"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "keystone/tests/unit/test_v3_application_credential.py" between
keystone-15.0.0.tar.gz and keystone-15.0.1.tar.gz

About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Stein" series (maintained release).

test_v3_application_credential.py  (keystone-15.0.0):test_v3_application_credential.py  (keystone-15.0.1)
skipping to change at line 167 skipping to change at line 167
secret=app_cred_1.json['application_credential']['secret']) secret=app_cred_1.json['application_credential']['secret'])
token_data = self.v3_create_token(auth_data, token_data = self.v3_create_token(auth_data,
expected_status=http_client.CREATE D) expected_status=http_client.CREATE D)
app_cred_body_2 = self._app_cred_body(roles=roles) app_cred_body_2 = self._app_cred_body(roles=roles)
token = token_data.headers['x-subject-token'] token = token_data.headers['x-subject-token']
c.post('/v3/users/%s/application_credentials' % self.user_id, c.post('/v3/users/%s/application_credentials' % self.user_id,
json=app_cred_body_2, json=app_cred_body_2,
expected_status_code=http_client.FORBIDDEN, expected_status_code=http_client.FORBIDDEN,
headers={'X-Auth-Token': token}) headers={'X-Auth-Token': token})
def test_create_application_credential_with_trust(self):
second_role = unit.new_role_ref(name='reader')
PROVIDERS.role_api.create_role(second_role['id'], second_role)
PROVIDERS.assignment_api.add_role_to_user_and_project(
self.user_id, self.project_id, second_role['id'])
with self.test_client() as c:
pw_token = self.get_scoped_token()
# create a self-trust - only the roles are important for this test
trust_ref = unit.new_trust_ref(
trustor_user_id=self.user_id,
trustee_user_id=self.user_id,
project_id=self.project_id,
role_ids=[second_role['id']])
resp = c.post('/v3/OS-TRUST/trusts',
headers={'X-Auth-Token': pw_token},
json={'trust': trust_ref})
trust_id = resp.json['trust']['id']
trust_auth = self.build_authentication_request(
user_id=self.user_id,
password=self.user['password'],
trust_id=trust_id)
trust_token = self.v3_create_token(
trust_auth).headers['X-Subject-Token']
app_cred = self._app_cred_body(roles=[{'id': self.role_id}])
# only the roles from the trust token should be allowed, even if
# the user has the role assigned on the project
c.post('/v3/users/%s/application_credentials' % self.user_id,
headers={'X-Auth-Token': trust_token},
json=app_cred,
expected_status_code=http_client.BAD_REQUEST)
def test_create_application_credential_allow_recursion(self): def test_create_application_credential_allow_recursion(self):
with self.test_client() as c: with self.test_client() as c:
roles = [{'id': self.role_id}] roles = [{'id': self.role_id}]
app_cred_body_1 = self._app_cred_body(roles=roles) app_cred_body_1 = self._app_cred_body(roles=roles)
app_cred_body_1['application_credential']['unrestricted'] = True app_cred_body_1['application_credential']['unrestricted'] = True
token = self.get_scoped_token() token = self.get_scoped_token()
app_cred_1 = c.post('/v3/users/%s/application_credentials' % self.us er_id, app_cred_1 = c.post('/v3/users/%s/application_credentials' % self.us er_id,
json=app_cred_body_1, json=app_cred_body_1,
expected_status_code=http_client.CREATED, expected_status_code=http_client.CREATED,
headers={'X-Auth-Token': token}) headers={'X-Auth-Token': token})
 End of changes. 1 change blocks. 
0 lines changed or deleted 31 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)