"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "keystone/tests/unit/test_shadow_users.py" between
keystone-16.0.1.tar.gz and keystone-17.0.0.tar.gz

About: OpenStack Keystone (Core Service: Identity) provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services.
The "Ussuri" series (latest release).

test_shadow_users.py  (keystone-16.0.1):test_shadow_users.py  (keystone-17.0.0)
skipping to change at line 16 skipping to change at line 16
# #
# Unless required by applicable law or agreed to in writing, software # Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
import uuid import uuid
from keystone.common import provider_api from keystone.common import provider_api
from keystone import exception
from keystone.tests import unit from keystone.tests import unit
from keystone.tests.unit import default_fixtures from keystone.tests.unit import default_fixtures
from keystone.tests.unit.identity.shadow_users import test_backend from keystone.tests.unit.identity.shadow_users import test_backend
from keystone.tests.unit.identity.shadow_users import test_core from keystone.tests.unit.identity.shadow_users import test_core
from keystone.tests.unit.ksfixtures import database from keystone.tests.unit.ksfixtures import database
PROVIDERS = provider_api.ProviderAPIs PROVIDERS = provider_api.ProviderAPIs
class ShadowUsersTests(unit.TestCase, class ShadowUsersTests(unit.TestCase,
test_backend.ShadowUsersBackendTests, test_backend.ShadowUsersBackendTests,
skipping to change at line 61 skipping to change at line 62
} }
self.email = uuid.uuid4().hex self.email = uuid.uuid4().hex
PROVIDERS.federation_api.create_idp(self.idp['id'], self.idp) PROVIDERS.federation_api.create_idp(self.idp['id'], self.idp)
PROVIDERS.federation_api.create_mapping( PROVIDERS.federation_api.create_mapping(
self.mapping['id'], self.mapping self.mapping['id'], self.mapping
) )
PROVIDERS.federation_api.create_protocol( PROVIDERS.federation_api.create_protocol(
self.idp['id'], self.protocol['id'], self.protocol) self.idp['id'], self.protocol['id'], self.protocol)
self.domain_id = ( self.domain_id = (
PROVIDERS.federation_api.get_idp(self.idp['id'])['domain_id']) PROVIDERS.federation_api.get_idp(self.idp['id'])['domain_id'])
class TestUserWithFederatedUser(ShadowUsersTests):
def setUp(self):
super(TestUserWithFederatedUser, self).setUp()
self.useFixture(database.Database())
self.load_backends()
def assertFederatedDictsEqual(self, fed_dict, fed_object):
self.assertEqual(fed_dict['idp_id'], fed_object['idp_id'])
self.assertEqual(fed_dict['protocol_id'],
fed_object['protocols'][0]['protocol_id'])
self.assertEqual(fed_dict['unique_id'],
fed_object['protocols'][0]['unique_id'])
def test_get_user_when_user_has_federated_object(self):
fed_dict = unit.new_federated_user_ref(idp_id=self.idp['id'],
protocol_id=self.protocol['id'])
user = self.shadow_users_api.create_federated_user(
self.domain_id, fed_dict)
# test that the user returns a federated object and that there is only
# one returned
user_ref = self.identity_api.get_user(user['id'])
self.assertIn('federated', user_ref)
self.assertEqual(1, len(user_ref['federated']))
self.assertFederatedDictsEqual(fed_dict, user_ref['federated'][0])
def test_create_user_with_invalid_idp_and_protocol_fails(self):
baduser = unit.new_user_ref(domain_id=self.domain_id)
baduser['federated'] = [
{
'idp_id': 'fakeidp',
'protocols': [
{
'protocol_id': 'nonexistent',
'unique_id': 'unknown'
}
]
}
]
# Check validation works by throwing a federated object with
# invalid idp_id, protocol_id inside the user passed to create_user.
self.assertRaises(exception.ValidationError,
self.identity_api.create_user,
baduser)
baduser['federated'][0]['idp_id'] = self.idp['id']
self.assertRaises(exception.ValidationError,
self.identity_api.create_user,
baduser)
def test_create_user_with_federated_attributes(self):
# Create the schema of a federated attribute being passed in with a
# user.
user = unit.new_user_ref(domain_id=self.domain_id)
unique_id = uuid.uuid4().hex
user['federated'] = [
{
'idp_id': self.idp['id'],
'protocols': [
{
'protocol_id': self.protocol['id'],
'unique_id': unique_id
}
]
}
]
# Test that there are no current federated_users that match our users
# federated object and create the user
self.assertRaises(exception.UserNotFound,
self.shadow_users_api.get_federated_user,
self.idp['id'],
self.protocol['id'],
unique_id)
ref = self.identity_api.create_user(user)
# Test that the user and federated object now exists
self.assertEqual(user['name'], ref['name'])
self.assertEqual(user['federated'], ref['federated'])
fed_user = self.shadow_users_api.get_federated_user(
self.idp['id'],
self.protocol['id'],
unique_id)
self.assertIsNotNone(fed_user)
def test_update_user_with_invalid_idp_and_protocol_fails(self):
baduser = unit.new_user_ref(domain_id=self.domain_id)
baduser['federated'] = [
{
'idp_id': 'fakeidp',
'protocols': [
{
'protocol_id': 'nonexistent',
'unique_id': 'unknown'
}
]
}
]
# Check validation works by throwing a federated object with
# invalid idp_id, protocol_id inside the user passed to create_user.
self.assertRaises(exception.ValidationError,
self.identity_api.create_user,
baduser)
baduser['federated'][0]['idp_id'] = self.idp['id']
self.assertRaises(exception.ValidationError,
self.identity_api.create_user,
baduser)
def test_update_user_with_federated_attributes(self):
user = self.shadow_users_api.create_federated_user(
self.domain_id, self.federated_user)
user = self.identity_api.get_user(user['id'])
# Test that update user can return a federated object with the user as
# a response if the user has any
user = self.identity_api.update_user(user['id'], user)
self.assertFederatedDictsEqual(self.federated_user,
user['federated'][0])
# Test that update user can replace a users federated objects if added
# in the request and that its response is that new federated objects
new_fed = [
{
'idp_id': self.idp['id'],
'protocols': [
{
'protocol_id': self.protocol['id'],
'unique_id': uuid.uuid4().hex
}
]
}
]
user['federated'] = new_fed
user = self.identity_api.update_user(user['id'], user)
self.assertTrue('federated' in user)
self.assertTrue(len(user['federated']), 1)
self.assertEqual(user['federated'][0], new_fed[0])
 End of changes. 2 change blocks. 
0 lines changed or deleted 1 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)