Merge "Mapped Groups don't exist breaks WebSSO" into stable/pike

This commit is contained in:
Zuul 2018-10-19 08:34:47 +00:00 committed by Gerrit Code Review
commit ec87e19f40
2 changed files with 8 additions and 5 deletions

View File

@ -409,8 +409,8 @@ def transform_to_group_ids(group_names, mapping_id,
group['name'], resolve_domain(group['domain']))
yield group_dict['id']
except exception.GroupNotFound:
raise exception.MappedGroupNotFound(group_id=group['name'],
mapping_id=mapping_id)
LOG.debug('Group %s has no entry in the backend',
group['name'])
def get_assertion_params_from_env(request):

View File

@ -1890,9 +1890,8 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin):
self.assertEqual(ref_groups, token_groups)
def test_issue_unscoped_tokens_nonexisting_group(self):
self.assertRaises(exception.MappedGroupNotFound,
self._issue_unscoped_token,
assertion='ANOTHER_TESTER_ASSERTION')
r = self._issue_unscoped_token(assertion='ANOTHER_TESTER_ASSERTION')
self.assertIsNotNone(r.headers.get('X-Subject-Token'))
def test_issue_unscoped_token_with_remote_no_attribute(self):
r = self._issue_unscoped_token(idp=self.IDP_WITH_REMOTE,
@ -2417,6 +2416,10 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin):
]
}
self.federation_api.update_mapping(self.mapping['id'], rules)
r = self._issue_unscoped_token(assertion='UNMATCHED_GROUP_ASSERTION')
assigned_group_ids = r.json['token']['user']['OS-FEDERATION']['groups']
self.assertEqual(1, len(assigned_group_ids))
self.assertEqual(group['id'], assigned_group_ids[0]['id'])
def test_empty_blacklist_passess_all_values(self):
"""Test a mapping with empty blacklist specified.