Browse Source

Add role assignment test coverage for domain members

This commit adds role assignment test coverage for
users who have the member role assigned on the domain.

Subsequent patches will:

- add functionality for domain admins
- add functionality for project readers
- add functionality for project members
- add functionality for project admins
- remove the obsolete policies from policy.v3cloudsample.json

Partial-Bug: 1750673
Change-Id: I13fd19fb1d38ba43a22505e3fdbf552fddc949dd
tags/16.0.0.0rc1
Vishakha Agarwal 1 year ago
committed by Lance Bragstad
parent
commit
269a2890a9
1 changed files with 42 additions and 0 deletions
  1. +42
    -0
      keystone/tests/unit/protection/v3/test_assignment.py

+ 42
- 0
keystone/tests/unit/protection/v3/test_assignment.py View File

@@ -1069,3 +1069,45 @@ class DomainReaderTests(base_classes.TestCaseWithBootstrap,
r = c.post('/v3/auth/tokens', json=auth)
self.token_id = r.headers['X-Subject-Token']
self.headers = {'X-Auth-Token': self.token_id}


class DomainMemberTests(base_classes.TestCaseWithBootstrap,
common_auth.AuthTestMixin,
_AssignmentTestUtilities,
_DomainUserTests):

def setUp(self):
super(DomainMemberTests, self).setUp()
self.loadapp()
self.useFixture(ksfixtures.Policy(self.config_fixture))
self.config_fixture.config(group='oslo_policy', enforce_scope=True)

domain = PROVIDERS.resource_api.create_domain(
uuid.uuid4().hex, unit.new_domain_ref()
)
self.domain_id = domain['id']
domain_user = unit.new_user_ref(domain_id=self.domain_id)
self.user_id = PROVIDERS.identity_api.create_user(domain_user)['id']
PROVIDERS.assignment_api.create_grant(
self.bootstrapper.member_role_id, user_id=self.user_id,
domain_id=self.domain_id
)
self.expected = [
# assignment of the user running the test case
{
'user_id': self.user_id,
'domain_id': self.domain_id,
'role_id': self.bootstrapper.member_role_id
}]

auth = self.build_authentication_request(
user_id=self.user_id, password=domain_user['password'],
domain_id=self.domain_id
)

# Grab a token using the persona we're testing and prepare headers
# for requests we'll be making in the tests.
with self.test_client() as c:
r = c.post('/v3/auth/tokens', json=auth)
self.token_id = r.headers['X-Subject-Token']
self.headers = {'X-Auth-Token': self.token_id}

Loading…
Cancel
Save