Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 14 additions & 12 deletions dcos_test_utils/iam.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
""" This module provides a specialized client for interacting with
the Identity Access and Management (IAM) service endpoints
"""
from typing import Optional

from dcos_test_utils import helpers


Expand All @@ -22,7 +24,7 @@ def __init__(self, default_url: helpers.Url, session=None):
if session:
self.session = session

def create_service(self, uid: str, pubkey: str, description: str):
def create_service(self, uid: str, pubkey: str, description: str, host: Optional[str] = None):
""" creates a service user

:param uid: ID for the new service
Expand All @@ -38,10 +40,10 @@ def create_service(self, uid: str, pubkey: str, description: str):
'description': description,
'public_key': pubkey
}
r = self.put('/users/{}'.format(uid), json=data)
r = self.put('/users/{}'.format(uid), json=data, host=host)
assert r.status_code == 201

def delete_service(self, uid: str) -> None:
def delete_service(self, uid: str, host: Optional[str] = None) -> None:
"""Delete a service account and verify that this worked.

Args:
Expand All @@ -54,12 +56,12 @@ def delete_service(self, uid: str) -> None:
assert resp.status_code == 204

# Verify that service does not appear in collection anymore.
resp = self.get('/users', query='type=service')
resp = self.get('/users', query='type=service', host=host)
resp.raise_for_status()
uids = [account['uid'] for account in resp.json()['array']]
assert uid not in uids

def grant_user_permission(self, uid: str, action: str, rid: str) -> None:
def grant_user_permission(self, uid: str, action: str, rid: str, host: Optional[str] = None) -> None:
""" Will grant a user with an action for a given RID

:param uid: ID of the user that this permission will be granted to
Expand All @@ -70,11 +72,11 @@ def grant_user_permission(self, uid: str, action: str, rid: str) -> None:
:type rid: str
"""
rid = rid.replace('/', '%252F')
r = self.put('/acls/{}/users/{}/{}'.format(rid, uid, action))
r = self.put('/acls/{}/users/{}/{}'.format(rid, uid, action), host=host)
assert r.status_code == 204, ('Permission was not granted. Code: {}. '
'Content {}'.format(r.status_code, r.content.decode()))

def delete_user_permission(self, uid: str, action: str, rid: str) -> None:
def delete_user_permission(self, uid: str, action: str, rid: str, host: Optional[str] = None) -> None:
""" Will delete permission for a user for an action for a given RID

:param uid: ID of the user that this permission will be deleted from
Expand All @@ -86,10 +88,10 @@ def delete_user_permission(self, uid: str, action: str, rid: str) -> None:
"""
rid = rid.replace('/', '%252F')
rid = rid.replace('/', '%252F')
r = self.delete('/acls/{}/users/{}/{}'.format(rid, uid, action))
r = self.delete('/acls/{}/users/{}/{}'.format(rid, uid, action), host=host)
assert r.status_code == 204

def create_acl(self, rid: str, description: str) -> None:
def create_acl(self, rid: str, description: str, host: Optional[str] = None) -> None:
""" creates an ACL

:param rid: RID for the ACL to be created
Expand All @@ -99,17 +101,17 @@ def create_acl(self, rid: str, description: str) -> None:
"""
rid = rid.replace('/', '%252F')
# Create ACL if it does not yet exist.
r = self.put('/acls/{}'.format(rid), json={'description': description})
r = self.put('/acls/{}'.format(rid), json={'description': description}, host=host)
assert r.status_code == 201 or r.status_code == 409

def delete_acl(self, rid: str) -> None:
def delete_acl(self, rid: str, host: Optional[str] = None) -> None:
""" Deletes an ACL

:param rid: RID for the ACL to be deleted
:type rid: str
"""
rid = rid.replace('/', '%252F')
r = self.delete('/acls/{}'.format(rid))
r = self.delete('/acls/{}'.format(rid), host=host)
assert r.status_code == 204

def make_service_account_credentials(self, uid, privkey) -> dict:
Expand Down