Use config fixture
Use the configuration fixture instead of the old opt_in_group and opt methods. Where possible the config_fixture usage done from within setUp has been moved to config_overrides() method. Notably a number of the Policy.json tests cannot be moved into config_overrides due to the need to control how and when policy data is loaded. Change-Id: I1662627cca30890cc3f3da83772132cec7bd58e0
This commit is contained in:
parent
82d910b8c5
commit
f01c2c4f05
@ -101,20 +101,21 @@ class LiveLDAPIdentity(test_backend_ldap.LDAPIdentity):
|
||||
create_object("ou=alt_users,%s" % CONF.ldap.user_tree_dn,
|
||||
aliased_users_ldif)
|
||||
|
||||
self.opt_in_group('ldap',
|
||||
query_scope='sub',
|
||||
alias_dereferencing='never')
|
||||
self.config_fixture.config(group='ldap',
|
||||
query_scope='sub',
|
||||
alias_dereferencing='never')
|
||||
self.identity_api = identity_ldap.Identity()
|
||||
self.assertRaises(exception.UserNotFound,
|
||||
self.identity_api.get_user,
|
||||
'alt_fake1')
|
||||
|
||||
self.opt_in_group('ldap', alias_dereferencing='searching')
|
||||
self.config_fixture.config(group='ldap',
|
||||
alias_dereferencing='searching')
|
||||
self.identity_api = identity_ldap.Identity()
|
||||
user_ref = self.identity_api.get_user('alt_fake1')
|
||||
self.assertEqual(user_ref['id'], 'alt_fake1')
|
||||
|
||||
self.opt_in_group('ldap', alias_dereferencing='always')
|
||||
self.config_fixture.config(group='ldap', alias_dereferencing='always')
|
||||
self.identity_api = identity_ldap.Identity()
|
||||
user_ref = self.identity_api.get_user('alt_fake1')
|
||||
self.assertEqual(user_ref['id'], 'alt_fake1')
|
||||
@ -200,7 +201,7 @@ class LiveLDAPIdentity(test_backend_ldap.LDAPIdentity):
|
||||
negative_user['id'])
|
||||
self.assertEqual(len(group_refs), 0)
|
||||
|
||||
self.opt_in_group('ldap', group_filter='(dn=xx)')
|
||||
self.config_fixture.config(group='ldap', group_filter='(dn=xx)')
|
||||
self.reload_backends(CONF.identity.default_domain_id)
|
||||
group_refs = self.identity_api.list_groups_for_user(
|
||||
positive_user['id'])
|
||||
@ -209,7 +210,8 @@ class LiveLDAPIdentity(test_backend_ldap.LDAPIdentity):
|
||||
negative_user['id'])
|
||||
self.assertEqual(len(group_refs), 0)
|
||||
|
||||
self.opt_in_group('ldap', group_filter='(objectclass=*)')
|
||||
self.config_fixture.config(group='ldap',
|
||||
group_filter='(objectclass=*)')
|
||||
self.reload_backends(CONF.identity.default_domain_id)
|
||||
group_refs = self.identity_api.list_groups_for_user(
|
||||
positive_user['id'])
|
||||
@ -219,8 +221,8 @@ class LiveLDAPIdentity(test_backend_ldap.LDAPIdentity):
|
||||
self.assertEqual(len(group_refs), 0)
|
||||
|
||||
def test_user_enable_attribute_mask(self):
|
||||
self.opt_in_group(
|
||||
'ldap',
|
||||
self.config_fixture.config(
|
||||
group='ldap',
|
||||
user_enabled_emulation=False,
|
||||
user_enabled_attribute='employeeType')
|
||||
super(LiveLDAPIdentity, self).test_user_enable_attribute_mask()
|
||||
|
@ -42,10 +42,10 @@ class LiveTLSLDAPIdentity(_ldap_livetest.LiveLDAPIdentity):
|
||||
tests.dirs.tests('backend_tls_liveldap.conf')])
|
||||
|
||||
def test_tls_certfile_demand_option(self):
|
||||
self.opt_in_group('ldap',
|
||||
use_tls=True,
|
||||
tls_cacertdir=None,
|
||||
tls_req_cert='demand')
|
||||
self.config_fixture.config(group='ldap',
|
||||
use_tls=True,
|
||||
tls_cacertdir=None,
|
||||
tls_req_cert='demand')
|
||||
self.identity_api = identity.backends.ldap.Identity()
|
||||
|
||||
user = {'id': 'fake1',
|
||||
@ -64,10 +64,10 @@ class LiveTLSLDAPIdentity(_ldap_livetest.LiveLDAPIdentity):
|
||||
'fake1')
|
||||
|
||||
def test_tls_certdir_demand_option(self):
|
||||
self.opt_in_group('ldap',
|
||||
use_tls=True,
|
||||
tls_cacertdir=None,
|
||||
tls_req_cert='demand')
|
||||
self.config_fixture.config(group='ldap',
|
||||
use_tls=True,
|
||||
tls_cacertdir=None,
|
||||
tls_req_cert='demand')
|
||||
self.identity_api = identity.backends.ldap.Identity()
|
||||
|
||||
user = {'id': 'fake1',
|
||||
@ -86,8 +86,8 @@ class LiveTLSLDAPIdentity(_ldap_livetest.LiveLDAPIdentity):
|
||||
'fake1')
|
||||
|
||||
def test_tls_bad_certfile(self):
|
||||
self.opt_in_group(
|
||||
'ldap',
|
||||
self.config_fixture.config(
|
||||
group='ldap',
|
||||
use_tls=True,
|
||||
tls_req_cert='demand',
|
||||
tls_cacertfile='/etc/keystone/ssl/certs/mythicalcert.pem',
|
||||
@ -101,8 +101,8 @@ class LiveTLSLDAPIdentity(_ldap_livetest.LiveLDAPIdentity):
|
||||
self.assertRaises(IOError, self.identity_api.create_user, 'fake', user)
|
||||
|
||||
def test_tls_bad_certdir(self):
|
||||
self.opt_in_group(
|
||||
'ldap',
|
||||
self.config_fixture.config(
|
||||
group='ldap',
|
||||
use_tls=True,
|
||||
tls_cacertfile=None,
|
||||
tls_req_cert='demand',
|
||||
|
@ -318,6 +318,9 @@ class TestCase(testtools.TestCase):
|
||||
def config_files(self):
|
||||
return copy.copy(self._config_file_list)
|
||||
|
||||
def config_overrides(self):
|
||||
self.config_fixture.config(policy_file=dirs.etc('policy.json'))
|
||||
|
||||
def setUp(self):
|
||||
super(TestCase, self).setUp()
|
||||
|
||||
@ -342,7 +345,8 @@ class TestCase(testtools.TestCase):
|
||||
self.exit_patch.mock.side_effect = UnexpectedExit
|
||||
self.config_fixture = self.useFixture(config_fixture.Config(CONF))
|
||||
self.config(self.config_files())
|
||||
self.opt(policy_file=dirs.etc('policy.json'))
|
||||
|
||||
self.config_overrides()
|
||||
|
||||
self.logger = self.useFixture(fixtures.FakeLogger(level=logging.DEBUG))
|
||||
warnings.filterwarnings('ignore', category=DeprecationWarning)
|
||||
@ -366,14 +370,6 @@ class TestCase(testtools.TestCase):
|
||||
def config(self, config_files):
|
||||
CONF(args=[], project='keystone', default_config_files=config_files)
|
||||
|
||||
def opt_in_group(self, group, **kw):
|
||||
for k, v in six.iteritems(kw):
|
||||
CONF.set_override(k, v, group)
|
||||
|
||||
def opt(self, **kw):
|
||||
for k, v in six.iteritems(kw):
|
||||
CONF.set_override(k, v)
|
||||
|
||||
def load_backends(self):
|
||||
"""Initializes each manager and assigns them to an attribute."""
|
||||
|
||||
|
@ -386,7 +386,7 @@ class AuthWithToken(AuthTest):
|
||||
token_id=scoped_token_id)
|
||||
|
||||
def test_token_auth_with_binding(self):
|
||||
self.opt_in_group('token', bind=['kerberos'])
|
||||
self.config_fixture.config(group='token', bind=['kerberos'])
|
||||
body_dict = _build_user_auth()
|
||||
unscoped_token = self.controller.authenticate(
|
||||
self.context_with_remote_user, body_dict)
|
||||
@ -506,7 +506,7 @@ class AuthWithPasswordCredentials(AuthTest):
|
||||
{}, body_dict)
|
||||
|
||||
def test_bind_without_remote_user(self):
|
||||
self.opt_in_group('token', bind=['kerberos'])
|
||||
self.config_fixture.config(group='token', bind=['kerberos'])
|
||||
body_dict = _build_user_auth(username='FOO', password='foo2',
|
||||
tenant_name='BAR')
|
||||
token = self.controller.authenticate({}, body_dict)
|
||||
@ -543,7 +543,8 @@ class AuthWithPasswordCredentials(AuthTest):
|
||||
|
||||
# 3) Update the default_domain_id config option to the new domain
|
||||
|
||||
self.opt_in_group('identity', default_domain_id=new_domain_id)
|
||||
self.config_fixture.config(group='identity',
|
||||
default_domain_id=new_domain_id)
|
||||
|
||||
# 4) Authenticate as "foo" using the password in the new domain.
|
||||
|
||||
@ -622,14 +623,14 @@ class AuthWithRemoteUser(AuthTest):
|
||||
body_dict)
|
||||
|
||||
def test_bind_with_kerberos(self):
|
||||
self.opt_in_group('token', bind=['kerberos'])
|
||||
self.config_fixture.config(group='token', bind=['kerberos'])
|
||||
body_dict = _build_user_auth(tenant_name="BAR")
|
||||
token = self.controller.authenticate(self.context_with_remote_user,
|
||||
body_dict)
|
||||
self.assertEqual('FOO', token['access']['token']['bind']['kerberos'])
|
||||
|
||||
def test_bind_without_config_opt(self):
|
||||
self.opt_in_group('token', bind=['x509'])
|
||||
self.config_fixture.config(group='token', bind=['x509'])
|
||||
body_dict = _build_user_auth(tenant_name='BAR')
|
||||
token = self.controller.authenticate(self.context_with_remote_user,
|
||||
body_dict)
|
||||
@ -639,7 +640,6 @@ class AuthWithRemoteUser(AuthTest):
|
||||
class AuthWithTrust(AuthTest):
|
||||
def setUp(self):
|
||||
super(AuthWithTrust, self).setUp()
|
||||
self.opt_in_group('trust', enabled=True)
|
||||
|
||||
trust.Manager()
|
||||
self.trust_controller = trust.controllers.TrustV3()
|
||||
@ -663,6 +663,10 @@ class AuthWithTrust(AuthTest):
|
||||
fmt=TIME_FORMAT)
|
||||
self.create_trust(expires_at=expires_at)
|
||||
|
||||
def config_overrides(self):
|
||||
super(AuthWithTrust, self).config_overrides()
|
||||
self.config_fixture.config(group='trust', enabled=True)
|
||||
|
||||
def _create_auth_context(self, token_id):
|
||||
token_ref = self.token_api.get_token(token_id)
|
||||
auth_context = authorization.token_to_auth_context(
|
||||
@ -954,13 +958,14 @@ class TokenExpirationTest(AuthTest):
|
||||
self.assertEqual(original_expiration, r['access']['token']['expires'])
|
||||
|
||||
def test_maintain_uuid_token_expiration(self):
|
||||
self.opt_in_group('signing', token_format='UUID')
|
||||
self.config_fixture.config(group='signing', token_format='UUID')
|
||||
self._maintain_token_expiration()
|
||||
|
||||
|
||||
class NonDefaultAuthTest(tests.TestCase):
|
||||
|
||||
def test_add_non_default_auth_method(self):
|
||||
self.opt_in_group('auth', methods=['password', 'token', 'custom'])
|
||||
self.config_fixture.config(group='auth',
|
||||
methods=['password', 'token', 'custom'])
|
||||
config.setup_authentication()
|
||||
self.assertTrue(hasattr(CONF.auth, 'custom'))
|
||||
|
@ -133,8 +133,8 @@ class TestByClassNameAuthMethodRegistration(TestAuthPlugin):
|
||||
|
||||
class TestInvalidAuthMethodRegistration(tests.TestCase):
|
||||
def test_duplicate_auth_method_registration(self):
|
||||
self.opt_in_group(
|
||||
'auth',
|
||||
self.config_fixture.config(
|
||||
group='auth',
|
||||
methods=[
|
||||
'keystone.tests.test_auth_plugin.SimpleChallengeResponse',
|
||||
'keystone.tests.test_auth_plugin.DuplicateAuthPlugin'])
|
||||
@ -142,8 +142,8 @@ class TestInvalidAuthMethodRegistration(tests.TestCase):
|
||||
self.assertRaises(ValueError, auth.controllers.load_auth_methods)
|
||||
|
||||
def test_no_method_attribute_auth_method_by_class_name_registration(self):
|
||||
self.opt_in_group(
|
||||
'auth',
|
||||
self.config_fixture.config(
|
||||
group='auth',
|
||||
methods=['keystone.tests.test_auth_plugin.NoMethodAuthPlugin'])
|
||||
self.clear_auth_plugin_registry()
|
||||
self.assertRaises(ValueError, auth.controllers.load_auth_methods)
|
||||
@ -162,9 +162,9 @@ class TestInvalidAuthMethodRegistration(tests.TestCase):
|
||||
# Guarantee we register the option we expect to unregister in cleanup
|
||||
config.CONF.register_opt(test_opt, 'auth')
|
||||
|
||||
self.opt_in_group('auth', methods=['test'])
|
||||
self.opt_in_group(
|
||||
'auth',
|
||||
self.config_fixture.config(group='auth', methods=['test'])
|
||||
self.config_fixture.config(
|
||||
group='auth',
|
||||
test='keystone.tests.test_auth_plugin.MismatchedAuthPlugin')
|
||||
|
||||
self.clear_auth_plugin_registry()
|
||||
|
@ -3782,7 +3782,7 @@ class InheritanceTests(object):
|
||||
inherited should not show up
|
||||
|
||||
"""
|
||||
self.opt_in_group('os_inherit', enabled=True)
|
||||
self.config_fixture.config(group='os_inherit', enabled=True)
|
||||
role_list = []
|
||||
for _ in range(3):
|
||||
role = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
@ -3857,7 +3857,7 @@ class InheritanceTests(object):
|
||||
direct and two by virtue of inherited group roles
|
||||
|
||||
"""
|
||||
self.opt_in_group('os_inherit', enabled=True)
|
||||
self.config_fixture.config(group='os_inherit', enabled=True)
|
||||
role_list = []
|
||||
for _ in range(4):
|
||||
role = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
@ -3935,7 +3935,7 @@ class InheritanceTests(object):
|
||||
- Get a list of projects for user, should return all three projects
|
||||
|
||||
"""
|
||||
self.opt_in_group('os_inherit', enabled=True)
|
||||
self.config_fixture.config(group='os_inherit', enabled=True)
|
||||
domain = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
user1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
|
||||
@ -3979,7 +3979,7 @@ class InheritanceTests(object):
|
||||
from the domain, plus the one separate project
|
||||
|
||||
"""
|
||||
self.opt_in_group('os_inherit', enabled=True)
|
||||
self.config_fixture.config(group='os_inherit', enabled=True)
|
||||
domain = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
domain2 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
@ -4184,7 +4184,7 @@ class LimitTests(filtering.FilterTests):
|
||||
self._delete_test_data(entity, self.domain1_entity_lists[entity])
|
||||
|
||||
def _test_list_entity_filtered_and_limited(self, entity):
|
||||
self.opt(list_limit=10)
|
||||
self.config_fixture.config(list_limit=10)
|
||||
# Should get back just 10 entities in domain1
|
||||
hints = driver_hints.Hints()
|
||||
hints.add_filter('domain_id', self.domain1['id'])
|
||||
@ -4195,9 +4195,9 @@ class LimitTests(filtering.FilterTests):
|
||||
|
||||
# Override with driver specific limit
|
||||
if entity == 'project':
|
||||
self.opt_in_group('assignment', list_limit=5)
|
||||
self.config_fixture.config(group='assignment', list_limit=5)
|
||||
else:
|
||||
self.opt_in_group('identity', list_limit=5)
|
||||
self.config_fixture.config(group='identity', list_limit=5)
|
||||
|
||||
# Should get back just 5 users in domain1
|
||||
hints = driver_hints.Hints()
|
||||
|
@ -26,12 +26,15 @@ from keystone.tests import test_backend
|
||||
class KvsIdentity(tests.TestCase, test_backend.IdentityTests):
|
||||
def setUp(self):
|
||||
super(KvsIdentity, self).setUp()
|
||||
self.opt_in_group(
|
||||
'identity',
|
||||
driver='keystone.identity.backends.kvs.Identity')
|
||||
self.load_backends()
|
||||
self.load_fixtures(default_fixtures)
|
||||
|
||||
def config_overrides(self):
|
||||
super(KvsIdentity, self).config_overrides()
|
||||
self.config_fixture.config(
|
||||
group='identity',
|
||||
driver='keystone.identity.backends.kvs.Identity')
|
||||
|
||||
def test_list_projects_for_user_with_grants(self):
|
||||
self.skipTest('kvs backend is now deprecated')
|
||||
|
||||
@ -66,11 +69,14 @@ class KvsIdentity(tests.TestCase, test_backend.IdentityTests):
|
||||
class KvsToken(tests.TestCase, test_backend.TokenTests):
|
||||
def setUp(self):
|
||||
super(KvsToken, self).setUp()
|
||||
self.opt_in_group(
|
||||
'identity',
|
||||
driver='keystone.identity.backends.kvs.Identity')
|
||||
self.load_backends()
|
||||
|
||||
def config_overrides(self):
|
||||
super(KvsToken, self).config_overrides()
|
||||
self.config_fixture.config(
|
||||
group='identity',
|
||||
driver='keystone.identity.backends.kvs.Identity')
|
||||
|
||||
def test_flush_expired_token(self):
|
||||
self.assertRaises(exception.NotImplemented,
|
||||
self.token_api.flush_expired_tokens)
|
||||
@ -142,34 +148,40 @@ class KvsToken(tests.TestCase, test_backend.TokenTests):
|
||||
class KvsTrust(tests.TestCase, test_backend.TrustTests):
|
||||
def setUp(self):
|
||||
super(KvsTrust, self).setUp()
|
||||
self.opt_in_group(
|
||||
'identity',
|
||||
driver='keystone.identity.backends.kvs.Identity')
|
||||
self.opt_in_group(
|
||||
'trust',
|
||||
driver='keystone.trust.backends.kvs.Trust')
|
||||
self.opt_in_group(
|
||||
'catalog',
|
||||
driver='keystone.catalog.backends.kvs.Catalog')
|
||||
self.load_backends()
|
||||
self.load_fixtures(default_fixtures)
|
||||
|
||||
def config_overrides(self):
|
||||
super(KvsTrust, self).config_overrides()
|
||||
self.config_fixture.config(
|
||||
group='identity',
|
||||
driver='keystone.identity.backends.kvs.Identity')
|
||||
self.config_fixture.config(
|
||||
group='trust',
|
||||
driver='keystone.trust.backends.kvs.Trust')
|
||||
self.config_fixture.config(
|
||||
group='catalog',
|
||||
driver='keystone.catalog.backends.kvs.Catalog')
|
||||
|
||||
|
||||
class KvsCatalog(tests.TestCase, test_backend.CatalogTests):
|
||||
def setUp(self):
|
||||
super(KvsCatalog, self).setUp()
|
||||
self.opt_in_group(
|
||||
'identity',
|
||||
driver='keystone.identity.backends.kvs.Identity')
|
||||
self.opt_in_group(
|
||||
'trust',
|
||||
driver='keystone.trust.backends.kvs.Trust')
|
||||
self.opt_in_group(
|
||||
'catalog',
|
||||
driver='keystone.catalog.backends.kvs.Catalog')
|
||||
self.load_backends()
|
||||
self._load_fake_catalog()
|
||||
|
||||
def config_overrides(self):
|
||||
super(KvsCatalog, self).config_overrides()
|
||||
self.config_fixture.config(
|
||||
group='identity',
|
||||
driver='keystone.identity.backends.kvs.Identity')
|
||||
self.config_fixture.config(
|
||||
group='trust',
|
||||
driver='keystone.trust.backends.kvs.Trust')
|
||||
self.config_fixture.config(
|
||||
group='catalog',
|
||||
driver='keystone.catalog.backends.kvs.Catalog')
|
||||
|
||||
def _load_fake_catalog(self):
|
||||
self.catalog_foobar = self.catalog_api.driver._create_catalog(
|
||||
'foo', 'bar',
|
||||
@ -197,11 +209,14 @@ class KvsTokenCacheInvalidation(tests.TestCase,
|
||||
test_backend.TokenCacheInvalidation):
|
||||
def setUp(self):
|
||||
super(KvsTokenCacheInvalidation, self).setUp()
|
||||
self.opt_in_group(
|
||||
'identity',
|
||||
driver='keystone.identity.backends.kvs.Identity')
|
||||
self.opt_in_group(
|
||||
'token',
|
||||
driver='keystone.token.backends.kvs.Token')
|
||||
self.load_backends()
|
||||
self._create_test_data()
|
||||
|
||||
def config_overrides(self):
|
||||
super(KvsTokenCacheInvalidation, self).config_overrides()
|
||||
self.config_fixture.config(
|
||||
group='identity',
|
||||
driver='keystone.identity.backends.kvs.Identity')
|
||||
self.config_fixture.config(
|
||||
group='token',
|
||||
driver='keystone.token.backends.kvs.Token')
|
||||
|
@ -422,7 +422,8 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
|
||||
# returned by list_domains changes is the new default_domain_id.
|
||||
|
||||
new_domain_id = uuid.uuid4().hex
|
||||
self.opt_in_group('identity', default_domain_id=new_domain_id)
|
||||
self.config_fixture.config(group='identity',
|
||||
default_domain_id=new_domain_id)
|
||||
|
||||
domains = self.assignment_api.list_domains()
|
||||
|
||||
@ -540,7 +541,7 @@ class LDAPIdentity(tests.TestCase, BaseLDAPIdentity):
|
||||
'fake1')
|
||||
|
||||
def test_configurable_subtree_delete(self):
|
||||
self.opt_in_group('ldap', allow_subtree_delete=True)
|
||||
self.config_fixture.config(group='ldap', allow_subtree_delete=True)
|
||||
self.load_backends()
|
||||
|
||||
project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
|
||||
@ -1121,9 +1122,6 @@ class LDAPIdentityEnabledEmulation(LDAPIdentity):
|
||||
self.config([tests.dirs.etc('keystone.conf.sample'),
|
||||
tests.dirs.tests('test_overrides.conf'),
|
||||
tests.dirs.tests('backend_ldap.conf')])
|
||||
self.opt_in_group('ldap',
|
||||
user_enabled_emulation=True,
|
||||
tenant_enabled_emulation=True)
|
||||
self.clear_database()
|
||||
self.load_backends()
|
||||
self.load_fixtures(default_fixtures)
|
||||
@ -1131,6 +1129,12 @@ class LDAPIdentityEnabledEmulation(LDAPIdentity):
|
||||
self.user_two, self.user_badguy]:
|
||||
obj.setdefault('enabled', True)
|
||||
|
||||
def config_overrides(self):
|
||||
super(LDAPIdentityEnabledEmulation, self).config_overrides()
|
||||
self.config_fixture.config(group='ldap',
|
||||
user_enabled_emulation=True,
|
||||
tenant_enabled_emulation=True)
|
||||
|
||||
def test_project_crud(self):
|
||||
# NOTE(topol): LDAPIdentityEnabledEmulation will create an
|
||||
# enabled key in the project dictionary so this
|
||||
@ -1229,7 +1233,8 @@ class LdapIdentitySqlAssignment(tests.TestCase, BaseLDAPIdentity):
|
||||
orig_default_domain_id = CONF.identity.default_domain_id
|
||||
|
||||
new_domain_id = uuid.uuid4().hex
|
||||
self.opt_in_group('identity', default_domain_id=new_domain_id)
|
||||
self.config_fixture.config(group='identity',
|
||||
default_domain_id=new_domain_id)
|
||||
|
||||
domains = self.assignment_api.list_domains()
|
||||
|
||||
@ -1288,9 +1293,9 @@ class MultiLDAPandSQLIdentity(tests.TestCase, BaseLDAPIdentity):
|
||||
# All initial domain data setup complete, time to switch on support
|
||||
# for separate backends per domain.
|
||||
|
||||
self.opt_in_group('identity',
|
||||
domain_specific_drivers_enabled=True,
|
||||
domain_config_dir=tests.TESTSDIR)
|
||||
self.config_fixture.config(group='identity',
|
||||
domain_specific_drivers_enabled=True,
|
||||
domain_config_dir=tests.TESTSDIR)
|
||||
|
||||
self._set_domain_configs()
|
||||
self.clear_database()
|
||||
|
@ -48,10 +48,14 @@ class TestTemplatedCatalog(tests.TestCase, test_backend.CatalogTests):
|
||||
|
||||
def setUp(self):
|
||||
super(TestTemplatedCatalog, self).setUp()
|
||||
self.opt_in_group('catalog', template_file=DEFAULT_CATALOG_TEMPLATES)
|
||||
self.load_backends()
|
||||
self.load_fixtures(default_fixtures)
|
||||
|
||||
def config_overrides(self):
|
||||
super(TestTemplatedCatalog, self).config_overrides()
|
||||
self.config_fixture.config(group='catalog',
|
||||
template_file=DEFAULT_CATALOG_TEMPLATES)
|
||||
|
||||
def test_get_catalog(self):
|
||||
catalog_ref = self.catalog_api.get_catalog('foo', 'bar')
|
||||
self.assertDictEqual(catalog_ref, self.DEFAULT_FIXTURE)
|
||||
|
@ -81,16 +81,8 @@ class CacheRegionTest(tests.TestCase):
|
||||
self.test_value = TestProxyValue('Decorator Test')
|
||||
|
||||
def _add_test_caching_option(self):
|
||||
test_cache_opt = config.config.cfg.BoolOpt('caching', default=True)
|
||||
|
||||
def reset_and_unregister_opt():
|
||||
# NOTE(morganfainberg): Reset is required before unregistering
|
||||
# arguments or ArgsAlreadyParsedError is raised.
|
||||
CONF.reset()
|
||||
CONF.unregister_opt(test_cache_opt, group='cache')
|
||||
|
||||
self.addCleanup(reset_and_unregister_opt)
|
||||
CONF.register_opt(test_cache_opt, group='cache')
|
||||
self.config_fixture.register_opt(
|
||||
config.config.cfg.BoolOpt('caching', default=True), group='cache')
|
||||
|
||||
def _get_cacheable_function(self):
|
||||
SHOULD_CACHE_FN = cache.should_cache_fn('cache')
|
||||
@ -118,7 +110,7 @@ class CacheRegionTest(tests.TestCase):
|
||||
# functions as expected with caching globally enabled.
|
||||
cacheable_function = self._get_cacheable_function()
|
||||
|
||||
self.opt_in_group('cache', enabled=True)
|
||||
self.config_fixture.config(group='cache', enabled=True)
|
||||
cacheable_function(self.test_value)
|
||||
cached_value = cacheable_function(self.test_value)
|
||||
self.assertTrue(cached_value.cached)
|
||||
@ -128,7 +120,7 @@ class CacheRegionTest(tests.TestCase):
|
||||
# functions as expected with caching globally disabled.
|
||||
cacheable_function = self._get_cacheable_function()
|
||||
|
||||
self.opt_in_group('cache', enabled=False)
|
||||
self.config_fixture.config(group='cache', enabled=False)
|
||||
cacheable_function(self.test_value)
|
||||
cached_value = cacheable_function(self.test_value)
|
||||
self.assertFalse(cached_value.cached)
|
||||
@ -140,8 +132,8 @@ class CacheRegionTest(tests.TestCase):
|
||||
cacheable_function = self._get_cacheable_function()
|
||||
|
||||
self._add_test_caching_option()
|
||||
self.opt_in_group('cache', enabled=False)
|
||||
self.opt_in_group('cache', caching=True)
|
||||
self.config_fixture.config(group='cache', enabled=False)
|
||||
self.config_fixture.config(group='cache', caching=True)
|
||||
|
||||
cacheable_function(self.test_value)
|
||||
cached_value = cacheable_function(self.test_value)
|
||||
@ -154,8 +146,8 @@ class CacheRegionTest(tests.TestCase):
|
||||
cacheable_function = self._get_cacheable_function()
|
||||
|
||||
self._add_test_caching_option()
|
||||
self.opt_in_group('cache', enabled=True)
|
||||
self.opt_in_group('cache', caching=False)
|
||||
self.config_fixture.config(group='cache', enabled=True)
|
||||
self.config_fixture.config(group='cache', caching=False)
|
||||
|
||||
cacheable_function(self.test_value)
|
||||
cached_value = cacheable_function(self.test_value)
|
||||
@ -168,8 +160,8 @@ class CacheRegionTest(tests.TestCase):
|
||||
cacheable_function = self._get_cacheable_function()
|
||||
|
||||
self._add_test_caching_option()
|
||||
self.opt_in_group('cache', enabled=True)
|
||||
self.opt_in_group('cache', caching=True)
|
||||
self.config_fixture.config(group='cache', enabled=True)
|
||||
self.config_fixture.config(group='cache', caching=True)
|
||||
|
||||
cacheable_function(self.test_value)
|
||||
cached_value = cacheable_function(self.test_value)
|
||||
@ -177,12 +169,13 @@ class CacheRegionTest(tests.TestCase):
|
||||
|
||||
def test_cache_dictionary_config_builder(self):
|
||||
"""Validate we build a sane dogpile.cache dictionary config."""
|
||||
self.opt_in_group('cache',
|
||||
config_prefix='test_prefix',
|
||||
backend='some_test_backend',
|
||||
expiration_time=86400,
|
||||
backend_argument=['arg1:test', 'arg2:test:test',
|
||||
'arg3.invalid'])
|
||||
self.config_fixture.config(group='cache',
|
||||
config_prefix='test_prefix',
|
||||
backend='some_test_backend',
|
||||
expiration_time=86400,
|
||||
backend_argument=['arg1:test',
|
||||
'arg2:test:test',
|
||||
'arg3.invalid'])
|
||||
|
||||
config_dict = cache.build_cache_config()
|
||||
self.assertEqual(
|
||||
@ -227,9 +220,13 @@ class CacheNoopBackendTest(tests.TestCase):
|
||||
def setUp(self):
|
||||
super(CacheNoopBackendTest, self).setUp()
|
||||
self.region = cache.make_region()
|
||||
self.opt_in_group('cache', backend='keystone.common.cache.noop')
|
||||
cache.configure_cache_region(self.region)
|
||||
|
||||
def config_overrides(self):
|
||||
super(CacheNoopBackendTest, self).config_overrides()
|
||||
self.config_fixture.config(group='cache',
|
||||
backend='keystone.common.cache.noop')
|
||||
|
||||
def test_noop_backend(self):
|
||||
single_value = 'Test Value'
|
||||
single_key = 'testkey'
|
||||
|
@ -37,22 +37,6 @@ class CertSetupTestCase(rest.RestfulTestCase):
|
||||
|
||||
def setUp(self):
|
||||
super(CertSetupTestCase, self).setUp()
|
||||
ca_certs = os.path.join(CERTDIR, 'ca.pem')
|
||||
ca_key = os.path.join(CERTDIR, 'cakey.pem')
|
||||
|
||||
self.opt_in_group(
|
||||
'signing',
|
||||
certfile=os.path.join(CERTDIR, 'signing_cert.pem'),
|
||||
ca_certs=ca_certs,
|
||||
ca_key=ca_key,
|
||||
keyfile=os.path.join(KEYDIR, 'signing_key.pem'))
|
||||
self.opt_in_group(
|
||||
'ssl',
|
||||
ca_certs=ca_certs,
|
||||
ca_key=ca_key,
|
||||
certfile=os.path.join(CERTDIR, 'keystone.pem'),
|
||||
keyfile=os.path.join(KEYDIR, 'keystonekey.pem'))
|
||||
|
||||
self.load_backends()
|
||||
self.load_fixtures(default_fixtures)
|
||||
self.controller = token.controllers.Auth()
|
||||
@ -65,8 +49,26 @@ class CertSetupTestCase(rest.RestfulTestCase):
|
||||
|
||||
self.addCleanup(cleanup_ssldir)
|
||||
|
||||
def config_overrides(self):
|
||||
super(CertSetupTestCase, self).config_overrides()
|
||||
ca_certs = os.path.join(CERTDIR, 'ca.pem')
|
||||
ca_key = os.path.join(CERTDIR, 'cakey.pem')
|
||||
|
||||
self.config_fixture.config(
|
||||
group='signing',
|
||||
certfile=os.path.join(CERTDIR, 'signing_cert.pem'),
|
||||
ca_certs=ca_certs,
|
||||
ca_key=ca_key,
|
||||
keyfile=os.path.join(KEYDIR, 'signing_key.pem'))
|
||||
self.config_fixture.config(
|
||||
group='ssl',
|
||||
ca_certs=ca_certs,
|
||||
ca_key=ca_key,
|
||||
certfile=os.path.join(CERTDIR, 'keystone.pem'),
|
||||
keyfile=os.path.join(KEYDIR, 'keystonekey.pem'))
|
||||
|
||||
def test_can_handle_missing_certs(self):
|
||||
self.opt_in_group('signing', certfile='invalid')
|
||||
self.config_fixture.config(group='signing', certfile='invalid')
|
||||
user = {
|
||||
'id': 'fake1',
|
||||
'name': 'fake1',
|
||||
|
@ -26,10 +26,11 @@ class ConfigTestCase(tests.TestCase):
|
||||
def test_paste_config(self):
|
||||
self.assertEqual(config.find_paste_config(),
|
||||
tests.dirs.etc('keystone-paste.ini'))
|
||||
self.opt_in_group('paste_deploy', config_file=uuid.uuid4().hex)
|
||||
self.config_fixture.config(group='paste_deploy',
|
||||
config_file=uuid.uuid4().hex)
|
||||
self.assertRaises(exception.ConfigFileNotFound,
|
||||
config.find_paste_config)
|
||||
self.opt_in_group('paste_deploy', config_file='')
|
||||
self.config_fixture.config(group='paste_deploy', config_file='')
|
||||
self.assertEqual(config.find_paste_config(),
|
||||
tests.dirs.etc('keystone.conf.sample'))
|
||||
|
||||
|
@ -46,9 +46,9 @@ class TestSimpleCert(BaseTestCase):
|
||||
|
||||
def test_missing_file(self):
|
||||
# these files do not exist
|
||||
self.opt_in_group('signing',
|
||||
ca_certs=uuid.uuid4().hex,
|
||||
certfile=uuid.uuid4().hex)
|
||||
self.config_fixture.config(group='signing',
|
||||
ca_certs=uuid.uuid4().hex,
|
||||
certfile=uuid.uuid4().hex)
|
||||
|
||||
for path in [self.CA_PATH, self.CERT_PATH]:
|
||||
self.request(app=self.public_app,
|
||||
@ -59,11 +59,11 @@ class TestSimpleCert(BaseTestCase):
|
||||
|
||||
class UUIDSimpleCertTests(BaseTestCase):
|
||||
|
||||
def setUp(self):
|
||||
uuid_provider = 'keystone.token.providers.uuid.Provider'
|
||||
self.opt_in_group('token', provider=uuid_provider)
|
||||
|
||||
super(UUIDSimpleCertTests, self).setUp()
|
||||
def config_overrides(self):
|
||||
super(UUIDSimpleCertTests, self).config_overrides()
|
||||
self.config_fixture.config(
|
||||
group='token',
|
||||
provider='keystone.token.providers.uuid.Provider')
|
||||
|
||||
def test_using_uuid_controller(self):
|
||||
for path in [self.CA_PATH, self.CERT_PATH]:
|
||||
|
@ -103,7 +103,7 @@ class ExceptionTestCase(tests.TestCase):
|
||||
class SecurityErrorTestCase(ExceptionTestCase):
|
||||
"""Tests whether security-related info is exposed to the API user."""
|
||||
def test_unauthorized_exposure(self):
|
||||
self.opt(debug=False)
|
||||
self.config_fixture.config(debug=False)
|
||||
|
||||
risky_info = uuid.uuid4().hex
|
||||
e = exception.Unauthorized(message=risky_info)
|
||||
@ -111,7 +111,7 @@ class SecurityErrorTestCase(ExceptionTestCase):
|
||||
self.assertNotIn(risky_info, six.text_type(e))
|
||||
|
||||
def test_unauthorized_exposure_in_debug(self):
|
||||
self.opt(debug=True)
|
||||
self.config_fixture.config(debug=True)
|
||||
|
||||
risky_info = uuid.uuid4().hex
|
||||
e = exception.Unauthorized(message=risky_info)
|
||||
@ -119,7 +119,7 @@ class SecurityErrorTestCase(ExceptionTestCase):
|
||||
self.assertIn(risky_info, six.text_type(e))
|
||||
|
||||
def test_forbidden_exposure(self):
|
||||
self.opt(debug=False)
|
||||
self.config_fixture.config(debug=False)
|
||||
|
||||
risky_info = uuid.uuid4().hex
|
||||
e = exception.Forbidden(message=risky_info)
|
||||
@ -127,7 +127,7 @@ class SecurityErrorTestCase(ExceptionTestCase):
|
||||
self.assertNotIn(risky_info, six.text_type(e))
|
||||
|
||||
def test_forbidden_exposure_in_debug(self):
|
||||
self.opt(debug=True)
|
||||
self.config_fixture.config(debug=True)
|
||||
|
||||
risky_info = uuid.uuid4().hex
|
||||
e = exception.Forbidden(message=risky_info)
|
||||
@ -135,7 +135,7 @@ class SecurityErrorTestCase(ExceptionTestCase):
|
||||
self.assertIn(risky_info, six.text_type(e))
|
||||
|
||||
def test_forbidden_action_exposure(self):
|
||||
self.opt(debug=False)
|
||||
self.config_fixture.config(debug=False)
|
||||
|
||||
risky_info = uuid.uuid4().hex
|
||||
action = uuid.uuid4().hex
|
||||
@ -149,7 +149,7 @@ class SecurityErrorTestCase(ExceptionTestCase):
|
||||
self.assertIn(risky_info, six.text_type(e))
|
||||
|
||||
def test_forbidden_action_exposure_in_debug(self):
|
||||
self.opt(debug=True)
|
||||
self.config_fixture.config(debug=True)
|
||||
|
||||
risky_info = uuid.uuid4().hex
|
||||
|
||||
@ -162,7 +162,7 @@ class SecurityErrorTestCase(ExceptionTestCase):
|
||||
self.assertIn(risky_info, six.text_type(e))
|
||||
|
||||
def test_unicode_argument_message(self):
|
||||
self.opt(debug=False)
|
||||
self.config_fixture.config(debug=False)
|
||||
|
||||
risky_info = u'\u7ee7\u7eed\u884c\u7f29\u8fdb\u6216'
|
||||
e = exception.Forbidden(message=risky_info)
|
||||
|
@ -225,7 +225,7 @@ class KVSTest(tests.TestCase):
|
||||
|
||||
def test_kvs_key_mangler_configuration_disabled(self):
|
||||
# Test that no key_mangler is set if enable_key_mangler is false
|
||||
self.opt_in_group('kvs', enable_key_mangler=False)
|
||||
self.config_fixture.config(group='kvs', enable_key_mangler=False)
|
||||
kvs = self._get_kvs_region()
|
||||
kvs.configure('openstack.kvs.Memory')
|
||||
|
||||
@ -288,7 +288,7 @@ class KVSTest(tests.TestCase):
|
||||
def test_kvs_locking_context_handler(self):
|
||||
# Make sure we're creating the correct key/value pairs for the backend
|
||||
# distributed locking mutex.
|
||||
self.opt_in_group('kvs', enable_key_mangler=False)
|
||||
self.config_fixture.config(group='kvs', enable_key_mangler=False)
|
||||
kvs = self._get_kvs_region()
|
||||
kvs.configure('openstack.kvs.KVSBackendFixture')
|
||||
|
||||
@ -303,7 +303,7 @@ class KVSTest(tests.TestCase):
|
||||
def test_kvs_locking_context_handler_locking_disabled(self):
|
||||
# Make sure no creation of key/value pairs for the backend
|
||||
# distributed locking mutex occurs if locking is disabled.
|
||||
self.opt_in_group('kvs', enable_key_mangler=False)
|
||||
self.config_fixture.config(group='kvs', enable_key_mangler=False)
|
||||
kvs = self._get_kvs_region()
|
||||
kvs.configure('openstack.kvs.KVSBackendFixture', locking=False)
|
||||
lock_key = '_lock' + self.key_foo
|
||||
@ -369,7 +369,7 @@ class KVSTest(tests.TestCase):
|
||||
def test_kvs_with_lock_action_context_manager(self):
|
||||
# Make sure we're creating the correct key/value pairs for the backend
|
||||
# distributed locking mutex.
|
||||
self.opt_in_group('kvs', enable_key_mangler=False)
|
||||
self.config_fixture.config(group='kvs', enable_key_mangler=False)
|
||||
kvs = self._get_kvs_region()
|
||||
kvs.configure('openstack.kvs.KVSBackendFixture')
|
||||
|
||||
@ -386,7 +386,7 @@ class KVSTest(tests.TestCase):
|
||||
def test_kvs_with_lock_action_context_manager_no_lock(self):
|
||||
# Make sure we're not locking unless an actual lock is passed into the
|
||||
# context manager
|
||||
self.opt_in_group('kvs', enable_key_mangler=False)
|
||||
self.config_fixture.config(group='kvs', enable_key_mangler=False)
|
||||
kvs = self._get_kvs_region()
|
||||
kvs.configure('openstack.kvs.KVSBackendFixture')
|
||||
|
||||
@ -472,7 +472,7 @@ class KVSTest(tests.TestCase):
|
||||
# Test the "set_arguments" (arguments passed on all set calls) logic
|
||||
# and the no-expiry-key modifications of set_arguments for the explicit
|
||||
# memcache TTL.
|
||||
self.opt_in_group('kvs', enable_key_mangler=False)
|
||||
self.config_fixture.config(group='kvs', enable_key_mangler=False)
|
||||
kvs = self._get_kvs_region()
|
||||
memcache_expire_time = 86400
|
||||
|
||||
|
@ -126,7 +126,8 @@ class NotificationsTestCase(tests.TestCase):
|
||||
fixture = self.useFixture(moxstubout.MoxStubout())
|
||||
self.stubs = fixture.stubs
|
||||
|
||||
# these should use self.opt(), but they haven't been registered yet
|
||||
# these should use self.config_fixture.config(), but they haven't
|
||||
# been registered yet
|
||||
CONF.rpc_backend = 'fake'
|
||||
CONF.notification_driver = ['fake']
|
||||
|
||||
|
@ -33,14 +33,20 @@ CONF = config.CONF
|
||||
|
||||
class PolicyFileTestCase(tests.TestCase):
|
||||
def setUp(self):
|
||||
# self.tmpfilename should exist before setUp super is called
|
||||
# this is to ensure it is available for the config_fixture in
|
||||
# the config_overrides call.
|
||||
_unused, self.tmpfilename = tempfile.mkstemp()
|
||||
super(PolicyFileTestCase, self).setUp()
|
||||
|
||||
rules.reset()
|
||||
self.addCleanup(rules.reset)
|
||||
_unused, self.tmpfilename = tempfile.mkstemp()
|
||||
self.opt(policy_file=self.tmpfilename)
|
||||
self.target = {}
|
||||
|
||||
def config_overrides(self):
|
||||
super(PolicyFileTestCase, self).config_overrides()
|
||||
self.config_fixture.config(policy_file=self.tmpfilename)
|
||||
|
||||
def test_modified_policy_reloads(self):
|
||||
action = "example:test"
|
||||
empty_credentials = {}
|
||||
|
@ -48,7 +48,8 @@ class BindTest(tests.TestCase):
|
||||
use_kerberos=val, success=success)
|
||||
else:
|
||||
context = {'environment': {}}
|
||||
self.opt_in_group('token', enforce_token_bind=bind_level)
|
||||
self.config_fixture.config(group='token',
|
||||
enforce_token_bind=bind_level)
|
||||
|
||||
if use_kerberos:
|
||||
context['environment']['REMOTE_USER'] = KERBEROS_BIND
|
||||
|
@ -726,9 +726,9 @@ class TestTokenProvider(tests.TestCase):
|
||||
'bogus')
|
||||
|
||||
def test_token_format_provider_mismatch(self):
|
||||
self.opt_in_group('signing', token_format='UUID')
|
||||
self.opt_in_group('token',
|
||||
provider=token.provider.PKI_PROVIDER)
|
||||
self.config_fixture.config(group='signing', token_format='UUID')
|
||||
self.config_fixture.config(group='token',
|
||||
provider=token.provider.PKI_PROVIDER)
|
||||
try:
|
||||
token.provider.Manager()
|
||||
raise Exception(
|
||||
@ -736,9 +736,9 @@ class TestTokenProvider(tests.TestCase):
|
||||
except exception.UnexpectedError:
|
||||
pass
|
||||
|
||||
self.opt_in_group('signing', token_format='PKI')
|
||||
self.opt_in_group('token',
|
||||
provider=token.provider.UUID_PROVIDER)
|
||||
self.config_fixture.config(group='signing', token_format='PKI')
|
||||
self.config_fixture.config(group='token',
|
||||
provider=token.provider.UUID_PROVIDER)
|
||||
try:
|
||||
token.provider.Manager()
|
||||
raise Exception(
|
||||
@ -747,14 +747,14 @@ class TestTokenProvider(tests.TestCase):
|
||||
pass
|
||||
|
||||
# should be OK as token_format and provider aligns
|
||||
self.opt_in_group('signing', token_format='PKI')
|
||||
self.opt_in_group('token',
|
||||
provider=token.provider.PKI_PROVIDER)
|
||||
self.config_fixture.config(group='signing', token_format='PKI')
|
||||
self.config_fixture.config(group='token',
|
||||
provider=token.provider.PKI_PROVIDER)
|
||||
token.provider.Manager()
|
||||
|
||||
self.opt_in_group('signing', token_format='UUID')
|
||||
self.opt_in_group('token',
|
||||
provider=token.provider.UUID_PROVIDER)
|
||||
self.config_fixture.config(group='signing', token_format='UUID')
|
||||
self.config_fixture.config(group='token',
|
||||
provider=token.provider.UUID_PROVIDER)
|
||||
token.provider.Manager()
|
||||
|
||||
def test_default_token_format(self):
|
||||
@ -762,50 +762,52 @@ class TestTokenProvider(tests.TestCase):
|
||||
token.provider.PKI_PROVIDER)
|
||||
|
||||
def test_uuid_token_format_and_no_provider(self):
|
||||
self.opt_in_group('signing', token_format='UUID')
|
||||
self.config_fixture.config(group='signing', token_format='UUID')
|
||||
self.assertEqual(token.provider.Manager.get_token_provider(),
|
||||
token.provider.UUID_PROVIDER)
|
||||
|
||||
def test_default_providers_without_token_format(self):
|
||||
self.opt_in_group('token',
|
||||
provider=token.provider.UUID_PROVIDER)
|
||||
self.config_fixture.config(group='token',
|
||||
provider=token.provider.UUID_PROVIDER)
|
||||
token.provider.Manager()
|
||||
|
||||
self.opt_in_group('token',
|
||||
provider=token.provider.PKI_PROVIDER)
|
||||
self.config_fixture.config(group='token',
|
||||
provider=token.provider.PKI_PROVIDER)
|
||||
token.provider.Manager()
|
||||
|
||||
def test_unsupported_token_format(self):
|
||||
self.opt_in_group('signing', token_format='CUSTOM')
|
||||
self.config_fixture.config(group='signing', token_format='CUSTOM')
|
||||
self.assertRaises(exception.UnexpectedError,
|
||||
token.provider.Manager.get_token_provider)
|
||||
|
||||
def test_uuid_provider(self):
|
||||
self.opt_in_group('token', provider=token.provider.UUID_PROVIDER)
|
||||
self.config_fixture.config(group='token',
|
||||
provider=token.provider.UUID_PROVIDER)
|
||||
self.assertEqual(token.provider.Manager.get_token_provider(),
|
||||
token.provider.UUID_PROVIDER)
|
||||
|
||||
def test_provider_override_token_format(self):
|
||||
self.opt_in_group('token',
|
||||
provider='keystone.token.providers.pki.Test')
|
||||
self.config_fixture.config(
|
||||
group='token',
|
||||
provider='keystone.token.providers.pki.Test')
|
||||
self.assertEqual(token.provider.Manager.get_token_provider(),
|
||||
'keystone.token.providers.pki.Test')
|
||||
|
||||
self.opt_in_group('signing', token_format='UUID')
|
||||
self.opt_in_group('token',
|
||||
provider=token.provider.UUID_PROVIDER)
|
||||
self.config_fixture.config(group='signing', token_format='UUID')
|
||||
self.config_fixture.config(group='token',
|
||||
provider=token.provider.UUID_PROVIDER)
|
||||
self.assertEqual(token.provider.Manager.get_token_provider(),
|
||||
token.provider.UUID_PROVIDER)
|
||||
|
||||
self.opt_in_group('signing', token_format='PKI')
|
||||
self.opt_in_group('token',
|
||||
provider=token.provider.PKI_PROVIDER)
|
||||
self.config_fixture.config(group='signing', token_format='PKI')
|
||||
self.config_fixture.config(group='token',
|
||||
provider=token.provider.PKI_PROVIDER)
|
||||
self.assertEqual(token.provider.Manager.get_token_provider(),
|
||||
token.provider.PKI_PROVIDER)
|
||||
|
||||
self.opt_in_group('signing', token_format='CUSTOM')
|
||||
self.opt_in_group('token',
|
||||
provider='my.package.MyProvider')
|
||||
self.config_fixture.config(group='signing', token_format='CUSTOM')
|
||||
self.config_fixture.config(group='token',
|
||||
provider='my.package.MyProvider')
|
||||
self.assertEqual(token.provider.Manager.get_token_provider(),
|
||||
'my.package.MyProvider')
|
||||
|
||||
@ -828,7 +830,8 @@ class TestTokenProvider(tests.TestCase):
|
||||
|
||||
def test_uuid_provider_no_oauth_fails_oauth(self):
|
||||
self.load_fixtures(default_fixtures)
|
||||
self.opt_in_group('token', provider=token.provider.UUID_PROVIDER)
|
||||
self.config_fixture.config(group='token',
|
||||
provider=token.provider.UUID_PROVIDER)
|
||||
driver = token.provider.Manager().driver
|
||||
driver.oauth_api = None
|
||||
self.assertRaises(exception.Forbidden,
|
||||
@ -860,7 +863,8 @@ class TestPKIProvider(object):
|
||||
|
||||
def test_get_token_id_error_handling(self):
|
||||
# cause command-line failure
|
||||
self.opt_in_group('signing', keyfile='--please-break-me')
|
||||
self.config_fixture.config(group='signing',
|
||||
keyfile='--please-break-me')
|
||||
|
||||
provider = pki.Provider()
|
||||
token_data = {}
|
||||
|
@ -178,7 +178,8 @@ class TokenAPITests(object):
|
||||
|
||||
# 3) Update the default_domain_id config option to the new domain
|
||||
|
||||
self.opt_in_group('identity', default_domain_id=new_domain_id)
|
||||
self.config_fixture.config(group='identity',
|
||||
default_domain_id=new_domain_id)
|
||||
|
||||
# 4) Get a token using v3 api.
|
||||
|
||||
@ -450,7 +451,11 @@ class TestTokenRevokeSelfAndAdmin(test_v3.RestfulTestCase):
|
||||
self.orig_policy_file = CONF.policy_file
|
||||
from keystone.policy.backends import rules
|
||||
rules.reset()
|
||||
self.opt(policy_file=tests.dirs.etc('policy.v3cloudsample.json'))
|
||||
|
||||
def config_overrides(self):
|
||||
super(TestTokenRevokeSelfAndAdmin, self).config_overrides()
|
||||
self.config_fixture.config(
|
||||
policy_file=tests.dirs.etc('policy.v3cloudsample.json'))
|
||||
|
||||
def test_user_revokes_own_token(self):
|
||||
r = self.post(
|
||||
@ -2061,7 +2066,7 @@ class TestAuthJSON(test_v3.RestfulTestCase):
|
||||
|
||||
#TODO(ayoung): move to TestPKITokenAPIs; it will be run for both formats
|
||||
def test_verify_with_bound_token(self):
|
||||
self.opt_in_group('token', bind='kerberos')
|
||||
self.config_fixture.config(group='token', bind='kerberos')
|
||||
auth_data = self.build_authentication_request(
|
||||
project_id=self.project['id'])
|
||||
remote_user = self.default_domain_user['name']
|
||||
@ -2102,7 +2107,7 @@ class TestAuthJSON(test_v3.RestfulTestCase):
|
||||
self.assertEqual(token['bind']['kerberos'], remote_user)
|
||||
|
||||
def test_v2_v3_bind_token_intermix(self):
|
||||
self.opt_in_group('token', bind='kerberos')
|
||||
self.config_fixture.config(group='token', bind='kerberos')
|
||||
|
||||
# we need our own user registered to the default domain because of
|
||||
# the way external auth works.
|
||||
@ -2199,9 +2204,9 @@ class TestAuthXML(TestAuthJSON):
|
||||
|
||||
|
||||
class TestTrustOptional(test_v3.RestfulTestCase):
|
||||
def setUp(self, *args, **kwargs):
|
||||
self.opt_in_group('trust', enabled=False)
|
||||
super(TestTrustOptional, self).setUp(*args, **kwargs)
|
||||
def config_overrides(self):
|
||||
super(TestTrustOptional, self).config_overrides()
|
||||
self.config_fixture.config(group='trust', enabled=False)
|
||||
|
||||
def test_trusts_404(self):
|
||||
self.get('/OS-TRUST/trusts', body={'trust': {}}, expected_status=404)
|
||||
@ -2226,7 +2231,6 @@ class TestTrustAuth(TestAuthInfo):
|
||||
return conf_files
|
||||
|
||||
def setUp(self):
|
||||
self.opt_in_group('trust', enabled=True)
|
||||
super(TestTrustAuth, self).setUp()
|
||||
|
||||
# create a trustee to delegate stuff to
|
||||
@ -2235,6 +2239,10 @@ class TestTrustAuth(TestAuthInfo):
|
||||
self.trustee_user['id'] = self.trustee_user_id
|
||||
self.identity_api.create_user(self.trustee_user_id, self.trustee_user)
|
||||
|
||||
def config_overrides(self):
|
||||
super(TestTrustAuth, self).config_overrides()
|
||||
self.config_fixture.config(group='trust', enabled=True)
|
||||
|
||||
def test_create_trust_400(self):
|
||||
# The server returns a 403 Forbidden rather than a 400, see bug 1133435
|
||||
self.post('/OS-TRUST/trusts', body={'trust': {}}, expected_status=403)
|
||||
|
@ -207,7 +207,6 @@ class CredentialTestCase(CredentialBaseTestCase):
|
||||
class TestCredentialTrustScoped(test_v3.RestfulTestCase):
|
||||
"""Test credential with trust scoped token."""
|
||||
def setUp(self):
|
||||
self.opt_in_group('trust', enabled=True)
|
||||
super(TestCredentialTrustScoped, self).setUp()
|
||||
|
||||
self.trustee_user_id = uuid.uuid4().hex
|
||||
@ -215,6 +214,10 @@ class TestCredentialTrustScoped(test_v3.RestfulTestCase):
|
||||
self.trustee_user['id'] = self.trustee_user_id
|
||||
self.identity_api.create_user(self.trustee_user_id, self.trustee_user)
|
||||
|
||||
def config_overrides(self):
|
||||
super(TestCredentialTrustScoped, self).config_overrides()
|
||||
self.config_fixture.config(group='trust', enabled=True)
|
||||
|
||||
def test_trust_scoped_ec2_credential(self):
|
||||
"""Call ``POST /credentials`` for creating ec2 credential."""
|
||||
# Create the trust
|
||||
|
@ -41,7 +41,7 @@ class IdentityTestFilteredCase(filtering.FilterTests,
|
||||
self.orig_policy_file = CONF.policy_file
|
||||
rules.reset()
|
||||
_unused, self.tmpfilename = tempfile.mkstemp()
|
||||
self.opt(policy_file=self.tmpfilename)
|
||||
self.config_fixture.config(policy_file=self.tmpfilename)
|
||||
|
||||
#drop the policy rules
|
||||
self.addCleanup(rules.reset)
|
||||
@ -376,13 +376,13 @@ class IdentityTestListLimitCase(IdentityTestFilteredCase):
|
||||
else:
|
||||
plural = '%ss' % entity
|
||||
|
||||
self.opt(list_limit=5)
|
||||
self.opt_in_group(driver, list_limit=None)
|
||||
self.config_fixture.config(list_limit=5)
|
||||
self.config_fixture.config(group=driver, list_limit=None)
|
||||
r = self.get('/%s' % plural, auth=self.auth)
|
||||
self.assertEqual(len(r.result.get(plural)), 5)
|
||||
self.assertIs(r.result.get('truncated'), True)
|
||||
|
||||
self.opt_in_group(driver, list_limit=4)
|
||||
self.config_fixture.config(group=driver, list_limit=4)
|
||||
r = self.get('/%s' % plural, auth=self.auth)
|
||||
self.assertEqual(len(r.result.get(plural)), 4)
|
||||
self.assertIs(r.result.get('truncated'), True)
|
||||
@ -423,8 +423,8 @@ class IdentityTestListLimitCase(IdentityTestFilteredCase):
|
||||
# Test this by overriding the general limit with a higher
|
||||
# driver-specific limit (allowing all entities to be returned
|
||||
# in the collection), which should result in a non truncated list
|
||||
self.opt(list_limit=5)
|
||||
self.opt_in_group('catalog', list_limit=10)
|
||||
self.config_fixture.config(list_limit=5)
|
||||
self.config_fixture.config(group='catalog', list_limit=10)
|
||||
r = self.get('/services', auth=self.auth)
|
||||
self.assertEqual(len(r.result.get('services')), 10)
|
||||
self.assertIsNone(r.result.get('truncated'))
|
||||
|
@ -347,7 +347,8 @@ class IdentityTestCase(test_v3.RestfulTestCase):
|
||||
body={'domain': {'enabled': False}})
|
||||
|
||||
# Change the default domain
|
||||
self.opt_in_group('identity', default_domain_id=new_domain_id)
|
||||
self.config_fixture.config(group='identity',
|
||||
default_domain_id=new_domain_id)
|
||||
|
||||
# Attempt to delete the new domain
|
||||
|
||||
@ -371,7 +372,8 @@ class IdentityTestCase(test_v3.RestfulTestCase):
|
||||
body={'domain': {'enabled': False}})
|
||||
|
||||
# Change the default domain
|
||||
self.opt_in_group('identity', default_domain_id=new_domain_id)
|
||||
self.config_fixture.config(group='identity',
|
||||
default_domain_id=new_domain_id)
|
||||
|
||||
# Delete the old default domain
|
||||
|
||||
@ -1288,9 +1290,9 @@ class IdentityTestCase(test_v3.RestfulTestCase):
|
||||
class IdentityInheritanceTestCase(test_v3.RestfulTestCase):
|
||||
"""Test inheritance crud and its effects."""
|
||||
|
||||
def setUp(self):
|
||||
self.opt_in_group('os_inherit', enabled=True)
|
||||
super(IdentityInheritanceTestCase, self).setUp()
|
||||
def config_overrides(self):
|
||||
super(IdentityInheritanceTestCase, self).config_overrides()
|
||||
self.config_fixture.config(group='os_inherit', enabled=True)
|
||||
|
||||
def test_crud_user_inherited_domain_role_grants(self):
|
||||
role_list = []
|
||||
@ -1500,7 +1502,7 @@ class IdentityInheritanceTestCase(test_v3.RestfulTestCase):
|
||||
|
||||
# Disable the extension and re-check the list, the role inherited
|
||||
# from the project should no longer show up
|
||||
self.opt_in_group('os_inherit', enabled=False)
|
||||
self.config_fixture.config(group='os_inherit', enabled=False)
|
||||
r = self.get(collection_url)
|
||||
self.assertValidRoleAssignmentListResponse(r)
|
||||
self.assertEqual(2, len(r.result.get('role_assignments')))
|
||||
@ -1715,9 +1717,9 @@ class IdentityInheritanceTestCase(test_v3.RestfulTestCase):
|
||||
class IdentityInheritanceDisabledTestCase(test_v3.RestfulTestCase):
|
||||
"""Test inheritance crud and its effects."""
|
||||
|
||||
def setUp(self):
|
||||
self.opt_in_group('os_inherit', enabled=False)
|
||||
super(IdentityInheritanceDisabledTestCase, self).setUp()
|
||||
def config_overrides(self):
|
||||
super(IdentityInheritanceDisabledTestCase, self).config_overrides()
|
||||
self.config_fixture.config(group='os_inherit', enabled=False)
|
||||
|
||||
def test_crud_inherited_role_grants_failed_if_disabled(self):
|
||||
role = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
|
@ -57,7 +57,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase):
|
||||
self.addCleanup(rules.reset)
|
||||
rules.reset()
|
||||
_unused, self.tmpfilename = tempfile.mkstemp()
|
||||
self.opt(policy_file=self.tmpfilename)
|
||||
self.config_fixture.config(policy_file=self.tmpfilename)
|
||||
|
||||
# A default auth request we can use - un-scoped user token
|
||||
self.auth = self.build_authentication_request(
|
||||
@ -367,7 +367,8 @@ class IdentityTestv3CloudPolicySample(test_v3.RestfulTestCase):
|
||||
# Finally, switch to the v3 sample policy file
|
||||
self.addCleanup(rules.reset)
|
||||
rules.reset()
|
||||
self.opt(policy_file=tests.dirs.etc('policy.v3cloudsample.json'))
|
||||
self.config_fixture.config(
|
||||
policy_file=tests.dirs.etc('policy.v3cloudsample.json'))
|
||||
|
||||
def load_sample_data(self):
|
||||
# Start by creating a couple of domains
|
||||
|
@ -118,12 +118,14 @@ class VersionTestCase(tests.TestCase):
|
||||
self.public_app = self.loadapp('keystone', 'main')
|
||||
self.admin_app = self.loadapp('keystone', 'admin')
|
||||
|
||||
port = random.randint(10000, 30000)
|
||||
self.opt(public_port=port, admin_port=port)
|
||||
|
||||
fixture = self.useFixture(moxstubout.MoxStubout())
|
||||
self.stubs = fixture.stubs
|
||||
|
||||
def config_overrides(self):
|
||||
super(VersionTestCase, self).config_overrides()
|
||||
port = random.randint(10000, 30000)
|
||||
self.config_fixture.config(public_port=port, admin_port=port)
|
||||
|
||||
def _paste_in_port(self, response, port):
|
||||
for link in response['links']:
|
||||
if link['rel'] == 'self':
|
||||
@ -328,12 +330,14 @@ vnd.openstack.identity-v3+xml"/>
|
||||
self.public_app = self.loadapp('keystone', 'main')
|
||||
self.admin_app = self.loadapp('keystone', 'admin')
|
||||
|
||||
port = random.randint(10000, 30000)
|
||||
self.opt(public_port=port, admin_port=port)
|
||||
|
||||
fixture = self.useFixture(moxstubout.MoxStubout())
|
||||
self.stubs = fixture.stubs
|
||||
|
||||
def config_overrides(self):
|
||||
super(XmlVersionTestCase, self).config_overrides()
|
||||
port = random.randint(10000, 30000)
|
||||
self.config_fixture.config(public_port=port, admin_port=port)
|
||||
|
||||
def test_public_versions(self):
|
||||
client = self.client(self.public_app)
|
||||
resp = client.get('/', headers=self.REQUEST_HEADERS)
|
||||
|
Loading…
Reference in New Issue
Block a user