github.com/gophercloud/gophercloud@v1.11.0/internal/acceptance/openstack/identity/v3/osinherit_test.go (about) 1 //go:build acceptance 2 // +build acceptance 3 4 package v3 5 6 import ( 7 "testing" 8 9 "github.com/gophercloud/gophercloud" 10 "github.com/gophercloud/gophercloud/internal/acceptance/clients" 11 "github.com/gophercloud/gophercloud/openstack/identity/v3/domains" 12 "github.com/gophercloud/gophercloud/openstack/identity/v3/groups" 13 "github.com/gophercloud/gophercloud/openstack/identity/v3/osinherit" 14 "github.com/gophercloud/gophercloud/openstack/identity/v3/roles" 15 th "github.com/gophercloud/gophercloud/testhelper" 16 ) 17 18 func TestInheritRolesAssignToUserOnProject(t *testing.T) { 19 clients.RequireAdmin(t) 20 21 client, err := clients.NewIdentityV3Client() 22 th.AssertNoErr(t, err) 23 24 project, err := CreateProject(t, client, nil) 25 th.AssertNoErr(t, err) 26 defer DeleteProject(t, client, project.ID) 27 28 roleCreateOpts := roles.CreateOpts{ 29 DomainID: "default", 30 } 31 role, err := CreateRole(t, client, &roleCreateOpts) 32 th.AssertNoErr(t, err) 33 defer DeleteRole(t, client, role.ID) 34 35 user, err := CreateUser(t, client, nil) 36 th.AssertNoErr(t, err) 37 defer DeleteUser(t, client, user.ID) 38 39 t.Logf("Attempting to assign an inherited role %s to a user %s on a project %s", 40 role.Name, user.Name, project.Name) 41 42 assignOpts := osinherit.AssignOpts{ 43 UserID: user.ID, 44 ProjectID: project.ID, 45 } 46 err = osinherit.Assign(client, role.ID, assignOpts).ExtractErr() 47 th.AssertNoErr(t, err) 48 49 t.Logf("Successfully assigned a role %s to a user %s on a project %s", 50 role.Name, user.Name, project.Name) 51 52 validateOpts := osinherit.ValidateOpts{ 53 UserID: user.ID, 54 ProjectID: project.ID, 55 } 56 err = osinherit.Validate(client, role.ID, validateOpts).ExtractErr() 57 th.AssertNoErr(t, err) 58 59 t.Logf("Successfully validated inherited role %s to a user %s on a project %s", 60 role.Name, user.Name, project.Name) 61 62 unassignOpts := osinherit.UnassignOpts{ 63 UserID: user.ID, 64 ProjectID: project.ID, 65 } 66 err = osinherit.Unassign(client, role.ID, unassignOpts).ExtractErr() 67 th.AssertNoErr(t, err) 68 69 t.Logf("Successfully unassigned inherited role %s to a user %s on a project %s", 70 role.Name, user.Name, project.Name) 71 72 } 73 74 func TestInheritRolesAssignToUserOnDomain(t *testing.T) { 75 clients.RequireAdmin(t) 76 77 client, err := clients.NewIdentityV3Client() 78 th.AssertNoErr(t, err) 79 80 domain, err := CreateDomain(t, client, &domains.CreateOpts{ 81 Enabled: gophercloud.Disabled, 82 }) 83 th.AssertNoErr(t, err) 84 defer DeleteDomain(t, client, domain.ID) 85 86 roleCreateOpts := roles.CreateOpts{ 87 DomainID: "default", 88 } 89 role, err := CreateRole(t, client, &roleCreateOpts) 90 th.AssertNoErr(t, err) 91 defer DeleteRole(t, client, role.ID) 92 93 user, err := CreateUser(t, client, nil) 94 th.AssertNoErr(t, err) 95 defer DeleteUser(t, client, user.ID) 96 97 t.Logf("Attempting to assign a role %s to a user %s on a domain %s", 98 role.Name, user.Name, domain.Name) 99 100 assignOpts := osinherit.AssignOpts{ 101 UserID: user.ID, 102 DomainID: domain.ID, 103 } 104 105 err = osinherit.Assign(client, role.ID, assignOpts).ExtractErr() 106 th.AssertNoErr(t, err) 107 108 t.Logf("Successfully assigned a role %s to a user %s on a domain %s", 109 role.Name, user.Name, domain.Name) 110 111 validateOpts := osinherit.ValidateOpts{ 112 UserID: user.ID, 113 DomainID: domain.ID, 114 } 115 116 err = osinherit.Validate(client, role.ID, validateOpts).ExtractErr() 117 th.AssertNoErr(t, err) 118 119 t.Logf("Successfully validated inherited role %s to a user %s on a domain %s", 120 role.Name, user.Name, domain.Name) 121 122 unassignOpts := osinherit.UnassignOpts{ 123 UserID: user.ID, 124 DomainID: domain.ID, 125 } 126 127 err = osinherit.Unassign(client, role.ID, unassignOpts).ExtractErr() 128 th.AssertNoErr(t, err) 129 130 t.Logf("Successfully unassigned inherited role %s to a user %s on a domain %s", 131 role.Name, user.Name, domain.Name) 132 133 } 134 135 func TestInheritRolesAssignToGroupOnDomain(t *testing.T) { 136 clients.RequireAdmin(t) 137 138 client, err := clients.NewIdentityV3Client() 139 th.AssertNoErr(t, err) 140 141 domain, err := CreateDomain(t, client, &domains.CreateOpts{ 142 Enabled: gophercloud.Disabled, 143 }) 144 th.AssertNoErr(t, err) 145 defer DeleteDomain(t, client, domain.ID) 146 147 roleCreateOpts := roles.CreateOpts{ 148 DomainID: "default", 149 } 150 role, err := CreateRole(t, client, &roleCreateOpts) 151 th.AssertNoErr(t, err) 152 defer DeleteRole(t, client, role.ID) 153 154 groupCreateOpts := &groups.CreateOpts{ 155 DomainID: "default", 156 } 157 group, err := CreateGroup(t, client, groupCreateOpts) 158 th.AssertNoErr(t, err) 159 defer DeleteGroup(t, client, group.ID) 160 161 t.Logf("Attempting to assign a role %s to a group %s on a domain %s", 162 role.Name, group.Name, domain.Name) 163 164 assignOpts := osinherit.AssignOpts{ 165 GroupID: group.ID, 166 DomainID: domain.ID, 167 } 168 169 err = osinherit.Assign(client, role.ID, assignOpts).ExtractErr() 170 th.AssertNoErr(t, err) 171 172 t.Logf("Successfully assigned a role %s to a group %s on a domain %s", 173 role.Name, group.Name, domain.Name) 174 175 validateOpts := osinherit.ValidateOpts{ 176 GroupID: group.ID, 177 DomainID: domain.ID, 178 } 179 180 err = osinherit.Validate(client, role.ID, validateOpts).ExtractErr() 181 th.AssertNoErr(t, err) 182 183 t.Logf("Successfully validated inherited role %s to a group %s on a domain %s", 184 role.Name, group.Name, domain.Name) 185 186 unassignOpts := osinherit.UnassignOpts{ 187 GroupID: group.ID, 188 DomainID: domain.ID, 189 } 190 191 err = osinherit.Unassign(client, role.ID, unassignOpts).ExtractErr() 192 th.AssertNoErr(t, err) 193 194 t.Logf("Successfully unassigned inherited role %s to a group %s on a domain %s", 195 role.Name, group.Name, domain.Name) 196 197 } 198 199 func TestInheritRolesAssignToGroupOnProject(t *testing.T) { 200 clients.RequireAdmin(t) 201 202 client, err := clients.NewIdentityV3Client() 203 th.AssertNoErr(t, err) 204 205 project, err := CreateProject(t, client, nil) 206 th.AssertNoErr(t, err) 207 defer DeleteProject(t, client, project.ID) 208 209 roleCreateOpts := roles.CreateOpts{ 210 DomainID: "default", 211 } 212 role, err := CreateRole(t, client, &roleCreateOpts) 213 th.AssertNoErr(t, err) 214 defer DeleteRole(t, client, role.ID) 215 216 groupCreateOpts := &groups.CreateOpts{ 217 DomainID: "default", 218 } 219 group, err := CreateGroup(t, client, groupCreateOpts) 220 th.AssertNoErr(t, err) 221 defer DeleteGroup(t, client, group.ID) 222 223 t.Logf("Attempting to assign a role %s to a group %s on a project %s", 224 role.Name, group.Name, project.Name) 225 226 assignOpts := osinherit.AssignOpts{ 227 GroupID: group.ID, 228 ProjectID: project.ID, 229 } 230 err = osinherit.Assign(client, role.ID, assignOpts).ExtractErr() 231 th.AssertNoErr(t, err) 232 233 t.Logf("Successfully assigned a role %s to a group %s on a project %s", 234 role.Name, group.Name, project.Name) 235 236 validateOpts := osinherit.ValidateOpts{ 237 GroupID: group.ID, 238 ProjectID: project.ID, 239 } 240 err = osinherit.Validate(client, role.ID, validateOpts).ExtractErr() 241 th.AssertNoErr(t, err) 242 243 t.Logf("Successfully validated inherited role %s to a group %s on a project %s", 244 role.Name, group.Name, project.Name) 245 246 unassignOpts := osinherit.UnassignOpts{ 247 GroupID: group.ID, 248 ProjectID: project.ID, 249 } 250 err = osinherit.Unassign(client, role.ID, unassignOpts).ExtractErr() 251 th.AssertNoErr(t, err) 252 253 t.Logf("Successfully unassigned inherited role %s to a group %s on a project %s", 254 role.Name, group.Name, project.Name) 255 256 }