diff --git a/heat/engine/api.py b/heat/engine/api.py index ca7951140e..fb2416ca20 100644 --- a/heat/engine/api.py +++ b/heat/engine/api.py @@ -288,7 +288,7 @@ def format_resource_attributes(resource, with_attr=None): return resolver._resolver(attr) except Exception: return None - # if 'show' in attribute_schema, will resolve all attributes of resource + # if 'show' in attributes_schema, will resolve all attributes of resource # including the ones are not represented in response of show API, such as # 'console_urls' for nova server, user can view it by taking with_attr # parameter diff --git a/heat/engine/resources/openstack/keystone/user.py b/heat/engine/resources/openstack/keystone/user.py index 57c3ae9511..ddeca64d45 100644 --- a/heat/engine/resources/openstack/keystone/user.py +++ b/heat/engine/resources/openstack/keystone/user.py @@ -12,6 +12,7 @@ # under the License. from heat.common.i18n import _ +from heat.engine import attributes from heat.engine import constraints from heat.engine import properties from heat.engine import resource @@ -101,6 +102,41 @@ class KeystoneUser(resource.Resource, properties_schema.update( role_assignments.KeystoneRoleAssignmentMixin.mixin_properties_schema) + ATTRIBUTES = ( + NAME_ATTR, DEFAULT_PROJECT_ATTR, DOMAIN_ATTR, ENABLED_ATTR, + PASSWORD_EXPIRES_AT_ATTR + ) = ( + 'name', 'default_project_id', 'domain_id', + 'enabled', 'password_expires_at' + ) + attributes_schema = { + NAME_ATTR: attributes.Schema( + _('User name.'), + support_status=support.SupportStatus(version='9.0.0'), + type=attributes.Schema.STRING + ), + DEFAULT_PROJECT_ATTR: attributes.Schema( + _('Default project id for user.'), + support_status=support.SupportStatus(version='9.0.0'), + type=attributes.Schema.STRING + ), + DOMAIN_ATTR: attributes.Schema( + _('Domain id for user.'), + support_status=support.SupportStatus(version='9.0.0'), + type=attributes.Schema.STRING + ), + ENABLED_ATTR: attributes.Schema( + _('Flag of enable user.'), + support_status=support.SupportStatus(version='9.0.0'), + type=attributes.Schema.BOOLEAN + ), + PASSWORD_EXPIRES_AT_ATTR: attributes.Schema( + _('Show user password expiration time.'), + support_status=support.SupportStatus(version='9.0.0'), + type=attributes.Schema.STRING + ), + } + def translation_rules(self, properties): return [ translation.TranslationRule( @@ -188,6 +224,12 @@ class KeystoneUser(resource.Resource, return new_group_ids, removed_group_ids + def _resolve_attribute(self, name): + if self.resource_id is None: + return + user = self.client().users.get(self.resource_id) + return getattr(user, name, None) + def handle_create(self): user_name = (self.properties[self.NAME] or self.physical_resource_name()) diff --git a/heat/tests/openstack/keystone/test_user.py b/heat/tests/openstack/keystone/test_user.py index 9cb8d716e5..01159d4785 100644 --- a/heat/tests/openstack/keystone/test_user.py +++ b/heat/tests/openstack/keystone/test_user.py @@ -83,12 +83,17 @@ class KeystoneUserTest(common.HeatTestCase): value = mock.MagicMock() user_id = '477e8273-60a7-4c41-b683-fdb0bc7cd151' value.id = user_id - + value.name = 'test_user_1' + value.default_project_id = 'project_1' + value.domain_id = 'default' + value.enabled = True + value.password_expires_at = '2016-12-10T17:28:49.000000' return value def test_user_handle_create(self): mock_user = self._get_mock_user() self.users.create.return_value = mock_user + self.users.get.return_value = mock_user self.users.add_to_group = mock.MagicMock() # validate the properties @@ -316,3 +321,23 @@ class KeystoneUserTest(common.HeatTestCase): self.assertEqual(set(expected.keys()), set(reality.keys())) for key in expected: self.assertEqual(expected[key], reality[key]) + + def test_resolve_attributes(self): + mock_user = self._get_mock_user() + self.test_user.resource_id = mock_user['id'] + self.users.get.return_value = mock_user + self.assertEqual( + mock_user.name, + self.test_user._resolve_attribute('name')) + self.assertEqual( + mock_user.default_project_id, + self.test_user._resolve_attribute('default_project_id')) + self.assertEqual( + mock_user.domain_id, + self.test_user._resolve_attribute('domain_id')) + self.assertEqual( + mock_user.enabled, + self.test_user._resolve_attribute('enabled')) + self.assertEqual( + mock_user.password_expires_at, + self.test_user._resolve_attribute('password_expires_at'))