Kyestone V2 support was removed in Train, so it's safe to do such cleanup.
* Functions which just return horizon settings are dropped and
the settings are referred directly now.
* The service catalog in the sample test data is updated to match
the format of the keystone API v3.
* Related to the above change of the sample service catalog,
openstack_dashboard.test.unit.api.test_keystone.ServiceAPITests is
updated to specify the region name explicitly because 'RegionTwo'
endpoint is no longer the second entry of the endpoint list in the
keystone API v3.
Co-Authored-By: Akihiro Motoki <amotoki@gmail.com>
Change-Id: Ib60f360c96341fa5c618595f4a9bfdfe7ec5ae83
Now that we no longer support py27, we can use the standard library
unittest.mock module instead of the third party mock lib.
Change-Id: I2de669d8e89b8daeb7ee5405ffab35af6307c40b
We don't support Python 2 anymore so we don't need this
compatibility library.
six.reraise usages are left as is until it'll be moved to some
base lib like oslo.utils to not re-implenent this method in
Horizon.
This patch also removes Python2-specific base test case methods
assertItemsEqual and assertNotRegexpMatches in flavor of new
Python 3 analogues.
Change-Id: I0b567382edf4d68674a7b8d0b02333fb57293958
In addition, domain_get() call checks previously succeeded somehow
with mox test, but they now fails after mock migration.
api.keystone.get_effective_domain_id() is now mocked instead of
api.keystone.domain_get(). There is no need to test the internal of
api.keystone, so get_effective_domain_id() is the right place to mock.
blueprint mock-framework-in-unit-tests
Change-Id: I567168a8001875efb3e768aa732ceb562b1dd99f
- Add use_mox = True to tests which still depend on mox
- Remove use_mox = False from all tests converted into mock
- Update the warning messages
- Replace 'S'-release with 'Stein'
Part of blueprint mock-framework-in-unit-tests
Change-Id: I208185e97b2de346304a09643a9cb3f1425a7683
Signed-off-by: Akihiro Motoki <amotoki@gmail.com>
(In Django 2.0) The django.core.urlresolvers module is removed
in favor of its new location, django.urls.
It was depreacted in Django 1.10:
https://docs.djangoproject.com/en/2.0/releases/1.10/#id3
blueprint django2-support
Change-Id: I46ab5c325491274b8eaffbf848e5d80f83c2fd26
attribute-level imports are not checked by hacking module now.
most noqa is used to disable warnings on attribute-level imports.
This commit drops noqa for this purpose.
After this, there are only 3 noqa under openstack_dashboard/ :)
Change-Id: I4a449802f5dbd6e44e4b8b5c378a555d47d9a99f
Since the existence of a domain token was equivalent with having
selected a domain context with Keystone V2, some code confuses the
two. This is no longer true for Kestone V3, so we have to separate
the two concepts and use domain context when we mean the domain
context.
Close-bug: #1661537
Change-Id: Ifa66d8c397e34d16a4534e7216eb11c752699505
Implemented the "filter first" for the following identity panels:
- Users
- Groups
- Roles
- Projects
The functionality helps horizon not to hang and timeout when there is
a large set of identity resources to display. It can be turned on and
off easily.
In a subsequent patch set the same functionality will be added to
other identity views such as Project > Manage Members
Change-Id: I6e569712fb5159552a27271837cf2629059f5894
The description for the OPENSTACK_KEYSTONE_DEFAULT_DOMAIN django
variable claims it refers to the ID of the domain. However, the
authenticate method of django_openstack_auth explicitly uses the name
when it requests a token[1], and when multidomain support is enabled
the user is asked for the domain name, not ID. If the operator tries to
set this variable to the ID of any domain besides keystone's own
Default domain, login will fail with "Could not find domain: <domain
ID>" in the keystone logs. This patch forces horizon to use the
variable as a name instead of an ID and updates the comment, so that
everything using this variable is consistent with each other.
This wasn't caught before because the unit tests were only testing
against the default domain, so this patch also adds a second, enabled,
non-default mock domain to test with.
[1] http://git.openstack.org/cgit/openstack/django_openstack_auth/tree/openstack_auth/backend.py?h=2.4.1#n148
Change-Id: I4d16f831c9fc446859c9fb964b7609d5a76338fe
Implements server-side filtering in Identity->Projects
Projects (Only V3 supports server filtering)
Users (Only V3 supports server filtering)
Groups
Roles
This filtering method allows a user to filter by
several fields:
- Name
- UUID
- Enabled
Cannot implement filter by email ttps://review.openstack.org/#/c/110970/
Implements blueprint: server-side-filtering
Co-Authored-By: Daniel Castellanos <luis.daniel.castellanos@intel.com>
Change-Id: I37d6afdef84593e2779d21bec0c2f55e2794ab78
Once upon a time, the python-*client libraries were primarily built to
use httplib2. They have subsequently shift to using requests and thus
urllib3. The horizon test helpers code was maintaining a reference to
httplib2 as it intercepted errant library calls that were not mocked.
httplib2 is not actively maintained and OpenStack is moving to remove it
as a dependency. See
http://lists.openstack.org/pipermail/openstack-dev/2016-March/089225.html
for more details.
This patch removed the httplib2 dependency. Upon removing the
dependency it exposed a missed update from httplib2 to urllib3. A
function that was intended to catch unmocked calls was only listening
for httplib2 connections. This patch updates that failsafe to work with
urllib3. Upon doing so, it pointed out many, many missing mocks and in
turn, many broken tests that appeared to work because of API call
failures. This patch adds the missing mocks and fixes the broken tests.
The new failsafe prints the stack trace when an outside connection is
attempted. Additionally, to fix the fact that a missed mock used to
allow tests to potentially pass, as documented by bug 1517704, a test
failure is now forced on tests where a missing mock is detected.
Closes-Bug: #1517704
Implements blueprint: remove-httplib2-dep
Change-Id: Iaabdf03966c14c82e0c58a3b1ab1a6755c05adcb
This patch supports using domain scoped tokens against keystone v3.
Use Cases:
Cloud Admin - view and manage identity resources across domains
Domain Admin - view and manage identity resources in the domain logged in
User - view identity project in the domain logged in
Regression:
Supports keystone v2 through local_settings.py configuration
Supports keystone v3 with multidomain = False
Supports keystone v3 with mulitdomain = True
Relates to https://review.openstack.org/#/c/141153/
Background on how to test is here
https://wiki.openstack.org/wiki/Horizon/DomainWorkFlow
Co-Authored-By: Brad Pokorny <Brad_Pokorny@symantec.com>
Co-Authored-By: Brian Tully <brian.tully@hp.com>
Co-Authored-By: Michael Hagedorn <mike.hagedorn@hp.com>
Co-Authored-By: woomatt <matt.wood@hp.com>
Partially Implements: blueprint domain-scoped-tokens
Closes-Bug: #1413851
Change-Id: Iaa19bfef9b0c70304ff81d083c62b218b2d02479
mox doesn't work on Python 3, whereas mox3 works on Python 2 and Python
3. Cinder, Nova and many other projects already replaced mox with mox3.
mox3 is now maintained by OpenStack.
Partial-Implements: blueprint porting-python3
Change-Id: I10e6a9754ebd58a2640d73ec8966527c3aa1fe9a
Moving identity panels to their own dashboard.
RBAC is now used to determine the data to load in the identity
dashboard. Using the default policy file, a user with role member
will now be able to see their project list.
Also, adding a policy check mechanism at the panel and dashboard
level to determine which panels and dashboards the user can access.
Implements blueprint separate-identity-dash
Change-Id: I7ebfec2bf6e44899bec79d3b23c90d56a976200f