Modify test_get_effective_quota test
The test_get_effective_quotas test uses key-manager:service-admin legacy role to get the effective quotas. Using a user with only this role should lead to an ERROR in an SRBAC environment. This patch changes the test so that it checks whether the ERROR occurred when the test tried to get quotas in SRBAC environment. Also, auth.tempest_roles = member was removed from tempest.conf as it is not necessary and causes a failure of the modified test and it might cause unwanted problems in the future. Change-Id: Ib106f5e760d3a5253968e2fe13ec576107a98c74
This commit is contained in:
parent
b5519a7015
commit
832692c4fb
|
@ -130,8 +130,6 @@
|
|||
enforce_scope: True
|
||||
test-config:
|
||||
$TEMPEST_CONFIG:
|
||||
auth:
|
||||
tempest_roles: member
|
||||
barbican_rbac_scope_verification:
|
||||
enforce_scope: True
|
||||
|
||||
|
|
|
@ -16,6 +16,7 @@ from barbican_tempest_plugin.tests.api import base
|
|||
|
||||
from tempest import config
|
||||
from tempest.lib import decorators
|
||||
from tempest.lib import exceptions
|
||||
|
||||
CONF = config.CONF
|
||||
|
||||
|
@ -25,14 +26,22 @@ class QuotasTest(base.BaseKeyManagerTest):
|
|||
|
||||
@decorators.idempotent_id('47ebc42b-0e53-4060-b1a1-55bee2c7c43f')
|
||||
def test_get_effective_quota(self):
|
||||
# Verify the default quota settings
|
||||
body = self.quota_client.get_default_project_quota()
|
||||
quotas = body.get('quotas')
|
||||
self.assertEqual(-1, quotas.get('secrets'))
|
||||
self.assertEqual(-1, quotas.get('cas'))
|
||||
self.assertEqual(-1, quotas.get('orders'))
|
||||
self.assertEqual(-1, quotas.get('containers'))
|
||||
self.assertEqual(-1, quotas.get('consumers'))
|
||||
if CONF.barbican_rbac_scope_verification.enforce_scope:
|
||||
# This test is using key-manager:service-admin legacy
|
||||
# role. User with only this role should get a Forbidden
|
||||
# error when trying to get effective quotas in SRBAC
|
||||
# environment.
|
||||
self.assertRaises(
|
||||
exceptions.Forbidden,
|
||||
self.quota_client.get_default_project_quota)
|
||||
else:
|
||||
body = self.quota_client.get_default_project_quota()
|
||||
quotas = body.get('quotas')
|
||||
self.assertEqual(-1, quotas.get('secrets'))
|
||||
self.assertEqual(-1, quotas.get('cas'))
|
||||
self.assertEqual(-1, quotas.get('orders'))
|
||||
self.assertEqual(-1, quotas.get('containers'))
|
||||
self.assertEqual(-1, quotas.get('consumers'))
|
||||
|
||||
|
||||
class ProjectQuotasTest(base.BaseKeyManagerTest):
|
||||
|
|
Loading…
Reference in New Issue