"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "keystone/tests/protection/v3/test_policy.py" between
keystone-16.0.1.tar.gz and keystone-17.0.0.tar.gz

About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Ussuri" series (latest release).

test_policy.py  (keystone-16.0.1):test_policy.py  (keystone-17.0.0)
skipping to change at line 16 skipping to change at line 16
# #
# Unless required by applicable law or agreed to in writing, software # Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
import json import json
import uuid import uuid
from six.moves import http_client import http.client
from keystone.common import provider_api from keystone.common import provider_api
import keystone.conf import keystone.conf
from keystone.tests.common import auth as common_auth from keystone.tests.common import auth as common_auth
from keystone.tests import unit from keystone.tests import unit
from keystone.tests.unit import base_classes from keystone.tests.unit import base_classes
from keystone.tests.unit import ksfixtures from keystone.tests.unit import ksfixtures
CONF = keystone.conf.CONF CONF = keystone.conf.CONF
PROVIDERS = provider_api.ProviderAPIs PROVIDERS = provider_api.ProviderAPIs
skipping to change at line 67 skipping to change at line 67
'name': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'description': uuid.uuid4().hex, 'description': uuid.uuid4().hex,
'enabled': True, 'enabled': True,
# Store serialized JSON data as the blob to mimic real world usage. # Store serialized JSON data as the blob to mimic real world usage.
'blob': json.dumps({'data': uuid.uuid4().hex, }), 'blob': json.dumps({'data': uuid.uuid4().hex, }),
'type': uuid.uuid4().hex, 'type': uuid.uuid4().hex,
} }
with self.test_client() as c: with self.test_client() as c:
c.post( c.post(
'/v3/policies', json=create, headers=self.headers, '/v3/policies', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_update_policy(self): def test_user_cannot_update_policy(self):
policy = unit.new_policy_ref() policy = unit.new_policy_ref()
policy = PROVIDERS.policy_api.create_policy(policy['id'], policy) policy = PROVIDERS.policy_api.create_policy(policy['id'], policy)
update = {'policy': {'name': uuid.uuid4().hex}} update = {'policy': {'name': uuid.uuid4().hex}}
with self.test_client() as c: with self.test_client() as c:
c.patch( c.patch(
'/v3/policies/%s' % policy['id'], json=update, '/v3/policies/%s' % policy['id'], json=update,
headers=self.headers, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_delete_policy(self): def test_user_cannot_delete_policy(self):
policy = unit.new_policy_ref() policy = unit.new_policy_ref()
policy = PROVIDERS.policy_api.create_policy(policy['id'], policy) policy = PROVIDERS.policy_api.create_policy(policy['id'], policy)
with self.test_client() as c: with self.test_client() as c:
c.delete( c.delete(
'/v3/policies/%s' % policy['id'], headers=self.headers, '/v3/policies/%s' % policy['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
class _DomainAndProjectUserPolicyTests(object): class _DomainAndProjectUserPolicyTests(object):
def test_user_cannot_list_policies(self): def test_user_cannot_list_policies(self):
policy = unit.new_policy_ref() policy = unit.new_policy_ref()
policy = PROVIDERS.policy_api.create_policy(policy['id'], policy) policy = PROVIDERS.policy_api.create_policy(policy['id'], policy)
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/policies', headers=self.headers, c.get('/v3/policies', headers=self.headers,
expected_status_code=http_client.FORBIDDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_policy(self): def test_user_cannot_get_policy(self):
policy = unit.new_policy_ref() policy = unit.new_policy_ref()
policy = PROVIDERS.policy_api.create_policy(policy['id'], policy) policy = PROVIDERS.policy_api.create_policy(policy['id'], policy)
with self.test_client() as c: with self.test_client() as c:
c.get('/v3/policies/%s' % policy['id'], headers=self.headers, c.get('/v3/policies/%s' % policy['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN) expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_create_policy(self): def test_user_cannot_create_policy(self):
create = { create = {
'id': uuid.uuid4().hex, 'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'description': uuid.uuid4().hex, 'description': uuid.uuid4().hex,
'enabled': True, 'enabled': True,
# Store serialized JSON data as the blob to mimic real world usage. # Store serialized JSON data as the blob to mimic real world usage.
'blob': json.dumps({'data': uuid.uuid4().hex, }), 'blob': json.dumps({'data': uuid.uuid4().hex, }),
'type': uuid.uuid4().hex, 'type': uuid.uuid4().hex,
} }
with self.test_client() as c: with self.test_client() as c:
c.post( c.post(
'/v3/policies', json=create, headers=self.headers, '/v3/policies', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_update_policy(self): def test_user_cannot_update_policy(self):
policy = unit.new_policy_ref() policy = unit.new_policy_ref()
policy = PROVIDERS.policy_api.create_policy(policy['id'], policy) policy = PROVIDERS.policy_api.create_policy(policy['id'], policy)
update = {'policy': {'name': uuid.uuid4().hex}} update = {'policy': {'name': uuid.uuid4().hex}}
with self.test_client() as c: with self.test_client() as c:
c.patch( c.patch(
'/v3/policies/%s' % policy['id'], json=update, '/v3/policies/%s' % policy['id'], json=update,
headers=self.headers, headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
def test_user_cannot_delete_policy(self): def test_user_cannot_delete_policy(self):
policy = unit.new_policy_ref() policy = unit.new_policy_ref()
policy = PROVIDERS.policy_api.create_policy(policy['id'], policy) policy = PROVIDERS.policy_api.create_policy(policy['id'], policy)
with self.test_client() as c: with self.test_client() as c:
c.delete( c.delete(
'/v3/policies/%s' % policy['id'], headers=self.headers, '/v3/policies/%s' % policy['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN expected_status_code=http.client.FORBIDDEN
) )
class SystemReaderTests(base_classes.TestCaseWithBootstrap, class SystemReaderTests(base_classes.TestCaseWithBootstrap,
common_auth.AuthTestMixin, common_auth.AuthTestMixin,
_SystemUserPoliciesTests, _SystemUserPoliciesTests,
_SystemReaderAndMemberPoliciesTests): _SystemReaderAndMemberPoliciesTests):
def setUp(self): def setUp(self):
super(SystemReaderTests, self).setUp() super(SystemReaderTests, self).setUp()
self.loadapp() self.loadapp()
skipping to change at line 249 skipping to change at line 249
self.token_id = r.headers['X-Subject-Token'] self.token_id = r.headers['X-Subject-Token']
self.headers = {'X-Auth-Token': self.token_id} self.headers = {'X-Auth-Token': self.token_id}
def test_user_can_create_policy(self): def test_user_can_create_policy(self):
create = { create = {
'policy': { 'policy': {
'id': uuid.uuid4().hex, 'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'description': uuid.uuid4().hex, 'description': uuid.uuid4().hex,
'enabled': True, 'enabled': True,
# Store serialized JSON data as the blob to mimic real world usa # Store serialized JSON data as the blob to mimic real world
ge. # usage.
'blob': json.dumps({'data': uuid.uuid4().hex, }), 'blob': json.dumps({'data': uuid.uuid4().hex, }),
'type': uuid.uuid4().hex 'type': uuid.uuid4().hex
} }
} }
with self.test_client() as c: with self.test_client() as c:
c.post( c.post(
'/v3/policies', json=create, headers=self.headers '/v3/policies', json=create, headers=self.headers
) )
def test_user_can_update_policy(self): def test_user_can_update_policy(self):
 End of changes. 10 change blocks. 
11 lines changed or deleted 11 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)