Correcting tests with project_id
This change replace tenant_id to project_id in test cases. Change-Id: I6285d8e4f1b90a8c3f299f4b1d186f2453a3f9b7
This commit is contained in:
parent
25a44467a2
commit
0931f08cd3
|
@ -55,7 +55,7 @@ class ApplicationCredentialTests(object):
|
|||
|
||||
def test_create_application_credential(self):
|
||||
app_cred = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
resp = self.app_cred_api.create_application_credential(app_cred)
|
||||
resp_roles = resp.pop('roles')
|
||||
orig_roles = app_cred.pop('roles')
|
||||
|
@ -66,11 +66,11 @@ class ApplicationCredentialTests(object):
|
|||
# Ensure a user can't create two application credentials with the same
|
||||
# name
|
||||
app_cred = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
name = app_cred['name']
|
||||
self.app_cred_api.create_application_credential(app_cred)
|
||||
app_cred = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
name=name)
|
||||
self.assertRaises(exception.Conflict,
|
||||
self.app_cred_api.create_application_credential,
|
||||
|
@ -80,14 +80,14 @@ class ApplicationCredentialTests(object):
|
|||
# Ensure a user can't create an application credential for a project
|
||||
# they don't have a role assignment on
|
||||
app_cred = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'])
|
||||
project_id=self.project_baz['id'])
|
||||
self.assertRaises(exception.RoleAssignmentNotFound,
|
||||
self.app_cred_api.create_application_credential,
|
||||
app_cred)
|
||||
|
||||
def test_application_credential_allow_recursion(self):
|
||||
app_cred = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
app_cred['unrestricted'] = True
|
||||
resp = self.app_cred_api.create_application_credential(app_cred)
|
||||
resp.pop('roles')
|
||||
|
@ -98,7 +98,7 @@ class ApplicationCredentialTests(object):
|
|||
config_fixture_ = self.user = self.useFixture(config_fixture.Config())
|
||||
config_fixture_.config(group='application_credential', user_limit=2)
|
||||
app_cred = self._new_app_cred_data(self.user_foo['id'],
|
||||
self.tenant_bar['id'])
|
||||
self.project_bar['id'])
|
||||
self.app_cred_api.create_application_credential(app_cred)
|
||||
app_cred['name'] = 'two'
|
||||
self.app_cred_api.create_application_credential(app_cred)
|
||||
|
@ -109,7 +109,7 @@ class ApplicationCredentialTests(object):
|
|||
|
||||
def test_get_application_credential(self):
|
||||
app_cred = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
create_resp = self.app_cred_api.create_application_credential(app_cred)
|
||||
app_cred_id = create_resp['id']
|
||||
get_resp = self.app_cred_api.get_application_credential(app_cred_id)
|
||||
|
@ -123,13 +123,13 @@ class ApplicationCredentialTests(object):
|
|||
|
||||
def test_list_application_credentials(self):
|
||||
app_cred_1 = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
name='app1')
|
||||
app_cred_2 = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
name='app2')
|
||||
app_cred_3 = self._new_app_cred_data(self.user_two['id'],
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
name='app3')
|
||||
resp1 = self.app_cred_api.create_application_credential(app_cred_1)
|
||||
resp2 = self.app_cred_api.create_application_credential(app_cred_2)
|
||||
|
@ -152,7 +152,7 @@ class ApplicationCredentialTests(object):
|
|||
|
||||
def test_delete_application_credential(self):
|
||||
app_cred = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
self.app_cred_api.create_application_credential(app_cred)
|
||||
|
||||
# cache the information
|
||||
|
@ -174,10 +174,10 @@ class ApplicationCredentialTests(object):
|
|||
|
||||
def test_deleting_a_user_deletes_application_credentials(self):
|
||||
app_cred_1 = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
name='app1')
|
||||
app_cred_2 = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
name='app2')
|
||||
self.app_cred_api.create_application_credential(app_cred_1)
|
||||
self.app_cred_api.create_application_credential(app_cred_2)
|
||||
|
@ -207,13 +207,13 @@ class ApplicationCredentialTests(object):
|
|||
|
||||
def test_removing_user_from_project_deletes_application_credentials(self):
|
||||
app_cred_proj_A_1 = self._new_app_cred_data(
|
||||
self.user_foo['id'], project_id=self.tenant_bar['id'], name='app1')
|
||||
self.user_foo['id'], project_id=self.project_bar['id'], name='app1')
|
||||
app_cred_proj_A_2 = self._new_app_cred_data(
|
||||
self.user_foo['id'], project_id=self.tenant_bar['id'], name='app2')
|
||||
self.user_foo['id'], project_id=self.project_bar['id'], name='app2')
|
||||
app_cred_proj_B = self._new_app_cred_data(
|
||||
self.user_foo['id'], project_id=self.tenant_baz['id'], name='app3')
|
||||
self.user_foo['id'], project_id=self.project_baz['id'], name='app3')
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
user_id=self.user_foo['id'],
|
||||
role_id=self.role__member_['id'])
|
||||
self.app_cred_api.create_application_credential(app_cred_proj_A_1)
|
||||
|
@ -233,7 +233,7 @@ class ApplicationCredentialTests(object):
|
|||
# application credentials on project bar.
|
||||
PROVIDERS.assignment_api.remove_role_from_user_and_project(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
role_id=self.role__member_['id'])
|
||||
self.assertNotIn(app_cred_proj_A_1['id'],
|
||||
self._list_ids(self.user_foo))
|
||||
|
@ -255,7 +255,7 @@ class ApplicationCredentialTests(object):
|
|||
|
||||
def test_authenticate(self):
|
||||
app_cred = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
resp = self.app_cred_api.create_application_credential(app_cred)
|
||||
self.app_cred_api.authenticate(resp['id'], resp['secret'])
|
||||
|
||||
|
@ -268,7 +268,7 @@ class ApplicationCredentialTests(object):
|
|||
def test_authenticate_expired(self):
|
||||
yesterday = datetime.datetime.utcnow() - datetime.timedelta(days=1)
|
||||
app_cred = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
expires=yesterday)
|
||||
resp = self.app_cred_api.create_application_credential(app_cred)
|
||||
self.assertRaises(AssertionError,
|
||||
|
@ -278,7 +278,7 @@ class ApplicationCredentialTests(object):
|
|||
|
||||
def test_authenticate_bad_secret(self):
|
||||
app_cred = self._new_app_cred_data(self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
resp = self.app_cred_api.create_application_credential(app_cred)
|
||||
badpass = 'badpass'
|
||||
self.assertNotEqual(badpass, resp['secret'])
|
||||
|
|
|
@ -459,24 +459,24 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
|
||||
def test_project_add_and_remove_user_role(self):
|
||||
user_ids = PROVIDERS.assignment_api.list_user_ids_for_project(
|
||||
self.tenant_bar['id'])
|
||||
self.project_bar['id'])
|
||||
self.assertNotIn(self.user_two['id'], user_ids)
|
||||
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
user_id=self.user_two['id'],
|
||||
role_id=self.role_other['id'])
|
||||
user_ids = PROVIDERS.assignment_api.list_user_ids_for_project(
|
||||
self.tenant_bar['id'])
|
||||
self.project_bar['id'])
|
||||
self.assertIn(self.user_two['id'], user_ids)
|
||||
|
||||
PROVIDERS.assignment_api.remove_role_from_user_and_project(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
user_id=self.user_two['id'],
|
||||
role_id=self.role_other['id'])
|
||||
|
||||
user_ids = PROVIDERS.assignment_api.list_user_ids_for_project(
|
||||
self.tenant_bar['id'])
|
||||
self.project_bar['id'])
|
||||
self.assertNotIn(self.user_two['id'], user_ids)
|
||||
|
||||
def test_remove_user_role_not_assigned(self):
|
||||
|
@ -485,13 +485,13 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
self.assertRaises(exception.RoleNotFound,
|
||||
PROVIDERS.assignment_api.
|
||||
remove_role_from_user_and_project,
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
user_id=self.user_two['id'],
|
||||
role_id=self.role_other['id'])
|
||||
|
||||
def test_list_user_ids_for_project(self):
|
||||
user_ids = PROVIDERS.assignment_api.list_user_ids_for_project(
|
||||
self.tenant_baz['id'])
|
||||
self.project_baz['id'])
|
||||
self.assertEqual(2, len(user_ids))
|
||||
self.assertIn(self.user_two['id'], user_ids)
|
||||
self.assertIn(self.user_badguy['id'], user_ids)
|
||||
|
@ -686,15 +686,15 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
|
||||
def test_add_duplicate_role_grant(self):
|
||||
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
|
||||
self.user_foo['id'], self.tenant_bar['id'])
|
||||
self.user_foo['id'], self.project_bar['id'])
|
||||
self.assertNotIn(self.role_admin['id'], roles_ref)
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
self.user_foo['id'], self.tenant_bar['id'], self.role_admin['id'])
|
||||
self.user_foo['id'], self.project_bar['id'], self.role_admin['id'])
|
||||
self.assertRaises(
|
||||
exception.Conflict,
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project,
|
||||
self.user_foo['id'],
|
||||
self.tenant_bar['id'],
|
||||
self.project_bar['id'],
|
||||
self.role_admin['id']
|
||||
)
|
||||
|
||||
|
@ -739,21 +739,21 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
|
||||
def test_get_role_by_user_and_project(self):
|
||||
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
|
||||
self.user_foo['id'], self.tenant_bar['id'])
|
||||
self.user_foo['id'], self.project_bar['id'])
|
||||
self.assertNotIn(self.role_admin['id'], roles_ref)
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
self.user_foo['id'], self.tenant_bar['id'], self.role_admin['id'])
|
||||
self.user_foo['id'], self.project_bar['id'], self.role_admin['id'])
|
||||
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
|
||||
self.user_foo['id'], self.tenant_bar['id'])
|
||||
self.user_foo['id'], self.project_bar['id'])
|
||||
self.assertIn(self.role_admin['id'], roles_ref)
|
||||
self.assertNotIn(default_fixtures.MEMBER_ROLE_ID, roles_ref)
|
||||
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
self.user_foo['id'],
|
||||
self.tenant_bar['id'],
|
||||
self.project_bar['id'],
|
||||
default_fixtures.MEMBER_ROLE_ID)
|
||||
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
|
||||
self.user_foo['id'], self.tenant_bar['id'])
|
||||
self.user_foo['id'], self.project_bar['id'])
|
||||
self.assertIn(self.role_admin['id'], roles_ref)
|
||||
self.assertIn(default_fixtures.MEMBER_ROLE_ID, roles_ref)
|
||||
|
||||
|
@ -873,7 +873,7 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
exception.UserNotFound,
|
||||
PROVIDERS.assignment_api.get_roles_for_user_and_project,
|
||||
uuid.uuid4().hex,
|
||||
self.tenant_bar['id']
|
||||
self.project_bar['id']
|
||||
)
|
||||
|
||||
self.assertRaises(
|
||||
|
@ -896,7 +896,7 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
exception.RoleNotFound,
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project,
|
||||
self.user_foo['id'],
|
||||
self.tenant_bar['id'],
|
||||
self.project_bar['id'],
|
||||
uuid.uuid4().hex
|
||||
)
|
||||
|
||||
|
@ -905,49 +905,49 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
# no error.
|
||||
user_id_not_exist = uuid.uuid4().hex
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
user_id_not_exist, self.tenant_bar['id'], self.role_admin['id'])
|
||||
user_id_not_exist, self.project_bar['id'], self.role_admin['id'])
|
||||
|
||||
def test_remove_role_from_user_and_project(self):
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
self.user_foo['id'],
|
||||
self.tenant_bar['id'],
|
||||
self.project_bar['id'],
|
||||
default_fixtures.MEMBER_ROLE_ID)
|
||||
PROVIDERS.assignment_api.remove_role_from_user_and_project(
|
||||
self.user_foo['id'],
|
||||
self.tenant_bar['id'],
|
||||
self.project_bar['id'],
|
||||
default_fixtures.MEMBER_ROLE_ID)
|
||||
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
|
||||
self.user_foo['id'], self.tenant_bar['id'])
|
||||
self.user_foo['id'], self.project_bar['id'])
|
||||
self.assertNotIn(default_fixtures.MEMBER_ROLE_ID, roles_ref)
|
||||
self.assertRaises(exception.NotFound,
|
||||
PROVIDERS.assignment_api.
|
||||
remove_role_from_user_and_project,
|
||||
self.user_foo['id'],
|
||||
self.tenant_bar['id'],
|
||||
self.project_bar['id'],
|
||||
default_fixtures.MEMBER_ROLE_ID)
|
||||
|
||||
def test_get_role_grant_by_user_and_project(self):
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
self.assertEqual(1, len(roles_ref))
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=self.user_foo['id'], project_id=self.tenant_bar['id'],
|
||||
user_id=self.user_foo['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_admin['id']
|
||||
)
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
self.assertIn(self.role_admin['id'],
|
||||
[role_ref['id'] for role_ref in roles_ref])
|
||||
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
|
||||
roles_ref_ids = []
|
||||
for ref in roles_ref:
|
||||
|
@ -958,38 +958,38 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
def test_remove_role_grant_from_user_and_project(self):
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'])
|
||||
project_id=self.project_baz['id'])
|
||||
self.assertDictEqual(self.role_member, roles_ref[0])
|
||||
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'])
|
||||
project_id=self.project_baz['id'])
|
||||
self.assertEqual(0, len(roles_ref))
|
||||
self.assertRaises(exception.RoleAssignmentNotFound,
|
||||
PROVIDERS.assignment_api.delete_grant,
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
|
||||
def test_get_role_assignment_by_project_not_found(self):
|
||||
self.assertRaises(exception.RoleAssignmentNotFound,
|
||||
PROVIDERS.assignment_api.check_grant_role_id,
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
|
||||
self.assertRaises(exception.RoleAssignmentNotFound,
|
||||
PROVIDERS.assignment_api.check_grant_role_id,
|
||||
group_id=uuid.uuid4().hex,
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
|
||||
def test_get_role_assignment_by_domain_not_found(self):
|
||||
|
@ -1009,13 +1009,13 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
self.assertRaises(exception.RoleAssignmentNotFound,
|
||||
PROVIDERS.assignment_api.delete_grant,
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
|
||||
self.assertRaises(exception.RoleAssignmentNotFound,
|
||||
PROVIDERS.assignment_api.delete_grant,
|
||||
group_id=uuid.uuid4().hex,
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
|
||||
def test_del_role_assignment_by_domain_not_found(self):
|
||||
|
@ -1043,29 +1043,29 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
)
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
self.assertEqual(0, len(roles_ref))
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
self.assertDictEqual(self.role_member, roles_ref[0])
|
||||
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
self.assertEqual(0, len(roles_ref))
|
||||
self.assertRaises(exception.RoleAssignmentNotFound,
|
||||
PROVIDERS.assignment_api.delete_grant,
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
|
||||
def test_get_and_remove_role_grant_by_group_and_domain(self):
|
||||
|
@ -1404,11 +1404,11 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
user_id = uuid.uuid4().hex
|
||||
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
role_id, user_id=user_id, project_id=self.tenant_bar['id']
|
||||
role_id, user_id=user_id, project_id=self.project_bar['id']
|
||||
)
|
||||
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
role_id, user_id=user_id, project_id=self.tenant_bar['id']
|
||||
role_id, user_id=user_id, project_id=self.project_bar['id']
|
||||
)
|
||||
|
||||
def test_delete_group_grant_no_group(self):
|
||||
|
@ -1420,11 +1420,11 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
group_id = uuid.uuid4().hex
|
||||
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
role_id, group_id=group_id, project_id=self.tenant_bar['id']
|
||||
role_id, group_id=group_id, project_id=self.project_bar['id']
|
||||
)
|
||||
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
role_id, group_id=group_id, project_id=self.tenant_bar['id']
|
||||
role_id, group_id=group_id, project_id=self.project_bar['id']
|
||||
)
|
||||
|
||||
def test_grant_crud_throws_exception_if_invalid_role(self):
|
||||
|
@ -1903,7 +1903,7 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
role_member = unit.new_role_ref()
|
||||
PROVIDERS.role_api.create_role(role_member['id'], role_member)
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
user['id'], self.tenant_bar['id'], role_member['id']
|
||||
user['id'], self.project_bar['id'], role_member['id']
|
||||
)
|
||||
PROVIDERS.identity_api.delete_user(user['id'])
|
||||
self.assertRaises(exception.UserNotFound,
|
||||
|
@ -1915,7 +1915,7 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
user = PROVIDERS.identity_api.create_user(user)
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
user['id'],
|
||||
self.tenant_bar['id'],
|
||||
self.project_bar['id'],
|
||||
self.role_member['id'])
|
||||
PROVIDERS.identity_api.delete_user(user['id'])
|
||||
self.assertRaises(exception.UserNotFound,
|
||||
|
@ -1946,12 +1946,12 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
PROVIDERS.role_api.create_role(role['id'], role)
|
||||
PROVIDERS.role_api.create_role(alt_role['id'], alt_role)
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
self.user_foo['id'], self.tenant_bar['id'], role['id'])
|
||||
self.user_foo['id'], self.project_bar['id'], role['id'])
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
self.user_foo['id'], self.tenant_bar['id'], alt_role['id'])
|
||||
self.user_foo['id'], self.project_bar['id'], alt_role['id'])
|
||||
PROVIDERS.role_api.delete_role(role['id'])
|
||||
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
|
||||
self.user_foo['id'], self.tenant_bar['id'])
|
||||
self.user_foo['id'], self.project_bar['id'])
|
||||
self.assertNotIn(role['id'], roles_ref)
|
||||
self.assertIn(alt_role['id'], roles_ref)
|
||||
|
||||
|
@ -1965,11 +1965,11 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
)
|
||||
self.assertEqual(0, len(user_projects))
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=user1['id'], project_id=self.tenant_bar['id'],
|
||||
user_id=user1['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=user1['id'], project_id=self.tenant_baz['id'],
|
||||
user_id=user1['id'], project_id=self.project_baz['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
user_projects = PROVIDERS.assignment_api.list_projects_for_user(
|
||||
|
@ -1998,7 +1998,7 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
|
||||
# Create 3 grants, one user grant, the other two as group grants
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=user1['id'], project_id=self.tenant_bar['id'],
|
||||
user_id=user1['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
|
@ -2019,14 +2019,14 @@ class AssignmentTests(AssignmentTestHelperMixin):
|
|||
PROVIDERS.assignment_api.create_grant(
|
||||
self.role_other['id'],
|
||||
user_id=uuid.uuid4().hex,
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
|
||||
def test_create_grant_no_group(self):
|
||||
# If call create_grant with a group that doesn't exist, doesn't fail.
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
self.role_other['id'],
|
||||
group_id=uuid.uuid4().hex,
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
|
||||
def test_delete_group_removes_role_assignments(self):
|
||||
# When a group is deleted any role assignments for the group are
|
||||
|
@ -2786,14 +2786,14 @@ class InheritanceTests(AssignmentTestHelperMixin):
|
|||
|
||||
def test_crud_inherited_and_direct_assignment_for_user_on_project(self):
|
||||
self._test_crud_inherited_and_direct_assignment(
|
||||
user_id=self.user_foo['id'], project_id=self.tenant_baz['id'])
|
||||
user_id=self.user_foo['id'], project_id=self.project_baz['id'])
|
||||
|
||||
def test_crud_inherited_and_direct_assignment_for_group_on_project(self):
|
||||
group = unit.new_group_ref(domain_id=CONF.identity.default_domain_id)
|
||||
group = PROVIDERS.identity_api.create_group(group)
|
||||
|
||||
self._test_crud_inherited_and_direct_assignment(
|
||||
group_id=group['id'], project_id=self.tenant_baz['id'])
|
||||
group_id=group['id'], project_id=self.project_baz['id'])
|
||||
|
||||
def test_inherited_role_grants_for_user(self):
|
||||
"""Test inherited user roles.
|
||||
|
@ -3062,7 +3062,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
|
|||
# Create 2 grants, one on a project and one inherited grant
|
||||
# on the domain
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=user1['id'], project_id=self.tenant_bar['id'],
|
||||
user_id=user1['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
|
@ -3230,7 +3230,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
|
|||
role_id=self.role_member['id']
|
||||
)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=user1['id'], project_id=self.tenant_bar['id'],
|
||||
user_id=user1['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
|
|
|
@ -586,7 +586,7 @@ class CatalogTests(object):
|
|||
# should exist if we want to filter the catalog by the project or
|
||||
# replace the url with a valid project id.
|
||||
catalog = PROVIDERS.catalog_api.get_v3_catalog(
|
||||
user_id, self.tenant_bar['id']
|
||||
user_id, self.project_bar['id']
|
||||
)
|
||||
|
||||
endpoint_ids = [x['id'] for x in catalog[0]['endpoints']]
|
||||
|
|
|
@ -1272,17 +1272,17 @@ class CadfNotificationsWrapperTestCase(test_v3.RestfulTestCase):
|
|||
project_ref = unit.new_project_ref(self.domain_id)
|
||||
project = PROVIDERS.resource_api.create_project(
|
||||
project_ref['id'], project_ref)
|
||||
tenant_id = project['id']
|
||||
project_id = project['id']
|
||||
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
self.user_id, tenant_id, self.role_id)
|
||||
self.user_id, project_id, self.role_id)
|
||||
|
||||
self.assertTrue(self._notifications)
|
||||
note = self._notifications[-1]
|
||||
self.assertEqual('created.role_assignment', note['action'])
|
||||
self.assertTrue(note['send_notification_called'])
|
||||
|
||||
self._assert_event(self.role_id, project=tenant_id, user=self.user_id)
|
||||
self._assert_event(self.role_id, project=project_id, user=self.user_id)
|
||||
|
||||
def test_remove_role_from_user_and_project(self):
|
||||
# A notification is sent when remove_role_from_user_and_project is
|
||||
|
|
|
@ -151,7 +151,7 @@ class _TestRBACEnforcerBase(rest.RestfulTestCase):
|
|||
},
|
||||
'scope': {
|
||||
'project': {
|
||||
'id': self.tenant_service['id']
|
||||
'id': self.project_service['id']
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -901,12 +901,12 @@ class TestCase(BaseTestCase):
|
|||
setattr(self, attrname, rv)
|
||||
fixtures_to_cleanup.append(attrname)
|
||||
|
||||
for tenant in fixtures.TENANTS:
|
||||
tenant_attr_name = 'tenant_%s' % tenant['name'].lower()
|
||||
for project in fixtures.PROJECTS:
|
||||
project_attr_name = 'project_%s' % project['name'].lower()
|
||||
rv = PROVIDERS.resource_api.create_project(
|
||||
tenant['id'], tenant)
|
||||
setattr(self, tenant_attr_name, rv)
|
||||
fixtures_to_cleanup.append(tenant_attr_name)
|
||||
project['id'], project)
|
||||
setattr(self, project_attr_name, rv)
|
||||
fixtures_to_cleanup.append(project_attr_name)
|
||||
|
||||
for role in fixtures.ROLES:
|
||||
rv = PROVIDERS.role_api.create_role(role['id'], role)
|
||||
|
@ -916,7 +916,7 @@ class TestCase(BaseTestCase):
|
|||
|
||||
for user in fixtures.USERS:
|
||||
user_copy = user.copy()
|
||||
tenants = user_copy.pop('tenants')
|
||||
projects = user_copy.pop('projects')
|
||||
|
||||
# For users, the manager layer will generate the ID
|
||||
user_copy = PROVIDERS.identity_api.create_user(user_copy)
|
||||
|
@ -926,9 +926,9 @@ class TestCase(BaseTestCase):
|
|||
user_copy['password'] = user['password']
|
||||
|
||||
# fixtures.ROLES[2] is the _member_ role.
|
||||
for tenant_id in tenants:
|
||||
for project_id in projects:
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
user_copy['id'], tenant_id, fixtures.ROLES[2]['id'])
|
||||
user_copy['id'], project_id, fixtures.ROLES[2]['id'])
|
||||
|
||||
# Use the ID from the fixture as the attribute name, so
|
||||
# that our tests can easily reference each user dict, while
|
||||
|
@ -940,10 +940,10 @@ class TestCase(BaseTestCase):
|
|||
for role_assignment in fixtures.ROLE_ASSIGNMENTS:
|
||||
role_id = role_assignment['role_id']
|
||||
user = role_assignment['user']
|
||||
tenant_id = role_assignment['tenant_id']
|
||||
project_id = role_assignment['project_id']
|
||||
user_id = getattr(self, 'user_%s' % user)['id']
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
user_id, tenant_id, role_id)
|
||||
user_id, project_id, role_id)
|
||||
|
||||
self.addCleanup(self.cleanup_instance(*fixtures_to_cleanup))
|
||||
|
||||
|
|
|
@ -16,18 +16,18 @@
|
|||
# performance may be negatively affected.
|
||||
import uuid
|
||||
|
||||
BAR_TENANT_ID = uuid.uuid4().hex
|
||||
BAZ_TENANT_ID = uuid.uuid4().hex
|
||||
MTU_TENANT_ID = uuid.uuid4().hex
|
||||
SERVICE_TENANT_ID = uuid.uuid4().hex
|
||||
BAR_PROJECT_ID = uuid.uuid4().hex
|
||||
BAZ_PROJECT_ID = uuid.uuid4().hex
|
||||
MTU_PROJECT_ID = uuid.uuid4().hex
|
||||
SERVICE_PROJECT_ID = uuid.uuid4().hex
|
||||
DEFAULT_DOMAIN_ID = 'default'
|
||||
ADMIN_ROLE_ID = uuid.uuid4().hex
|
||||
MEMBER_ROLE_ID = uuid.uuid4().hex
|
||||
OTHER_ROLE_ID = uuid.uuid4().hex
|
||||
|
||||
TENANTS = [
|
||||
PROJECTS = [
|
||||
{
|
||||
'id': BAR_TENANT_ID,
|
||||
'id': BAR_PROJECT_ID,
|
||||
'name': 'BAR',
|
||||
'domain_id': DEFAULT_DOMAIN_ID,
|
||||
'description': 'description',
|
||||
|
@ -36,7 +36,7 @@ TENANTS = [
|
|||
'is_domain': False,
|
||||
'tags': []
|
||||
}, {
|
||||
'id': BAZ_TENANT_ID,
|
||||
'id': BAZ_PROJECT_ID,
|
||||
'name': 'BAZ',
|
||||
'domain_id': DEFAULT_DOMAIN_ID,
|
||||
'description': 'description',
|
||||
|
@ -45,7 +45,7 @@ TENANTS = [
|
|||
'is_domain': False,
|
||||
'tags': []
|
||||
}, {
|
||||
'id': MTU_TENANT_ID,
|
||||
'id': MTU_PROJECT_ID,
|
||||
'name': 'MTU',
|
||||
'description': 'description',
|
||||
'enabled': True,
|
||||
|
@ -54,7 +54,7 @@ TENANTS = [
|
|||
'is_domain': False,
|
||||
'tags': []
|
||||
}, {
|
||||
'id': SERVICE_TENANT_ID,
|
||||
'id': SERVICE_PROJECT_ID,
|
||||
'name': 'service',
|
||||
'description': 'description',
|
||||
'enabled': True,
|
||||
|
@ -73,7 +73,7 @@ USERS = [
|
|||
'name': 'req_admin',
|
||||
'domain_id': DEFAULT_DOMAIN_ID,
|
||||
'password': 'password',
|
||||
'tenants': [],
|
||||
'projects': [],
|
||||
'enabled': True,
|
||||
'options': {},
|
||||
},
|
||||
|
@ -82,7 +82,7 @@ USERS = [
|
|||
'name': 'foo',
|
||||
'domain_id': DEFAULT_DOMAIN_ID,
|
||||
'password': 'foo2',
|
||||
'tenants': [BAR_TENANT_ID],
|
||||
'projects': [BAR_PROJECT_ID],
|
||||
'enabled': True,
|
||||
'email': 'foo@bar.com',
|
||||
'options': {},
|
||||
|
@ -92,8 +92,8 @@ USERS = [
|
|||
'domain_id': DEFAULT_DOMAIN_ID,
|
||||
'password': 'two2',
|
||||
'enabled': True,
|
||||
'default_project_id': BAZ_TENANT_ID,
|
||||
'tenants': [BAZ_TENANT_ID],
|
||||
'default_project_id': BAZ_PROJECT_ID,
|
||||
'projects': [BAZ_PROJECT_ID],
|
||||
'email': 'two@three.com',
|
||||
'options': {},
|
||||
}, {
|
||||
|
@ -102,8 +102,8 @@ USERS = [
|
|||
'domain_id': DEFAULT_DOMAIN_ID,
|
||||
'password': 'bad',
|
||||
'enabled': False,
|
||||
'default_project_id': BAZ_TENANT_ID,
|
||||
'tenants': [BAZ_TENANT_ID],
|
||||
'default_project_id': BAZ_PROJECT_ID,
|
||||
'projects': [BAZ_PROJECT_ID],
|
||||
'email': 'bad@guy.com',
|
||||
'options': {},
|
||||
}, {
|
||||
|
@ -112,7 +112,7 @@ USERS = [
|
|||
'domain_id': DEFAULT_DOMAIN_ID,
|
||||
'password': 'snafu',
|
||||
'enabled': True,
|
||||
'tenants': [BAR_TENANT_ID],
|
||||
'projects': [BAR_PROJECT_ID],
|
||||
'email': 'sna@snl.coom',
|
||||
'options': {},
|
||||
}
|
||||
|
@ -154,7 +154,7 @@ ROLES = [
|
|||
ROLE_ASSIGNMENTS = [
|
||||
{
|
||||
'user': 'req_admin',
|
||||
'tenant_id': SERVICE_TENANT_ID,
|
||||
'project_id': SERVICE_PROJECT_ID,
|
||||
'role_id': ADMIN_ROLE_ID
|
||||
},
|
||||
]
|
||||
|
|
|
@ -191,9 +191,9 @@ def _subs(value):
|
|||
so subclasses need to be defined manually in the dictionary below.
|
||||
|
||||
"""
|
||||
subs = {'groupOfNames': ['keystoneTenant',
|
||||
subs = {'groupOfNames': ['keystoneProject',
|
||||
'keystoneRole',
|
||||
'keystoneTenantRole']}
|
||||
'keystoneProjectRole']}
|
||||
if value in subs:
|
||||
return [value] + subs[value]
|
||||
return [value]
|
||||
|
|
|
@ -81,7 +81,7 @@ class IdentityTests(object):
|
|||
PROVIDERS.role_api.create_role(role_member['id'], role_member)
|
||||
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
new_user['id'], self.tenant_baz['id'], role_member['id']
|
||||
new_user['id'], self.project_baz['id'], role_member['id']
|
||||
)
|
||||
with self.make_request():
|
||||
user_ref = PROVIDERS.identity_api.authenticate(
|
||||
|
@ -94,7 +94,7 @@ class IdentityTests(object):
|
|||
user.pop('password')
|
||||
self.assertDictContainsSubset(user, user_ref)
|
||||
role_list = PROVIDERS.assignment_api.get_roles_for_user_and_project(
|
||||
new_user['id'], self.tenant_baz['id'])
|
||||
new_user['id'], self.project_baz['id'])
|
||||
self.assertEqual(1, len(role_list))
|
||||
self.assertIn(role_member['id'], role_list)
|
||||
|
||||
|
|
|
@ -205,7 +205,7 @@ class RegisteredLimitTests(object):
|
|||
PROVIDERS.unified_limit_api.create_registered_limits(
|
||||
[registered_limit_1])
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
|
@ -224,7 +224,7 @@ class RegisteredLimitTests(object):
|
|||
PROVIDERS.unified_limit_api.create_registered_limits(
|
||||
[registered_limit_2])
|
||||
limit_2 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
PROVIDERS.unified_limit_api.create_limits([limit_2])
|
||||
|
@ -366,7 +366,7 @@ class RegisteredLimitTests(object):
|
|||
PROVIDERS.unified_limit_api.create_registered_limits(
|
||||
[registered_limit_1])
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
|
@ -382,7 +382,7 @@ class RegisteredLimitTests(object):
|
|||
PROVIDERS.unified_limit_api.create_registered_limits(
|
||||
[registered_limit_2])
|
||||
limit_2 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
PROVIDERS.unified_limit_api.create_limits([limit_2])
|
||||
|
@ -411,7 +411,7 @@ class LimitTests(object):
|
|||
def test_create_limit(self):
|
||||
# create one, return it.
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex,
|
||||
|
@ -421,12 +421,12 @@ class LimitTests(object):
|
|||
|
||||
# create another two, return them.
|
||||
limit_2 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_two['id'],
|
||||
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
|
||||
limit_3 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_two['id'],
|
||||
resource_name='backup', resource_limit=5, id=uuid.uuid4().hex)
|
||||
|
@ -440,7 +440,7 @@ class LimitTests(object):
|
|||
|
||||
def test_create_limit_duplicate(self):
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
|
@ -448,7 +448,7 @@ class LimitTests(object):
|
|||
|
||||
# use different id but the same project_id, service_id and region_id
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
|
@ -458,7 +458,7 @@ class LimitTests(object):
|
|||
|
||||
def test_create_limit_with_invalid_service_raises_validation_error(self):
|
||||
limit = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=uuid.uuid4().hex,
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
|
@ -468,7 +468,7 @@ class LimitTests(object):
|
|||
|
||||
def test_create_limit_with_invalid_region_raises_validation_error(self):
|
||||
limit = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=uuid.uuid4().hex,
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
|
@ -478,7 +478,7 @@ class LimitTests(object):
|
|||
|
||||
def test_create_limit_without_reference_registered_limit(self):
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_two['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
|
@ -488,7 +488,7 @@ class LimitTests(object):
|
|||
|
||||
def test_create_limit_description_none(self):
|
||||
limit = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex,
|
||||
|
@ -498,7 +498,7 @@ class LimitTests(object):
|
|||
|
||||
def test_create_limit_without_description(self):
|
||||
limit = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
|
@ -509,12 +509,12 @@ class LimitTests(object):
|
|||
def test_update_limit(self):
|
||||
# create two limits
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
limit_2 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_two['id'],
|
||||
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
|
||||
|
@ -536,12 +536,12 @@ class LimitTests(object):
|
|||
def test_list_limits(self):
|
||||
# create two limits
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
limit_2 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_two['id'],
|
||||
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
|
||||
|
@ -549,7 +549,7 @@ class LimitTests(object):
|
|||
|
||||
# list
|
||||
hints = driver_hints.Hints()
|
||||
hints.add_filter('project_id', self.tenant_bar['id'])
|
||||
hints.add_filter('project_id', self.project_bar['id'])
|
||||
limits = PROVIDERS.unified_limit_api.list_limits(hints)
|
||||
self.assertEqual(2, len(limits))
|
||||
for re in limits:
|
||||
|
@ -562,12 +562,12 @@ class LimitTests(object):
|
|||
self.config_fixture.config(list_limit=1)
|
||||
# create two limits
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
limit_2 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_two['id'],
|
||||
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
|
||||
|
@ -584,12 +584,12 @@ class LimitTests(object):
|
|||
|
||||
def test_list_limit_by_filter(self):
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
limit_2 = unit.new_limit_ref(
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_two['id'],
|
||||
resource_name='snapshot', resource_limit=10, id=uuid.uuid4().hex)
|
||||
|
@ -612,18 +612,18 @@ class LimitTests(object):
|
|||
self.assertEqual(0, len(res))
|
||||
|
||||
hints = driver_hints.Hints()
|
||||
hints.add_filter('project_id', self.tenant_bar['id'])
|
||||
hints.add_filter('project_id', self.project_bar['id'])
|
||||
res = PROVIDERS.unified_limit_api.list_limits(hints)
|
||||
self.assertEqual(1, len(res))
|
||||
|
||||
def test_list_limit_by_multi_filter_with_project_id(self):
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
limit_2 = unit.new_limit_ref(
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_two['id'],
|
||||
resource_name='snapshot', resource_limit=10, id=uuid.uuid4().hex)
|
||||
|
@ -631,19 +631,19 @@ class LimitTests(object):
|
|||
|
||||
hints = driver_hints.Hints()
|
||||
hints.add_filter('service_id', self.service_one['id'])
|
||||
hints.add_filter('project_id', self.tenant_bar['id'])
|
||||
hints.add_filter('project_id', self.project_bar['id'])
|
||||
res = PROVIDERS.unified_limit_api.list_limits(hints)
|
||||
self.assertEqual(1, len(res))
|
||||
|
||||
def test_get_limit(self):
|
||||
# create two limits
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
limit_2 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_two['id'],
|
||||
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
|
||||
|
@ -661,12 +661,12 @@ class LimitTests(object):
|
|||
def test_delete_limit(self):
|
||||
# create two limits
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
limit_2 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_two['id'],
|
||||
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
|
||||
|
@ -686,23 +686,23 @@ class LimitTests(object):
|
|||
def test_delete_limit_project(self):
|
||||
# create two limits
|
||||
limit_1 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_one['id'],
|
||||
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
|
||||
limit_2 = unit.new_limit_ref(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
service_id=self.service_one['id'],
|
||||
region_id=self.region_two['id'],
|
||||
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
|
||||
PROVIDERS.unified_limit_api.create_limits([limit_1, limit_2])
|
||||
|
||||
# delete a unrelated project, the limits should still be there.
|
||||
PROVIDERS.resource_api.delete_project(self.tenant_baz['id'])
|
||||
PROVIDERS.resource_api.delete_project(self.project_baz['id'])
|
||||
ref = PROVIDERS.unified_limit_api.list_limits()
|
||||
self.assertEqual(2, len(ref))
|
||||
|
||||
# delete the referenced project, the limits should be deleted as well.
|
||||
PROVIDERS.resource_api.delete_project(self.tenant_bar['id'])
|
||||
PROVIDERS.resource_api.delete_project(self.project_bar['id'])
|
||||
ref = PROVIDERS.unified_limit_api.list_limits()
|
||||
self.assertEqual([], ref)
|
||||
|
|
|
@ -36,8 +36,8 @@ class ResourceTests(object):
|
|||
domain_count = len(default_fixtures.DOMAINS)
|
||||
|
||||
def test_get_project(self):
|
||||
tenant_ref = PROVIDERS.resource_api.get_project(self.tenant_bar['id'])
|
||||
self.assertDictEqual(self.tenant_bar, tenant_ref)
|
||||
project_ref = PROVIDERS.resource_api.get_project(self.project_bar['id'])
|
||||
self.assertDictEqual(self.project_bar, project_ref)
|
||||
|
||||
def test_get_project_returns_not_found(self):
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
|
@ -45,10 +45,10 @@ class ResourceTests(object):
|
|||
uuid.uuid4().hex)
|
||||
|
||||
def test_get_project_by_name(self):
|
||||
tenant_ref = PROVIDERS.resource_api.get_project_by_name(
|
||||
self.tenant_bar['name'],
|
||||
project_ref = PROVIDERS.resource_api.get_project_by_name(
|
||||
self.project_bar['name'],
|
||||
CONF.identity.default_domain_id)
|
||||
self.assertDictEqual(self.tenant_bar, tenant_ref)
|
||||
self.assertDictEqual(self.project_bar, project_ref)
|
||||
|
||||
@unit.skip_if_no_multiple_domains_support
|
||||
def test_get_project_by_name_for_project_acting_as_a_domain(self):
|
||||
|
@ -229,9 +229,9 @@ class ResourceTests(object):
|
|||
|
||||
def test_list_projects(self):
|
||||
project_refs = PROVIDERS.resource_api.list_projects()
|
||||
project_count = len(default_fixtures.TENANTS) + self.domain_count
|
||||
project_count = len(default_fixtures.PROJECTS) + self.domain_count
|
||||
self.assertEqual(project_count, len(project_refs))
|
||||
for project in default_fixtures.TENANTS:
|
||||
for project in default_fixtures.PROJECTS:
|
||||
self.assertIn(project, project_refs)
|
||||
|
||||
def test_list_projects_with_multiple_filters(self):
|
||||
|
@ -269,11 +269,11 @@ class ResourceTests(object):
|
|||
# filtering by domain does not include any project that acts as a
|
||||
# domain.
|
||||
self.assertThat(
|
||||
project_ids, matchers.HasLength(len(default_fixtures.TENANTS)))
|
||||
self.assertIn(self.tenant_bar['id'], project_ids)
|
||||
self.assertIn(self.tenant_baz['id'], project_ids)
|
||||
self.assertIn(self.tenant_mtu['id'], project_ids)
|
||||
self.assertIn(self.tenant_service['id'], project_ids)
|
||||
project_ids, matchers.HasLength(len(default_fixtures.PROJECTS)))
|
||||
self.assertIn(self.project_bar['id'], project_ids)
|
||||
self.assertIn(self.project_baz['id'], project_ids)
|
||||
self.assertIn(self.project_mtu['id'], project_ids)
|
||||
self.assertIn(self.project_service['id'], project_ids)
|
||||
|
||||
@unit.skip_if_no_multiple_domains_support
|
||||
def test_list_projects_acting_as_domain(self):
|
||||
|
|
|
@ -172,7 +172,7 @@ class TestKeystoneFlaskCommon(rest.RestfulTestCase):
|
|||
},
|
||||
'scope': {
|
||||
'project': {
|
||||
'id': self.tenant_service['id']
|
||||
'id': self.project_service['id']
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -458,25 +458,25 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
def test_remove_role_grant_from_user_and_project(self):
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'])
|
||||
project_id=self.project_baz['id'])
|
||||
self.assertDictEqual(self.role_member, roles_ref[0])
|
||||
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'])
|
||||
project_id=self.project_baz['id'])
|
||||
self.assertEqual(0, len(roles_ref))
|
||||
self.assertRaises(exception.RoleAssignmentNotFound,
|
||||
PROVIDERS.assignment_api.delete_grant,
|
||||
user_id=self.user_foo['id'],
|
||||
project_id=self.tenant_baz['id'],
|
||||
project_id=self.project_baz['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
|
||||
def test_get_and_remove_role_grant_by_group_and_project(self):
|
||||
|
@ -491,32 +491,32 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
self.assertEqual([], roles_ref)
|
||||
self.assertEqual(0, len(roles_ref))
|
||||
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
self.assertNotEmpty(roles_ref)
|
||||
self.assertDictEqual(self.role_member, roles_ref[0])
|
||||
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
roles_ref = PROVIDERS.assignment_api.list_grants(
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
self.assertEqual(0, len(roles_ref))
|
||||
self.assertRaises(exception.RoleAssignmentNotFound,
|
||||
PROVIDERS.assignment_api.delete_grant,
|
||||
group_id=new_group['id'],
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
role_id=default_fixtures.MEMBER_ROLE_ID)
|
||||
|
||||
def test_get_and_remove_role_grant_by_group_and_domain(self):
|
||||
|
@ -571,14 +571,14 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
)
|
||||
self.assertThat(user_projects, matchers.HasLength(0))
|
||||
|
||||
# new grant(user1, role_member, tenant_bar)
|
||||
# new grant(user1, role_member, project_bar)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=user1['id'], project_id=self.tenant_bar['id'],
|
||||
user_id=user1['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
# new grant(user1, role_member, tenant_baz)
|
||||
# new grant(user1, role_member, project_baz)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=user1['id'], project_id=self.tenant_baz['id'],
|
||||
user_id=user1['id'], project_id=self.project_baz['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
user_projects = PROVIDERS.assignment_api.list_projects_for_user(
|
||||
|
@ -595,14 +595,14 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
|
||||
PROVIDERS.identity_api.add_user_to_group(user2['id'], group1['id'])
|
||||
|
||||
# new grant(group1(user2), role_member, tenant_bar)
|
||||
# new grant(group1(user2), role_member, project_bar)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
group_id=group1['id'], project_id=self.tenant_bar['id'],
|
||||
group_id=group1['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
# new grant(group1(user2), role_member, tenant_baz)
|
||||
# new grant(group1(user2), role_member, project_baz)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
group_id=group1['id'], project_id=self.tenant_baz['id'],
|
||||
group_id=group1['id'], project_id=self.project_baz['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
user_projects = PROVIDERS.assignment_api.list_projects_for_user(
|
||||
|
@ -610,9 +610,9 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
)
|
||||
self.assertThat(user_projects, matchers.HasLength(2))
|
||||
|
||||
# new grant(group1(user2), role_other, tenant_bar)
|
||||
# new grant(group1(user2), role_other, project_bar)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
group_id=group1['id'], project_id=self.tenant_bar['id'],
|
||||
group_id=group1['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_other['id']
|
||||
)
|
||||
user_projects = PROVIDERS.assignment_api.list_projects_for_user(
|
||||
|
@ -633,13 +633,13 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
# Add user1 to group1
|
||||
PROVIDERS.identity_api.add_user_to_group(user1['id'], group1['id'])
|
||||
|
||||
# Now, add grant to user1 and group1 in tenant_bar
|
||||
# Now, add grant to user1 and group1 in project_bar
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=user1['id'], project_id=self.tenant_bar['id'],
|
||||
user_id=user1['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
group_id=group1['id'], project_id=self.tenant_bar['id'],
|
||||
group_id=group1['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
|
||||
|
@ -649,9 +649,9 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
)
|
||||
self.assertThat(user_projects, matchers.HasLength(1))
|
||||
|
||||
# Now, delete user1 grant into tenant_bar and check
|
||||
# Now, delete user1 grant into project_bar and check
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
user_id=user1['id'], project_id=self.tenant_bar['id'],
|
||||
user_id=user1['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
|
||||
|
@ -685,7 +685,7 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
)
|
||||
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
user_id=new_user['id'], project_id=self.tenant_bar['id'],
|
||||
user_id=new_user['id'], project_id=self.project_bar['id'],
|
||||
role_id=self.role_member['id']
|
||||
)
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
|
@ -761,7 +761,7 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
role_member = unit.new_role_ref()
|
||||
PROVIDERS.role_api.create_role(role_member['id'], role_member)
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
user['id'], self.tenant_baz['id'], role_member['id']
|
||||
user['id'], self.project_baz['id'], role_member['id']
|
||||
)
|
||||
driver = PROVIDERS.identity_api._select_identity_driver(
|
||||
user['domain_id'])
|
||||
|
@ -898,7 +898,7 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
driver = PROVIDERS.identity_api._select_identity_driver(
|
||||
CONF.identity.default_domain_id)
|
||||
driver.user.attribute_ignore = ['enabled', 'email',
|
||||
'tenants', 'tenantId']
|
||||
'projects', 'projectId']
|
||||
user = self.new_user_ref(domain_id=CONF.identity.default_domain_id,
|
||||
project_id='maps_to_none')
|
||||
|
||||
|
@ -912,7 +912,7 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
driver = PROVIDERS.identity_api._select_identity_driver(
|
||||
CONF.identity.default_domain_id)
|
||||
driver.user.attribute_ignore = ['enabled', 'email',
|
||||
'tenants', 'tenantId']
|
||||
'projects', 'projectId']
|
||||
|
||||
user = self.new_user_ref(domain_id=CONF.identity.default_domain_id)
|
||||
|
||||
|
@ -995,7 +995,7 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
|
|||
# Grant the user a role on a project.
|
||||
|
||||
role_id = default_fixtures.MEMBER_ROLE_ID
|
||||
project_id = self.tenant_baz['id']
|
||||
project_id = self.project_baz['id']
|
||||
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
role_id, user_id=public_user_id, project_id=project_id
|
||||
|
@ -1947,7 +1947,7 @@ class LDAPIdentityEnabledEmulation(LDAPIdentity, unit.TestCase):
|
|||
def load_fixtures(self, fixtures):
|
||||
# Override super impl since need to create group container.
|
||||
super(LDAPIdentity, self).load_fixtures(fixtures)
|
||||
for obj in [self.tenant_bar, self.tenant_baz, self.user_foo,
|
||||
for obj in [self.project_bar, self.project_baz, self.user_foo,
|
||||
self.user_two, self.user_badguy]:
|
||||
obj.setdefault('enabled', True)
|
||||
|
||||
|
|
|
@ -274,7 +274,7 @@ class SqlIdentity(SqlTests,
|
|||
role_member = unit.new_role_ref()
|
||||
PROVIDERS.role_api.create_role(role_member['id'], role_member)
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
user['id'], self.tenant_bar['id'], role_member['id']
|
||||
user['id'], self.project_bar['id'], role_member['id']
|
||||
)
|
||||
PROVIDERS.identity_api.delete_user(user['id'])
|
||||
self.assertRaises(exception.UserNotFound,
|
||||
|
@ -315,11 +315,11 @@ class SqlIdentity(SqlTests,
|
|||
role_member = unit.new_role_ref()
|
||||
PROVIDERS.role_api.create_role(role_member['id'], role_member)
|
||||
PROVIDERS.assignment_api.add_role_to_user_and_project(
|
||||
user['id'], self.tenant_bar['id'], role_member['id']
|
||||
user['id'], self.project_bar['id'], role_member['id']
|
||||
)
|
||||
PROVIDERS.resource_api.delete_project(self.tenant_bar['id'])
|
||||
tenants = PROVIDERS.assignment_api.list_projects_for_user(user['id'])
|
||||
self.assertEqual([], tenants)
|
||||
PROVIDERS.resource_api.delete_project(self.project_bar['id'])
|
||||
projects = PROVIDERS.assignment_api.list_projects_for_user(user['id'])
|
||||
self.assertEqual([], projects)
|
||||
|
||||
def test_update_project_returns_extra(self):
|
||||
"""Test for backward compatibility with an essex/folsom bug.
|
||||
|
@ -762,7 +762,7 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
|
|||
service = unit.new_service_ref()
|
||||
PROVIDERS.catalog_api.create_service(service['id'], service)
|
||||
|
||||
malformed_url = "http://192.168.1.104:8774/v2/$(tenant)s"
|
||||
malformed_url = "http://192.168.1.104:8774/v2/$(project)s"
|
||||
endpoint = unit.new_endpoint_ref(service_id=service['id'],
|
||||
url=malformed_url,
|
||||
region_id=None)
|
||||
|
@ -770,7 +770,7 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
|
|||
self.assertRaises(exception.ProjectNotFound,
|
||||
PROVIDERS.catalog_api.get_v3_catalog,
|
||||
'fake-user',
|
||||
'fake-tenant')
|
||||
'fake-project')
|
||||
|
||||
def test_get_v3_catalog_with_empty_public_url(self):
|
||||
service = unit.new_service_ref()
|
||||
|
@ -781,7 +781,7 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
|
|||
PROVIDERS.catalog_api.create_endpoint(endpoint['id'], endpoint.copy())
|
||||
|
||||
catalog = PROVIDERS.catalog_api.get_v3_catalog(self.user_foo['id'],
|
||||
self.tenant_bar['id'])
|
||||
self.project_bar['id'])
|
||||
catalog_endpoint = catalog[0]
|
||||
self.assertEqual(service['name'], catalog_endpoint['name'])
|
||||
self.assertEqual(service['id'], catalog_endpoint['id'])
|
||||
|
@ -846,7 +846,7 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
|
|||
region['id'])
|
||||
|
||||
def test_v3_catalog_domain_scoped_token(self):
|
||||
# test the case that tenant_id is None.
|
||||
# test the case that project_id is None.
|
||||
srv_1 = unit.new_service_ref()
|
||||
PROVIDERS.catalog_api.create_service(srv_1['id'], srv_1)
|
||||
endpoint_1 = unit.new_endpoint_ref(service_id=srv_1['id'],
|
||||
|
@ -884,10 +884,10 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
|
|||
# create endpoint-project association.
|
||||
PROVIDERS.catalog_api.add_endpoint_to_project(
|
||||
endpoint_1['id'],
|
||||
self.tenant_bar['id'])
|
||||
self.project_bar['id'])
|
||||
|
||||
catalog_ref = PROVIDERS.catalog_api.get_v3_catalog(
|
||||
uuid.uuid4().hex, self.tenant_bar['id']
|
||||
uuid.uuid4().hex, self.project_bar['id']
|
||||
)
|
||||
self.assertThat(catalog_ref, matchers.HasLength(1))
|
||||
self.assertThat(catalog_ref[0]['endpoints'], matchers.HasLength(1))
|
||||
|
@ -909,7 +909,7 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
|
|||
PROVIDERS.catalog_api.create_service(srv_2['id'], srv_2)
|
||||
|
||||
catalog_ref = PROVIDERS.catalog_api.get_v3_catalog(
|
||||
uuid.uuid4().hex, self.tenant_bar['id']
|
||||
uuid.uuid4().hex, self.project_bar['id']
|
||||
)
|
||||
self.assertThat(catalog_ref, matchers.HasLength(2))
|
||||
srv_id_list = [catalog_ref[0]['id'], catalog_ref[1]['id']]
|
||||
|
|
|
@ -937,7 +937,7 @@ class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase,
|
|||
self.assertIsNotNone(entity.get('domain_id'))
|
||||
self.assertIsNotNone(entity.get('email'))
|
||||
self.assertNotIn('password', entity)
|
||||
self.assertNotIn('tenantId', entity)
|
||||
self.assertNotIn('projectId', entity)
|
||||
self.assertIn('password_expires_at', entity)
|
||||
if ref:
|
||||
self.assertEqual(ref['domain_id'], entity['domain_id'])
|
||||
|
|
|
@ -32,7 +32,7 @@ class TrustTests(object):
|
|||
(new_id,
|
||||
{'trustor_user_id': self.trustor['id'],
|
||||
'trustee_user_id': self.user_two['id'],
|
||||
'project_id': self.tenant_bar['id'],
|
||||
'project_id': self.project_bar['id'],
|
||||
'expires_at': expires_at,
|
||||
'impersonation': True,
|
||||
'remaining_uses': remaining_uses},
|
||||
|
@ -169,7 +169,7 @@ class TrustTests(object):
|
|||
self.trustee = self.user_two
|
||||
trust_data = {'trustor_user_id': self.trustor['id'],
|
||||
'trustee_user_id': self.user_two['id'],
|
||||
'project_id': self.tenant_bar['id'],
|
||||
'project_id': self.project_bar['id'],
|
||||
'expires_at': timeutils.parse_isotime(
|
||||
'2032-02-18T18:10:00Z'),
|
||||
'impersonation': True,
|
||||
|
@ -190,12 +190,12 @@ class TrustTests(object):
|
|||
{"id": "browser"}]
|
||||
trust_ref1 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref1['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=1)
|
||||
trust_ref2 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref2['expires_at'] = \
|
||||
timeutils.utcnow() + datetime.timedelta(minutes=1)
|
||||
|
||||
|
@ -218,12 +218,12 @@ class TrustTests(object):
|
|||
{"id": "browser"}]
|
||||
trust_ref1 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref1['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=1)
|
||||
trust_ref2 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref2['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=5)
|
||||
|
||||
|
@ -235,7 +235,7 @@ class TrustTests(object):
|
|||
self.assertIsNotNone(trust_data)
|
||||
|
||||
PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
trustor_user_id=self.user_foo['id'],
|
||||
trustee_user_id=self.user_two['id'],
|
||||
date=datetime.datetime.utcnow())
|
||||
|
@ -249,12 +249,12 @@ class TrustTests(object):
|
|||
{"id": "browser"}]
|
||||
trust_ref1 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref1['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=1)
|
||||
trust_ref2 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref2['expires_at'] = \
|
||||
timeutils.utcnow() + datetime.timedelta(minutes=1)
|
||||
|
||||
|
@ -279,12 +279,12 @@ class TrustTests(object):
|
|||
{"id": "browser"}]
|
||||
trust_ref1 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref1['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=1)
|
||||
trust_ref2 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref2['expires_at'] = \
|
||||
timeutils.utcnow() + datetime.timedelta(minutes=1)
|
||||
|
||||
|
@ -296,7 +296,7 @@ class TrustTests(object):
|
|||
self.assertIsNotNone(trust_data)
|
||||
|
||||
PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
trustee_user_id=self.user_two['id'],
|
||||
date=datetime.datetime.utcnow())
|
||||
trusts = self.trust_api.list_trusts()
|
||||
|
@ -309,12 +309,12 @@ class TrustTests(object):
|
|||
{"id": "browser"}]
|
||||
trust_ref1 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref1['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=1)
|
||||
trust_ref2 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref2['expires_at'] = \
|
||||
timeutils.utcnow() + datetime.timedelta(minutes=1)
|
||||
|
||||
|
@ -326,7 +326,7 @@ class TrustTests(object):
|
|||
self.assertIsNotNone(trust_data)
|
||||
|
||||
PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
trustor_user_id=self.user_foo['id'],
|
||||
date=datetime.datetime.utcnow())
|
||||
trusts = self.trust_api.list_trusts()
|
||||
|
@ -339,7 +339,7 @@ class TrustTests(object):
|
|||
{"id": "browser"}]
|
||||
trust_ref1 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref1['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=1)
|
||||
trust_ref2 = core.new_trust_ref(
|
||||
|
@ -356,7 +356,7 @@ class TrustTests(object):
|
|||
self.assertIsNotNone(trust_data)
|
||||
|
||||
PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
|
||||
project_id=self.tenant_bar['id'],
|
||||
project_id=self.project_bar['id'],
|
||||
date=datetime.datetime.utcnow())
|
||||
trusts = self.trust_api.list_trusts()
|
||||
self.assertEqual(len(trusts), 1)
|
||||
|
@ -368,12 +368,12 @@ class TrustTests(object):
|
|||
{"id": "browser"}]
|
||||
trust_ref1 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref1['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=1)
|
||||
trust_ref2 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref2['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=5)
|
||||
|
||||
|
@ -396,12 +396,12 @@ class TrustTests(object):
|
|||
{"id": "browser"}]
|
||||
trust_ref1 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref1['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=1)
|
||||
trust_ref2 = core.new_trust_ref(
|
||||
self.user_two['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref2['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=5)
|
||||
|
||||
|
@ -425,12 +425,12 @@ class TrustTests(object):
|
|||
{"id": "browser"}]
|
||||
trust_ref1 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref1['expires_at'] = \
|
||||
timeutils.utcnow() + datetime.timedelta(minutes=10)
|
||||
trust_ref2 = core.new_trust_ref(
|
||||
self.user_two['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref2['expires_at'] = \
|
||||
timeutils.utcnow() + datetime.timedelta(minutes=5)
|
||||
|
||||
|
@ -454,17 +454,17 @@ class TrustTests(object):
|
|||
{"id": "browser"}]
|
||||
trust_ref1 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref1['expires_at'] = \
|
||||
timeutils.utcnow() + datetime.timedelta(minutes=10)
|
||||
trust_ref2 = core.new_trust_ref(
|
||||
self.user_two['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref2['expires_at'] = \
|
||||
timeutils.utcnow() + datetime.timedelta(minutes=5)
|
||||
trust_ref3 = core.new_trust_ref(
|
||||
self.user_two['id'], self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref3['expires_at'] = None
|
||||
|
||||
trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
|
||||
|
@ -489,17 +489,17 @@ class TrustTests(object):
|
|||
{"id": "browser"}]
|
||||
trust_ref1 = core.new_trust_ref(
|
||||
self.user_foo['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref1['expires_at'] = \
|
||||
timeutils.utcnow() + datetime.timedelta(minutes=10)
|
||||
trust_ref2 = core.new_trust_ref(
|
||||
self.user_two['id'], self.user_two['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref2['expires_at'] = \
|
||||
timeutils.utcnow() + datetime.timedelta(minutes=30)
|
||||
trust_ref3 = core.new_trust_ref(
|
||||
self.user_two['id'], self.user_foo['id'],
|
||||
project_id=self.tenant_bar['id'])
|
||||
project_id=self.project_bar['id'])
|
||||
trust_ref3['expires_at'] = \
|
||||
timeutils.utcnow() - datetime.timedelta(minutes=30)
|
||||
|
||||
|
|
Loading…
Reference in New Issue