"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "keystone/tests/protection/v3/test_domains.py" between
keystone-16.0.1.tar.gz and keystone-17.0.0.tar.gz

About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Ussuri" series (latest release).

test_domains.py  (keystone-16.0.1):test_domains.py  (keystone-17.0.0)
skipping to change at line 15 skipping to change at line 15
# http://www.apache.org/licenses/LICENSE-2.0 # http://www.apache.org/licenses/LICENSE-2.0
# #
# Unless required by applicable law or agreed to in writing, software # Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
import uuid import uuid
import http.client
from oslo_serialization import jsonutils from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common.policies import domain as dp from keystone.common.policies import domain as dp
from keystone.common import provider_api from keystone.common import provider_api
import keystone.conf import keystone.conf
from keystone.tests.common import auth as common_auth from keystone.tests.common import auth as common_auth
from keystone.tests import unit from keystone.tests import unit
from keystone.tests.unit import base_classes from keystone.tests.unit import base_classes
from keystone.tests.unit import ksfixtures from keystone.tests.unit import ksfixtures
from keystone.tests.unit.ksfixtures import temporaryfile from keystone.tests.unit.ksfixtures import temporaryfile
skipping to change at line 101 skipping to change at line 101
self.assertEqual(domain['id'], r.json['domain']['id']) self.assertEqual(domain['id'], r.json['domain']['id'])
class _SystemMemberAndReaderDomainTests(object): class _SystemMemberAndReaderDomainTests(object):
def test_user_cannot_create_a_domain(self): def test_user_cannot_create_a_domain(self):
create = {'domain': {'name': uuid.uuid4().hex}} create = {'domain': {'name': uuid.uuid4().hex}}
with self.test_client() as c: with self.test_client() as c:
c.post( c.post(
'/v3/domains', json=create, headers=self.headers, '/v3/domains', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_update_a_domain(self): def test_user_cannot_update_a_domain(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
update = {'domain': {'description': uuid.uuid4().hex}} update = {'domain': {'description': uuid.uuid4().hex}}
with self.test_client() as c: with self.test_client() as c:
c.patch( c.patch(
'/v3/domains/%s' % domain['id'], json=update, '/v3/domains/%s' % domain['id'], json=update,
headers=self.headers, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_delete_a_domain(self): def test_user_cannot_delete_a_domain(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
with self.test_client() as c: with self.test_client() as c:
c.delete( c.delete(
'/v3/domains/%s' % domain['id'], headers=self.headers, '/v3/domains/%s' % domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
class _DomainAndProjectUserDomainTests(object): class _DomainAndProjectUserDomainTests(object):
def test_user_can_get_a_domain(self): def test_user_can_get_a_domain(self):
with self.test_client() as c: with self.test_client() as c:
r = c.get('/v3/domains/%s' % self.domain_id, headers=self.headers) r = c.get('/v3/domains/%s' % self.domain_id, headers=self.headers)
self.assertEqual(self.domain_id, r.json['domain']['id']) self.assertEqual(self.domain_id, r.json['domain']['id'])
def test_user_cannot_get_a_domain_they_are_not_authorized_to_access(self): def test_user_cannot_get_a_domain_they_are_not_authorized_to_access(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
with self.test_client() as c: with self.test_client() as c:
c.get( c.get(
'/v3/domains/%s' % domain['id'], headers=self.headers, '/v3/domains/%s' % domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_list_domains(self): def test_user_cannot_list_domains(self):
with self.test_client() as c: with self.test_client() as c:
c.get( c.get(
'/v3/domains', headers=self.headers, '/v3/domains', headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_filter_domains_by_name(self): def test_user_cannot_filter_domains_by_name(self):
domain_name = uuid.uuid4().hex domain_name = uuid.uuid4().hex
domain = unit.new_domain_ref(name=domain_name) domain = unit.new_domain_ref(name=domain_name)
domain = PROVIDERS.resource_api.create_domain(domain['id'], domain) domain = PROVIDERS.resource_api.create_domain(domain['id'], domain)
PROVIDERS.resource_api.create_domain( PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
with self.test_client() as c: with self.test_client() as c:
c.get( c.get(
'/v3/domains?name=%s' % domain_name, '/v3/domains?name=%s' % domain_name,
headers=self.headers, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_filter_domains_by_enabled(self): def test_user_cannot_filter_domains_by_enabled(self):
with self.test_client() as c: with self.test_client() as c:
c.get( c.get(
'/v3/domains?enabled=true', headers=self.headers, '/v3/domains?enabled=true', headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
c.get( c.get(
'/v3/domains?enabled=false', headers=self.headers, '/v3/domains?enabled=false', headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_update_a_domain(self): def test_user_cannot_update_a_domain(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
update = {'domain': {'description': uuid.uuid4().hex}} update = {'domain': {'description': uuid.uuid4().hex}}
with self.test_client() as c: with self.test_client() as c:
c.patch( c.patch(
'/v3/domains/%s' % domain['id'], json=update, '/v3/domains/%s' % domain['id'], json=update,
headers=self.headers, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_create_a_domain(self): def test_user_cannot_create_a_domain(self):
create = {'domain': {'name': uuid.uuid4().hex}} create = {'domain': {'name': uuid.uuid4().hex}}
with self.test_client() as c: with self.test_client() as c:
c.post( c.post(
'/v3/domains', json=create, headers=self.headers, '/v3/domains', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_delete_a_domain(self): def test_user_cannot_delete_a_domain(self):
domain = PROVIDERS.resource_api.create_domain( domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref() uuid.uuid4().hex, unit.new_domain_ref()
) )
with self.test_client() as c: with self.test_client() as c:
update = {'domain': {'enabled': False}} update = {'domain': {'enabled': False}}
path = '/v3/domains/%s' % domain['id'] path = '/v3/domains/%s' % domain['id']
c.patch( c.patch(
path, json=update, headers=self.headers, path, json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
c.delete( c.delete(
path, headers=self.headers, path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_get_non_existant_domain_forbidden(self): def test_user_cannot_get_non_existant_domain_forbidden(self):
with self.test_client() as c: with self.test_client() as c:
c.get( c.get(
'/v3/domains/%s' % uuid.uuid4().hex, '/v3/domains/%s' % uuid.uuid4().hex,
headers=self.headers, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
class SystemReaderTests(base_classes.TestCaseWithBootstrap, class SystemReaderTests(base_classes.TestCaseWithBootstrap,
common_auth.AuthTestMixin, common_auth.AuthTestMixin,
_SystemUserDomainTests, _SystemUserDomainTests,
_SystemMemberAndReaderDomainTests): _SystemMemberAndReaderDomainTests):
def setUp(self): def setUp(self):
super(SystemReaderTests, self).setUp() super(SystemReaderTests, self).setUp()
self.loadapp() self.loadapp()
 End of changes. 15 change blocks. 
14 lines changed or deleted 14 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)