Merge "Introduce assertions for system-scoped token testing"

This commit is contained in:
Zuul 2018-01-25 02:33:44 +00:00 committed by Gerrit Code Review
commit 48486544f3
2 changed files with 48 additions and 7 deletions

View File

@ -14,13 +14,15 @@
class AuthTestMixin(object):
"""To hold auth building helper functions."""
def _build_auth_scope(self, project_id=None, project_name=None,
project_domain_id=None, project_domain_name=None,
domain_id=None, domain_name=None, trust_id=None,
unscoped=None):
def _build_auth_scope(self, system=False, project_id=None,
project_name=None, project_domain_id=None,
project_domain_name=None, domain_id=None,
domain_name=None, trust_id=None, unscoped=None):
scope_data = {}
if unscoped:
scope_data['unscoped'] = {}
elif system:
scope_data['system'] = {'all': True}
elif project_id or project_name:
scope_data['project'] = {}
if project_id:

View File

@ -40,7 +40,8 @@ TIME_FORMAT = unit.TIME_FORMAT
class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase,
common_auth.AuthTestMixin):
def generate_token_schema(self, domain_scoped=False, project_scoped=False):
def generate_token_schema(self, system_scoped=False, domain_scoped=False,
project_scoped=False):
"""Return a dictionary of token properties to validate against."""
properties = {
'audit_ids': {
@ -99,7 +100,28 @@ class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase,
}
}
if domain_scoped:
if system_scoped:
properties['catalog'] = {'type': 'array'}
properties['system'] = {
'type': 'object',
'properties': {
'all': {'type': 'boolean'}
}
}
properties['roles'] = {
'type': 'array',
'items': {
'type': 'object',
'properties': {
'id': {'type': 'string', },
'name': {'type': 'string', },
},
'required': ['id', 'name', ],
'additionalProperties': False,
},
'minItems': 1,
}
elif domain_scoped:
properties['catalog'] = {'type': 'array'}
properties['roles'] = {
'type': 'array',
@ -156,7 +178,10 @@ class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase,
'additionalProperties': False
}
if domain_scoped:
if system_scoped:
schema['required'].extend(['system', 'roles'])
schema['optional'].append('catalog')
elif domain_scoped:
schema['required'].extend(['domain', 'roles'])
schema['optional'].append('catalog')
elif project_scoped:
@ -682,6 +707,20 @@ class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase,
return token
def assertValidSystemScopedTokenResponse(self, r, *args, **kwargs):
token = self.assertValidTokenResponse(r)
self.assertTrue(token['system']['all'])
system_scoped_token_schema = self.generate_token_schema(
system_scoped=True
)
validator_object = validators.SchemaValidator(
system_scoped_token_schema
)
validator_object.validate(token)
return token
def assertEqualTokens(self, a, b):
"""Assert that two tokens are equal.