Fix D400 PEP257

Currently tox ignores D401.
D400: First line should end with a period.
This change removes it and make keystone docstring compliantwith it.

Change-Id: I9a9520e69701718ff471eebbcc52199dacdd9c68
changes/60/308060/3
Navid Pustchi 7 years ago
parent e380a3c005
commit 2c4f948db0
  1. 2
      keystone/assignment/V8_backends/sql.py
  2. 2
      keystone/assignment/backends/sql.py
  3. 12
      keystone/assignment/core.py
  4. 2
      keystone/auth/plugins/external.py
  5. 4
      keystone/auth/plugins/totp.py
  6. 2
      keystone/cmd/cli.py
  7. 2
      keystone/common/ldap/models.py
  8. 2
      keystone/common/sql/migration_helpers.py
  9. 6
      keystone/common/utils.py
  10. 2
      keystone/common/wsgi.py
  11. 4
      keystone/federation/core.py
  12. 2
      keystone/federation/utils.py
  13. 2
      keystone/identity/backends/base.py
  14. 4
      keystone/identity/core.py
  15. 6
      keystone/identity/shadow_backends/base.py
  16. 2
      keystone/identity/shadow_backends/sql.py
  17. 10
      keystone/models/revoke_model.py
  18. 2
      keystone/notifications.py
  19. 2
      keystone/policy/backends/rules.py
  20. 12
      keystone/resource/core.py
  21. 6
      keystone/revoke/core.py
  22. 4
      keystone/tests/functional/core.py
  23. 2
      keystone/tests/hacking/checks.py
  24. 8
      keystone/tests/unit/assignment/test_backends.py
  25. 2
      keystone/tests/unit/backend/legacy_drivers/federation/V8/api_v3.py
  26. 6
      keystone/tests/unit/contrib/federation/test_utils.py
  27. 4
      keystone/tests/unit/fakeldap.py
  28. 2
      keystone/tests/unit/filtering.py
  29. 2
      keystone/tests/unit/resource/test_backends.py
  30. 58
      keystone/tests/unit/test_associate_project_endpoint_extension.py
  31. 2
      keystone/tests/unit/test_backend_sql.py
  32. 2
      keystone/tests/unit/test_kvs.py
  33. 2
      keystone/tests/unit/test_sql_migrate_extensions.py
  34. 2
      keystone/tests/unit/test_sql_upgrade.py
  35. 2
      keystone/tests/unit/test_v2.py
  36. 2
      keystone/tests/unit/test_v3.py
  37. 4
      keystone/tests/unit/test_v3_assignment.py
  38. 2
      keystone/tests/unit/test_v3_auth.py
  39. 28
      keystone/tests/unit/test_v3_domain_config.py
  40. 16
      keystone/tests/unit/test_v3_federation.py
  41. 14
      keystone/tests/unit/test_v3_filters.py
  42. 2
      keystone/tests/unit/test_v3_oauth1.py
  43. 16
      keystone/tests/unit/test_v3_protection.py
  44. 4
      keystone/tests/unit/test_v3_resource.py
  45. 6
      keystone/tests/unit/test_validation.py
  46. 4
      keystone/token/persistence/backends/sql.py
  47. 4
      keystone/token/persistence/core.py
  48. 2
      keystone/token/providers/common.py
  49. 2
      keystone/token/providers/pki.py
  50. 2
      keystone/token/providers/pkiz.py
  51. 2
      keystone/token/providers/uuid.py
  52. 3
      tox.ini

@ -301,7 +301,7 @@ class Assignment(keystone_assignment.AssignmentDriverV8):
return [AssignmentType.USER_DOMAIN, AssignmentType.GROUP_DOMAIN]
def _get_assignment_types(self, user, group, project, domain):
"""Return a list of role assignment types based on provided entities
"""Return a list of role assignment types based on provided entities.
If one of user or group (the "actor") as well as one of project or
domain (the "target") are provided, the list will contain the role

@ -151,7 +151,7 @@ class Assignment(keystone_assignment.AssignmentDriverV9):
return [AssignmentType.USER_DOMAIN, AssignmentType.GROUP_DOMAIN]
def _get_assignment_types(self, user, group, project, domain):
"""Return a list of role assignment types based on provided entities
"""Return a list of role assignment types based on provided entities.
If one of user or group (the "actor") as well as one of project or
domain (the "target") are provided, the list will contain the role

@ -236,7 +236,7 @@ class Manager(manager.Manager):
COMPUTED_ASSIGNMENTS_REGION.invalidate()
def remove_user_from_project(self, tenant_id, user_id):
"""Remove user from a tenant
"""Remove user from a tenant.
:raises keystone.exception.ProjectNotFound: If the project doesn't
exist.
@ -1647,7 +1647,7 @@ class RoleDriverV9(RoleDriverBase):
@abc.abstractmethod
def get_implied_role(self, prior_role_id, implied_role_id):
"""Fetche a role inference rule
"""Fetche a role inference rule.
:raises keystone.exception.ImpliedRoleNotFound: If the implied role
doesn't exist.
@ -1657,7 +1657,7 @@ class RoleDriverV9(RoleDriverBase):
@abc.abstractmethod
def create_implied_role(self, prior_role_id, implied_role_id):
"""Create a role inference rule
"""Create a role inference rule.
:raises: keystone.exception.RoleNotFound: If the role doesn't exist.
@ -1666,7 +1666,7 @@ class RoleDriverV9(RoleDriverBase):
@abc.abstractmethod
def delete_implied_role(self, prior_role_id, implied_role_id):
"""Delete a role inference rule
"""Delete a role inference rule.
:raises keystone.exception.ImpliedRoleNotFound: If the implied role
doesn't exist.
@ -1676,12 +1676,12 @@ class RoleDriverV9(RoleDriverBase):
@abc.abstractmethod
def list_role_inference_rules(self):
"""List all the rules used to imply one role from another"""
"""List all the rules used to imply one role from another."""
raise exception.NotImplemented() # pragma: no cover
@abc.abstractmethod
def list_implied_roles(self, prior_role_id):
"""List roles implied from the prior role ID"""
"""List roles implied from the prior role ID."""
raise exception.NotImplemented() # pragma: no cover

@ -12,7 +12,7 @@
# License for the specific language governing permissions and limitations
# under the License.
"""Keystone External Authentication Plugins"""
"""Keystone External Authentication Plugins."""
import abc

@ -10,7 +10,7 @@
# License for the specific language governing permissions and limitations
# under the License.
"""Time-based One-time Password Algorithm (TOTP) auth plugin
"""Time-based One-time Password Algorithm (TOTP) auth plugin.
TOTP is an algorithm that computes a one-time password from a shared secret
key and the current time.
@ -69,7 +69,7 @@ def _generate_totp_passcode(secret):
class TOTP(auth.AuthMethodHandler):
def authenticate(self, context, auth_payload, auth_context):
"""Try to authenticate using TOTP"""
"""Try to authenticate using TOTP."""
user_info = plugins.TOTPUserInfo.create(auth_payload, METHOD_NAME)
auth_passcode = auth_payload.get('user').get('passcode')

@ -55,7 +55,7 @@ class BaseApp(object):
class BootStrap(BaseApp):
"""Perform the basic bootstrap process"""
"""Perform the basic bootstrap process."""
name = "bootstrap"

@ -12,7 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
"""Base model for keystone internal services
"""Base model for keystone internal services.
Unless marked otherwise, all fields are strings.

@ -137,7 +137,7 @@ def _sync_common_repo(version):
def get_init_version(abs_path=None):
"""Get the initial version of a migrate repository
"""Get the initial version of a migrate repository.
:param abs_path: Absolute path to migrate repository.
:return: initial version number or None, if DB is empty.

@ -65,7 +65,7 @@ def resource_uuid(value):
def flatten_dict(d, parent_key=''):
"""Flatten a nested dictionary
"""Flatten a nested dictionary.
Converts a dictionary with nested values to a single level flat
dictionary, with dotted notation for each key.
@ -217,7 +217,7 @@ def convert_v3_to_ec2_credential(credential):
def unixtime(dt_obj):
"""Format datetime object as unix timestamp
"""Format datetime object as unix timestamp.
:param dt_obj: datetime.datetime object
:returns: float
@ -571,7 +571,7 @@ def list_url_unsafe_chars(name):
def lower_case_hostname(url):
"""Change the URL's hostname to lowercase"""
"""Change the URL's hostname to lowercase."""
# NOTE(gyee): according to
# https://www.w3.org/TR/WD-html40-970708/htmlweb.html, the netloc portion
# of the URL is case-insensitive

@ -153,7 +153,7 @@ class BaseApplication(object):
return cls(**local_config)
def __call__(self, environ, start_response):
r"""Provide subclasses how to implement __call__, probably like this:
r"""Provide subclasses how to implement __call__, probably like this.
@webob.dec.wsgify()
def __call__(self, req):

@ -66,7 +66,7 @@ class Manager(manager.Manager):
driver=CONF.federation.driver)
def get_enabled_service_providers(self):
"""List enabled service providers for Service Catalog
"""List enabled service providers for Service Catalog.
Service Provider in a catalog contains three attributes: ``id``,
``auth_url``, ``sp_url``, where:
@ -409,7 +409,7 @@ class FederationDriverBase(object):
raise exception.NotImplemented() # pragma: no cover
def get_enabled_service_providers(self):
"""List enabled service providers for Service Catalog
"""List enabled service providers for Service Catalog.
Service Provider in a catalog contains three attributes: ``id``,
``auth_url``, ``sp_url``, where:

@ -346,7 +346,7 @@ def validate_groups(group_ids, mapping_id, identity_api):
# backend are minimized.
def transform_to_group_ids(group_names, mapping_id,
identity_api, resource_api):
"""Transform groups identified by name/domain to their ids
"""Transform groups identified by name/domain to their ids.
Function accepts list of groups identified by a name and domain giving
a list of group ids in return.

@ -224,7 +224,7 @@ class IdentityDriverV8(object):
@abc.abstractmethod
def list_groups_for_user(self, user_id, hints):
"""List groups a user is in
"""List groups a user is in.
:param user_id: the user in question
:param hints: filter hints which the driver should

@ -165,7 +165,7 @@ class DomainConfigs(dict):
def _load_config_from_database(self, domain_id, specific_config):
def _assert_no_more_than_one_sql_driver(domain_id, new_config):
"""Ensure adding driver doesn't push us over the limit of 1
"""Ensure adding driver doesn't push us over the limit of 1.
The checks we make in this method need to take into account that
we may be in a multiple process configuration and ensure that
@ -777,7 +777,7 @@ class Manager(manager.Manager):
hints.add_filter('domain_id', domain_id)
def _set_list_limit_in_hints(self, hints, driver):
"""Set list limit in hints from driver
"""Set list limit in hints from driver.
If a hints list is provided, the wrapper will insert the relevant
limit into the hints so that the underlying driver call can try and

@ -25,7 +25,7 @@ class ShadowUsersDriverV9(object):
@abc.abstractmethod
def create_federated_user(self, federated_dict):
"""Create a new user with the federated identity
"""Create a new user with the federated identity.
:param dict federated_dict: Reference to the federated user
:param user_id: user ID for linking to the federated identity
@ -36,7 +36,7 @@ class ShadowUsersDriverV9(object):
@abc.abstractmethod
def get_federated_user(self, idp_id, protocol_id, unique_id):
"""Return the found user for the federated identity
"""Return the found user for the federated identity.
:param idp_id: The identity provider ID
:param protocol_id: The federation protocol ID
@ -49,7 +49,7 @@ class ShadowUsersDriverV9(object):
@abc.abstractmethod
def update_federated_user_display_name(self, idp_id, protocol_id,
unique_id, display_name):
"""Update federated user's display name if changed
"""Update federated user's display name if changed.
:param idp_id: The identity provider ID
:param protocol_id: The federation protocol ID

@ -38,7 +38,7 @@ class ShadowUsers(base.ShadowUsersDriverV9):
return identity_base.filter_user(user_ref.to_dict())
def _get_federated_user(self, idp_id, protocol_id, unique_id):
"""Return the found user for the federated identity
"""Return the found user for the federated identity.
:param idp_id: The identity provider ID
:param protocol_id: The federation protocol ID

@ -127,7 +127,7 @@ def attr_keys(event):
class RevokeTree(object):
"""Fast Revocation Checking Tree Structure
"""Fast Revocation Checking Tree Structure.
The Tree is an index to quickly match tokens against events.
Each node is a hashtable of key=value combinations from revocation events.
@ -160,7 +160,7 @@ class RevokeTree(object):
return event
def remove_event(self, event):
"""Update the tree based on the removal of a Revocation Event
"""Update the tree based on the removal of a Revocation Event.
Removes empty nodes from the tree from the leaf back to the root.
@ -192,7 +192,7 @@ class RevokeTree(object):
@staticmethod
def _next_level_keys(name, token_data):
"""Generate keys based on current field name and token data
"""Generate keys based on current field name and token data.
Generate all keys to look for in the next iteration of revocation
event tree traversal.
@ -211,7 +211,7 @@ class RevokeTree(object):
yield token_data[alt_name]
def _search(self, revoke_map, names, token_data):
"""Search for revocation event by token_data
"""Search for revocation event by token_data.
Traverse the revocation events tree looking for event matching token
data issued after the token.
@ -236,7 +236,7 @@ class RevokeTree(object):
return False
def is_revoked(self, token_data):
"""Check if a token matches the revocation event
"""Check if a token matches the revocation event.
Compare the values for each level of the tree with the values from
the token, accounting for attributes that have alternative

@ -12,7 +12,7 @@
# License for the specific language governing permissions and limitations
# under the License.
"""Notifications module for OpenStack Identity Service resources"""
"""Notifications module for OpenStack Identity Service resources."""
import collections
import functools

@ -13,7 +13,7 @@
# License for the specific language governing permissions and limitations
# under the License.
"""Policy engine for keystone"""
"""Policy engine for keystone."""
from oslo_config import cfg
from oslo_log import log

@ -106,7 +106,7 @@ class Manager(manager.Manager):
_('Max hierarchy depth reached for %s branch.') % project_id)
def _assert_is_domain_project_constraints(self, project_ref):
"""Enforce specific constraints of projects that act as domains
"""Enforce specific constraints of projects that act as domains.
Called when is_domain is true, this method ensures that:
@ -130,7 +130,7 @@ class Manager(manager.Manager):
'domains.'))
def _assert_regular_project_constraints(self, project_ref):
"""Enforce regular project hierarchy constraints
"""Enforce regular project hierarchy constraints.
Called when is_domain is false. The project must contain a valid
domain_id and parent_id. The goal of this method is to check
@ -1675,7 +1675,7 @@ class DomainConfigManager(manager.Manager):
return config
def create_config(self, domain_id, config):
"""Create config for a domain
"""Create config for a domain.
:param domain_id: the domain in question
:param config: the dict of config groups/options to assign to the
@ -1700,7 +1700,7 @@ class DomainConfigManager(manager.Manager):
return self._list_to_config(self.list_config_options(domain_id))
def get_config(self, domain_id, group=None, option=None):
"""Get config, or partial config, for a domain
"""Get config, or partial config, for a domain.
:param domain_id: the domain in question
:param group: an optional specific group of options
@ -1742,7 +1742,7 @@ class DomainConfigManager(manager.Manager):
domain_id=domain_id, group_or_option=msg)
def update_config(self, domain_id, config, group=None, option=None):
"""Update config, or partial config, for a domain
"""Update config, or partial config, for a domain.
:param domain_id: the domain in question
:param config: the config dict containing and groups/options being
@ -1950,7 +1950,7 @@ class DomainConfigManager(manager.Manager):
return self._get_config_with_sensitive_info(domain_id)
def get_config_default(self, group=None, option=None):
"""Get default config, or partial default config
"""Get default config, or partial default config.
:param group: an optional specific group of options
:param option: an optional specific option within the group

@ -213,7 +213,7 @@ class Manager(manager.Manager):
return revoke_tree
def check_token(self, token_values):
"""Check the values from a token against the revocation list
"""Check the values from a token against the revocation list.
:param token_values: dictionary of values from a token, normalized for
differences between v2 and v3. The checked values
@ -236,7 +236,7 @@ class RevokeDriverV8(object):
@abc.abstractmethod
def list_events(self, last_fetch=None):
"""return the revocation events, as a list of objects
"""return the revocation events, as a list of objects.
:param last_fetch: Time of last fetch. Return all events newer.
:returns: A list of keystone.revoke.model.RevokeEvent
@ -249,7 +249,7 @@ class RevokeDriverV8(object):
@abc.abstractmethod
def revoke(self, event):
"""register a revocation event
"""register a revocation event.
:param event: An instance of
keystone.revoke.model.RevocationEvent

@ -50,7 +50,7 @@ class BaseTestCase(testtools.TestCase, common_auth.AuthTestMixin):
return headers
def get_scoped_token_response(self, user):
"""Convenience method so that we can test authenticated requests
"""Convenience method so that we can test authenticated requests.
:param user: A dictionary with user information like 'username',
'password', 'domain_id'
@ -65,7 +65,7 @@ class BaseTestCase(testtools.TestCase, common_auth.AuthTestMixin):
json=body)
def get_scoped_token(self, user):
"""Convenience method for getting scoped token
"""Convenience method for getting scoped token.
This method doesn't do any token validaton.

@ -227,7 +227,7 @@ class CheckForLoggingIssues(BaseASTChecker):
return None
def visit_Assign(self, node):
"""Look for 'LOG = logging.getLogger'
"""Look for 'LOG = logging.getLogger'.
This handles the simple case:
name = [logging_module].getLogger(...)

@ -2532,7 +2532,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
self.execute_assignment_plan(test_plan)
def _test_crud_inherited_and_direct_assignment(self, **kwargs):
"""Test inherited and direct assignments for the actor and target
"""Test inherited and direct assignments for the actor and target.
Ensure it is possible to create both inherited and direct role
assignments for the same actor on the same target. The actor and the
@ -3195,7 +3195,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
test_plan_with_os_inherit_disabled, test_data)
def test_list_assignments_for_tree(self):
"""Test we correctly list direct assignments for a tree"""
"""Test we correctly list direct assignments for a tree."""
# Enable OS-INHERIT extension
self.config_fixture.config(group='os_inherit', enabled=True)
@ -3244,7 +3244,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
self.execute_assignment_plan(test_plan)
def test_list_effective_assignments_for_tree(self):
"""Test we correctly list effective assignments for a tree"""
"""Test we correctly list effective assignments for a tree."""
# Enable OS-INHERIT extension
self.config_fixture.config(group='os_inherit', enabled=True)
@ -3378,7 +3378,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
self.execute_assignment_plan(test_plan)
def test_list_effective_assignments_for_tree_with_domain_assignments(self):
"""Test we correctly honor domain inherited assignments on the tree"""
"""Test we correctly honor domain inherited assignments on the tree."""
# Enable OS-INHERIT extension
self.config_fixture.config(group='os_inherit', enabled=True)

@ -38,7 +38,7 @@ class FederatedIdentityProviderTestsV8(
self.useV8driver()
def test_create_idp_remote_repeated(self):
"""Create two IdentityProvider entities with some remote_ids
"""Create two IdentityProvider entities with some remote_ids.
A remote_id is the same for both so the second IdP is not
created because of the uniqueness of the remote_ids

@ -409,7 +409,7 @@ class MappingRuleEngineTests(unit.BaseTestCase):
self.assertEqual([], mapped_properties['group_ids'])
def test_rule_engine_whitelist_direct_group_mapping_missing_domain(self):
"""Test if the local rule is rejected upon missing domain value
"""Test if the local rule is rejected upon missing domain value.
This is a variation with a ``whitelist`` filter.
@ -420,7 +420,7 @@ class MappingRuleEngineTests(unit.BaseTestCase):
self.assertRaises(exception.ValidationError, rp.process, assertion)
def test_rule_engine_blacklist_direct_group_mapping_missing_domain(self):
"""Test if the local rule is rejected upon missing domain value
"""Test if the local rule is rejected upon missing domain value.
This is a variation with a ``blacklist`` filter.
@ -623,7 +623,7 @@ class MappingRuleEngineTests(unit.BaseTestCase):
assertion)
def test_rule_engine_group_ids_mapping_whitelist(self):
"""Test mapping engine when group_ids is explicitly set
"""Test mapping engine when group_ids is explicitly set.
Also test whitelists on group ids

@ -566,7 +566,7 @@ class FakeLdap(core.LDAPHandler):
def result3(self, msgid=ldap.RES_ANY, all=1, timeout=None,
resp_ctrl_classes=None):
"""Execute async request
"""Execute async request.
Only msgid param is supported. Request info is fetched from global
variable `PendingRequests` by msgid, executed using search_s and
@ -638,7 +638,7 @@ class FakeLdapPool(FakeLdap):
class FakeLdapNoSubtreeDelete(FakeLdap):
"""FakeLdap subclass that does not support subtree delete
"""FakeLdap subclass that does not support subtree delete.
Same as FakeLdap except delete will throw the LDAP error
ldap.NOT_ALLOWED_ON_NONLEAF if there is an attempt to delete

@ -99,7 +99,7 @@ class FilterTests(object):
def _create_test_data(self, entity_type, number, domain_id=None,
name_dict=None):
"""Create entity test data
"""Create entity test data.
:param entity_type: type of entity to create, e.g. 'user', group' etc.
:param number: number of entities to create,

@ -874,7 +874,7 @@ class ResourceTests(object):
self.assertEqual(1, len(parents))
def test_update_project_enabled_cascade(self):
"""Test update_project_cascade
"""Test update_project_cascade.
Ensures the enabled attribute is correctly updated across
a simple 3-level projects hierarchy.

@ -54,7 +54,7 @@ class EndpointFilterDeprecateTestCase(test_v3.RestfulTestCase):
class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
def test_create_endpoint_project_association(self):
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
Valid endpoint and project id test case.
@ -62,7 +62,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
self.put(self.default_request_url)
def test_create_endpoint_project_association_with_invalid_project(self):
"""PUT OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
"""PUT OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
Invalid project id test case.
@ -74,7 +74,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
expected_status=http_client.NOT_FOUND)
def test_create_endpoint_project_association_with_invalid_endpoint(self):
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
Invalid endpoint id test case.
@ -86,7 +86,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
expected_status=http_client.NOT_FOUND)
def test_create_endpoint_project_association_with_unexpected_body(self):
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
Unexpected body in request. The body should be ignored.
@ -95,7 +95,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
body={'project_id': self.default_domain_project_id})
def test_check_endpoint_project_association(self):
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
Valid project and endpoint id test case.
@ -107,7 +107,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
'endpoint_id': self.endpoint_id})
def test_check_endpoint_project_association_with_invalid_project(self):
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
Invalid project id test case.
@ -120,7 +120,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
expected_status=http_client.NOT_FOUND)
def test_check_endpoint_project_association_with_invalid_endpoint(self):
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
Invalid endpoint id test case.
@ -133,7 +133,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
expected_status=http_client.NOT_FOUND)
def test_list_endpoints_associated_with_valid_project(self):
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints.
Valid project and endpoint id test case.
@ -146,7 +146,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
resource_url=resource_url)
def test_list_endpoints_associated_with_invalid_project(self):
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints.
Invalid project id test case.
@ -157,7 +157,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
expected_status=http_client.NOT_FOUND)
def test_list_projects_associated_with_endpoint(self):
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects.
Valid endpoint-project association test case.
@ -170,7 +170,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
resource_url=resource_url)
def test_list_projects_with_no_endpoint_project_association(self):
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects.
Valid endpoint id but no endpoint-project associations test case.
@ -180,7 +180,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
self.assertValidProjectListResponse(r, expected_length=0)
def test_list_projects_associated_with_invalid_endpoint(self):
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects.
Invalid endpoint id test case.
@ -190,7 +190,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
expected_status=http_client.NOT_FOUND)
def test_remove_endpoint_project_association(self):
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
Valid project id and endpoint id test case.
@ -202,7 +202,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
'endpoint_id': self.endpoint_id})
def test_remove_endpoint_project_association_with_invalid_project(self):
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
Invalid project id test case.
@ -215,7 +215,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
expected_status=http_client.NOT_FOUND)
def test_remove_endpoint_project_association_with_invalid_endpoint(self):
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
Invalid endpoint id test case.
@ -698,7 +698,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
DEFAULT_ENDPOINT_GROUP_URL = '/OS-EP-FILTER/endpoint_groups'
def test_create_endpoint_group(self):
"""POST /OS-EP-FILTER/endpoint_groups
"""POST /OS-EP-FILTER/endpoint_groups.
Valid endpoint group test case.
@ -719,7 +719,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
'endpoint_group_id': r.result['endpoint_group']['id']}))
def test_create_invalid_endpoint_group(self):
"""POST /OS-EP-FILTER/endpoint_groups
"""POST /OS-EP-FILTER/endpoint_groups.
Invalid endpoint group creation test case.
@ -731,7 +731,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
expected_status=http_client.BAD_REQUEST)
def test_get_endpoint_group(self):
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
Valid endpoint group test case.
@ -755,7 +755,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
matchers.EndsWith(url))
def test_get_invalid_endpoint_group(self):
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
Invalid endpoint group test case.
@ -766,7 +766,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
self.get(url, expected_status=http_client.NOT_FOUND)
def test_check_endpoint_group(self):
"""HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}
"""HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}.
Valid endpoint_group_id test case.
@ -779,7 +779,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
self.head(url, expected_status=http_client.OK)
def test_check_invalid_endpoint_group(self):
"""HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}
"""HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}.
Invalid endpoint_group_id test case.
@ -790,7 +790,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
self.head(url, expected_status=http_client.NOT_FOUND)
def test_patch_endpoint_group(self):
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
Valid endpoint group patch test case.
@ -812,7 +812,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
matchers.EndsWith(url))
def test_patch_nonexistent_endpoint_group(self):
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
Invalid endpoint group patch test case.
@ -827,7 +827,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
self.patch(url, body=body, expected_status=http_client.NOT_FOUND)
def test_patch_invalid_endpoint_group(self):
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
Valid endpoint group patch test case.
@ -859,7 +859,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
self.assertDictEqual(self.DEFAULT_ENDPOINT_GROUP_BODY, r.result)
def test_delete_endpoint_group(self):
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
Valid endpoint group test case.
@ -873,7 +873,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
self.get(url, expected_status=http_client.NOT_FOUND)
def test_delete_invalid_endpoint_group(self):
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
Invalid endpoint group test case.
@ -1003,7 +1003,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
r.result['endpoint_groups'][0].get('id'))
def test_list_projects_associated_with_endpoint_group(self):
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects.
Valid endpoint group test case.
@ -1023,7 +1023,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
self.get(url)
def test_list_endpoints_associated_with_endpoint_group(self):
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/endpoints
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/endpoints.
Valid endpoint group test case.
@ -1061,7 +1061,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
self.assertEqual(endpoint_id, r.result['endpoints'][0].get('id'))
def test_list_endpoints_associated_with_project_endpoint_group(self):
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints.
Valid project, endpoint id, and endpoint group test case.

@ -894,7 +894,7 @@ class SqlFilterTests(SqlTests, identity_tests.FilterTests):
self.assertFalse(hints.get_exact_filter_by_name('domain_id'))
def test_filter_sql_injection_attack(self):
"""Test against sql injection attack on filters
"""Test against sql injection attack on filters.
Test Plan:
- Attempt to get all entities back by passing a two-term attribute

@ -613,7 +613,7 @@ class TestCacheRegionInit(unit.TestCase):
backing_store=self.kvs_backend)
def test_kvs_configure_called_twice(self):
"""Check if configure() is called again"""
"""Check if configure() is called again."""
target = core.KeyValueStore
with mock.patch.object(target, 'configure') as configure_mock:
store = core.get_key_value_store(self.store_name)

@ -12,6 +12,8 @@
# License for the specific language governing permissions and limitations
# under the License.
"""
Test SQL migration extensions.
To run these tests against a live database:
1. Modify the file `keystone/tests/unit/config_files/backend_sql.conf` to use

@ -12,6 +12,8 @@
# License for the specific language governing permissions and limitations
# under the License.
"""
Test for SQL migration extensions.
To run these tests against a live database:
1. Modify the file ``keystone/tests/unit/config_files/backend_sql.conf`` to use

@ -444,7 +444,7 @@ class CoreApiTests(object):
raise NotImplementedError()
def assertNoRoles(self, r):
"""Helper method to assert No Roles
"""Helper method to assert No Roles.
This needs to be overridden by child classes
based on their content type.

@ -1464,7 +1464,7 @@ class AuthContextMiddlewareTestCase(RestfulTestCase):
class JsonHomeTestMixin(object):
"""JSON Home test
"""JSON Home test.
Mixin this class to provide a test for the JSON-Home response for an
extension.

@ -305,7 +305,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
self.head(member_url, expected_status=http_client.NOT_FOUND)
def test_token_revoked_once_group_role_grant_revoked(self):
"""Test token is revoked when group role grant is revoked
"""Test token is revoked when group role grant is revoked.
When a role granted to a group is revoked for a given scope,
all tokens related to this scope and belonging to one of the members
@ -2779,7 +2779,7 @@ class DomainSpecificRoleTests(test_v3.RestfulTestCase, unit.TestCase):
class ListUserProjectsTestCase(test_v3.RestfulTestCase):
"""Test for /users/<user>/projects"""
"""Test for /users/<user>/projects."""
def load_sample_data(self):
# do not load base class's data, keep it focused on the tests

@ -3582,7 +3582,7 @@ class TestTrustOptional(test_v3.RestfulTestCase):
class TrustAPIBehavior(test_v3.RestfulTestCase):
"""Redelegation valid and secure
"""Redelegation valid and secure.
Redelegation is a hierarchical structure of trusts between initial trustor
and a group of users allowed to impersonate trustor and act in his name.

@ -47,7 +47,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
self.assertEqual(self.config, res)
def test_create_config_invalid_domain(self):
"""Call ``PUT /domains/{domain_id}/config``
"""Call ``PUT /domains/{domain_id}/config``.
While creating Identity API-based domain config with an invalid domain
id provided, the request shall be rejected with a response, 404 domain
@ -60,7 +60,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
expected_status=exception.DomainNotFound.code)
def test_create_config_twice(self):
"""Check multiple creates don't throw error"""
"""Check multiple creates don't throw error."""
self.put('/domains/%(domain_id)s/config' % {
'domain_id': self.domain['id']},
body={'config': self.config},
@ -80,7 +80,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
expected_status=exception.DomainConfigNotFound.code)
def test_delete_config_invalid_domain(self):
"""Call ``DELETE /domains{domain_id}/config``
"""Call ``DELETE /domains{domain_id}/config``.
While deleting Identity API-based domain config with an invalid domain
id provided, the request shall be rejected with a response, 404 domain
@ -101,7 +101,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
self.assertNotIn('ldap', res)
def test_delete_config_by_group_invalid_domain(self):
"""Call ``DELETE /domains{domain_id}/config/{group}``
"""Call ``DELETE /domains{domain_id}/config/{group}``.
While deleting Identity API-based domain config by group with an
invalid domain id provided, the request shall be rejected with a
@ -132,7 +132,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
self.head(url, expected_status=http_client.OK)
def test_get_config_by_group_invalid_domain(self):
"""Call ``GET & HEAD /domains{domain_id}/config/{group}``
"""Call ``GET & HEAD /domains{domain_id}/config/{group}``.
While retrieving Identity API-based domain config by group with an
invalid domain id provided, the request shall be rejected with a
@ -155,7 +155,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
self.head(url, expected_status=http_client.OK)
def test_get_config_by_option_invalid_domain(self):
"""Call ``GET & HEAD /domains{domain_id}/config/{group}/{option}``
"""Call ``GET & HEAD /domains{domain_id}/config/{group}/{option}``.
While retrieving Identity API-based domain config by option with an
invalid domain id provided, the request shall be rejected with a
@ -174,7 +174,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
expected_status=http_client.NOT_FOUND)
def test_get_non_existant_config_invalid_domain(self):
"""Call ``GET /domains{domain_id}/config when no config defined``
"""Call ``GET /domains{domain_id}/config when no config defined``.
While retrieving non-existent Identity API-based domain config with an
invalid domain id provided, the request shall be rejected with a
@ -194,7 +194,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
expected_status=http_client.NOT_FOUND)
def test_get_non_existant_config_group_invalid_domain(self):
"""Call ``GET /domains{domain_id}/config/{group_not_exist}``
"""Call ``GET /domains{domain_id}/config/{group_not_exist}``.
While retrieving non-existent Identity API-based domain config group
with an invalid domain id provided, the request shall be rejected with
@ -216,7 +216,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
expected_status=http_client.NOT_FOUND)
def test_get_non_existant_config_option_invalid_domain(self):
"""Call ``GET /domains{domain_id}/config/group/{option_not_exist}``
"""Call ``GET /domains{domain_id}/config/group/{option_not_exist}``.
While retrieving non-existent Identity API-based domain config option
with an invalid domain id provided, the request shall be rejected with
@ -246,7 +246,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
self.assertEqual(expected_config, res)
def test_update_config_invalid_domain(self):
"""Call ``PATCH /domains/{domain_id}/config``
"""Call ``PATCH /domains/{domain_id}/config``.
While updating Identity API-based domain config with an invalid domain
id provided, the request shall be rejected with a response, 404 domain
@ -278,7 +278,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
self.assertEqual(expected_config, res)
def test_update_config_group_invalid_domain(self):
"""Call ``PATCH /domains/{domain_id}/config/{group}``
"""Call ``PATCH /domains/{domain_id}/config/{group}``.
While updating Identity API-based domain config group with an invalid
domain id provided, the request shall be rejected with a response,
@ -317,7 +317,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
expected_status=http_client.NOT_FOUND)
def test_update_config_invalid_group_invalid_domain(self):
"""Call ``PATCH /domains/{domain_id}/config/{invalid_group}``
"""Call ``PATCH /domains/{domain_id}/config/{invalid_group}``.
While updating Identity API-based domain config with an invalid group
and an invalid domain id provided, the request shall be rejected
@ -348,7 +348,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
self.assertEqual(expected_config, res)
def test_update_config_option_invalid_domain(self):
"""Call ``PATCH /domains/{domain_id}/config/{group}/{option}``
"""Call ``PATCH /domains/{domain_id}/config/{group}/{option}``.
While updating Identity API-based domain config option with an invalid
domain id provided, the request shall be rejected with a response, 404
@ -385,7 +385,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
expected_status=http_client.NOT_FOUND)
def test_update_config_invalid_option_invalid_domain(self):
"""Call ``PATCH /domains/{domain_id}/config/{group}/{invalid}``
"""Call ``PATCH /domains/{domain_id}/config/{group}/{invalid}``.
While updating Identity API-based domain config with an invalid option
and an invalid domain id provided, the request shall be rejected

@ -879,7 +879,7 @@ class FederatedIdentityProviderTests(test_v3.RestfulTestCase):
ref=body)
def test_create_idp_remote_repeated(self):
"""Create two IdentityProvider entities with some remote_ids
"""Create two IdentityProvider entities with some remote_ids.
A remote_id is the same for both so the second IdP is not
created because of the uniqueness of the remote_ids
@ -1219,7 +1219,7 @@ class FederatedIdentityProviderTests(test_v3.RestfulTestCase):
expected_status=http_client.BAD_REQUEST)
def test_update_nonexistent_idp(self):
"""Update nonexistent IdP
"""Update nonexistent IdP.
Expect HTTP 404 Not Found code.