github.com/gophercloud/gophercloud@v1.11.0/internal/acceptance/openstack/identity/v3/trusts_test.go (about) 1 //go:build acceptance || identity || trusts 2 // +build acceptance identity trusts 3 4 package v3 5 6 import ( 7 "testing" 8 "time" 9 10 "github.com/gophercloud/gophercloud/internal/acceptance/clients" 11 "github.com/gophercloud/gophercloud/internal/acceptance/tools" 12 "github.com/gophercloud/gophercloud/openstack" 13 "github.com/gophercloud/gophercloud/openstack/identity/v3/extensions/trusts" 14 "github.com/gophercloud/gophercloud/openstack/identity/v3/roles" 15 "github.com/gophercloud/gophercloud/openstack/identity/v3/tokens" 16 "github.com/gophercloud/gophercloud/openstack/identity/v3/users" 17 th "github.com/gophercloud/gophercloud/testhelper" 18 ) 19 20 func TestTrustCRUD(t *testing.T) { 21 clients.RequireAdmin(t) 22 23 client, err := clients.NewIdentityV3Client() 24 th.AssertNoErr(t, err) 25 26 // Generate a token and obtain the Admin user's ID from it. 27 ao, err := openstack.AuthOptionsFromEnv() 28 th.AssertNoErr(t, err) 29 30 authOptions := tokens.AuthOptions{ 31 Username: ao.Username, 32 Password: ao.Password, 33 DomainName: ao.DomainName, 34 DomainID: ao.DomainID, 35 } 36 37 token, err := tokens.Create(client, &authOptions).Extract() 38 th.AssertNoErr(t, err) 39 adminUser, err := tokens.Get(client, token.ID).ExtractUser() 40 th.AssertNoErr(t, err) 41 42 // Get the admin and member role IDs. 43 adminRoleID := "" 44 memberRoleID := "" 45 allPages, err := roles.List(client, nil).AllPages() 46 th.AssertNoErr(t, err) 47 allRoles, err := roles.ExtractRoles(allPages) 48 th.AssertNoErr(t, err) 49 50 for _, v := range allRoles { 51 if v.Name == "admin" { 52 adminRoleID = v.ID 53 } 54 55 if v.Name == "member" { 56 memberRoleID = v.ID 57 } 58 } 59 60 // Create a project to apply the trust. 61 trusteeProject, err := CreateProject(t, client, nil) 62 th.AssertNoErr(t, err) 63 defer DeleteProject(t, client, trusteeProject.ID) 64 65 tools.PrintResource(t, trusteeProject) 66 67 // Add the admin user to the trustee project. 68 assignOpts := roles.AssignOpts{ 69 UserID: adminUser.ID, 70 ProjectID: trusteeProject.ID, 71 } 72 73 err = roles.Assign(client, adminRoleID, assignOpts).ExtractErr() 74 th.AssertNoErr(t, err) 75 76 // Create a user as the trustee. 77 trusteeUserCreateOpts := users.CreateOpts{ 78 Password: "secret", 79 DomainID: "default", 80 } 81 trusteeUser, err := CreateUser(t, client, &trusteeUserCreateOpts) 82 th.AssertNoErr(t, err) 83 defer DeleteUser(t, client, trusteeUser.ID) 84 85 expiresAt := time.Now().Add(time.Minute).Truncate(time.Second).UTC() 86 // Create a trust. 87 trust, err := CreateTrust(t, client, trusts.CreateOpts{ 88 TrusteeUserID: trusteeUser.ID, 89 TrustorUserID: adminUser.ID, 90 ProjectID: trusteeProject.ID, 91 ExpiresAt: &expiresAt, 92 Roles: []trusts.Role{ 93 { 94 ID: memberRoleID, 95 }, 96 }, 97 }) 98 th.AssertNoErr(t, err) 99 defer DeleteTrust(t, client, trust.ID) 100 101 trust, err = FindTrust(t, client) 102 th.AssertNoErr(t, err) 103 104 // Get trust 105 p, err := trusts.Get(client, trust.ID).Extract() 106 th.AssertNoErr(t, err) 107 th.AssertEquals(t, p.ExpiresAt, expiresAt) 108 th.AssertEquals(t, p.DeletedAt.IsZero(), true) 109 110 tools.PrintResource(t, p) 111 112 // List trust roles 113 rolesPages, err := trusts.ListRoles(client, p.ID).AllPages() 114 th.AssertNoErr(t, err) 115 allTrustRoles, err := trusts.ExtractRoles(rolesPages) 116 th.AssertNoErr(t, err) 117 th.AssertEquals(t, len(allTrustRoles), 1) 118 th.AssertEquals(t, allTrustRoles[0].ID, memberRoleID) 119 120 // Get trust role 121 role, err := trusts.GetRole(client, p.ID, memberRoleID).Extract() 122 th.AssertNoErr(t, err) 123 th.AssertEquals(t, role.ID, memberRoleID) 124 125 // Check trust role 126 err = trusts.CheckRole(client, p.ID, memberRoleID).ExtractErr() 127 th.AssertNoErr(t, err) 128 }