identity: Migrate 'access rule' commands to SDK

Change-Id: Id5740cc61474650f22f9efe8d148c8c666c3b91e
2024-06-12 17:52:08 +00:00 · 2024-06-12 17:52:08 +00:00 · 415f68016c
commit 415f68016c
parent bbe04238a8
4 changed files with 104 additions and 83 deletions
--- a/openstackclient/identity/v3/access_rule.py
+++ b/openstackclient/identity/v3/access_rule.py
@ -42,15 +42,15 @@ class DeleteAccessRule(command.Command):
        return parser

    def take_action(self, parsed_args):
-        identity_client = self.app.client_manager.identity
+        identity_client = self.app.client_manager.sdk_connection.identity
+        conn = self.app.client_manager.sdk_connection
+        user_id = conn.config.get_auth().get_user_id(conn.identity)

        errors = 0
        for ac in parsed_args.access_rule:
            try:
-                access_rule = common.get_resource_by_id(
-                    identity_client.access_rules, ac
-                )
-                identity_client.access_rules.delete(access_rule.id)
+                access_rule = identity_client.get_access_rule(user_id, ac)
+                identity_client.delete_access_rule(user_id, access_rule.id)
            except Exception as e:
                errors += 1
                LOG.error(
@ -83,16 +83,17 @@ class ListAccessRule(command.Lister):
        return parser

    def take_action(self, parsed_args):
-        identity_client = self.app.client_manager.identity
+        identity_client = self.app.client_manager.sdk_connection.identity
        if parsed_args.user:
            user_id = common.find_user(
                identity_client, parsed_args.user, parsed_args.user_domain
            ).id
        else:
-            user_id = None
+            conn = self.app.client_manager.sdk_connection
+            user_id = conn.config.get_auth().get_user_id(conn.identity)

        columns = ('ID', 'Service', 'Method', 'Path')
-        data = identity_client.access_rules.list(user=user_id)
+        data = identity_client.access_rules(user=user_id)
        return (
            columns,
            (
@ -119,11 +120,22 @@ class ShowAccessRule(command.ShowOne):
        return parser

    def take_action(self, parsed_args):
-        identity_client = self.app.client_manager.identity
-        access_rule = common.get_resource_by_id(
-            identity_client.access_rules, parsed_args.access_rule
+        identity_client = self.app.client_manager.sdk_connection.identity
+        conn = self.app.client_manager.sdk_connection
+        user_id = conn.config.get_auth().get_user_id(conn.identity)
+
+        access_rule = identity_client.get_access_rule(
+            user_id, parsed_args.access_rule
        )

-        access_rule._info.pop('links', None)
-
-        return zip(*sorted(access_rule._info.items()))
+        columns = ('ID', 'Method', 'Path', 'Service')
+        return (
+            columns,
+            (
+                utils.get_item_properties(
+                    access_rule,
+                    columns,
+                    formatters={},
+                )
+            ),
+        )
--- a/openstackclient/tests/functional/identity/v3/test_access_rule.py
+++ b/openstackclient/tests/functional/identity/v3/test_access_rule.py
@ -20,10 +20,10 @@ from openstackclient.tests.functional.identity.v3 import common

 class AccessRuleTests(common.IdentityTests):
    ACCESS_RULE_FIELDS = [
-        'id',
-        'service',
-        'method',
-        'path',
+        'ID',
+        'Service',
+        'Method',
+        'Path',
    ]
    ACCESS_RULE_LIST_HEADERS = [
        'ID',
--- a/openstackclient/tests/unit/identity/v3/test_access_rule.py
+++ b/openstackclient/tests/unit/identity/v3/test_access_rule.py
@ -13,72 +13,66 @@
 #   under the License.
 #

-import copy
+from unittest.mock import call

-from keystoneclient import exceptions as identity_exc
+from openstack import exceptions as sdk_exceptions
+from openstack.identity.v3 import access_rule as _access_rule
+from openstack.test import fakes as sdk_fakes
 from osc_lib import exceptions

 from openstackclient.identity.v3 import access_rule
-from openstackclient.tests.unit import fakes
 from openstackclient.tests.unit.identity.v3 import fakes as identity_fakes


-class TestAccessRule(identity_fakes.TestIdentityv3):
+class TestAccessRuleDelete(identity_fakes.TestIdentityv3):
+    access_rule = sdk_fakes.generate_fake_resource(_access_rule.AccessRule)
+
    def setUp(self):
        super().setUp()

-        identity_manager = self.identity_client
-        self.access_rules_mock = identity_manager.access_rules
-        self.access_rules_mock.reset_mock()
-        self.roles_mock = identity_manager.roles
-        self.roles_mock.reset_mock()
-
-
-class TestAccessRuleDelete(TestAccessRule):
-    def setUp(self):
-        super().setUp()
-
-        # This is the return value for utils.find_resource()
-        self.access_rules_mock.get.return_value = fakes.FakeResource(
-            None,
-            copy.deepcopy(identity_fakes.ACCESS_RULE),
-            loaded=True,
+        self.identity_sdk_client.get_access_rule.return_value = (
+            self.access_rule
        )
-        self.access_rules_mock.delete.return_value = None
+        self.identity_sdk_client.delete_access_rule.return_value = None

        # Get the command object to test
        self.cmd = access_rule.DeleteAccessRule(self.app, None)

    def test_access_rule_delete(self):
-        arglist = [
-            identity_fakes.access_rule_id,
-        ]
-        verifylist = [('access_rule', [identity_fakes.access_rule_id])]
+        arglist = [self.access_rule.id]
+        verifylist = [('access_rule', [self.access_rule.id])]
        parsed_args = self.check_parser(self.cmd, arglist, verifylist)

+        conn = self.app.client_manager.sdk_connection
+        user_id = conn.config.get_auth().get_user_id(conn.identity)
+
        result = self.cmd.take_action(parsed_args)

-        self.access_rules_mock.delete.assert_called_with(
-            identity_fakes.access_rule_id,
+        self.identity_sdk_client.delete_access_rule.assert_called_with(
+            user_id,
+            self.access_rule.id,
        )
        self.assertIsNone(result)

    def test_delete_multi_access_rules_with_exception(self):
-        # mock returns for common.get_resource_by_id
-        mock_get = self.access_rules_mock.get
-        mock_get.side_effect = [
-            mock_get.return_value,
-            identity_exc.NotFound,
+        self.identity_sdk_client.get_access_rule.side_effect = [
+            self.access_rule,
+            sdk_exceptions.NotFoundException,
        ]
+
        arglist = [
-            identity_fakes.access_rule_id,
+            self.access_rule.id,
            'nonexistent_access_rule',
        ]
        verifylist = [
            ('access_rule', arglist),
        ]
+
        parsed_args = self.check_parser(self.cmd, arglist, verifylist)

+        conn = self.app.client_manager.sdk_connection
+        user_id = conn.config.get_auth().get_user_id(conn.identity)
+
        try:
            self.cmd.take_action(parsed_args)
            self.fail('CommandError should be raised.')
@ -87,26 +81,27 @@ class TestAccessRuleDelete(TestAccessRule):
                '1 of 2 access rules failed to' ' delete.', str(e)
            )

-        mock_get.assert_any_call(identity_fakes.access_rule_id)
-        mock_get.assert_any_call('nonexistent_access_rule')
+        calls = []
+        for a in arglist:
+            calls.append(call(user_id, a))

-        self.assertEqual(2, mock_get.call_count)
-        self.access_rules_mock.delete.assert_called_once_with(
-            identity_fakes.access_rule_id
+        self.identity_sdk_client.get_access_rule.assert_has_calls(calls)
+
+        self.assertEqual(
+            2, self.identity_sdk_client.get_access_rule.call_count
+        )
+        self.identity_sdk_client.delete_access_rule.assert_called_once_with(
+            user_id, self.access_rule.id
        )


-class TestAccessRuleList(TestAccessRule):
+class TestAccessRuleList(identity_fakes.TestIdentityv3):
+    access_rule = sdk_fakes.generate_fake_resource(_access_rule.AccessRule)
+
    def setUp(self):
        super().setUp()

-        self.access_rules_mock.list.return_value = [
-            fakes.FakeResource(
-                None,
-                copy.deepcopy(identity_fakes.ACCESS_RULE),
-                loaded=True,
-            ),
-        ]
+        self.identity_sdk_client.access_rules.return_value = [self.access_rule]

        # Get the command object to test
        self.cmd = access_rule.ListAccessRule(self.app, None)
@ -116,31 +111,34 @@ class TestAccessRuleList(TestAccessRule):
        verifylist = []
        parsed_args = self.check_parser(self.cmd, arglist, verifylist)

+        conn = self.app.client_manager.sdk_connection
+        user_id = conn.config.get_auth().get_user_id(conn.identity)
+
        columns, data = self.cmd.take_action(parsed_args)

-        self.access_rules_mock.list.assert_called_with(user=None)
+        self.identity_sdk_client.access_rules.assert_called_with(user=user_id)

        collist = ('ID', 'Service', 'Method', 'Path')
        self.assertEqual(collist, columns)
        datalist = (
            (
-                identity_fakes.access_rule_id,
-                identity_fakes.access_rule_service,
-                identity_fakes.access_rule_method,
-                identity_fakes.access_rule_path,
+                self.access_rule.id,
+                self.access_rule.service,
+                self.access_rule.method,
+                self.access_rule.path,
            ),
        )
        self.assertEqual(datalist, tuple(data))


-class TestAccessRuleShow(TestAccessRule):
+class TestAccessRuleShow(identity_fakes.TestIdentityv3):
+    access_rule = sdk_fakes.generate_fake_resource(_access_rule.AccessRule)
+
    def setUp(self):
        super().setUp()

-        self.access_rules_mock.get.return_value = fakes.FakeResource(
-            None,
-            copy.deepcopy(identity_fakes.ACCESS_RULE),
-            loaded=True,
+        self.identity_sdk_client.get_access_rule.return_value = (
+            self.access_rule
        )

        # Get the command object to test
@ -148,25 +146,28 @@ class TestAccessRuleShow(TestAccessRule):

    def test_access_rule_show(self):
        arglist = [
-            identity_fakes.access_rule_id,
+            self.access_rule.id,
        ]
        verifylist = [
-            ('access_rule', identity_fakes.access_rule_id),
+            ('access_rule', self.access_rule.id),
        ]
        parsed_args = self.check_parser(self.cmd, arglist, verifylist)

+        conn = self.app.client_manager.sdk_connection
+        user_id = conn.config.get_auth().get_user_id(conn.identity)
+
        columns, data = self.cmd.take_action(parsed_args)

-        self.access_rules_mock.get.assert_called_with(
-            identity_fakes.access_rule_id
+        self.identity_sdk_client.get_access_rule.assert_called_with(
+            user_id, self.access_rule.id
        )

-        collist = ('id', 'method', 'path', 'service')
+        collist = ('ID', 'Method', 'Path', 'Service')
        self.assertEqual(collist, columns)
        datalist = (
-            identity_fakes.access_rule_id,
-            identity_fakes.access_rule_method,
-            identity_fakes.access_rule_path,
-            identity_fakes.access_rule_service,
+            self.access_rule.id,
+            self.access_rule.method,
+            self.access_rule.path,
+            self.access_rule.service,
        )
        self.assertEqual(datalist, data)
--- a/releasenotes/notes/migrate-access-rule-to-sdk-923682b4c71fea8a.yaml
+++ b/releasenotes/notes/migrate-access-rule-to-sdk-923682b4c71fea8a.yaml
@ -0,0 +1,8 @@
+---
+upgrade:
+  - |
+    The following commands have been migrated to SDK:
+
+    - ``access rule list``
+    - ``access rule delete``
+    - ``access rule show``