"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "keystone/tests/protection/v3/test_domain_config.py" between
keystone-16.0.1.tar.gz and keystone-17.0.0.tar.gz

About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Ussuri" series (latest release).

test_domain_config.py  (keystone-16.0.1):test_domain_config.py  (keystone-17.0.0)
skipping to change at line 15 skipping to change at line 15
# http://www.apache.org/licenses/LICENSE-2.0 # http://www.apache.org/licenses/LICENSE-2.0
# #
# Unless required by applicable law or agreed to in writing, software # Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
import uuid import uuid
from six.moves import http_client import http.client
from keystone.common import provider_api from keystone.common import provider_api
import keystone.conf import keystone.conf
from keystone.tests.common import auth as common_auth from keystone.tests.common import auth as common_auth
from keystone.tests import unit from keystone.tests import unit
from keystone.tests.unit import base_classes from keystone.tests.unit import base_classes
from keystone.tests.unit import ksfixtures from keystone.tests.unit import ksfixtures
CONF = keystone.conf.CONF CONF = keystone.conf.CONF
PROVIDERS = provider_api.ProviderAPIs PROVIDERS = provider_api.ProviderAPIs
skipping to change at line 52 skipping to change at line 52
c.get('/v3/domains/%s/config/security_compliance' c.get('/v3/domains/%s/config/security_compliance'
% CONF.identity.default_domain_id, headers=self.headers) % CONF.identity.default_domain_id, headers=self.headers)
def test_user_can_get_security_compliance_domain_config_option(self): def test_user_can_get_security_compliance_domain_config_option(self):
password_regex_description = uuid.uuid4().hex password_regex_description = uuid.uuid4().hex
self.config_fixture.config( self.config_fixture.config(
group='security_compliance', group='security_compliance',
password_regex_description=password_regex_description password_regex_description=password_regex_description
) )
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config/security_compliance/password_regex_desc c.get('/v3/domains/%s/config/security_compliance'
ription' '/password_regex_description'
% CONF.identity.default_domain_id, headers=self.headers) % CONF.identity.default_domain_id, headers=self.headers)
def test_user_can_get_security_compliance_config_with_user_from_other_domain (self): def test_can_get_security_compliance_config_with_user_from_other_domain(self ): # noqa: E501
domain = unit.new_domain_ref() domain = unit.new_domain_ref()
PROVIDERS.resource_api.create_domain(domain['id'], domain) PROVIDERS.resource_api.create_domain(domain['id'], domain)
# Create a user in the new domain # Create a user in the new domain
user = unit.create_user(PROVIDERS.identity_api, domain['id']) user = unit.create_user(PROVIDERS.identity_api, domain['id'])
# Create a project in the new domain # Create a project in the new domain
project = unit.new_project_ref(domain_id=domain['id']) project = unit.new_project_ref(domain_id=domain['id'])
PROVIDERS.resource_api.create_project(project['id'], project) PROVIDERS.resource_api.create_project(project['id'], project)
skipping to change at line 96 skipping to change at line 97
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config/security_compliance' c.get('/v3/domains/%s/config/security_compliance'
% CONF.identity.default_domain_id, headers=self.headers) % CONF.identity.default_domain_id, headers=self.headers)
class _SystemUserDomainConfigTests(object): class _SystemUserDomainConfigTests(object):
def test_user_can_get_domain_config(self): def test_user_can_get_domain_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config' c.get('/v3/domains/%s/config'
% domain['id'], headers=self.headers) % domain['id'], headers=self.headers)
def test_user_can_get_domain_group_config(self): def test_user_can_get_domain_group_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap' c.get('/v3/domains/%s/config/ldap'
% domain['id'], headers=self.headers) % domain['id'], headers=self.headers)
def test_user_can_get_config_by_group_invalid_domain(self): def test_user_can_get_config_by_group_invalid_domain(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
invalid_domain_id = uuid.uuid4().hex invalid_domain_id = uuid.uuid4().hex
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap' c.get('/v3/domains/%s/config/ldap'
% invalid_domain_id, headers=self.headers, % invalid_domain_id, headers=self.headers,
expected_status_code=http_client.NOT_FOUND) expected_status_code=http.client.NOT_FOUND)
def test_user_can_get_non_existent_config(self): def test_user_can_get_non_existent_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config' % domain['id'], headers=self.headers, c.get('/v3/domains/%s/config' % domain['id'], headers=self.headers,
expected_status_code=http_client.NOT_FOUND) expected_status_code=http.client.NOT_FOUND)
def test_user_can_get_non_existent_config_group_invalid_domain(self): def test_user_can_get_non_existent_config_group_invalid_domain(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
config = {'ldap': {'url': uuid.uuid4().hex}} config = {'ldap': {'url': uuid.uuid4().hex}}
PROVIDERS.domain_config_api.create_config(domain['id'], config) PROVIDERS.domain_config_api.create_config(domain['id'], config)
invalid_domain_id = uuid.uuid4().hex invalid_domain_id = uuid.uuid4().hex
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap' c.get('/v3/domains/%s/config/ldap'
% invalid_domain_id, headers=self.headers, % invalid_domain_id, headers=self.headers,
expected_status_code=http_client.NOT_FOUND) expected_status_code=http.client.NOT_FOUND)
def test_user_can_get_domain_config_option(self): def test_user_can_get_domain_config_option(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap/url' c.get('/v3/domains/%s/config/ldap/url'
% domain['id'], headers=self.headers) % domain['id'], headers=self.headers)
def test_user_can_get_non_existent_config_option(self): def test_user_can_get_non_existent_config_option(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
config = {'ldap': {'url': uuid.uuid4().hex}} config = {'ldap': {'url': uuid.uuid4().hex}}
PROVIDERS.domain_config_api.create_config(domain['id'], config) PROVIDERS.domain_config_api.create_config(domain['id'], config)
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap/user_tree_dn' c.get('/v3/domains/%s/config/ldap/user_tree_dn'
% domain['id'], headers=self.headers, % domain['id'], headers=self.headers,
expected_status_code=http_client.NOT_FOUND) expected_status_code=http.client.NOT_FOUND)
def test_user_can_get_non_existent_config_option_invalid_domain(self): def test_user_can_get_non_existent_config_option_invalid_domain(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
config = {'ldap': {'url': uuid.uuid4().hex}} config = {'ldap': {'url': uuid.uuid4().hex}}
PROVIDERS.domain_config_api.create_config(domain['id'], config) PROVIDERS.domain_config_api.create_config(domain['id'], config)
invalid_domain_id = uuid.uuid4().hex invalid_domain_id = uuid.uuid4().hex
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap/user_tree_dn' c.get('/v3/domains/%s/config/ldap/user_tree_dn'
% invalid_domain_id, headers=self.headers, % invalid_domain_id, headers=self.headers,
expected_status_code=http_client.NOT_FOUND) expected_status_code=http.client.NOT_FOUND)
def test_user_can_get_security_compliance_domain_config(self): def test_user_can_get_security_compliance_domain_config(self):
# Set the security compliance configuration options # Set the security compliance configuration options
password_regex = uuid.uuid4().hex password_regex = uuid.uuid4().hex
password_regex_description = uuid.uuid4().hex password_regex_description = uuid.uuid4().hex
self.config_fixture.config( self.config_fixture.config(
group='security_compliance', group='security_compliance',
password_regex=password_regex password_regex=password_regex
) )
self.config_fixture.config( self.config_fixture.config(
skipping to change at line 196 skipping to change at line 201
c.get('/v3/domains/%s/config/security_compliance' c.get('/v3/domains/%s/config/security_compliance'
% CONF.identity.default_domain_id, headers=self.headers) % CONF.identity.default_domain_id, headers=self.headers)
def test_user_can_get_security_compliance_domain_config_option(self): def test_user_can_get_security_compliance_domain_config_option(self):
password_regex_description = uuid.uuid4().hex password_regex_description = uuid.uuid4().hex
self.config_fixture.config( self.config_fixture.config(
group='security_compliance', group='security_compliance',
password_regex_description=password_regex_description password_regex_description=password_regex_description
) )
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config/security_compliance/password_regex_desc c.get('/v3/domains/%s/config/security_compliance'
ription' '/password_regex_description'
% CONF.identity.default_domain_id, headers=self.headers) % CONF.identity.default_domain_id, headers=self.headers)
def test_user_can_get_security_compliance_config_with_user_from_other_domain (self): def test_can_get_security_compliance_config_with_user_from_other_domain(self ): # noqa: E501
domain = unit.new_domain_ref() domain = unit.new_domain_ref()
PROVIDERS.resource_api.create_domain(domain['id'], domain) PROVIDERS.resource_api.create_domain(domain['id'], domain)
password_regex = uuid.uuid4().hex password_regex = uuid.uuid4().hex
password_regex_description = uuid.uuid4().hex password_regex_description = uuid.uuid4().hex
group = 'security_compliance' group = 'security_compliance'
self.config_fixture.config( self.config_fixture.config(
group=group, group=group,
password_regex=password_regex password_regex=password_regex
) )
skipping to change at line 238 skipping to change at line 244
c.get('/v3/domains/config/ldap/url/default', headers=self.headers) c.get('/v3/domains/config/ldap/url/default', headers=self.headers)
class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object): class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
def test_user_cannot_create_domain_config(self): def test_user_cannot_create_domain_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
with self.test_client() as c: with self.test_client() as c:
c.put('/v3/domains/%s/config' c.put('/v3/domains/%s/config'
% domain['id'], json={'config': unit.new_domain_config_ref()}, % domain['id'],
headers=self.headers, expected_status_code=http_client.FORBIDD json={'config': unit.new_domain_config_ref()},
EN) headers=self.headers,
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_update_domain_config(self): def test_user_cannot_update_domain_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
new_config = {'ldap': {'url': uuid.uuid4().hex}, new_config = {'ldap': {'url': uuid.uuid4().hex},
'identity': {'driver': uuid.uuid4().hex}} 'identity': {'driver': uuid.uuid4().hex}}
with self.test_client() as c: with self.test_client() as c:
c.patch('/v3/domains/%s/config' c.patch('/v3/domains/%s/config'
% domain['id'], json={'config': new_config}, % domain['id'], json={'config': new_config},
headers=self.headers, expected_status_code=http_client.FORBI headers=self.headers,
DDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_update_domain_group_config(self): def test_user_cannot_update_domain_group_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
new_config = {'ldap': {'url': uuid.uuid4().hex, new_config = {'ldap': {'url': uuid.uuid4().hex,
'user_filter': uuid.uuid4().hex}} 'user_filter': uuid.uuid4().hex}}
with self.test_client() as c: with self.test_client() as c:
c.patch('/v3/domains/%s/config/ldap' c.patch('/v3/domains/%s/config/ldap'
% domain['id'], json={'config': new_config}, % domain['id'], json={'config': new_config},
headers=self.headers, expected_status_code=http_client.FORBI headers=self.headers,
DDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_update_domain_config_option(self): def test_user_cannot_update_domain_config_option(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
new_config = {'url': uuid.uuid4().hex} new_config = {'url': uuid.uuid4().hex}
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
with self.test_client() as c: with self.test_client() as c:
c.patch('/v3/domains/%s/config/ldap/url' c.patch('/v3/domains/%s/config/ldap/url'
% domain['id'], json={'config': new_config}, % domain['id'],
headers=self.headers, expected_status_code=http_client.FORBI json={'config': new_config},
DDEN) headers=self.headers,
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_delete_domain_config(self): def test_user_cannot_delete_domain_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
with self.test_client() as c: with self.test_client() as c:
c.delete('/v3/domains/%s/config' % domain['id'], c.delete('/v3/domains/%s/config' % domain['id'],
headers=self.headers, expected_status_code=http_client.FORB headers=self.headers,
IDDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_delete_domain_group_config(self): def test_user_cannot_delete_domain_group_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
with self.test_client() as c: with self.test_client() as c:
c.delete('/v3/domains/%s/config/ldap' c.delete('/v3/domains/%s/config/ldap'
% domain['id'], headers=self.headers, % domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_delete_domain_config_option(self): def test_user_cannot_delete_domain_config_option(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
with self.test_client() as c: with self.test_client() as c:
c.delete('/v3/domains/%s/config/ldap/url' c.delete('/v3/domains/%s/config/ldap/url'
% domain['id'], headers=self.headers, % domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN) expected_status_code=http.client.FORBIDDEN)
class _DomainAndProjectUserDomainConfigTests(object): class _DomainAndProjectUserDomainConfigTests(object):
def test_user_cannot_get_domain_config(self): def test_user_cannot_get_domain_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config' c.get('/v3/domains/%s/config'
% domain['id'], headers=self.headers, % domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_domain_group_config(self): def test_user_cannot_get_domain_group_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap' c.get('/v3/domains/%s/config/ldap'
% domain['id'], headers=self.headers, % domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_non_existant_config(self): def test_user_cannot_get_non_existant_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config' % domain['id'], headers=self.headers, c.get('/v3/domains/%s/config' % domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_domain_config_option(self): def test_user_cannot_get_domain_config_option(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config(domain['id'], unit.new_domain_ PROVIDERS.domain_config_api.create_config(
config_ref()) domain['id'], unit.new_domain_config_ref())
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap/url' c.get('/v3/domains/%s/config/ldap/url'
% domain['id'], headers=self.headers, % domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_domain_config_default(self): def test_user_cannot_get_domain_config_default(self):
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/config/default', headers=self.headers, c.get('/v3/domains/config/default', headers=self.headers,
expected_status_code=http_client.FORBIDDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_domain_group_config_default(self): def test_user_cannot_get_domain_group_config_default(self):
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/config/ldap/default', headers=self.headers, c.get('/v3/domains/config/ldap/default', headers=self.headers,
expected_status_code=http_client.FORBIDDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_domain_config_option_default(self): def test_user_cannot_get_domain_config_option_default(self):
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/domains/config/ldap/url/default', headers=self.headers, c.get('/v3/domains/config/ldap/url/default', headers=self.headers,
expected_status_code=http_client.FORBIDDEN) expected_status_code=http.client.FORBIDDEN)
class SystemReaderTests(base_classes.TestCaseWithBootstrap, class SystemReaderTests(
common_auth.AuthTestMixin, base_classes.TestCaseWithBootstrap,
_SystemUserDomainConfigTests, common_auth.AuthTestMixin,
_SystemReaderMemberDomainAndProjectUserDomainConfigTests _SystemUserDomainConfigTests,
, _SystemReaderMemberDomainAndProjectUserDomainConfigTests,
_SystemDomainAndProjectUserDomainConfigTests): _SystemDomainAndProjectUserDomainConfigTests):
def setUp(self): def setUp(self):
super(SystemReaderTests, self).setUp() super(SystemReaderTests, self).setUp()
self.loadapp() self.loadapp()
self.useFixture(ksfixtures.Policy(self.config_fixture)) self.useFixture(ksfixtures.Policy(self.config_fixture))
self.config_fixture.config(group='oslo_policy', enforce_scope=True) self.config_fixture.config(group='oslo_policy', enforce_scope=True)
system_reader = unit.new_user_ref( system_reader = unit.new_user_ref(
domain_id=CONF.identity.default_domain_id domain_id=CONF.identity.default_domain_id
) )
skipping to change at line 394 skipping to change at line 417
system=True system=True
) )
# Grab a token using the persona we're testing and prepare headers # Grab a token using the persona we're testing and prepare headers
# for requests we'll be making in the tests. # for requests we'll be making in the tests.
with self.test_client() as c: with self.test_client() as c:
r = c.post('/v3/auth/tokens', json=auth) r = c.post('/v3/auth/tokens', json=auth)
self.token_id = r.headers['X-Subject-Token'] self.token_id = r.headers['X-Subject-Token']
self.headers = {'X-Auth-Token': self.token_id} self.headers = {'X-Auth-Token': self.token_id}
class SystemMemberTests(base_classes.TestCaseWithBootstrap, class SystemMemberTests(
common_auth.AuthTestMixin, base_classes.TestCaseWithBootstrap,
_SystemUserDomainConfigTests, common_auth.AuthTestMixin,
_SystemReaderMemberDomainAndProjectUserDomainConfigTests _SystemUserDomainConfigTests,
, _SystemReaderMemberDomainAndProjectUserDomainConfigTests,
_SystemDomainAndProjectUserDomainConfigTests): _SystemDomainAndProjectUserDomainConfigTests):
def setUp(self): def setUp(self):
super(SystemMemberTests, self).setUp() super(SystemMemberTests, self).setUp()
self.loadapp() self.loadapp()
self.useFixture(ksfixtures.Policy(self.config_fixture)) self.useFixture(ksfixtures.Policy(self.config_fixture))
self.config_fixture.config(group='oslo_policy', enforce_scope=True) self.config_fixture.config(group='oslo_policy', enforce_scope=True)
system_member = unit.new_user_ref( system_member = unit.new_user_ref(
domain_id=CONF.identity.default_domain_id domain_id=CONF.identity.default_domain_id
) )
skipping to change at line 461 skipping to change at line 485
r = c.post('/v3/auth/tokens', json=auth) r = c.post('/v3/auth/tokens', json=auth)
self.token_id = r.headers['X-Subject-Token'] self.token_id = r.headers['X-Subject-Token']
self.headers = {'X-Auth-Token': self.token_id} self.headers = {'X-Auth-Token': self.token_id}
def test_user_can_create_domain_config(self): def test_user_can_create_domain_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
with self.test_client() as c: with self.test_client() as c:
c.put('/v3/domains/%s/config' c.put('/v3/domains/%s/config'
% domain['id'], json={'config': unit.new_domain_config_ref()}, % domain['id'],
headers=self.headers, expected_status_code=http_client.CREATED json={'config': unit.new_domain_config_ref()},
) headers=self.headers,
expected_status_code=http.client.CREATED)
def test_user_cannot_create_invalid_domain_config(self): def test_user_cannot_create_invalid_domain_config(self):
invalid_domain_id = uuid.uuid4().hex invalid_domain_id = uuid.uuid4().hex
with self.test_client() as c: with self.test_client() as c:
c.put('/v3/domains/%s/config' c.put('/v3/domains/%s/config'
% invalid_domain_id, json={'config': unit.new_domain_config_re % invalid_domain_id,
f()}, json={'config': unit.new_domain_config_ref()},
headers=self.headers, expected_status_code=http_client.NOT_FOU headers=self.headers,
ND) expected_status_code=http.client.NOT_FOUND)
def test_user_can_update_domain_config(self): def test_user_can_update_domain_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
new_config = {'ldap': {'url': uuid.uuid4().hex}, new_config = {'ldap': {'url': uuid.uuid4().hex},
'identity': {'driver': uuid.uuid4().hex}} 'identity': {'driver': uuid.uuid4().hex}}
PROVIDERS.domain_config_api.create_config( PROVIDERS.domain_config_api.create_config(
domain['id'], unit.new_domain_config_ref()) domain['id'], unit.new_domain_config_ref())
with self.test_client() as c: with self.test_client() as c:
skipping to change at line 549 skipping to change at line 577
def test_user_cannot_delete_invalid_domain_config(self): def test_user_cannot_delete_invalid_domain_config(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
PROVIDERS.domain_config_api.create_config( PROVIDERS.domain_config_api.create_config(
domain['id'], unit.new_domain_config_ref()) domain['id'], unit.new_domain_config_ref())
invalid_domain_id = uuid.uuid4().hex invalid_domain_id = uuid.uuid4().hex
with self.test_client() as c: with self.test_client() as c:
c.delete('/v3/domains/%s/config' % invalid_domain_id, c.delete('/v3/domains/%s/config' % invalid_domain_id,
headers=self.headers, headers=self.headers,
expected_status_code=http_client.NOT_FOUND) expected_status_code=http.client.NOT_FOUND)
class DomainUserTests(base_classes.TestCaseWithBootstrap, class DomainUserTests(
common_auth.AuthTestMixin, base_classes.TestCaseWithBootstrap,
_SystemDomainAndProjectUserDomainConfigTests, common_auth.AuthTestMixin,
_DomainAndProjectUserDomainConfigTests, _SystemDomainAndProjectUserDomainConfigTests,
_SystemReaderMemberDomainAndProjectUserDomainConfigTests): _DomainAndProjectUserDomainConfigTests,
_SystemReaderMemberDomainAndProjectUserDomainConfigTests):
def setUp(self): def setUp(self):
super(DomainUserTests, self).setUp() super(DomainUserTests, self).setUp()
self.loadapp() self.loadapp()
self.useFixture(ksfixtures.Policy(self.config_fixture)) self.useFixture(ksfixtures.Policy(self.config_fixture))
self.config_fixture.config(group='oslo_policy', enforce_scope=True) self.config_fixture.config(group='oslo_policy', enforce_scope=True)
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
skipping to change at line 587 skipping to change at line 616
domain_id=self.domain_id domain_id=self.domain_id
) )
# Grab a token using the persona we're testing and prepare headers # Grab a token using the persona we're testing and prepare headers
# for requests we'll be making in the tests. # for requests we'll be making in the tests.
with self.test_client() as c: with self.test_client() as c:
r = c.post('/v3/auth/tokens', json=auth) r = c.post('/v3/auth/tokens', json=auth)
self.token_id = r.headers['X-Subject-Token'] self.token_id = r.headers['X-Subject-Token']
self.headers = {'X-Auth-Token': self.token_id} self.headers = {'X-Auth-Token': self.token_id}
class ProjectUserTests(base_classes.TestCaseWithBootstrap, class ProjectUserTests(
common_auth.AuthTestMixin, base_classes.TestCaseWithBootstrap,
_SystemDomainAndProjectUserDomainConfigTests, common_auth.AuthTestMixin,
_DomainAndProjectUserDomainConfigTests, _SystemDomainAndProjectUserDomainConfigTests,
_SystemReaderMemberDomainAndProjectUserDomainConfigTests) _DomainAndProjectUserDomainConfigTests,
: _SystemReaderMemberDomainAndProjectUserDomainConfigTests):
def setUp(self): def setUp(self):
super(ProjectUserTests, self).setUp() super(ProjectUserTests, self).setUp()
self.loadapp() self.loadapp()
self.useFixture(ksfixtures.Policy(self.config_fixture)) self.useFixture(ksfixtures.Policy(self.config_fixture))
self.config_fixture.config(group='oslo_policy', enforce_scope=True) self.config_fixture.config(group='oslo_policy', enforce_scope=True)
self.user_id = self.bootstrapper.admin_user_id self.user_id = self.bootstrapper.admin_user_id
auth = self.build_authentication_request( auth = self.build_authentication_request(
user_id=self.user_id, user_id=self.user_id,
 End of changes. 44 change blocks. 
90 lines changed or deleted 94 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)