diff options
Diffstat (limited to 'keystoneclient')
-rw-r--r-- | keystoneclient/base.py | 14 | ||||
-rw-r--r-- | keystoneclient/contrib/auth/v3/saml2.py | 2 | ||||
-rw-r--r-- | keystoneclient/tests/unit/test_session.py | 2 | ||||
-rw-r--r-- | keystoneclient/tests/unit/v3/test_limits.py | 77 | ||||
-rw-r--r-- | keystoneclient/tests/unit/v3/test_registered_limits.py | 76 | ||||
-rw-r--r-- | keystoneclient/tests/unit/v3/utils.py | 4 | ||||
-rw-r--r-- | keystoneclient/v3/client.py | 13 | ||||
-rw-r--r-- | keystoneclient/v3/limits.py | 148 | ||||
-rw-r--r-- | keystoneclient/v3/regions.py | 11 | ||||
-rw-r--r-- | keystoneclient/v3/registered_limits.py | 158 |
10 files changed, 493 insertions, 12 deletions
diff --git a/keystoneclient/base.py b/keystoneclient/base.py index 5824e6d..839b8a1 100644 --- a/keystoneclient/base.py +++ b/keystoneclient/base.py @@ -55,16 +55,10 @@ def getid(obj): Abstracts the common pattern of allowing both an object or an object's ID (UUID) as a parameter when dealing with relationships. """ - try: - if obj.uuid: - return obj.uuid - except AttributeError: # nosec(cjschaef): 'obj' doesn't contain attribute - # 'uuid', return attribute 'id' or the 'obj' - pass - try: - return obj.id - except AttributeError: - return obj + if getattr(obj, 'uuid', None): + return obj.uuid + else: + return getattr(obj, 'id', obj) def filter_none(**kwargs): diff --git a/keystoneclient/contrib/auth/v3/saml2.py b/keystoneclient/contrib/auth/v3/saml2.py index 8a07b7f..85beabb 100644 --- a/keystoneclient/contrib/auth/v3/saml2.py +++ b/keystoneclient/contrib/auth/v3/saml2.py @@ -327,7 +327,7 @@ class Saml2UnscopedToken(_BaseSAMLPlugin): authenticated user. This function directs the HTTP request to SP managed URL, for instance: ``https://<host>:<port>/Shibboleth.sso/ SAML2/ECP``. - Upon success the there's a session created and access to the protected + Upon success there's a session created and access to the protected resource is granted. Many implementations of the SP return HTTP 302/303 status code pointing to the protected URL (``https://<host>:<port>/v3/ OS-FEDERATION/identity_providers/{identity_provider}/protocols/ diff --git a/keystoneclient/tests/unit/test_session.py b/keystoneclient/tests/unit/test_session.py index 27d224d..e0d9b28 100644 --- a/keystoneclient/tests/unit/test_session.py +++ b/keystoneclient/tests/unit/test_session.py @@ -266,7 +266,7 @@ class SessionTests(utils.TestCase): # elements to make sure that all joins are appropriately # handled (any join of unicode and byte strings should # raise a UnicodeDecodeError) - session.post(unicode(self.TEST_URL), data=data) + session.post(six.text_type(self.TEST_URL), data=data) self.assertNotIn('my data', self.logger.output) diff --git a/keystoneclient/tests/unit/v3/test_limits.py b/keystoneclient/tests/unit/v3/test_limits.py new file mode 100644 index 0000000..0dca67d --- /dev/null +++ b/keystoneclient/tests/unit/v3/test_limits.py @@ -0,0 +1,77 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +import uuid + +from keystoneclient.tests.unit.v3 import utils +from keystoneclient.v3 import limits + + +class LimitTests(utils.ClientTestCase, utils.CrudTests): + def setUp(self): + super(LimitTests, self).setUp() + self.key = 'limit' + self.collection_key = 'limits' + self.model = limits.Limit + self.manager = self.client.limits + + def new_ref(self, **kwargs): + ref = { + 'id': uuid.uuid4().hex, + 'project_id': uuid.uuid4().hex, + 'service_id': uuid.uuid4().hex, + 'resource_name': uuid.uuid4().hex, + 'resource_limit': 15, + 'description': uuid.uuid4().hex + } + ref.update(kwargs) + return ref + + def test_create(self): + # This test overrides the generic test case provided by the CrudTests + # class because the limits API supports creating multiple limits in a + # single POST request. As a result, it returns the limits as a list of + # all the created limits from the request. This is different from what + # the base test_create() method assumes about keystone's API. The + # changes here override the base test to closely model how the actual + # limit API behaves. + ref = self.new_ref() + manager_ref = ref.copy() + manager_ref.pop('id') + req_ref = [manager_ref.copy()] + + self.stub_entity('POST', entity=req_ref, status_code=201) + + returned = self.manager.create(**utils.parameterize(manager_ref)) + self.assertIsInstance(returned, self.model) + + expected_limit = req_ref.pop() + for attr in expected_limit: + self.assertEqual( + getattr(returned, attr), + expected_limit[attr], + 'Expected different %s' % attr) + self.assertEntityRequestBodyIs([expected_limit]) + + def test_list_filter_by_service(self): + service_id = uuid.uuid4().hex + expected_query = {'service_id': service_id} + self.test_list(expected_query=expected_query, service=service_id) + + def test_list_filtered_by_resource_name(self): + resource_name = uuid.uuid4().hex + self.test_list(resource_name=resource_name) + + def test_list_filtered_by_region(self): + region_id = uuid.uuid4().hex + expected_query = {'region_id': region_id} + self.test_list(expected_query=expected_query, region=region_id) diff --git a/keystoneclient/tests/unit/v3/test_registered_limits.py b/keystoneclient/tests/unit/v3/test_registered_limits.py new file mode 100644 index 0000000..1f612f8 --- /dev/null +++ b/keystoneclient/tests/unit/v3/test_registered_limits.py @@ -0,0 +1,76 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +import uuid + +from keystoneclient.tests.unit.v3 import utils +from keystoneclient.v3 import registered_limits + + +class RegisteredLimitTests(utils.ClientTestCase, utils.CrudTests): + def setUp(self): + super(RegisteredLimitTests, self).setUp() + self.key = 'registered_limit' + self.collection_key = 'registered_limits' + self.model = registered_limits.RegisteredLimit + self.manager = self.client.registered_limits + + def new_ref(self, **kwargs): + ref = { + 'id': uuid.uuid4().hex, + 'service_id': uuid.uuid4().hex, + 'resource_name': uuid.uuid4().hex, + 'default_limit': 10, + 'description': uuid.uuid4().hex + } + ref.update(kwargs) + return ref + + def test_create(self): + # This test overrides the generic test case provided by the CrudTests + # class because the registered limits API supports creating multiple + # limits in a single POST request. As a result, it returns the + # registered limits as a list of all the created limits from the + # request. This is different from what the base test_create() method + # assumes about keystone's API. The changes here override the base test + # to closely model how the actual registered limit API behaves. + ref = self.new_ref() + manager_ref = ref.copy() + manager_ref.pop('id') + req_ref = [manager_ref.copy()] + + self.stub_entity('POST', entity=req_ref, status_code=201) + + returned = self.manager.create(**utils.parameterize(manager_ref)) + self.assertIsInstance(returned, self.model) + + expected_limit = req_ref.pop() + for attr in expected_limit: + self.assertEqual( + getattr(returned, attr), + expected_limit[attr], + 'Expected different %s' % attr) + self.assertEntityRequestBodyIs([expected_limit]) + + def test_list_filter_by_service(self): + service_id = uuid.uuid4().hex + expected_query = {'service_id': service_id} + self.test_list(expected_query=expected_query, service=service_id) + + def test_list_filter_resource_name(self): + resource_name = uuid.uuid4().hex + self.test_list(resource_name=resource_name) + + def test_list_filter_region(self): + region_id = uuid.uuid4().hex + expected_query = {'region_id': region_id} + self.test_list(expected_query=expected_query, region=region_id) diff --git a/keystoneclient/tests/unit/v3/utils.py b/keystoneclient/tests/unit/v3/utils.py index d9cb5a4..5781a92 100644 --- a/keystoneclient/tests/unit/v3/utils.py +++ b/keystoneclient/tests/unit/v3/utils.py @@ -221,6 +221,8 @@ class CrudTests(object): self.assertRequestBodyIs(json=self.encode(entity)) def test_create(self, ref=None, req_ref=None): + deprecations = self.useFixture(client_fixtures.Deprecations()) + deprecations.expect_deprecations() ref = ref or self.new_ref() manager_ref = ref.copy() manager_ref.pop('id') @@ -343,6 +345,8 @@ class CrudTests(object): self.assertQueryStringIs('') def test_update(self, ref=None, req_ref=None): + deprecations = self.useFixture(client_fixtures.Deprecations()) + deprecations.expect_deprecations() ref = ref or self.new_ref() self.stub_entity('PATCH', id=ref['id'], entity=ref) diff --git a/keystoneclient/v3/client.py b/keystoneclient/v3/client.py index e57e6bf..89ba5ac 100644 --- a/keystoneclient/v3/client.py +++ b/keystoneclient/v3/client.py @@ -37,9 +37,11 @@ from keystoneclient.v3 import ec2 from keystoneclient.v3 import endpoint_groups from keystoneclient.v3 import endpoints from keystoneclient.v3 import groups +from keystoneclient.v3 import limits from keystoneclient.v3 import policies from keystoneclient.v3 import projects from keystoneclient.v3 import regions +from keystoneclient.v3 import registered_limits from keystoneclient.v3 import role_assignments from keystoneclient.v3 import roles from keystoneclient.v3 import services @@ -158,6 +160,10 @@ class Client(httpclient.HTTPClient): :py:class:`keystoneclient.v3.groups.GroupManager` + .. py:attribute:: limits + + :py:class:`keystoneclient.v3.limits.LimitManager` + .. py:attribute:: oauth1 :py:class:`keystoneclient.v3.contrib.oauth1.core.OAuthManager` @@ -170,6 +176,10 @@ class Client(httpclient.HTTPClient): :py:class:`keystoneclient.v3.regions.RegionManager` + .. py:attribute:: registered_limits + + :py:class:`keystoneclient.v3.registered_limits.RegisteredLimitManager` + .. py:attribute:: role_assignments :py:class:`keystoneclient.v3.role_assignments.RoleAssignmentManager` @@ -230,9 +240,12 @@ class Client(httpclient.HTTPClient): self.domains = domains.DomainManager(self._adapter) self.federation = federation.FederationManager(self._adapter) self.groups = groups.GroupManager(self._adapter) + self.limits = limits.LimitManager(self._adapter) self.oauth1 = oauth1.create_oauth_manager(self._adapter) self.policies = policies.PolicyManager(self._adapter) self.projects = projects.ProjectManager(self._adapter) + self.registered_limits = registered_limits.RegisteredLimitManager( + self._adapter) self.regions = regions.RegionManager(self._adapter) self.role_assignments = ( role_assignments.RoleAssignmentManager(self._adapter)) diff --git a/keystoneclient/v3/limits.py b/keystoneclient/v3/limits.py new file mode 100644 index 0000000..5d298a4 --- /dev/null +++ b/keystoneclient/v3/limits.py @@ -0,0 +1,148 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from keystoneclient import base + + +class Limit(base.Resource): + """Represents a project limit. + + Attributes: + * id: a UUID that identifies the project limit + * service_id: a UUID that identifies the service for the limit + * region_id: a UUID that identifies the region for the limit + * project_id: a UUID that identifies the project for the limit + * resource_name: the name of the resource to limit + * resource_limit: the limit to apply to the project + * description: a description for the project limit + + """ + + pass + + +class LimitManager(base.CrudManager): + """Manager class for project limits.""" + + resource_class = Limit + collection_key = 'limits' + key = 'limit' + + def create(self, project, service, resource_name, resource_limit, + description=None, region=None, **kwargs): + """Create a project-specific limit. + + :param project: the project to create a limit for. + :type project: str or :class:`keystoneclient.v3.projects.Project` + :param service: the service that owns the resource to limit. + :type service: str or :class:`keystoneclient.v3.services.Service` + :param resource_name: the name of the resource to limit + :type resource_name: str + :param resource_limit: the quantity of the limit + :type resource_limit: int + :param description: a description of the limit + :type description: str + :param region: region the limit applies to + :type region: str or :class:`keystoneclient.v3.regions.Region` + + :returns: a reference of the created limit + :rtype: :class:`keystoneclient.v3.limits.Limit` + + """ + limit_data = base.filter_none( + project_id=base.getid(project), + service_id=base.getid(service), + resource_name=resource_name, + resource_limit=resource_limit, + description=description, + region_id=base.getid(region), + **kwargs + ) + body = {self.collection_key: [limit_data]} + resp, body = self.client.post('/limits', body=body) + limit = body[self.collection_key].pop() + return self.resource_class(self, limit) + + def update(self, limit, project=None, service=None, resource_name=None, + resource_limit=None, description=None, **kwargs): + """Update a project-specific limit. + + :param limit: a limit to update + :param project: the project ID of the limit to update + :type project: str or :class:`keystoneclient.v3.projects.Project` + :param resource_limit: the limit of the limit's resource to update + :type: resource_limit: int + :param description: a description of the limit + :type description: str + + :returns: a reference of the updated limit. + :rtype: :class:`keystoneclient.v3.limits.Limit` + + """ + return super(LimitManager, self).update( + limit_id=base.getid(limit), + project_id=base.getid(project), + service_id=base.getid(service), + resource_name=resource_name, + resource_limit=resource_limit, + description=description, + **kwargs + ) + + def get(self, limit): + """Retrieve a project limit. + + :param limit: + the project-specific limit to be retrieved. + :type limit: + str or :class:`keystoneclient.v3.limit.Limit` + + :returns: a project-specific limit + :rtype: :class:`keystoneclient.v3.limit.Limit` + + """ + return super(LimitManager, self).get(limit_id=base.getid(limit)) + + def list(self, service=None, region=None, resource_name=None, **kwargs): + """List project-specific limits. + + Any parameter provided will be passed to the server as a filter + + :param service: service to filter limits by + :type service: UUID or :class:`keystoneclient.v3.services.Service` + :param region: region to filter limits by + :type region: UUID or :class:`keystoneclient.v3.regions.Region` + :param resource_name: the name of the resource to filter limits by + :type resource_name: str + + :returns: a list of project-specific limits. + :rtype: list of :class:`keystoneclient.v3.limits.Limit` + + """ + return super(LimitManager, self).list( + service_id=base.getid(service), + region_id=base.getid(region), + resource_name=resource_name, + **kwargs + ) + + def delete(self, limit): + """Delete a project-specific limit. + + :param limit: the project-specific limit to be deleted. + :type limit: str or :class:`keystoneclient.v3.limit.Limit` + + :returns: Response object with 204 status + :rtype: :class:`requests.models.Response` + + """ + return super(LimitManager, self).delete(limit_id=base.getid(limit)) diff --git a/keystoneclient/v3/regions.py b/keystoneclient/v3/regions.py index 7783b3f..0538a66 100644 --- a/keystoneclient/v3/regions.py +++ b/keystoneclient/v3/regions.py @@ -10,6 +10,7 @@ # License for the specific language governing permissions and limitations # under the License. +from debtcollector import removals from keystoneclient import base @@ -34,6 +35,11 @@ class RegionManager(base.CrudManager): collection_key = 'regions' key = 'region' + @removals.removed_kwarg( + 'enabled', + message='The enabled parameter is deprecated.', + version='3.18.0', + removal_version='4.0.0') def create(self, id=None, description=None, enabled=True, parent_region=None, **kwargs): """Create a region. @@ -81,6 +87,11 @@ class RegionManager(base.CrudManager): return super(RegionManager, self).list( **kwargs) + @removals.removed_kwarg( + 'enabled', + message='The enabled parameter is deprecated.', + version='3.18.0', + removal_version='4.0.0') def update(self, region, description=None, enabled=None, parent_region=None, **kwargs): """Update a region. diff --git a/keystoneclient/v3/registered_limits.py b/keystoneclient/v3/registered_limits.py new file mode 100644 index 0000000..6593845 --- /dev/null +++ b/keystoneclient/v3/registered_limits.py @@ -0,0 +1,158 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from keystoneclient import base + + +class RegisteredLimit(base.Resource): + """Represents a registered limit. + + Attributes: + * id: a UUID that identifies the registered limit + * service_id: a UUID that identifies the service for the limit + * region_id: a UUID that identifies the region for the limit + * resource_name: the name of the resource to limit + * default_limit: the default limit for projects to assume + * description: a description of the registered limit + + """ + + pass + + +class RegisteredLimitManager(base.CrudManager): + """Manager class for registered limits.""" + + resource_class = RegisteredLimit + collection_key = 'registered_limits' + key = 'registered_limit' + + def create(self, service, resource_name, default_limit, + description=None, region=None, **kwargs): + """Create a registered limit. + + :param service: a UUID that identifies the service for the limit. + :type service: str + :param resource_name: the name of the resource to limit. + :type resource_name: str + :param default_limit: the default limit for projects to assume. + :type default_limit: int + :param description: a string that describes the limit + :type description: str + :param region: a UUID that identifies the region for the limit. + :type region: str + + :returns: a reference of the created registered limit. + :rtype: :class:`keystoneclient.v3.registered_limits.RegisteredLimit` + + """ + # NOTE(lbragstad): Keystone's registered limit API supports creation of + # limits in batches. This client accepts a single limit and passes it + # to the identity service as a list of a single item. + limit_data = base.filter_none( + service_id=base.getid(service), + resource_name=resource_name, + default_limit=default_limit, + description=description, + region_id=base.getid(region), + **kwargs + ) + body = {self.collection_key: [limit_data]} + resp, body = self.client.post('/registered_limits', body=body) + registered_limit = body[self.collection_key].pop() + return self.resource_class(self, registered_limit) + + def update(self, registered_limit, service=None, resource_name=None, + default_limit=None, description=None, region=None, **kwargs): + """Update a registered limit. + + :param registered_limit: + the UUID or reference of the registered limit to update. + :param registered_limit: + str or :class:`keystoneclient.v3.registered_limits.RegisteredLimit` + :param service: a UUID that identifies the service for the limit. + :type service: str + :param resource_name: the name of the resource to limit. + :type resource_name: str + :param default_limit: the default limit for projects to assume. + :type default_limit: int + :param description: a string that describes the limit + :type description: str + :param region: a UUID that identifies the region for the limit. + :type region: str + + :returns: a reference of the updated registered limit. + :rtype: :class:`keystoneclient.v3.registered_limits.RegisteredLimit` + + """ + return super(RegisteredLimitManager, self).update( + registered_limit_id=base.getid(registered_limit), + service_id=base.getid(service), + resource_name=resource_name, + default_limit=default_limit, + description=description, + region=region, + **kwargs + ) + + def get(self, registered_limit): + """Retrieve a registered limit. + + :param registered_limit: the registered limit to get. + :type registered_limit: + str or :class:`keystoneclient.v3.registered_limits.RegisteredLimit` + + :returns: a specific registered limit. + :rtype: :class:`keystoneclient.v3.registered_limits.RegisteredLimit` + + """ + return super(RegisteredLimitManager, self).get( + registered_limit_id=base.getid(registered_limit)) + + def list(self, service=None, resource_name=None, region=None, **kwargs): + """List registered limits. + + Any parameter provided will be passed to the server as a filter. + + :param service: filter registered limits by service + :type service: a UUID or :class:`keystoneclient.v3.services.Service` + :param resource_name: filter registered limits by resource name + :type resource_name: str + :param region: filter registered limits by region + :type region: a UUID or :class:`keystoneclient.v3.regions.Region` + + :returns: a list of registered limits. + :rtype: list of + :class:`keystoneclient.v3.registered_limits.RegisteredLimit` + + """ + return super(RegisteredLimitManager, self).list( + service_id=base.getid(service), + resource_name=resource_name, + region_id=base.getid(region), + **kwargs) + + def delete(self, registered_limit): + """Delete a registered limit. + + :param registered_limit: the registered limit to delete. + :type registered_limit: + str or :class:`keystoneclient.v3.registered_limits.RegisteredLimit` + + :returns: Response object with 204 status. + :rtype: :class:`requests.models.Response` + + """ + registered_limit_id = base.getid(registered_limit) + return super(RegisteredLimitManager, self).delete( + registered_limit_id=registered_limit_id + ) |