diff --git a/keystone/assignment/V8_backends/sql.py b/keystone/assignment/V8_backends/sql.py index 1b58903fdb..40bb578428 100644 --- a/keystone/assignment/V8_backends/sql.py +++ b/keystone/assignment/V8_backends/sql.py @@ -301,7 +301,7 @@ class Assignment(keystone_assignment.AssignmentDriverV8): return [AssignmentType.USER_DOMAIN, AssignmentType.GROUP_DOMAIN] def _get_assignment_types(self, user, group, project, domain): - """Return a list of role assignment types based on provided entities + """Return a list of role assignment types based on provided entities. If one of user or group (the "actor") as well as one of project or domain (the "target") are provided, the list will contain the role diff --git a/keystone/assignment/backends/sql.py b/keystone/assignment/backends/sql.py index 0c01023b5e..afe7de1514 100644 --- a/keystone/assignment/backends/sql.py +++ b/keystone/assignment/backends/sql.py @@ -151,7 +151,7 @@ class Assignment(keystone_assignment.AssignmentDriverV9): return [AssignmentType.USER_DOMAIN, AssignmentType.GROUP_DOMAIN] def _get_assignment_types(self, user, group, project, domain): - """Return a list of role assignment types based on provided entities + """Return a list of role assignment types based on provided entities. If one of user or group (the "actor") as well as one of project or domain (the "target") are provided, the list will contain the role diff --git a/keystone/assignment/core.py b/keystone/assignment/core.py index 4bcfd3689f..78ed8bef1c 100644 --- a/keystone/assignment/core.py +++ b/keystone/assignment/core.py @@ -236,7 +236,7 @@ class Manager(manager.Manager): COMPUTED_ASSIGNMENTS_REGION.invalidate() def remove_user_from_project(self, tenant_id, user_id): - """Remove user from a tenant + """Remove user from a tenant. :raises keystone.exception.ProjectNotFound: If the project doesn't exist. @@ -1647,7 +1647,7 @@ class RoleDriverV9(RoleDriverBase): @abc.abstractmethod def get_implied_role(self, prior_role_id, implied_role_id): - """Fetche a role inference rule + """Fetche a role inference rule. :raises keystone.exception.ImpliedRoleNotFound: If the implied role doesn't exist. @@ -1657,7 +1657,7 @@ class RoleDriverV9(RoleDriverBase): @abc.abstractmethod def create_implied_role(self, prior_role_id, implied_role_id): - """Create a role inference rule + """Create a role inference rule. :raises: keystone.exception.RoleNotFound: If the role doesn't exist. @@ -1666,7 +1666,7 @@ class RoleDriverV9(RoleDriverBase): @abc.abstractmethod def delete_implied_role(self, prior_role_id, implied_role_id): - """Delete a role inference rule + """Delete a role inference rule. :raises keystone.exception.ImpliedRoleNotFound: If the implied role doesn't exist. @@ -1676,12 +1676,12 @@ class RoleDriverV9(RoleDriverBase): @abc.abstractmethod def list_role_inference_rules(self): - """List all the rules used to imply one role from another""" + """List all the rules used to imply one role from another.""" raise exception.NotImplemented() # pragma: no cover @abc.abstractmethod def list_implied_roles(self, prior_role_id): - """List roles implied from the prior role ID""" + """List roles implied from the prior role ID.""" raise exception.NotImplemented() # pragma: no cover diff --git a/keystone/auth/plugins/external.py b/keystone/auth/plugins/external.py index b00b808aec..950afe4d4b 100644 --- a/keystone/auth/plugins/external.py +++ b/keystone/auth/plugins/external.py @@ -12,7 +12,7 @@ # License for the specific language governing permissions and limitations # under the License. -"""Keystone External Authentication Plugins""" +"""Keystone External Authentication Plugins.""" import abc diff --git a/keystone/auth/plugins/totp.py b/keystone/auth/plugins/totp.py index d0b61b3b6f..b94b7573e4 100644 --- a/keystone/auth/plugins/totp.py +++ b/keystone/auth/plugins/totp.py @@ -10,7 +10,7 @@ # License for the specific language governing permissions and limitations # under the License. -"""Time-based One-time Password Algorithm (TOTP) auth plugin +"""Time-based One-time Password Algorithm (TOTP) auth plugin. TOTP is an algorithm that computes a one-time password from a shared secret key and the current time. @@ -69,7 +69,7 @@ def _generate_totp_passcode(secret): class TOTP(auth.AuthMethodHandler): def authenticate(self, context, auth_payload, auth_context): - """Try to authenticate using TOTP""" + """Try to authenticate using TOTP.""" user_info = plugins.TOTPUserInfo.create(auth_payload, METHOD_NAME) auth_passcode = auth_payload.get('user').get('passcode') diff --git a/keystone/cmd/cli.py b/keystone/cmd/cli.py index 3b5eec1e83..40d256d7b6 100644 --- a/keystone/cmd/cli.py +++ b/keystone/cmd/cli.py @@ -55,7 +55,7 @@ class BaseApp(object): class BootStrap(BaseApp): - """Perform the basic bootstrap process""" + """Perform the basic bootstrap process.""" name = "bootstrap" diff --git a/keystone/common/ldap/models.py b/keystone/common/ldap/models.py index d0eb4a219f..a20cd0dca9 100644 --- a/keystone/common/ldap/models.py +++ b/keystone/common/ldap/models.py @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -"""Base model for keystone internal services +"""Base model for keystone internal services. Unless marked otherwise, all fields are strings. diff --git a/keystone/common/sql/migration_helpers.py b/keystone/common/sql/migration_helpers.py index 919e4090e5..c034910abe 100644 --- a/keystone/common/sql/migration_helpers.py +++ b/keystone/common/sql/migration_helpers.py @@ -137,7 +137,7 @@ def _sync_common_repo(version): def get_init_version(abs_path=None): - """Get the initial version of a migrate repository + """Get the initial version of a migrate repository. :param abs_path: Absolute path to migrate repository. :return: initial version number or None, if DB is empty. diff --git a/keystone/common/utils.py b/keystone/common/utils.py index d36b823f82..17f9463ff8 100644 --- a/keystone/common/utils.py +++ b/keystone/common/utils.py @@ -65,7 +65,7 @@ def resource_uuid(value): def flatten_dict(d, parent_key=''): - """Flatten a nested dictionary + """Flatten a nested dictionary. Converts a dictionary with nested values to a single level flat dictionary, with dotted notation for each key. @@ -217,7 +217,7 @@ def convert_v3_to_ec2_credential(credential): def unixtime(dt_obj): - """Format datetime object as unix timestamp + """Format datetime object as unix timestamp. :param dt_obj: datetime.datetime object :returns: float @@ -571,7 +571,7 @@ def list_url_unsafe_chars(name): def lower_case_hostname(url): - """Change the URL's hostname to lowercase""" + """Change the URL's hostname to lowercase.""" # NOTE(gyee): according to # https://www.w3.org/TR/WD-html40-970708/htmlweb.html, the netloc portion # of the URL is case-insensitive diff --git a/keystone/common/wsgi.py b/keystone/common/wsgi.py index f1bbd04a01..1bfdd78cd0 100644 --- a/keystone/common/wsgi.py +++ b/keystone/common/wsgi.py @@ -153,7 +153,7 @@ class BaseApplication(object): return cls(**local_config) def __call__(self, environ, start_response): - r"""Provide subclasses how to implement __call__, probably like this: + r"""Provide subclasses how to implement __call__, probably like this. @webob.dec.wsgify() def __call__(self, req): diff --git a/keystone/federation/core.py b/keystone/federation/core.py index 23028dfdb7..7c921c438d 100644 --- a/keystone/federation/core.py +++ b/keystone/federation/core.py @@ -66,7 +66,7 @@ class Manager(manager.Manager): driver=CONF.federation.driver) def get_enabled_service_providers(self): - """List enabled service providers for Service Catalog + """List enabled service providers for Service Catalog. Service Provider in a catalog contains three attributes: ``id``, ``auth_url``, ``sp_url``, where: @@ -409,7 +409,7 @@ class FederationDriverBase(object): raise exception.NotImplemented() # pragma: no cover def get_enabled_service_providers(self): - """List enabled service providers for Service Catalog + """List enabled service providers for Service Catalog. Service Provider in a catalog contains three attributes: ``id``, ``auth_url``, ``sp_url``, where: diff --git a/keystone/federation/utils.py b/keystone/federation/utils.py index ab311d88fc..42cdb08a5d 100644 --- a/keystone/federation/utils.py +++ b/keystone/federation/utils.py @@ -346,7 +346,7 @@ def validate_groups(group_ids, mapping_id, identity_api): # backend are minimized. def transform_to_group_ids(group_names, mapping_id, identity_api, resource_api): - """Transform groups identified by name/domain to their ids + """Transform groups identified by name/domain to their ids. Function accepts list of groups identified by a name and domain giving a list of group ids in return. diff --git a/keystone/identity/backends/base.py b/keystone/identity/backends/base.py index f1c27a3556..e26c15f61a 100644 --- a/keystone/identity/backends/base.py +++ b/keystone/identity/backends/base.py @@ -224,7 +224,7 @@ class IdentityDriverV8(object): @abc.abstractmethod def list_groups_for_user(self, user_id, hints): - """List groups a user is in + """List groups a user is in. :param user_id: the user in question :param hints: filter hints which the driver should diff --git a/keystone/identity/core.py b/keystone/identity/core.py index e417b5ee30..7d3616b77a 100644 --- a/keystone/identity/core.py +++ b/keystone/identity/core.py @@ -165,7 +165,7 @@ class DomainConfigs(dict): def _load_config_from_database(self, domain_id, specific_config): def _assert_no_more_than_one_sql_driver(domain_id, new_config): - """Ensure adding driver doesn't push us over the limit of 1 + """Ensure adding driver doesn't push us over the limit of 1. The checks we make in this method need to take into account that we may be in a multiple process configuration and ensure that @@ -777,7 +777,7 @@ class Manager(manager.Manager): hints.add_filter('domain_id', domain_id) def _set_list_limit_in_hints(self, hints, driver): - """Set list limit in hints from driver + """Set list limit in hints from driver. If a hints list is provided, the wrapper will insert the relevant limit into the hints so that the underlying driver call can try and diff --git a/keystone/identity/shadow_backends/base.py b/keystone/identity/shadow_backends/base.py index f7d08f3acd..e06ee1fbb9 100644 --- a/keystone/identity/shadow_backends/base.py +++ b/keystone/identity/shadow_backends/base.py @@ -25,7 +25,7 @@ class ShadowUsersDriverV9(object): @abc.abstractmethod def create_federated_user(self, federated_dict): - """Create a new user with the federated identity + """Create a new user with the federated identity. :param dict federated_dict: Reference to the federated user :param user_id: user ID for linking to the federated identity @@ -36,7 +36,7 @@ class ShadowUsersDriverV9(object): @abc.abstractmethod def get_federated_user(self, idp_id, protocol_id, unique_id): - """Return the found user for the federated identity + """Return the found user for the federated identity. :param idp_id: The identity provider ID :param protocol_id: The federation protocol ID @@ -49,7 +49,7 @@ class ShadowUsersDriverV9(object): @abc.abstractmethod def update_federated_user_display_name(self, idp_id, protocol_id, unique_id, display_name): - """Update federated user's display name if changed + """Update federated user's display name if changed. :param idp_id: The identity provider ID :param protocol_id: The federation protocol ID diff --git a/keystone/identity/shadow_backends/sql.py b/keystone/identity/shadow_backends/sql.py index a7c0c5d839..2f92ce7721 100644 --- a/keystone/identity/shadow_backends/sql.py +++ b/keystone/identity/shadow_backends/sql.py @@ -38,7 +38,7 @@ class ShadowUsers(base.ShadowUsersDriverV9): return identity_base.filter_user(user_ref.to_dict()) def _get_federated_user(self, idp_id, protocol_id, unique_id): - """Return the found user for the federated identity + """Return the found user for the federated identity. :param idp_id: The identity provider ID :param protocol_id: The federation protocol ID diff --git a/keystone/models/revoke_model.py b/keystone/models/revoke_model.py index 3f47a27acc..27f7113fa0 100644 --- a/keystone/models/revoke_model.py +++ b/keystone/models/revoke_model.py @@ -127,7 +127,7 @@ def attr_keys(event): class RevokeTree(object): - """Fast Revocation Checking Tree Structure + """Fast Revocation Checking Tree Structure. The Tree is an index to quickly match tokens against events. Each node is a hashtable of key=value combinations from revocation events. @@ -160,7 +160,7 @@ class RevokeTree(object): return event def remove_event(self, event): - """Update the tree based on the removal of a Revocation Event + """Update the tree based on the removal of a Revocation Event. Removes empty nodes from the tree from the leaf back to the root. @@ -192,7 +192,7 @@ class RevokeTree(object): @staticmethod def _next_level_keys(name, token_data): - """Generate keys based on current field name and token data + """Generate keys based on current field name and token data. Generate all keys to look for in the next iteration of revocation event tree traversal. @@ -211,7 +211,7 @@ class RevokeTree(object): yield token_data[alt_name] def _search(self, revoke_map, names, token_data): - """Search for revocation event by token_data + """Search for revocation event by token_data. Traverse the revocation events tree looking for event matching token data issued after the token. @@ -236,7 +236,7 @@ class RevokeTree(object): return False def is_revoked(self, token_data): - """Check if a token matches the revocation event + """Check if a token matches the revocation event. Compare the values for each level of the tree with the values from the token, accounting for attributes that have alternative diff --git a/keystone/notifications.py b/keystone/notifications.py index ab7862d165..287f0ff5db 100644 --- a/keystone/notifications.py +++ b/keystone/notifications.py @@ -12,7 +12,7 @@ # License for the specific language governing permissions and limitations # under the License. -"""Notifications module for OpenStack Identity Service resources""" +"""Notifications module for OpenStack Identity Service resources.""" import collections import functools diff --git a/keystone/policy/backends/rules.py b/keystone/policy/backends/rules.py index e96bffae0c..68ac129fed 100644 --- a/keystone/policy/backends/rules.py +++ b/keystone/policy/backends/rules.py @@ -13,7 +13,7 @@ # License for the specific language governing permissions and limitations # under the License. -"""Policy engine for keystone""" +"""Policy engine for keystone.""" from oslo_config import cfg from oslo_log import log diff --git a/keystone/resource/core.py b/keystone/resource/core.py index 7221447fd5..d191e73750 100644 --- a/keystone/resource/core.py +++ b/keystone/resource/core.py @@ -106,7 +106,7 @@ class Manager(manager.Manager): _('Max hierarchy depth reached for %s branch.') % project_id) def _assert_is_domain_project_constraints(self, project_ref): - """Enforce specific constraints of projects that act as domains + """Enforce specific constraints of projects that act as domains. Called when is_domain is true, this method ensures that: @@ -130,7 +130,7 @@ class Manager(manager.Manager): 'domains.')) def _assert_regular_project_constraints(self, project_ref): - """Enforce regular project hierarchy constraints + """Enforce regular project hierarchy constraints. Called when is_domain is false. The project must contain a valid domain_id and parent_id. The goal of this method is to check @@ -1675,7 +1675,7 @@ class DomainConfigManager(manager.Manager): return config def create_config(self, domain_id, config): - """Create config for a domain + """Create config for a domain. :param domain_id: the domain in question :param config: the dict of config groups/options to assign to the @@ -1700,7 +1700,7 @@ class DomainConfigManager(manager.Manager): return self._list_to_config(self.list_config_options(domain_id)) def get_config(self, domain_id, group=None, option=None): - """Get config, or partial config, for a domain + """Get config, or partial config, for a domain. :param domain_id: the domain in question :param group: an optional specific group of options @@ -1742,7 +1742,7 @@ class DomainConfigManager(manager.Manager): domain_id=domain_id, group_or_option=msg) def update_config(self, domain_id, config, group=None, option=None): - """Update config, or partial config, for a domain + """Update config, or partial config, for a domain. :param domain_id: the domain in question :param config: the config dict containing and groups/options being @@ -1950,7 +1950,7 @@ class DomainConfigManager(manager.Manager): return self._get_config_with_sensitive_info(domain_id) def get_config_default(self, group=None, option=None): - """Get default config, or partial default config + """Get default config, or partial default config. :param group: an optional specific group of options :param option: an optional specific option within the group diff --git a/keystone/revoke/core.py b/keystone/revoke/core.py index 6140efb71b..820c3118d8 100644 --- a/keystone/revoke/core.py +++ b/keystone/revoke/core.py @@ -213,7 +213,7 @@ class Manager(manager.Manager): return revoke_tree def check_token(self, token_values): - """Check the values from a token against the revocation list + """Check the values from a token against the revocation list. :param token_values: dictionary of values from a token, normalized for differences between v2 and v3. The checked values @@ -236,7 +236,7 @@ class RevokeDriverV8(object): @abc.abstractmethod def list_events(self, last_fetch=None): - """return the revocation events, as a list of objects + """return the revocation events, as a list of objects. :param last_fetch: Time of last fetch. Return all events newer. :returns: A list of keystone.revoke.model.RevokeEvent @@ -249,7 +249,7 @@ class RevokeDriverV8(object): @abc.abstractmethod def revoke(self, event): - """register a revocation event + """register a revocation event. :param event: An instance of keystone.revoke.model.RevocationEvent diff --git a/keystone/tests/functional/core.py b/keystone/tests/functional/core.py index 2759412b4e..e70b44da3b 100644 --- a/keystone/tests/functional/core.py +++ b/keystone/tests/functional/core.py @@ -50,7 +50,7 @@ class BaseTestCase(testtools.TestCase, common_auth.AuthTestMixin): return headers def get_scoped_token_response(self, user): - """Convenience method so that we can test authenticated requests + """Convenience method so that we can test authenticated requests. :param user: A dictionary with user information like 'username', 'password', 'domain_id' @@ -65,7 +65,7 @@ class BaseTestCase(testtools.TestCase, common_auth.AuthTestMixin): json=body) def get_scoped_token(self, user): - """Convenience method for getting scoped token + """Convenience method for getting scoped token. This method doesn't do any token validaton. diff --git a/keystone/tests/hacking/checks.py b/keystone/tests/hacking/checks.py index a55172368b..08322ccdf4 100644 --- a/keystone/tests/hacking/checks.py +++ b/keystone/tests/hacking/checks.py @@ -227,7 +227,7 @@ class CheckForLoggingIssues(BaseASTChecker): return None def visit_Assign(self, node): - """Look for 'LOG = logging.getLogger' + """Look for 'LOG = logging.getLogger'. This handles the simple case: name = [logging_module].getLogger(...) diff --git a/keystone/tests/unit/assignment/test_backends.py b/keystone/tests/unit/assignment/test_backends.py index 6135e5a917..f28050b2ec 100644 --- a/keystone/tests/unit/assignment/test_backends.py +++ b/keystone/tests/unit/assignment/test_backends.py @@ -2532,7 +2532,7 @@ class InheritanceTests(AssignmentTestHelperMixin): self.execute_assignment_plan(test_plan) def _test_crud_inherited_and_direct_assignment(self, **kwargs): - """Test inherited and direct assignments for the actor and target + """Test inherited and direct assignments for the actor and target. Ensure it is possible to create both inherited and direct role assignments for the same actor on the same target. The actor and the @@ -3195,7 +3195,7 @@ class InheritanceTests(AssignmentTestHelperMixin): test_plan_with_os_inherit_disabled, test_data) def test_list_assignments_for_tree(self): - """Test we correctly list direct assignments for a tree""" + """Test we correctly list direct assignments for a tree.""" # Enable OS-INHERIT extension self.config_fixture.config(group='os_inherit', enabled=True) @@ -3244,7 +3244,7 @@ class InheritanceTests(AssignmentTestHelperMixin): self.execute_assignment_plan(test_plan) def test_list_effective_assignments_for_tree(self): - """Test we correctly list effective assignments for a tree""" + """Test we correctly list effective assignments for a tree.""" # Enable OS-INHERIT extension self.config_fixture.config(group='os_inherit', enabled=True) @@ -3378,7 +3378,7 @@ class InheritanceTests(AssignmentTestHelperMixin): self.execute_assignment_plan(test_plan) def test_list_effective_assignments_for_tree_with_domain_assignments(self): - """Test we correctly honor domain inherited assignments on the tree""" + """Test we correctly honor domain inherited assignments on the tree.""" # Enable OS-INHERIT extension self.config_fixture.config(group='os_inherit', enabled=True) diff --git a/keystone/tests/unit/backend/legacy_drivers/federation/V8/api_v3.py b/keystone/tests/unit/backend/legacy_drivers/federation/V8/api_v3.py index 057b7b5951..d9c4957494 100644 --- a/keystone/tests/unit/backend/legacy_drivers/federation/V8/api_v3.py +++ b/keystone/tests/unit/backend/legacy_drivers/federation/V8/api_v3.py @@ -38,7 +38,7 @@ class FederatedIdentityProviderTestsV8( self.useV8driver() def test_create_idp_remote_repeated(self): - """Create two IdentityProvider entities with some remote_ids + """Create two IdentityProvider entities with some remote_ids. A remote_id is the same for both so the second IdP is not created because of the uniqueness of the remote_ids diff --git a/keystone/tests/unit/contrib/federation/test_utils.py b/keystone/tests/unit/contrib/federation/test_utils.py index 51b5fb6d4c..8fbece089d 100644 --- a/keystone/tests/unit/contrib/federation/test_utils.py +++ b/keystone/tests/unit/contrib/federation/test_utils.py @@ -409,7 +409,7 @@ class MappingRuleEngineTests(unit.BaseTestCase): self.assertEqual([], mapped_properties['group_ids']) def test_rule_engine_whitelist_direct_group_mapping_missing_domain(self): - """Test if the local rule is rejected upon missing domain value + """Test if the local rule is rejected upon missing domain value. This is a variation with a ``whitelist`` filter. @@ -420,7 +420,7 @@ class MappingRuleEngineTests(unit.BaseTestCase): self.assertRaises(exception.ValidationError, rp.process, assertion) def test_rule_engine_blacklist_direct_group_mapping_missing_domain(self): - """Test if the local rule is rejected upon missing domain value + """Test if the local rule is rejected upon missing domain value. This is a variation with a ``blacklist`` filter. @@ -623,7 +623,7 @@ class MappingRuleEngineTests(unit.BaseTestCase): assertion) def test_rule_engine_group_ids_mapping_whitelist(self): - """Test mapping engine when group_ids is explicitly set + """Test mapping engine when group_ids is explicitly set. Also test whitelists on group ids diff --git a/keystone/tests/unit/fakeldap.py b/keystone/tests/unit/fakeldap.py index 152277c46b..07dc84e7a9 100644 --- a/keystone/tests/unit/fakeldap.py +++ b/keystone/tests/unit/fakeldap.py @@ -566,7 +566,7 @@ class FakeLdap(core.LDAPHandler): def result3(self, msgid=ldap.RES_ANY, all=1, timeout=None, resp_ctrl_classes=None): - """Execute async request + """Execute async request. Only msgid param is supported. Request info is fetched from global variable `PendingRequests` by msgid, executed using search_s and @@ -638,7 +638,7 @@ class FakeLdapPool(FakeLdap): class FakeLdapNoSubtreeDelete(FakeLdap): - """FakeLdap subclass that does not support subtree delete + """FakeLdap subclass that does not support subtree delete. Same as FakeLdap except delete will throw the LDAP error ldap.NOT_ALLOWED_ON_NONLEAF if there is an attempt to delete diff --git a/keystone/tests/unit/filtering.py b/keystone/tests/unit/filtering.py index 59301299c2..28befb13ed 100644 --- a/keystone/tests/unit/filtering.py +++ b/keystone/tests/unit/filtering.py @@ -99,7 +99,7 @@ class FilterTests(object): def _create_test_data(self, entity_type, number, domain_id=None, name_dict=None): - """Create entity test data + """Create entity test data. :param entity_type: type of entity to create, e.g. 'user', group' etc. :param number: number of entities to create, diff --git a/keystone/tests/unit/resource/test_backends.py b/keystone/tests/unit/resource/test_backends.py index 5ab1bd5508..ad946339fc 100644 --- a/keystone/tests/unit/resource/test_backends.py +++ b/keystone/tests/unit/resource/test_backends.py @@ -874,7 +874,7 @@ class ResourceTests(object): self.assertEqual(1, len(parents)) def test_update_project_enabled_cascade(self): - """Test update_project_cascade + """Test update_project_cascade. Ensures the enabled attribute is correctly updated across a simple 3-level projects hierarchy. diff --git a/keystone/tests/unit/test_associate_project_endpoint_extension.py b/keystone/tests/unit/test_associate_project_endpoint_extension.py index 70e1713072..365190ed8c 100644 --- a/keystone/tests/unit/test_associate_project_endpoint_extension.py +++ b/keystone/tests/unit/test_associate_project_endpoint_extension.py @@ -54,7 +54,7 @@ class EndpointFilterDeprecateTestCase(test_v3.RestfulTestCase): class EndpointFilterCRUDTestCase(EndpointFilterTestCase): def test_create_endpoint_project_association(self): - """PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} + """PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}. Valid endpoint and project id test case. @@ -62,7 +62,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): self.put(self.default_request_url) def test_create_endpoint_project_association_with_invalid_project(self): - """PUT OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} + """PUT OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}. Invalid project id test case. @@ -74,7 +74,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): expected_status=http_client.NOT_FOUND) def test_create_endpoint_project_association_with_invalid_endpoint(self): - """PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} + """PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}. Invalid endpoint id test case. @@ -86,7 +86,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): expected_status=http_client.NOT_FOUND) def test_create_endpoint_project_association_with_unexpected_body(self): - """PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} + """PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}. Unexpected body in request. The body should be ignored. @@ -95,7 +95,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): body={'project_id': self.default_domain_project_id}) def test_check_endpoint_project_association(self): - """HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} + """HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}. Valid project and endpoint id test case. @@ -107,7 +107,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): 'endpoint_id': self.endpoint_id}) def test_check_endpoint_project_association_with_invalid_project(self): - """HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} + """HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}. Invalid project id test case. @@ -120,7 +120,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): expected_status=http_client.NOT_FOUND) def test_check_endpoint_project_association_with_invalid_endpoint(self): - """HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} + """HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}. Invalid endpoint id test case. @@ -133,7 +133,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): expected_status=http_client.NOT_FOUND) def test_list_endpoints_associated_with_valid_project(self): - """GET /OS-EP-FILTER/projects/{project_id}/endpoints + """GET /OS-EP-FILTER/projects/{project_id}/endpoints. Valid project and endpoint id test case. @@ -146,7 +146,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): resource_url=resource_url) def test_list_endpoints_associated_with_invalid_project(self): - """GET /OS-EP-FILTER/projects/{project_id}/endpoints + """GET /OS-EP-FILTER/projects/{project_id}/endpoints. Invalid project id test case. @@ -157,7 +157,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): expected_status=http_client.NOT_FOUND) def test_list_projects_associated_with_endpoint(self): - """GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects + """GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects. Valid endpoint-project association test case. @@ -170,7 +170,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): resource_url=resource_url) def test_list_projects_with_no_endpoint_project_association(self): - """GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects + """GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects. Valid endpoint id but no endpoint-project associations test case. @@ -180,7 +180,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): self.assertValidProjectListResponse(r, expected_length=0) def test_list_projects_associated_with_invalid_endpoint(self): - """GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects + """GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects. Invalid endpoint id test case. @@ -190,7 +190,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): expected_status=http_client.NOT_FOUND) def test_remove_endpoint_project_association(self): - """DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} + """DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}. Valid project id and endpoint id test case. @@ -202,7 +202,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): 'endpoint_id': self.endpoint_id}) def test_remove_endpoint_project_association_with_invalid_project(self): - """DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} + """DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}. Invalid project id test case. @@ -215,7 +215,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase): expected_status=http_client.NOT_FOUND) def test_remove_endpoint_project_association_with_invalid_endpoint(self): - """DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id} + """DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}. Invalid endpoint id test case. @@ -698,7 +698,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): DEFAULT_ENDPOINT_GROUP_URL = '/OS-EP-FILTER/endpoint_groups' def test_create_endpoint_group(self): - """POST /OS-EP-FILTER/endpoint_groups + """POST /OS-EP-FILTER/endpoint_groups. Valid endpoint group test case. @@ -719,7 +719,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): 'endpoint_group_id': r.result['endpoint_group']['id']})) def test_create_invalid_endpoint_group(self): - """POST /OS-EP-FILTER/endpoint_groups + """POST /OS-EP-FILTER/endpoint_groups. Invalid endpoint group creation test case. @@ -731,7 +731,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): expected_status=http_client.BAD_REQUEST) def test_get_endpoint_group(self): - """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group} + """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}. Valid endpoint group test case. @@ -755,7 +755,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): matchers.EndsWith(url)) def test_get_invalid_endpoint_group(self): - """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group} + """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}. Invalid endpoint group test case. @@ -766,7 +766,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): self.get(url, expected_status=http_client.NOT_FOUND) def test_check_endpoint_group(self): - """HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id} + """HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}. Valid endpoint_group_id test case. @@ -779,7 +779,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): self.head(url, expected_status=http_client.OK) def test_check_invalid_endpoint_group(self): - """HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id} + """HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}. Invalid endpoint_group_id test case. @@ -790,7 +790,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): self.head(url, expected_status=http_client.NOT_FOUND) def test_patch_endpoint_group(self): - """PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group} + """PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}. Valid endpoint group patch test case. @@ -812,7 +812,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): matchers.EndsWith(url)) def test_patch_nonexistent_endpoint_group(self): - """PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group} + """PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}. Invalid endpoint group patch test case. @@ -827,7 +827,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): self.patch(url, body=body, expected_status=http_client.NOT_FOUND) def test_patch_invalid_endpoint_group(self): - """PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group} + """PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}. Valid endpoint group patch test case. @@ -859,7 +859,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): self.assertDictEqual(self.DEFAULT_ENDPOINT_GROUP_BODY, r.result) def test_delete_endpoint_group(self): - """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group} + """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}. Valid endpoint group test case. @@ -873,7 +873,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): self.get(url, expected_status=http_client.NOT_FOUND) def test_delete_invalid_endpoint_group(self): - """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group} + """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}. Invalid endpoint group test case. @@ -1003,7 +1003,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): r.result['endpoint_groups'][0].get('id')) def test_list_projects_associated_with_endpoint_group(self): - """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects + """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects. Valid endpoint group test case. @@ -1023,7 +1023,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): self.get(url) def test_list_endpoints_associated_with_endpoint_group(self): - """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/endpoints + """GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/endpoints. Valid endpoint group test case. @@ -1061,7 +1061,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase): self.assertEqual(endpoint_id, r.result['endpoints'][0].get('id')) def test_list_endpoints_associated_with_project_endpoint_group(self): - """GET /OS-EP-FILTER/projects/{project_id}/endpoints + """GET /OS-EP-FILTER/projects/{project_id}/endpoints. Valid project, endpoint id, and endpoint group test case. diff --git a/keystone/tests/unit/test_backend_sql.py b/keystone/tests/unit/test_backend_sql.py index fea79bb9db..ee070231dc 100644 --- a/keystone/tests/unit/test_backend_sql.py +++ b/keystone/tests/unit/test_backend_sql.py @@ -894,7 +894,7 @@ class SqlFilterTests(SqlTests, identity_tests.FilterTests): self.assertFalse(hints.get_exact_filter_by_name('domain_id')) def test_filter_sql_injection_attack(self): - """Test against sql injection attack on filters + """Test against sql injection attack on filters. Test Plan: - Attempt to get all entities back by passing a two-term attribute diff --git a/keystone/tests/unit/test_kvs.py b/keystone/tests/unit/test_kvs.py index bc3249a2b9..12be81b79c 100644 --- a/keystone/tests/unit/test_kvs.py +++ b/keystone/tests/unit/test_kvs.py @@ -613,7 +613,7 @@ class TestCacheRegionInit(unit.TestCase): backing_store=self.kvs_backend) def test_kvs_configure_called_twice(self): - """Check if configure() is called again""" + """Check if configure() is called again.""" target = core.KeyValueStore with mock.patch.object(target, 'configure') as configure_mock: store = core.get_key_value_store(self.store_name) diff --git a/keystone/tests/unit/test_sql_migrate_extensions.py b/keystone/tests/unit/test_sql_migrate_extensions.py index 125b915055..0cfcc55faa 100644 --- a/keystone/tests/unit/test_sql_migrate_extensions.py +++ b/keystone/tests/unit/test_sql_migrate_extensions.py @@ -12,6 +12,8 @@ # License for the specific language governing permissions and limitations # under the License. """ +Test SQL migration extensions. + To run these tests against a live database: 1. Modify the file `keystone/tests/unit/config_files/backend_sql.conf` to use diff --git a/keystone/tests/unit/test_sql_upgrade.py b/keystone/tests/unit/test_sql_upgrade.py index 102df85021..7a42a31ce2 100644 --- a/keystone/tests/unit/test_sql_upgrade.py +++ b/keystone/tests/unit/test_sql_upgrade.py @@ -12,6 +12,8 @@ # License for the specific language governing permissions and limitations # under the License. """ +Test for SQL migration extensions. + To run these tests against a live database: 1. Modify the file ``keystone/tests/unit/config_files/backend_sql.conf`` to use diff --git a/keystone/tests/unit/test_v2.py b/keystone/tests/unit/test_v2.py index 86a9dd72dd..546a59dc8b 100644 --- a/keystone/tests/unit/test_v2.py +++ b/keystone/tests/unit/test_v2.py @@ -444,7 +444,7 @@ class CoreApiTests(object): raise NotImplementedError() def assertNoRoles(self, r): - """Helper method to assert No Roles + """Helper method to assert No Roles. This needs to be overridden by child classes based on their content type. diff --git a/keystone/tests/unit/test_v3.py b/keystone/tests/unit/test_v3.py index 411af98f73..09b80355ab 100644 --- a/keystone/tests/unit/test_v3.py +++ b/keystone/tests/unit/test_v3.py @@ -1464,7 +1464,7 @@ class AuthContextMiddlewareTestCase(RestfulTestCase): class JsonHomeTestMixin(object): - """JSON Home test + """JSON Home test. Mixin this class to provide a test for the JSON-Home response for an extension. diff --git a/keystone/tests/unit/test_v3_assignment.py b/keystone/tests/unit/test_v3_assignment.py index 7a0394bfcc..fa168c8dfc 100644 --- a/keystone/tests/unit/test_v3_assignment.py +++ b/keystone/tests/unit/test_v3_assignment.py @@ -305,7 +305,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase, self.head(member_url, expected_status=http_client.NOT_FOUND) def test_token_revoked_once_group_role_grant_revoked(self): - """Test token is revoked when group role grant is revoked + """Test token is revoked when group role grant is revoked. When a role granted to a group is revoked for a given scope, all tokens related to this scope and belonging to one of the members @@ -2779,7 +2779,7 @@ class DomainSpecificRoleTests(test_v3.RestfulTestCase, unit.TestCase): class ListUserProjectsTestCase(test_v3.RestfulTestCase): - """Test for /users//projects""" + """Test for /users//projects.""" def load_sample_data(self): # do not load base class's data, keep it focused on the tests diff --git a/keystone/tests/unit/test_v3_auth.py b/keystone/tests/unit/test_v3_auth.py index c67202d592..b8859fc3e4 100644 --- a/keystone/tests/unit/test_v3_auth.py +++ b/keystone/tests/unit/test_v3_auth.py @@ -3582,7 +3582,7 @@ class TestTrustOptional(test_v3.RestfulTestCase): class TrustAPIBehavior(test_v3.RestfulTestCase): - """Redelegation valid and secure + """Redelegation valid and secure. Redelegation is a hierarchical structure of trusts between initial trustor and a group of users allowed to impersonate trustor and act in his name. diff --git a/keystone/tests/unit/test_v3_domain_config.py b/keystone/tests/unit/test_v3_domain_config.py index ee716081b3..eefdecda0e 100644 --- a/keystone/tests/unit/test_v3_domain_config.py +++ b/keystone/tests/unit/test_v3_domain_config.py @@ -47,7 +47,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): self.assertEqual(self.config, res) def test_create_config_invalid_domain(self): - """Call ``PUT /domains/{domain_id}/config`` + """Call ``PUT /domains/{domain_id}/config``. While creating Identity API-based domain config with an invalid domain id provided, the request shall be rejected with a response, 404 domain @@ -60,7 +60,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): expected_status=exception.DomainNotFound.code) def test_create_config_twice(self): - """Check multiple creates don't throw error""" + """Check multiple creates don't throw error.""" self.put('/domains/%(domain_id)s/config' % { 'domain_id': self.domain['id']}, body={'config': self.config}, @@ -80,7 +80,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): expected_status=exception.DomainConfigNotFound.code) def test_delete_config_invalid_domain(self): - """Call ``DELETE /domains{domain_id}/config`` + """Call ``DELETE /domains{domain_id}/config``. While deleting Identity API-based domain config with an invalid domain id provided, the request shall be rejected with a response, 404 domain @@ -101,7 +101,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): self.assertNotIn('ldap', res) def test_delete_config_by_group_invalid_domain(self): - """Call ``DELETE /domains{domain_id}/config/{group}`` + """Call ``DELETE /domains{domain_id}/config/{group}``. While deleting Identity API-based domain config by group with an invalid domain id provided, the request shall be rejected with a @@ -132,7 +132,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): self.head(url, expected_status=http_client.OK) def test_get_config_by_group_invalid_domain(self): - """Call ``GET & HEAD /domains{domain_id}/config/{group}`` + """Call ``GET & HEAD /domains{domain_id}/config/{group}``. While retrieving Identity API-based domain config by group with an invalid domain id provided, the request shall be rejected with a @@ -155,7 +155,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): self.head(url, expected_status=http_client.OK) def test_get_config_by_option_invalid_domain(self): - """Call ``GET & HEAD /domains{domain_id}/config/{group}/{option}`` + """Call ``GET & HEAD /domains{domain_id}/config/{group}/{option}``. While retrieving Identity API-based domain config by option with an invalid domain id provided, the request shall be rejected with a @@ -174,7 +174,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): expected_status=http_client.NOT_FOUND) def test_get_non_existant_config_invalid_domain(self): - """Call ``GET /domains{domain_id}/config when no config defined`` + """Call ``GET /domains{domain_id}/config when no config defined``. While retrieving non-existent Identity API-based domain config with an invalid domain id provided, the request shall be rejected with a @@ -194,7 +194,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): expected_status=http_client.NOT_FOUND) def test_get_non_existant_config_group_invalid_domain(self): - """Call ``GET /domains{domain_id}/config/{group_not_exist}`` + """Call ``GET /domains{domain_id}/config/{group_not_exist}``. While retrieving non-existent Identity API-based domain config group with an invalid domain id provided, the request shall be rejected with @@ -216,7 +216,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): expected_status=http_client.NOT_FOUND) def test_get_non_existant_config_option_invalid_domain(self): - """Call ``GET /domains{domain_id}/config/group/{option_not_exist}`` + """Call ``GET /domains{domain_id}/config/group/{option_not_exist}``. While retrieving non-existent Identity API-based domain config option with an invalid domain id provided, the request shall be rejected with @@ -246,7 +246,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): self.assertEqual(expected_config, res) def test_update_config_invalid_domain(self): - """Call ``PATCH /domains/{domain_id}/config`` + """Call ``PATCH /domains/{domain_id}/config``. While updating Identity API-based domain config with an invalid domain id provided, the request shall be rejected with a response, 404 domain @@ -278,7 +278,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): self.assertEqual(expected_config, res) def test_update_config_group_invalid_domain(self): - """Call ``PATCH /domains/{domain_id}/config/{group}`` + """Call ``PATCH /domains/{domain_id}/config/{group}``. While updating Identity API-based domain config group with an invalid domain id provided, the request shall be rejected with a response, @@ -317,7 +317,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): expected_status=http_client.NOT_FOUND) def test_update_config_invalid_group_invalid_domain(self): - """Call ``PATCH /domains/{domain_id}/config/{invalid_group}`` + """Call ``PATCH /domains/{domain_id}/config/{invalid_group}``. While updating Identity API-based domain config with an invalid group and an invalid domain id provided, the request shall be rejected @@ -348,7 +348,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): self.assertEqual(expected_config, res) def test_update_config_option_invalid_domain(self): - """Call ``PATCH /domains/{domain_id}/config/{group}/{option}`` + """Call ``PATCH /domains/{domain_id}/config/{group}/{option}``. While updating Identity API-based domain config option with an invalid domain id provided, the request shall be rejected with a response, 404 @@ -385,7 +385,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase): expected_status=http_client.NOT_FOUND) def test_update_config_invalid_option_invalid_domain(self): - """Call ``PATCH /domains/{domain_id}/config/{group}/{invalid}`` + """Call ``PATCH /domains/{domain_id}/config/{group}/{invalid}``. While updating Identity API-based domain config with an invalid option and an invalid domain id provided, the request shall be rejected diff --git a/keystone/tests/unit/test_v3_federation.py b/keystone/tests/unit/test_v3_federation.py index 80e4653e19..8f1a54e42a 100644 --- a/keystone/tests/unit/test_v3_federation.py +++ b/keystone/tests/unit/test_v3_federation.py @@ -879,7 +879,7 @@ class FederatedIdentityProviderTests(test_v3.RestfulTestCase): ref=body) def test_create_idp_remote_repeated(self): - """Create two IdentityProvider entities with some remote_ids + """Create two IdentityProvider entities with some remote_ids. A remote_id is the same for both so the second IdP is not created because of the uniqueness of the remote_ids @@ -1219,7 +1219,7 @@ class FederatedIdentityProviderTests(test_v3.RestfulTestCase): expected_status=http_client.BAD_REQUEST) def test_update_nonexistent_idp(self): - """Update nonexistent IdP + """Update nonexistent IdP. Expect HTTP 404 Not Found code. @@ -1524,7 +1524,7 @@ class MappingCRUDTests(test_v3.RestfulTestCase): body={'mapping': mapping_fixtures.MAPPING_EXTRA_RULES_PROPS}) def test_create_mapping_with_blacklist_and_whitelist(self): - """Test for adding whitelist and blacklist in the rule + """Test for adding whitelist and blacklist in the rule. Server should respond with HTTP 400 Bad Request error upon discovering both ``whitelist`` and ``blacklist`` keywords in the same rule. @@ -2072,7 +2072,7 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin): scoped_token, expected_status=http_client.INTERNAL_SERVER_ERROR) def test_lists_with_missing_group_in_backend(self): - """Test a mapping that points to a group that does not exist + """Test a mapping that points to a group that does not exist. For explicit mappings, we expect the group to exist in the backend, but for lists, specifically blacklists, a missing group is expected @@ -2125,7 +2125,7 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin): self.federation_api.update_mapping(self.mapping['id'], rules) def test_empty_blacklist_passess_all_values(self): - """Test a mapping with empty blacklist specified + """Test a mapping with empty blacklist specified. Not adding a ``blacklist`` keyword to the mapping rules has the same effect as adding an empty ``blacklist``. @@ -2272,7 +2272,7 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin): self.assertIn(group['id'], group_ids) def test_empty_whitelist_discards_all_values(self): - """Test that empty whitelist blocks all the values + """Test that empty whitelist blocks all the values. Not adding a ``whitelist`` keyword to the mapping value is different than adding empty whitelist. The former case will simply pass all the @@ -2334,7 +2334,7 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin): assertion='UNMATCHED_GROUP_ASSERTION') def test_not_setting_whitelist_accepts_all_values(self): - """Test that not setting whitelist passes + """Test that not setting whitelist passes. Not adding a ``whitelist`` keyword to the mapping value is different than adding empty whitelist. The former case will simply pass all the @@ -2582,7 +2582,7 @@ class FederatedTokenTestsMethodToken(FederatedTokenTests): class FederatedUserTests(test_v3.RestfulTestCase, FederatedSetupMixin): - """Test for federated users + """Test for federated users. Tests new shadow users functionality diff --git a/keystone/tests/unit/test_v3_filters.py b/keystone/tests/unit/test_v3_filters.py index 9dc19af580..488de7d1d0 100644 --- a/keystone/tests/unit/test_v3_filters.py +++ b/keystone/tests/unit/test_v3_filters.py @@ -95,7 +95,7 @@ class IdentityTestFilteredCase(filtering.FilterTests, policyfile.write(jsonutils.dumps(new_policy)) def test_list_users_filtered_by_domain(self): - """GET /users?domain_id=mydomain (filtered) + """GET /users?domain_id=mydomain (filtered). Test Plan: @@ -113,7 +113,7 @@ class IdentityTestFilteredCase(filtering.FilterTests, self.assertIn(self.user3['id'], id_list) def test_list_filtered_domains(self): - """GET /domains?enabled=0 + """GET /domains?enabled=0. Test Plan: @@ -156,7 +156,7 @@ class IdentityTestFilteredCase(filtering.FilterTests, self.assertIn(CONF.identity.default_domain_id, id_list) def test_multiple_filters(self): - """GET /domains?enabled&name=myname + """GET /domains?enabled&name=myname. Test Plan: @@ -176,7 +176,7 @@ class IdentityTestFilteredCase(filtering.FilterTests, self.assertIs(True, r.result.get('domains')[0]['enabled']) def test_invalid_filter_is_ignored(self): - """GET /domains?enableds&name=myname + """GET /domains?enableds&name=myname. Test Plan: @@ -199,7 +199,7 @@ class IdentityTestFilteredCase(filtering.FilterTests, self.assertIs(True, r.result.get('domains')[0]['enabled']) def test_list_users_filtered_by_funny_name(self): - """GET /users?name=%myname% + """GET /users?name=%myname%. Test Plan: @@ -283,7 +283,7 @@ class IdentityTestFilteredCase(filtering.FilterTests, self._delete_test_data('user', user_list) def test_filter_sql_injection_attack(self): - """GET /users?name= + """GET /users?name=. Test Plan: @@ -362,7 +362,7 @@ class IdentityTestListLimitCase(IdentityTestFilteredCase): self.policy_api.delete_policy(policy['id']) def _test_entity_list_limit(self, entity, driver): - """GET / (limited) + """GET / (limited). Test Plan: diff --git a/keystone/tests/unit/test_v3_oauth1.py b/keystone/tests/unit/test_v3_oauth1.py index 198dffb8ad..88d04ecb74 100644 --- a/keystone/tests/unit/test_v3_oauth1.py +++ b/keystone/tests/unit/test_v3_oauth1.py @@ -814,7 +814,7 @@ class OAuthNotificationTests(OAuth1Tests, cadftaxonomy.SECURITY_ACCOUNT) def test_oauth_flow_notifications(self): - """Test to ensure notifications are sent for oauth tokens + """Test to ensure notifications are sent for oauth tokens. This test is very similar to test_oauth_flow, however there are additional checks in this test for ensuring that diff --git a/keystone/tests/unit/test_v3_protection.py b/keystone/tests/unit/test_v3_protection.py index 9f2c8a19a2..3568735b10 100644 --- a/keystone/tests/unit/test_v3_protection.py +++ b/keystone/tests/unit/test_v3_protection.py @@ -113,7 +113,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase): policyfile.write(jsonutils.dumps(new_policy)) def test_list_users_unprotected(self): - """GET /users (unprotected) + """GET /users (unprotected). Test Plan: @@ -130,7 +130,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase): self.assertIn(self.user3['id'], id_list) def test_list_users_filtered_by_domain(self): - """GET /users?domain_id=mydomain (filtered) + """GET /users?domain_id=mydomain (filtered). Test Plan: @@ -148,7 +148,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase): self.assertIn(self.user3['id'], id_list) def test_get_user_protected_match_id(self): - """GET /users/{id} (match payload) + """GET /users/{id} (match payload). Test Plan: @@ -168,7 +168,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase): self.assertEqual(self.user1['id'], r.result['user']['id']) def test_get_user_protected_match_target(self): - """GET /users/{id} (match target) + """GET /users/{id} (match target). Test Plan: @@ -200,7 +200,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase): expected_status=exception.UserNotFound.code) def test_revoke_grant_protected_match_target(self): - """DELETE /domains/{id}/users/{id}/roles/{id} (match target) + """DELETE /domains/{id}/users/{id}/roles/{id} (match target). Test Plan: @@ -239,7 +239,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase): self.delete(member_url, auth=self.auth) def test_list_users_protected_by_domain(self): - """GET /users?domain_id=mydomain (protected) + """GET /users?domain_id=mydomain (protected). Test Plan: @@ -270,7 +270,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase): expected_status=exception.ForbiddenAction.code) def test_list_groups_protected_by_domain(self): - """GET /groups?domain_id=mydomain (protected) + """GET /groups?domain_id=mydomain (protected). Test Plan: @@ -301,7 +301,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase): expected_status=exception.ForbiddenAction.code) def test_list_groups_protected_by_domain_and_filtered(self): - """GET /groups?domain_id=mydomain&name=myname (protected) + """GET /groups?domain_id=mydomain&name=myname (protected). Test Plan: diff --git a/keystone/tests/unit/test_v3_resource.py b/keystone/tests/unit/test_v3_resource.py index 9ee1fa3ba4..efb0ec60ac 100644 --- a/keystone/tests/unit/test_v3_resource.py +++ b/keystone/tests/unit/test_v3_resource.py @@ -958,7 +958,7 @@ class ResourceTestCase(test_v3.RestfulTestCase, [p['id'] for p in r.result['projects']]) def test_list_project_is_domain_filter_default(self): - """Default project list should not see projects acting as domains""" + """Default project list should not see projects acting as domains.""" # Get the initial count of regular projects r = self.get('/projects?is_domain=False', expected_status=200) number_is_domain_false = len(r.result['projects']) @@ -1259,7 +1259,7 @@ class ResourceTestCase(test_v3.RestfulTestCase, expected_status=http_client.FORBIDDEN) def test_delete_project(self): - """Call ``DELETE /projects/{project_id}`` + """Call ``DELETE /projects/{project_id}``. As well as making sure the delete succeeds, we ensure that any credentials that reference this projects are diff --git a/keystone/tests/unit/test_validation.py b/keystone/tests/unit/test_validation.py index bbe4472d60..d806e93044 100644 --- a/keystone/tests/unit/test_validation.py +++ b/keystone/tests/unit/test_validation.py @@ -306,7 +306,7 @@ class EntityValidationTestCase(unit.BaseTestCase): request_to_validate) def test_create_entity_with_valid_email_validates(self): - """Validate email address + """Validate email address. Test that we successfully validate properly formatted email addresses. @@ -1025,7 +1025,7 @@ class ServiceValidationTestCase(unit.BaseTestCase): self.create_service_validator.validate(request_to_validate) def test_validate_service_create_fails_with_invalid_enabled(self): - """Exception raised when boolean-like parameters as `enabled` + """Exception raised when boolean-like parameters as `enabled`. On service create, make sure an exception is raised if `enabled` is not a boolean value. @@ -2038,7 +2038,7 @@ class IdentityProviderValidationTestCase(unit.BaseTestCase): request_to_validate) def test_validate_idp_request_remote_id_nullable(self): - """Test that `remote_ids` could be explicitly set to None""" + """Test that `remote_ids` could be explicitly set to None.""" request_to_validate = {'remote_ids': None} self.create_idp_validator.validate(request_to_validate) self.update_idp_validator.validate(request_to_validate) diff --git a/keystone/token/persistence/backends/sql.py b/keystone/token/persistence/backends/sql.py index 709d82353a..fd9e0977e1 100644 --- a/keystone/token/persistence/backends/sql.py +++ b/keystone/token/persistence/backends/sql.py @@ -114,7 +114,7 @@ class Token(token.persistence.TokenDriverV8): def delete_tokens(self, user_id, tenant_id=None, trust_id=None, consumer_id=None): - """Delete all tokens in one session + """Delete all tokens in one session. The user_id will be ignored if the trust_id is specified. user_id will always be specified. @@ -244,7 +244,7 @@ class Token(token.persistence.TokenDriverV8): return tokens def _expiry_range_strategy(self, dialect): - """Choose a token range expiration strategy + """Choose a token range expiration strategy. Based on the DB dialect, select an expiry range callable that is appropriate. diff --git a/keystone/token/persistence/core.py b/keystone/token/persistence/core.py index 29e2c18875..00c40a0be7 100644 --- a/keystone/token/persistence/core.py +++ b/keystone/token/persistence/core.py @@ -320,7 +320,7 @@ class TokenDriverV8(object): @abc.abstractmethod def _list_tokens(self, user_id, tenant_id=None, trust_id=None, consumer_id=None): - """Return a list of current token_id's for a user + """Return a list of current token_id's for a user. This is effectively a private method only used by the ``delete_tokens`` method and should not be called by anything outside of the @@ -341,7 +341,7 @@ class TokenDriverV8(object): @abc.abstractmethod def list_revoked_tokens(self): - """Return a list of all revoked tokens + """Return a list of all revoked tokens. :returns: list of token_id's diff --git a/keystone/token/providers/common.py b/keystone/token/providers/common.py index 0f0f7ee555..c1cc35505b 100644 --- a/keystone/token/providers/common.py +++ b/keystone/token/providers/common.py @@ -289,7 +289,7 @@ class V3TokenDataHelper(object): def populate_roles_for_groups(self, token_data, group_ids, project_id=None, domain_id=None, user_id=None): - """Populate roles basing on provided groups and project/domain + """Populate roles basing on provided groups and project/domain. Used for ephemeral users with dynamically assigned groups. This method does not return anything, yet it modifies token_data in diff --git a/keystone/token/providers/pki.py b/keystone/token/providers/pki.py index f903124426..2eb2e69b90 100644 --- a/keystone/token/providers/pki.py +++ b/keystone/token/providers/pki.py @@ -12,7 +12,7 @@ # License for the specific language governing permissions and limitations # under the License. -"""Keystone PKI Token Provider""" +"""Keystone PKI Token Provider.""" import subprocess # nosec : used to catch subprocess exceptions diff --git a/keystone/token/providers/pkiz.py b/keystone/token/providers/pkiz.py index 0e178d2556..50d1523ed0 100644 --- a/keystone/token/providers/pkiz.py +++ b/keystone/token/providers/pkiz.py @@ -10,7 +10,7 @@ # License for the specific language governing permissions and limitations # under the License. -"""Keystone Compressed PKI Token Provider""" +"""Keystone Compressed PKI Token Provider.""" import subprocess # nosec : used to catch subprocess exceptions diff --git a/keystone/token/providers/uuid.py b/keystone/token/providers/uuid.py index f9a9161740..8dfadef132 100644 --- a/keystone/token/providers/uuid.py +++ b/keystone/token/providers/uuid.py @@ -12,7 +12,7 @@ # License for the specific language governing permissions and limitations # under the License. -"""Keystone UUID Token Provider""" +"""Keystone UUID Token Provider.""" from __future__ import absolute_import diff --git a/tox.ini b/tox.ini index 9537e8cbdc..e942b5940e 100644 --- a/tox.ini +++ b/tox.ini @@ -133,8 +133,7 @@ show-source = true # D105: Missing docstring in magic method # D203: 1 blank required before class docstring. # D205: Blank line required between one-line summary and description. -# D400: First line should end with a period. -ignore = D100,D101,D102,D103,D104,D105,D203,D205,D400 +ignore = D100,D101,D102,D103,D104,D105,D203,D205 exclude=.venv,.git,.tox,build,dist,doc,*openstack/common*,*lib/python*,*egg,tools,vendor,.update-venv,*.ini,*.po,*.pot max-complexity=24