder_client, neutron_client, - **kwargs): - project_id = ctx.instance.runtime_properties[OPENSTACK_ID_PROPERTY] - users = ctx.node.properties['users'] - validate_users(users, keystone_client) - - assign_users(project_id, users, keystone_client) - - quota = ctx.node.properties[TENANT_QUOTA_TYPE] - update_quota(project_id, quota, nova_client, 'nova') - update_quota(project_id, quota, neutron_client, 'neutron') - update_quota(project_id, quota, cinder_client, 'cinder') - - -@operation -@with_keystone_client -@with_nova_client -@with_cinder_client -@with_neutron_client -def delete(keystone_client, nova_client, cinder_client, - neutron_client, **kwargs): - tenant_id = ctx.instance.runtime_properties[OPENSTACK_ID_PROPERTY] - quota = ctx.node.properties[TENANT_QUOTA_TYPE] - delete_quota(tenant_id, quota, nova_client, 'nova') - delete_quota(tenant_id, quota, neutron_client, 'neutron') - delete_quota(tenant_id, quota, cinder_client, 'cinder') - delete_resource_and_runtime_properties(ctx, keystone_client, - RUNTIME_PROPERTIES_KEYS) - - -@operation -@with_keystone_client -def creation_validation(keystone_client, **kwargs): - validate_resource(ctx, keystone_client, PROJECT_OPENSTACK_TYPE) - - -def assign_users(project_id, users, keystone_client): - for user in users: - roles = user['roles'] - u = keystone_client.users.find(name=user['name']) - for role in roles: - r = keystone_client.roles.find(name=role) - keystone_client.roles.grant(user=u.id, - project=project_id, - role=r.id) - - -def validate_users(users, keystone_client): - user_names = [user['name'] for user in users] - if len(user_names) > len(set(user_names)): - raise NonRecoverableError('Users are not unique') - - for user_name in user_names: - keystone_client.users.find(name=user_name) - - for user in users: - if len(user['roles']) > len(set(user['roles'])): - msg = 'Roles for user {} are not unique' - raise NonRecoverableError(msg.format(user['name'])) - - role_names = {role for user in users for role in user['roles']} - for role_name in role_names: - keystone_client.roles.find(name=role_name) - - -def update_quota(tenant_id, quota, client, what_quota): - updated_quota = quota.get(what_quota) - if updated_quota: - if what_quota == 'neutron': - new_quota = client.update_quota(tenant_id=tenant_id, - body={'quota': updated_quota}) - else: - new_quota = client.quotas.update(tenant_id=tenant_id, - **updated_quota) - ctx.logger.info( - 'Updated {0} quota: {1}'.format(what_quota, str(new_quota))) - - -def delete_quota(project_id, quota, client, what_quota): - deleting_quota = quota.get(what_quota) - if deleting_quota: - if what_quota == 'neutron': - client.delete_quota(tenant_id=project_id) - else: - client.quotas.delete(tenant_id=project_id) diff --git a/aria/multivim-plugin/keystone_plugin/tests/__init__.py b/aria/multivim-plugin/keystone_plugin/tests/__init__.py deleted file mode 100644 index e69de29bb2..0000000000 --- a/aria/multivim-plugin/keystone_plugin/tests/__init__.py +++ /dev/null diff --git a/aria/multivim-plugin/keystone_plugin/tests/test.py b/aria/multivim-plugin/keystone_plugin/tests/test.py deleted file mode 100644 index de6567ba3a..0000000000 --- a/aria/multivim-plugin/keystone_plugin/tests/test.py +++ /dev/null @@ -1,115 +0,0 @@ -import mock -import unittest - -from cloudify.context import NODE_INSTANCE - -from cloudify.mocks import ( - MockContext, - MockNodeInstanceContext, - MockNodeContext -) -from openstack_plugin_common import ( - OPENSTACK_ID_PROPERTY, - OPENSTACK_NAME_PROPERTY, - OPENSTACK_TYPE_PROPERTY - ) -from keystone_plugin.project import PROJECT_OPENSTACK_TYPE -import keystone_plugin - - -class TestProject(unittest.TestCase): - - test_id = 'test-id' - test_name = 'test-name' - test_deployment_id = 'test-deployment-id' - test_user = 'test-user' - test_role = 'test-role' - - class MockProjectOS: - def __init__(self, id, name): - self._id = id - self._name = name - self._users = {} - - @property - def id(self): - return self._id - - @property - def name(self): - return self._name - - def find(self, *_, **__): - return mock.MagicMock(id='test-role') - - def grant(self, role, user, *_, **__): - self._users[user] = role - - def mock_keystone_client(self, mock_project): - keystone_client = mock.MagicMock() - keystone_client.projects.create.return_value = mock_project - keystone_client.users.find.return_value = mock.MagicMock( - id=self.test_user) - keystone_client.roles = mock_project - return keystone_client - - def mock_ctx(self, test_vars, test_id, - test_deployment_id, runtime_properties=None): - ctx = MockContext() - ctx.node = MockNodeContext(properties=test_vars) - ctx.instance = MockNodeInstanceContext( - id=test_id, runtime_properties=runtime_properties or {}) - ctx.deployment = mock.Mock() - ctx.deployment.id = test_deployment_id - ctx.type = NODE_INSTANCE - return ctx - - @mock.patch('openstack_plugin_common._put_client_in_kw', - autospec=True, return_value=None) - def test_keystone_project_create(self, *_): - test_vars = { - 'project': {}, - 'resource_id': '', - 'quota': {}, - 'users': {} - } - - ctx = self.mock_ctx(test_vars, self.test_id, self.test_deployment_id) - keystone_plugin.project.ctx = ctx - keystone_plugin.project.create( - self.mock_keystone_client(self.MockProjectOS(self.test_id, - self.test_name))) - self.assertEqual(self.test_name, - ctx.instance.runtime_properties[ - OPENSTACK_NAME_PROPERTY]) - self.assertEqual(self.test_id, - ctx.instance.runtime_properties[ - OPENSTACK_ID_PROPERTY]) - self.assertEqual(PROJECT_OPENSTACK_TYPE, - ctx.instance.runtime_properties[ - OPENSTACK_TYPE_PROPERTY]) - - @mock.patch('openstack_plugin_common._put_client_in_kw', - autospec=True, return_value=None) - def test_assign_user(self, *_): - test_vars = { - 'project': {}, - 'resource_id': '', - 'quota': {}, - 'users': [{'name': self.test_user, - 'roles': [self.test_role]}] - } - ctx = self.mock_ctx(test_vars, - self.test_id, - self.test_deployment_id, - {OPENSTACK_ID_PROPERTY: self.test_id}) - mock_project = self.MockProjectOS(self.test_id, self.test_name) - keystone_client = self.mock_keystone_client(mock_project) - keystone_plugin.project.ctx = ctx - keystone_plugin.project.start( - keystone_client, - mock.MagicMock(), # nova_client - mock.MagicMock(), # cinder_client - mock.MagicMock()) # neutron_client - self.assertEqual({self.test_user: self.test_role}, - mock_project._users) |