Merge "Make unit tests call the new resource manager"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
08afed58d3
|
|
@ -492,13 +492,14 @@ class TestCase(BaseTestCase):
|
|||
|
||||
# TODO(termie): doing something from json, probably based on Django's
|
||||
# loaddata will be much preferred.
|
||||
if hasattr(self, 'identity_api') and hasattr(self, 'assignment_api'):
|
||||
if (hasattr(self, 'identity_api') and
|
||||
hasattr(self, 'assignment_api') and
|
||||
hasattr(self, 'resource_api')):
|
||||
for domain in fixtures.DOMAINS:
|
||||
try:
|
||||
rv = self.assignment_api.create_domain(domain['id'],
|
||||
domain)
|
||||
rv = self.resource_api.create_domain(domain['id'], domain)
|
||||
except exception.Conflict:
|
||||
rv = self.assignment_api.get_domain(domain['id'])
|
||||
rv = self.resource_api.get_domain(domain['id'])
|
||||
except exception.NotImplemented:
|
||||
rv = domain
|
||||
attrname = 'domain_%s' % domain['id']
|
||||
|
|
@ -509,10 +510,10 @@ class TestCase(BaseTestCase):
|
|||
if hasattr(self, 'tenant_%s' % tenant['id']):
|
||||
try:
|
||||
# This will clear out any roles on the project as well
|
||||
self.assignment_api.delete_project(tenant['id'])
|
||||
self.resource_api.delete_project(tenant['id'])
|
||||
except exception.ProjectNotFound:
|
||||
pass
|
||||
rv = self.assignment_api.create_project(
|
||||
rv = self.resource_api.create_project(
|
||||
tenant['id'], tenant)
|
||||
|
||||
attrname = 'tenant_%s' % tenant['id']
|
||||
|
|
|
|||
|
|
@ -293,7 +293,7 @@ class AuthWithToken(AuthTest):
|
|||
self.role_member['id'])
|
||||
# Now create a group role for this user as well
|
||||
domain1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.assignment_api.create_domain(domain1['id'], domain1)
|
||||
self.resource_api.create_domain(domain1['id'], domain1)
|
||||
new_group = {'domain_id': domain1['id'], 'name': uuid.uuid4().hex}
|
||||
new_group = self.identity_api.create_group(new_group)
|
||||
self.identity_api.add_user_to_group(self.user_foo['id'],
|
||||
|
|
@ -386,7 +386,7 @@ class AuthWithToken(AuthTest):
|
|||
role_controller = assignment.controllers.Role()
|
||||
project1 = {'id': 'Project1', 'name': uuid.uuid4().hex,
|
||||
'domain_id': DEFAULT_DOMAIN_ID}
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
role_one = {'id': 'role_one', 'name': uuid.uuid4().hex}
|
||||
self.role_api.create_role(role_one['id'], role_one)
|
||||
self.assignment_api.add_role_to_user_and_project(
|
||||
|
|
@ -628,7 +628,7 @@ class AuthWithPasswordCredentials(AuthTest):
|
|||
'name': uuid.uuid4().hex,
|
||||
}
|
||||
|
||||
self.assignment_api.create_domain(new_domain_id, new_domain)
|
||||
self.resource_api.create_domain(new_domain_id, new_domain)
|
||||
|
||||
# 2) Create user "foo" in new domain with different password than
|
||||
# default-domain foo.
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -42,21 +42,19 @@ class SqlIDMapping(test_backend_sql.SqlTests):
|
|||
def load_sample_data(self):
|
||||
self.addCleanup(self.clean_sample_data)
|
||||
domainA = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.domainA = self.assignment_api.create_domain(domainA['id'],
|
||||
domainA)
|
||||
self.domainA = self.resource_api.create_domain(domainA['id'], domainA)
|
||||
domainB = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.domainB = self.assignment_api.create_domain(domainB['id'],
|
||||
domainB)
|
||||
self.domainB = self.resource_api.create_domain(domainB['id'], domainB)
|
||||
|
||||
def clean_sample_data(self):
|
||||
if hasattr(self, 'domainA'):
|
||||
self.domainA['enabled'] = False
|
||||
self.assignment_api.update_domain(self.domainA['id'], self.domainA)
|
||||
self.assignment_api.delete_domain(self.domainA['id'])
|
||||
self.resource_api.update_domain(self.domainA['id'], self.domainA)
|
||||
self.resource_api.delete_domain(self.domainA['id'])
|
||||
if hasattr(self, 'domainB'):
|
||||
self.domainB['enabled'] = False
|
||||
self.assignment_api.update_domain(self.domainB['id'], self.domainB)
|
||||
self.assignment_api.delete_domain(self.domainB['id'])
|
||||
self.resource_api.update_domain(self.domainB['id'], self.domainB)
|
||||
self.resource_api.delete_domain(self.domainB['id'])
|
||||
|
||||
def test_invalid_public_key(self):
|
||||
self.assertIsNone(self.id_mapping_api.get_id_mapping(uuid.uuid4().hex))
|
||||
|
|
|
|||
|
|
@ -64,7 +64,7 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
|
|||
|
||||
def _get_domain_fixture(self):
|
||||
"""Domains in LDAP are read-only, so just return the static one."""
|
||||
return self.assignment_api.get_domain(CONF.identity.default_domain_id)
|
||||
return self.resource_api.get_domain(CONF.identity.default_domain_id)
|
||||
|
||||
def clear_database(self):
|
||||
for shelf in fakeldap.FakeShelves:
|
||||
|
|
@ -362,10 +362,10 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
|
|||
|
||||
project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
|
||||
'domain_id': domain['id']}
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
project2 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
|
||||
'domain_id': domain['id']}
|
||||
self.assignment_api.create_project(project2['id'], project2)
|
||||
self.resource_api.create_project(project2['id'], project2)
|
||||
|
||||
self.identity_api.add_user_to_group(new_user['id'],
|
||||
group1['id'])
|
||||
|
|
@ -443,7 +443,7 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
|
|||
new_project = {'id': uuid.uuid4().hex,
|
||||
'name': uuid.uuid4().hex,
|
||||
'domain_id': new_domain['id']}
|
||||
self.assignment_api.create_project(new_project['id'], new_project)
|
||||
self.resource_api.create_project(new_project['id'], new_project)
|
||||
|
||||
# First check how many role grant already exist
|
||||
existing_assignments = len(self.assignment_api.list_role_assignments())
|
||||
|
|
@ -472,7 +472,7 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
|
|||
new_project = {'id': uuid.uuid4().hex,
|
||||
'name': uuid.uuid4().hex,
|
||||
'domain_id': new_domain['id']}
|
||||
self.assignment_api.create_project(new_project['id'], new_project)
|
||||
self.resource_api.create_project(new_project['id'], new_project)
|
||||
self.assignment_api.create_grant(user_id=new_user['id'],
|
||||
project_id=new_project['id'],
|
||||
role_id='other')
|
||||
|
|
@ -583,7 +583,7 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
|
|||
self.assertNotIn(dumb_id, user_ids)
|
||||
|
||||
def test_list_domains(self):
|
||||
domains = self.assignment_api.list_domains()
|
||||
domains = self.resource_api.list_domains()
|
||||
self.assertEqual(
|
||||
[resource.calc_default_domain()],
|
||||
domains)
|
||||
|
|
@ -596,7 +596,7 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
|
|||
self.config_fixture.config(group='identity',
|
||||
default_domain_id=new_domain_id)
|
||||
|
||||
domains = self.assignment_api.list_domains()
|
||||
domains = self.resource_api.list_domains()
|
||||
|
||||
self.assertEqual(new_domain_id, domains[0]['id'])
|
||||
|
||||
|
|
@ -854,10 +854,10 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
|
|||
|
||||
# Attempt to disable the project.
|
||||
self.assertRaises(exception.ForbiddenAction,
|
||||
self.assignment_api.update_project,
|
||||
self.resource_api.update_project,
|
||||
self.tenant_baz['id'], {'enabled': False})
|
||||
|
||||
project_info = self.assignment_api.get_project(self.tenant_baz['id'])
|
||||
project_info = self.resource_api.get_project(self.tenant_baz['id'])
|
||||
|
||||
# Unlike other entities, if 'enabled' is ignored then 'enabled' is
|
||||
# returned as part of the ref.
|
||||
|
|
@ -880,16 +880,16 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
|
||||
def test_configurable_allowed_project_actions(self):
|
||||
tenant = {'id': u'fäké1', 'name': u'fäké1', 'enabled': True}
|
||||
self.assignment_api.create_project(u'fäké1', tenant)
|
||||
tenant_ref = self.assignment_api.get_project(u'fäké1')
|
||||
self.resource_api.create_project(u'fäké1', tenant)
|
||||
tenant_ref = self.resource_api.get_project(u'fäké1')
|
||||
self.assertEqual(u'fäké1', tenant_ref['id'])
|
||||
|
||||
tenant['enabled'] = False
|
||||
self.assignment_api.update_project(u'fäké1', tenant)
|
||||
self.resource_api.update_project(u'fäké1', tenant)
|
||||
|
||||
self.assignment_api.delete_project(u'fäké1')
|
||||
self.resource_api.delete_project(u'fäké1')
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project,
|
||||
self.resource_api.get_project,
|
||||
u'fäké1')
|
||||
|
||||
def test_configurable_subtree_delete(self):
|
||||
|
|
@ -898,7 +898,7 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
|
||||
project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
|
||||
'domain_id': CONF.identity.default_domain_id}
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
|
||||
role1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.role_api.create_role(role1['id'], role1)
|
||||
|
|
@ -914,12 +914,12 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
tenant_id=project1['id'],
|
||||
role_id=role1['id'])
|
||||
|
||||
self.assignment_api.delete_project(project1['id'])
|
||||
self.resource_api.delete_project(project1['id'])
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project,
|
||||
self.resource_api.get_project,
|
||||
project1['id'])
|
||||
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
|
||||
list = self.assignment_api.get_roles_for_user_and_project(
|
||||
user1['id'],
|
||||
|
|
@ -934,17 +934,17 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
|
||||
tenant = {'id': u'fäké1', 'name': u'fäké1'}
|
||||
self.assertRaises(exception.ForbiddenAction,
|
||||
self.assignment_api.create_project,
|
||||
self.resource_api.create_project,
|
||||
u'fäké1',
|
||||
tenant)
|
||||
|
||||
self.tenant_bar['enabled'] = False
|
||||
self.assertRaises(exception.ForbiddenAction,
|
||||
self.assignment_api.update_project,
|
||||
self.resource_api.update_project,
|
||||
self.tenant_bar['id'],
|
||||
self.tenant_bar)
|
||||
self.assertRaises(exception.ForbiddenAction,
|
||||
self.assignment_api.delete_project,
|
||||
self.resource_api.delete_project,
|
||||
self.tenant_bar['id'])
|
||||
|
||||
def test_configurable_allowed_role_actions(self):
|
||||
|
|
@ -984,7 +984,7 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
self.role_member['id'])
|
||||
|
||||
def test_project_filter(self):
|
||||
tenant_ref = self.assignment_api.get_project(self.tenant_bar['id'])
|
||||
tenant_ref = self.resource_api.get_project(self.tenant_bar['id'])
|
||||
self.assertDictEqual(tenant_ref, self.tenant_bar)
|
||||
|
||||
self.config_fixture.config(group='ldap',
|
||||
|
|
@ -1002,7 +1002,7 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
self.resource_api.get_project.invalidate(self.resource_api,
|
||||
self.tenant_bar['id'])
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project,
|
||||
self.resource_api.get_project,
|
||||
self.tenant_bar['id'])
|
||||
|
||||
def test_role_filter(self):
|
||||
|
|
@ -1052,7 +1052,7 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
# cache population.
|
||||
self.resource_api.get_project.invalidate(self.resource_api,
|
||||
self.tenant_baz['id'])
|
||||
tenant_ref = self.assignment_api.get_project(self.tenant_baz['id'])
|
||||
tenant_ref = self.resource_api.get_project(self.tenant_baz['id'])
|
||||
self.assertEqual(self.tenant_baz['id'], tenant_ref['id'])
|
||||
self.assertEqual(self.tenant_baz['name'], tenant_ref['name'])
|
||||
self.assertEqual(
|
||||
|
|
@ -1074,7 +1074,7 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
# cache population.
|
||||
self.resource_api.get_project.invalidate(self.resource_api,
|
||||
self.tenant_baz['id'])
|
||||
tenant_ref = self.assignment_api.get_project(self.tenant_baz['id'])
|
||||
tenant_ref = self.resource_api.get_project(self.tenant_baz['id'])
|
||||
self.assertEqual(self.tenant_baz['id'], tenant_ref['id'])
|
||||
self.assertEqual(self.tenant_baz['description'], tenant_ref['name'])
|
||||
self.assertEqual(self.tenant_baz['name'], tenant_ref['description'])
|
||||
|
|
@ -1095,7 +1095,7 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
# cache population.
|
||||
self.resource_api.get_project.invalidate(self.resource_api,
|
||||
self.tenant_baz['id'])
|
||||
tenant_ref = self.assignment_api.get_project(self.tenant_baz['id'])
|
||||
tenant_ref = self.resource_api.get_project(self.tenant_baz['id'])
|
||||
self.assertEqual(self.tenant_baz['id'], tenant_ref['id'])
|
||||
self.assertNotIn('name', tenant_ref)
|
||||
self.assertNotIn('description', tenant_ref)
|
||||
|
|
@ -1506,37 +1506,37 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
domain = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
|
||||
'enabled': True, 'description': uuid.uuid4().hex}
|
||||
self.assertRaises(exception.Forbidden,
|
||||
self.assignment_api.create_domain,
|
||||
self.resource_api.create_domain,
|
||||
domain['id'],
|
||||
domain)
|
||||
self.assertRaises(exception.Conflict,
|
||||
self.assignment_api.create_domain,
|
||||
self.resource_api.create_domain,
|
||||
CONF.identity.default_domain_id,
|
||||
domain)
|
||||
self.assertRaises(exception.DomainNotFound,
|
||||
self.assignment_api.get_domain,
|
||||
self.resource_api.get_domain,
|
||||
domain['id'])
|
||||
|
||||
domain['description'] = uuid.uuid4().hex
|
||||
self.assertRaises(exception.DomainNotFound,
|
||||
self.assignment_api.update_domain,
|
||||
self.resource_api.update_domain,
|
||||
domain['id'],
|
||||
domain)
|
||||
self.assertRaises(exception.Forbidden,
|
||||
self.assignment_api.update_domain,
|
||||
self.resource_api.update_domain,
|
||||
CONF.identity.default_domain_id,
|
||||
domain)
|
||||
self.assertRaises(exception.DomainNotFound,
|
||||
self.assignment_api.get_domain,
|
||||
self.resource_api.get_domain,
|
||||
domain['id'])
|
||||
self.assertRaises(exception.DomainNotFound,
|
||||
self.assignment_api.delete_domain,
|
||||
self.resource_api.delete_domain,
|
||||
domain['id'])
|
||||
self.assertRaises(exception.Forbidden,
|
||||
self.assignment_api.delete_domain,
|
||||
self.resource_api.delete_domain,
|
||||
CONF.identity.default_domain_id)
|
||||
self.assertRaises(exception.DomainNotFound,
|
||||
self.assignment_api.get_domain,
|
||||
self.resource_api.get_domain,
|
||||
domain['id'])
|
||||
|
||||
@tests.skip_if_no_multiple_domains_support
|
||||
|
|
@ -1546,7 +1546,7 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
'id': uuid.uuid4().hex,
|
||||
'name': uuid.uuid4().hex}
|
||||
self.assertRaises(exception.Forbidden,
|
||||
self.assignment_api.create_domain,
|
||||
self.resource_api.create_domain,
|
||||
ref['id'],
|
||||
ref)
|
||||
|
||||
|
|
@ -1578,19 +1578,19 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
'description': uuid.uuid4().hex,
|
||||
'enabled': True,
|
||||
'parent_id': None}
|
||||
self.assignment_api.create_project(project['id'], project)
|
||||
project_ref = self.assignment_api.get_project(project['id'])
|
||||
self.resource_api.create_project(project['id'], project)
|
||||
project_ref = self.resource_api.get_project(project['id'])
|
||||
|
||||
self.assertDictEqual(project_ref, project)
|
||||
|
||||
project['description'] = uuid.uuid4().hex
|
||||
self.assignment_api.update_project(project['id'], project)
|
||||
project_ref = self.assignment_api.get_project(project['id'])
|
||||
self.resource_api.update_project(project['id'], project)
|
||||
project_ref = self.resource_api.get_project(project['id'])
|
||||
self.assertDictEqual(project_ref, project)
|
||||
|
||||
self.assignment_api.delete_project(project['id'])
|
||||
self.resource_api.delete_project(project['id'])
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project,
|
||||
self.resource_api.get_project,
|
||||
project['id'])
|
||||
|
||||
@tests.skip_if_cache_disabled('assignment')
|
||||
|
|
@ -1603,8 +1603,8 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
'description': uuid.uuid4().hex}
|
||||
project_id = project['id']
|
||||
# Create a project
|
||||
self.assignment_api.create_project(project_id, project)
|
||||
self.assignment_api.get_project(project_id)
|
||||
self.resource_api.create_project(project_id, project)
|
||||
self.resource_api.get_project(project_id)
|
||||
updated_project = copy.deepcopy(project)
|
||||
updated_project['description'] = uuid.uuid4().hex
|
||||
# Update project, bypassing resource manager
|
||||
|
|
@ -1612,39 +1612,39 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
updated_project)
|
||||
# Verify get_project still returns the original project_ref
|
||||
self.assertDictContainsSubset(
|
||||
project, self.assignment_api.get_project(project_id))
|
||||
project, self.resource_api.get_project(project_id))
|
||||
# Invalidate cache
|
||||
self.resource_api.get_project.invalidate(self.resource_api,
|
||||
project_id)
|
||||
# Verify get_project now returns the new project
|
||||
self.assertDictContainsSubset(
|
||||
updated_project,
|
||||
self.assignment_api.get_project(project_id))
|
||||
# Update project using the assignment_api manager back to original
|
||||
self.assignment_api.update_project(project['id'], project)
|
||||
self.resource_api.get_project(project_id))
|
||||
# Update project using the resource_api manager back to original
|
||||
self.resource_api.update_project(project['id'], project)
|
||||
# Verify get_project returns the original project_ref
|
||||
self.assertDictContainsSubset(
|
||||
project, self.assignment_api.get_project(project_id))
|
||||
project, self.resource_api.get_project(project_id))
|
||||
# Delete project bypassing resource_api
|
||||
self.resource_api.driver.delete_project(project_id)
|
||||
# Verify get_project still returns the project_ref
|
||||
self.assertDictContainsSubset(
|
||||
project, self.assignment_api.get_project(project_id))
|
||||
project, self.resource_api.get_project(project_id))
|
||||
# Invalidate cache
|
||||
self.resource_api.get_project.invalidate(self.resource_api,
|
||||
project_id)
|
||||
# Verify ProjectNotFound now raised
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project,
|
||||
self.resource_api.get_project,
|
||||
project_id)
|
||||
# recreate project
|
||||
self.assignment_api.create_project(project_id, project)
|
||||
self.assignment_api.get_project(project_id)
|
||||
self.resource_api.create_project(project_id, project)
|
||||
self.resource_api.get_project(project_id)
|
||||
# delete project
|
||||
self.assignment_api.delete_project(project_id)
|
||||
self.resource_api.delete_project(project_id)
|
||||
# Verify ProjectNotFound is raised
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project,
|
||||
self.resource_api.get_project,
|
||||
project_id)
|
||||
|
||||
def _assert_create_hierarchy_not_allowed(self):
|
||||
|
|
@ -1656,7 +1656,7 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
'domain_id': domain['id'],
|
||||
'enabled': True,
|
||||
'parent_id': None}
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
|
||||
# Creating project2 under project1. LDAP will not allow
|
||||
# the creation of a project with parent_id being set
|
||||
|
|
@ -1668,13 +1668,13 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
'parent_id': project1['id']}
|
||||
|
||||
self.assertRaises(exception.InvalidParentProject,
|
||||
self.assignment_api.create_project,
|
||||
self.resource_api.create_project,
|
||||
project2['id'],
|
||||
project2)
|
||||
|
||||
# Now, we'll create project 2 with no parent
|
||||
project2['parent_id'] = None
|
||||
self.assignment_api.create_project(project2['id'], project2)
|
||||
self.resource_api.create_project(project2['id'], project2)
|
||||
|
||||
# Returning projects to be used across the tests
|
||||
return [project1, project2]
|
||||
|
|
@ -1682,19 +1682,19 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
def test_check_leaf_projects(self):
|
||||
projects = self._assert_create_hierarchy_not_allowed()
|
||||
for project in projects:
|
||||
self.assertTrue(self.assignment_api.is_leaf_project(project))
|
||||
self.assertTrue(self.resource_api.is_leaf_project(project))
|
||||
|
||||
def test_list_projects_in_subtree(self):
|
||||
projects = self._assert_create_hierarchy_not_allowed()
|
||||
for project in projects:
|
||||
subtree_list = self.assignment_api.list_projects_in_subtree(
|
||||
subtree_list = self.resource_api.list_projects_in_subtree(
|
||||
project)
|
||||
self.assertEqual(0, len(subtree_list))
|
||||
|
||||
def test_list_project_parents(self):
|
||||
projects = self._assert_create_hierarchy_not_allowed()
|
||||
for project in projects:
|
||||
parents_list = self.assignment_api.list_project_parents(project)
|
||||
parents_list = self.resource_api.list_project_parents(project)
|
||||
self.assertEqual(0, len(parents_list))
|
||||
|
||||
def test_hierarchical_projects_crud(self):
|
||||
|
|
@ -1752,7 +1752,7 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
user1 = self.identity_api.create_user(user1)
|
||||
project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
|
||||
'domain_id': CONF.identity.default_domain_id}
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
|
||||
self.assignment_api.add_role_to_user_and_project(
|
||||
user_id=user1['id'],
|
||||
|
|
@ -1790,7 +1790,7 @@ class LDAPIdentity(BaseLDAPIdentity, tests.TestCase):
|
|||
def test_get_default_domain_by_name(self):
|
||||
domain = self._get_domain_fixture()
|
||||
|
||||
domain_ref = self.assignment_api.get_domain_by_name(domain['name'])
|
||||
domain_ref = self.resource_api.get_domain_by_name(domain['name'])
|
||||
self.assertEqual(domain_ref, domain)
|
||||
|
||||
def test_base_ldap_connection_deref_option(self):
|
||||
|
|
@ -2009,23 +2009,23 @@ class LDAPIdentityEnabledEmulation(LDAPIdentity):
|
|||
'description': uuid.uuid4().hex,
|
||||
'parent_id': None}
|
||||
|
||||
self.assignment_api.create_project(project['id'], project)
|
||||
project_ref = self.assignment_api.get_project(project['id'])
|
||||
self.resource_api.create_project(project['id'], project)
|
||||
project_ref = self.resource_api.get_project(project['id'])
|
||||
|
||||
# self.assignment_api.create_project adds an enabled
|
||||
# self.resource_api.create_project adds an enabled
|
||||
# key with a value of True when LDAPIdentityEnabledEmulation
|
||||
# is used so we now add this expected key to the project dictionary
|
||||
project['enabled'] = True
|
||||
self.assertDictEqual(project_ref, project)
|
||||
|
||||
project['description'] = uuid.uuid4().hex
|
||||
self.assignment_api.update_project(project['id'], project)
|
||||
project_ref = self.assignment_api.get_project(project['id'])
|
||||
self.resource_api.update_project(project['id'], project)
|
||||
project_ref = self.resource_api.get_project(project['id'])
|
||||
self.assertDictEqual(project_ref, project)
|
||||
|
||||
self.assignment_api.delete_project(project['id'])
|
||||
self.resource_api.delete_project(project['id'])
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project,
|
||||
self.resource_api.get_project,
|
||||
project['id'])
|
||||
|
||||
def test_user_crud(self):
|
||||
|
|
@ -2187,7 +2187,7 @@ class LdapIdentitySqlAssignment(BaseLDAPIdentity, tests.SQLDriverOverrides,
|
|||
pass
|
||||
|
||||
def test_list_domains(self):
|
||||
domains = self.assignment_api.list_domains()
|
||||
domains = self.resource_api.list_domains()
|
||||
self.assertEqual([resource.calc_default_domain()], domains)
|
||||
|
||||
def test_list_domains_non_default_domain_id(self):
|
||||
|
|
@ -2202,7 +2202,7 @@ class LdapIdentitySqlAssignment(BaseLDAPIdentity, tests.SQLDriverOverrides,
|
|||
self.config_fixture.config(group='identity',
|
||||
default_domain_id=new_domain_id)
|
||||
|
||||
domains = self.assignment_api.list_domains()
|
||||
domains = self.resource_api.list_domains()
|
||||
|
||||
self.assertEqual(orig_default_domain_id, domains[0]['id'])
|
||||
|
||||
|
|
@ -2210,7 +2210,7 @@ class LdapIdentitySqlAssignment(BaseLDAPIdentity, tests.SQLDriverOverrides,
|
|||
domain = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
|
||||
'enabled': True}
|
||||
self.assertRaises(exception.Forbidden,
|
||||
self.assignment_api.create_domain,
|
||||
self.resource_api.create_domain,
|
||||
domain['id'],
|
||||
domain)
|
||||
|
||||
|
|
@ -2391,11 +2391,11 @@ class BaseMultiLDAPandSQLIdentity(object):
|
|||
|
||||
def create_domain(domain):
|
||||
try:
|
||||
ref = self.assignment_api.create_domain(
|
||||
ref = self.resource_api.create_domain(
|
||||
domain['id'], domain)
|
||||
except exception.Conflict:
|
||||
ref = (
|
||||
self.assignment_api.get_domain_by_name(domain['name']))
|
||||
self.resource_api.get_domain_by_name(domain['name']))
|
||||
return ref
|
||||
|
||||
self.domains = {}
|
||||
|
|
@ -2657,9 +2657,9 @@ class MultiLDAPandSQLIdentity(BaseLDAPIdentity, tests.SQLDriverOverrides,
|
|||
'description': uuid.uuid4().hex,
|
||||
'parent_id': None,
|
||||
'enabled': True}
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.assignment_api.create_project(project['id'], project)
|
||||
project_ref = self.assignment_api.get_project(project['id'])
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_project(project['id'], project)
|
||||
project_ref = self.resource_api.get_project(project['id'])
|
||||
self.assertDictEqual(project_ref, project)
|
||||
|
||||
self.assignment_api.create_grant(user_id=self.user_foo['id'],
|
||||
|
|
@ -2669,10 +2669,10 @@ class MultiLDAPandSQLIdentity(BaseLDAPIdentity, tests.SQLDriverOverrides,
|
|||
project_id=project['id'],
|
||||
role_id=self.role_member['id'])
|
||||
domain['enabled'] = False
|
||||
self.assignment_api.update_domain(domain['id'], domain)
|
||||
self.assignment_api.delete_domain(domain['id'])
|
||||
self.resource_api.update_domain(domain['id'], domain)
|
||||
self.resource_api.delete_domain(domain['id'])
|
||||
self.assertRaises(exception.DomainNotFound,
|
||||
self.assignment_api.get_domain,
|
||||
self.resource_api.get_domain,
|
||||
domain['id'])
|
||||
|
||||
def test_user_enabled_ignored_disable_error(self):
|
||||
|
|
@ -2973,7 +2973,7 @@ class DomainSpecificSQLIdentity(DomainSpecificLDAPandSQLIdentity):
|
|||
# which should fail.
|
||||
self.assertRaises(exception.MultipleSQLDriversInConfig,
|
||||
self.identity_api.domain_configs._load_config,
|
||||
self.identity_api.assignment_api,
|
||||
self.resource_api,
|
||||
[tests.TESTCONF + '/domain_configs_one_extra_sql/' +
|
||||
'keystone.domain2.conf'],
|
||||
'domain2')
|
||||
|
|
|
|||
|
|
@ -160,14 +160,14 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
|
|||
'name': None,
|
||||
'domain_id': DEFAULT_DOMAIN_ID}
|
||||
self.assertRaises(exception.ValidationError,
|
||||
self.assignment_api.create_project,
|
||||
self.resource_api.create_project,
|
||||
tenant['id'],
|
||||
tenant)
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project,
|
||||
self.resource_api.get_project,
|
||||
tenant['id'])
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project_by_name,
|
||||
self.resource_api.get_project_by_name,
|
||||
tenant['name'],
|
||||
DEFAULT_DOMAIN_ID)
|
||||
|
||||
|
|
@ -189,7 +189,7 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
|
|||
user = self.identity_api.create_user(user)
|
||||
self.assignment_api.add_user_to_project(self.tenant_bar['id'],
|
||||
user['id'])
|
||||
self.assignment_api.delete_project(self.tenant_bar['id'])
|
||||
self.resource_api.delete_project(self.tenant_bar['id'])
|
||||
tenants = self.assignment_api.list_projects_for_user(user['id'])
|
||||
self.assertEqual([], tenants)
|
||||
|
||||
|
|
@ -230,7 +230,7 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
|
|||
user['id'],
|
||||
self.tenant_bar['id'],
|
||||
role['id'])
|
||||
self.assignment_api.delete_project(self.tenant_bar['id'])
|
||||
self.resource_api.delete_project(self.tenant_bar['id'])
|
||||
|
||||
# Now check whether the internal representation of roles
|
||||
# has been deleted
|
||||
|
|
@ -257,12 +257,12 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
|
|||
'name': uuid.uuid4().hex,
|
||||
'domain_id': DEFAULT_DOMAIN_ID,
|
||||
arbitrary_key: arbitrary_value}
|
||||
ref = self.assignment_api.create_project(tenant_id, tenant)
|
||||
ref = self.resource_api.create_project(tenant_id, tenant)
|
||||
self.assertEqual(arbitrary_value, ref[arbitrary_key])
|
||||
self.assertIsNone(ref.get('extra'))
|
||||
|
||||
tenant['name'] = uuid.uuid4().hex
|
||||
ref = self.assignment_api.update_project(tenant_id, tenant)
|
||||
ref = self.resource_api.update_project(tenant_id, tenant)
|
||||
self.assertEqual(arbitrary_value, ref[arbitrary_key])
|
||||
self.assertEqual(arbitrary_value, ref['extra'][arbitrary_key])
|
||||
|
||||
|
|
@ -314,14 +314,14 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
|
|||
|
||||
def test_list_domains_for_user(self):
|
||||
domain = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
user = {'name': uuid.uuid4().hex, 'password': uuid.uuid4().hex,
|
||||
'domain_id': domain['id'], 'enabled': True}
|
||||
|
||||
test_domain1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.assignment_api.create_domain(test_domain1['id'], test_domain1)
|
||||
self.resource_api.create_domain(test_domain1['id'], test_domain1)
|
||||
test_domain2 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.assignment_api.create_domain(test_domain2['id'], test_domain2)
|
||||
self.resource_api.create_domain(test_domain2['id'], test_domain2)
|
||||
|
||||
user = self.identity_api.create_user(user)
|
||||
user_domains = self.assignment_api.list_domains_for_user(user['id'])
|
||||
|
|
@ -340,7 +340,7 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
|
|||
# make user1 a member of both groups. Both these new domains
|
||||
# should now be included, along with any direct user grants.
|
||||
domain = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
user = {'name': uuid.uuid4().hex, 'password': uuid.uuid4().hex,
|
||||
'domain_id': domain['id'], 'enabled': True}
|
||||
user = self.identity_api.create_user(user)
|
||||
|
|
@ -350,11 +350,11 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
|
|||
group2 = self.identity_api.create_group(group2)
|
||||
|
||||
test_domain1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.assignment_api.create_domain(test_domain1['id'], test_domain1)
|
||||
self.resource_api.create_domain(test_domain1['id'], test_domain1)
|
||||
test_domain2 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.assignment_api.create_domain(test_domain2['id'], test_domain2)
|
||||
self.resource_api.create_domain(test_domain2['id'], test_domain2)
|
||||
test_domain3 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.assignment_api.create_domain(test_domain3['id'], test_domain3)
|
||||
self.resource_api.create_domain(test_domain3['id'], test_domain3)
|
||||
|
||||
self.identity_api.add_user_to_group(user['id'], group1['id'])
|
||||
self.identity_api.add_user_to_group(user['id'], group2['id'])
|
||||
|
|
@ -384,9 +384,9 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
|
|||
|
||||
"""
|
||||
domain1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
domain1 = self.assignment_api.create_domain(domain1['id'], domain1)
|
||||
domain1 = self.resource_api.create_domain(domain1['id'], domain1)
|
||||
domain2 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
domain2 = self.assignment_api.create_domain(domain2['id'], domain2)
|
||||
domain2 = self.resource_api.create_domain(domain2['id'], domain2)
|
||||
user = {'name': uuid.uuid4().hex, 'password': uuid.uuid4().hex,
|
||||
'domain_id': domain1['id'], 'enabled': True}
|
||||
user = self.identity_api.create_user(user)
|
||||
|
|
@ -857,7 +857,7 @@ class DeprecatedDecorators(SqlTests):
|
|||
'id': uuid.uuid4().hex,
|
||||
'name': uuid.uuid4().hex,
|
||||
'domain_id': DEFAULT_DOMAIN_ID}
|
||||
self.assignment_api.create_project(project_ref['id'], project_ref)
|
||||
self.resource_api.create_project(project_ref['id'], project_ref)
|
||||
self.resource_api.get_project(project_ref['id'])
|
||||
|
||||
# Now enable fatal exceptions - creating a project by calling the
|
||||
|
|
|
|||
|
|
@ -912,7 +912,7 @@ class ClientDrivenTestCase(tests.TestCase):
|
|||
tenant_id = uuid.uuid4().hex
|
||||
tenant = {'name': 'tenant-%s' % tenant_id, 'id': tenant_id,
|
||||
'domain_id': DEFAULT_DOMAIN_ID}
|
||||
self.assignment_api.create_project(tenant_id, tenant)
|
||||
self.resource_api.create_project(tenant_id, tenant)
|
||||
self.assignment_api.add_user_to_project(tenant_id,
|
||||
self.user_foo['id'])
|
||||
|
||||
|
|
@ -937,7 +937,7 @@ class ClientDrivenTestCase(tests.TestCase):
|
|||
tenant_id = uuid.uuid4().hex
|
||||
tenant = {'name': 'tenant-%s' % tenant_id, 'id': tenant_id,
|
||||
'domain_id': DEFAULT_DOMAIN_ID}
|
||||
self.assignment_api.create_project(tenant_id, tenant)
|
||||
self.resource_api.create_project(tenant_id, tenant)
|
||||
self.assignment_api.add_user_to_project(tenant_id,
|
||||
self.user_foo['id'])
|
||||
|
||||
|
|
|
|||
|
|
@ -69,13 +69,13 @@ class TenantTestCase(tests.TestCase):
|
|||
|
||||
domain = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
|
||||
'enabled': True}
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
|
||||
'domain_id': domain['id']}
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
# Check the real total number of projects, we should have the above
|
||||
# plus those in the default features
|
||||
refs = self.assignment_api.list_projects()
|
||||
refs = self.resource_api.list_projects()
|
||||
self.assertEqual(len(default_fixtures.TENANTS) + 1, len(refs))
|
||||
|
||||
# Now list all projects using the v2 API - we should only get
|
||||
|
|
|
|||
|
|
@ -175,7 +175,7 @@ class RestfulTestCase(tests.SQLDriverOverrides, rest.RestfulTestCase,
|
|||
# a migration, but the in-mem db uses model definitions to create
|
||||
# the schema (no migrations are run).
|
||||
try:
|
||||
self.assignment_api.get_domain(DEFAULT_DOMAIN_ID)
|
||||
self.resource_api.get_domain(DEFAULT_DOMAIN_ID)
|
||||
except exception.DomainNotFound:
|
||||
domain = {'description': (u'Owns users and tenants (i.e. '
|
||||
u'projects) available on Identity '
|
||||
|
|
@ -183,20 +183,20 @@ class RestfulTestCase(tests.SQLDriverOverrides, rest.RestfulTestCase,
|
|||
'enabled': True,
|
||||
'id': DEFAULT_DOMAIN_ID,
|
||||
'name': u'Default'}
|
||||
self.assignment_api.create_domain(DEFAULT_DOMAIN_ID, domain)
|
||||
self.resource_api.create_domain(DEFAULT_DOMAIN_ID, domain)
|
||||
|
||||
def load_sample_data(self):
|
||||
self._populate_default_domain()
|
||||
self.domain_id = uuid.uuid4().hex
|
||||
self.domain = self.new_domain_ref()
|
||||
self.domain['id'] = self.domain_id
|
||||
self.assignment_api.create_domain(self.domain_id, self.domain)
|
||||
self.resource_api.create_domain(self.domain_id, self.domain)
|
||||
|
||||
self.project_id = uuid.uuid4().hex
|
||||
self.project = self.new_project_ref(
|
||||
domain_id=self.domain_id)
|
||||
self.project['id'] = self.project_id
|
||||
self.assignment_api.create_project(self.project_id, self.project)
|
||||
self.resource_api.create_project(self.project_id, self.project)
|
||||
|
||||
self.user = self.new_user_ref(domain_id=self.domain_id)
|
||||
password = self.user['password']
|
||||
|
|
@ -208,8 +208,8 @@ class RestfulTestCase(tests.SQLDriverOverrides, rest.RestfulTestCase,
|
|||
self.default_domain_project = self.new_project_ref(
|
||||
domain_id=DEFAULT_DOMAIN_ID)
|
||||
self.default_domain_project['id'] = self.default_domain_project_id
|
||||
self.assignment_api.create_project(self.default_domain_project_id,
|
||||
self.default_domain_project)
|
||||
self.resource_api.create_project(self.default_domain_project_id,
|
||||
self.default_domain_project)
|
||||
|
||||
self.default_domain_user = self.new_user_ref(
|
||||
domain_id=DEFAULT_DOMAIN_ID)
|
||||
|
|
|
|||
|
|
@ -149,11 +149,11 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
"""Call ``PATCH /domains/{domain_id}`` (set enabled=False)."""
|
||||
# Create a 2nd set of entities in a 2nd domain
|
||||
self.domain2 = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domain2['id'], self.domain2)
|
||||
self.resource_api.create_domain(self.domain2['id'], self.domain2)
|
||||
|
||||
self.project2 = self.new_project_ref(
|
||||
domain_id=self.domain2['id'])
|
||||
self.assignment_api.create_project(self.project2['id'], self.project2)
|
||||
self.resource_api.create_project(self.project2['id'], self.project2)
|
||||
|
||||
self.user2 = self.new_user_ref(
|
||||
domain_id=self.domain2['id'],
|
||||
|
|
@ -250,11 +250,11 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
|
||||
# Create a 2nd set of entities in a 2nd domain
|
||||
self.domain2 = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domain2['id'], self.domain2)
|
||||
self.resource_api.create_domain(self.domain2['id'], self.domain2)
|
||||
|
||||
self.project2 = self.new_project_ref(
|
||||
domain_id=self.domain2['id'])
|
||||
self.assignment_api.create_project(self.project2['id'], self.project2)
|
||||
self.resource_api.create_project(self.project2['id'], self.project2)
|
||||
|
||||
self.user2 = self.new_user_ref(
|
||||
domain_id=self.domain2['id'],
|
||||
|
|
@ -283,10 +283,10 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
|
||||
# Check all the domain2 relevant entities are gone
|
||||
self.assertRaises(exception.DomainNotFound,
|
||||
self.assignment_api.get_domain,
|
||||
self.resource_api.get_domain,
|
||||
self.domain2['id'])
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project,
|
||||
self.resource_api.get_project,
|
||||
self.project2['id'])
|
||||
self.assertRaises(exception.GroupNotFound,
|
||||
self.identity_api.get_group,
|
||||
|
|
@ -299,9 +299,9 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
self.credential2['id'])
|
||||
|
||||
# ...and that all self.domain entities are still here
|
||||
r = self.assignment_api.get_domain(self.domain['id'])
|
||||
r = self.resource_api.get_domain(self.domain['id'])
|
||||
self.assertDictEqual(r, self.domain)
|
||||
r = self.assignment_api.get_project(self.project['id'])
|
||||
r = self.resource_api.get_project(self.project['id'])
|
||||
self.assertDictEqual(r, self.project)
|
||||
r = self.identity_api.get_group(self.group['id'])
|
||||
self.assertDictEqual(r, self.group)
|
||||
|
|
@ -330,7 +330,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
# Create a new domain that's not the default
|
||||
new_domain = self.new_domain_ref()
|
||||
new_domain_id = new_domain['id']
|
||||
self.assignment_api.create_domain(new_domain_id, new_domain)
|
||||
self.resource_api.create_domain(new_domain_id, new_domain)
|
||||
|
||||
# Disable the new domain so can delete it later.
|
||||
self.patch('/domains/%(domain_id)s' % {
|
||||
|
|
@ -353,7 +353,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
# Create a new domain that's not the default
|
||||
new_domain = self.new_domain_ref()
|
||||
new_domain_id = new_domain['id']
|
||||
self.assignment_api.create_domain(new_domain_id, new_domain)
|
||||
self.resource_api.create_domain(new_domain_id, new_domain)
|
||||
|
||||
old_default_domain_id = CONF.identity.default_domain_id
|
||||
|
||||
|
|
@ -380,7 +380,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
"""
|
||||
|
||||
self.domain = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domain['id'], self.domain)
|
||||
self.resource_api.create_domain(self.domain['id'], self.domain)
|
||||
|
||||
self.user2 = self.new_user_ref(domain_id=self.domain['id'])
|
||||
password = self.user2['password']
|
||||
|
|
@ -418,16 +418,16 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
def test_delete_domain_hierarchy(self):
|
||||
"""Call ``DELETE /domains/{domain_id}``."""
|
||||
domain = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
|
||||
root_project = self.new_project_ref(
|
||||
domain_id=domain['id'])
|
||||
self.assignment_api.create_project(root_project['id'], root_project)
|
||||
self.resource_api.create_project(root_project['id'], root_project)
|
||||
|
||||
leaf_project = self.new_project_ref(
|
||||
domain_id=domain['id'],
|
||||
parent_id=root_project['id'])
|
||||
self.assignment_api.create_project(leaf_project['id'], leaf_project)
|
||||
self.resource_api.create_project(leaf_project['id'], leaf_project)
|
||||
|
||||
# Need to disable it first.
|
||||
self.patch('/domains/%(domain_id)s' % {
|
||||
|
|
@ -439,15 +439,15 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
'domain_id': domain['id']})
|
||||
|
||||
self.assertRaises(exception.DomainNotFound,
|
||||
self.assignment_api.get_domain,
|
||||
self.resource_api.get_domain,
|
||||
domain['id'])
|
||||
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project,
|
||||
self.resource_api.get_project,
|
||||
root_project['id'])
|
||||
|
||||
self.assertRaises(exception.ProjectNotFound,
|
||||
self.assignment_api.get_project,
|
||||
self.resource_api.get_project,
|
||||
leaf_project['id'])
|
||||
|
||||
# Project CRUD tests
|
||||
|
|
@ -548,7 +548,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
def test_update_project_domain_id(self):
|
||||
"""Call ``PATCH /projects/{project_id}`` with domain_id."""
|
||||
project = self.new_project_ref(domain_id=self.domain['id'])
|
||||
self.assignment_api.create_project(project['id'], project)
|
||||
self.resource_api.create_project(project['id'], project)
|
||||
project['domain_id'] = CONF.identity.default_domain_id
|
||||
r = self.patch('/projects/%(project_id)s' % {
|
||||
'project_id': project['id']},
|
||||
|
|
@ -609,7 +609,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
# Create a second credential with a different project
|
||||
self.project2 = self.new_project_ref(
|
||||
domain_id=self.domain['id'])
|
||||
self.assignment_api.create_project(self.project2['id'], self.project2)
|
||||
self.resource_api.create_project(self.project2['id'], self.project2)
|
||||
self.credential2 = self.new_credential_ref(
|
||||
user_id=self.user['id'],
|
||||
project_id=self.project2['id'])
|
||||
|
|
@ -1229,7 +1229,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase):
|
|||
self.group1['id'])
|
||||
self.project1 = self.new_project_ref(
|
||||
domain_id=self.domain['id'])
|
||||
self.assignment_api.create_project(self.project1['id'], self.project1)
|
||||
self.resource_api.create_project(self.project1['id'], self.project1)
|
||||
self.role1 = self.new_role_ref()
|
||||
self.role_api.create_role(self.role1['id'], self.role1)
|
||||
self.role2 = self.new_role_ref()
|
||||
|
|
@ -1551,7 +1551,7 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase):
|
|||
role_list.append(role)
|
||||
|
||||
domain = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
user1 = self.new_user_ref(
|
||||
domain_id=domain['id'])
|
||||
password = user1['password']
|
||||
|
|
@ -1559,10 +1559,10 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase):
|
|||
user1['password'] = password
|
||||
project1 = self.new_project_ref(
|
||||
domain_id=domain['id'])
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
project2 = self.new_project_ref(
|
||||
domain_id=domain['id'])
|
||||
self.assignment_api.create_project(project2['id'], project2)
|
||||
self.resource_api.create_project(project2['id'], project2)
|
||||
# Add some roles to the project
|
||||
self.assignment_api.add_role_to_user_and_project(
|
||||
user1['id'], project1['id'], role_list[0]['id'])
|
||||
|
|
@ -1647,7 +1647,7 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase):
|
|||
role_list.append(role)
|
||||
|
||||
domain = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
user1 = self.new_user_ref(
|
||||
domain_id=domain['id'])
|
||||
password = user1['password']
|
||||
|
|
@ -1655,10 +1655,10 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase):
|
|||
user1['password'] = password
|
||||
project1 = self.new_project_ref(
|
||||
domain_id=domain['id'])
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
project2 = self.new_project_ref(
|
||||
domain_id=domain['id'])
|
||||
self.assignment_api.create_project(project2['id'], project2)
|
||||
self.resource_api.create_project(project2['id'], project2)
|
||||
# Add some roles to the project
|
||||
self.assignment_api.add_role_to_user_and_project(
|
||||
user1['id'], project1['id'], role_list[0]['id'])
|
||||
|
|
@ -1744,7 +1744,7 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase):
|
|||
role_list.append(role)
|
||||
|
||||
domain = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
user1 = self.new_user_ref(
|
||||
domain_id=domain['id'])
|
||||
password = user1['password']
|
||||
|
|
@ -1764,10 +1764,10 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase):
|
|||
group1['id'])
|
||||
project1 = self.new_project_ref(
|
||||
domain_id=domain['id'])
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
project2 = self.new_project_ref(
|
||||
domain_id=domain['id'])
|
||||
self.assignment_api.create_project(project2['id'], project2)
|
||||
self.resource_api.create_project(project2['id'], project2)
|
||||
# Add some roles to the project
|
||||
self.assignment_api.add_role_to_user_and_project(
|
||||
user1['id'], project1['id'], role_list[0]['id'])
|
||||
|
|
@ -1852,7 +1852,7 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase):
|
|||
role_list.append(role)
|
||||
|
||||
domain = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
user1 = self.new_user_ref(
|
||||
domain_id=domain['id'])
|
||||
password = user1['password']
|
||||
|
|
@ -1863,10 +1863,10 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase):
|
|||
group1 = self.identity_api.create_group(group1)
|
||||
project1 = self.new_project_ref(
|
||||
domain_id=domain['id'])
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
project2 = self.new_project_ref(
|
||||
domain_id=domain['id'])
|
||||
self.assignment_api.create_project(project2['id'], project2)
|
||||
self.resource_api.create_project(project2['id'], project2)
|
||||
# Add some spoiler roles to the projects
|
||||
self.assignment_api.add_role_to_user_and_project(
|
||||
user1['id'], project1['id'], role_list[0]['id'])
|
||||
|
|
@ -1937,8 +1937,8 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase):
|
|||
leaf = self.new_project_ref(domain_id=self.domain['id'],
|
||||
parent_id=root['id'])
|
||||
|
||||
self.assignment_api.create_project(root['id'], root)
|
||||
self.assignment_api.create_project(leaf['id'], leaf)
|
||||
self.resource_api.create_project(root['id'], root)
|
||||
self.resource_api.create_project(leaf['id'], leaf)
|
||||
|
||||
# Create 'non-inherited' and 'inherited' roles
|
||||
non_inherited_role = {'id': uuid.uuid4().hex, 'name': 'non-inherited'}
|
||||
|
|
|
|||
|
|
@ -184,7 +184,7 @@ class TokenAPITests(object):
|
|||
'name': uuid.uuid4().hex,
|
||||
}
|
||||
|
||||
self.assignment_api.create_domain(new_domain_id, new_domain)
|
||||
self.resource_api.create_domain(new_domain_id, new_domain)
|
||||
|
||||
# 2) Create user in new domain.
|
||||
new_user_password = uuid.uuid4().hex
|
||||
|
|
@ -470,7 +470,7 @@ class TestTokenRevokeSelfAndAdmin(test_v3.RestfulTestCase):
|
|||
super(TestTokenRevokeSelfAndAdmin, self).load_sample_data()
|
||||
# DomainA setup
|
||||
self.domainA = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainA['id'], self.domainA)
|
||||
self.resource_api.create_domain(self.domainA['id'], self.domainA)
|
||||
|
||||
self.userAdminA = self.new_user_ref(domain_id=self.domainA['id'])
|
||||
password = self.userAdminA['password']
|
||||
|
|
@ -565,7 +565,7 @@ class TestTokenRevokeSelfAndAdmin(test_v3.RestfulTestCase):
|
|||
def test_adminB_fails_revoking_userA_token(self):
|
||||
# DomainB setup
|
||||
self.domainB = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainB['id'], self.domainB)
|
||||
self.resource_api.create_domain(self.domainB['id'], self.domainB)
|
||||
self.userAdminB = self.new_user_ref(domain_id=self.domainB['id'])
|
||||
password = self.userAdminB['password']
|
||||
self.userAdminB = self.identity_api.create_user(self.userAdminB)
|
||||
|
|
@ -636,13 +636,13 @@ class TestTokenRevokeById(test_v3.RestfulTestCase):
|
|||
|
||||
# Start by creating a couple of domains and projects
|
||||
self.domainA = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainA['id'], self.domainA)
|
||||
self.resource_api.create_domain(self.domainA['id'], self.domainA)
|
||||
self.domainB = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainB['id'], self.domainB)
|
||||
self.resource_api.create_domain(self.domainB['id'], self.domainB)
|
||||
self.projectA = self.new_project_ref(domain_id=self.domainA['id'])
|
||||
self.assignment_api.create_project(self.projectA['id'], self.projectA)
|
||||
self.resource_api.create_project(self.projectA['id'], self.projectA)
|
||||
self.projectB = self.new_project_ref(domain_id=self.domainA['id'])
|
||||
self.assignment_api.create_project(self.projectB['id'], self.projectB)
|
||||
self.resource_api.create_project(self.projectB['id'], self.projectB)
|
||||
|
||||
# Now create some users
|
||||
self.user1 = self.new_user_ref(
|
||||
|
|
@ -774,7 +774,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase):
|
|||
|
||||
def role_data_fixtures(self):
|
||||
self.projectC = self.new_project_ref(domain_id=self.domainA['id'])
|
||||
self.assignment_api.create_project(self.projectC['id'], self.projectC)
|
||||
self.resource_api.create_project(self.projectC['id'], self.projectC)
|
||||
self.user4 = self.new_user_ref(domain_id=self.domainB['id'])
|
||||
password = self.user4['password']
|
||||
self.user4 = self.identity_api.create_user(self.user4)
|
||||
|
|
@ -1850,7 +1850,7 @@ class TestAuth(test_v3.RestfulTestCase):
|
|||
def test_project_id_scoped_token_with_user_id_401(self):
|
||||
project_id = uuid.uuid4().hex
|
||||
project = self.new_project_ref(domain_id=self.domain_id)
|
||||
self.assignment_api.create_project(project_id, project)
|
||||
self.resource_api.create_project(project_id, project)
|
||||
|
||||
auth_data = self.build_authentication_request(
|
||||
user_id=self.user['id'],
|
||||
|
|
@ -1882,9 +1882,9 @@ class TestAuth(test_v3.RestfulTestCase):
|
|||
"""
|
||||
|
||||
domainA = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(domainA['id'], domainA)
|
||||
self.resource_api.create_domain(domainA['id'], domainA)
|
||||
projectA = self.new_project_ref(domain_id=domainA['id'])
|
||||
self.assignment_api.create_project(projectA['id'], projectA)
|
||||
self.resource_api.create_project(projectA['id'], projectA)
|
||||
|
||||
user1 = self.new_user_ref(
|
||||
domain_id=domainA['id'])
|
||||
|
|
@ -1996,10 +1996,10 @@ class TestAuth(test_v3.RestfulTestCase):
|
|||
"""Verify getting a token in cross domain group/project roles."""
|
||||
# create domain, project and group and grant roles to user
|
||||
domain1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
|
||||
self.assignment_api.create_domain(domain1['id'], domain1)
|
||||
self.resource_api.create_domain(domain1['id'], domain1)
|
||||
project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
|
||||
'domain_id': domain1['id']}
|
||||
self.assignment_api.create_project(project1['id'], project1)
|
||||
self.resource_api.create_project(project1['id'], project1)
|
||||
user_foo = self.new_user_ref(domain_id=test_v3.DEFAULT_DOMAIN_ID)
|
||||
password = user_foo['password']
|
||||
user_foo = self.identity_api.create_user(user_foo)
|
||||
|
|
@ -2496,11 +2496,11 @@ class TestAuth(test_v3.RestfulTestCase):
|
|||
# create a disabled domain
|
||||
domain = self.new_domain_ref()
|
||||
domain['enabled'] = False
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
|
||||
# create a project in the disabled domain
|
||||
project = self.new_project_ref(domain_id=domain['id'])
|
||||
self.assignment_api.create_project(project['id'], project)
|
||||
self.resource_api.create_project(project['id'], project)
|
||||
|
||||
# assign some role to self.user for the project in the disabled domain
|
||||
self.assignment_api.add_role_to_user_and_project(
|
||||
|
|
|
|||
|
|
@ -1303,40 +1303,40 @@ class FederatedTokenTests(FederationTests):
|
|||
|
||||
# Create and add domains
|
||||
self.domainA = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainA['id'],
|
||||
self.domainA)
|
||||
self.resource_api.create_domain(self.domainA['id'],
|
||||
self.domainA)
|
||||
|
||||
self.domainB = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainB['id'],
|
||||
self.domainB)
|
||||
self.resource_api.create_domain(self.domainB['id'],
|
||||
self.domainB)
|
||||
|
||||
self.domainC = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainC['id'],
|
||||
self.domainC)
|
||||
self.resource_api.create_domain(self.domainC['id'],
|
||||
self.domainC)
|
||||
|
||||
self.domainD = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainD['id'],
|
||||
self.domainD)
|
||||
self.resource_api.create_domain(self.domainD['id'],
|
||||
self.domainD)
|
||||
|
||||
# Create and add projects
|
||||
self.proj_employees = self.new_project_ref(
|
||||
domain_id=self.domainA['id'])
|
||||
self.assignment_api.create_project(self.proj_employees['id'],
|
||||
self.proj_employees)
|
||||
self.resource_api.create_project(self.proj_employees['id'],
|
||||
self.proj_employees)
|
||||
self.proj_customers = self.new_project_ref(
|
||||
domain_id=self.domainA['id'])
|
||||
self.assignment_api.create_project(self.proj_customers['id'],
|
||||
self.proj_customers)
|
||||
self.resource_api.create_project(self.proj_customers['id'],
|
||||
self.proj_customers)
|
||||
|
||||
self.project_all = self.new_project_ref(
|
||||
domain_id=self.domainA['id'])
|
||||
self.assignment_api.create_project(self.project_all['id'],
|
||||
self.project_all)
|
||||
self.resource_api.create_project(self.project_all['id'],
|
||||
self.project_all)
|
||||
|
||||
self.project_inherited = self.new_project_ref(
|
||||
domain_id=self.domainD['id'])
|
||||
self.assignment_api.create_project(self.project_inherited['id'],
|
||||
self.project_inherited)
|
||||
self.resource_api.create_project(self.project_inherited['id'],
|
||||
self.project_inherited)
|
||||
|
||||
# Create and add groups
|
||||
self.group_employees = self.new_group_ref(
|
||||
|
|
|
|||
|
|
@ -65,12 +65,12 @@ class IdentityTestFilteredCase(filtering.FilterTests,
|
|||
# Start by creating a few domains
|
||||
self._populate_default_domain()
|
||||
self.domainA = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainA['id'], self.domainA)
|
||||
self.resource_api.create_domain(self.domainA['id'], self.domainA)
|
||||
self.domainB = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainB['id'], self.domainB)
|
||||
self.resource_api.create_domain(self.domainB['id'], self.domainB)
|
||||
self.domainC = self.new_domain_ref()
|
||||
self.domainC['enabled'] = False
|
||||
self.assignment_api.create_domain(self.domainC['id'], self.domainC)
|
||||
self.resource_api.create_domain(self.domainC['id'], self.domainC)
|
||||
|
||||
# Now create some users, one in domainA and two of them in domainB
|
||||
self.user1 = self.new_user_ref(domain_id=self.domainA['id'])
|
||||
|
|
|
|||
|
|
@ -67,7 +67,7 @@ class IdentityTestCase(test_v3.RestfulTestCase):
|
|||
# Create a user with a role on the domain so we can get a
|
||||
# domain scoped token
|
||||
domain = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
user = self.new_user_ref(domain_id=domain['id'])
|
||||
password = user['password']
|
||||
user = self.identity_api.create_user(user)
|
||||
|
|
@ -126,7 +126,7 @@ class IdentityTestCase(test_v3.RestfulTestCase):
|
|||
# Create a user with a role on the domain so we can get a
|
||||
# domain scoped token
|
||||
domain = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(domain['id'], domain)
|
||||
self.resource_api.create_domain(domain['id'], domain)
|
||||
user = self.new_user_ref(domain_id=domain['id'])
|
||||
password = user['password']
|
||||
user = self.identity_api.create_user(user)
|
||||
|
|
|
|||
|
|
@ -70,12 +70,12 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase):
|
|||
self._populate_default_domain()
|
||||
# Start by creating a couple of domains
|
||||
self.domainA = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainA['id'], self.domainA)
|
||||
self.resource_api.create_domain(self.domainA['id'], self.domainA)
|
||||
self.domainB = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainB['id'], self.domainB)
|
||||
self.resource_api.create_domain(self.domainB['id'], self.domainB)
|
||||
self.domainC = self.new_domain_ref()
|
||||
self.domainC['enabled'] = False
|
||||
self.assignment_api.create_domain(self.domainC['id'], self.domainC)
|
||||
self.resource_api.create_domain(self.domainC['id'], self.domainC)
|
||||
|
||||
# Now create some users, one in domainA and two of them in domainB
|
||||
self.user1 = self.new_user_ref(domain_id=self.domainA['id'])
|
||||
|
|
@ -383,12 +383,12 @@ class IdentityTestv3CloudPolicySample(test_v3.RestfulTestCase):
|
|||
# Start by creating a couple of domains
|
||||
self._populate_default_domain()
|
||||
self.domainA = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainA['id'], self.domainA)
|
||||
self.resource_api.create_domain(self.domainA['id'], self.domainA)
|
||||
self.domainB = self.new_domain_ref()
|
||||
self.assignment_api.create_domain(self.domainB['id'], self.domainB)
|
||||
self.resource_api.create_domain(self.domainB['id'], self.domainB)
|
||||
self.admin_domain = {'id': 'admin_domain_id', 'name': 'Admin_domain'}
|
||||
self.assignment_api.create_domain(self.admin_domain['id'],
|
||||
self.admin_domain)
|
||||
self.resource_api.create_domain(self.admin_domain['id'],
|
||||
self.admin_domain)
|
||||
|
||||
# And our users
|
||||
self.cloud_admin_user = self.new_user_ref(
|
||||
|
|
@ -439,7 +439,7 @@ class IdentityTestv3CloudPolicySample(test_v3.RestfulTestCase):
|
|||
|
||||
# Create and assign roles to the project
|
||||
self.project = self.new_project_ref(domain_id=self.domainA['id'])
|
||||
self.assignment_api.create_project(self.project['id'], self.project)
|
||||
self.resource_api.create_project(self.project['id'], self.project)
|
||||
self.assignment_api.create_grant(self.admin_role['id'],
|
||||
user_id=self.project_admin_user['id'],
|
||||
project_id=self.project['id'])
|
||||
|
|
|
|||
Loading…
Reference in New Issue