"Fossies" - the Fresh Open Source Software Archive

Member "keystone-17.0.0/keystone/tests/unit/trust/test_backends.py" (13 May 2020, 23383 Bytes) of package /linux/misc/openstack/keystone-17.0.0.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Python source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "test_backends.py": 16.0.1_vs_17.0.0.

    1 # Licensed under the Apache License, Version 2.0 (the "License"); you may
    2 # not use this file except in compliance with the License. You may obtain
    3 # a copy of the License at
    4 #
    5 #      http://www.apache.org/licenses/LICENSE-2.0
    6 #
    7 # Unless required by applicable law or agreed to in writing, software
    8 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
    9 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
   10 # License for the specific language governing permissions and limitations
   11 # under the License.
   12 
   13 import datetime
   14 import uuid
   15 
   16 from oslo_utils import timeutils
   17 
   18 from keystone.common import provider_api
   19 from keystone import exception
   20 from keystone.tests.unit import core
   21 
   22 PROVIDERS = provider_api.ProviderAPIs
   23 
   24 
   25 class TrustTests(object):
   26     def create_sample_trust(self, new_id, remaining_uses=None):
   27         self.trustor = self.user_foo
   28         self.trustee = self.user_two
   29         expires_at = datetime.datetime.utcnow().replace(year=2032)
   30         trust_data = (PROVIDERS.trust_api.create_trust
   31                       (new_id,
   32                        {'trustor_user_id': self.trustor['id'],
   33                         'trustee_user_id': self.user_two['id'],
   34                         'project_id': self.project_bar['id'],
   35                         'expires_at': expires_at,
   36                         'impersonation': True,
   37                         'remaining_uses': remaining_uses},
   38                        roles=[{"id": "member"},
   39                               {"id": "other"},
   40                               {"id": "browser"}]))
   41         return trust_data
   42 
   43     def test_delete_trust(self):
   44         new_id = uuid.uuid4().hex
   45         trust_data = self.create_sample_trust(new_id)
   46         trust_id = trust_data['id']
   47         self.assertIsNotNone(trust_data)
   48         trust_data = PROVIDERS.trust_api.get_trust(trust_id)
   49         self.assertEqual(new_id, trust_data['id'])
   50         PROVIDERS.trust_api.delete_trust(trust_id)
   51         self.assertRaises(exception.TrustNotFound,
   52                           PROVIDERS.trust_api.get_trust,
   53                           trust_id)
   54 
   55     def test_delete_trust_not_found(self):
   56         trust_id = uuid.uuid4().hex
   57         self.assertRaises(exception.TrustNotFound,
   58                           PROVIDERS.trust_api.delete_trust,
   59                           trust_id)
   60 
   61     def test_get_trust(self):
   62         new_id = uuid.uuid4().hex
   63         trust_data = self.create_sample_trust(new_id)
   64         trust_id = trust_data['id']
   65         self.assertIsNotNone(trust_data)
   66         trust_data = PROVIDERS.trust_api.get_trust(trust_id)
   67         self.assertEqual(new_id, trust_data['id'])
   68         PROVIDERS.trust_api.delete_trust(trust_data['id'])
   69 
   70     def test_get_deleted_trust(self):
   71         new_id = uuid.uuid4().hex
   72         trust_data = self.create_sample_trust(new_id)
   73         self.assertIsNotNone(trust_data)
   74         self.assertIsNone(trust_data['deleted_at'])
   75         PROVIDERS.trust_api.delete_trust(new_id)
   76         self.assertRaises(exception.TrustNotFound,
   77                           PROVIDERS.trust_api.get_trust,
   78                           new_id)
   79         deleted_trust = PROVIDERS.trust_api.get_trust(
   80             trust_data['id'], deleted=True
   81         )
   82         self.assertEqual(trust_data['id'], deleted_trust['id'])
   83         self.assertIsNotNone(deleted_trust.get('deleted_at'))
   84 
   85     def test_create_trust(self):
   86         new_id = uuid.uuid4().hex
   87         trust_data = self.create_sample_trust(new_id)
   88 
   89         self.assertEqual(new_id, trust_data['id'])
   90         self.assertEqual(self.trustee['id'], trust_data['trustee_user_id'])
   91         self.assertEqual(self.trustor['id'], trust_data['trustor_user_id'])
   92         self.assertGreater(timeutils.normalize_time(trust_data['expires_at']),
   93                            timeutils.utcnow())
   94 
   95         self.assertEqual([{'id': 'member'},
   96                           {'id': 'other'},
   97                           {'id': 'browser'}], trust_data['roles'])
   98 
   99     def test_list_trust_by_trustee(self):
  100         for i in range(3):
  101             self.create_sample_trust(uuid.uuid4().hex)
  102         trusts = PROVIDERS.trust_api.list_trusts_for_trustee(
  103             self.trustee['id']
  104         )
  105         self.assertEqual(3, len(trusts))
  106         self.assertEqual(trusts[0]["trustee_user_id"], self.trustee['id'])
  107         trusts = PROVIDERS.trust_api.list_trusts_for_trustee(
  108             self.trustor['id']
  109         )
  110         self.assertEqual(0, len(trusts))
  111 
  112     def test_list_trust_by_trustor(self):
  113         for i in range(3):
  114             self.create_sample_trust(uuid.uuid4().hex)
  115         trusts = PROVIDERS.trust_api.list_trusts_for_trustor(
  116             self.trustor['id']
  117         )
  118         self.assertEqual(3, len(trusts))
  119         self.assertEqual(trusts[0]["trustor_user_id"], self.trustor['id'])
  120         trusts = PROVIDERS.trust_api.list_trusts_for_trustor(
  121             self.trustee['id']
  122         )
  123         self.assertEqual(0, len(trusts))
  124 
  125     def test_list_trusts(self):
  126         for i in range(3):
  127             self.create_sample_trust(uuid.uuid4().hex)
  128         trusts = PROVIDERS.trust_api.list_trusts()
  129         self.assertEqual(3, len(trusts))
  130 
  131     def test_trust_has_remaining_uses_positive(self):
  132         # create a trust with limited uses, check that we have uses left
  133         trust_data = self.create_sample_trust(uuid.uuid4().hex,
  134                                               remaining_uses=5)
  135         self.assertEqual(5, trust_data['remaining_uses'])
  136         # create a trust with unlimited uses, check that we have uses left
  137         trust_data = self.create_sample_trust(uuid.uuid4().hex)
  138         self.assertIsNone(trust_data['remaining_uses'])
  139 
  140     def test_trust_has_remaining_uses_negative(self):
  141         # try to create a trust with no remaining uses, check that it fails
  142         self.assertRaises(exception.ValidationError,
  143                           self.create_sample_trust,
  144                           uuid.uuid4().hex,
  145                           remaining_uses=0)
  146         # try to create a trust with negative remaining uses,
  147         # check that it fails
  148         self.assertRaises(exception.ValidationError,
  149                           self.create_sample_trust,
  150                           uuid.uuid4().hex,
  151                           remaining_uses=-12)
  152 
  153     def test_consume_use(self):
  154         # consume a trust repeatedly until it has no uses anymore
  155         trust_data = self.create_sample_trust(uuid.uuid4().hex,
  156                                               remaining_uses=2)
  157         PROVIDERS.trust_api.consume_use(trust_data['id'])
  158         t = PROVIDERS.trust_api.get_trust(trust_data['id'])
  159         self.assertEqual(1, t['remaining_uses'])
  160         PROVIDERS.trust_api.consume_use(trust_data['id'])
  161         # This was the last use, the trust isn't available anymore
  162         self.assertRaises(exception.TrustNotFound,
  163                           PROVIDERS.trust_api.get_trust,
  164                           trust_data['id'])
  165 
  166     def test_duplicate_trusts_not_allowed(self):
  167         self.trustor = self.user_foo
  168         self.trustee = self.user_two
  169         trust_data = {'trustor_user_id': self.trustor['id'],
  170                       'trustee_user_id': self.user_two['id'],
  171                       'project_id': self.project_bar['id'],
  172                       'expires_at': timeutils.parse_isotime(
  173                           '2032-02-18T18:10:00Z'),
  174                       'impersonation': True,
  175                       'remaining_uses': None}
  176         roles = [{"id": "member"},
  177                  {"id": "other"},
  178                  {"id": "browser"}]
  179         PROVIDERS.trust_api.create_trust(uuid.uuid4().hex, trust_data, roles)
  180         self.assertRaises(exception.Conflict,
  181                           PROVIDERS.trust_api.create_trust,
  182                           uuid.uuid4().hex,
  183                           trust_data,
  184                           roles)
  185 
  186     def test_flush_expired_trusts(self):
  187         roles = [{"id": "member"},
  188                  {"id": "other"},
  189                  {"id": "browser"}]
  190         trust_ref1 = core.new_trust_ref(
  191             self.user_foo['id'], self.user_two['id'],
  192             project_id=self.project_bar['id'])
  193         trust_ref1['expires_at'] = \
  194             timeutils.utcnow() - datetime.timedelta(minutes=1)
  195         trust_ref2 = core.new_trust_ref(
  196             self.user_foo['id'], self.user_two['id'],
  197             project_id=self.project_bar['id'])
  198         trust_ref2['expires_at'] = \
  199             timeutils.utcnow() + datetime.timedelta(minutes=1)
  200 
  201         trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
  202                                                       trust_ref1, roles)
  203         self.assertIsNotNone(trust_data)
  204         trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],
  205                                                       trust_ref2, roles)
  206         self.assertIsNotNone(trust_data)
  207 
  208         PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
  209             date=datetime.datetime.utcnow())
  210         trusts = self.trust_api.list_trusts()
  211         self.assertEqual(len(trusts), 1)
  212         self.assertEqual(trust_ref2['id'], trusts[0]['id'])
  213 
  214     def test_flush_expired_trusts_with_all_id(self):
  215         roles = [{"id": "member"},
  216                  {"id": "other"},
  217                  {"id": "browser"}]
  218         trust_ref1 = core.new_trust_ref(
  219             self.user_foo['id'], self.user_foo['id'],
  220             project_id=self.project_bar['id'])
  221         trust_ref1['expires_at'] = \
  222             timeutils.utcnow() - datetime.timedelta(minutes=1)
  223         trust_ref2 = core.new_trust_ref(
  224             self.user_foo['id'], self.user_two['id'],
  225             project_id=self.project_bar['id'])
  226         trust_ref2['expires_at'] = \
  227             timeutils.utcnow() - datetime.timedelta(minutes=5)
  228 
  229         trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
  230                                                       trust_ref1, roles)
  231         self.assertIsNotNone(trust_data)
  232         trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],
  233                                                       trust_ref2, roles)
  234         self.assertIsNotNone(trust_data)
  235 
  236         PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
  237             project_id=self.project_bar['id'],
  238             trustor_user_id=self.user_foo['id'],
  239             trustee_user_id=self.user_two['id'],
  240             date=datetime.datetime.utcnow())
  241         trusts = self.trust_api.list_trusts()
  242         self.assertEqual(len(trusts), 1)
  243         self.assertEqual(trust_ref1['id'], trusts[0]['id'])
  244 
  245     def test_flush_expired_trusts_with_no_project_id(self):
  246         roles = [{"id": "member"},
  247                  {"id": "other"},
  248                  {"id": "browser"}]
  249         trust_ref1 = core.new_trust_ref(
  250             self.user_foo['id'], self.user_two['id'],
  251             project_id=self.project_bar['id'])
  252         trust_ref1['expires_at'] = \
  253             timeutils.utcnow() - datetime.timedelta(minutes=1)
  254         trust_ref2 = core.new_trust_ref(
  255             self.user_foo['id'], self.user_two['id'],
  256             project_id=self.project_bar['id'])
  257         trust_ref2['expires_at'] = \
  258             timeutils.utcnow() + datetime.timedelta(minutes=1)
  259 
  260         trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
  261                                                       trust_ref1, roles)
  262         self.assertIsNotNone(trust_data)
  263         trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],
  264                                                       trust_ref2, roles)
  265         self.assertIsNotNone(trust_data)
  266 
  267         PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
  268             trustor_user_id=self.user_foo['id'],
  269             trustee_user_id=self.user_two['id'],
  270             date=datetime.datetime.utcnow())
  271         trusts = self.trust_api.list_trusts()
  272         self.assertEqual(len(trusts), 1)
  273         self.assertEqual(trust_ref2['id'], trusts[0]['id'])
  274 
  275     def test_flush_expired_trusts_with_no_trustor_id(self):
  276         roles = [{"id": "member"},
  277                  {"id": "other"},
  278                  {"id": "browser"}]
  279         trust_ref1 = core.new_trust_ref(
  280             self.user_foo['id'], self.user_two['id'],
  281             project_id=self.project_bar['id'])
  282         trust_ref1['expires_at'] = \
  283             timeutils.utcnow() - datetime.timedelta(minutes=1)
  284         trust_ref2 = core.new_trust_ref(
  285             self.user_foo['id'], self.user_two['id'],
  286             project_id=self.project_bar['id'])
  287         trust_ref2['expires_at'] = \
  288             timeutils.utcnow() + datetime.timedelta(minutes=1)
  289 
  290         trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
  291                                                       trust_ref1, roles)
  292         self.assertIsNotNone(trust_data)
  293         trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],
  294                                                       trust_ref2, roles)
  295         self.assertIsNotNone(trust_data)
  296 
  297         PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
  298             project_id=self.project_bar['id'],
  299             trustee_user_id=self.user_two['id'],
  300             date=datetime.datetime.utcnow())
  301         trusts = self.trust_api.list_trusts()
  302         self.assertEqual(len(trusts), 1)
  303         self.assertEqual(trust_ref2['id'], trusts[0]['id'])
  304 
  305     def test_flush_expired_trusts_with_no_trustee_id(self):
  306         roles = [{"id": "member"},
  307                  {"id": "other"},
  308                  {"id": "browser"}]
  309         trust_ref1 = core.new_trust_ref(
  310             self.user_foo['id'], self.user_two['id'],
  311             project_id=self.project_bar['id'])
  312         trust_ref1['expires_at'] = \
  313             timeutils.utcnow() - datetime.timedelta(minutes=1)
  314         trust_ref2 = core.new_trust_ref(
  315             self.user_foo['id'], self.user_two['id'],
  316             project_id=self.project_bar['id'])
  317         trust_ref2['expires_at'] = \
  318             timeutils.utcnow() + datetime.timedelta(minutes=1)
  319 
  320         trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
  321                                                       trust_ref1, roles)
  322         self.assertIsNotNone(trust_data)
  323         trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],
  324                                                       trust_ref2, roles)
  325         self.assertIsNotNone(trust_data)
  326 
  327         PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
  328             project_id=self.project_bar['id'],
  329             trustor_user_id=self.user_foo['id'],
  330             date=datetime.datetime.utcnow())
  331         trusts = self.trust_api.list_trusts()
  332         self.assertEqual(len(trusts), 1)
  333         self.assertEqual(trust_ref2['id'], trusts[0]['id'])
  334 
  335     def test_flush_expired_trusts_with_project_id(self):
  336         roles = [{"id": "member"},
  337                  {"id": "other"},
  338                  {"id": "browser"}]
  339         trust_ref1 = core.new_trust_ref(
  340             self.user_foo['id'], self.user_two['id'],
  341             project_id=self.project_bar['id'])
  342         trust_ref1['expires_at'] = \
  343             timeutils.utcnow() - datetime.timedelta(minutes=1)
  344         trust_ref2 = core.new_trust_ref(
  345             self.user_foo['id'], self.user_two['id'],
  346             project_id=self.user_foo['id'])
  347         trust_ref2['expires_at'] = \
  348             timeutils.utcnow() - datetime.timedelta(minutes=5)
  349 
  350         trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
  351                                                       trust_ref1, roles)
  352         self.assertIsNotNone(trust_data)
  353         trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],
  354                                                       trust_ref2, roles)
  355         self.assertIsNotNone(trust_data)
  356 
  357         PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
  358             project_id=self.project_bar['id'],
  359             date=datetime.datetime.utcnow())
  360         trusts = self.trust_api.list_trusts()
  361         self.assertEqual(len(trusts), 1)
  362         self.assertEqual(trust_ref2['id'], trusts[0]['id'])
  363 
  364     def test_flush_expired_trusts_with_trustee_id(self):
  365         roles = [{"id": "member"},
  366                  {"id": "other"},
  367                  {"id": "browser"}]
  368         trust_ref1 = core.new_trust_ref(
  369             self.user_foo['id'], self.user_two['id'],
  370             project_id=self.project_bar['id'])
  371         trust_ref1['expires_at'] = \
  372             timeutils.utcnow() - datetime.timedelta(minutes=1)
  373         trust_ref2 = core.new_trust_ref(
  374             self.user_foo['id'], self.user_foo['id'],
  375             project_id=self.project_bar['id'])
  376         trust_ref2['expires_at'] = \
  377             timeutils.utcnow() - datetime.timedelta(minutes=5)
  378 
  379         trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
  380                                                       trust_ref1, roles)
  381         self.assertIsNotNone(trust_data)
  382         trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],
  383                                                       trust_ref2, roles)
  384         self.assertIsNotNone(trust_data)
  385         PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
  386             trustee_user_id=self.user_two['id'],
  387             date=datetime.datetime.utcnow())
  388         trusts = self.trust_api.list_trusts()
  389         self.assertEqual(len(trusts), 1)
  390         self.assertEqual(trust_ref2['id'], trusts[0]['id'])
  391 
  392     def test_flush_expired_trusts_with_trustor_id(self):
  393         roles = [{"id": "member"},
  394                  {"id": "other"},
  395                  {"id": "browser"}]
  396         trust_ref1 = core.new_trust_ref(
  397             self.user_foo['id'], self.user_two['id'],
  398             project_id=self.project_bar['id'])
  399         trust_ref1['expires_at'] = \
  400             timeutils.utcnow() - datetime.timedelta(minutes=1)
  401         trust_ref2 = core.new_trust_ref(
  402             self.user_two['id'], self.user_two['id'],
  403             project_id=self.project_bar['id'])
  404         trust_ref2['expires_at'] = \
  405             timeutils.utcnow() - datetime.timedelta(minutes=5)
  406 
  407         trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
  408                                                       trust_ref1, roles)
  409         self.assertIsNotNone(trust_data)
  410         trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],
  411                                                       trust_ref2, roles)
  412         self.assertIsNotNone(trust_data)
  413 
  414         PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
  415             trustor_user_id=self.user_foo['id'],
  416             date=datetime.datetime.utcnow())
  417         trusts = self.trust_api.list_trusts()
  418         self.assertEqual(len(trusts), 1)
  419         self.assertEqual(trust_ref2['id'], trusts[0]['id'])
  420 
  421     def test_non_expired_soft_deleted_trusts(self):
  422         roles = [{"id": "member"},
  423                  {"id": "other"},
  424                  {"id": "browser"}]
  425         trust_ref1 = core.new_trust_ref(
  426             self.user_foo['id'], self.user_two['id'],
  427             project_id=self.project_bar['id'])
  428         trust_ref1['expires_at'] = \
  429             timeutils.utcnow() + datetime.timedelta(minutes=10)
  430         trust_ref2 = core.new_trust_ref(
  431             self.user_two['id'], self.user_two['id'],
  432             project_id=self.project_bar['id'])
  433         trust_ref2['expires_at'] = \
  434             timeutils.utcnow() + datetime.timedelta(minutes=5)
  435 
  436         trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
  437                                                       trust_ref1, roles)
  438         self.assertIsNotNone(trust_data)
  439         trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],
  440                                                       trust_ref2, roles)
  441         self.assertIsNotNone(trust_data)
  442         PROVIDERS.trust_api.delete_trust(trust_ref2['id'])
  443 
  444         PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
  445             date=datetime.datetime.utcnow())
  446         trusts = self.trust_api.list_trusts()
  447         self.assertEqual(len(trusts), 1)
  448         self.assertEqual(trust_ref1['id'], trusts[0]['id'])
  449 
  450     def test_non_expired_non_deleted_trusts(self):
  451         roles = [{"id": "member"},
  452                  {"id": "other"},
  453                  {"id": "browser"}]
  454         trust_ref1 = core.new_trust_ref(
  455             self.user_foo['id'], self.user_two['id'],
  456             project_id=self.project_bar['id'])
  457         trust_ref1['expires_at'] = \
  458             timeutils.utcnow() + datetime.timedelta(minutes=10)
  459         trust_ref2 = core.new_trust_ref(
  460             self.user_two['id'], self.user_two['id'],
  461             project_id=self.project_bar['id'])
  462         trust_ref2['expires_at'] = \
  463             timeutils.utcnow() + datetime.timedelta(minutes=5)
  464         trust_ref3 = core.new_trust_ref(
  465             self.user_two['id'], self.user_foo['id'],
  466             project_id=self.project_bar['id'])
  467         trust_ref3['expires_at'] = None
  468 
  469         trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
  470                                                       trust_ref1, roles)
  471         self.assertIsNotNone(trust_data)
  472         trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],
  473                                                       trust_ref2, roles)
  474         self.assertIsNotNone(trust_data)
  475         PROVIDERS.trust_api.delete_trust(trust_ref2['id'])
  476         trust_data = PROVIDERS.trust_api.create_trust(trust_ref3['id'],
  477                                                       trust_ref3, roles)
  478         self.assertIsNotNone(trust_data)
  479 
  480         PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
  481             date=datetime.datetime.utcnow())
  482         trusts = self.trust_api.list_trusts()
  483         self.assertEqual(len(trusts), 2)
  484 
  485     def test_flush_expired_trusts_with_date(self):
  486         roles = [{"id": "member"},
  487                  {"id": "other"},
  488                  {"id": "browser"}]
  489         trust_ref1 = core.new_trust_ref(
  490             self.user_foo['id'], self.user_two['id'],
  491             project_id=self.project_bar['id'])
  492         trust_ref1['expires_at'] = \
  493             timeutils.utcnow() + datetime.timedelta(minutes=10)
  494         trust_ref2 = core.new_trust_ref(
  495             self.user_two['id'], self.user_two['id'],
  496             project_id=self.project_bar['id'])
  497         trust_ref2['expires_at'] = \
  498             timeutils.utcnow() + datetime.timedelta(minutes=30)
  499         trust_ref3 = core.new_trust_ref(
  500             self.user_two['id'], self.user_foo['id'],
  501             project_id=self.project_bar['id'])
  502         trust_ref3['expires_at'] = \
  503             timeutils.utcnow() - datetime.timedelta(minutes=30)
  504 
  505         trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
  506                                                       trust_ref1, roles)
  507         self.assertIsNotNone(trust_data)
  508         trust_data = PROVIDERS.trust_api.create_trust(trust_ref2['id'],
  509                                                       trust_ref2, roles)
  510         self.assertIsNotNone(trust_data)
  511         trust_data = PROVIDERS.trust_api.create_trust(trust_ref3['id'],
  512                                                       trust_ref3, roles)
  513         self.assertIsNotNone(trust_data)
  514         fake_date = timeutils.utcnow() + datetime.timedelta(minutes=15)
  515         PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
  516             date=fake_date
  517         )
  518         trusts = self.trust_api.list_trusts()
  519         self.assertEqual(len(trusts), 1)
  520         self.assertEqual(trust_ref2['id'], trusts[0]['id'])