Browse Source

Add role assignment test coverage for system admin

This commit adds role assignment test coverage for users who have the
admin role assigned on the system.

Subsequent patches will:

  - add functionality for domain readers
  - add functionality for domain members
  - add functionality for domain admins
  - add functionality for project readers
  - add functionality for project members
  - add functionality for project admins
  - remove the obsolete policies from policy.v3cloudsample.json

Change-Id: If0d418a7117623b3bfe11b8e23781d02ac1debf0
Partial-Bug: 1750673
Closes-Bug: 1816833
tags/15.0.0.0rc1
Lance Bragstad 1 year ago
parent
commit
321a8cb035
1 changed files with 27 additions and 0 deletions
  1. +27
    -0
      keystone/tests/unit/protection/v3/test_assignment.py

+ 27
- 0
keystone/tests/unit/protection/v3/test_assignment.py View File

@@ -731,3 +731,30 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
r = c.post('/v3/auth/tokens', json=auth)
self.token_id = r.headers['X-Subject-Token']
self.headers = {'X-Auth-Token': self.token_id}


class SystemAdminTests(base_classes.TestCaseWithBootstrap,
common_auth.AuthTestMixin,
_AssignmentTestUtilities,
_SystemUserTests):

def setUp(self):
super(SystemAdminTests, self).setUp()
self.loadapp()
self.useFixture(ksfixtures.Policy(self.config_fixture))
self.config_fixture.config(group='oslo_policy', enforce_scope=True)

self.user_id = self.bootstrapper.admin_user_id
self.expected = []

auth = self.build_authentication_request(
user_id=self.user_id, password=self.bootstrapper.admin_password,
system=True
)

# Grab a token using the persona we're testing and prepare headers
# for requests we'll be making in the tests.
with self.test_client() as c:
r = c.post('/v3/auth/tokens', json=auth)
self.token_id = r.headers['X-Subject-Token']
self.headers = {'X-Auth-Token': self.token_id}

Loading…
Cancel
Save