github.com/vnpaycloud-console/gophercloud/v2@v2.0.5/internal/acceptance/openstack/identity/v3/trusts_test.go

github.com/vnpaycloud-console/gophercloud/v2@v2.0.5/internal/acceptance/openstack/identity/v3/trusts_test.go (about)

     1  //go:build acceptance || identity || trusts
     2  
     3  package v3
     4  
     5  import (
     6  	"context"
     7  	"testing"
     8  	"time"
     9  
    10  	"github.com/vnpaycloud-console/gophercloud/v2/internal/acceptance/clients"
    11  	"github.com/vnpaycloud-console/gophercloud/v2/internal/acceptance/tools"
    12  	"github.com/vnpaycloud-console/gophercloud/v2/openstack"
    13  	"github.com/vnpaycloud-console/gophercloud/v2/openstack/identity/v3/roles"
    14  	"github.com/vnpaycloud-console/gophercloud/v2/openstack/identity/v3/tokens"
    15  	"github.com/vnpaycloud-console/gophercloud/v2/openstack/identity/v3/trusts"
    16  	"github.com/vnpaycloud-console/gophercloud/v2/openstack/identity/v3/users"
    17  	th "github.com/vnpaycloud-console/gophercloud/v2/testhelper"
    18  )
    19  
    20  func TestTrustCRUD(t *testing.T) {
    21  	clients.RequireAdmin(t)
    22  
    23  	client, err := clients.NewIdentityV3Client()
    24  	th.AssertNoErr(t, err)
    25  
    26  	// Generate a token and obtain the Admin user's ID from it.
    27  	ao, err := openstack.AuthOptionsFromEnv()
    28  	th.AssertNoErr(t, err)
    29  
    30  	authOptions := tokens.AuthOptions{
    31  		Username:   ao.Username,
    32  		UserID:     ao.UserID,
    33  		Password:   ao.Password,
    34  		DomainName: ao.DomainName,
    35  		DomainID:   ao.DomainID,
    36  		Scope: tokens.Scope{
    37  			ProjectID:   ao.TenantID,
    38  			ProjectName: ao.TenantName,
    39  			DomainID:    ao.DomainID,
    40  			DomainName:  ao.DomainName,
    41  		},
    42  	}
    43  
    44  	token, err := tokens.Create(context.TODO(), client, &authOptions).Extract()
    45  	th.AssertNoErr(t, err)
    46  	adminUser, err := tokens.Get(context.TODO(), client, token.ID).ExtractUser()
    47  	th.AssertNoErr(t, err)
    48  
    49  	// Get the admin and member role IDs.
    50  	adminRoleID := ""
    51  	memberRoleID := ""
    52  	allPages, err := roles.List(client, nil).AllPages(context.TODO())
    53  	th.AssertNoErr(t, err)
    54  	allRoles, err := roles.ExtractRoles(allPages)
    55  	th.AssertNoErr(t, err)
    56  
    57  	for _, v := range allRoles {
    58  		if v.Name == "admin" {
    59  			adminRoleID = v.ID
    60  		}
    61  
    62  		if v.Name == "member" {
    63  			memberRoleID = v.ID
    64  		}
    65  	}
    66  
    67  	// Create a project to apply the trust.
    68  	trusteeProject, err := CreateProject(t, client, nil)
    69  	th.AssertNoErr(t, err)
    70  	defer DeleteProject(t, client, trusteeProject.ID)
    71  
    72  	tools.PrintResource(t, trusteeProject)
    73  
    74  	// Add the admin user to the trustee project.
    75  	assignOpts := roles.AssignOpts{
    76  		UserID:    adminUser.ID,
    77  		ProjectID: trusteeProject.ID,
    78  	}
    79  
    80  	err = roles.Assign(context.TODO(), client, adminRoleID, assignOpts).ExtractErr()
    81  	th.AssertNoErr(t, err)
    82  
    83  	// Create a user as the trustee.
    84  	trusteeUserCreateOpts := users.CreateOpts{
    85  		Password: "secret",
    86  		DomainID: "default",
    87  	}
    88  	trusteeUser, err := CreateUser(t, client, &trusteeUserCreateOpts)
    89  	th.AssertNoErr(t, err)
    90  	defer DeleteUser(t, client, trusteeUser.ID)
    91  
    92  	expiresAt := time.Now().Add(time.Minute).Truncate(time.Second).UTC()
    93  	// Create a trust.
    94  	trust, err := CreateTrust(t, client, trusts.CreateOpts{
    95  		TrusteeUserID: trusteeUser.ID,
    96  		TrustorUserID: adminUser.ID,
    97  		ProjectID:     trusteeProject.ID,
    98  		ExpiresAt:     &expiresAt,
    99  		Roles: []trusts.Role{
   100  			{
   101  				ID: memberRoleID,
   102  			},
   103  		},
   104  	})
   105  	th.AssertNoErr(t, err)
   106  	defer DeleteTrust(t, client, trust.ID)
   107  
   108  	trust, err = FindTrust(t, client)
   109  	th.AssertNoErr(t, err)
   110  
   111  	// Get trust
   112  	p, err := trusts.Get(context.TODO(), client, trust.ID).Extract()
   113  	th.AssertNoErr(t, err)
   114  	th.AssertEquals(t, p.ExpiresAt, expiresAt)
   115  	th.AssertEquals(t, p.DeletedAt.IsZero(), true)
   116  
   117  	tools.PrintResource(t, p)
   118  
   119  	// List trust roles
   120  	rolesPages, err := trusts.ListRoles(client, p.ID).AllPages(context.TODO())
   121  	th.AssertNoErr(t, err)
   122  	allTrustRoles, err := trusts.ExtractRoles(rolesPages)
   123  	th.AssertNoErr(t, err)
   124  	th.AssertEquals(t, len(allTrustRoles), 1)
   125  	th.AssertEquals(t, allTrustRoles[0].ID, memberRoleID)
   126  
   127  	// Get trust role
   128  	role, err := trusts.GetRole(context.TODO(), client, p.ID, memberRoleID).Extract()
   129  	th.AssertNoErr(t, err)
   130  	th.AssertEquals(t, role.ID, memberRoleID)
   131  
   132  	// Check trust role
   133  	err = trusts.CheckRole(context.TODO(), client, p.ID, memberRoleID).ExtractErr()
   134  	th.AssertNoErr(t, err)
   135  }