Add group iteration and syncing support to Keystone auth

2017-02-23 14:41:27 -05:00 · 2017-02-23 14:41:27 -05:00 · d7825c6720
commit d7825c6720
parent 47278cc559
6 changed files with 148 additions and 15 deletions
--- a/test/test_keystone_auth.py
+++ b/test/test_keystone_auth.py
@ -47,6 +47,23 @@ def _create_app(requires_email=True):
    {'username': 'some.neat.user', 'name': 'Neat User', 'password': 'foobar'},
  ]

+  groups = [
+    {'id': 'somegroupid', 'name': 'somegroup', 'description': 'Hi there!',
+     'members': ['adminuser', 'cool.user']},
+  ]
+
+  def _get_user(username):
+    for user in users:
+      if user['username'] == username:
+        user_data = {}
+        user_data['id'] = username
+        user_data['name'] = username
+        if requires_email:
+          user_data['email'] = username + '@example.com'
+        return user_data
+
+    return None
+
  ks_app = Flask('testks')
  ks_app.config['SERVER_HOSTNAME'] = 'localhost:%s' % _PORT_NUMBER
  if os.environ.get('DEBUG') == 'true':
@ -66,6 +83,35 @@ def _create_app(requires_email=True):

    abort(404)

+  @ks_app.route('/v3/identity/groups/<groupid>/users', methods=['GET'])
+  def getv3groupmembers(groupid):
+    for group in groups:
+      if group['id'] == groupid:
+        group_data = {
+          "links": {},
+          "users": [_get_user(username) for username in group['members']],
+        }
+
+        return json.dumps(group_data)
+
+    abort(404)
+
+  @ks_app.route('/v3/identity/groups/<groupid>', methods=['GET'])
+  def getv3group(groupid):
+    for group in groups:
+      if group['id'] == groupid:
+        group_data = {
+          "description": group['description'],
+          "domain_id": "default",
+          "id": groupid,
+          "links": {},
+          "name": group['name'],
+        }
+
+        return json.dumps({'group': group_data})
+
+    abort(404)
+
  @ks_app.route('/v3/identity/users/<userid>', methods=['GET'])
  def getv3user(userid):
    for user in users:
@ -321,6 +367,32 @@ class KeystoneV3AuthTests(KeystoneAuthTestsMixin, unittest.TestCase):
      self.assertIsNotNone(result)
      self.assertEquals('cool_user', result.username)

+  def test_check_group_lookup_args(self):
+    with self.fake_keystone() as keystone:
+      (status, err) = keystone.check_group_lookup_args({})
+      self.assertFalse(status)
+      self.assertEquals('Missing group_id', err)
+
+      (status, err) = keystone.check_group_lookup_args({'group_id': 'unknownid'})
+      self.assertFalse(status)
+      self.assertEquals('Group not found', err)
+
+      (status, err) = keystone.check_group_lookup_args({'group_id': 'somegroupid'})
+      self.assertTrue(status)
+      self.assertIsNone(err)
+
+  def test_iterate_group_members(self):
+    with self.fake_keystone() as keystone:
+      (itt, err) = keystone.iterate_group_members({'group_id': 'somegroupid'})
+      self.assertIsNone(err)
+
+      results = list(itt)
+      results.sort()
+
+      self.assertEquals(2, len(results))
+      self.assertEquals('adminuser', results[0][0].id)
+      self.assertEquals('cool.user', results[1][0].id)
+

 if __name__ == '__main__':
  unittest.main()