"Fossies" - the Fresh Open Source Software Archive

Member "keystone-17.0.0/keystone/tests/protection/v3/test_consumer.py" (13 May 2020, 7152 Bytes) of package /linux/misc/openstack/keystone-17.0.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Python source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "test_consumer.py": 16.0.1_vs_17.0.0.

    1 #    Licensed under the Apache License, Version 2.0 (the "License"); you may
    2 #    not use this file except in compliance with the License. You may obtain
    3 #    a copy of the License at
    4 #
    5 #         http://www.apache.org/licenses/LICENSE-2.0
    6 #
    7 #    Unless required by applicable law or agreed to in writing, software
    8 #    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
    9 #    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
   10 #    License for the specific language governing permissions and limitations
   11 #    under the License.
   12 
   13 import uuid
   14 
   15 import http.client
   16 
   17 from keystone.common import provider_api
   18 import keystone.conf
   19 from keystone.tests.common import auth as common_auth
   20 from keystone.tests import unit
   21 from keystone.tests.unit import base_classes
   22 from keystone.tests.unit import ksfixtures
   23 
   24 CONF = keystone.conf.CONF
   25 PROVIDERS = provider_api.ProviderAPIs
   26 
   27 
   28 class _SystemUserOauth1ConsumerTests(object):
   29     """Common default functionality for all system users."""
   30 
   31     def test_user_can_get_consumer(self):
   32         ref = PROVIDERS.oauth_api.create_consumer(
   33             {'id': uuid.uuid4().hex})
   34         with self.test_client() as c:
   35             c.get('/v3/OS-OAUTH1/consumers/%s' % ref['id'],
   36                   headers=self.headers)
   37 
   38     def test_user_can_list_consumers(self):
   39         PROVIDERS.oauth_api.create_consumer(
   40             {'id': uuid.uuid4().hex})
   41         with self.test_client() as c:
   42             c.get('/v3/OS-OAUTH1/consumers',
   43                   headers=self.headers)
   44 
   45 
   46 class _SystemReaderAndMemberOauth1ConsumerTests(object):
   47 
   48     def test_user_cannot_create_consumer(self):
   49         with self.test_client() as c:
   50             c.post('/v3/OS-OAUTH1/consumers',
   51                    json={'consumer': {}},
   52                    expected_status_code=http.client.FORBIDDEN,
   53                    headers=self.headers)
   54 
   55     def test_user_cannot_update_consumer(self):
   56         ref = PROVIDERS.oauth_api.create_consumer(
   57             {'id': uuid.uuid4().hex})
   58         with self.test_client() as c:
   59             c.patch('/v3/OS-OAUTH1/consumers/%s' % ref['id'],
   60                     json={'consumer': {'description': uuid.uuid4().hex}},
   61                     expected_status_code=http.client.FORBIDDEN,
   62                     headers=self.headers)
   63 
   64     def test_user_cannot_delete_consumer(self):
   65         ref = PROVIDERS.oauth_api.create_consumer(
   66             {'id': uuid.uuid4().hex})
   67         with self.test_client() as c:
   68             c.delete('/v3/OS-OAUTH1/consumers/%s' % ref['id'],
   69                      expected_status_code=http.client.FORBIDDEN,
   70                      headers=self.headers)
   71 
   72 
   73 class SystemReaderTests(base_classes.TestCaseWithBootstrap,
   74                         common_auth.AuthTestMixin,
   75                         _SystemUserOauth1ConsumerTests,
   76                         _SystemReaderAndMemberOauth1ConsumerTests):
   77 
   78     def setUp(self):
   79         super(SystemReaderTests, self).setUp()
   80         self.loadapp()
   81         self.useFixture(ksfixtures.Policy(self.config_fixture))
   82         self.config_fixture.config(group='oslo_policy', enforce_scope=True)
   83 
   84         system_reader = unit.new_user_ref(
   85             domain_id=CONF.identity.default_domain_id
   86         )
   87         self.user_id = PROVIDERS.identity_api.create_user(
   88             system_reader
   89         )['id']
   90         PROVIDERS.assignment_api.create_system_grant_for_user(
   91             self.user_id, self.bootstrapper.reader_role_id
   92         )
   93 
   94         auth = self.build_authentication_request(
   95             user_id=self.user_id, password=system_reader['password'],
   96             system=True
   97         )
   98 
   99         # Grab a token using the persona we're testing and prepare headers
  100         # for requests we'll be making in the tests.
  101         with self.test_client() as c:
  102             r = c.post('/v3/auth/tokens', json=auth)
  103             self.token_id = r.headers['X-Subject-Token']
  104             self.headers = {'X-Auth-Token': self.token_id}
  105 
  106 
  107 class SystemMemberTests(base_classes.TestCaseWithBootstrap,
  108                         common_auth.AuthTestMixin,
  109                         _SystemUserOauth1ConsumerTests,
  110                         _SystemReaderAndMemberOauth1ConsumerTests):
  111 
  112     def setUp(self):
  113         super(SystemMemberTests, self).setUp()
  114         self.loadapp()
  115         self.useFixture(ksfixtures.Policy(self.config_fixture))
  116         self.config_fixture.config(group='oslo_policy', enforce_scope=True)
  117 
  118         system_member = unit.new_user_ref(
  119             domain_id=CONF.identity.default_domain_id
  120         )
  121         self.user_id = PROVIDERS.identity_api.create_user(
  122             system_member
  123         )['id']
  124         PROVIDERS.assignment_api.create_system_grant_for_user(
  125             self.user_id, self.bootstrapper.member_role_id
  126         )
  127 
  128         auth = self.build_authentication_request(
  129             user_id=self.user_id, password=system_member['password'],
  130             system=True
  131         )
  132 
  133         # Grab a token using the persona we're testing and prepare headers
  134         # for requests we'll be making in the tests.
  135         with self.test_client() as c:
  136             r = c.post('/v3/auth/tokens', json=auth)
  137             self.token_id = r.headers['X-Subject-Token']
  138             self.headers = {'X-Auth-Token': self.token_id}
  139 
  140 
  141 class SystemAdminTests(base_classes.TestCaseWithBootstrap,
  142                        common_auth.AuthTestMixin,
  143                        _SystemUserOauth1ConsumerTests):
  144 
  145     def setUp(self):
  146         super(SystemAdminTests, self).setUp()
  147         self.loadapp()
  148         self.useFixture(ksfixtures.Policy(self.config_fixture))
  149         self.config_fixture.config(group='oslo_policy', enforce_scope=True)
  150 
  151         # Reuse the system administrator account created during
  152         # ``keystone-manage bootstrap``
  153         self.user_id = self.bootstrapper.admin_user_id
  154         auth = self.build_authentication_request(
  155             user_id=self.user_id,
  156             password=self.bootstrapper.admin_password,
  157             system=True
  158         )
  159 
  160         # Grab a token using the persona we're testing and prepare headers
  161         # for requests we'll be making in the tests.
  162         with self.test_client() as c:
  163             r = c.post('/v3/auth/tokens', json=auth)
  164             self.token_id = r.headers['X-Subject-Token']
  165             self.headers = {'X-Auth-Token': self.token_id}
  166 
  167     def test_user_can_create_consumer(self):
  168         with self.test_client() as c:
  169             c.post('/v3/OS-OAUTH1/consumers',
  170                    json={'consumer': {}},
  171                    headers=self.headers)
  172 
  173     def test_user_can_update_consumer(self):
  174         ref = PROVIDERS.oauth_api.create_consumer(
  175             {'id': uuid.uuid4().hex})
  176         with self.test_client() as c:
  177             c.patch('/v3/OS-OAUTH1/consumers/%s' % ref['id'],
  178                     json={'consumer': {'description': uuid.uuid4().hex}},
  179                     headers=self.headers)
  180 
  181     def test_user_can_delete_consumer(self):
  182         ref = PROVIDERS.oauth_api.create_consumer(
  183             {'id': uuid.uuid4().hex})
  184         with self.test_client() as c:
  185             c.delete('/v3/OS-OAUTH1/consumers/%s' % ref['id'],
  186                      headers=self.headers)