Add a method for changing a user's password in v3

The new Identity API v3 resource for changing a user's password in keystone can be utilized with: c.users.update_password(old_password, new_password) Change-Id: Ia887d853140a18ba75d6eb1bfde4ce2d64b7af60 Closes-Bug: 1239757 Co-Authored-By: Dolph Mathews <dolph.mathews@gmail.com> DocImpact
2013-12-04 11:05:47 +08:00 · 2013-12-04 11:05:47 +08:00 · f121c2285f
parent c1ddc5e199
commit f121c2285f
2 changed files with 69 additions and 0 deletions
--- a/keystoneclient/tests/v3/test_users.py
+++ b/keystoneclient/tests/v3/test_users.py
@ -197,3 +197,55 @@ class UserTests(utils.TestCase, utils.CrudTests):
                ref[attr],
                'Expected different %s' % attr)
        self.assertEntityRequestBodyIs(req_ref)
+
+    @httpretty.activate
+    def test_update_password(self):
+        old_password = uuid.uuid4().hex
+        new_password = uuid.uuid4().hex
+
+        self.stub_url(httpretty.POST,
+                      [self.collection_key, self.TEST_USER, 'password'])
+        self.client.user_id = self.TEST_USER
+        self.manager.update_password(old_password, new_password)
+
+        exp_req_body = {
+            'user': {
+                'password': new_password, 'original_password': old_password
+            }
+        }
+
+        self.assertEqual('/v3/users/test/password',
+                         httpretty.last_request().path)
+        self.assertRequestBodyIs(json=exp_req_body)
+
+    def test_update_password_with_bad_inputs(self):
+        old_password = uuid.uuid4().hex
+        new_password = uuid.uuid4().hex
+
+        # users can't unset their password
+        self.assertRaises(exceptions.ValidationError,
+                          self.manager.update_password,
+                          old_password, None)
+        self.assertRaises(exceptions.ValidationError,
+                          self.manager.update_password,
+                          old_password, '')
+
+        # users can't start with empty passwords
+        self.assertRaises(exceptions.ValidationError,
+                          self.manager.update_password,
+                          None, new_password)
+        self.assertRaises(exceptions.ValidationError,
+                          self.manager.update_password,
+                          '', new_password)
+
+        # this wouldn't result in any change anyway
+        self.assertRaises(exceptions.ValidationError,
+                          self.manager.update_password,
+                          None, None)
+        self.assertRaises(exceptions.ValidationError,
+                          self.manager.update_password,
+                          '', '')
+        password = uuid.uuid4().hex
+        self.assertRaises(exceptions.ValidationError,
+                          self.manager.update_password,
+                          password, password)
--- a/keystoneclient/v3/users.py
+++ b/keystoneclient/v3/users.py
@ -133,6 +133,23 @@ class UserManager(base.CrudManager):
            enabled=enabled,
            **kwargs)

+    def update_password(self, old_password, new_password):
+        """Update the password for the user the token belongs to."""
+        if not (old_password and new_password):
+            msg = 'Specify both the current password and a new password'
+            raise exceptions.ValidationError(msg)
+
+        if old_password == new_password:
+            msg = 'Old password and new password appear to be identical.'
+            raise exceptions.ValidationError(msg)
+
+        params = {'user': {'password': new_password,
+                           'original_password': old_password}}
+
+        base_url = '/users/%s/password' % self.api.user_id
+
+        return self._update(base_url, params, method='POST', management=False)
+
    def add_to_group(self, user, group):
        self._require_user_and_group(user, group)