How to use show_user_ec2_credential method in tempest

Best Python code snippet using tempest_python

test_ec2_credential.py

Source:test_ec2_credential.py Github

copy

Full Screen

1# Copyright 2020 SUSE LLC2#3# Licensed under the Apache License, Version 2.0 (the "License"); you may4# not use this file except in compliance with the License. You may obtain5# a copy of the License at6#7# http://www.apache.org/licenses/LICENSE-2.08#9# Unless required by applicable law or agreed to in writing, software10# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT11# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the12# License for the specific language governing permissions and limitations13# under the License.14import abc15from tempest.api.identity import base16from tempest import clients17from tempest.lib import auth18from tempest.lib.common.utils import data_utils19from tempest.lib import exceptions20from keystone_tempest_plugin.tests.rbac.v3 import base as rbac_base21class IdentityV3RbacEc2CredentialTest(rbac_base.IdentityV3RbacBaseTests,22 metaclass=abc.ABCMeta):23 @classmethod24 def setup_clients(cls):25 super(IdentityV3RbacEc2CredentialTest, cls).setup_clients()26 cls.persona = getattr(cls, 'os_%s' % cls.credentials[0])27 cls.client = cls.persona.users_v3_client28 cls.admin_client = cls.os_system_admin29 cls.admin_credentials_client = cls.admin_client.users_v3_client30 # personas in own or other domains31 own_domain_id = cls.persona.credentials.domain_id32 cls.test_client_1, cls.test_user_1, cls.test_project_1 = (33 cls.setup_user_client(domain_id=own_domain_id))34 cls.other_domain_id = cls.admin_client.domains_client.create_domain(35 name=data_utils.rand_name())['domain']['id']36 cls.addClassResourceCleanup(37 cls.admin_client.domains_client.delete_domain, cls.other_domain_id)38 cls.addClassResourceCleanup(39 cls.admin_client.domains_client.update_domain,40 domain_id=cls.other_domain_id, enabled=False)41 cls.test_client_2, cls.test_user_2, cls.test_project_2 = (42 cls.setup_user_client(domain_id=cls.other_domain_id))43 @classmethod44 def setup_user_client(cls, domain_id=None):45 """Set up project user with its own client.46 This is to enable the project user to create its own credential.47 Returns a client object and the user's ID.48 """49 user_dict = {50 'name': data_utils.rand_name('user'),51 'password': data_utils.rand_password(),52 }53 if domain_id:54 user_dict['domain_id'] = domain_id55 user_id = cls.admin_client.users_v3_client.create_user(56 **user_dict)['user']['id']57 def try_cleanup_user():58 # if domain is cleaned up first, user will already be deleted59 try:60 cls.admin_client.users_v3_client.delete_user(user_id)61 except exceptions.NotFound:62 pass63 cls.addClassResourceCleanup(try_cleanup_user)64 project_id = cls.admin_client.projects_client.create_project(65 data_utils.rand_name())['project']['id']66 cls.addClassResourceCleanup(67 cls.admin_client.projects_client.delete_project, project_id)68 member_role_id = cls.admin_client.roles_v3_client.list_roles(69 name='member')['roles'][0]['id']70 cls.admin_client.roles_v3_client.create_user_role_on_project(71 project_id, user_id, member_role_id)72 creds = auth.KeystoneV3Credentials(73 user_id=user_id,74 password=user_dict['password'],75 project_id=project_id)76 auth_provider = clients.get_auth_provider(creds)77 creds = auth_provider.fill_credentials()78 client = clients.Manager(credentials=creds)79 return client, user_id, project_id80 def ec2_credential(self, project_id=None):81 return {82 'tenant_id': project_id or self.project_id83 }84 @abc.abstractmethod85 def test_identity_ec2_create_credential(self):86 """Test identity:ec2_create_credential policy.87 This test must check:88 * whether the persona can create a credential for themself89 * whether the persona can create acredential for another user in90 their own domain91 * whether the persona can create acredential for another user in92 another domain93 """94 pass95 @abc.abstractmethod96 def test_identity_ec2_get_credential(self):97 """Test identity:ec2_get_credential policy.98 This test must check:99 * whether the persona can get their own credential100 * whether the persona can get a credential for a user in another101 domain102 * whether the persona can get a credential for a user in their own103 domain104 * whether the persona can get a credential that does not exist105 """106 pass107 @abc.abstractmethod108 def test_identity_ec2_list_credentials(self):109 """Test identity:list_credentials policy.110 This test must check:111 * whether the persona can list all credentials for themself112 * whether the persona can list credentials for a user in their own113 domain114 * whether the persona can list credentials for a user in another115 domain116 """117 pass118 @abc.abstractmethod119 def test_identity_ec2_delete_credential(self):120 """Test identity:ec2_delete_credential policy.121 This test must check122 * whether the persona can delete their own credential123 * whether the persona can delete a credential for a user in another124 domain125 * whether the persona can delete a credential for a user in their own126 domain127 * whether the persona can delete a credential that does not exist128 """129 pass130class SystemAdminTests(IdentityV3RbacEc2CredentialTest, base.BaseIdentityTest):131 credentials = ['system_admin']132 def test_identity_ec2_create_credential(self):133 # user can create their own credential134 user_id = self.persona.credentials.user_id135 resp = self.do_request(136 'create_user_ec2_credential',137 expected_status=201,138 user_id=user_id,139 **self.ec2_credential(project_id=self.test_project_1)140 )['credential']141 self.addCleanup(self.client.delete_user_ec2_credential,142 user_id=user_id, access=resp['access'])143 # user can create credential for other user144 resp = self.do_request(145 'create_user_ec2_credential',146 expected_status=201,147 user_id=self.test_user_2,148 **self.ec2_credential(project_id=self.test_project_2)149 )['credential']150 self.addCleanup(self.client.delete_user_ec2_credential,151 user_id=user_id, access=resp['access'])152 def test_identity_ec2_get_credential(self):153 # user can get their own credential154 user_id = self.persona.credentials.user_id155 cred = self.admin_credentials_client.create_user_ec2_credential(156 user_id=user_id,157 **self.ec2_credential(project_id=self.test_project_1)158 )['credential']159 self.addCleanup(160 self.admin_credentials_client.delete_user_ec2_credential,161 user_id=user_id, access=cred['access'])162 self.do_request('show_user_ec2_credential',163 user_id=user_id, access=cred['access'])164 # user can get credential for other user165 cred = self.admin_credentials_client.create_user_ec2_credential(166 user_id=self.test_user_2,167 **self.ec2_credential(project_id=self.test_project_2)168 )['credential']169 self.addCleanup(170 self.admin_credentials_client.delete_user_ec2_credential,171 user_id=self.test_user_2, access=cred['access'])172 self.do_request('show_user_ec2_credential',173 user_id=self.test_user_2, access=cred['access'])174 # non-existent credential is Not Found175 self.do_request(176 'show_user_ec2_credential',177 expected_status=exceptions.NotFound,178 user_id=self.test_user_2,179 access=data_utils.rand_uuid_hex())180 def test_identity_ec2_list_credentials(self):181 # user can list their own credentials182 user_id = self.persona.credentials.user_id183 cred = self.admin_credentials_client.create_user_ec2_credential(184 user_id=user_id,185 **self.ec2_credential(project_id=self.test_project_1)186 )['credential']187 self.addCleanup(188 self.admin_credentials_client.delete_user_ec2_credential,189 user_id=user_id, access=cred['access'])190 resp = self.do_request('list_user_ec2_credentials',191 user_id=user_id)['credentials']192 self.assertIn(cred['access'], [c['access'] for c in resp])193 # user can list credentials for other user194 cred = self.admin_credentials_client.create_user_ec2_credential(195 user_id=self.test_user_2,196 **self.ec2_credential(project_id=self.test_project_2)197 )['credential']198 self.addCleanup(199 self.admin_credentials_client.delete_user_ec2_credential,200 user_id=self.test_user_2, access=cred['access'])201 resp = self.do_request('list_user_ec2_credentials',202 user_id=self.test_user_2)['credentials']203 self.assertIn(cred['access'], [c['access'] for c in resp])204 def test_identity_ec2_delete_credential(self):205 # user can delete their own credential206 user_id = self.persona.credentials.user_id207 cred = self.admin_credentials_client.create_user_ec2_credential(208 user_id=user_id,209 **self.ec2_credential(project_id=self.test_project_1)210 )['credential']211 self.do_request(212 'delete_user_ec2_credential',213 expected_status=204,214 user_id=user_id, access=cred['access'])215 # user can delete another user's credential216 cred = self.admin_credentials_client.create_user_ec2_credential(217 user_id=self.test_user_2,218 **self.ec2_credential(project_id=self.test_project_2)219 )['credential']220 self.do_request(221 'delete_user_ec2_credential',222 expected_status=204,223 user_id=self.test_user_2, access=cred['access'])224 # non-existent credential is Not Found225 self.do_request(226 'delete_user_ec2_credential',227 expected_status=exceptions.NotFound,228 user_id=self.test_user_2,229 access=data_utils.rand_uuid_hex())230class SystemMemberTests(SystemAdminTests):231 credentials = ['system_member', 'system_admin']232 def test_identity_ec2_create_credential(self):233 # user can create their own credential234 user_id = self.persona.credentials.user_id235 resp = self.do_request(236 'create_user_ec2_credential',237 expected_status=201,238 user_id=user_id,239 **self.ec2_credential(project_id=self.test_project_1)240 )['credential']241 self.addCleanup(self.client.delete_user_ec2_credential,242 user_id=user_id, access=resp['access'])243 # user cannot create credential for other user244 self.do_request(245 'create_user_ec2_credential',246 expected_status=exceptions.Forbidden,247 user_id=self.test_user_2,248 **self.ec2_credential(project_id=self.test_project_2))249 def test_identity_ec2_delete_credential(self):250 # user can delete their own credential251 user_id = self.persona.credentials.user_id252 cred = self.admin_credentials_client.create_user_ec2_credential(253 user_id=user_id,254 **self.ec2_credential(project_id=self.test_project_1)255 )['credential']256 self.do_request(257 'delete_user_ec2_credential',258 expected_status=204,259 user_id=user_id, access=cred['access'])260 # user cannot delete another user's credential261 cred = self.admin_credentials_client.create_user_ec2_credential(262 user_id=self.test_user_2,263 **self.ec2_credential(project_id=self.test_project_2)264 )['credential']265 self.addCleanup(266 self.admin_credentials_client.delete_user_ec2_credential,267 user_id=self.test_user_2, access=cred['access'])268 self.do_request(269 'delete_user_ec2_credential',270 expected_status=exceptions.Forbidden,271 user_id=self.test_user_2, access=cred['access'])272 # non-existent credential is Not Found273 self.do_request(274 'delete_user_ec2_credential',275 expected_status=exceptions.NotFound,276 user_id=self.test_user_2,277 access=data_utils.rand_uuid_hex())278class SystemReaderTests(SystemMemberTests):279 credentials = ['system_reader', 'system_admin']280class DomainAdminTests(IdentityV3RbacEc2CredentialTest, base.BaseIdentityTest):281 credentials = ['domain_admin', 'system_admin']282 def test_identity_ec2_create_credential(self):283 # user cannot create their own credential284 user_id = self.persona.credentials.user_id285 self.do_request(286 'create_user_ec2_credential',287 expected_status=exceptions.Forbidden,288 user_id=user_id,289 **self.ec2_credential(project_id=self.test_project_1))290 # user cannot create credential for user in own domain291 self.do_request(292 'create_user_ec2_credential',293 expected_status=exceptions.Forbidden,294 user_id=self.test_user_1,295 **self.ec2_credential(project_id=self.test_project_1))296 # user cannot create credential for other user297 self.do_request(298 'create_user_ec2_credential',299 expected_status=exceptions.Forbidden,300 user_id=self.test_user_2,301 **self.ec2_credential(project_id=self.test_project_2))302 def test_identity_ec2_get_credential(self):303 # user cannot get their own credential304 user_id = self.persona.credentials.user_id305 cred = self.admin_credentials_client.create_user_ec2_credential(306 user_id=user_id,307 **self.ec2_credential(project_id=self.test_project_1)308 )['credential']309 self.addCleanup(310 self.admin_credentials_client.delete_user_ec2_credential,311 user_id=user_id, access=cred['access'])312 self.do_request('show_user_ec2_credential',313 expected_status=exceptions.Forbidden,314 user_id=user_id, access=cred['access'])315 # user cannot get credential for user in own domain316 cred = self.admin_credentials_client.create_user_ec2_credential(317 user_id=self.test_user_1,318 **self.ec2_credential(project_id=self.test_project_1)319 )['credential']320 self.addCleanup(321 self.admin_credentials_client.delete_user_ec2_credential,322 user_id=self.test_user_1, access=cred['access'])323 self.do_request('show_user_ec2_credential',324 expected_status=exceptions.Forbidden,325 user_id=self.test_user_2, access=cred['access'])326 # user cannot get credential for other user327 cred = self.admin_credentials_client.create_user_ec2_credential(328 user_id=self.test_user_2,329 **self.ec2_credential(project_id=self.test_project_2)330 )['credential']331 self.addCleanup(332 self.admin_credentials_client.delete_user_ec2_credential,333 user_id=self.test_user_2, access=cred['access'])334 self.do_request('show_user_ec2_credential',335 expected_status=exceptions.Forbidden,336 user_id=self.test_user_2, access=cred['access'])337 # non-existent credential is Not Found338 self.do_request(339 'show_user_ec2_credential',340 expected_status=exceptions.NotFound,341 user_id=self.test_user_2,342 access=data_utils.rand_uuid_hex())343 def test_identity_ec2_list_credentials(self):344 # user cannot list their own credentials345 user_id = self.persona.credentials.user_id346 cred = self.admin_credentials_client.create_user_ec2_credential(347 user_id=user_id,348 **self.ec2_credential(project_id=self.test_project_1)349 )['credential']350 self.addCleanup(351 self.admin_credentials_client.delete_user_ec2_credential,352 user_id=user_id, access=cred['access'])353 self.do_request('list_user_ec2_credentials',354 expected_status=exceptions.Forbidden,355 user_id=user_id)356 # user cannot list credentials for user in own domain357 cred = self.admin_credentials_client.create_user_ec2_credential(358 user_id=self.test_user_1,359 **self.ec2_credential(project_id=self.test_project_1)360 )['credential']361 self.addCleanup(362 self.admin_credentials_client.delete_user_ec2_credential,363 user_id=self.test_user_1, access=cred['access'])364 self.do_request('list_user_ec2_credentials',365 expected_status=exceptions.Forbidden,366 user_id=self.test_user_1)367 # user cannot list credentials for other user368 cred = self.admin_credentials_client.create_user_ec2_credential(369 user_id=self.test_user_2,370 **self.ec2_credential(project_id=self.test_project_2)371 )['credential']372 self.addCleanup(373 self.admin_credentials_client.delete_user_ec2_credential,374 user_id=self.test_user_2, access=cred['access'])375 self.do_request('list_user_ec2_credentials',376 expected_status=exceptions.Forbidden,377 user_id=self.test_user_2)378 def test_identity_ec2_delete_credential(self):379 # user cannot delete their own credential380 user_id = self.persona.credentials.user_id381 cred = self.admin_credentials_client.create_user_ec2_credential(382 user_id=user_id,383 **self.ec2_credential(project_id=self.test_project_1)384 )['credential']385 self.addCleanup(386 self.admin_credentials_client.delete_user_ec2_credential,387 user_id=user_id, access=cred['access'])388 self.do_request(389 'delete_user_ec2_credential',390 expected_status=exceptions.Forbidden,391 user_id=user_id, access=cred['access'])392 # user cannot delete credential for user in own domain393 cred = self.admin_credentials_client.create_user_ec2_credential(394 user_id=self.test_user_1,395 **self.ec2_credential(project_id=self.test_project_1)396 )['credential']397 self.addCleanup(398 self.admin_credentials_client.delete_user_ec2_credential,399 user_id=self.test_user_1, access=cred['access'])400 self.do_request(401 'delete_user_ec2_credential',402 expected_status=exceptions.Forbidden,403 user_id=self.test_user_1, access=cred['access'])404 # user cannot delete another user's credential405 cred = self.admin_credentials_client.create_user_ec2_credential(406 user_id=self.test_user_2,407 **self.ec2_credential(project_id=self.test_project_2)408 )['credential']409 self.addCleanup(410 self.admin_credentials_client.delete_user_ec2_credential,411 user_id=self.test_user_2, access=cred['access'])412 self.do_request(413 'delete_user_ec2_credential',414 expected_status=exceptions.Forbidden,415 user_id=self.test_user_2, access=cred['access'])416 # non-existent credential is Not Found417 self.do_request(418 'delete_user_ec2_credential',419 expected_status=exceptions.NotFound,420 user_id=self.test_user_2,421 access=data_utils.rand_uuid_hex())422class DomainMemberTests(DomainAdminTests):423 credentials = ['domain_member', 'system_admin']424class DomainReaderTests(DomainAdminTests):425 credentials = ['domain_reader', 'system_admin']426class ProjectAdminTests(SystemReaderTests):427 credentials = ['project_admin', 'system_admin']428 def test_identity_ec2_get_credential(self):429 # user can get their own credential430 user_id = self.persona.credentials.user_id431 cred = self.admin_credentials_client.create_user_ec2_credential(432 user_id=user_id,433 **self.ec2_credential(project_id=self.test_project_1)434 )['credential']435 self.addCleanup(436 self.admin_credentials_client.delete_user_ec2_credential,437 user_id=user_id, access=cred['access'])438 self.do_request('show_user_ec2_credential',439 user_id=user_id, access=cred['access'])440 # user cannot get credential for other user441 cred = self.admin_credentials_client.create_user_ec2_credential(442 user_id=self.test_user_2,443 **self.ec2_credential(project_id=self.test_project_2)444 )['credential']445 self.addCleanup(446 self.admin_credentials_client.delete_user_ec2_credential,447 user_id=self.test_user_2, access=cred['access'])448 self.do_request('show_user_ec2_credential',449 expected_status=exceptions.Forbidden,450 user_id=self.test_user_2, access=cred['access'])451 # non-existent credential is Not Found452 self.do_request(453 'show_user_ec2_credential',454 expected_status=exceptions.NotFound,455 user_id=self.test_user_2,456 access=data_utils.rand_uuid_hex())457 def test_identity_ec2_list_credentials(self):458 # user can list their own credentials459 user_id = self.persona.credentials.user_id460 cred = self.admin_credentials_client.create_user_ec2_credential(461 user_id=user_id,462 **self.ec2_credential(project_id=self.test_project_1)463 )['credential']464 self.addCleanup(465 self.admin_credentials_client.delete_user_ec2_credential,466 user_id=user_id, access=cred['access'])467 resp = self.do_request('list_user_ec2_credentials',468 user_id=user_id)['credentials']469 self.assertIn(cred['access'], [c['access'] for c in resp])470 # user cannot list credentials for other user471 cred = self.admin_credentials_client.create_user_ec2_credential(472 user_id=self.test_user_2,473 **self.ec2_credential(project_id=self.test_project_2)474 )['credential']475 self.addCleanup(476 self.admin_credentials_client.delete_user_ec2_credential,477 user_id=self.test_user_2, access=cred['access'])478 self.do_request('list_user_ec2_credentials',479 expected_status=exceptions.Forbidden,480 user_id=self.test_user_2)481class ProjectMemberTests(ProjectAdminTests):482 credentials = ['project_member', 'system_admin']483class ProjectReaderTests(ProjectAdminTests):...

Full Screen

Full Screen

test_ec2_credentials.py

Source:test_ec2_credentials.py Github

copy

Full Screen

...80 tenant_id=self.creds.tenant_id)["credential"]81 self.addCleanup(82 self.non_admin_users_client.delete_user_ec2_credential,83 self.creds.user_id, resp['access'])84 ec2_creds = self.non_admin_users_client.show_user_ec2_credential(85 self.creds.user_id, resp['access']86 )["credential"]87 for key in ['access', 'secret', 'user_id', 'tenant_id']:88 self.assertEqual(ec2_creds[key], resp[key])89 @decorators.idempotent_id('6aba0d4c-b76b-4e46-aa42-add79bc1551d')90 def test_delete_ec2_credential(self):91 """Delete user ec2 credential."""92 resp = self.non_admin_users_client.create_user_ec2_credential(93 self.creds.user_id,94 tenant_id=self.creds.tenant_id)["credential"]95 access = resp['access']96 self.non_admin_users_client.delete_user_ec2_credential(97 self.creds.user_id, access)98 self.assertRaises(...

Full Screen

Full Screen

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.

LambdaTest Learning Hubs:

YouTube

You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.

Run tempest automation tests on LambdaTest cloud grid

Perform automation testing on 3000+ real desktop and mobile devices online.

Try LambdaTest Now !!

Get 100 minutes of automation test minutes FREE!!

Next-Gen App & Browser Testing Cloud

Was this article helpful?

Helpful

NotHelpful