1 ##############################################################################
2 # Copyright (c) 2017 ZTE Corporation and others.
4 # All rights reserved. This program and the accompanying materials
5 # are made available under the terms of the Apache License, Version 2.0
6 # which accompanies this distribution, and is available at
7 # http://www.apache.org/licenses/LICENSE-2.0
8 ##############################################################################
11 from oslo_config import cfg
13 from doctor_tests.identity_auth import get_session
14 from doctor_tests.os_clients import keystone_client
15 from doctor_tests.os_clients import nova_client
19 cfg.StrOpt('doctor_user',
21 help='the name of test user',
23 cfg.StrOpt('doctor_passwd',
25 help='the password of test user',
27 cfg.StrOpt('doctor_project',
29 help='the name of test project',
31 cfg.StrOpt('doctor_role',
33 help='the role of test user',
35 cfg.StrOpt('doctor_domain_id',
36 default=os.environ.get('OS_PROJECT_DOMAIN_ID', 'default'),
37 help='the domain id of the doctor project',
39 cfg.IntOpt('quota_instances',
40 default=os.environ.get('VM_COUNT', 1),
41 help='the quota of instances in test user',
43 cfg.IntOpt('quota_cores',
44 default=os.environ.get('VM_COUNT', 1),
45 help='the quota of cores in test user',
52 def __init__(self, conf, log):
55 self.keystone = keystone_client(
56 self.conf.keystone_version, get_session())
58 nova_client(conf.nova_version, get_session())
62 self.use_exist_role = False
63 self.roles_for_user = {}
64 self.roles_for_admin = {}
67 """create test user, project and etc"""
68 self.log.info('user create start......')
70 self._create_project()
73 self._add_user_role_in_project(is_admin=False)
74 self._add_user_role_in_project(is_admin=True)
76 self.log.info('user create end......')
78 def _create_project(self):
79 """create test project"""
80 self.projects = {project.name: project for project in
81 self.keystone.projects.list(
82 domain=self.conf.doctor_domain_id)}
83 if self.conf.doctor_project not in self.projects:
84 self.log.info('create project......')
86 self.keystone.projects.create(
87 self.conf.doctor_project,
88 self.conf.doctor_domain_id)
89 self.projects[test_project.name] = test_project
91 self.log.info('project %s already created......' % self.conf.doctor_project)
92 self.log.info('test project %s' % str(self.projects[self.conf.doctor_project]))
94 def _create_user(self):
95 """create test user"""
96 project = self.projects.get(self.conf.doctor_project)
97 self.users = {user.name: user for user in
98 self.keystone.users.list(
99 domain=self.conf.doctor_domain_id)}
100 if self.conf.doctor_user not in self.users:
101 self.log.info('create user......')
102 test_user = self.keystone.users.create(
103 self.conf.doctor_user,
104 password=self.conf.doctor_passwd,
105 domain=self.conf.doctor_domain_id)
106 self.users[test_user.name] = test_user
108 self.log.info('user %s already created......' % self.conf.doctor_user)
109 self.log.info('test user %s' % str(self.users[self.conf.doctor_user]))
111 def _create_role(self):
112 """create test role"""
113 self.roles = {role.name: role for role in
114 self.keystone.roles.list()}
115 if self.conf.doctor_role not in self.roles:
116 self.log.info('create role......')
117 test_role = self.keystone.roles.create(
118 self.conf.doctor_role)
119 self.roles[test_role.name] = test_role
121 self.use_exist_role = True
122 self.log.info('role %s already created......' % self.conf.doctor_role)
123 self.log.info('test role %s' % str(self.roles[self.conf.doctor_role]))
125 def _add_user_role_in_project(self, is_admin=False):
126 """add test user with test role in test project"""
128 project = self.projects.get(self.conf.doctor_project)
130 user_name = 'admin' if is_admin else self.conf.doctor_user
131 user = self.users.get(user_name)
133 role_name = 'admin' if is_admin else self.conf.doctor_role
134 role = self.roles.get(role_name)
136 roles_for_user = self.roles_for_admin \
137 if is_admin else self.roles_for_user
139 if not self.keystone.roles.check(role, user=user, project=project):
140 self.keystone.roles.grant(role, user=user, project=project)
141 roles_for_user[role_name] = role
143 self.log.info('Already grant a role:%s to user: %s on project: %s'
144 % (role_name, user_name, self.conf.doctor_project))
147 """delete the test user, project and role"""
148 self.log.info('user delete start......')
150 project = self.projects.get(self.conf.doctor_project)
151 user = self.users.get(self.conf.doctor_user)
152 role = self.roles.get(self.conf.doctor_role)
155 if 'admin' in self.roles_for_admin:
156 self.keystone.roles.revoke(
158 user=self.users['admin'],
162 if role and self.conf.doctor_role in self.roles_for_user:
163 self.keystone.roles.revoke(
164 role, user=user, project=project)
165 if not self.use_exist_role:
166 self.keystone.roles.delete(role)
167 self.keystone.users.delete(user)
169 self.keystone.projects.delete(project)
170 self.log.info('user delete end......')
172 def update_quota(self):
173 self.log.info('user quota update start......')
174 project = self.projects.get(self.conf.doctor_project)
175 user = self.users.get(self.conf.doctor_user)
178 self.quota = self.nova.quotas.get(project.id,
180 if self.conf.quota_instances > self.quota.instances:
181 self.nova.quotas.update(project.id,
182 instances=self.conf.quota_instances,
184 if self.conf.quota_cores > self.quota.cores:
185 self.nova.quotas.update(project.id,
186 cores=self.conf.quota_cores,
188 self.log.info('user quota update end......')
190 raise Exception('No project or role for update quota')