Address follow-up comments from previous patchset

There were a couple comments about making minor changes in the patch set for changing change_password to not require a token. These comments mentioned fixing the wording on the change_user api-ref note and adding an additional assertion for one of the added unit tests. https://review.openstack.org/#/c/404022/ This change corrects the wording in the api-ref note for change_password about not needing an authentication token and adds an additional assertion for changing an expired password to verify that once an expired password is successfully changed, the user is able to authenticate and create a token. Change-Id: I8e557d344ee77e0c9c28391d3ef09913bd87fef6
2017-01-26 16:52:38 -06:00 · 2017-01-26 16:52:38 -06:00 · 2bb1720271
parent 169e66ab88
commit 2bb1720271
2 changed files with 4 additions and 2 deletions
--- a/api-ref/source/v3/users.inc
+++ b/api-ref/source/v3/users.inc
@ -364,8 +364,7 @@ Relationship: ``http://docs.openstack.org/api/openstack-identity/3/rel/user_chan
 Changes the password for a user.

 .. note::
-    This API can be called directly without authenticating and providing a token in the
-    ``X-Auth-Token`` request header.
+    This API call does not require a token for authentication.

 Response Codes
 --------------
--- a/keystone/tests/unit/test_v3_identity.py
+++ b/keystone/tests/unit/test_v3_identity.py
@ -959,6 +959,9 @@ class UserSelfServiceChangingPasswordsTestCase(ChangePasswordTestCase):
        self.change_password(password=new_password,
                             original_password=password,
                             expected_status=http_client.NO_CONTENT)
+        # new password works
+        self.get_request_token(new_password,
+                               expected_status=http_client.CREATED)

    def test_changing_expired_password_with_disabled_user_fails(self):
        self.config_fixture.config(group='security_compliance',