openstack
/
keystone
Code Issues Proposed changes

Correcting tests with project_id 

This change replace tenant_id to project_id
in test cases.

Change-Id: I6285d8e4f1b90a8c3f299f4b1d186f2453a3f9b7
This commit is contained in:
Vishakha Agarwal 2019-02-01 16:24:42 +05:30
parent 25a44467a2
commit 0931f08cd3
16 changed files with 239 additions and 239 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
keystone/tests/unit/application_credential/test_backends.py
View File

@ -55,7 +55,7 @@ class ApplicationCredentialTests(object):
def test_create_application_credential(self):
app_cred = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
resp = self.app_cred_api.create_application_credential(app_cred)
resp_roles = resp.pop('roles')
orig_roles = app_cred.pop('roles')
@ -66,11 +66,11 @@ class ApplicationCredentialTests(object):
# Ensure a user can't create two application credentials with the same
# name
app_cred = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
name = app_cred['name']
self.app_cred_api.create_application_credential(app_cred)
app_cred = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
name=name)
self.assertRaises(exception.Conflict,
self.app_cred_api.create_application_credential,
@ -80,14 +80,14 @@ class ApplicationCredentialTests(object):
# Ensure a user can't create an application credential for a project
# they don't have a role assignment on
app_cred = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_baz['id'])
project_id=self.project_baz['id'])
self.assertRaises(exception.RoleAssignmentNotFound,
self.app_cred_api.create_application_credential,
app_cred)
def test_application_credential_allow_recursion(self):
app_cred = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
app_cred['unrestricted'] = True
resp = self.app_cred_api.create_application_credential(app_cred)
resp.pop('roles')
@ -98,7 +98,7 @@ class ApplicationCredentialTests(object):
config_fixture_ = self.user = self.useFixture(config_fixture.Config())
config_fixture_.config(group='application_credential', user_limit=2)
app_cred = self._new_app_cred_data(self.user_foo['id'],
self.tenant_bar['id'])
self.project_bar['id'])
self.app_cred_api.create_application_credential(app_cred)
app_cred['name'] = 'two'
self.app_cred_api.create_application_credential(app_cred)
@ -109,7 +109,7 @@ class ApplicationCredentialTests(object):
def test_get_application_credential(self):
app_cred = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
create_resp = self.app_cred_api.create_application_credential(app_cred)
app_cred_id = create_resp['id']
get_resp = self.app_cred_api.get_application_credential(app_cred_id)
@ -123,13 +123,13 @@ class ApplicationCredentialTests(object):
def test_list_application_credentials(self):
app_cred_1 = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
name='app1')
app_cred_2 = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
name='app2')
app_cred_3 = self._new_app_cred_data(self.user_two['id'],
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
name='app3')
resp1 = self.app_cred_api.create_application_credential(app_cred_1)
resp2 = self.app_cred_api.create_application_credential(app_cred_2)
@ -152,7 +152,7 @@ class ApplicationCredentialTests(object):
def test_delete_application_credential(self):
app_cred = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
self.app_cred_api.create_application_credential(app_cred)
# cache the information
@ -174,10 +174,10 @@ class ApplicationCredentialTests(object):
def test_deleting_a_user_deletes_application_credentials(self):
app_cred_1 = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
name='app1')
app_cred_2 = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
name='app2')
self.app_cred_api.create_application_credential(app_cred_1)
self.app_cred_api.create_application_credential(app_cred_2)
@ -207,13 +207,13 @@ class ApplicationCredentialTests(object):
def test_removing_user_from_project_deletes_application_credentials(self):
app_cred_proj_A_1 = self._new_app_cred_data(
self.user_foo['id'], project_id=self.tenant_bar['id'], name='app1')
self.user_foo['id'], project_id=self.project_bar['id'], name='app1')
app_cred_proj_A_2 = self._new_app_cred_data(
self.user_foo['id'], project_id=self.tenant_bar['id'], name='app2')
self.user_foo['id'], project_id=self.project_bar['id'], name='app2')
app_cred_proj_B = self._new_app_cred_data(
self.user_foo['id'], project_id=self.tenant_baz['id'], name='app3')
self.user_foo['id'], project_id=self.project_baz['id'], name='app3')
PROVIDERS.assignment_api.add_role_to_user_and_project(
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
user_id=self.user_foo['id'],
role_id=self.role__member_['id'])
self.app_cred_api.create_application_credential(app_cred_proj_A_1)
@ -233,7 +233,7 @@ class ApplicationCredentialTests(object):
# application credentials on project bar.
PROVIDERS.assignment_api.remove_role_from_user_and_project(
user_id=self.user_foo['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
role_id=self.role__member_['id'])
self.assertNotIn(app_cred_proj_A_1['id'],
self._list_ids(self.user_foo))
@ -255,7 +255,7 @@ class ApplicationCredentialTests(object):
def test_authenticate(self):
app_cred = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
resp = self.app_cred_api.create_application_credential(app_cred)
self.app_cred_api.authenticate(resp['id'], resp['secret'])
@ -268,7 +268,7 @@ class ApplicationCredentialTests(object):
def test_authenticate_expired(self):
yesterday = datetime.datetime.utcnow() - datetime.timedelta(days=1)
app_cred = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
expires=yesterday)
resp = self.app_cred_api.create_application_credential(app_cred)
self.assertRaises(AssertionError,
@ -278,7 +278,7 @@ class ApplicationCredentialTests(object):
def test_authenticate_bad_secret(self):
app_cred = self._new_app_cred_data(self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
resp = self.app_cred_api.create_application_credential(app_cred)
badpass = 'badpass'
self.assertNotEqual(badpass, resp['secret'])

120
keystone/tests/unit/assignment/test_backends.py
View File

@ -459,24 +459,24 @@ class AssignmentTests(AssignmentTestHelperMixin):
def test_project_add_and_remove_user_role(self):
user_ids = PROVIDERS.assignment_api.list_user_ids_for_project(
self.tenant_bar['id'])
self.project_bar['id'])
self.assertNotIn(self.user_two['id'], user_ids)
PROVIDERS.assignment_api.add_role_to_user_and_project(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
user_id=self.user_two['id'],
role_id=self.role_other['id'])
user_ids = PROVIDERS.assignment_api.list_user_ids_for_project(
self.tenant_bar['id'])
self.project_bar['id'])
self.assertIn(self.user_two['id'], user_ids)
PROVIDERS.assignment_api.remove_role_from_user_and_project(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
user_id=self.user_two['id'],
role_id=self.role_other['id'])
user_ids = PROVIDERS.assignment_api.list_user_ids_for_project(
self.tenant_bar['id'])
self.project_bar['id'])
self.assertNotIn(self.user_two['id'], user_ids)
def test_remove_user_role_not_assigned(self):
@ -485,13 +485,13 @@ class AssignmentTests(AssignmentTestHelperMixin):
self.assertRaises(exception.RoleNotFound,
PROVIDERS.assignment_api.
remove_role_from_user_and_project,
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
user_id=self.user_two['id'],
role_id=self.role_other['id'])
def test_list_user_ids_for_project(self):
user_ids = PROVIDERS.assignment_api.list_user_ids_for_project(
self.tenant_baz['id'])
self.project_baz['id'])
self.assertEqual(2, len(user_ids))
self.assertIn(self.user_two['id'], user_ids)
self.assertIn(self.user_badguy['id'], user_ids)
@ -686,15 +686,15 @@ class AssignmentTests(AssignmentTestHelperMixin):
def test_add_duplicate_role_grant(self):
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
self.user_foo['id'], self.tenant_bar['id'])
self.user_foo['id'], self.project_bar['id'])
self.assertNotIn(self.role_admin['id'], roles_ref)
PROVIDERS.assignment_api.add_role_to_user_and_project(
self.user_foo['id'], self.tenant_bar['id'], self.role_admin['id'])
self.user_foo['id'], self.project_bar['id'], self.role_admin['id'])
self.assertRaises(
exception.Conflict,
PROVIDERS.assignment_api.add_role_to_user_and_project,
self.user_foo['id'],
self.tenant_bar['id'],
self.project_bar['id'],
self.role_admin['id']
)
@ -739,21 +739,21 @@ class AssignmentTests(AssignmentTestHelperMixin):
def test_get_role_by_user_and_project(self):
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
self.user_foo['id'], self.tenant_bar['id'])
self.user_foo['id'], self.project_bar['id'])
self.assertNotIn(self.role_admin['id'], roles_ref)
PROVIDERS.assignment_api.add_role_to_user_and_project(
self.user_foo['id'], self.tenant_bar['id'], self.role_admin['id'])
self.user_foo['id'], self.project_bar['id'], self.role_admin['id'])
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
self.user_foo['id'], self.tenant_bar['id'])
self.user_foo['id'], self.project_bar['id'])
self.assertIn(self.role_admin['id'], roles_ref)
self.assertNotIn(default_fixtures.MEMBER_ROLE_ID, roles_ref)
PROVIDERS.assignment_api.add_role_to_user_and_project(
self.user_foo['id'],
self.tenant_bar['id'],
self.project_bar['id'],
default_fixtures.MEMBER_ROLE_ID)
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
self.user_foo['id'], self.tenant_bar['id'])
self.user_foo['id'], self.project_bar['id'])
self.assertIn(self.role_admin['id'], roles_ref)
self.assertIn(default_fixtures.MEMBER_ROLE_ID, roles_ref)
@ -873,7 +873,7 @@ class AssignmentTests(AssignmentTestHelperMixin):
exception.UserNotFound,
PROVIDERS.assignment_api.get_roles_for_user_and_project,
uuid.uuid4().hex,
self.tenant_bar['id']
self.project_bar['id']
)
self.assertRaises(
@ -896,7 +896,7 @@ class AssignmentTests(AssignmentTestHelperMixin):
exception.RoleNotFound,
PROVIDERS.assignment_api.add_role_to_user_and_project,
self.user_foo['id'],
self.tenant_bar['id'],
self.project_bar['id'],
uuid.uuid4().hex
)
@ -905,49 +905,49 @@ class AssignmentTests(AssignmentTestHelperMixin):
# no error.
user_id_not_exist = uuid.uuid4().hex
PROVIDERS.assignment_api.add_role_to_user_and_project(
user_id_not_exist, self.tenant_bar['id'], self.role_admin['id'])
user_id_not_exist, self.project_bar['id'], self.role_admin['id'])
def test_remove_role_from_user_and_project(self):
PROVIDERS.assignment_api.add_role_to_user_and_project(
self.user_foo['id'],
self.tenant_bar['id'],
self.project_bar['id'],
default_fixtures.MEMBER_ROLE_ID)
PROVIDERS.assignment_api.remove_role_from_user_and_project(
self.user_foo['id'],
self.tenant_bar['id'],
self.project_bar['id'],
default_fixtures.MEMBER_ROLE_ID)
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
self.user_foo['id'], self.tenant_bar['id'])
self.user_foo['id'], self.project_bar['id'])
self.assertNotIn(default_fixtures.MEMBER_ROLE_ID, roles_ref)
self.assertRaises(exception.NotFound,
PROVIDERS.assignment_api.
remove_role_from_user_and_project,
self.user_foo['id'],
self.tenant_bar['id'],
self.project_bar['id'],
default_fixtures.MEMBER_ROLE_ID)
def test_get_role_grant_by_user_and_project(self):
roles_ref = PROVIDERS.assignment_api.list_grants(
user_id=self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
self.assertEqual(1, len(roles_ref))
PROVIDERS.assignment_api.create_grant(
user_id=self.user_foo['id'], project_id=self.tenant_bar['id'],
user_id=self.user_foo['id'], project_id=self.project_bar['id'],
role_id=self.role_admin['id']
)
roles_ref = PROVIDERS.assignment_api.list_grants(
user_id=self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
self.assertIn(self.role_admin['id'],
[role_ref['id'] for role_ref in roles_ref])
PROVIDERS.assignment_api.create_grant(
user_id=self.user_foo['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
roles_ref = PROVIDERS.assignment_api.list_grants(
user_id=self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
roles_ref_ids = []
for ref in roles_ref:
@ -958,38 +958,38 @@ class AssignmentTests(AssignmentTestHelperMixin):
def test_remove_role_grant_from_user_and_project(self):
PROVIDERS.assignment_api.create_grant(
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
roles_ref = PROVIDERS.assignment_api.list_grants(
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'])
project_id=self.project_baz['id'])
self.assertDictEqual(self.role_member, roles_ref[0])
PROVIDERS.assignment_api.delete_grant(
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
roles_ref = PROVIDERS.assignment_api.list_grants(
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'])
project_id=self.project_baz['id'])
self.assertEqual(0, len(roles_ref))
self.assertRaises(exception.RoleAssignmentNotFound,
PROVIDERS.assignment_api.delete_grant,
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
def test_get_role_assignment_by_project_not_found(self):
self.assertRaises(exception.RoleAssignmentNotFound,
PROVIDERS.assignment_api.check_grant_role_id,
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
self.assertRaises(exception.RoleAssignmentNotFound,
PROVIDERS.assignment_api.check_grant_role_id,
group_id=uuid.uuid4().hex,
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
def test_get_role_assignment_by_domain_not_found(self):
@ -1009,13 +1009,13 @@ class AssignmentTests(AssignmentTestHelperMixin):
self.assertRaises(exception.RoleAssignmentNotFound,
PROVIDERS.assignment_api.delete_grant,
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
self.assertRaises(exception.RoleAssignmentNotFound,
PROVIDERS.assignment_api.delete_grant,
group_id=uuid.uuid4().hex,
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
def test_del_role_assignment_by_domain_not_found(self):
@ -1043,29 +1043,29 @@ class AssignmentTests(AssignmentTestHelperMixin):
)
roles_ref = PROVIDERS.assignment_api.list_grants(
group_id=new_group['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
self.assertEqual(0, len(roles_ref))
PROVIDERS.assignment_api.create_grant(
group_id=new_group['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
roles_ref = PROVIDERS.assignment_api.list_grants(
group_id=new_group['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
self.assertDictEqual(self.role_member, roles_ref[0])
PROVIDERS.assignment_api.delete_grant(
group_id=new_group['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
roles_ref = PROVIDERS.assignment_api.list_grants(
group_id=new_group['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
self.assertEqual(0, len(roles_ref))
self.assertRaises(exception.RoleAssignmentNotFound,
PROVIDERS.assignment_api.delete_grant,
group_id=new_group['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
def test_get_and_remove_role_grant_by_group_and_domain(self):
@ -1404,11 +1404,11 @@ class AssignmentTests(AssignmentTestHelperMixin):
user_id = uuid.uuid4().hex
PROVIDERS.assignment_api.create_grant(
role_id, user_id=user_id, project_id=self.tenant_bar['id']
role_id, user_id=user_id, project_id=self.project_bar['id']
)
PROVIDERS.assignment_api.delete_grant(
role_id, user_id=user_id, project_id=self.tenant_bar['id']
role_id, user_id=user_id, project_id=self.project_bar['id']
)
def test_delete_group_grant_no_group(self):
@ -1420,11 +1420,11 @@ class AssignmentTests(AssignmentTestHelperMixin):
group_id = uuid.uuid4().hex
PROVIDERS.assignment_api.create_grant(
role_id, group_id=group_id, project_id=self.tenant_bar['id']
role_id, group_id=group_id, project_id=self.project_bar['id']
)
PROVIDERS.assignment_api.delete_grant(
role_id, group_id=group_id, project_id=self.tenant_bar['id']
role_id, group_id=group_id, project_id=self.project_bar['id']
)
def test_grant_crud_throws_exception_if_invalid_role(self):
@ -1903,7 +1903,7 @@ class AssignmentTests(AssignmentTestHelperMixin):
role_member = unit.new_role_ref()
PROVIDERS.role_api.create_role(role_member['id'], role_member)
PROVIDERS.assignment_api.add_role_to_user_and_project(
user['id'], self.tenant_bar['id'], role_member['id']
user['id'], self.project_bar['id'], role_member['id']
)
PROVIDERS.identity_api.delete_user(user['id'])
self.assertRaises(exception.UserNotFound,
@ -1915,7 +1915,7 @@ class AssignmentTests(AssignmentTestHelperMixin):
user = PROVIDERS.identity_api.create_user(user)
PROVIDERS.assignment_api.add_role_to_user_and_project(
user['id'],
self.tenant_bar['id'],
self.project_bar['id'],
self.role_member['id'])
PROVIDERS.identity_api.delete_user(user['id'])
self.assertRaises(exception.UserNotFound,
@ -1946,12 +1946,12 @@ class AssignmentTests(AssignmentTestHelperMixin):
PROVIDERS.role_api.create_role(role['id'], role)
PROVIDERS.role_api.create_role(alt_role['id'], alt_role)
PROVIDERS.assignment_api.add_role_to_user_and_project(
self.user_foo['id'], self.tenant_bar['id'], role['id'])
self.user_foo['id'], self.project_bar['id'], role['id'])
PROVIDERS.assignment_api.add_role_to_user_and_project(
self.user_foo['id'], self.tenant_bar['id'], alt_role['id'])
self.user_foo['id'], self.project_bar['id'], alt_role['id'])
PROVIDERS.role_api.delete_role(role['id'])
roles_ref = PROVIDERS.assignment_api.get_roles_for_user_and_project(
self.user_foo['id'], self.tenant_bar['id'])
self.user_foo['id'], self.project_bar['id'])
self.assertNotIn(role['id'], roles_ref)
self.assertIn(alt_role['id'], roles_ref)
@ -1965,11 +1965,11 @@ class AssignmentTests(AssignmentTestHelperMixin):
)
self.assertEqual(0, len(user_projects))
PROVIDERS.assignment_api.create_grant(
user_id=user1['id'], project_id=self.tenant_bar['id'],
user_id=user1['id'], project_id=self.project_bar['id'],
role_id=self.role_member['id']
)
PROVIDERS.assignment_api.create_grant(
user_id=user1['id'], project_id=self.tenant_baz['id'],
user_id=user1['id'], project_id=self.project_baz['id'],
role_id=self.role_member['id']
)
user_projects = PROVIDERS.assignment_api.list_projects_for_user(
@ -1998,7 +1998,7 @@ class AssignmentTests(AssignmentTestHelperMixin):
# Create 3 grants, one user grant, the other two as group grants
PROVIDERS.assignment_api.create_grant(
user_id=user1['id'], project_id=self.tenant_bar['id'],
user_id=user1['id'], project_id=self.project_bar['id'],
role_id=self.role_member['id']
)
PROVIDERS.assignment_api.create_grant(
@ -2019,14 +2019,14 @@ class AssignmentTests(AssignmentTestHelperMixin):
PROVIDERS.assignment_api.create_grant(
self.role_other['id'],
user_id=uuid.uuid4().hex,
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
def test_create_grant_no_group(self):
# If call create_grant with a group that doesn't exist, doesn't fail.
PROVIDERS.assignment_api.create_grant(
self.role_other['id'],
group_id=uuid.uuid4().hex,
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
def test_delete_group_removes_role_assignments(self):
# When a group is deleted any role assignments for the group are
@ -2786,14 +2786,14 @@ class InheritanceTests(AssignmentTestHelperMixin):
def test_crud_inherited_and_direct_assignment_for_user_on_project(self):
self._test_crud_inherited_and_direct_assignment(
user_id=self.user_foo['id'], project_id=self.tenant_baz['id'])
user_id=self.user_foo['id'], project_id=self.project_baz['id'])
def test_crud_inherited_and_direct_assignment_for_group_on_project(self):
group = unit.new_group_ref(domain_id=CONF.identity.default_domain_id)
group = PROVIDERS.identity_api.create_group(group)
self._test_crud_inherited_and_direct_assignment(
group_id=group['id'], project_id=self.tenant_baz['id'])
group_id=group['id'], project_id=self.project_baz['id'])
def test_inherited_role_grants_for_user(self):
"""Test inherited user roles.
@ -3062,7 +3062,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
# Create 2 grants, one on a project and one inherited grant
# on the domain
PROVIDERS.assignment_api.create_grant(
user_id=user1['id'], project_id=self.tenant_bar['id'],
user_id=user1['id'], project_id=self.project_bar['id'],
role_id=self.role_member['id']
)
PROVIDERS.assignment_api.create_grant(
@ -3230,7 +3230,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
role_id=self.role_member['id']
)
PROVIDERS.assignment_api.create_grant(
user_id=user1['id'], project_id=self.tenant_bar['id'],
user_id=user1['id'], project_id=self.project_bar['id'],
role_id=self.role_member['id']
)
PROVIDERS.assignment_api.create_grant(

2
keystone/tests/unit/catalog/test_backends.py
View File

@ -586,7 +586,7 @@ class CatalogTests(object):
# should exist if we want to filter the catalog by the project or
# replace the url with a valid project id.
catalog = PROVIDERS.catalog_api.get_v3_catalog(
user_id, self.tenant_bar['id']
user_id, self.project_bar['id']
)
endpoint_ids = [x['id'] for x in catalog[0]['endpoints']]

6
keystone/tests/unit/common/test_notifications.py
View File

@ -1272,17 +1272,17 @@ class CadfNotificationsWrapperTestCase(test_v3.RestfulTestCase):
project_ref = unit.new_project_ref(self.domain_id)
project = PROVIDERS.resource_api.create_project(
project_ref['id'], project_ref)
tenant_id = project['id']
project_id = project['id']
PROVIDERS.assignment_api.add_role_to_user_and_project(
self.user_id, tenant_id, self.role_id)
self.user_id, project_id, self.role_id)
self.assertTrue(self._notifications)
note = self._notifications[-1]
self.assertEqual('created.role_assignment', note['action'])
self.assertTrue(note['send_notification_called'])
self._assert_event(self.role_id, project=tenant_id, user=self.user_id)
self._assert_event(self.role_id, project=project_id, user=self.user_id)
def test_remove_role_from_user_and_project(self):
# A notification is sent when remove_role_from_user_and_project is

2
keystone/tests/unit/common/test_rbac_enforcer.py
View File

@ -151,7 +151,7 @@ class _TestRBACEnforcerBase(rest.RestfulTestCase):
},
'scope': {
'project': {
'id': self.tenant_service['id']
'id': self.project_service['id']
}
}
}

20
keystone/tests/unit/core.py
View File

@ -901,12 +901,12 @@ class TestCase(BaseTestCase):
setattr(self, attrname, rv)
fixtures_to_cleanup.append(attrname)
for tenant in fixtures.TENANTS:
tenant_attr_name = 'tenant_%s' % tenant['name'].lower()
for project in fixtures.PROJECTS:
project_attr_name = 'project_%s' % project['name'].lower()
rv = PROVIDERS.resource_api.create_project(
tenant['id'], tenant)
setattr(self, tenant_attr_name, rv)
fixtures_to_cleanup.append(tenant_attr_name)
project['id'], project)
setattr(self, project_attr_name, rv)
fixtures_to_cleanup.append(project_attr_name)
for role in fixtures.ROLES:
rv = PROVIDERS.role_api.create_role(role['id'], role)
@ -916,7 +916,7 @@ class TestCase(BaseTestCase):
for user in fixtures.USERS:
user_copy = user.copy()
tenants = user_copy.pop('tenants')
projects = user_copy.pop('projects')
# For users, the manager layer will generate the ID
user_copy = PROVIDERS.identity_api.create_user(user_copy)
@ -926,9 +926,9 @@ class TestCase(BaseTestCase):
user_copy['password'] = user['password']
# fixtures.ROLES[2] is the _member_ role.
for tenant_id in tenants:
for project_id in projects:
PROVIDERS.assignment_api.add_role_to_user_and_project(
user_copy['id'], tenant_id, fixtures.ROLES[2]['id'])
user_copy['id'], project_id, fixtures.ROLES[2]['id'])
# Use the ID from the fixture as the attribute name, so
# that our tests can easily reference each user dict, while
@ -940,10 +940,10 @@ class TestCase(BaseTestCase):
for role_assignment in fixtures.ROLE_ASSIGNMENTS:
role_id = role_assignment['role_id']
user = role_assignment['user']
tenant_id = role_assignment['tenant_id']
project_id = role_assignment['project_id']
user_id = getattr(self, 'user_%s' % user)['id']
PROVIDERS.assignment_api.add_role_to_user_and_project(
user_id, tenant_id, role_id)
user_id, project_id, role_id)
self.addCleanup(self.cleanup_instance(*fixtures_to_cleanup))

34
keystone/tests/unit/default_fixtures.py
View File

@ -16,18 +16,18 @@
# performance may be negatively affected.
import uuid
BAR_TENANT_ID = uuid.uuid4().hex
BAZ_TENANT_ID = uuid.uuid4().hex
MTU_TENANT_ID = uuid.uuid4().hex
SERVICE_TENANT_ID = uuid.uuid4().hex
BAR_PROJECT_ID = uuid.uuid4().hex
BAZ_PROJECT_ID = uuid.uuid4().hex
MTU_PROJECT_ID = uuid.uuid4().hex
SERVICE_PROJECT_ID = uuid.uuid4().hex
DEFAULT_DOMAIN_ID = 'default'
ADMIN_ROLE_ID = uuid.uuid4().hex
MEMBER_ROLE_ID = uuid.uuid4().hex
OTHER_ROLE_ID = uuid.uuid4().hex
TENANTS = [
PROJECTS = [
{
'id': BAR_TENANT_ID,
'id': BAR_PROJECT_ID,
'name': 'BAR',
'domain_id': DEFAULT_DOMAIN_ID,
'description': 'description',
@ -36,7 +36,7 @@ TENANTS = [
'is_domain': False,
'tags': []
}, {
'id': BAZ_TENANT_ID,
'id': BAZ_PROJECT_ID,
'name': 'BAZ',
'domain_id': DEFAULT_DOMAIN_ID,
'description': 'description',
@ -45,7 +45,7 @@ TENANTS = [
'is_domain': False,
'tags': []
}, {
'id': MTU_TENANT_ID,
'id': MTU_PROJECT_ID,
'name': 'MTU',
'description': 'description',
'enabled': True,
@ -54,7 +54,7 @@ TENANTS = [
'is_domain': False,
'tags': []
}, {
'id': SERVICE_TENANT_ID,
'id': SERVICE_PROJECT_ID,
'name': 'service',
'description': 'description',
'enabled': True,
@ -73,7 +73,7 @@ USERS = [
'name': 'req_admin',
'domain_id': DEFAULT_DOMAIN_ID,
'password': 'password',
'tenants': [],
'projects': [],
'enabled': True,
'options': {},
},
@ -82,7 +82,7 @@ USERS = [
'name': 'foo',
'domain_id': DEFAULT_DOMAIN_ID,
'password': 'foo2',
'tenants': [BAR_TENANT_ID],
'projects': [BAR_PROJECT_ID],
'enabled': True,
'email': 'foo@bar.com',
'options': {},
@ -92,8 +92,8 @@ USERS = [
'domain_id': DEFAULT_DOMAIN_ID,
'password': 'two2',
'enabled': True,
'default_project_id': BAZ_TENANT_ID,
'tenants': [BAZ_TENANT_ID],
'default_project_id': BAZ_PROJECT_ID,
'projects': [BAZ_PROJECT_ID],
'email': 'two@three.com',
'options': {},
}, {
@ -102,8 +102,8 @@ USERS = [
'domain_id': DEFAULT_DOMAIN_ID,
'password': 'bad',
'enabled': False,
'default_project_id': BAZ_TENANT_ID,
'tenants': [BAZ_TENANT_ID],
'default_project_id': BAZ_PROJECT_ID,
'projects': [BAZ_PROJECT_ID],
'email': 'bad@guy.com',
'options': {},
}, {
@ -112,7 +112,7 @@ USERS = [
'domain_id': DEFAULT_DOMAIN_ID,
'password': 'snafu',
'enabled': True,
'tenants': [BAR_TENANT_ID],
'projects': [BAR_PROJECT_ID],
'email': 'sna@snl.coom',
'options': {},
}
@ -154,7 +154,7 @@ ROLES = [
ROLE_ASSIGNMENTS = [
{
'user': 'req_admin',
'tenant_id': SERVICE_TENANT_ID,
'project_id': SERVICE_PROJECT_ID,
'role_id': ADMIN_ROLE_ID
},
]

4
keystone/tests/unit/fakeldap.py
View File

@ -191,9 +191,9 @@ def _subs(value):
so subclasses need to be defined manually in the dictionary below.
"""
subs = {'groupOfNames': ['keystoneTenant',
subs = {'groupOfNames': ['keystoneProject',
'keystoneRole',
'keystoneTenantRole']}
'keystoneProjectRole']}
if value in subs:
return [value] + subs[value]
return [value]

4
keystone/tests/unit/identity/test_backends.py
View File

@ -81,7 +81,7 @@ class IdentityTests(object):
PROVIDERS.role_api.create_role(role_member['id'], role_member)
PROVIDERS.assignment_api.add_role_to_user_and_project(
new_user['id'], self.tenant_baz['id'], role_member['id']
new_user['id'], self.project_baz['id'], role_member['id']
)
with self.make_request():
user_ref = PROVIDERS.identity_api.authenticate(
@ -94,7 +94,7 @@ class IdentityTests(object):
user.pop('password')
self.assertDictContainsSubset(user, user_ref)
role_list = PROVIDERS.assignment_api.get_roles_for_user_and_project(
new_user['id'], self.tenant_baz['id'])
new_user['id'], self.project_baz['id'])
self.assertEqual(1, len(role_list))
self.assertIn(role_member['id'], role_list)

70
keystone/tests/unit/limit/test_backends.py
View File

@ -205,7 +205,7 @@ class RegisteredLimitTests(object):
PROVIDERS.unified_limit_api.create_registered_limits(
[registered_limit_1])
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
@ -224,7 +224,7 @@ class RegisteredLimitTests(object):
PROVIDERS.unified_limit_api.create_registered_limits(
[registered_limit_2])
limit_2 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
PROVIDERS.unified_limit_api.create_limits([limit_2])
@ -366,7 +366,7 @@ class RegisteredLimitTests(object):
PROVIDERS.unified_limit_api.create_registered_limits(
[registered_limit_1])
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
@ -382,7 +382,7 @@ class RegisteredLimitTests(object):
PROVIDERS.unified_limit_api.create_registered_limits(
[registered_limit_2])
limit_2 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
PROVIDERS.unified_limit_api.create_limits([limit_2])
@ -411,7 +411,7 @@ class LimitTests(object):
def test_create_limit(self):
# create one, return it.
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex,
@ -421,12 +421,12 @@ class LimitTests(object):
# create another two, return them.
limit_2 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_two['id'],
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
limit_3 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_two['id'],
resource_name='backup', resource_limit=5, id=uuid.uuid4().hex)
@ -440,7 +440,7 @@ class LimitTests(object):
def test_create_limit_duplicate(self):
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
@ -448,7 +448,7 @@ class LimitTests(object):
# use different id but the same project_id, service_id and region_id
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
@ -458,7 +458,7 @@ class LimitTests(object):
def test_create_limit_with_invalid_service_raises_validation_error(self):
limit = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=uuid.uuid4().hex,
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
@ -468,7 +468,7 @@ class LimitTests(object):
def test_create_limit_with_invalid_region_raises_validation_error(self):
limit = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=uuid.uuid4().hex,
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
@ -478,7 +478,7 @@ class LimitTests(object):
def test_create_limit_without_reference_registered_limit(self):
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_two['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
@ -488,7 +488,7 @@ class LimitTests(object):
def test_create_limit_description_none(self):
limit = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex,
@ -498,7 +498,7 @@ class LimitTests(object):
def test_create_limit_without_description(self):
limit = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
@ -509,12 +509,12 @@ class LimitTests(object):
def test_update_limit(self):
# create two limits
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
limit_2 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_two['id'],
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
@ -536,12 +536,12 @@ class LimitTests(object):
def test_list_limits(self):
# create two limits
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
limit_2 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_two['id'],
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
@ -549,7 +549,7 @@ class LimitTests(object):
# list
hints = driver_hints.Hints()
hints.add_filter('project_id', self.tenant_bar['id'])
hints.add_filter('project_id', self.project_bar['id'])
limits = PROVIDERS.unified_limit_api.list_limits(hints)
self.assertEqual(2, len(limits))
for re in limits:
@ -562,12 +562,12 @@ class LimitTests(object):
self.config_fixture.config(list_limit=1)
# create two limits
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
limit_2 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_two['id'],
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
@ -584,12 +584,12 @@ class LimitTests(object):
def test_list_limit_by_filter(self):
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
limit_2 = unit.new_limit_ref(
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
service_id=self.service_one['id'],
region_id=self.region_two['id'],
resource_name='snapshot', resource_limit=10, id=uuid.uuid4().hex)
@ -612,18 +612,18 @@ class LimitTests(object):
self.assertEqual(0, len(res))
hints = driver_hints.Hints()
hints.add_filter('project_id', self.tenant_bar['id'])
hints.add_filter('project_id', self.project_bar['id'])
res = PROVIDERS.unified_limit_api.list_limits(hints)
self.assertEqual(1, len(res))
def test_list_limit_by_multi_filter_with_project_id(self):
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
limit_2 = unit.new_limit_ref(
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
service_id=self.service_one['id'],
region_id=self.region_two['id'],
resource_name='snapshot', resource_limit=10, id=uuid.uuid4().hex)
@ -631,19 +631,19 @@ class LimitTests(object):
hints = driver_hints.Hints()
hints.add_filter('service_id', self.service_one['id'])
hints.add_filter('project_id', self.tenant_bar['id'])
hints.add_filter('project_id', self.project_bar['id'])
res = PROVIDERS.unified_limit_api.list_limits(hints)
self.assertEqual(1, len(res))
def test_get_limit(self):
# create two limits
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
limit_2 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_two['id'],
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
@ -661,12 +661,12 @@ class LimitTests(object):
def test_delete_limit(self):
# create two limits
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
limit_2 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_two['id'],
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
@ -686,23 +686,23 @@ class LimitTests(object):
def test_delete_limit_project(self):
# create two limits
limit_1 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_one['id'],
resource_name='volume', resource_limit=10, id=uuid.uuid4().hex)
limit_2 = unit.new_limit_ref(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
service_id=self.service_one['id'],
region_id=self.region_two['id'],
resource_name='snapshot', resource_limit=5, id=uuid.uuid4().hex)
PROVIDERS.unified_limit_api.create_limits([limit_1, limit_2])
# delete a unrelated project, the limits should still be there.
PROVIDERS.resource_api.delete_project(self.tenant_baz['id'])
PROVIDERS.resource_api.delete_project(self.project_baz['id'])
ref = PROVIDERS.unified_limit_api.list_limits()
self.assertEqual(2, len(ref))
# delete the referenced project, the limits should be deleted as well.
PROVIDERS.resource_api.delete_project(self.tenant_bar['id'])
PROVIDERS.resource_api.delete_project(self.project_bar['id'])
ref = PROVIDERS.unified_limit_api.list_limits()
self.assertEqual([], ref)

24
keystone/tests/unit/resource/test_backends.py
View File

@ -36,8 +36,8 @@ class ResourceTests(object):
domain_count = len(default_fixtures.DOMAINS)
def test_get_project(self):
tenant_ref = PROVIDERS.resource_api.get_project(self.tenant_bar['id'])
self.assertDictEqual(self.tenant_bar, tenant_ref)
project_ref = PROVIDERS.resource_api.get_project(self.project_bar['id'])
self.assertDictEqual(self.project_bar, project_ref)
def test_get_project_returns_not_found(self):
self.assertRaises(exception.ProjectNotFound,
@ -45,10 +45,10 @@ class ResourceTests(object):
uuid.uuid4().hex)
def test_get_project_by_name(self):
tenant_ref = PROVIDERS.resource_api.get_project_by_name(
self.tenant_bar['name'],
project_ref = PROVIDERS.resource_api.get_project_by_name(
self.project_bar['name'],
CONF.identity.default_domain_id)
self.assertDictEqual(self.tenant_bar, tenant_ref)
self.assertDictEqual(self.project_bar, project_ref)
@unit.skip_if_no_multiple_domains_support
def test_get_project_by_name_for_project_acting_as_a_domain(self):
@ -229,9 +229,9 @@ class ResourceTests(object):
def test_list_projects(self):
project_refs = PROVIDERS.resource_api.list_projects()
project_count = len(default_fixtures.TENANTS) + self.domain_count
project_count = len(default_fixtures.PROJECTS) + self.domain_count
self.assertEqual(project_count, len(project_refs))
for project in default_fixtures.TENANTS:
for project in default_fixtures.PROJECTS:
self.assertIn(project, project_refs)
def test_list_projects_with_multiple_filters(self):
@ -269,11 +269,11 @@ class ResourceTests(object):
# filtering by domain does not include any project that acts as a
# domain.
self.assertThat(
project_ids, matchers.HasLength(len(default_fixtures.TENANTS)))
self.assertIn(self.tenant_bar['id'], project_ids)
self.assertIn(self.tenant_baz['id'], project_ids)
self.assertIn(self.tenant_mtu['id'], project_ids)
self.assertIn(self.tenant_service['id'], project_ids)
project_ids, matchers.HasLength(len(default_fixtures.PROJECTS)))
self.assertIn(self.project_bar['id'], project_ids)
self.assertIn(self.project_baz['id'], project_ids)
self.assertIn(self.project_mtu['id'], project_ids)
self.assertIn(self.project_service['id'], project_ids)
@unit.skip_if_no_multiple_domains_support
def test_list_projects_acting_as_domain(self):

2
keystone/tests/unit/server/test_keystone_flask.py
View File

@ -172,7 +172,7 @@ class TestKeystoneFlaskCommon(rest.RestfulTestCase):
},
'scope': {
'project': {
'id': self.tenant_service['id']
'id': self.project_service['id']
}
}
}

64
keystone/tests/unit/test_backend_ldap.py
View File

@ -458,25 +458,25 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
def test_remove_role_grant_from_user_and_project(self):
PROVIDERS.assignment_api.create_grant(
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
roles_ref = PROVIDERS.assignment_api.list_grants(
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'])
project_id=self.project_baz['id'])
self.assertDictEqual(self.role_member, roles_ref[0])
PROVIDERS.assignment_api.delete_grant(
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
roles_ref = PROVIDERS.assignment_api.list_grants(
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'])
project_id=self.project_baz['id'])
self.assertEqual(0, len(roles_ref))
self.assertRaises(exception.RoleAssignmentNotFound,
PROVIDERS.assignment_api.delete_grant,
user_id=self.user_foo['id'],
project_id=self.tenant_baz['id'],
project_id=self.project_baz['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
def test_get_and_remove_role_grant_by_group_and_project(self):
@ -491,32 +491,32 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
roles_ref = PROVIDERS.assignment_api.list_grants(
group_id=new_group['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
self.assertEqual([], roles_ref)
self.assertEqual(0, len(roles_ref))
PROVIDERS.assignment_api.create_grant(
group_id=new_group['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
roles_ref = PROVIDERS.assignment_api.list_grants(
group_id=new_group['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
self.assertNotEmpty(roles_ref)
self.assertDictEqual(self.role_member, roles_ref[0])
PROVIDERS.assignment_api.delete_grant(
group_id=new_group['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
roles_ref = PROVIDERS.assignment_api.list_grants(
group_id=new_group['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
self.assertEqual(0, len(roles_ref))
self.assertRaises(exception.RoleAssignmentNotFound,
PROVIDERS.assignment_api.delete_grant,
group_id=new_group['id'],
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
role_id=default_fixtures.MEMBER_ROLE_ID)
def test_get_and_remove_role_grant_by_group_and_domain(self):
@ -571,14 +571,14 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
)
self.assertThat(user_projects, matchers.HasLength(0))
# new grant(user1, role_member, tenant_bar)
# new grant(user1, role_member, project_bar)
PROVIDERS.assignment_api.create_grant(
user_id=user1['id'], project_id=self.tenant_bar['id'],
user_id=user1['id'], project_id=self.project_bar['id'],
role_id=self.role_member['id']
)
# new grant(user1, role_member, tenant_baz)
# new grant(user1, role_member, project_baz)
PROVIDERS.assignment_api.create_grant(
user_id=user1['id'], project_id=self.tenant_baz['id'],
user_id=user1['id'], project_id=self.project_baz['id'],
role_id=self.role_member['id']
)
user_projects = PROVIDERS.assignment_api.list_projects_for_user(
@ -595,14 +595,14 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
PROVIDERS.identity_api.add_user_to_group(user2['id'], group1['id'])
# new grant(group1(user2), role_member, tenant_bar)
# new grant(group1(user2), role_member, project_bar)
PROVIDERS.assignment_api.create_grant(
group_id=group1['id'], project_id=self.tenant_bar['id'],
group_id=group1['id'], project_id=self.project_bar['id'],
role_id=self.role_member['id']
)
# new grant(group1(user2), role_member, tenant_baz)
# new grant(group1(user2), role_member, project_baz)
PROVIDERS.assignment_api.create_grant(
group_id=group1['id'], project_id=self.tenant_baz['id'],
group_id=group1['id'], project_id=self.project_baz['id'],
role_id=self.role_member['id']
)
user_projects = PROVIDERS.assignment_api.list_projects_for_user(
@ -610,9 +610,9 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
)
self.assertThat(user_projects, matchers.HasLength(2))
# new grant(group1(user2), role_other, tenant_bar)
# new grant(group1(user2), role_other, project_bar)
PROVIDERS.assignment_api.create_grant(
group_id=group1['id'], project_id=self.tenant_bar['id'],
group_id=group1['id'], project_id=self.project_bar['id'],
role_id=self.role_other['id']
)
user_projects = PROVIDERS.assignment_api.list_projects_for_user(
@ -633,13 +633,13 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
# Add user1 to group1
PROVIDERS.identity_api.add_user_to_group(user1['id'], group1['id'])
# Now, add grant to user1 and group1 in tenant_bar
# Now, add grant to user1 and group1 in project_bar
PROVIDERS.assignment_api.create_grant(
user_id=user1['id'], project_id=self.tenant_bar['id'],
user_id=user1['id'], project_id=self.project_bar['id'],
role_id=self.role_member['id']
)
PROVIDERS.assignment_api.create_grant(
group_id=group1['id'], project_id=self.tenant_bar['id'],
group_id=group1['id'], project_id=self.project_bar['id'],
role_id=self.role_member['id']
)
@ -649,9 +649,9 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
)
self.assertThat(user_projects, matchers.HasLength(1))
# Now, delete user1 grant into tenant_bar and check
# Now, delete user1 grant into project_bar and check
PROVIDERS.assignment_api.delete_grant(
user_id=user1['id'], project_id=self.tenant_bar['id'],
user_id=user1['id'], project_id=self.project_bar['id'],
role_id=self.role_member['id']
)
@ -685,7 +685,7 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
)
PROVIDERS.assignment_api.create_grant(
user_id=new_user['id'], project_id=self.tenant_bar['id'],
user_id=new_user['id'], project_id=self.project_bar['id'],
role_id=self.role_member['id']
)
PROVIDERS.assignment_api.create_grant(
@ -761,7 +761,7 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
role_member = unit.new_role_ref()
PROVIDERS.role_api.create_role(role_member['id'], role_member)
PROVIDERS.assignment_api.add_role_to_user_and_project(
user['id'], self.tenant_baz['id'], role_member['id']
user['id'], self.project_baz['id'], role_member['id']
)
driver = PROVIDERS.identity_api._select_identity_driver(
user['domain_id'])
@ -898,7 +898,7 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
driver = PROVIDERS.identity_api._select_identity_driver(
CONF.identity.default_domain_id)
driver.user.attribute_ignore = ['enabled', 'email',
'tenants', 'tenantId']
'projects', 'projectId']
user = self.new_user_ref(domain_id=CONF.identity.default_domain_id,
project_id='maps_to_none')
@ -912,7 +912,7 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
driver = PROVIDERS.identity_api._select_identity_driver(
CONF.identity.default_domain_id)
driver.user.attribute_ignore = ['enabled', 'email',
'tenants', 'tenantId']
'projects', 'projectId']
user = self.new_user_ref(domain_id=CONF.identity.default_domain_id)
@ -995,7 +995,7 @@ class BaseLDAPIdentity(LDAPTestSetup, IdentityTests, AssignmentTests,
# Grant the user a role on a project.
role_id = default_fixtures.MEMBER_ROLE_ID
project_id = self.tenant_baz['id']
project_id = self.project_baz['id']
PROVIDERS.assignment_api.create_grant(
role_id, user_id=public_user_id, project_id=project_id
@ -1947,7 +1947,7 @@ class LDAPIdentityEnabledEmulation(LDAPIdentity, unit.TestCase):
def load_fixtures(self, fixtures):
# Override super impl since need to create group container.
super(LDAPIdentity, self).load_fixtures(fixtures)
for obj in [self.tenant_bar, self.tenant_baz, self.user_foo,
for obj in [self.project_bar, self.project_baz, self.user_foo,
self.user_two, self.user_badguy]:
obj.setdefault('enabled', True)

24
keystone/tests/unit/test_backend_sql.py
View File

@ -274,7 +274,7 @@ class SqlIdentity(SqlTests,
role_member = unit.new_role_ref()
PROVIDERS.role_api.create_role(role_member['id'], role_member)
PROVIDERS.assignment_api.add_role_to_user_and_project(
user['id'], self.tenant_bar['id'], role_member['id']
user['id'], self.project_bar['id'], role_member['id']
)
PROVIDERS.identity_api.delete_user(user['id'])
self.assertRaises(exception.UserNotFound,
@ -315,11 +315,11 @@ class SqlIdentity(SqlTests,
role_member = unit.new_role_ref()
PROVIDERS.role_api.create_role(role_member['id'], role_member)
PROVIDERS.assignment_api.add_role_to_user_and_project(
user['id'], self.tenant_bar['id'], role_member['id']
user['id'], self.project_bar['id'], role_member['id']
)
PROVIDERS.resource_api.delete_project(self.tenant_bar['id'])
tenants = PROVIDERS.assignment_api.list_projects_for_user(user['id'])
self.assertEqual([], tenants)
PROVIDERS.resource_api.delete_project(self.project_bar['id'])
projects = PROVIDERS.assignment_api.list_projects_for_user(user['id'])
self.assertEqual([], projects)
def test_update_project_returns_extra(self):
"""Test for backward compatibility with an essex/folsom bug.
@ -762,7 +762,7 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
service = unit.new_service_ref()
PROVIDERS.catalog_api.create_service(service['id'], service)
malformed_url = "http://192.168.1.104:8774/v2/$(tenant)s"
malformed_url = "http://192.168.1.104:8774/v2/$(project)s"
endpoint = unit.new_endpoint_ref(service_id=service['id'],
url=malformed_url,
region_id=None)
@ -770,7 +770,7 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
self.assertRaises(exception.ProjectNotFound,
PROVIDERS.catalog_api.get_v3_catalog,
'fake-user',
'fake-tenant')
'fake-project')
def test_get_v3_catalog_with_empty_public_url(self):
service = unit.new_service_ref()
@ -781,7 +781,7 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
PROVIDERS.catalog_api.create_endpoint(endpoint['id'], endpoint.copy())
catalog = PROVIDERS.catalog_api.get_v3_catalog(self.user_foo['id'],
self.tenant_bar['id'])
self.project_bar['id'])
catalog_endpoint = catalog[0]
self.assertEqual(service['name'], catalog_endpoint['name'])
self.assertEqual(service['id'], catalog_endpoint['id'])
@ -846,7 +846,7 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
region['id'])
def test_v3_catalog_domain_scoped_token(self):
# test the case that tenant_id is None.
# test the case that project_id is None.
srv_1 = unit.new_service_ref()
PROVIDERS.catalog_api.create_service(srv_1['id'], srv_1)
endpoint_1 = unit.new_endpoint_ref(service_id=srv_1['id'],
@ -884,10 +884,10 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
# create endpoint-project association.
PROVIDERS.catalog_api.add_endpoint_to_project(
endpoint_1['id'],
self.tenant_bar['id'])
self.project_bar['id'])
catalog_ref = PROVIDERS.catalog_api.get_v3_catalog(
uuid.uuid4().hex, self.tenant_bar['id']
uuid.uuid4().hex, self.project_bar['id']
)
self.assertThat(catalog_ref, matchers.HasLength(1))
self.assertThat(catalog_ref[0]['endpoints'], matchers.HasLength(1))
@ -909,7 +909,7 @@ class SqlCatalog(SqlTests, catalog_tests.CatalogTests):
PROVIDERS.catalog_api.create_service(srv_2['id'], srv_2)
catalog_ref = PROVIDERS.catalog_api.get_v3_catalog(
uuid.uuid4().hex, self.tenant_bar['id']
uuid.uuid4().hex, self.project_bar['id']
)
self.assertThat(catalog_ref, matchers.HasLength(2))
srv_id_list = [catalog_ref[0]['id'], catalog_ref[1]['id']]

2
keystone/tests/unit/test_v3.py
View File

@ -937,7 +937,7 @@ class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase,
self.assertIsNotNone(entity.get('domain_id'))
self.assertIsNotNone(entity.get('email'))
self.assertNotIn('password', entity)
self.assertNotIn('tenantId', entity)
self.assertNotIn('projectId', entity)
self.assertIn('password_expires_at', entity)
if ref:
self.assertEqual(ref['domain_id'], entity['domain_id'])

58
keystone/tests/unit/trust/test_backends.py
View File

@ -32,7 +32,7 @@ class TrustTests(object):
(new_id,
{'trustor_user_id': self.trustor['id'],
'trustee_user_id': self.user_two['id'],
'project_id': self.tenant_bar['id'],
'project_id': self.project_bar['id'],
'expires_at': expires_at,
'impersonation': True,
'remaining_uses': remaining_uses},
@ -169,7 +169,7 @@ class TrustTests(object):
self.trustee = self.user_two
trust_data = {'trustor_user_id': self.trustor['id'],
'trustee_user_id': self.user_two['id'],
'project_id': self.tenant_bar['id'],
'project_id': self.project_bar['id'],
'expires_at': timeutils.parse_isotime(
'2032-02-18T18:10:00Z'),
'impersonation': True,
@ -190,12 +190,12 @@ class TrustTests(object):
{"id": "browser"}]
trust_ref1 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref1['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=1)
trust_ref2 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref2['expires_at'] = \
timeutils.utcnow() + datetime.timedelta(minutes=1)
@ -218,12 +218,12 @@ class TrustTests(object):
{"id": "browser"}]
trust_ref1 = core.new_trust_ref(
self.user_foo['id'], self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref1['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=1)
trust_ref2 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref2['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=5)
@ -235,7 +235,7 @@ class TrustTests(object):
self.assertIsNotNone(trust_data)
PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
trustor_user_id=self.user_foo['id'],
trustee_user_id=self.user_two['id'],
date=datetime.datetime.utcnow())
@ -249,12 +249,12 @@ class TrustTests(object):
{"id": "browser"}]
trust_ref1 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref1['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=1)
trust_ref2 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref2['expires_at'] = \
timeutils.utcnow() + datetime.timedelta(minutes=1)
@ -279,12 +279,12 @@ class TrustTests(object):
{"id": "browser"}]
trust_ref1 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref1['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=1)
trust_ref2 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref2['expires_at'] = \
timeutils.utcnow() + datetime.timedelta(minutes=1)
@ -296,7 +296,7 @@ class TrustTests(object):
self.assertIsNotNone(trust_data)
PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
trustee_user_id=self.user_two['id'],
date=datetime.datetime.utcnow())
trusts = self.trust_api.list_trusts()
@ -309,12 +309,12 @@ class TrustTests(object):
{"id": "browser"}]
trust_ref1 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref1['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=1)
trust_ref2 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref2['expires_at'] = \
timeutils.utcnow() + datetime.timedelta(minutes=1)
@ -326,7 +326,7 @@ class TrustTests(object):
self.assertIsNotNone(trust_data)
PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
trustor_user_id=self.user_foo['id'],
date=datetime.datetime.utcnow())
trusts = self.trust_api.list_trusts()
@ -339,7 +339,7 @@ class TrustTests(object):
{"id": "browser"}]
trust_ref1 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref1['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=1)
trust_ref2 = core.new_trust_ref(
@ -356,7 +356,7 @@ class TrustTests(object):
self.assertIsNotNone(trust_data)
PROVIDERS.trust_api.flush_expired_and_soft_deleted_trusts(
project_id=self.tenant_bar['id'],
project_id=self.project_bar['id'],
date=datetime.datetime.utcnow())
trusts = self.trust_api.list_trusts()
self.assertEqual(len(trusts), 1)
@ -368,12 +368,12 @@ class TrustTests(object):
{"id": "browser"}]
trust_ref1 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref1['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=1)
trust_ref2 = core.new_trust_ref(
self.user_foo['id'], self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref2['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=5)
@ -396,12 +396,12 @@ class TrustTests(object):
{"id": "browser"}]
trust_ref1 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref1['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=1)
trust_ref2 = core.new_trust_ref(
self.user_two['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref2['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=5)
@ -425,12 +425,12 @@ class TrustTests(object):
{"id": "browser"}]
trust_ref1 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref1['expires_at'] = \
timeutils.utcnow() + datetime.timedelta(minutes=10)
trust_ref2 = core.new_trust_ref(
self.user_two['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref2['expires_at'] = \
timeutils.utcnow() + datetime.timedelta(minutes=5)
@ -454,17 +454,17 @@ class TrustTests(object):
{"id": "browser"}]
trust_ref1 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref1['expires_at'] = \
timeutils.utcnow() + datetime.timedelta(minutes=10)
trust_ref2 = core.new_trust_ref(
self.user_two['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref2['expires_at'] = \
timeutils.utcnow() + datetime.timedelta(minutes=5)
trust_ref3 = core.new_trust_ref(
self.user_two['id'], self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref3['expires_at'] = None
trust_data = PROVIDERS.trust_api.create_trust(trust_ref1['id'],
@ -489,17 +489,17 @@ class TrustTests(object):
{"id": "browser"}]
trust_ref1 = core.new_trust_ref(
self.user_foo['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref1['expires_at'] = \
timeutils.utcnow() + datetime.timedelta(minutes=10)
trust_ref2 = core.new_trust_ref(
self.user_two['id'], self.user_two['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref2['expires_at'] = \
timeutils.utcnow() + datetime.timedelta(minutes=30)
trust_ref3 = core.new_trust_ref(
self.user_two['id'], self.user_foo['id'],
project_id=self.tenant_bar['id'])
project_id=self.project_bar['id'])
trust_ref3['expires_at'] = \
timeutils.utcnow() - datetime.timedelta(minutes=30)