github.com/opentelekomcloud/gophertelekomcloud@v0.9.3/acceptance/openstack/identity/v3.0/users_test.go

github.com/opentelekomcloud/gophertelekomcloud@v0.9.3/acceptance/openstack/identity/v3.0/users_test.go (about)

     1  package v3
     2  
     3  import (
     4  	"os"
     5  	"testing"
     6  
     7  	"github.com/opentelekomcloud/gophertelekomcloud/acceptance/clients"
     8  	"github.com/opentelekomcloud/gophertelekomcloud/acceptance/tools"
     9  	"github.com/opentelekomcloud/gophertelekomcloud/openstack/common/pointerto"
    10  	"github.com/opentelekomcloud/gophertelekomcloud/openstack/identity/v3.0/security"
    11  	"github.com/opentelekomcloud/gophertelekomcloud/openstack/identity/v3.0/users"
    12  	oldusers "github.com/opentelekomcloud/gophertelekomcloud/openstack/identity/v3/users"
    13  	th "github.com/opentelekomcloud/gophertelekomcloud/testhelper"
    14  )
    15  
    16  func TestUserLifecycle(t *testing.T) {
    17  	if os.Getenv("OS_TENANT_ADMIN") == "" {
    18  		t.Skip("Policy doesn't allow NewIdentityV3AdminClient() to be initialized.")
    19  	}
    20  	client, err := clients.NewIdentityV30AdminClient()
    21  	th.AssertNoErr(t, err)
    22  
    23  	oldClient, err := clients.NewIdentityV3AdminClient()
    24  	th.AssertNoErr(t, err)
    25  
    26  	createOpts := users.CreateOpts{
    27  		Name:     tools.RandomString("user-name-", 4),
    28  		Enabled:  pointerto.Bool(true),
    29  		DomainID: client.DomainID,
    30  	}
    31  
    32  	user, err := users.CreateUser(client, createOpts)
    33  	if err != nil {
    34  		t.Fatalf("Unable to create user: %v", err)
    35  	}
    36  
    37  	t.Cleanup(func() {
    38  		err = oldusers.Delete(oldClient, user.ID).ExtractErr()
    39  		th.AssertNoErr(t, err)
    40  	})
    41  
    42  	th.AssertEquals(t, createOpts.Name, user.Name)
    43  	th.AssertEquals(t, *createOpts.Enabled, user.Enabled)
    44  
    45  	userGet, err := users.GetUser(client, user.ID)
    46  	if err != nil {
    47  		t.Fatalf("Unable to retrieve user: %v", err)
    48  	}
    49  
    50  	th.AssertEquals(t, userGet.Name, user.Name)
    51  	th.AssertEquals(t, userGet.Enabled, user.Enabled)
    52  	th.AssertEquals(t, userGet.Email, user.Email)
    53  	th.AssertEquals(t, userGet.DomainID, user.DomainID)
    54  
    55  	updateOpts := users.UpdateOpts{
    56  		Enabled:  pointerto.Bool(false),
    57  		Name:     tools.RandomString("new-user-name-", 4),
    58  		Password: tools.RandomString("Hello-world-", 5),
    59  	}
    60  
    61  	userUpdate, err := users.ModifyUser(client, user.ID, updateOpts)
    62  	if err != nil {
    63  		t.Fatalf("Unable to update user info: %v", err)
    64  	}
    65  
    66  	th.AssertEquals(t, userUpdate.Name, updateOpts.Name)
    67  	th.AssertEquals(t, userUpdate.Enabled, *updateOpts.Enabled)
    68  	th.AssertEquals(t, userUpdate.Email, updateOpts.Email)
    69  	th.AssertEquals(t, userUpdate.DomainID, userGet.DomainID)
    70  }
    71  
    72  func TestSecurityLifecycle(t *testing.T) {
    73  	if os.Getenv("OS_TENANT_ADMIN") == "" {
    74  		t.Skip("Policy doesn't allow NewIdentityV3AdminClient() to be initialized.")
    75  	}
    76  	client, err := clients.NewIdentityV30AdminClient()
    77  	th.AssertNoErr(t, err)
    78  
    79  	oldClient, err := clients.NewIdentityV3AdminClient()
    80  	th.AssertNoErr(t, err)
    81  
    82  	createOpts := users.CreateOpts{
    83  		Name:     tools.RandomString("test-sdk-user-name-", 4),
    84  		Enabled:  pointerto.Bool(true),
    85  		DomainID: client.DomainID,
    86  	}
    87  
    88  	user, err := users.CreateUser(client, createOpts)
    89  	if err != nil {
    90  		t.Fatalf("Unable to create user: %v", err)
    91  	}
    92  
    93  	t.Cleanup(func() {
    94  		err = oldusers.Delete(oldClient, user.ID).ExtractErr()
    95  		th.AssertNoErr(t, err)
    96  	})
    97  
    98  	domainAuthPolicy, err := security.GetLoginAuthPolicy(client, client.DomainID)
    99  	th.AssertNoErr(t, err)
   100  	tools.PrintResource(t, domainAuthPolicy)
   101  
   102  	opProtectionPolicy, err := security.GetOperationProtectionPolicy(client, client.DomainID)
   103  	th.AssertNoErr(t, err)
   104  	tools.PrintResource(t, opProtectionPolicy)
   105  
   106  	passwordPolicy, err := security.GetPasswordPolicy(client, client.DomainID)
   107  	th.AssertNoErr(t, err)
   108  	tools.PrintResource(t, passwordPolicy)
   109  
   110  	updateUserProtectionConfig, err := security.UpdateLoginProtectionConfiguration(client, user.ID,
   111  		security.LoginProtectionUpdateOpts{
   112  			Enabled:            pointerto.Bool(true),
   113  			VerificationMethod: "vmfa",
   114  		})
   115  	th.AssertNoErr(t, err)
   116  	th.AssertEquals(t, updateUserProtectionConfig.UserId, user.ID)
   117  	th.AssertEquals(t, *updateUserProtectionConfig.Enabled, true)
   118  
   119  	userProtectionConfig, err := security.GetLoginProtectionConfiguration(client, user.ID)
   120  	th.AssertNoErr(t, err)
   121  	th.AssertEquals(t, userProtectionConfig.UserId, user.ID)
   122  	th.AssertEquals(t, *userProtectionConfig.Enabled, true)
   123  
   124  	userProtectionConfigs, err := security.ListLoginProtectionConfigurations(client)
   125  	th.AssertNoErr(t, err)
   126  	tools.PrintResource(t, userProtectionConfigs)
   127  
   128  	list, err := security.ListUserMfaDevices(client)
   129  	th.AssertNoErr(t, err)
   130  	tools.PrintResource(t, list)
   131  }