Merge "Mapped Groups don't exist breaks WebSSO" into stable/pike
This commit is contained in:
commit
ec87e19f40
|
@ -409,8 +409,8 @@ def transform_to_group_ids(group_names, mapping_id,
|
|||
group['name'], resolve_domain(group['domain']))
|
||||
yield group_dict['id']
|
||||
except exception.GroupNotFound:
|
||||
raise exception.MappedGroupNotFound(group_id=group['name'],
|
||||
mapping_id=mapping_id)
|
||||
LOG.debug('Group %s has no entry in the backend',
|
||||
group['name'])
|
||||
|
||||
|
||||
def get_assertion_params_from_env(request):
|
||||
|
|
|
@ -1890,9 +1890,8 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin):
|
|||
self.assertEqual(ref_groups, token_groups)
|
||||
|
||||
def test_issue_unscoped_tokens_nonexisting_group(self):
|
||||
self.assertRaises(exception.MappedGroupNotFound,
|
||||
self._issue_unscoped_token,
|
||||
assertion='ANOTHER_TESTER_ASSERTION')
|
||||
r = self._issue_unscoped_token(assertion='ANOTHER_TESTER_ASSERTION')
|
||||
self.assertIsNotNone(r.headers.get('X-Subject-Token'))
|
||||
|
||||
def test_issue_unscoped_token_with_remote_no_attribute(self):
|
||||
r = self._issue_unscoped_token(idp=self.IDP_WITH_REMOTE,
|
||||
|
@ -2417,6 +2416,10 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin):
|
|||
]
|
||||
}
|
||||
self.federation_api.update_mapping(self.mapping['id'], rules)
|
||||
r = self._issue_unscoped_token(assertion='UNMATCHED_GROUP_ASSERTION')
|
||||
assigned_group_ids = r.json['token']['user']['OS-FEDERATION']['groups']
|
||||
self.assertEqual(1, len(assigned_group_ids))
|
||||
self.assertEqual(group['id'], assigned_group_ids[0]['id'])
|
||||
|
||||
def test_empty_blacklist_passess_all_values(self):
|
||||
"""Test a mapping with empty blacklist specified.
|
||||
|
|
Loading…
Reference in New Issue