Fix D400 PEP257
Currently tox ignores D401. D400: First line should end with a period. This change removes it and make keystone docstring compliantwith it. Change-Id: I9a9520e69701718ff471eebbcc52199dacdd9c68
This commit is contained in:
parent
e380a3c005
commit
2c4f948db0
|
@ -301,7 +301,7 @@ class Assignment(keystone_assignment.AssignmentDriverV8):
|
|||
return [AssignmentType.USER_DOMAIN, AssignmentType.GROUP_DOMAIN]
|
||||
|
||||
def _get_assignment_types(self, user, group, project, domain):
|
||||
"""Return a list of role assignment types based on provided entities
|
||||
"""Return a list of role assignment types based on provided entities.
|
||||
|
||||
If one of user or group (the "actor") as well as one of project or
|
||||
domain (the "target") are provided, the list will contain the role
|
||||
|
|
|
@ -151,7 +151,7 @@ class Assignment(keystone_assignment.AssignmentDriverV9):
|
|||
return [AssignmentType.USER_DOMAIN, AssignmentType.GROUP_DOMAIN]
|
||||
|
||||
def _get_assignment_types(self, user, group, project, domain):
|
||||
"""Return a list of role assignment types based on provided entities
|
||||
"""Return a list of role assignment types based on provided entities.
|
||||
|
||||
If one of user or group (the "actor") as well as one of project or
|
||||
domain (the "target") are provided, the list will contain the role
|
||||
|
|
|
@ -236,7 +236,7 @@ class Manager(manager.Manager):
|
|||
COMPUTED_ASSIGNMENTS_REGION.invalidate()
|
||||
|
||||
def remove_user_from_project(self, tenant_id, user_id):
|
||||
"""Remove user from a tenant
|
||||
"""Remove user from a tenant.
|
||||
|
||||
:raises keystone.exception.ProjectNotFound: If the project doesn't
|
||||
exist.
|
||||
|
@ -1647,7 +1647,7 @@ class RoleDriverV9(RoleDriverBase):
|
|||
|
||||
@abc.abstractmethod
|
||||
def get_implied_role(self, prior_role_id, implied_role_id):
|
||||
"""Fetche a role inference rule
|
||||
"""Fetche a role inference rule.
|
||||
|
||||
:raises keystone.exception.ImpliedRoleNotFound: If the implied role
|
||||
doesn't exist.
|
||||
|
@ -1657,7 +1657,7 @@ class RoleDriverV9(RoleDriverBase):
|
|||
|
||||
@abc.abstractmethod
|
||||
def create_implied_role(self, prior_role_id, implied_role_id):
|
||||
"""Create a role inference rule
|
||||
"""Create a role inference rule.
|
||||
|
||||
:raises: keystone.exception.RoleNotFound: If the role doesn't exist.
|
||||
|
||||
|
@ -1666,7 +1666,7 @@ class RoleDriverV9(RoleDriverBase):
|
|||
|
||||
@abc.abstractmethod
|
||||
def delete_implied_role(self, prior_role_id, implied_role_id):
|
||||
"""Delete a role inference rule
|
||||
"""Delete a role inference rule.
|
||||
|
||||
:raises keystone.exception.ImpliedRoleNotFound: If the implied role
|
||||
doesn't exist.
|
||||
|
@ -1676,12 +1676,12 @@ class RoleDriverV9(RoleDriverBase):
|
|||
|
||||
@abc.abstractmethod
|
||||
def list_role_inference_rules(self):
|
||||
"""List all the rules used to imply one role from another"""
|
||||
"""List all the rules used to imply one role from another."""
|
||||
raise exception.NotImplemented() # pragma: no cover
|
||||
|
||||
@abc.abstractmethod
|
||||
def list_implied_roles(self, prior_role_id):
|
||||
"""List roles implied from the prior role ID"""
|
||||
"""List roles implied from the prior role ID."""
|
||||
raise exception.NotImplemented() # pragma: no cover
|
||||
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
"""Keystone External Authentication Plugins"""
|
||||
"""Keystone External Authentication Plugins."""
|
||||
|
||||
import abc
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
"""Time-based One-time Password Algorithm (TOTP) auth plugin
|
||||
"""Time-based One-time Password Algorithm (TOTP) auth plugin.
|
||||
|
||||
TOTP is an algorithm that computes a one-time password from a shared secret
|
||||
key and the current time.
|
||||
|
@ -69,7 +69,7 @@ def _generate_totp_passcode(secret):
|
|||
class TOTP(auth.AuthMethodHandler):
|
||||
|
||||
def authenticate(self, context, auth_payload, auth_context):
|
||||
"""Try to authenticate using TOTP"""
|
||||
"""Try to authenticate using TOTP."""
|
||||
user_info = plugins.TOTPUserInfo.create(auth_payload, METHOD_NAME)
|
||||
auth_passcode = auth_payload.get('user').get('passcode')
|
||||
|
||||
|
|
|
@ -55,7 +55,7 @@ class BaseApp(object):
|
|||
|
||||
|
||||
class BootStrap(BaseApp):
|
||||
"""Perform the basic bootstrap process"""
|
||||
"""Perform the basic bootstrap process."""
|
||||
|
||||
name = "bootstrap"
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
"""Base model for keystone internal services
|
||||
"""Base model for keystone internal services.
|
||||
|
||||
Unless marked otherwise, all fields are strings.
|
||||
|
||||
|
|
|
@ -137,7 +137,7 @@ def _sync_common_repo(version):
|
|||
|
||||
|
||||
def get_init_version(abs_path=None):
|
||||
"""Get the initial version of a migrate repository
|
||||
"""Get the initial version of a migrate repository.
|
||||
|
||||
:param abs_path: Absolute path to migrate repository.
|
||||
:return: initial version number or None, if DB is empty.
|
||||
|
|
|
@ -65,7 +65,7 @@ def resource_uuid(value):
|
|||
|
||||
|
||||
def flatten_dict(d, parent_key=''):
|
||||
"""Flatten a nested dictionary
|
||||
"""Flatten a nested dictionary.
|
||||
|
||||
Converts a dictionary with nested values to a single level flat
|
||||
dictionary, with dotted notation for each key.
|
||||
|
@ -217,7 +217,7 @@ def convert_v3_to_ec2_credential(credential):
|
|||
|
||||
|
||||
def unixtime(dt_obj):
|
||||
"""Format datetime object as unix timestamp
|
||||
"""Format datetime object as unix timestamp.
|
||||
|
||||
:param dt_obj: datetime.datetime object
|
||||
:returns: float
|
||||
|
@ -571,7 +571,7 @@ def list_url_unsafe_chars(name):
|
|||
|
||||
|
||||
def lower_case_hostname(url):
|
||||
"""Change the URL's hostname to lowercase"""
|
||||
"""Change the URL's hostname to lowercase."""
|
||||
# NOTE(gyee): according to
|
||||
# https://www.w3.org/TR/WD-html40-970708/htmlweb.html, the netloc portion
|
||||
# of the URL is case-insensitive
|
||||
|
|
|
@ -153,7 +153,7 @@ class BaseApplication(object):
|
|||
return cls(**local_config)
|
||||
|
||||
def __call__(self, environ, start_response):
|
||||
r"""Provide subclasses how to implement __call__, probably like this:
|
||||
r"""Provide subclasses how to implement __call__, probably like this.
|
||||
|
||||
@webob.dec.wsgify()
|
||||
def __call__(self, req):
|
||||
|
|
|
@ -66,7 +66,7 @@ class Manager(manager.Manager):
|
|||
driver=CONF.federation.driver)
|
||||
|
||||
def get_enabled_service_providers(self):
|
||||
"""List enabled service providers for Service Catalog
|
||||
"""List enabled service providers for Service Catalog.
|
||||
|
||||
Service Provider in a catalog contains three attributes: ``id``,
|
||||
``auth_url``, ``sp_url``, where:
|
||||
|
@ -409,7 +409,7 @@ class FederationDriverBase(object):
|
|||
raise exception.NotImplemented() # pragma: no cover
|
||||
|
||||
def get_enabled_service_providers(self):
|
||||
"""List enabled service providers for Service Catalog
|
||||
"""List enabled service providers for Service Catalog.
|
||||
|
||||
Service Provider in a catalog contains three attributes: ``id``,
|
||||
``auth_url``, ``sp_url``, where:
|
||||
|
|
|
@ -346,7 +346,7 @@ def validate_groups(group_ids, mapping_id, identity_api):
|
|||
# backend are minimized.
|
||||
def transform_to_group_ids(group_names, mapping_id,
|
||||
identity_api, resource_api):
|
||||
"""Transform groups identified by name/domain to their ids
|
||||
"""Transform groups identified by name/domain to their ids.
|
||||
|
||||
Function accepts list of groups identified by a name and domain giving
|
||||
a list of group ids in return.
|
||||
|
|
|
@ -224,7 +224,7 @@ class IdentityDriverV8(object):
|
|||
|
||||
@abc.abstractmethod
|
||||
def list_groups_for_user(self, user_id, hints):
|
||||
"""List groups a user is in
|
||||
"""List groups a user is in.
|
||||
|
||||
:param user_id: the user in question
|
||||
:param hints: filter hints which the driver should
|
||||
|
|
|
@ -165,7 +165,7 @@ class DomainConfigs(dict):
|
|||
def _load_config_from_database(self, domain_id, specific_config):
|
||||
|
||||
def _assert_no_more_than_one_sql_driver(domain_id, new_config):
|
||||
"""Ensure adding driver doesn't push us over the limit of 1
|
||||
"""Ensure adding driver doesn't push us over the limit of 1.
|
||||
|
||||
The checks we make in this method need to take into account that
|
||||
we may be in a multiple process configuration and ensure that
|
||||
|
@ -777,7 +777,7 @@ class Manager(manager.Manager):
|
|||
hints.add_filter('domain_id', domain_id)
|
||||
|
||||
def _set_list_limit_in_hints(self, hints, driver):
|
||||
"""Set list limit in hints from driver
|
||||
"""Set list limit in hints from driver.
|
||||
|
||||
If a hints list is provided, the wrapper will insert the relevant
|
||||
limit into the hints so that the underlying driver call can try and
|
||||
|
|
|
@ -25,7 +25,7 @@ class ShadowUsersDriverV9(object):
|
|||
|
||||
@abc.abstractmethod
|
||||
def create_federated_user(self, federated_dict):
|
||||
"""Create a new user with the federated identity
|
||||
"""Create a new user with the federated identity.
|
||||
|
||||
:param dict federated_dict: Reference to the federated user
|
||||
:param user_id: user ID for linking to the federated identity
|
||||
|
@ -36,7 +36,7 @@ class ShadowUsersDriverV9(object):
|
|||
|
||||
@abc.abstractmethod
|
||||
def get_federated_user(self, idp_id, protocol_id, unique_id):
|
||||
"""Return the found user for the federated identity
|
||||
"""Return the found user for the federated identity.
|
||||
|
||||
:param idp_id: The identity provider ID
|
||||
:param protocol_id: The federation protocol ID
|
||||
|
@ -49,7 +49,7 @@ class ShadowUsersDriverV9(object):
|
|||
@abc.abstractmethod
|
||||
def update_federated_user_display_name(self, idp_id, protocol_id,
|
||||
unique_id, display_name):
|
||||
"""Update federated user's display name if changed
|
||||
"""Update federated user's display name if changed.
|
||||
|
||||
:param idp_id: The identity provider ID
|
||||
:param protocol_id: The federation protocol ID
|
||||
|
|
|
@ -38,7 +38,7 @@ class ShadowUsers(base.ShadowUsersDriverV9):
|
|||
return identity_base.filter_user(user_ref.to_dict())
|
||||
|
||||
def _get_federated_user(self, idp_id, protocol_id, unique_id):
|
||||
"""Return the found user for the federated identity
|
||||
"""Return the found user for the federated identity.
|
||||
|
||||
:param idp_id: The identity provider ID
|
||||
:param protocol_id: The federation protocol ID
|
||||
|
|
|
@ -127,7 +127,7 @@ def attr_keys(event):
|
|||
|
||||
|
||||
class RevokeTree(object):
|
||||
"""Fast Revocation Checking Tree Structure
|
||||
"""Fast Revocation Checking Tree Structure.
|
||||
|
||||
The Tree is an index to quickly match tokens against events.
|
||||
Each node is a hashtable of key=value combinations from revocation events.
|
||||
|
@ -160,7 +160,7 @@ class RevokeTree(object):
|
|||
return event
|
||||
|
||||
def remove_event(self, event):
|
||||
"""Update the tree based on the removal of a Revocation Event
|
||||
"""Update the tree based on the removal of a Revocation Event.
|
||||
|
||||
Removes empty nodes from the tree from the leaf back to the root.
|
||||
|
||||
|
@ -192,7 +192,7 @@ class RevokeTree(object):
|
|||
|
||||
@staticmethod
|
||||
def _next_level_keys(name, token_data):
|
||||
"""Generate keys based on current field name and token data
|
||||
"""Generate keys based on current field name and token data.
|
||||
|
||||
Generate all keys to look for in the next iteration of revocation
|
||||
event tree traversal.
|
||||
|
@ -211,7 +211,7 @@ class RevokeTree(object):
|
|||
yield token_data[alt_name]
|
||||
|
||||
def _search(self, revoke_map, names, token_data):
|
||||
"""Search for revocation event by token_data
|
||||
"""Search for revocation event by token_data.
|
||||
|
||||
Traverse the revocation events tree looking for event matching token
|
||||
data issued after the token.
|
||||
|
@ -236,7 +236,7 @@ class RevokeTree(object):
|
|||
return False
|
||||
|
||||
def is_revoked(self, token_data):
|
||||
"""Check if a token matches the revocation event
|
||||
"""Check if a token matches the revocation event.
|
||||
|
||||
Compare the values for each level of the tree with the values from
|
||||
the token, accounting for attributes that have alternative
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
"""Notifications module for OpenStack Identity Service resources"""
|
||||
"""Notifications module for OpenStack Identity Service resources."""
|
||||
|
||||
import collections
|
||||
import functools
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
"""Policy engine for keystone"""
|
||||
"""Policy engine for keystone."""
|
||||
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log
|
||||
|
|
|
@ -106,7 +106,7 @@ class Manager(manager.Manager):
|
|||
_('Max hierarchy depth reached for %s branch.') % project_id)
|
||||
|
||||
def _assert_is_domain_project_constraints(self, project_ref):
|
||||
"""Enforce specific constraints of projects that act as domains
|
||||
"""Enforce specific constraints of projects that act as domains.
|
||||
|
||||
Called when is_domain is true, this method ensures that:
|
||||
|
||||
|
@ -130,7 +130,7 @@ class Manager(manager.Manager):
|
|||
'domains.'))
|
||||
|
||||
def _assert_regular_project_constraints(self, project_ref):
|
||||
"""Enforce regular project hierarchy constraints
|
||||
"""Enforce regular project hierarchy constraints.
|
||||
|
||||
Called when is_domain is false. The project must contain a valid
|
||||
domain_id and parent_id. The goal of this method is to check
|
||||
|
@ -1675,7 +1675,7 @@ class DomainConfigManager(manager.Manager):
|
|||
return config
|
||||
|
||||
def create_config(self, domain_id, config):
|
||||
"""Create config for a domain
|
||||
"""Create config for a domain.
|
||||
|
||||
:param domain_id: the domain in question
|
||||
:param config: the dict of config groups/options to assign to the
|
||||
|
@ -1700,7 +1700,7 @@ class DomainConfigManager(manager.Manager):
|
|||
return self._list_to_config(self.list_config_options(domain_id))
|
||||
|
||||
def get_config(self, domain_id, group=None, option=None):
|
||||
"""Get config, or partial config, for a domain
|
||||
"""Get config, or partial config, for a domain.
|
||||
|
||||
:param domain_id: the domain in question
|
||||
:param group: an optional specific group of options
|
||||
|
@ -1742,7 +1742,7 @@ class DomainConfigManager(manager.Manager):
|
|||
domain_id=domain_id, group_or_option=msg)
|
||||
|
||||
def update_config(self, domain_id, config, group=None, option=None):
|
||||
"""Update config, or partial config, for a domain
|
||||
"""Update config, or partial config, for a domain.
|
||||
|
||||
:param domain_id: the domain in question
|
||||
:param config: the config dict containing and groups/options being
|
||||
|
@ -1950,7 +1950,7 @@ class DomainConfigManager(manager.Manager):
|
|||
return self._get_config_with_sensitive_info(domain_id)
|
||||
|
||||
def get_config_default(self, group=None, option=None):
|
||||
"""Get default config, or partial default config
|
||||
"""Get default config, or partial default config.
|
||||
|
||||
:param group: an optional specific group of options
|
||||
:param option: an optional specific option within the group
|
||||
|
|
|
@ -213,7 +213,7 @@ class Manager(manager.Manager):
|
|||
return revoke_tree
|
||||
|
||||
def check_token(self, token_values):
|
||||
"""Check the values from a token against the revocation list
|
||||
"""Check the values from a token against the revocation list.
|
||||
|
||||
:param token_values: dictionary of values from a token, normalized for
|
||||
differences between v2 and v3. The checked values
|
||||
|
@ -236,7 +236,7 @@ class RevokeDriverV8(object):
|
|||
|
||||
@abc.abstractmethod
|
||||
def list_events(self, last_fetch=None):
|
||||
"""return the revocation events, as a list of objects
|
||||
"""return the revocation events, as a list of objects.
|
||||
|
||||
:param last_fetch: Time of last fetch. Return all events newer.
|
||||
:returns: A list of keystone.revoke.model.RevokeEvent
|
||||
|
@ -249,7 +249,7 @@ class RevokeDriverV8(object):
|
|||
|
||||
@abc.abstractmethod
|
||||
def revoke(self, event):
|
||||
"""register a revocation event
|
||||
"""register a revocation event.
|
||||
|
||||
:param event: An instance of
|
||||
keystone.revoke.model.RevocationEvent
|
||||
|
|
|
@ -50,7 +50,7 @@ class BaseTestCase(testtools.TestCase, common_auth.AuthTestMixin):
|
|||
return headers
|
||||
|
||||
def get_scoped_token_response(self, user):
|
||||
"""Convenience method so that we can test authenticated requests
|
||||
"""Convenience method so that we can test authenticated requests.
|
||||
|
||||
:param user: A dictionary with user information like 'username',
|
||||
'password', 'domain_id'
|
||||
|
@ -65,7 +65,7 @@ class BaseTestCase(testtools.TestCase, common_auth.AuthTestMixin):
|
|||
json=body)
|
||||
|
||||
def get_scoped_token(self, user):
|
||||
"""Convenience method for getting scoped token
|
||||
"""Convenience method for getting scoped token.
|
||||
|
||||
This method doesn't do any token validaton.
|
||||
|
||||
|
|
|
@ -227,7 +227,7 @@ class CheckForLoggingIssues(BaseASTChecker):
|
|||
return None
|
||||
|
||||
def visit_Assign(self, node):
|
||||
"""Look for 'LOG = logging.getLogger'
|
||||
"""Look for 'LOG = logging.getLogger'.
|
||||
|
||||
This handles the simple case:
|
||||
name = [logging_module].getLogger(...)
|
||||
|
|
|
@ -2532,7 +2532,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
|
|||
self.execute_assignment_plan(test_plan)
|
||||
|
||||
def _test_crud_inherited_and_direct_assignment(self, **kwargs):
|
||||
"""Test inherited and direct assignments for the actor and target
|
||||
"""Test inherited and direct assignments for the actor and target.
|
||||
|
||||
Ensure it is possible to create both inherited and direct role
|
||||
assignments for the same actor on the same target. The actor and the
|
||||
|
@ -3195,7 +3195,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
|
|||
test_plan_with_os_inherit_disabled, test_data)
|
||||
|
||||
def test_list_assignments_for_tree(self):
|
||||
"""Test we correctly list direct assignments for a tree"""
|
||||
"""Test we correctly list direct assignments for a tree."""
|
||||
# Enable OS-INHERIT extension
|
||||
self.config_fixture.config(group='os_inherit', enabled=True)
|
||||
|
||||
|
@ -3244,7 +3244,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
|
|||
self.execute_assignment_plan(test_plan)
|
||||
|
||||
def test_list_effective_assignments_for_tree(self):
|
||||
"""Test we correctly list effective assignments for a tree"""
|
||||
"""Test we correctly list effective assignments for a tree."""
|
||||
# Enable OS-INHERIT extension
|
||||
self.config_fixture.config(group='os_inherit', enabled=True)
|
||||
|
||||
|
@ -3378,7 +3378,7 @@ class InheritanceTests(AssignmentTestHelperMixin):
|
|||
self.execute_assignment_plan(test_plan)
|
||||
|
||||
def test_list_effective_assignments_for_tree_with_domain_assignments(self):
|
||||
"""Test we correctly honor domain inherited assignments on the tree"""
|
||||
"""Test we correctly honor domain inherited assignments on the tree."""
|
||||
# Enable OS-INHERIT extension
|
||||
self.config_fixture.config(group='os_inherit', enabled=True)
|
||||
|
||||
|
|
|
@ -38,7 +38,7 @@ class FederatedIdentityProviderTestsV8(
|
|||
self.useV8driver()
|
||||
|
||||
def test_create_idp_remote_repeated(self):
|
||||
"""Create two IdentityProvider entities with some remote_ids
|
||||
"""Create two IdentityProvider entities with some remote_ids.
|
||||
|
||||
A remote_id is the same for both so the second IdP is not
|
||||
created because of the uniqueness of the remote_ids
|
||||
|
|
|
@ -409,7 +409,7 @@ class MappingRuleEngineTests(unit.BaseTestCase):
|
|||
self.assertEqual([], mapped_properties['group_ids'])
|
||||
|
||||
def test_rule_engine_whitelist_direct_group_mapping_missing_domain(self):
|
||||
"""Test if the local rule is rejected upon missing domain value
|
||||
"""Test if the local rule is rejected upon missing domain value.
|
||||
|
||||
This is a variation with a ``whitelist`` filter.
|
||||
|
||||
|
@ -420,7 +420,7 @@ class MappingRuleEngineTests(unit.BaseTestCase):
|
|||
self.assertRaises(exception.ValidationError, rp.process, assertion)
|
||||
|
||||
def test_rule_engine_blacklist_direct_group_mapping_missing_domain(self):
|
||||
"""Test if the local rule is rejected upon missing domain value
|
||||
"""Test if the local rule is rejected upon missing domain value.
|
||||
|
||||
This is a variation with a ``blacklist`` filter.
|
||||
|
||||
|
@ -623,7 +623,7 @@ class MappingRuleEngineTests(unit.BaseTestCase):
|
|||
assertion)
|
||||
|
||||
def test_rule_engine_group_ids_mapping_whitelist(self):
|
||||
"""Test mapping engine when group_ids is explicitly set
|
||||
"""Test mapping engine when group_ids is explicitly set.
|
||||
|
||||
Also test whitelists on group ids
|
||||
|
||||
|
|
|
@ -566,7 +566,7 @@ class FakeLdap(core.LDAPHandler):
|
|||
|
||||
def result3(self, msgid=ldap.RES_ANY, all=1, timeout=None,
|
||||
resp_ctrl_classes=None):
|
||||
"""Execute async request
|
||||
"""Execute async request.
|
||||
|
||||
Only msgid param is supported. Request info is fetched from global
|
||||
variable `PendingRequests` by msgid, executed using search_s and
|
||||
|
@ -638,7 +638,7 @@ class FakeLdapPool(FakeLdap):
|
|||
|
||||
|
||||
class FakeLdapNoSubtreeDelete(FakeLdap):
|
||||
"""FakeLdap subclass that does not support subtree delete
|
||||
"""FakeLdap subclass that does not support subtree delete.
|
||||
|
||||
Same as FakeLdap except delete will throw the LDAP error
|
||||
ldap.NOT_ALLOWED_ON_NONLEAF if there is an attempt to delete
|
||||
|
|
|
@ -99,7 +99,7 @@ class FilterTests(object):
|
|||
|
||||
def _create_test_data(self, entity_type, number, domain_id=None,
|
||||
name_dict=None):
|
||||
"""Create entity test data
|
||||
"""Create entity test data.
|
||||
|
||||
:param entity_type: type of entity to create, e.g. 'user', group' etc.
|
||||
:param number: number of entities to create,
|
||||
|
|
|
@ -874,7 +874,7 @@ class ResourceTests(object):
|
|||
self.assertEqual(1, len(parents))
|
||||
|
||||
def test_update_project_enabled_cascade(self):
|
||||
"""Test update_project_cascade
|
||||
"""Test update_project_cascade.
|
||||
|
||||
Ensures the enabled attribute is correctly updated across
|
||||
a simple 3-level projects hierarchy.
|
||||
|
|
|
@ -54,7 +54,7 @@ class EndpointFilterDeprecateTestCase(test_v3.RestfulTestCase):
|
|||
class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
||||
|
||||
def test_create_endpoint_project_association(self):
|
||||
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
|
||||
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
|
||||
|
||||
Valid endpoint and project id test case.
|
||||
|
||||
|
@ -62,7 +62,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
self.put(self.default_request_url)
|
||||
|
||||
def test_create_endpoint_project_association_with_invalid_project(self):
|
||||
"""PUT OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
|
||||
"""PUT OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
|
||||
|
||||
Invalid project id test case.
|
||||
|
||||
|
@ -74,7 +74,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_create_endpoint_project_association_with_invalid_endpoint(self):
|
||||
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
|
||||
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
|
||||
|
||||
Invalid endpoint id test case.
|
||||
|
||||
|
@ -86,7 +86,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_create_endpoint_project_association_with_unexpected_body(self):
|
||||
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
|
||||
"""PUT /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
|
||||
|
||||
Unexpected body in request. The body should be ignored.
|
||||
|
||||
|
@ -95,7 +95,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
body={'project_id': self.default_domain_project_id})
|
||||
|
||||
def test_check_endpoint_project_association(self):
|
||||
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
|
||||
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
|
||||
|
||||
Valid project and endpoint id test case.
|
||||
|
||||
|
@ -107,7 +107,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
'endpoint_id': self.endpoint_id})
|
||||
|
||||
def test_check_endpoint_project_association_with_invalid_project(self):
|
||||
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
|
||||
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
|
||||
|
||||
Invalid project id test case.
|
||||
|
||||
|
@ -120,7 +120,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_check_endpoint_project_association_with_invalid_endpoint(self):
|
||||
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
|
||||
"""HEAD /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
|
||||
|
||||
Invalid endpoint id test case.
|
||||
|
||||
|
@ -133,7 +133,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_list_endpoints_associated_with_valid_project(self):
|
||||
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints
|
||||
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints.
|
||||
|
||||
Valid project and endpoint id test case.
|
||||
|
||||
|
@ -146,7 +146,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
resource_url=resource_url)
|
||||
|
||||
def test_list_endpoints_associated_with_invalid_project(self):
|
||||
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints
|
||||
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints.
|
||||
|
||||
Invalid project id test case.
|
||||
|
||||
|
@ -157,7 +157,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_list_projects_associated_with_endpoint(self):
|
||||
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects
|
||||
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects.
|
||||
|
||||
Valid endpoint-project association test case.
|
||||
|
||||
|
@ -170,7 +170,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
resource_url=resource_url)
|
||||
|
||||
def test_list_projects_with_no_endpoint_project_association(self):
|
||||
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects
|
||||
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects.
|
||||
|
||||
Valid endpoint id but no endpoint-project associations test case.
|
||||
|
||||
|
@ -180,7 +180,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
self.assertValidProjectListResponse(r, expected_length=0)
|
||||
|
||||
def test_list_projects_associated_with_invalid_endpoint(self):
|
||||
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects
|
||||
"""GET /OS-EP-FILTER/endpoints/{endpoint_id}/projects.
|
||||
|
||||
Invalid endpoint id test case.
|
||||
|
||||
|
@ -190,7 +190,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_remove_endpoint_project_association(self):
|
||||
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
|
||||
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
|
||||
|
||||
Valid project id and endpoint id test case.
|
||||
|
||||
|
@ -202,7 +202,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
'endpoint_id': self.endpoint_id})
|
||||
|
||||
def test_remove_endpoint_project_association_with_invalid_project(self):
|
||||
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
|
||||
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
|
||||
|
||||
Invalid project id test case.
|
||||
|
||||
|
@ -215,7 +215,7 @@ class EndpointFilterCRUDTestCase(EndpointFilterTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_remove_endpoint_project_association_with_invalid_endpoint(self):
|
||||
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}
|
||||
"""DELETE /OS-EP-FILTER/projects/{project_id}/endpoints/{endpoint_id}.
|
||||
|
||||
Invalid endpoint id test case.
|
||||
|
||||
|
@ -698,7 +698,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
DEFAULT_ENDPOINT_GROUP_URL = '/OS-EP-FILTER/endpoint_groups'
|
||||
|
||||
def test_create_endpoint_group(self):
|
||||
"""POST /OS-EP-FILTER/endpoint_groups
|
||||
"""POST /OS-EP-FILTER/endpoint_groups.
|
||||
|
||||
Valid endpoint group test case.
|
||||
|
||||
|
@ -719,7 +719,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
'endpoint_group_id': r.result['endpoint_group']['id']}))
|
||||
|
||||
def test_create_invalid_endpoint_group(self):
|
||||
"""POST /OS-EP-FILTER/endpoint_groups
|
||||
"""POST /OS-EP-FILTER/endpoint_groups.
|
||||
|
||||
Invalid endpoint group creation test case.
|
||||
|
||||
|
@ -731,7 +731,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
expected_status=http_client.BAD_REQUEST)
|
||||
|
||||
def test_get_endpoint_group(self):
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
|
||||
|
||||
Valid endpoint group test case.
|
||||
|
||||
|
@ -755,7 +755,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
matchers.EndsWith(url))
|
||||
|
||||
def test_get_invalid_endpoint_group(self):
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
|
||||
|
||||
Invalid endpoint group test case.
|
||||
|
||||
|
@ -766,7 +766,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
self.get(url, expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_check_endpoint_group(self):
|
||||
"""HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}
|
||||
"""HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}.
|
||||
|
||||
Valid endpoint_group_id test case.
|
||||
|
||||
|
@ -779,7 +779,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
self.head(url, expected_status=http_client.OK)
|
||||
|
||||
def test_check_invalid_endpoint_group(self):
|
||||
"""HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}
|
||||
"""HEAD /OS-EP-FILTER/endpoint_groups/{endpoint_group_id}.
|
||||
|
||||
Invalid endpoint_group_id test case.
|
||||
|
||||
|
@ -790,7 +790,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
self.head(url, expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_patch_endpoint_group(self):
|
||||
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}
|
||||
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
|
||||
|
||||
Valid endpoint group patch test case.
|
||||
|
||||
|
@ -812,7 +812,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
matchers.EndsWith(url))
|
||||
|
||||
def test_patch_nonexistent_endpoint_group(self):
|
||||
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}
|
||||
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
|
||||
|
||||
Invalid endpoint group patch test case.
|
||||
|
||||
|
@ -827,7 +827,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
self.patch(url, body=body, expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_patch_invalid_endpoint_group(self):
|
||||
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}
|
||||
"""PATCH /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
|
||||
|
||||
Valid endpoint group patch test case.
|
||||
|
||||
|
@ -859,7 +859,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
self.assertDictEqual(self.DEFAULT_ENDPOINT_GROUP_BODY, r.result)
|
||||
|
||||
def test_delete_endpoint_group(self):
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
|
||||
|
||||
Valid endpoint group test case.
|
||||
|
||||
|
@ -873,7 +873,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
self.get(url, expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_delete_invalid_endpoint_group(self):
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}.
|
||||
|
||||
Invalid endpoint group test case.
|
||||
|
||||
|
@ -1003,7 +1003,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
r.result['endpoint_groups'][0].get('id'))
|
||||
|
||||
def test_list_projects_associated_with_endpoint_group(self):
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/projects.
|
||||
|
||||
Valid endpoint group test case.
|
||||
|
||||
|
@ -1023,7 +1023,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
self.get(url)
|
||||
|
||||
def test_list_endpoints_associated_with_endpoint_group(self):
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/endpoints
|
||||
"""GET /OS-EP-FILTER/endpoint_groups/{endpoint_group}/endpoints.
|
||||
|
||||
Valid endpoint group test case.
|
||||
|
||||
|
@ -1061,7 +1061,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
|
|||
self.assertEqual(endpoint_id, r.result['endpoints'][0].get('id'))
|
||||
|
||||
def test_list_endpoints_associated_with_project_endpoint_group(self):
|
||||
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints
|
||||
"""GET /OS-EP-FILTER/projects/{project_id}/endpoints.
|
||||
|
||||
Valid project, endpoint id, and endpoint group test case.
|
||||
|
||||
|
|
|
@ -894,7 +894,7 @@ class SqlFilterTests(SqlTests, identity_tests.FilterTests):
|
|||
self.assertFalse(hints.get_exact_filter_by_name('domain_id'))
|
||||
|
||||
def test_filter_sql_injection_attack(self):
|
||||
"""Test against sql injection attack on filters
|
||||
"""Test against sql injection attack on filters.
|
||||
|
||||
Test Plan:
|
||||
- Attempt to get all entities back by passing a two-term attribute
|
||||
|
|
|
@ -613,7 +613,7 @@ class TestCacheRegionInit(unit.TestCase):
|
|||
backing_store=self.kvs_backend)
|
||||
|
||||
def test_kvs_configure_called_twice(self):
|
||||
"""Check if configure() is called again"""
|
||||
"""Check if configure() is called again."""
|
||||
target = core.KeyValueStore
|
||||
with mock.patch.object(target, 'configure') as configure_mock:
|
||||
store = core.get_key_value_store(self.store_name)
|
||||
|
|
|
@ -12,6 +12,8 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
"""
|
||||
Test SQL migration extensions.
|
||||
|
||||
To run these tests against a live database:
|
||||
|
||||
1. Modify the file `keystone/tests/unit/config_files/backend_sql.conf` to use
|
||||
|
|
|
@ -12,6 +12,8 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
"""
|
||||
Test for SQL migration extensions.
|
||||
|
||||
To run these tests against a live database:
|
||||
|
||||
1. Modify the file ``keystone/tests/unit/config_files/backend_sql.conf`` to use
|
||||
|
|
|
@ -444,7 +444,7 @@ class CoreApiTests(object):
|
|||
raise NotImplementedError()
|
||||
|
||||
def assertNoRoles(self, r):
|
||||
"""Helper method to assert No Roles
|
||||
"""Helper method to assert No Roles.
|
||||
|
||||
This needs to be overridden by child classes
|
||||
based on their content type.
|
||||
|
|
|
@ -1464,7 +1464,7 @@ class AuthContextMiddlewareTestCase(RestfulTestCase):
|
|||
|
||||
|
||||
class JsonHomeTestMixin(object):
|
||||
"""JSON Home test
|
||||
"""JSON Home test.
|
||||
|
||||
Mixin this class to provide a test for the JSON-Home response for an
|
||||
extension.
|
||||
|
|
|
@ -305,7 +305,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
|
|||
self.head(member_url, expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_token_revoked_once_group_role_grant_revoked(self):
|
||||
"""Test token is revoked when group role grant is revoked
|
||||
"""Test token is revoked when group role grant is revoked.
|
||||
|
||||
When a role granted to a group is revoked for a given scope,
|
||||
all tokens related to this scope and belonging to one of the members
|
||||
|
@ -2779,7 +2779,7 @@ class DomainSpecificRoleTests(test_v3.RestfulTestCase, unit.TestCase):
|
|||
|
||||
|
||||
class ListUserProjectsTestCase(test_v3.RestfulTestCase):
|
||||
"""Test for /users/<user>/projects"""
|
||||
"""Test for /users/<user>/projects."""
|
||||
|
||||
def load_sample_data(self):
|
||||
# do not load base class's data, keep it focused on the tests
|
||||
|
|
|
@ -3582,7 +3582,7 @@ class TestTrustOptional(test_v3.RestfulTestCase):
|
|||
|
||||
|
||||
class TrustAPIBehavior(test_v3.RestfulTestCase):
|
||||
"""Redelegation valid and secure
|
||||
"""Redelegation valid and secure.
|
||||
|
||||
Redelegation is a hierarchical structure of trusts between initial trustor
|
||||
and a group of users allowed to impersonate trustor and act in his name.
|
||||
|
|
|
@ -47,7 +47,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
self.assertEqual(self.config, res)
|
||||
|
||||
def test_create_config_invalid_domain(self):
|
||||
"""Call ``PUT /domains/{domain_id}/config``
|
||||
"""Call ``PUT /domains/{domain_id}/config``.
|
||||
|
||||
While creating Identity API-based domain config with an invalid domain
|
||||
id provided, the request shall be rejected with a response, 404 domain
|
||||
|
@ -60,7 +60,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
expected_status=exception.DomainNotFound.code)
|
||||
|
||||
def test_create_config_twice(self):
|
||||
"""Check multiple creates don't throw error"""
|
||||
"""Check multiple creates don't throw error."""
|
||||
self.put('/domains/%(domain_id)s/config' % {
|
||||
'domain_id': self.domain['id']},
|
||||
body={'config': self.config},
|
||||
|
@ -80,7 +80,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
expected_status=exception.DomainConfigNotFound.code)
|
||||
|
||||
def test_delete_config_invalid_domain(self):
|
||||
"""Call ``DELETE /domains{domain_id}/config``
|
||||
"""Call ``DELETE /domains{domain_id}/config``.
|
||||
|
||||
While deleting Identity API-based domain config with an invalid domain
|
||||
id provided, the request shall be rejected with a response, 404 domain
|
||||
|
@ -101,7 +101,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
self.assertNotIn('ldap', res)
|
||||
|
||||
def test_delete_config_by_group_invalid_domain(self):
|
||||
"""Call ``DELETE /domains{domain_id}/config/{group}``
|
||||
"""Call ``DELETE /domains{domain_id}/config/{group}``.
|
||||
|
||||
While deleting Identity API-based domain config by group with an
|
||||
invalid domain id provided, the request shall be rejected with a
|
||||
|
@ -132,7 +132,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
self.head(url, expected_status=http_client.OK)
|
||||
|
||||
def test_get_config_by_group_invalid_domain(self):
|
||||
"""Call ``GET & HEAD /domains{domain_id}/config/{group}``
|
||||
"""Call ``GET & HEAD /domains{domain_id}/config/{group}``.
|
||||
|
||||
While retrieving Identity API-based domain config by group with an
|
||||
invalid domain id provided, the request shall be rejected with a
|
||||
|
@ -155,7 +155,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
self.head(url, expected_status=http_client.OK)
|
||||
|
||||
def test_get_config_by_option_invalid_domain(self):
|
||||
"""Call ``GET & HEAD /domains{domain_id}/config/{group}/{option}``
|
||||
"""Call ``GET & HEAD /domains{domain_id}/config/{group}/{option}``.
|
||||
|
||||
While retrieving Identity API-based domain config by option with an
|
||||
invalid domain id provided, the request shall be rejected with a
|
||||
|
@ -174,7 +174,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_get_non_existant_config_invalid_domain(self):
|
||||
"""Call ``GET /domains{domain_id}/config when no config defined``
|
||||
"""Call ``GET /domains{domain_id}/config when no config defined``.
|
||||
|
||||
While retrieving non-existent Identity API-based domain config with an
|
||||
invalid domain id provided, the request shall be rejected with a
|
||||
|
@ -194,7 +194,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_get_non_existant_config_group_invalid_domain(self):
|
||||
"""Call ``GET /domains{domain_id}/config/{group_not_exist}``
|
||||
"""Call ``GET /domains{domain_id}/config/{group_not_exist}``.
|
||||
|
||||
While retrieving non-existent Identity API-based domain config group
|
||||
with an invalid domain id provided, the request shall be rejected with
|
||||
|
@ -216,7 +216,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_get_non_existant_config_option_invalid_domain(self):
|
||||
"""Call ``GET /domains{domain_id}/config/group/{option_not_exist}``
|
||||
"""Call ``GET /domains{domain_id}/config/group/{option_not_exist}``.
|
||||
|
||||
While retrieving non-existent Identity API-based domain config option
|
||||
with an invalid domain id provided, the request shall be rejected with
|
||||
|
@ -246,7 +246,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
self.assertEqual(expected_config, res)
|
||||
|
||||
def test_update_config_invalid_domain(self):
|
||||
"""Call ``PATCH /domains/{domain_id}/config``
|
||||
"""Call ``PATCH /domains/{domain_id}/config``.
|
||||
|
||||
While updating Identity API-based domain config with an invalid domain
|
||||
id provided, the request shall be rejected with a response, 404 domain
|
||||
|
@ -278,7 +278,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
self.assertEqual(expected_config, res)
|
||||
|
||||
def test_update_config_group_invalid_domain(self):
|
||||
"""Call ``PATCH /domains/{domain_id}/config/{group}``
|
||||
"""Call ``PATCH /domains/{domain_id}/config/{group}``.
|
||||
|
||||
While updating Identity API-based domain config group with an invalid
|
||||
domain id provided, the request shall be rejected with a response,
|
||||
|
@ -317,7 +317,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_update_config_invalid_group_invalid_domain(self):
|
||||
"""Call ``PATCH /domains/{domain_id}/config/{invalid_group}``
|
||||
"""Call ``PATCH /domains/{domain_id}/config/{invalid_group}``.
|
||||
|
||||
While updating Identity API-based domain config with an invalid group
|
||||
and an invalid domain id provided, the request shall be rejected
|
||||
|
@ -348,7 +348,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
self.assertEqual(expected_config, res)
|
||||
|
||||
def test_update_config_option_invalid_domain(self):
|
||||
"""Call ``PATCH /domains/{domain_id}/config/{group}/{option}``
|
||||
"""Call ``PATCH /domains/{domain_id}/config/{group}/{option}``.
|
||||
|
||||
While updating Identity API-based domain config option with an invalid
|
||||
domain id provided, the request shall be rejected with a response, 404
|
||||
|
@ -385,7 +385,7 @@ class DomainConfigTestCase(test_v3.RestfulTestCase):
|
|||
expected_status=http_client.NOT_FOUND)
|
||||
|
||||
def test_update_config_invalid_option_invalid_domain(self):
|
||||
"""Call ``PATCH /domains/{domain_id}/config/{group}/{invalid}``
|
||||
"""Call ``PATCH /domains/{domain_id}/config/{group}/{invalid}``.
|
||||
|
||||
While updating Identity API-based domain config with an invalid option
|
||||
and an invalid domain id provided, the request shall be rejected
|
||||
|
|
|
@ -879,7 +879,7 @@ class FederatedIdentityProviderTests(test_v3.RestfulTestCase):
|
|||
ref=body)
|
||||
|
||||
def test_create_idp_remote_repeated(self):
|
||||
"""Create two IdentityProvider entities with some remote_ids
|
||||
"""Create two IdentityProvider entities with some remote_ids.
|
||||
|
||||
A remote_id is the same for both so the second IdP is not
|
||||
created because of the uniqueness of the remote_ids
|
||||
|
@ -1219,7 +1219,7 @@ class FederatedIdentityProviderTests(test_v3.RestfulTestCase):
|
|||
expected_status=http_client.BAD_REQUEST)
|
||||
|
||||
def test_update_nonexistent_idp(self):
|
||||
"""Update nonexistent IdP
|
||||
"""Update nonexistent IdP.
|
||||
|
||||
Expect HTTP 404 Not Found code.
|
||||
|
||||
|
@ -1524,7 +1524,7 @@ class MappingCRUDTests(test_v3.RestfulTestCase):
|
|||
body={'mapping': mapping_fixtures.MAPPING_EXTRA_RULES_PROPS})
|
||||
|
||||
def test_create_mapping_with_blacklist_and_whitelist(self):
|
||||
"""Test for adding whitelist and blacklist in the rule
|
||||
"""Test for adding whitelist and blacklist in the rule.
|
||||
|
||||
Server should respond with HTTP 400 Bad Request error upon discovering
|
||||
both ``whitelist`` and ``blacklist`` keywords in the same rule.
|
||||
|
@ -2072,7 +2072,7 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin):
|
|||
scoped_token, expected_status=http_client.INTERNAL_SERVER_ERROR)
|
||||
|
||||
def test_lists_with_missing_group_in_backend(self):
|
||||
"""Test a mapping that points to a group that does not exist
|
||||
"""Test a mapping that points to a group that does not exist.
|
||||
|
||||
For explicit mappings, we expect the group to exist in the backend,
|
||||
but for lists, specifically blacklists, a missing group is expected
|
||||
|
@ -2125,7 +2125,7 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin):
|
|||
self.federation_api.update_mapping(self.mapping['id'], rules)
|
||||
|
||||
def test_empty_blacklist_passess_all_values(self):
|
||||
"""Test a mapping with empty blacklist specified
|
||||
"""Test a mapping with empty blacklist specified.
|
||||
|
||||
Not adding a ``blacklist`` keyword to the mapping rules has the same
|
||||
effect as adding an empty ``blacklist``.
|
||||
|
@ -2272,7 +2272,7 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin):
|
|||
self.assertIn(group['id'], group_ids)
|
||||
|
||||
def test_empty_whitelist_discards_all_values(self):
|
||||
"""Test that empty whitelist blocks all the values
|
||||
"""Test that empty whitelist blocks all the values.
|
||||
|
||||
Not adding a ``whitelist`` keyword to the mapping value is different
|
||||
than adding empty whitelist. The former case will simply pass all the
|
||||
|
@ -2334,7 +2334,7 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin):
|
|||
assertion='UNMATCHED_GROUP_ASSERTION')
|
||||
|
||||
def test_not_setting_whitelist_accepts_all_values(self):
|
||||
"""Test that not setting whitelist passes
|
||||
"""Test that not setting whitelist passes.
|
||||
|
||||
Not adding a ``whitelist`` keyword to the mapping value is different
|
||||
than adding empty whitelist. The former case will simply pass all the
|
||||
|
@ -2582,7 +2582,7 @@ class FederatedTokenTestsMethodToken(FederatedTokenTests):
|
|||
|
||||
|
||||
class FederatedUserTests(test_v3.RestfulTestCase, FederatedSetupMixin):
|
||||
"""Test for federated users
|
||||
"""Test for federated users.
|
||||
|
||||
Tests new shadow users functionality
|
||||
|
||||
|
|
|
@ -95,7 +95,7 @@ class IdentityTestFilteredCase(filtering.FilterTests,
|
|||
policyfile.write(jsonutils.dumps(new_policy))
|
||||
|
||||
def test_list_users_filtered_by_domain(self):
|
||||
"""GET /users?domain_id=mydomain (filtered)
|
||||
"""GET /users?domain_id=mydomain (filtered).
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -113,7 +113,7 @@ class IdentityTestFilteredCase(filtering.FilterTests,
|
|||
self.assertIn(self.user3['id'], id_list)
|
||||
|
||||
def test_list_filtered_domains(self):
|
||||
"""GET /domains?enabled=0
|
||||
"""GET /domains?enabled=0.
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -156,7 +156,7 @@ class IdentityTestFilteredCase(filtering.FilterTests,
|
|||
self.assertIn(CONF.identity.default_domain_id, id_list)
|
||||
|
||||
def test_multiple_filters(self):
|
||||
"""GET /domains?enabled&name=myname
|
||||
"""GET /domains?enabled&name=myname.
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -176,7 +176,7 @@ class IdentityTestFilteredCase(filtering.FilterTests,
|
|||
self.assertIs(True, r.result.get('domains')[0]['enabled'])
|
||||
|
||||
def test_invalid_filter_is_ignored(self):
|
||||
"""GET /domains?enableds&name=myname
|
||||
"""GET /domains?enableds&name=myname.
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -199,7 +199,7 @@ class IdentityTestFilteredCase(filtering.FilterTests,
|
|||
self.assertIs(True, r.result.get('domains')[0]['enabled'])
|
||||
|
||||
def test_list_users_filtered_by_funny_name(self):
|
||||
"""GET /users?name=%myname%
|
||||
"""GET /users?name=%myname%.
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -283,7 +283,7 @@ class IdentityTestFilteredCase(filtering.FilterTests,
|
|||
self._delete_test_data('user', user_list)
|
||||
|
||||
def test_filter_sql_injection_attack(self):
|
||||
"""GET /users?name=<injected sql_statement>
|
||||
"""GET /users?name=<injected sql_statement>.
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -362,7 +362,7 @@ class IdentityTestListLimitCase(IdentityTestFilteredCase):
|
|||
self.policy_api.delete_policy(policy['id'])
|
||||
|
||||
def _test_entity_list_limit(self, entity, driver):
|
||||
"""GET /<entities> (limited)
|
||||
"""GET /<entities> (limited).
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
|
|
@ -814,7 +814,7 @@ class OAuthNotificationTests(OAuth1Tests,
|
|||
cadftaxonomy.SECURITY_ACCOUNT)
|
||||
|
||||
def test_oauth_flow_notifications(self):
|
||||
"""Test to ensure notifications are sent for oauth tokens
|
||||
"""Test to ensure notifications are sent for oauth tokens.
|
||||
|
||||
This test is very similar to test_oauth_flow, however
|
||||
there are additional checks in this test for ensuring that
|
||||
|
|
|
@ -113,7 +113,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase):
|
|||
policyfile.write(jsonutils.dumps(new_policy))
|
||||
|
||||
def test_list_users_unprotected(self):
|
||||
"""GET /users (unprotected)
|
||||
"""GET /users (unprotected).
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -130,7 +130,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase):
|
|||
self.assertIn(self.user3['id'], id_list)
|
||||
|
||||
def test_list_users_filtered_by_domain(self):
|
||||
"""GET /users?domain_id=mydomain (filtered)
|
||||
"""GET /users?domain_id=mydomain (filtered).
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -148,7 +148,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase):
|
|||
self.assertIn(self.user3['id'], id_list)
|
||||
|
||||
def test_get_user_protected_match_id(self):
|
||||
"""GET /users/{id} (match payload)
|
||||
"""GET /users/{id} (match payload).
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -168,7 +168,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase):
|
|||
self.assertEqual(self.user1['id'], r.result['user']['id'])
|
||||
|
||||
def test_get_user_protected_match_target(self):
|
||||
"""GET /users/{id} (match target)
|
||||
"""GET /users/{id} (match target).
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -200,7 +200,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase):
|
|||
expected_status=exception.UserNotFound.code)
|
||||
|
||||
def test_revoke_grant_protected_match_target(self):
|
||||
"""DELETE /domains/{id}/users/{id}/roles/{id} (match target)
|
||||
"""DELETE /domains/{id}/users/{id}/roles/{id} (match target).
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -239,7 +239,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase):
|
|||
self.delete(member_url, auth=self.auth)
|
||||
|
||||
def test_list_users_protected_by_domain(self):
|
||||
"""GET /users?domain_id=mydomain (protected)
|
||||
"""GET /users?domain_id=mydomain (protected).
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -270,7 +270,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase):
|
|||
expected_status=exception.ForbiddenAction.code)
|
||||
|
||||
def test_list_groups_protected_by_domain(self):
|
||||
"""GET /groups?domain_id=mydomain (protected)
|
||||
"""GET /groups?domain_id=mydomain (protected).
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
@ -301,7 +301,7 @@ class IdentityTestProtectedCase(test_v3.RestfulTestCase):
|
|||
expected_status=exception.ForbiddenAction.code)
|
||||
|
||||
def test_list_groups_protected_by_domain_and_filtered(self):
|
||||
"""GET /groups?domain_id=mydomain&name=myname (protected)
|
||||
"""GET /groups?domain_id=mydomain&name=myname (protected).
|
||||
|
||||
Test Plan:
|
||||
|
||||
|
|
|
@ -958,7 +958,7 @@ class ResourceTestCase(test_v3.RestfulTestCase,
|
|||
[p['id'] for p in r.result['projects']])
|
||||
|
||||
def test_list_project_is_domain_filter_default(self):
|
||||
"""Default project list should not see projects acting as domains"""
|
||||
"""Default project list should not see projects acting as domains."""
|
||||
# Get the initial count of regular projects
|
||||
r = self.get('/projects?is_domain=False', expected_status=200)
|
||||
number_is_domain_false = len(r.result['projects'])
|
||||
|
@ -1259,7 +1259,7 @@ class ResourceTestCase(test_v3.RestfulTestCase,
|
|||
expected_status=http_client.FORBIDDEN)
|
||||
|
||||
def test_delete_project(self):
|
||||
"""Call ``DELETE /projects/{project_id}``
|
||||
"""Call ``DELETE /projects/{project_id}``.
|
||||
|
||||
As well as making sure the delete succeeds, we ensure
|
||||
that any credentials that reference this projects are
|
||||
|
|
|
@ -306,7 +306,7 @@ class EntityValidationTestCase(unit.BaseTestCase):
|
|||
request_to_validate)
|
||||
|
||||
def test_create_entity_with_valid_email_validates(self):
|
||||
"""Validate email address
|
||||
"""Validate email address.
|
||||
|
||||
Test that we successfully validate properly formatted email
|
||||
addresses.
|
||||
|
@ -1025,7 +1025,7 @@ class ServiceValidationTestCase(unit.BaseTestCase):
|
|||
self.create_service_validator.validate(request_to_validate)
|
||||
|
||||
def test_validate_service_create_fails_with_invalid_enabled(self):
|
||||
"""Exception raised when boolean-like parameters as `enabled`
|
||||
"""Exception raised when boolean-like parameters as `enabled`.
|
||||
|
||||
On service create, make sure an exception is raised if `enabled` is
|
||||
not a boolean value.
|
||||
|
@ -2038,7 +2038,7 @@ class IdentityProviderValidationTestCase(unit.BaseTestCase):
|
|||
request_to_validate)
|
||||
|
||||
def test_validate_idp_request_remote_id_nullable(self):
|
||||
"""Test that `remote_ids` could be explicitly set to None"""
|
||||
"""Test that `remote_ids` could be explicitly set to None."""
|
||||
request_to_validate = {'remote_ids': None}
|
||||
self.create_idp_validator.validate(request_to_validate)
|
||||
self.update_idp_validator.validate(request_to_validate)
|
||||
|
|
|
@ -114,7 +114,7 @@ class Token(token.persistence.TokenDriverV8):
|
|||
|
||||
def delete_tokens(self, user_id, tenant_id=None, trust_id=None,
|
||||
consumer_id=None):
|
||||
"""Delete all tokens in one session
|
||||
"""Delete all tokens in one session.
|
||||
|
||||
The user_id will be ignored if the trust_id is specified. user_id
|
||||
will always be specified.
|
||||
|
@ -244,7 +244,7 @@ class Token(token.persistence.TokenDriverV8):
|
|||
return tokens
|
||||
|
||||
def _expiry_range_strategy(self, dialect):
|
||||
"""Choose a token range expiration strategy
|
||||
"""Choose a token range expiration strategy.
|
||||
|
||||
Based on the DB dialect, select an expiry range callable that is
|
||||
appropriate.
|
||||
|
|
|
@ -320,7 +320,7 @@ class TokenDriverV8(object):
|
|||
@abc.abstractmethod
|
||||
def _list_tokens(self, user_id, tenant_id=None, trust_id=None,
|
||||
consumer_id=None):
|
||||
"""Return a list of current token_id's for a user
|
||||
"""Return a list of current token_id's for a user.
|
||||
|
||||
This is effectively a private method only used by the ``delete_tokens``
|
||||
method and should not be called by anything outside of the
|
||||
|
@ -341,7 +341,7 @@ class TokenDriverV8(object):
|
|||
|
||||
@abc.abstractmethod
|
||||
def list_revoked_tokens(self):
|
||||
"""Return a list of all revoked tokens
|
||||
"""Return a list of all revoked tokens.
|
||||
|
||||
:returns: list of token_id's
|
||||
|
||||
|
|
|
@ -289,7 +289,7 @@ class V3TokenDataHelper(object):
|
|||
def populate_roles_for_groups(self, token_data, group_ids,
|
||||
project_id=None, domain_id=None,
|
||||
user_id=None):
|
||||
"""Populate roles basing on provided groups and project/domain
|
||||
"""Populate roles basing on provided groups and project/domain.
|
||||
|
||||
Used for ephemeral users with dynamically assigned groups.
|
||||
This method does not return anything, yet it modifies token_data in
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
"""Keystone PKI Token Provider"""
|
||||
"""Keystone PKI Token Provider."""
|
||||
|
||||
import subprocess # nosec : used to catch subprocess exceptions
|
||||
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
"""Keystone Compressed PKI Token Provider"""
|
||||
"""Keystone Compressed PKI Token Provider."""
|
||||
|
||||
import subprocess # nosec : used to catch subprocess exceptions
|
||||
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
"""Keystone UUID Token Provider"""
|
||||
"""Keystone UUID Token Provider."""
|
||||
|
||||
from __future__ import absolute_import
|
||||
|
||||
|
|
3
tox.ini
3
tox.ini
|
@ -133,8 +133,7 @@ show-source = true
|
|||
# D105: Missing docstring in magic method
|
||||
# D203: 1 blank required before class docstring.
|
||||
# D205: Blank line required between one-line summary and description.
|
||||
# D400: First line should end with a period.
|
||||
ignore = D100,D101,D102,D103,D104,D105,D203,D205,D400
|
||||
ignore = D100,D101,D102,D103,D104,D105,D203,D205
|
||||
|
||||
exclude=.venv,.git,.tox,build,dist,doc,*openstack/common*,*lib/python*,*egg,tools,vendor,.update-venv,*.ini,*.po,*.pot
|
||||
max-complexity=24
|
||||
|
|
Loading…
Reference in New Issue