Remove tenant membership during user deletion
Remove users' tenant membership on user deletion. Resolves a FK constraint issue that previously went unnoticed due to testing against database configurations that do not support FK constraints (MyISAM). Fixes LP bug 959294. Update: * Move tenant membership cleanup to the sql identity backend * Add a test case to test_backend_sql Change-Id: Ib4f5da03033f7886b36d1ab3b8b4ac37f08b2e0e
This commit is contained in:
parent
aa542c420a
commit
7d08d12cea
|
@ -327,7 +327,15 @@ class Identity(sql.Base, identity.Driver):
|
|||
def delete_user(self, user_id):
|
||||
session = self.get_session()
|
||||
user_ref = session.query(User).filter_by(id=user_id).first()
|
||||
membership_refs = session.query(UserTenantMembership)\
|
||||
.filter_by(user_id=user_id)\
|
||||
.all()
|
||||
|
||||
with session.begin():
|
||||
if membership_refs:
|
||||
for membership_ref in membership_refs:
|
||||
session.delete(membership_ref)
|
||||
|
||||
session.delete(user_ref)
|
||||
session.flush()
|
||||
|
||||
|
|
|
@ -37,6 +37,17 @@ class SqlIdentity(test.TestCase, test_backend.IdentityTests):
|
|||
self.identity_api = identity_sql.Identity()
|
||||
self.load_fixtures(default_fixtures)
|
||||
|
||||
def test_delete_user_with_tenant_association(self):
|
||||
user = {'id': 'fake',
|
||||
'name': 'fakeuser',
|
||||
'password': 'passwd'}
|
||||
self.identity_api.create_user('fake', user)
|
||||
self.identity_api.add_user_to_tenant(self.tenant_bar['id'],
|
||||
user['id'])
|
||||
self.identity_api.delete_user(user['id'])
|
||||
tenants = self.identity_api.get_tenants_for_user(user['id'])
|
||||
self.assertEquals(tenants, [])
|
||||
|
||||
|
||||
class SqlToken(test.TestCase, test_backend.TokenTests):
|
||||
def setUp(self):
|
||||
|
|
Loading…
Reference in New Issue