diff options
| author | Ziad Sawalha <ziad.sawalha@rackspace.com> | 2011-06-21 19:08:57 -0700 |
|---|---|---|
| committer | Ziad Sawalha <ziad.sawalha@rackspace.com> | 2011-06-21 19:08:57 -0700 |
| commit | 243bcbb07e39c7670deccf57c7fe7fbb96bb955e (patch) | |
| tree | 95b8846231c7d26403b6729fd4aa985d3bbd517a | |
| parent | a8077c2581073e371688f30c55cf66fb12b99b6f (diff) | |
| parent | 7e706eb1c59d18b7448a81d9483ad268b0c29e84 (diff) | |
| download | keystone-243bcbb07e39c7670deccf57c7fe7fbb96bb955e.tar.gz keystone-243bcbb07e39c7670deccf57c7fe7fbb96bb955e.tar.xz keystone-243bcbb07e39c7670deccf57c7fe7fbb96bb955e.zip | |
Merge pull request #53 from dolph/master
Fixes for issues 20 & 32
51 files changed, 1787 insertions, 738 deletions
@@ -11,5 +11,6 @@ keystone.db *.pid pidfile *.komodoproject -docs/build/ +doc/build/ build/ +doc/guide/target @@ -46,8 +46,7 @@ documents the APIs to call and how to use them. #### Starting services Starting both Admin and Service API endpoints: - $ cd bin - $ ./keystone + $ ./bin/keystone # For Keystone Contributors @@ -100,18 +99,15 @@ $ pip install -r tools/pip-requires-dev Starting both Admin and Service API endpoints: - $ cd bin - $ ./keystone + $ ./bin/keystone Starting the auth server only (exposes the Service API): - $ cd bin - $ ./keystone-auth + $ ./bin/keystone-auth Starting the admin server only (exposes the Admin API): - $ cd bin - $ ./keystone-admin + $ ./bin/keystone-admin By default, configuration parameters (such as the IP and port binding for each service) are parsed from `etc/keystone.conf`. @@ -122,8 +118,7 @@ Before running tests, ensure you have installed the testing dependencies as desc #### Test data A set of sample data can be added by running a shell script: - $ cd bin - $ ./sampledata.sh + $ ./bin/sampledata.sh The script calls `keystone-manage` to create the sample data. @@ -137,21 +132,17 @@ To run client demo (with all auth middleware running locally on sample service): #### Unit Tests -Prepare to run unit tests by changing to the unit test directory: - - $ cd keystone/test/unit - There are 10 groups of tests. They can be run individually or as an entire colection. To run the entire test suite run: - $ python test_keystone.py + $ python keystone/test/unit/test_keystone.py A test can also be run individually, e.g.: - $ python test_token.py + $ python keystone/test/unit/test_token.py For more on unit testing please refer to: - $ python test_keystone.py --help + $ python keystone/test/unit/test_keystone.py --help #### API Validation @@ -177,21 +168,20 @@ information is therefore called a `Developer Guide`. Developer in this case is n working on the Keystone source code itself. The [dev guide](https://github.com/rackspace/keystone/raw/master/keystone/content/identitydevguide.pdf) is automatically -generated from XML and other artifacts in the `keystone/docs/src` folder. +generated from XML and other artifacts in the `doc/guide` folder. -To build the API `dev guide` from source, you need [Maven](http://maven.apache.org/). To build the docs, -run the following from the `Keystone/docs` folder: +To build the Developer Guide from source, you need [Maven](http://maven.apache.org/). To build the docs and publish a new PDF: - $ mvn clean generate-sources + $ cd doc/guide + $ mvn clean generate-sources && cp target/docbkx/pdf/identitydevguide.pdf ../../keystone/content/identitydevguide.pdf -The output will go into the `keystone/docs/target` folder (the source is in `keystone/docs/src`). Output -generated is PDF and webhelp. +The output will go into the `doc/guide/target` folder (the source is in `doc/guide/src`). Output generated is PDF and webhelp. ### Editing and Compiling the Admin Guide The Admin guide is written in RST and compiled using sphinx. From the `keystone` folder: - $ python setup.py build_sphinx && firefox build/sphinx/html/index.html + $ python setup.py build_sphinx && firefox build/sphinx/html/index.html ## Additional Information: @@ -214,10 +204,13 @@ in troubleshooting: # Get a token for a tenant $ curl -d '{"passwordCredentials": {"username": "joeuser", "password": "secrete", "tenantId": "1234"}}' -H "Content-type: application/json" http://localhost:8080/v2.0/tokens +<<<<<<< HEAD +======= # Get an admin token $ curl -d '{"passwordCredentials": {"username": "admin", "password": "secrete"}}' -H "Content-type: application/json" http://localhost:8081/v2.0/tokens +>>>>>>> c8de07620830c3d9f5bfb7c8d818a0440d1076c4 </pre> #### Load Testing diff --git a/bin/keystone b/bin/keystone index fd5646c7..30c5653c 100755 --- a/bin/keystone +++ b/bin/keystone @@ -36,8 +36,7 @@ if os.path.exists(os.path.join(possible_topdir, 'keystone', '__init__.py')): import tools.tracer #@UnusedImport # module runs on import import keystone -from keystone.common import config -from keystone.common import wsgi +from keystone.common import config, wsgi if __name__ == '__main__': @@ -47,10 +46,9 @@ if __name__ == '__main__': config.add_log_options(parser) # Handle a special argument to support starting two endpoints - common_group.add_option('-a', '--admin-port', default=8081, - dest="admin_port", metavar="PORT", - help="specifies port for Admin API to listen" - "on (default is 8081)") + common_group.add_option( + '-a', '--admin-port', dest="admin_port", metavar="PORT", + help="specifies port for Admin API to listen on (default is 8081)") # Parse arguments and load config (options, args) = config.parse_options(parser) @@ -60,15 +58,19 @@ if __name__ == '__main__': # Load Service API server conf, app = config.load_paste_app( 'keystone-legacy-auth', options, args) + admin_conf, admin_app = config.load_paste_app( + 'admin', options, args) debug = options.get('debug') or conf.get('debug', False) debug = debug in [True, "True", "1"] verbose = options.get('verbose') or conf.get('verbose', False) verbose = verbose in [True, "True", "1"] + if debug or verbose: config_file = config.find_config_file(options, args) print "Using config file:", config_file - + + # Load API server server = wsgi.Server() server.start(app, int(conf['server_bind_port']), conf['server_bind_host']) @@ -76,15 +78,13 @@ if __name__ == '__main__': conf['server_bind_port']) # Load Admin API server - admin_conf, admin_app = config.load_paste_app('admin', options, args) admin_server = wsgi.Server() admin_bind = options.get('admin_port') or admin_conf.get('bind_port') - if conf['server_bind_port'] == admin_bind: - admin_bind += 1 admin_server.start(admin_app, int(admin_bind), admin_conf['bind_host']) print "Admin API listening on %s:%s" % (admin_conf['bind_host'], admin_bind) + # Wait until done server.wait() except RuntimeError, e: diff --git a/bin/keystone-manage b/bin/keystone-manage index 01b3a418..6641e082 100755 --- a/bin/keystone-manage +++ b/bin/keystone-manage @@ -78,7 +78,7 @@ def Main(): parser.error('No object type specified for first argument') object_type = args[0] - if object_type in ['user', 'tenant', 'role', 'endpointTemplates' , 'token', 'endpoint']: + if object_type in ['user', 'tenant', 'role', 'baseURLs' , 'token', 'tenant_baseURL']: pass else: parser.error('%s is not a supported object type' % object_type) @@ -260,10 +260,10 @@ def Main(): except Exception as exc: print "ERROR: Failed to grant role %s to %s on %s: %s" % (object_id, user, tenant, exc) return - elif object_type == "endpointTemplates": + elif object_type == "baseURLs": if command == "add": if len(args) < 8: - parser.error("Missing arguments: endpointTemplates add " \ + parser.error("Missing arguments: baseURLs add " \ "'region' 'service'" \ "'publicURL' 'adminURL' 'internalURL' 'enabled'") region = args[2] @@ -273,29 +273,29 @@ def Main(): internal_url = args[6] enabled = args[7] try: - object = db_models.EndpointTemplates() + object = db_models.BaseUrls() object.region = region object.service = service object.public_url = public_url object.admin_url = admin_url object.internal_url = internal_url object.enabled = enabled - object = db_api.endpoint_template.create(object) - print "SUCCESS: Created EndpointTemplates for %s pointing to %s." % \ + object = db_api.baseurl.create(object) + print "SUCCESS: Created BaseURL for %s pointing to %s." % \ (object.service, object.public_url) return except Exception as exc: - print "ERROR: Failed to create EndpointTemplates for %s: %s" % (service, + print "ERROR: Failed to create BaseURL for %s: %s" % (service, exc) return elif command == "list": if len(args) == 3: tenant = args[2] try: - objects = db_api.endpoint_template.endpoint_get_by_tenant(tenant) + objects = db_api.baseurl.ref_get_by_tenant(tenant) if objects == None: raise IndexError("URLs not found") - print 'Endpoints for tenant %s' % tenant + print 'Endpoints (BaseURLs) for tenant %s' % tenant print 'service', 'region', 'Public URL' print '-' * 30 for row in objects: @@ -307,35 +307,35 @@ def Main(): else: tenant = None try: - objects = db_api.endpoint_template.get_all() + objects = db_api.baseurl.get_all() if objects == None: raise IndexError("URLs not found") - print 'All EndpointTemplates' + print 'All Endpoints (BaseURLs)' print 'service', 'region', 'Public URL' print '-' * 20 for row in objects: print row.service, row.region, row.public_url except Exception, e: - print 'Error getting all EndpointTemplates:', str(e) + print 'Error getting all BaseURLs:', str(e) return - elif object_type == "endpoint": + elif object_type == "tenant_baseURL": if command == "add": if len(args) < 4: - parser.error("Missing arguments: endPoint add 'tenant'\ - 'endPointTemplate'") + parser.error("Missing arguments: baseURLs add 'tenant'\ + 'baseURL'") tenant_id = args[2] - endpoint_template_id = args[3] + baseURLs_id = args[3] try: - object = db_models.Endpoints() + object = db_models.TenantBaseURLAssociation() object.tenant_id = tenant_id - object.endpoint_template_id = endpoint_template_id - object = db_api.endpoint_template.endpoint_add(object) - print "SUCCESS: EndpointTemplate %s added to tenant %s." % \ - (endpoint_template_id, tenant_id) + object.baseURLs_id = baseURLs_id + object = db_api.baseurl.ref_add(object) + print "SUCCESS: BaseURL %s added to tenant %s." % \ + (baseURLs_id, tenant_id) return except Exception as exc: - print "ERROR: Failed to create Endpoint: %s" % exc + print "ERROR: Failed to create BaseURL Ref: %s" % exc return elif object_type == "token": if command == "add": diff --git a/bin/sampledata.sh b/bin/sampledata.sh index 95a523ab..719bb0bb 100755 --- a/bin/sampledata.sh +++ b/bin/sampledata.sh @@ -19,56 +19,52 @@ # under the License. # Tenants -./keystone-manage $* tenant add 1234 -./keystone-manage $* tenant add ANOTHER:TENANT -./keystone-manage $* tenant add 0000 -./keystone-manage $* tenant disable 0000 +`dirname $0`/keystone-manage $* tenant add 1234 +`dirname $0`/keystone-manage $* tenant add ANOTHER:TENANT +`dirname $0`/keystone-manage $* tenant add 0000 +`dirname $0`/keystone-manage $* tenant disable 0000 # Users -./keystone-manage $* user add joeuser secrete 1234 -./keystone-manage $* user add joeadmin secrete 1234 -./keystone-manage $* user add admin secrete 1234 -./keystone-manage $* user add disabled secrete 1234 -./keystone-manage $* user disable disabled +`dirname $0`/keystone-manage $* user add joeuser secrete 1234 +`dirname $0`/keystone-manage $* user add joeadmin secrete 1234 +`dirname $0`/keystone-manage $* user add admin secrete 1234 +`dirname $0`/keystone-manage $* user add disabled secrete 1234 +`dirname $0`/keystone-manage $* user disable disabled # Roles -./keystone-manage $* role add Admin -./keystone-manage $* role add Member -./keystone-manage $* role grant Admin admin -./keystone-manage $* role grant Admin joeadmin 1234 -./keystone-manage $* role grant Admin joeadmin ANOTHER:TENANT - -# Add a user to a tenant with role Member -./keystone-manage $* role grant Member joeuser 0000 +`dirname $0`/keystone-manage $* role add Admin +`dirname $0`/keystone-manage $* role grant Admin admin +`dirname $0`/keystone-manage $* role grant Admin joeadmin 1234 +`dirname $0`/keystone-manage $* role grant Admin joeadmin ANOTHER:TENANT #BaseURLs -./keystone-manage $* endpointTemplates add RegionOne swift http://swift.publicinternets.com/v1/AUTH_%tenant_id% http://swift.admin-nets.local:8080/ http://127.0.0.1:8080/v1/AUTH_%tenant_id% 1 -./keystone-manage $* endpointTemplates add RegionOne nova_compat http://nova.publicinternets.com/v1.0/ http://127.0.0.1:8774/v1.0 http://localhost:8774/v1.0 1 -./keystone-manage $* endpointTemplates add RegionOne nova http://nova.publicinternets.com/v1.1/ http://127.0.0.1:8774/v1.1 http://localhost:8774/v1.1 1 -./keystone-manage $* endpointTemplates add RegionOne glance http://glance.publicinternets.com/v1.1/%tenant_id% http://nova.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:9292/v1.1/%tenant_id% 1 -./keystone-manage $* endpointTemplates add RegionOne cdn http://cdn.publicinternets.com/v1.1/%tenant_id% http://cdn.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:7777/v1.1/%tenant_id% 1 -./keystone-manage $* endpointTemplates add RegionOne keystone http://keystone.publicinternets.com/v2.0 http://127.0.0.1:8081/v2.0 http://127.0.0.1:8080/v2.0 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne swift http://swift.publicinternets.com/v1/AUTH_%tenant_id% http://swift.admin-nets.local:8080/ http://127.0.0.1:8080/v1/AUTH_%tenant_id% 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne nova_compat http://nova.publicinternets.com/v1.0/ http://127.0.0.1:8774/v1.0 http://localhost:8774/v1.0 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne nova http://nova.publicinternets.com/v1.1/ http://127.0.0.1:8774/v1.1 http://localhost:8774/v1.1 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne glance http://glance.publicinternets.com/v1.1/%tenant_id% http://nova.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:9292/v1.1/%tenant_id% 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne cdn http://cdn.publicinternets.com/v1.1/%tenant_id% http://cdn.admin-nets.local/v1.1/%tenant_id% http://127.0.0.1:7777/v1.1/%tenant_id% 1 +`dirname $0`/keystone-manage $* baseURLs add RegionOne keystone http://keystone.publicinternets.com/v2.0 http://127.0.0.1:8081/v2.0 http://127.0.0.1:8080/v2.0 1 # Groups -#./keystone-manage $* group add Admin 1234 -#./keystone-manage $* group add Default 1234 -#./keystone-manage $* group add Empty 0000 +#`dirname $0`/keystone-manage $* group add Admin 1234 +#`dirname $0`/keystone-manage $* group add Default 1234 +#`dirname $0`/keystone-manage $* group add Empty 0000 # User Group Associations -#./keystone-manage $* user joeuser join Default -#./keystone-manage $* user disabled join Default -#./keystone-manage $* user admin join Admin +#`dirname $0`/keystone-manage $* user joeuser join Default +#`dirname $0`/keystone-manage $* user disabled join Default +#`dirname $0`/keystone-manage $* user admin join Admin # Tokens -./keystone-manage $* token add 887665443383838 joeuser 1234 2012-02-05T00:00 -./keystone-manage $* token add 999888777666 admin 1234 2015-02-05T00:00 -./keystone-manage $* token add 000999 admin 1234 2010-02-05T00:00 -./keystone-manage $* token add 999888777 disabled 1234 2015-02-05T00:00 +`dirname $0`/keystone-manage $* token add 887665443383838 joeuser 1234 2012-02-05T00:00 +`dirname $0`/keystone-manage $* token add 999888777666 admin 1234 2015-02-05T00:00 +`dirname $0`/keystone-manage $* token add 000999 admin 1234 2010-02-05T00:00 +`dirname $0`/keystone-manage $* token add 999888777 disabled 1234 2015-02-05T00:00 #Tenant base urls -./keystone-manage $* endpoint add 1234 1 -./keystone-manage $* endpoint add 1234 2 -./keystone-manage $* endpoint add 1234 3 -./keystone-manage $* endpoint add 1234 4 -./keystone-manage $* endpoint add 1234 5 -./keystone-manage $* endpoint add 1234 6 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 1 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 2 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 3 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 4 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 5 +`dirname $0`/keystone-manage $* tenant_baseURL add 1234 6 diff --git a/doc/guide/src/docbkx/identitydevguide.xml b/doc/guide/src/docbkx/identitydevguide.xml index 7fc0f72e..ec23e38f 100755 --- a/doc/guide/src/docbkx/identitydevguide.xml +++ b/doc/guide/src/docbkx/identitydevguide.xml @@ -60,7 +60,7 @@ </copyright> <releaseinfo>API v2.0</releaseinfo> <productname>Keystone - OpenStack Identity</productname> - <pubdate>2011-06-10</pubdate> + <pubdate>2011-06-21</pubdate> <legalnotice role="apache2"> <annotation> <remark>Copyright details are filled in by the template.</remark> diff --git a/doc/guide/src/docbkx/samples/auth.json b/doc/guide/src/docbkx/samples/auth.json index b5fbada2..c74dcb2b 100644 --- a/doc/guide/src/docbkx/samples/auth.json +++ b/doc/guide/src/docbkx/samples/auth.json @@ -1,37 +1,37 @@ { - "auth" : { - "token" : { - "id" : "asdasdasd-adsasdads-asdasdasd-adsadsasd", - "expires" : "2010-11-01T03:32:15-05:00" + "auth":{ + "token":{ + "id":"asdasdasd-adsasdads-asdasdasd-adsadsasd", + "expires":"2010-11-01T03:32:15-05:00" + }, + "serviceCatalog":{ + "service1":[ + { + "region":"DFW", + "publicURL":"https://service1-public/v1/blah-blah", + "internalURL":"https://service1-internal/v1/blah-blah" }, - "serviceCatalog" : { - "service1" : [ - { - "region" : "DFW", - "publicURL" : "https://service1-public/v1/blah-blah", - "internalURL" : "https://service1-internal/v1/blah-blah" - }, - { - "region" : "ORD", - "publicURL" : "https://service1-public-ord/v1/blah-blah", - "internalURL" : "https://service1-internal-ord/v1/blah-blah" - } - ], - "service2" : [ - { - "region" : "DFW", - "publicURL" : "https://service2-public-dfw/v1/blah-blah", - }, - { - "region" : "ORD", - "publicURL" : "https://service2-public-orf/v1/blah-blah", - } - ], - "service3" : [ - { - "publicURL" : "https://service3-public/v1/blah-blah", - } - ] + { + "region":"ORD", + "publicURL":"https://service1-public-ord/v1/blah-blah", + "internalURL":"https://service1-internal-ord/v1/blah-blah" } + ], + "service2":[ + { + "region":"DFW", + "publicURL":"https://service2-public-dfw/v1/blah-blah" + }, + { + "region":"ORD", + "publicURL":"https://service2-public-orf/v1/blah-blah" + } + ], + "service3":[ + { + "publicURL":"https://service3-public/v1/blah-blah" + } + ] } + } } diff --git a/doc/guide/src/docbkx/samples/auth_credentials.json b/doc/guide/src/docbkx/samples/auth_credentials.json index 67b06304..a886351a 100644 --- a/doc/guide/src/docbkx/samples/auth_credentials.json +++ b/doc/guide/src/docbkx/samples/auth_credentials.json @@ -1,7 +1,7 @@ { - "passwordCredentials" : { - "username" : "test_user", - "password" : "a86850deb2742ec3cb41518e26aa2d89", - "tenantId" : "77654" - } + "passwordCredentials":{ + "username":"test_user", + "password":"a86850deb2742ec3cb41518e26aa2d89", + "tenantId":"77654" + } } diff --git a/doc/guide/src/docbkx/samples/baseURL.json b/doc/guide/src/docbkx/samples/baseURL.json index 534484aa..3c15aafe 100644 --- a/doc/guide/src/docbkx/samples/baseURL.json +++ b/doc/guide/src/docbkx/samples/baseURL.json @@ -1,12 +1,11 @@ { - "baseURL" : - { - "id" : 1, - "region" : "DFW", - "default" : true, - "serviceName" : "service1", - "publicURL" : "https://service-public.com/v1", - "internalURL" : "https://service-internal.com/v1", - "enabled" : true - } + "baseURL":{ + "id":1, + "region":"DFW", + "default":true, + "serviceName":"service1", + "publicURL":"https://service-public.com/v1", + "internalURL":"https://service-internal.com/v1", + "enabled":true + } } diff --git a/doc/guide/src/docbkx/samples/baseURLRef.json b/doc/guide/src/docbkx/samples/baseURLRef.json index aed01500..13e8c9dc 100644 --- a/doc/guide/src/docbkx/samples/baseURLRef.json +++ b/doc/guide/src/docbkx/samples/baseURLRef.json @@ -1,5 +1,5 @@ { - "baseURLRef" : { - "id" : 3 - } + "baseURLRef":{ + "id":3 + } } diff --git a/doc/guide/src/docbkx/samples/baseURLRefs.json b/doc/guide/src/docbkx/samples/baseURLRefs.json index a815f2b9..6f0fd41e 100644 --- a/doc/guide/src/docbkx/samples/baseURLRefs.json +++ b/doc/guide/src/docbkx/samples/baseURLRefs.json @@ -1,24 +1,24 @@ { - "baseURLRefs" : [ - { - "id" : 1, - "href" : "https://auth.keystone.com/v2.0/baseURLs/1" - }, - { - "id" : 2 - "href" : "https://auth.keystone.com/v2.0/baseURLs/2" - }, - { - "id" : 3, - "href" : "https://auth.keystone.com/v2.0/baseURLs/3" - }, - { - "id" : 4, - "href" : "https://auth.keystone.com/v2.0/baseURLs/4" - }, - { - "id" : 5, - "href" : "https://auth.keystone.com/v2.0/baseURLs/5" - } - ] + "baseURLRefs":[ + { + "id":1, + "href":"https://auth.keystone.com/v2.0/baseURLs/1" + }, + { + "id":2, + "href":"https://auth.keystone.com/v2.0/baseURLs/2" + }, + { + "id":3, + "href":"https://auth.keystone.com/v2.0/baseURLs/3" + }, + { + "id":4, + "href":"https://auth.keystone.com/v2.0/baseURLs/4" + }, + { + "id":5, + "href":"https://auth.keystone.com/v2.0/baseURLs/5" + } + ] } diff --git a/doc/guide/src/docbkx/samples/baseURLs.json b/doc/guide/src/docbkx/samples/baseURLs.json index 36ec4f6e..0c3a9938 100644 --- a/doc/guide/src/docbkx/samples/baseURLs.json +++ b/doc/guide/src/docbkx/samples/baseURLs.json @@ -1,43 +1,43 @@ { - "baseURLs" : [ - { - "id" : 1, - "region" : "DFW", - "default" : true, - "serviceName" : "service1", - "publicURL" : "https://service1.public.com/v1", - "internalURL" : "https://service1.internal.com/v1", - "enabled" : true - }, - { - "id" : 2, - "region" : "ORD", - "serviceName" : "service2", - "publicURL" : "https://service2.public.com/v1", - "internalURL" : "https://service2.internal.com/v1", - "enabled" : false - }, - { - "id" : 3, - "region" : "DFW", - "default" : true, - "serviceName" : "service1", - "publicURL" : "https://service.public.com/v1.0", - "enabled" : true - }, - { - "id" : 4, - "region" : "ORD", - "serviceName" : "service2", - "publicURL" : "https://service2.public.com/v2", - "enabled" : true - }, - { - "id" : 5, - "default" : true, - "serviceName" : "service3", - "publicURL" : "https://service3.public.com/v3.2", - "enabled" : true - } - ] + "baseURLs":[ + { + "id":1, + "region":"DFW", + "default":true, + "serviceName":"service1", + "publicURL":"https://service1.public.com/v1", + "internalURL":"https://service1.internal.com/v1", + "enabled":true + }, + { + "id":2, + "region":"ORD", + "serviceName":"service2", + "publicURL":"https://service2.public.com/v1", + "internalURL":"https://service2.internal.com/v1", + "enabled":false + }, + { + "id":3, + "region":"DFW", + "default":true, + "serviceName":"service1", + "publicURL":"https://service.public.com/v1.0", + "enabled":true + }, + { + "id":4, + "region":"ORD", + "serviceName":"service2", + "publicURL":"https://service2.public.com/v2", + "enabled":true + }, + { + "id":5, + "default":true, + "serviceName":"service3", + "publicURL":"https://service3.public.com/v3.2", + "enabled":true + } + ] } diff --git a/doc/guide/src/docbkx/samples/choices.json b/doc/guide/src/docbkx/samples/choices.json index 16ec35f0..9beecef0 100644 --- a/doc/guide/src/docbkx/samples/choices.json +++ b/doc/guide/src/docbkx/samples/choices.json @@ -1,72 +1,72 @@ { - "choices" : { - "values" : [ + "choices":{ + "values":[ + { + "id":"v1.0", + "status":"DEPRECATED", + "links":[ + { + "rel":"self", + "href":"http://identity.api.openstack.org/v2.0" + } + ], + "media-types":{ + "values":[ { - "id" : "v1.0", - "status" : "DEPRECATED", - "links": [ - { - "rel" : "self", - "href" : "http://identity.api.openstack.org/v2.0" - } - ], - "media-types": { - "values" : [ - { - "base" : "application/xml", - "type" : "application/vnd.openstack.identity-v1.0+xml" - }, - { - "base" : "application/json", - "type" : "application/vnd.openstack.identity-v1.0+json" - } - ] - } + "base":"application/xml", + "type":"application/vnd.openstack.identity-v1.0+xml" }, { - "id" : "v1.1", - "status" : "CURRENT", - "links": [ - { - "rel" : "self", - "href" : "http://identity.api.openstack.org/v1.1" - } - ], - "media-types": { - "values" : [ - { - "base" : "application/xml", - "type" : "application/vnd.openstack.identity-v1.1+xml" - }, - { - "base" : "application/json", - "type" : "application/vnd.openstack.identity-v1.1+json" - } - ] - } + "base":"application/json", + "type":"application/vnd.openstack.identity-v1.0+json" + } + ] + } + }, + { + "id":"v1.1", + "status":"CURRENT", + "links":[ + { + "rel":"self", + "href":"http://identity.api.openstack.org/v1.1" + } + ], + "media-types":{ + "values":[ + { + "base":"application/xml", + "type":"application/vnd.openstack.identity-v1.1+xml" + }, + { + "base":"application/json", + "type":"application/vnd.openstack.identity-v1.1+json" + } + ] + } + }, + { + "id":"v2.0", + "status":"BETA", + "links":[ + { + "rel":"self", + "href":"http://identity.api.openstack.org/v2.0" + } + ], + "media-types":{ + "values":[ + { + "base":"application/xml", + "type":"application/vnd.openstack.identity-v2.0+xml" }, { - "id" : "v2.0", - "status" : "BETA", - "links": [ - { - "rel" : "self", - "href" : "http://identity.api.openstack.org/v2.0" - } - ], - "media-types": { - "values" : [ - { - "base" : "application/xml", - "type" : "application/vnd.openstack.identity-v2.0+xml" - }, - { - "base" : "application/json", - "type" : "application/vnd.openstack.identity-v2.0+json" - } - ] - } + "base":"application/json", + "type":"application/vnd.openstack.identity-v2.0+json" } - ] - } + ] + } + } + ] + } } diff --git a/doc/guide/src/docbkx/samples/ext-getuser.json b/doc/guide/src/docbkx/samples/ext-getuser.json index 03f74dda..34068f54 100644 --- a/doc/guide/src/docbkx/samples/ext-getuser.json +++ b/doc/guide/src/docbkx/samples/ext-getuser.json @@ -1,21 +1,22 @@ -{"user": - { - "groups": { - "values": [ - { - "tenantId" : "1234", - "id": "Admin" - } - ]}, - "id": "jqsmith", - "tenantId": "1234", - "email": "john.smith@example.org", - "enabled": true, - "RS-META:metadata" : { - "values" : { - "MetaKey1" : "MetaValue1", - "MetaKey2" : "MetaValue2" - } - }, +{ + "user":{ + "groups":{ + "values":[ + { + "tenantId":"1234", + "id":"Admin" + } + ] + }, + "id":"jqsmith", + "tenantId":"1234", + "email":"john.smith@example.org", + "enabled":true, + "RS-META:metadata":{ + "values":{ + "MetaKey1":"MetaValue1", + "MetaKey2":"MetaValue2" + } } + } } diff --git a/doc/guide/src/docbkx/samples/extension.json b/doc/guide/src/docbkx/samples/extension.json index 9efaa422..74773915 100644 --- a/doc/guide/src/docbkx/samples/extension.json +++ b/doc/guide/src/docbkx/samples/extension.json @@ -1,21 +1,21 @@ { - "extension" : { - "name" : "User Metadata Extension", - "namespace" : "http://docs.rackspacecloud.com/identity/api/ext/meta/v2.0", - "alias" : "RS-META", - "updated" : "2011-01-12T11:22:33-06:00", - "description" : "Allows associating arbritrary metadata with a user.", - "links" : [ - { - "rel" : "describedby", - "type" : "application/pdf", - "href" : "http://docs.rackspacecloud.com/identity/api/ext/identity-meta-20111201.pdf" - }, - { - "rel" : "describedby", - "type" : "application/vnd.sun.wadl+xml", - "href" : "http://docs.rackspacecloud.com/identity/api/ext/identity-cbs.wadl" - } - ] + "extension":{ + "name":"User Metadata Extension", + "namespace":"http://docs.rackspacecloud.com/identity/api/ext/meta/v2.0", + "alias":"RS-META", + "updated":"2011-01-12T11:22:33-06:00", + "description":"Allows associating arbritrary metadata with a user.", + "links":[ + { + "rel":"describedby", + "type":"application/pdf", + "href":"http://docs.rackspacecloud.com/identity/api/ext/identity-meta-20111201.pdf" + }, + { + "rel":"describedby", + "type":"application/vnd.sun.wadl+xml", + "href":"http://docs.rackspacecloud.com/identity/api/ext/identity-cbs.wadl" + } + ] } } diff --git a/doc/guide/src/docbkx/samples/extensions.json b/doc/guide/src/docbkx/samples/extensions.json index da3cbc50..53d8d508 100644 --- a/doc/guide/src/docbkx/samples/extensions.json +++ b/doc/guide/src/docbkx/samples/extensions.json @@ -1,44 +1,44 @@ { - "extensions" : { - "values" : [ - { - "name" : "Reset Password Extension", - "namespace" : "http://docs.rackspacecloud.com/identity/api/ext/rpe/v2.0", - "alias" : "RS-RPE", - "updated" : "2011-01-22T13:25:27-06:00", - "description" : "Adds the capability to reset a user's password. The user is emailed when the password has been reset.", - "links" : [ - { - "rel" : "describedby", - "type" : "application/pdf", - "href" : "http://docs.rackspacecloud.com/identity/api/ext/identity-rpe-20111111.pdf" - }, - { - "rel" : "describedby", - "type" : "application/vnd.sun.wadl+xml", - "href" : "http://docs.rackspacecloud.com/identity/api/ext/identity-rpe.wadl" - } - ] - }, - { - "name" : "User Metadata Extension", - "namespace" : "http://docs.rackspacecloud.com/identity/api/ext/meta/v2.0", - "alias" : "RS-META", - "updated" : "2011-01-12T11:22:33-06:00", - "description" : "Allows associating arbritrary metadata with a user.", - "links" : [ - { - "rel" : "describedby", - "type" : "application/pdf", - "href" : "http://docs.rackspacecloud.com/identity/api/ext/identity-meta-20111201.pdf" - }, - { - "rel" : "describedby", - "type" : "application/vnd.sun.wadl+xml", - "href" : "http://docs.rackspacecloud.com/identity/api/ext/identity-meta.wadl" - } - ] - } + "extensions":{ + "values":[ + { + "name":"Reset Password Extension", + "namespace":"http://docs.rackspacecloud.com/identity/api/ext/rpe/v2.0", + "alias":"RS-RPE", + "updated":"2011-01-22T13:25:27-06:00", + "description":"Adds the capability to reset a user's password. The user is emailed when the password has been reset.", + "links":[ + { + "rel":"describedby", + "type":"application/pdf", + "href":"http://docs.rackspacecloud.com/identity/api/ext/identity-rpe-20111111.pdf" + }, + { + "rel":"describedby", + "type":"application/vnd.sun.wadl+xml", + "href":"http://docs.rackspacecloud.com/identity/api/ext/identity-rpe.wadl" + } ] - } + }, + { + "name":"User Metadata Extension", + "namespace":"http://docs.rackspacecloud.com/identity/api/ext/meta/v2.0", + "alias":"RS-META", + "updated":"2011-01-12T11:22:33-06:00", + "description":"Allows associating arbritrary metadata with a user.", + "links":[ + { + "rel":"describedby", + "type":"application/pdf", + "href":"http://docs.rackspacecloud.com/identity/api/ext/identity-meta-20111201.pdf" + }, + { + "rel":"describedby", + "type":"application/vnd.sun.wadl+xml", + "href":"http://docs.rackspacecloud.com/identity/api/ext/identity-meta.wadl" + } + ] + } + ] + } } diff --git a/doc/guide/src/docbkx/samples/getuser-1.json b/doc/guide/src/docbkx/samples/getuser-1.json index bef6c9a7..b0f6dc95 100644 --- a/doc/guide/src/docbkx/samples/getuser-1.json +++ b/doc/guide/src/docbkx/samples/getuser-1.json @@ -1,29 +1,29 @@ -{"user": - { - "groups": { - "values": [ - { - "tenantId" : "1234", - "id": "Admin" - }, - { - "tenantId" : "1234", - "id" : "DBUser" - }, - { - "id" : "Super" - } - ], - "links" : [ - { - "rel" : "next", - "href" : "http://identity.api.openstack.org/v2.0/tenants/1234/users/jqsmith/groups?marker=Super" - } - ] - }, - "id": "jqsmith", - "tenantId": "1234", - "email": "john.smith@example.org", - "enabled": true - } +{ + "user":{ + "groups":{ + "values":[ + { + "tenantId":"1234", + "id":"Admin" + }, + { + "tenantId":"1234", + "id":"DBUser" + }, + { + "id":"Super" + } + ], + "links":[ + { + "rel":"next", + "href":"http://identity.api.openstack.org/v2.0/tenants/1234/users/jqsmith/groups?marker=Super" + } + ] + }, + "id":"jqsmith", + "tenantId":"1234", + "email":"john.smith@example.org", + "enabled":true + } } diff --git a/doc/guide/src/docbkx/samples/group.json b/doc/guide/src/docbkx/samples/group.json index 07dc0a10..4e4fdc5e 100644 --- a/doc/guide/src/docbkx/samples/group.json +++ b/doc/guide/src/docbkx/samples/group.json @@ -1 +1,6 @@ -{"group": {"id": "test_global_group", "description": "A description ..."}}
\ No newline at end of file +{ + "group":{ + "id":"test_global_group", + "description":"A description ..." + } +} diff --git a/doc/guide/src/docbkx/samples/groups.json b/doc/guide/src/docbkx/samples/groups.json index 06dd58a0..6d565eb6 100644 --- a/doc/guide/src/docbkx/samples/groups.json +++ b/doc/guide/src/docbkx/samples/groups.json @@ -1 +1,13 @@ -{"groups": {"values": [{"id": "test_global_group_add", "description": "A description ..."}], "links": []}}
\ No newline at end of file +{ + "groups":{ + "values":[ + { + "id":"test_global_group_add", + "description":"A description ..." + } + ], + "links":[ + + ] + } +} diff --git a/doc/guide/src/docbkx/samples/identity_fault.json b/doc/guide/src/docbkx/samples/identity_fault.json index d61feff4..1aab06dc 100644 --- a/doc/guide/src/docbkx/samples/identity_fault.json +++ b/doc/guide/src/docbkx/samples/identity_fault.json @@ -1,7 +1,7 @@ -{"identityFault": - { - "message": "Fault", - "details": "Error Details...", - "code": 500 - } -}
\ No newline at end of file +{ + "identityFault":{ + "message":"Fault", + "details":"Error Details...", + "code":500 + } +} diff --git a/doc/guide/src/docbkx/samples/item_not_found.json b/doc/guide/src/docbkx/samples/item_not_found.json index dda88a59..248ed146 100644 --- a/doc/guide/src/docbkx/samples/item_not_found.json +++ b/doc/guide/src/docbkx/samples/item_not_found.json @@ -1,7 +1,7 @@ -{"itemNotFound": - { - "message": "Item not found.", - "details": "Error Details...", - "code": 404 - } -}
\ No newline at end of file +{ + "itemNotFound":{ + "message":"Item not found.", + "details":"Error Details...", + "code":404 + } +} diff --git a/doc/guide/src/docbkx/samples/role.json b/doc/guide/src/docbkx/samples/role.json index 904801ee..248ed146 100644 --- a/doc/guide/src/docbkx/samples/role.json +++ b/doc/guide/src/docbkx/samples/role.json @@ -1,7 +1,7 @@ { - "role" : - { - "id" : "Admin", - "description" : "All access" - } -}
\ No newline at end of file + "itemNotFound":{ + "message":"Item not found.", + "details":"Error Details...", + "code":404 + } +} diff --git a/doc/guide/src/docbkx/samples/roleRef.json b/doc/guide/src/docbkx/samples/roleRef.json index 83f4ae4b..faa74283 100644 --- a/doc/guide/src/docbkx/samples/roleRef.json +++ b/doc/guide/src/docbkx/samples/roleRef.json @@ -1,7 +1,7 @@ { - "roleRef" : { - "id" : 1, - "roleId" : "admin", - "tenantId" : "one" + "roleRef":{ + "id":1, + "roleId":"admin", + "tenantId":"one" } -}
\ No newline at end of file +} diff --git a/doc/guide/src/docbkx/samples/roleRefs.json b/doc/guide/src/docbkx/samples/roleRefs.json index 51573f74..34e391f5 100644 --- a/doc/guide/src/docbkx/samples/roleRefs.json +++ b/doc/guide/src/docbkx/samples/roleRefs.json @@ -1,14 +1,14 @@ { - "roleRefs" : [ - { - "id" : 1, - "roleId" : "admin", - "tenantId" : "one" - }, - { - "id" : 2, - "roleId" : "test", - "tenantId" : "two" - } - ] + "roleRefs":[ + { + "id":1, + "roleId":"admin", + "tenantId":"one" + }, + { + "id":2, + "roleId":"test", + "tenantId":"two" + } + ] } diff --git a/doc/guide/src/docbkx/samples/roles.json b/doc/guide/src/docbkx/samples/roles.json index 4f431806..4f1428e4 100644 --- a/doc/guide/src/docbkx/samples/roles.json +++ b/doc/guide/src/docbkx/samples/roles.json @@ -1,12 +1,12 @@ { - "roles" : [ - { - "id" : "Admin", - "description" : "All access" - }, - { - "id" : "Guest", - "description" : "Guest Access" - }, - ] + "roles":[ + { + "id":"Admin", + "description":"All access" + }, + { + "id":"Guest", + "description":"Guest Access" + } + ] } diff --git a/doc/guide/src/docbkx/samples/tenant.json b/doc/guide/src/docbkx/samples/tenant.json index 7ff7ce32..cf6ca370 100644 --- a/doc/guide/src/docbkx/samples/tenant.json +++ b/doc/guide/src/docbkx/samples/tenant.json @@ -1,7 +1,7 @@ -{"tenant": - { - "id": "1234", - "description": "A description ...", - "enabled": true - } +{ + "tenant":{ + "id":"1234", + "description":"A description ...", + "enabled":true + } } diff --git a/doc/guide/src/docbkx/samples/tenantlock.json b/doc/guide/src/docbkx/samples/tenantlock.json index 584c21a4..a0f5b138 100644 --- a/doc/guide/src/docbkx/samples/tenantlock.json +++ b/doc/guide/src/docbkx/samples/tenantlock.json @@ -1,5 +1,5 @@ -{"tenant": - { - "description": "A NEW description..." - } -}
\ No newline at end of file +{ + "tenant":{ + "description":"A NEW description..." + } +} diff --git a/doc/guide/src/docbkx/samples/tenants-1.json b/doc/guide/src/docbkx/samples/tenants-1.json index c80050a4..67f16deb 100644 --- a/doc/guide/src/docbkx/samples/tenants-1.json +++ b/doc/guide/src/docbkx/samples/tenants-1.json @@ -1,16 +1,17 @@ { -"tenants": { - "values" : [ - { - "id": "1234", - "description": "A description ...", - "enabled": true - } + "tenants":{ + "values":[ + { + "id":"1234", + "description":"A description ...", + "enabled":true + } ], - "links" : [ - { - "rel" : "next", - "href" : "http://identity.api.openstack.org/v2.0/tenants?limit=1&marker=1234" - } + "links":[ + { + "rel":"next", + "href":"http://identity.api.openstack.org/v2.0/tenants?limit=1&marker=1234" + } ] + } } diff --git a/doc/guide/src/docbkx/samples/tenants-2.json b/doc/guide/src/docbkx/samples/tenants-2.json index d1fcae35..cc0e9f03 100644 --- a/doc/guide/src/docbkx/samples/tenants-2.json +++ b/doc/guide/src/docbkx/samples/tenants-2.json @@ -1,20 +1,21 @@ { -"tenants": { - "values" : [ - { - "id": "3645", - "description": "A description ...", - "enabled": true - } + "tenants":{ + "values":[ + { + "id":"3645", + "description":"A description ...", + "enabled":true + } ], - "links" : [ - { - "rel" : "next", - "href" : "http://identity.api.openstack.org/v2.0/tenants?limit=1&marker=3645" - }, - { - "rel" : "previous", - "href" : "http://identity.api.openstack.org/v2.0/tenants?limit=1" - } + "links":[ + { + "rel":"next", + "href":"http://identity.api.openstack.org/v2.0/tenants?limit=1&marker=3645" + }, + { + "rel":"previous", + "href":"http://identity.api.openstack.org/v2.0/tenants?limit=1" + } ] + } } diff --git a/doc/guide/src/docbkx/samples/tenants-3.json b/doc/guide/src/docbkx/samples/tenants-3.json index 72948804..eb0ed803 100644 --- a/doc/guide/src/docbkx/samples/tenants-3.json +++ b/doc/guide/src/docbkx/samples/tenants-3.json @@ -1,16 +1,17 @@ { -"tenants": { - "values" : [ - { - "id": "9999", - "description": "A description ...", - "enabled": true - } + "tenants":{ + "values":[ + { + "id":"9999", + "description":"A description ...", + "enabled":true + } ], - "links" : [ - { - "rel" : "previous", - "href" : "http://identity.api.openstack.org/v2.0/tenants?limit=1&marker=1234" - } + "links":[ + { + "rel":"previous", + "href":"http://identity.api.openstack.org/v2.0/tenants?limit=1&marker=1234" + } ] + } } diff --git a/doc/guide/src/docbkx/samples/tenants.json b/doc/guide/src/docbkx/samples/tenants.json index a2fa2608..7077a2da 100644 --- a/doc/guide/src/docbkx/samples/tenants.json +++ b/doc/guide/src/docbkx/samples/tenants.json @@ -3,18 +3,19 @@ Content-Type: application/json; charset=UTF-8 Content-Length: 100 Date: Sun, 1 Jan 2011 9:00:00 GMT -{"tenants": { - "values" : [ - { - "id": "1234", - "description": "A description ...", - "enabled": true - }, - { - "id": "3456", - "description": "A description ...", - "enabled": true - } +{ + "tenants":{ + "values":[ + { + "id":"1234", + "description":"A description ...", + "enabled":true + }, + { + "id":"3456", + "description":"A description ...", + "enabled":true + } ] -} -} + } +}
\ No newline at end of file diff --git a/doc/guide/src/docbkx/samples/updatedtenant.json b/doc/guide/src/docbkx/samples/updatedtenant.json index 05df6a3a..9349c90f 100644 --- a/doc/guide/src/docbkx/samples/updatedtenant.json +++ b/doc/guide/src/docbkx/samples/updatedtenant.json @@ -1,7 +1,7 @@ -{"tenant": - { - "id": "1234", - "description": "A NEW description...", - "enabled": true - } +{ + "tenant":{ + "id":"1234", + "description":"A NEW description...", + "enabled":true + } } diff --git a/doc/guide/src/docbkx/samples/validatetoken.json b/doc/guide/src/docbkx/samples/validatetoken.json index 6906991a..989d28ff 100644 --- a/doc/guide/src/docbkx/samples/validatetoken.json +++ b/doc/guide/src/docbkx/samples/validatetoken.json @@ -1,27 +1,20 @@ { - "auth" : { - "token": { - "id": "ab48a9efdfedb23ty3494", - "expires": "2010-11-01T03:32:15-05:00" - }, - "user" : { - "groups": { - "group": [ - { - "tenantId" : "1234", - "name": "Admin" - } - ]}, - "roleRefs": { - "roleRef" : [ - { - "id" : 1, - "href" : "https://.openstack.org/identity/v2.0/roles/admin", - "tenantId" : "one" - } - ]}, - "username": "jqsmith", - "tenantId": "1234" - } + "auth":{ + "token":{ + "expires":"2010-11-01T03:32:15-05:00", + "id":"ab48a9efdfedb23ty3494", + "tenantId":"1234" + }, + "user":{ + "username":"jqsmith", + "roleRefs":[ + { + "roleId":"Admin", + "id":1, + "tenantId":"one" + } + ], + "tenantId":"1234" + } } } diff --git a/doc/guide/src/docbkx/samples/validatetoken.xml b/doc/guide/src/docbkx/samples/validatetoken.xml index af40a8b6..18f26802 100644 --- a/doc/guide/src/docbkx/samples/validatetoken.xml +++ b/doc/guide/src/docbkx/samples/validatetoken.xml @@ -1,14 +1,12 @@ <?xml version="1.0" encoding="UTF-8"?> <auth xmlns="http://docs.openstack.org/identity/api/v2.0"> <token expires="2010-11-01T03:32:15-05:00" - id="ab48a9efdfedb23ty3494"/> - <user tenantId="1245" username="jqsmith"> - <groups> - <group tenantId="1245" name="Admin"/> - </groups> - <roleRefs> - <roleRef href="https://.openstack.org/identity/v2.0/roles/admin" id="3" tenantId="tenantId"/> - <roleRef href="https://.openstack.org/identity/v2.0/roles/test" id="4" tenantId="tenantId"/> - </roleRefs> + id="ab48a9efdfedb23ty3494" + tenantId="1234"/> + <user username="jqsmith" tenantId="1234"> + <roleRefs xmlns="http://docs.openstack.org/identity/api/v2.0"> + <roleRef xmlns="http://docs.openstack.org/identity/api/v2.0" + id="4" roleId="Admin" tenantId="1234"/> + </roleRefs> </user> </auth> diff --git a/doc/guide/src/docbkx/samples/version.json b/doc/guide/src/docbkx/samples/version.json index fce09386..d204cabb 100644 --- a/doc/guide/src/docbkx/samples/version.json +++ b/doc/guide/src/docbkx/samples/version.json @@ -1,33 +1,33 @@ { - "version" : { - "id" : "v2.0", - "status" : "CURRENT", - "updated" : "2011-01-21T11:33:21-06:00", - "links": [ - { - "rel" : "self", - "href" : "http://identity.api.openstack.org/v2.0/" - }, - { - "rel" : "describedby", - "type" : "application/pdf", - "href" : "http://docs.rackspacecloud.com/identity/api/v2.0/identity-devguide-20110125.pdf" - }, - { - "rel" : "describedby", - "type" : "application/vnd.sun.wadl+xml", - "href" : "http://docs.rackspacecloud.com/identity/api/v2.0/application.wadl" - } - ], - "media-types": [ - { - "base" : "application/xml", - "type" : "application/vnd.openstack.identity-v2.0+xml" - }, - { - "base" : "application/json", - "type" : "application/vnd.openstack.identity-v2.0+json" - } - ] - } + "version":{ + "id":"v2.0", + "status":"CURRENT", + "updated":"2011-01-21T11:33:21-06:00", + "links":[ + { + "rel":"self", + "href":"http://identity.api.openstack.org/v2.0/" + }, + { + "rel":"describedby", + "type":"application/pdf", + "href":"http://docs.rackspacecloud.com/identity/api/v2.0/identity-devguide-20110125.pdf" + }, + { + "rel":"describedby", + "type":"application/vnd.sun.wadl+xml", + "href":"http://docs.rackspacecloud.com/identity/api/v2.0/application.wadl" + } + ], + "media-types":[ + { + "base":"application/xml", + "type":"application/vnd.openstack.identity-v2.0+xml" + }, + { + "base":"application/json", + "type":"application/vnd.openstack.identity-v2.0+json" + } + ] + } } diff --git a/doc/guide/src/docbkx/samples/versions.json b/doc/guide/src/docbkx/samples/versions.json index ec3a8498..b7ac02dd 100644 --- a/doc/guide/src/docbkx/samples/versions.json +++ b/doc/guide/src/docbkx/samples/versions.json @@ -1,39 +1,39 @@ { - "versions" : { - "values" : [ - { - "id" : "v1.0", - "status" : "DEPRECATED", - "updated" : "2009-10-09T11:30:00Z", - "links": [ - { - "rel" : "self", - "href" : "http://identity.api.openstack.org/v1.0/" - } - ] - }, - { - "id" : "v1.1", - "status" : "CURRENT", - "updated" : "2010-12-12T18:30:02.25Z", - "links": [ - { - "rel" : "self", - "href" : "http://identity.api.openstack.org/v1.1/" - } - ] - }, - { - "id" : "v2.0", - "status" : "BETA", - "updated" : "2011-05-27T20:22:02.25Z", - "links": [ - { - "rel" : "self", - "href" : "http://identity.api.openstack.org/v2.0/" - } - ] - } + "versions":{ + "values":[ + { + "id":"v1.0", + "status":"DEPRECATED", + "updated":"2009-10-09T11:30:00Z", + "links":[ + { + "rel":"self", + "href":"http://identity.api.openstack.org/v1.0/" + } ] - } + }, + { + "id":"v1.1", + "status":"CURRENT", + "updated":"2010-12-12T18:30:02.25Z", + "links":[ + { + "rel":"self", + "href":"http://identity.api.openstack.org/v1.1/" + } + ] + }, + { + "id":"v2.0", + "status":"BETA", + "updated":"2011-05-27T20:22:02.25Z", + "links":[ + { + "rel":"self", + "href":"http://identity.api.openstack.org/v2.0/" + } + ] + } + ] + } } diff --git a/etc/keystone.conf b/etc/keystone.conf index c0fa1353..8efa5d7e 100755 --- a/etc/keystone.conf +++ b/etc/keystone.conf @@ -18,7 +18,7 @@ log_file = keystone.log # SQLAlchemy connection string for the reference implementation # registry server. Any valid SQLAlchemy connection string is fine. # See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = sqlite:///../keystone/keystone.db +sql_connection = sqlite:///keystone.db # Period in seconds after which SQLAlchemy should reestablish its connection # to the database. diff --git a/keystone/content/identitydevguide.pdf b/keystone/content/identitydevguide.pdf Binary files differindex 2113e625..9b5fb8dc 100644 --- a/keystone/content/identitydevguide.pdf +++ b/keystone/content/identitydevguide.pdf diff --git a/keystone/db/sqlalchemy/api/__init__.py b/keystone/db/sqlalchemy/api/__init__.py index 657621a6..7741861c 100644 --- a/keystone/db/sqlalchemy/api/__init__.py +++ b/keystone/db/sqlalchemy/api/__init__.py @@ -1 +1 @@ -import endpoint_template, group, role, tenant_group, tenant, token, user +import baseurl, group, role, tenant_group, tenant, token, user diff --git a/keystone/db/sqlalchemy/api/baseurl.py b/keystone/db/sqlalchemy/api/baseurl.py new file mode 100644 index 00000000..3a046c22 --- /dev/null +++ b/keystone/db/sqlalchemy/api/baseurl.py @@ -0,0 +1,185 @@ +# vim: tabstop=4 shiftwidth=4 softtabstop=4 + +# Copyright 2010 OpenStack LLC. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from keystone.db.sqlalchemy import get_session, models, aliased + +def create(values): + baseurls_ref = models.BaseUrls() + baseurls_ref.update(values) + baseurls_ref.save() + return baseurls_ref + + +def get(id, session=None): + if not session: + session = get_session() + result = session.query(models.BaseUrls).filter_by(id=id).first() + return result + + +def get_all(session=None): + if not session: + session = get_session() + return session.query(models.BaseUrls).all() + + +def get_page(marker, limit, session=None): + if not session: + session = get_session() + + if marker: + return session.query(models.BaseUrls).filter("id>:marker").params(\ + marker='%s' % marker).order_by(\ + models.BaseUrls.id.desc()).limit(limit).all() + else: + return session.query(models.BaseUrls).order_by(\ + models.BaseUrls.id.desc()).limit(limit).all() + + +def get_page_markers(marker, limit, session=None): + if not session: + session = get_session() + first = session.query(models.BaseUrls).order_by(\ + models.BaseUrls.id).first() + last = session.query(models.BaseUrls).order_by(\ + models.BaseUrls.id.desc()).first() + if first is None: + return (None, None) + if marker is None: + marker = first.id + next = session.query(models.BaseUrls).filter("id > :marker").params(\ + marker='%s' % marker).order_by(\ + models.BaseUrls.id).limit(limit).all() + prev = session.query(models.BaseUrls).filter("id < :marker").params(\ + marker='%s' % marker).order_by(\ + models.BaseUrls.id.desc()).limit(int(limit)).all() + if len(next) == 0: + next = last + else: + for t in next: + next = t + if len(prev) == 0: + prev = first + else: + for t in prev: + prev = t + if prev.id == marker: + prev = None + else: + prev = prev.id + if next.id == last.id: + next = None + else: + next = next.id + return (prev, next) + + +def ref_get_by_tenant_get_page(tenant_id, marker, limit, + session=None): + if not session: + session = get_session() + if marker: + return session.query(models.TenantBaseURLAssociation).\ + filter(models.TenantBaseURLAssociation.tenant_id == tenant_id).\ + filter("id >= :marker").params( + marker='%s' % marker).order_by( + models.TenantBaseURLAssociation.id).limit(limit).all() + else: + return session.query(models.TenantBaseURLAssociation).\ + filter(models.TenantBaseURLAssociation.tenant_id == tenant_id).\ + order_by(models.TenantBaseURLAssociation.id).limit(limit).all() + + +def ref_get_by_tenant_get_page_markers(tenant_id, marker, limit, + session=None): + if not session: + session = get_session() + tba = aliased(models.TenantBaseURLAssociation) + first = session.query(tba).\ + filter(tba.tenant_id == tenant_id).\ + order_by(tba.id).first() + last = session.query(tba).\ + filter(tba.tenant_id == tenant_id).\ + order_by(tba.id.desc()).first() + if first is None: + return (None, None) + if marker is None: + marker = first.id + next = session.query(tba).\ + filter(tba.tenant_id == tenant_id).\ + filter("id>=:marker").params( + marker='%s' % marker).order_by( + tba.id).limit(int(limit)).all() + + prev = session.query(tba).\ + filter(tba.tenant_id == tenant_id).\ + filter("id < :marker").params( + marker='%s' % marker).order_by( + tba.id).limit(int(limit) + 1).all() + next_len = len(next) + prev_len = len(prev) + + if next_len == 0: + next = last + else: + for t in next: + next = t + if prev_len == 0: + prev = first + else: + for t in prev: + prev = t + if first.id == marker: + prev = None + else: + prev = prev.id + if marker == last.id: + next = None + else: + next = next.id + return (prev, next) + + +def ref_add(values): + baseurls_ref = models.TenantBaseURLAssociation() + baseurls_ref.update(values) + baseurls_ref.save() + return baseurls_ref + + +def ref_get(id, session=None): + if not session: + session = get_session() + result = session.query(models.TenantBaseURLAssociation).\ + filter_by(id=id).first() + return result + + +def ref_get_by_tenant(tenant_id, session=None): + if not session: + session = get_session() + result = session.query(models.TenantBaseURLAssociation).\ + filter_by(tenant_id=tenant_id).first() + return result + + +def ref_delete(id, session=None): + if not session: + session = get_session() + with session.begin(): + baseurls_ref = ref_get(id, session) + session.delete(baseurls_ref) diff --git a/keystone/db/sqlalchemy/api/tenant.py b/keystone/db/sqlalchemy/api/tenant.py index a4c1fd49..2af370a0 100755 --- a/keystone/db/sqlalchemy/api/tenant.py +++ b/keystone/db/sqlalchemy/api/tenant.py @@ -181,14 +181,14 @@ def delete(id, session=None): session.delete(tenant_ref) -def get_all_endpoints(tenant_id, session=None): +def get_all_baseurls(tenant_id, session=None): if not session: session = get_session() - ep = aliased(models.Endpoints) - endpointTemplates = aliased(models.EndpointTemplates) - return session.query(endpointTemplates).join((ep, - ep.endpoint_template_id == endpointTemplates.id)).\ - filter(ep.tenant_id == tenant_id).all() + tba = aliased(models.TenantBaseURLAssociation) + baseUrls = aliased(models.BaseUrls) + return session.query(baseUrls).join((tba, + tba.baseURLs_id == baseUrls.id)).\ + filter(tba.tenant_id == tenant_id).all() def get_role_assignments(tenant_id, session=None): if not session: diff --git a/keystone/db/sqlalchemy/models.py b/keystone/db/sqlalchemy/models.py index bbf02aa7..59d885f1 100755..100644 --- a/keystone/db/sqlalchemy/models.py +++ b/keystone/db/sqlalchemy/models.py @@ -93,12 +93,12 @@ class UserRoleAssociation(Base, KeystoneBase): __table_args__ = (UniqueConstraint("user_id", "role_id", "tenant_id"), {}) -class Endpoints(Base, KeystoneBase): - __tablename__ = 'endpoints' +class TenantBaseURLAssociation(Base, KeystoneBase): + __tablename__ = 'tenant_baseURLs' id = Column(Integer, primary_key=True) tenant_id = Column(String(255), ForeignKey('tenants.id')) - endpoint_template_id = Column(Integer, ForeignKey('endpoint_templates.id')) - __table_args__ = (UniqueConstraint("endpoint_template_id", "tenant_id"), {}) + baseURLs_id = Column(Integer, ForeignKey('urlbase.id')) + __table_args__ = (UniqueConstraint("baseURLs_id", "tenant_id"), {}) # Define objects @@ -116,7 +116,7 @@ class Tenant(Base, KeystoneBase): desc = Column(String(255)) enabled = Column(Integer) groups = relationship('Group', backref='tenants') - endpoints = relationship('Endpoints', backref='tenant', + endpoints = relationship('TenantBaseURLAssociation', backref='tenant', cascade="all") @@ -159,8 +159,8 @@ class Token(Base, KeystoneBase): expires = Column(DateTime) -class EndpointTemplates(Base, KeystoneBase): - __tablename__ = 'endpoint_templates' +class BaseUrls(Base, KeystoneBase): + __tablename__ = 'urlbase' id = Column(Integer, primary_key=True) region = Column(String(255)) diff --git a/keystone/logic/service.py b/keystone/logic/service.py index 9a873726..0506d98f 100755 --- a/keystone/logic/service.py +++ b/keystone/logic/service.py @@ -25,7 +25,7 @@ import keystone.logic.types.fault as fault import keystone.logic.types.tenant as tenants import keystone.logic.types.role as roles import keystone.logic.types.user as get_users -import keystone.logic.types.endpoint as endpoints +import keystone.logic.types.baseURL as baseURLs import keystone.utils as utils class IdentityService(object): @@ -850,11 +850,11 @@ class IdentityService(object): def __get_auth_data(self, dtoken, tenant_id): """return AuthData object for a token""" - endpoints = None + base_urls = None if tenant_id != None: - endpoints = db_api.tenant.get_all_endpoints(tenant_id) + base_urls = db_api.tenant.get_all_baseurls(tenant_id) token = auth.Token(dtoken.expires, dtoken.id, tenant_id) - return auth.AuthData(token, endpoints) + return auth.AuthData(token, base_urls) def __get_validate_data(self, dtoken, duser): """return ValidateData object for a token/user pair""" @@ -998,18 +998,18 @@ class IdentityService(object): % (url, next, limit))) return roles.RoleRefs(ts, links) - def get_endpoint_templates(self, admin_token, marker, limit, url): + def get_baseurls(self, admin_token, marker, limit, url): self.__validate_token(admin_token) ts = [] - dendpointTemplates = db_api.endpoint_template.get_page(marker, limit) - for dendpointTemplate in dendpointTemplates: - ts.append(endpoints.EndpointTemplate(dendpointTemplate.id, dendpointTemplate.region, - dendpointTemplate.service, dendpointTemplate.public_url, - dendpointTemplate.admin_url, - dendpointTemplate.internal_url, - dendpointTemplate.enabled)) - prev, next = db_api.endpoint_template.get_page_markers(marker, limit) + dbaseurls = db_api.baseurl.get_page(marker, limit) + for dbaseurl in dbaseurls: + ts.append(baseURLs.BaseURL(dbaseurl.id, dbaseurl.region, + dbaseurl.service, dbaseurl.public_url, + dbaseurl.admin_url, + dbaseurl.internal_url, + dbaseurl.enabled)) + prev, next = db_api.baseurl.get_page_markers(marker, limit) links = [] if prev: links.append(atom.Link('prev', "%s?'marker=%s&limit=%s'" \ @@ -1017,19 +1017,19 @@ class IdentityService(object): if next: links.append(atom.Link('next', "%s?'marker=%s&limit=%s'" \ % (url, next, limit))) - return endpoints.EndpointTemplates(ts, links) + return baseURLs.BaseURLs(ts, links) - def get_endpoint_template(self, admin_token, endpoint_template_id): + def get_baseurl(self, admin_token, baseurl_id): self.__validate_token(admin_token) - dendpointTemplate = db_api.endpoint_template.get(endpoint_template_id) - if not dendpointTemplate: - raise fault.ItemNotFoundFault("The endpoint template could not be found") - return endpoints.EndpointTemplate(dendpointTemplate.id, dendpointTemplate.region, dendpointTemplate.service, - dendpointTemplate.public_url, dendpointTemplate.admin_url, - dendpointTemplate.internal_url, dendpointTemplate.enabled) + dbaseurl = db_api.baseurl.get(baseurl_id) + if not dbaseurl: + raise fault.ItemNotFoundFault("The base URL could not be found") + return baseURLs.BaseURL(dbaseurl.id, dbaseurl.region, dbaseurl.service, + dbaseurl.public_url, dbaseurl.admin_url, + dbaseurl.internal_url, dbaseurl.enabled) - def get_tenant_endpoints(self, admin_token, marker, limit, url, tenant_id): + def get_tenant_baseURLs(self, admin_token, marker, limit, url, tenant_id): self.__validate_token(admin_token) if tenant_id == None: raise fault.BadRequestFault("Expecting a Tenant Id") @@ -1039,17 +1039,17 @@ class IdentityService(object): ts = [] - dtenantEndpoints = \ - db_api.endpoint_template.endpoint_get_by_tenant_get_page(tenant_id, marker, + dtenantBaseURLAssociations = \ + db_api.baseurl.ref_get_by_tenant_get_page(tenant_id, marker, limit) - for dtenantEndpoint in dtenantEndpoints: - ts.append(endpoints.Endpoint(dtenantEndpoint.id, - url + '/endpointTemplates/' + \ - str(dtenantEndpoint.endpoint_template_id))) + for dtenantBaseURLAssociation in dtenantBaseURLAssociations: + ts.append(baseURLs.BaseURLRef(dtenantBaseURLAssociation.id, + url + '/baseURLs/' + \ + str(dtenantBaseURLAssociation.baseURLs_id))) links = [] if ts.__len__(): prev, next = \ - db_api.endpoint_template.endpoint_get_by_tenant_get_page_markers(tenant_id, + db_api.baseurl.ref_get_by_tenant_get_page_markers(tenant_id, marker, limit) if prev: links.append(atom.Link('prev', "%s?'marker=%s&limit=%s'" % @@ -1057,10 +1057,10 @@ class IdentityService(object): if next: links.append(atom.Link('next', "%s?'marker=%s&limit=%s'" % (url, next, limit))) - return endpoints.Endpoints(ts, links) + return baseURLs.BaseURLRefs(ts, links) - def create_endpoint_for_tenant(self, admin_token, - tenant_id, endpoint_template, url): + def create_baseurl_ref_to_tenant(self, admin_token, + tenant_id, baseurl, url): self.__validate_token(admin_token) if tenant_id == None: raise fault.BadRequestFault("Expecting a Tenant Id") @@ -1068,19 +1068,19 @@ class IdentityService(object): if db_api.tenant.get(tenant_id) == None: raise fault.ItemNotFoundFault("The tenant not found") - dendpoint_template = db_api.endpoint_template.get(endpoint_template.id) - if not dendpoint_template: - raise fault.ItemNotFoundFault("The endpoint template could not be found") - dendpoint = db_models.Endpoints() - dendpoint.tenant_id = tenant_id - dendpoint.endpoints_template_id = endpoint_template.id - dendpoint = db_api.endpoint_template.endpoint_add(dendpoint) - dendpoint = endpoints.Endpoint(dendpoint.id, url + \ - '/endpointTemplates/' + \ - dendpoint.endpoints_template_id) - return dendpoint - - def delete_endpoint(self, admin_token, endpoint_id): + dbaseurl = db_api.baseurl.get(baseurl.id) + if not dbaseurl: + raise fault.ItemNotFoundFault("The base URL could not be found") + dbaseurl_ref = db_models.TenantBaseURLAssociation() + dbaseurl_ref.tenant_id = tenant_id + dbaseurl_ref.baseURLs_id = baseurl.id + dbaseurl_ref = db_api.baseurl.ref_add(dbaseurl_ref) + baseurlRef = baseURLs.BaseURLRef(dbaseurl_ref.id, url + \ + '/baseURLs/' + \ + dbaseurl_ref.baseURLs_id) + return baseurlRef + + def delete_baseurls_ref(self, admin_token, baseurls_id): self.__validate_token(admin_token) - db_api.endpoint_template.endpoint_delete(endpoint_id) + db_api.baseurl.ref_delete(baseurls_id) return None diff --git a/keystone/logic/types/baseURL.py b/keystone/logic/types/baseURL.py new file mode 100644 index 00000000..c73536bf --- /dev/null +++ b/keystone/logic/types/baseURL.py @@ -0,0 +1,214 @@ +# Copyright (c) 2010-2011 OpenStack, LLC. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import json +from lxml import etree +import string + +import keystone.logic.types.fault as fault + + +class BaseURL(object): + @staticmethod + def from_xml(xml_str): + try: + dom = etree.Element("root") + dom.append(etree.fromstring(xml_str)) + root = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \ + "baseURL") + if root == None: + raise fault.BadRequestFault("Expecting baseURL") + id = root.get("id") + region = root.get("region") + service = root.get("serviceName") + public_url = root.get("publicURL") + admin_url = root.get("adminURL") + internal_url = root.get("internalURL") + enabled = root.get("enabled") + return BaseURL(id, region, service, public_url, admin_url, + internal_url, enabled) + except etree.LxmlError as e: + raise fault.BadRequestFault("Cannot parse baseURL", str(e)) + + @staticmethod + def from_json(json_str): + try: + obj = json.loads(json_str) + region = None + service = None + public_url = None + admin_url = None + internal_url = None + enabled = None + + if not "baseURL" in obj: + raise fault.BadRequestFault("Expecting baseURL") + baseURL = obj["baseURL"] + if not "id" in baseURL: + id = None + else: + id = baseURL["id"] + if id == None: + raise fault.BadRequestFault("Expecting BaseURL") + + if 'region' in baseURL: + region = baseURL["region"] + if 'serviceName' in baseURL: + service = baseURL["serviceName"] + if 'publicURL' in baseURL: + public_url = baseURL["publicURL"] + if 'adminURL' in baseURL: + admin_url = baseURL["adminURL"] + if 'internalURL' in baseURL: + internal_url = baseURL["internalURL"] + if 'enabled' in baseURL: + enabled = baseURL["enabled"] + + return BaseURL(id, region, service, public_url, admin_url, + internal_url, enabled) + except (ValueError, TypeError) as e: + raise fault.BadRequestFault("Cannot parse baseURL", str(e)) + + def __init__(self, id, region, service, public_url, admin_url, + internal_url, enabled): + self.id = id + self.region = region + self.service = service + self.public_url = public_url + self.admin_url = admin_url + self.internal_url = internal_url + self.enabled = enabled + + def to_dom(self): + dom = etree.Element("baseURL", + xmlns="http://docs.openstack.org/identity/api/v2.0") + if self.id: + dom.set("id", str(self.id)) + if self.region: + dom.set("region", self.region) + if self.service: + dom.set("serviceName", self.service) + if self.public_url: + dom.set("publicURL", self.public_url) + if self.admin_url: + dom.set("adminURL", self.admin_url) + if self.internal_url: + dom.set("internalURL", self.internal_url) + if self.enabled: + dom.set("enabled", 'true') + return dom + + def to_xml(self): + return etree.tostring(self.to_dom()) + + def to_dict(self): + baseURL = {} + if self.id: + baseURL["id"] = self.id + if self.region: + baseURL["region"] = self.region + if self.service: + baseURL["serviceName"] = self.service + if self.public_url: + baseURL["publicURL"] = self.public_url + if self.admin_url: + baseURL["adminURL"] = self.admin_url + if self.internal_url: + baseURL["internalURL"] = self.internal_url + if self.enabled: + baseURL["enabled"] = self.enabled + return {'baseURL': baseURL} + + def to_json(self): + return json.dumps(self.to_dict()) + + +class BaseURLs(object): + "A collection of baseURls." + + def __init__(self, values, links): + self.values = values + self.links = links + + def to_xml(self): + dom = etree.Element("baseURLs") + dom.set(u"xmlns", "http://docs.openstack.org/identity/api/v2.0") + + for t in self.values: + dom.append(t.to_dom()) + + for t in self.links: + dom.append(t.to_dom()) + + return etree.tostring(dom) + + def to_json(self): + values = [t.to_dict()["baseURL"] for t in self.values] + links = [t.to_dict()["links"] for t in self.links] + return json.dumps({"baseURLs": {"values": values, "links": links}}) + + +class BaseURLRef(object): + def __init__(self, id, href): + self.id = id + self.href = href + + def to_dom(self): + dom = etree.Element("baseURLRef", + xmlns="http://docs.openstack.org/identity/api/v2.0") + if self.id: + dom.set("id", str(self.id)) + if self.href: + dom.set("href", self.href) + return dom + + def to_xml(self): + return etree.tostring(self.to_dom()) + + def to_dict(self): + baseURLRef = {} + if self.id: + baseURLRef["id"] = self.id + if self.href: + baseURLRef["href"] = self.href + return {'baseURLRef': baseURLRef} + + def to_json(self): + return json.dumps(self.to_dict()) + + +class BaseURLRefs(object): + "A collection of baseURlRefs." + + def __init__(self, values, links): + self.values = values + self.links = links + + def to_xml(self): + dom = etree.Element("baseURLRefs") + dom.set(u"xmlns", "http://docs.openstack.org/identity/api/v2.0") + + for t in self.values: + dom.append(t.to_dom()) + + for t in self.links: + dom.append(t.to_dom()) + + return etree.tostring(dom) + + def to_json(self): + values = [t.to_dict()["baseURLRef"] for t in self.values] + links = [t.to_dict()["links"] for t in self.links] + return json.dumps({"baseURLRefs": {"values": values, "links": links}}) diff --git a/keystone/logic/types/role.py b/keystone/logic/types/role.py index 4a463203..fd530ab0 100644 --- a/keystone/logic/types/role.py +++ b/keystone/logic/types/role.py @@ -49,14 +49,6 @@ class Role(object): if not "role" in obj: raise fault.BadRequestFault("Expecting Role") role = obj["role"] - - # Check that fields are valid - invalid = [key for key in role if key not in - ['id', 'description']] - if invalid != []: - raise fault.BadRequestFault("Invalid attribute(s): %s" - % invalid) - if not "id" in role: role_id = None else: diff --git a/keystone/logic/types/tenant.py b/keystone/logic/types/tenant.py index 4eaf6407..652e3741 100644 --- a/keystone/logic/types/tenant.py +++ b/keystone/logic/types/tenant.py @@ -60,14 +60,6 @@ class Tenant(object): if not "tenant" in obj: raise fault.BadRequestFault("Expecting tenant") tenant = obj["tenant"] - - # Check that fields are valid - invalid = [key for key in tenant if key not in - ['id', 'description', 'enabled']] - if invalid != []: - raise fault.BadRequestFault("Invalid attribute(s): %s" - % invalid) - if not "id" in tenant: tenant_id = None else: @@ -179,12 +171,6 @@ class Group(object): raise fault.BadRequestFault("Expecting group") group = obj["group"] - # Check that fields are valid - invalid = [key for key in group if key not in - ['id', 'description', 'tenantId']] - if invalid != []: - raise fault.BadRequestFault("Invalid attribute(s): %s") - if not "id" in group: group_id = None else: diff --git a/keystone/server.py b/keystone/server.py index a36234bb..fc8b24d1 100755 --- a/keystone/server.py +++ b/keystone/server.py @@ -53,7 +53,7 @@ import keystone.db.sqlalchemy as db import keystone.logic.service as serv import keystone.logic.types.tenant as tenants import keystone.logic.types.role as roles -import keystone.logic.types.endpoint as endpoints +import keystone.logic.types.baseURL as baseURLs import keystone.logic.types.auth as auth import keystone.logic.types.user as users import keystone.common.template as template @@ -453,46 +453,46 @@ class RolesController(wsgi.Controller): return utils.send_result(204, req, rval) -class EndpointTemplatesController(wsgi.Controller): +class BaseURLsController(wsgi.Controller): """ - EndpointTemplatesController Controller - - Controller for EndpointTemplates related operations + BaseURL Controller - + Controller for BaseURL related operations """ def __init__(self, options): self.options = options @utils.wrap_error - def get_endpoint_templates(self, req): + def get_baseurls(self, req): marker, limit, url = get_marker_limit_and_url(req) - endpoint_templates = service.get_endpoint_templates(utils.get_auth_token(req), + baseURLs = service.get_baseurls(utils.get_auth_token(req), marker, limit, url) - return utils.send_result(200, req, endpoint_templates) + return utils.send_result(200, req, baseURLs) @utils.wrap_error - def get_endpoint_template(self, req, endpoint_templates_id): - endpoint_template = service.get_endpoint_template(utils.get_auth_token(req), endpoint_templates_id) - return utils.send_result(200, req, endpoint_template) + def get_baseurl(self, req, baseURLId): + baseurl = service.get_baseurl(utils.get_auth_token(req), baseURLId) + return utils.send_result(200, req, baseurl) @utils.wrap_error - def get_endpoints_for_tenant(self, req, tenant_id): + def get_baseurls_for_tenant(self, req, tenant_id): marker, limit, url = get_marker_limit_and_url(req) - endpoints = service.get_tenant_endpoints(utils.get_auth_token(req), + baseURLRefs = service.get_tenant_baseURLs(utils.get_auth_token(req), marker, limit, url, tenant_id) - return utils.send_result(200, req, endpoints) + return utils.send_result(200, req, baseURLRefs) @utils.wrap_error - def add_endpoint_to_tenant(self, req, tenant_id): - endpoint = utils.get_normalized_request_content(endpoints.EndpointTemplate, req) + def add_baseurls_to_tenant(self, req, tenant_id): + baseurl = utils.get_normalized_request_content(baseURLs.BaseURL, req) return utils.send_result(201, req, - service.create_endpoint_for_tenant( + service.create_baseurl_ref_to_tenant( utils.get_auth_token(req), - tenant_id, endpoint, get_url(req))) + tenant_id, baseurl, get_url(req))) @utils.wrap_error - def remove_endpoint_from_tenant(self, req, tenant_id, endpoints_id): - rval = service.delete_endpoint(utils.get_auth_token(req), - endpoints_id) + def remove_baseurls_from_tenant(self, req, tenant_id, baseurls_ref_id): + rval = service.delete_baseurls_ref(utils.get_auth_token(req), + baseurls_ref_id) return utils.send_result(204, req, rval) @@ -740,25 +740,25 @@ class KeystoneAdminAPI(wsgi.Router): controller=roles_controller, action="delete_role_ref", conditions=dict(method=["DELETE"])) - #EndpointTemplatesControllers and Endpoints - endpoint_templates_controller = EndpointTemplatesController(options) - mapper.connect("/v2.0/endpointTemplates", controller=endpoint_templates_controller, - action="get_endpoint_templates", conditions=dict(method=["GET"])) - mapper.connect("/v2.0/endpointTemplates/{endpoint_templates_id}", - controller=endpoint_templates_controller, - action="get_endpoint_template", conditions=dict(method=["GET"])) - mapper.connect("/v2.0/tenants/{tenant_id}/endpoints", - controller=endpoint_templates_controller, - action="get_endpoints_for_tenant", + #BaseURLs and BaseURLRefs + baseurls_controller = BaseURLsController(options) + mapper.connect("/v2.0/baseURLs", controller=baseurls_controller, + action="get_baseurls", conditions=dict(method=["GET"])) + mapper.connect("/v2.0/baseURLs/{baseURLId}", + controller=baseurls_controller, + action="get_baseurl", conditions=dict(method=["GET"])) + mapper.connect("/v2.0/tenants/{tenant_id}/baseURLRefs", + controller=baseurls_controller, + action="get_baseurls_for_tenant", conditions=dict(method=["GET"])) - mapper.connect("/v2.0/tenants/{tenant_id}/endpoints", - controller=endpoint_templates_controller, - action="add_endpoint_to_tenant", + mapper.connect("/v2.0/tenants/{tenant_id}/baseURLRefs", + controller=baseurls_controller, + action="add_baseurls_to_tenant", conditions=dict(method=["POST"])) mapper.connect( - "/v2.0/tenants/{tenant_id}/endpoints/{endpoints_id}", - controller=endpoint_templates_controller, - action="remove_endpoint_from_tenant", + "/v2.0/tenants/{tenant_id}/baseURLRefs/{baseurls_ref_id}", + controller=baseurls_controller, + action="remove_baseurls_from_tenant", conditions=dict(method=["DELETE"])) # Miscellaneous Operations diff --git a/keystone/test/unit/test_BaseURLs.py b/keystone/test/unit/test_BaseURLs.py new file mode 100755 index 00000000..5cc99ff9 --- /dev/null +++ b/keystone/test/unit/test_BaseURLs.py @@ -0,0 +1,669 @@ +# vim: tabstop=4 shiftwidth=4 softtabstop=4 +# Copyright (c) 2010-2011 OpenStack, LLC. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +import httplib2 +import json +from lxml import etree +import os +import sys +sys.path.append(os.path.abspath(os.path.join(os.path.abspath(__file__), + '..', '..', '..', '..', '..', 'keystone'))) +import unittest + +import test_common as utils +from test_common import URL + +from keystone.logic.types import fault + +class BaseURLsTest(unittest.TestCase): + def setUp(self): + self.tenant = utils.get_tenant() + self.password = utils.get_password() + self.email = utils.get_email() + self.user = utils.get_user() + self.userdisabled = utils.get_userdisabled() + self.auth_token = utils.get_auth_token() + self.exp_auth_token = utils.get_exp_auth_token() + self.disabled_token = utils.get_disabled_token() + self.missing_token = utils.get_none_token() + self.invalid_token = utils.get_non_existing_token() + utils.create_tenant(self.tenant, str(self.auth_token)) + utils.create_user(self.tenant, self.user, self.auth_token) + self.token = utils.get_token(self.user, 'secrete', self.tenant, + 'token') + + def tearDown(self): + utils.delete_user(self.user, self.auth_token) + utils.delete_tenant(self.tenant, self.auth_token) + utils.delete_all_baseurls_ref(self.tenant, self.auth_token) + +class GetBaseURLsTest(BaseURLsTest): + def test_get_baseURLs(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.auth_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + + #verify content + obj = json.loads(content) + if not "baseURLs" in obj: + raise self.fail("Expecting BaseURLs") + + def test_get_baseURLs_using_expired_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.exp_auth_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403 , int(resp['status'])) + + def test_get_baseURLs_using_disabled_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.disabled_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403 , int(resp['status'])) + + def test_get_baseURLs_using_missing_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.missing_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401 , int(resp['status'])) + + def test_get_baseURLs_using_invalid_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.invalid_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404 , int(resp['status'])) + + def test_get_baseURLs_xml(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.auth_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + + #verify content + dom = etree.Element("root") + dom.append(etree.fromstring(content)) + baseURLs = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \ + "baseURLs") + if baseURLs == None: + self.fail("Expecting BaseURLs") + + def test_get_baseURLs_xml_expired_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.exp_auth_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_baseURLs_xml_disabled_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.disabled_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_baseURLs_xml_missing_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.missing_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + + def test_get_baseURLs_xml_invalid_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs' % (utils.URL) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.invalid_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + +class GetBaseURLTest(BaseURLsTest): + def test_get_baseURL(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.auth_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + + #verify content + obj = json.loads(content) + if not "baseURL" in obj: + raise self.fail("Expecting BaseURL") + + def test_get_baseURL_using_expired_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.exp_auth_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_baseURL_using_disabled_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.disabled_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_baseURL_using_missing_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.missing_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + + + def test_get_baseURL_using_invalid_auth_token(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.invalid_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + + def test_get_baseURL_xml(self): + header = httplib2.Http(".cache") + url = '%sbaseURLs/%s' % (utils.URL, '1') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.auth_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + + #verify content + dom = etree.Element("root") + dom.append(etree.fromstring(content)) + baseURL = dom.find("{http://docs.openstack.org/identity/api/v2.0}" \ + "baseURL") + if baseURL == None: + self.fail("Expecting BaseURL") + + +class CreateBaseURLRefsTest(BaseURLsTest): + def test_baseurls_ref_create_json(self): + header = httplib2.Http(".cache") + resp, content = utils.create_baseurls_ref(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + + def test_baseurls_ref_create_json_using_expired_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_baseurls_ref(self.tenant, "1", + str(self.exp_auth_token)) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_baseurls_ref_create_json_using_disabled_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_baseurls_ref(self.tenant, "1", + str(self.disabled_token)) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_baseurls_ref_create_json_using_missing_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_baseurls_ref(self.tenant, "1", + str(self.missing_token)) + resp_val = int(resp['status']) + self.assertEqual(401, resp_val) + + def test_baseurls_ref_create_json_using_invalid_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_baseurls_ref(self.tenant, "1", + str(self.invalid_token)) + resp_val = int(resp['status']) + self.assertEqual(404, resp_val) + + def test_baseurls_ref_create_xml(self): + header = httplib2.Http(".cache") + + resp, content = utils.create_baseurls_ref_xml(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + url = '%stenants/%s/baseURLRefs/%s' % (URL, self.tenant, '1') + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.auth_token)}) + resp_val = int(resp['status']) + self.assertEqual(204, resp_val) + + def test_baseurls_ref_create_xml_using_expired_token(self): + header = httplib2.Http(".cache") + + resp, content = utils.create_baseurls_ref_xml(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + url = '%stenants/%s/baseURLRefs/%s' % (URL, self.tenant, '1') + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.exp_auth_token)}) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_baseurls_ref_create_xml_using_disabled_token(self): + header = httplib2.Http(".cache") + + resp, content = utils.create_baseurls_ref_xml(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + url = '%stenants/%s/baseURLRefs/%s' % (URL, self.tenant, '1') + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.disabled_token)}) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_baseurls_ref_create_xml_using_missing_token(self): + header = httplib2.Http(".cache") + + resp, content = utils.create_baseurls_ref_xml(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + url = '%stenants/%s/baseURLRefs/%s' % (URL, self.tenant, '1') + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.missing_token)}) + resp_val = int(resp['status']) + self.assertEqual(401, resp_val) + + def test_baseurls_ref_create_xml_using_invalid_token(self): + header = httplib2.Http(".cache") + + resp, content = utils.create_baseurls_ref_xml(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + url = '%stenants/%s/baseURLRefs/%s' % (URL, self.tenant, '1') + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.invalid_token)}) + resp_val = int(resp['status']) + self.assertEqual(404, resp_val) + +class GetBaseURLRefsTest(BaseURLsTest): + def test_get_baseurls_ref_xml(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/baseURLRefs' % (URL, self.tenant) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.auth_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + + def test_get_baseurls_ref_xml_using_expired_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/baseURLRefs' % (URL, self.tenant) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.exp_auth_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_baseurls_ref_xml_using_disabled_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/baseURLRefs' % (URL, self.tenant) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.disabled_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_baseurls_ref_xml_using_missing_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/baseURLRefs' % (URL, self.tenant) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.missing_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + + def test_get_baseurls_ref_xml_using_invalid_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/baseURLRefs' % (URL, self.tenant) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.invalid_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + + def test_get_baseurls_ref_json(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/baseURLRefs' % (URL, self.tenant) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.auth_token), + "ACCEPT": "application/json"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(200, int(resp['status'])) + obj = json.loads(content) + if not "baseURLRefs" in obj: + raise self.fail("Expecting BaseURLRefs") + + def test_get_baseurls_ref_json_using_expired_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/baseURLRefs' % (URL, self.tenant) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.exp_auth_token), + "ACCEPT": "application/json"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + obj = json.loads(content) + + def test_get_baseurls_ref_json_using_disabled_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/baseURLRefs' % (URL, self.tenant) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.disabled_token), + "ACCEPT": "application/json"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + obj = json.loads(content) + + def test_get_baseurls_ref_json_using_missing_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/baseURLRefs' % (URL, self.tenant) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.missing_token), + "ACCEPT": "application/json"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + obj = json.loads(content) + + def test_get_baseurls_ref_json_using_invalid_auth_token(self): + header = httplib2.Http(".cache") + url = '%stenants/%s/baseURLRefs' % (URL, self.tenant) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.invalid_token), + "ACCEPT": "application/json"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + obj = json.loads(content) + +class DeleteBaseURLRefsTest(BaseURLsTest): + def test_delete_baseurlref(self): + header = httplib2.Http(".cache") + resp, content = utils.create_baseurls_ref(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "baseURLRef" in obj: + raise fault.BadRequestFault("Expecting baseURLRef") + base_url_ref = obj["baseURLRef"] + if not "id" in base_url_ref: + base_url_ref_id = None + else: + base_url_ref_id = base_url_ref["id"] + if base_url_ref_id is None: + raise fault.BadRequestFault("Expecting baseURLRefID") + url = '%stenants/%s/baseURLRefs/%s' % (URL, self.tenant, base_url_ref_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.auth_token)}) + resp_val = int(resp['status']) + self.assertEqual(204, resp_val) + + def test_delete_baseurlref_using_expired_auth_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_baseurls_ref(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "baseURLRef" in obj: + raise fault.BadRequestFault("Expecting baseURLRef") + base_url_ref = obj["baseURLRef"] + if not "id" in base_url_ref: + base_url_ref_id = None + else: + base_url_ref_id = base_url_ref["id"] + if base_url_ref_id is None: + raise fault.BadRequestFault("Expecting baseURLRefID") + url = '%stenants/%s/baseURLRefs/%s' % (URL, self.tenant, base_url_ref_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.exp_auth_token)}) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_delete_baseurlref_using_disabled_auth_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_baseurls_ref(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "baseURLRef" in obj: + raise fault.BadRequestFault("Expecting baseURLRef") + base_url_ref = obj["baseURLRef"] + if not "id" in base_url_ref: + base_url_ref_id = None + else: + base_url_ref_id = base_url_ref["id"] + if base_url_ref_id is None: + raise fault.BadRequestFault("Expecting baseURLRefID") + url = '%stenants/%s/baseURLRefs/%s' % (URL, self.tenant, base_url_ref_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.disabled_token)}) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_delete_baseurlref_using_missing_auth_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_baseurls_ref(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "baseURLRef" in obj: + raise fault.BadRequestFault("Expecting baseURLRef") + base_url_ref = obj["baseURLRef"] + if not "id" in base_url_ref: + base_url_ref_id = None + else: + base_url_ref_id = base_url_ref["id"] + if base_url_ref_id is None: + raise fault.BadRequestFault("Expecting baseURLRefID") + url = '%stenants/%s/baseURLRefs/%s' % (URL, self.tenant, base_url_ref_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.missing_token)}) + resp_val = int(resp['status']) + self.assertEqual(401, resp_val) + + def test_delete_baseurlref_using_invalid_auth_token(self): + header = httplib2.Http(".cache") + resp, content = utils.create_baseurls_ref(self.tenant, "1", + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "baseURLRef" in obj: + raise fault.BadRequestFault("Expecting baseURLRef") + base_url_ref = obj["baseURLRef"] + if not "id" in base_url_ref: + base_url_ref_id = None + else: + base_url_ref_id = base_url_ref["id"] + if base_url_ref_id is None: + raise fault.BadRequestFault("Expecting baseURLRefID") + url = '%stenants/%s/baseURLRefs/%s' % (URL, self.tenant, base_url_ref_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.invalid_token)}) + resp_val = int(resp['status']) + self.assertEqual(404, resp_val) + +if __name__ == '__main__': + unittest.main() diff --git a/keystone/test/unit/test_authentication.py b/keystone/test/unit/test_authentication.py index 5f2c570c..96bf271b 100755 --- a/keystone/test/unit/test_authentication.py +++ b/keystone/test/unit/test_authentication.py @@ -37,19 +37,19 @@ class AuthenticationTest(unittest.TestCase): #self.user = utils.get_user() self.userdisabled = utils.get_userdisabled() self.auth_token = utils.get_auth_token() - utils.create_endpoint(self.tenant, "1", + utils.create_baseurls_ref(self.tenant, "1", str(self.auth_token)) - utils.create_endpoint(self.tenant, "2", + utils.create_baseurls_ref(self.tenant, "2", str(self.auth_token)) - utils.create_endpoint(self.tenant, "3", + utils.create_baseurls_ref(self.tenant, "3", str(self.auth_token)) - utils.create_endpoint(self.tenant, "4", + utils.create_baseurls_ref(self.tenant, "4", str(self.auth_token)) #self.exp_auth_token = utils.get_exp_auth_token() #self.disabled_token = utils.get_disabled_token() def tearDown(self): - utils.delete_all_endpoint(self.tenant, self.auth_token) + utils.delete_all_baseurls_ref(self.tenant, self.auth_token) utils.delete_token(self.token, self.auth_token) def test_a_authorize(self): @@ -86,8 +86,8 @@ class AuthenticationTest(unittest.TestCase): resp, content = utils.get_token_legacy('joeuser', 'secrete') self.assertEqual(204, int(resp['status'])) self.assertTrue(resp['x-auth-token']) - #self.assertTrue(resp['x-server-management-url']) - #self.assertTrue(resp['x-storage-url']) + self.assertTrue(resp['x-server-management-url']) + self.assertTrue(resp['x-storage-url']) self.assertTrue(resp['x-glance']) def test_a_authorize_user_disabled(self): diff --git a/keystone/test/unit/test_common.py b/keystone/test/unit/test_common.py index 06409937..bfad2d62 100755 --- a/keystone/test/unit/test_common.py +++ b/keystone/test/unit/test_common.py @@ -778,32 +778,32 @@ def create_role_xml(role_id, auth_token): "ACCEPT": "application/xml"}) return (resp, content) -def create_endpoint(tenant_id, endpoint_templates_id, auth_token): +def create_baseurls_ref(tenant_id, baseurl_id, auth_token): header = httplib2.Http(".cache") - url = '%stenants/%s/endpoints' % (URL, tenant_id) - body = {"endpointTemplate": {"id": endpoint_templates_id}} + url = '%stenants/%s/baseURLRefs' % (URL, tenant_id) + body = {"baseURL": {"id": baseurl_id}} resp, content = header.request(url, "POST", body=json.dumps(body), headers={"Content-Type": "application/json", "X-Auth-Token": auth_token}) return (resp, content) -def create_endpoint_xml(tenant_id, endpoint_templates_id, auth_token): +def create_baseurls_ref_xml(tenant_id, baseurl_id, auth_token): header = httplib2.Http(".cache") - url = '%stenants/%s/endpoints' % (URL, tenant_id) + url = '%stenants/%s/baseURLRefs' % (URL, tenant_id) body = '<?xml version="1.0" encoding="UTF-8"?>\ - <endpointTemplate xmlns="http://docs.openstack.org/identity/api/v2.0" \ + <baseURL xmlns="http://docs.openstack.org/identity/api/v2.0" \ id="%s"/>\ - ' % (endpoint_templates_id) + ' % (baseurl_id) resp, content = header.request(url, "POST", body=body, headers={"Content-Type": "application/xml", "X-Auth-Token": auth_token, "ACCEPT": "application/xml"}) return (resp, content) -def delete_all_endpoint(tenant_id, auth_token): +def delete_all_baseurls_ref(tenant_id, auth_token): header = httplib2.Http(".cache") - url = '%stenants/%s/endpoints' % (URL, tenant_id) + url = '%stenants/%s/baseURLRefs' % (URL, tenant_id) #test for Content-Type = application/json resp, content = header.request(url, "GET", body='{}', headers={"Content-Type": "application/json", @@ -817,9 +817,9 @@ def delete_all_endpoint(tenant_id, auth_token): #verify content obj = json.loads(content) - endpoints = obj["endpoints"]["values"] - for endpoint in endpoints: - url = '%stenants/%s/endpoints/%s' % (URL, tenant_id, endpoint["id"]) + base_url_refs = obj["baseURLRefs"]["values"] + for base_url_ref in base_url_refs: + url = '%stenants/%s/baseURLRefs/%s' % (URL, tenant_id, base_url_ref["id"]) header.request(url, "DELETE", body='', headers={"Content-Type": "application/json", "X-Auth-Token": str(auth_token)}) diff --git a/keystone/utils.py b/keystone/utils.py index b5e63c44..eb90b326 100644 --- a/keystone/utils.py +++ b/keystone/utils.py @@ -39,6 +39,7 @@ if os.path.exists(os.path.join(POSSIBLE_TOPDIR, 'keystone', '__init__.py')): from queryext import exthandler import keystone.logic.types.fault as fault + def is_xml_response(req): if not "Accept" in req.headers: return False |