Merge "Fixes incorrect params"
This commit is contained in:
commit
f770e29829
|
@ -135,7 +135,7 @@ class TokenlessAuthHelper(provider_api.ProviderAPIMixin, object):
|
|||
group_ids.extend(
|
||||
utils.transform_to_group_ids(
|
||||
mapped_properties['group_names'], mapping_id,
|
||||
self.identity_api, self.assignment_api))
|
||||
self.identity_api, self.resource_api))
|
||||
roles = self.assignment_api.get_roles_for_groups(group_ids,
|
||||
project_id,
|
||||
domain_id)
|
||||
|
|
|
@ -1325,6 +1325,32 @@ MAPPING_FOR_EPHEMERAL_USER = {
|
|||
]
|
||||
}
|
||||
|
||||
MAPPING_FOR_EPHEMERAL_USER_AND_GROUP_DOMAIN_NAME = {
|
||||
'rules': [
|
||||
{
|
||||
'local': [
|
||||
{
|
||||
'user': {
|
||||
'name': '{0}',
|
||||
'type': 'ephemeral'
|
||||
},
|
||||
'group': {
|
||||
'name': 'dummy',
|
||||
'domain': {
|
||||
'name': 'dummy'
|
||||
}
|
||||
}
|
||||
}
|
||||
],
|
||||
'remote': [
|
||||
{
|
||||
'type': 'SSL_CLIENT_USER_NAME'
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
MAPPING_FOR_DEFAULT_EPHEMERAL_USER = {
|
||||
'rules': [
|
||||
{
|
||||
|
|
|
@ -544,6 +544,26 @@ class AuthContextMiddlewareTest(test_backend_sql.SqlTests,
|
|||
context = req.environ.get(authorization.AUTH_CONTEXT_ENV)
|
||||
self._assert_tokenless_auth_context(context, ephemeral_user=True)
|
||||
|
||||
def test_ephemeral_and_group_domain_name_mapping_success(self):
|
||||
env = {}
|
||||
env['SSL_CLIENT_I_DN'] = self.client_issuer
|
||||
env['HTTP_X_PROJECT_NAME'] = self.project_name
|
||||
env['HTTP_X_PROJECT_DOMAIN_NAME'] = self.domain_name
|
||||
env['SSL_CLIENT_USER_NAME'] = self.user['name']
|
||||
self.config_fixture.config(group='tokenless_auth',
|
||||
protocol='ephemeral')
|
||||
self.protocol_id = 'ephemeral'
|
||||
mapping = copy.deepcopy(
|
||||
mapping_fixtures.MAPPING_FOR_EPHEMERAL_USER_AND_GROUP_DOMAIN_NAME)
|
||||
mapping['rules'][0]['local'][0]['group']['name'] = self.group['name']
|
||||
mapping['rules'][0]['local'][0]['group']['domain']['name'] = \
|
||||
self.domain['name']
|
||||
self._load_mapping_rules(mapping)
|
||||
|
||||
req = self._do_middleware_request(extra_environ=env)
|
||||
context = req.environ.get(authorization.AUTH_CONTEXT_ENV)
|
||||
self._assert_tokenless_auth_context(context, ephemeral_user=True)
|
||||
|
||||
def test_ephemeral_with_default_user_type_success(self):
|
||||
env = {}
|
||||
env['SSL_CLIENT_I_DN'] = self.client_issuer
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
[`bug 1814589 <https://bugs.launchpad.net/keystone/+bug/1814589>`_]
|
||||
Fixes incorrect parameters passed into
|
||||
keystone.federation.utils.transform_to_group_ids() which resulted
|
||||
in HTTP 500 internal error.
|
Loading…
Reference in New Issue