Rename trust extension (bug 1158980)

Change trust extension from RH-TRUST to OS-TRUST so that the namespace being used is for OpenStack, as opposed to a contributing company. This is also more consistent with namespacing used in other OpenStack APIs. Some additional discussion about this is in this thread: http://lists.openstack.org/pipermail/openstack-dev/2013-March/006876.html Change-Id: I0fd869abe0f527c899808a4dde19dbd1fb6f32cd
2013-03-22 12:47:27 -04:00 · 2013-03-22 12:47:27 -04:00 · 3e55be029c
commit 3e55be029c
parent 4f75f848a5
6 changed files with 53 additions and 53 deletions
--- a/keystone/auth/controllers.py
+++ b/keystone/auth/controllers.py
@ -171,9 +171,9 @@ class AuthInfo(object):
            return
        if sum(['project' in self.auth['scope'],
                'domain' in self.auth['scope'],
-                'RH-TRUST:trust' in self.auth['scope']]) != 1:
+                'OS-TRUST:trust' in self.auth['scope']]) != 1:
            raise exception.ValidationError(
-                attribute='project, domain, or RH-TRUST:trust',
+                attribute='project, domain, or OS-TRUST:trust',
                target='scope')

        if 'project' in self.auth['scope']:
@ -182,11 +182,11 @@ class AuthInfo(object):
        elif 'domain' in self.auth['scope']:
            domain_ref = self._lookup_domain(self.auth['scope']['domain'])
            self._scope_data = (domain_ref['id'], None, None)
-        elif 'RH-TRUST:trust' in self.auth['scope']:
+        elif 'OS-TRUST:trust' in self.auth['scope']:
            if not CONF.trust.enabled:
                raise exception.Forbidden('Trusts are disabled.')
            trust_ref = self._lookup_trust(
-                self.auth['scope']['RH-TRUST:trust'])
+                self.auth['scope']['OS-TRUST:trust'])
            #TODO ayoung when trusts support domain, Fill in domain data here
            if 'project_id' in trust_ref:
                project_ref = self._lookup_project(
--- a/keystone/auth/token_factory.py
+++ b/keystone/auth/token_factory.py
@ -114,7 +114,7 @@ class TokenDataHelper(object):
                raise exception.Forbidden()
            if trust['impersonation']:
                user_ref = trustor_user_ref
-            token_data['RH-TRUST:trust'] = (
+            token_data['OS-TRUST:trust'] = (
                {
                    'id': trust['id'],
                    'trustor_user': {'id': trust['trustor_user_id']},
--- a/keystone/trust/routers.py
+++ b/keystone/trust/routers.py
@ -22,37 +22,37 @@ from keystone.common import router
 def append_v3_routers(mapper, routers):
    trust_controller = controllers.TrustV3()

-    mapper.connect('/RH-TRUST/trusts',
+    mapper.connect('/OS-TRUST/trusts',
                   controller=trust_controller,
                   action='create_trust',
                   conditions=dict(method=['POST']))

-    mapper.connect('/RH-TRUST/trusts',
+    mapper.connect('/OS-TRUST/trusts',
                   controller=trust_controller,
                   action='list_trusts',
                   conditions=dict(method=['GET']))

-    mapper.connect('/RH-TRUST/trusts/{trust_id}',
+    mapper.connect('/OS-TRUST/trusts/{trust_id}',
                   controller=trust_controller,
                   action='delete_trust',
                   conditions=dict(method=['DELETE']))

-    mapper.connect('/RH-TRUST/trusts/{trust_id}',
+    mapper.connect('/OS-TRUST/trusts/{trust_id}',
                   controller=trust_controller,
                   action='get_trust',
                   conditions=dict(method=['GET']))

-    mapper.connect('/RH-TRUST/trusts/{trust_id}/roles',
+    mapper.connect('/OS-TRUST/trusts/{trust_id}/roles',
                   controller=trust_controller,
                   action='list_roles_for_trust',
                   conditions=dict(method=['GET']))

-    mapper.connect('/RH-TRUST/trusts/{trust_id}/roles/{role_id}',
+    mapper.connect('/OS-TRUST/trusts/{trust_id}/roles/{role_id}',
                   controller=trust_controller,
                   action='check_role_for_trust',
                   conditions=dict(method=['HEAD']))

-    mapper.connect('/RH-TRUST/trusts/{trust_id}/roles/{role_id}',
+    mapper.connect('/OS-TRUST/trusts/{trust_id}/roles/{role_id}',
                   controller=trust_controller,
                   action='get_role_for_trust',
                   conditions=dict(method=['GET']))
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@ -633,7 +633,7 @@ class AuthWithTrust(AuthTest):
                "methods": ["token"],
                "token": {"id": token}},
            "scope": {
-                "RH-TRUST:trust": {"id": self.new_trust['id']}}}
+                "OS-TRUST:trust": {"id": self.new_trust['id']}}}
        token_auth_response = (self.auth_v3_controller.authenticate_for_token
                               ({}, v3_req_with_trust))
        return token_auth_response
@ -644,7 +644,7 @@ class AuthWithTrust(AuthTest):
        trust_token_user = auth_response.json['token']['user']
        self.assertEquals(trust_token_user['id'], self.trustor['id'])

-        trust_token_trust = auth_response.json['token']['RH-TRUST:trust']
+        trust_token_trust = auth_response.json['token']['OS-TRUST:trust']
        self.assertEquals(trust_token_trust['id'], self.new_trust['id'])
        self.assertEquals(trust_token_trust['trustor_user']['id'],
                          self.trustor['id'])
--- a/tests/test_v3.py
+++ b/tests/test_v3.py
@ -460,7 +460,7 @@ class RestfulTestCase(test_content_types.RestfulTestCase):
    def assertValidProjectTrustScopedTokenResponse(self, r, *args, **kwargs):
        token = self.assertValidProjectScopedTokenResponse(r, *args, **kwargs)

-        trust = token.get('RH-TRUST:trust')
+        trust = token.get('OS-TRUST:trust')
        self.assertIsNotNone(trust)
        self.assertIsNotNone(trust.get('id'))
        self.assertTrue(isinstance(trust.get('impersonation'), bool))
@ -816,8 +816,8 @@ class RestfulTestCase(test_content_types.RestfulTestCase):
            else:
                scope_data['domain']['name'] = domain_name
        if trust_id:
-            scope_data['RH-TRUST:trust'] = {}
-            scope_data['RH-TRUST:trust']['id'] = trust_id
+            scope_data['OS-TRUST:trust'] = {}
+            scope_data['OS-TRUST:trust']['id'] = trust_id
        return scope_data

    def build_password_auth(self, user_id=None, username=None,
--- a/tests/test_v3_auth.py
+++ b/tests/test_v3_auth.py
@ -1015,8 +1015,8 @@ class TestTrustOptional(test_v3.RestfulTestCase):
        super(TestTrustOptional, self).setUp(*args, **kwargs)

    def test_trusts_404(self):
-        self.get('/RH-TRUST/trusts', body={'trust': {}}, expected_status=404)
-        self.post('/RH-TRUST/trusts', body={'trust': {}}, expected_status=404)
+        self.get('/OS-TRUST/trusts', body={'trust': {}}, expected_status=404)
+        self.post('/OS-TRUST/trusts', body={'trust': {}}, expected_status=404)

    def test_auth_with_scope_in_trust_403(self):
        auth_data = self.build_authentication_request(
@ -1039,14 +1039,14 @@ class TestTrustAuth(TestAuthInfo):

    def test_create_trust_400(self):
        raise nose.exc.SkipTest('Blocked by bug 1133435')
-        self.post('/RH-TRUST/trusts', body={'trust': {}}, expected_status=400)
+        self.post('/OS-TRUST/trusts', body={'trust': {}}, expected_status=400)

    def test_create_unscoped_trust(self):
        ref = self.new_trust_ref(
            trustor_user_id=self.user_id,
            trustee_user_id=self.trustee_user_id)
        del ref['id']
-        r = self.post('/RH-TRUST/trusts', body={'trust': ref})
+        r = self.post('/OS-TRUST/trusts', body={'trust': ref})
        self.assertValidTrustResponse(r, ref)

    def test_trust_crud(self):
@ -1056,48 +1056,48 @@ class TestTrustAuth(TestAuthInfo):
            project_id=self.project_id,
            role_ids=[self.role_id])
        del ref['id']
-        r = self.post('/RH-TRUST/trusts', body={'trust': ref})
+        r = self.post('/OS-TRUST/trusts', body={'trust': ref})
        trust = self.assertValidTrustResponse(r, ref)

        r = self.get(
-            '/RH-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']},
+            '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']},
            expected_status=200)
        self.assertValidTrustResponse(r, ref)

        # validate roles on the trust
        r = self.get(
-            '/RH-TRUST/trusts/%(trust_id)s/roles' % {
+            '/OS-TRUST/trusts/%(trust_id)s/roles' % {
                'trust_id': trust['id']},
            expected_status=200)
        roles = self.assertValidRoleListResponse(r, self.role)
        self.assertIn(self.role['id'], [x['id'] for x in roles])
        self.head(
-            '/RH-TRUST/trusts/%(trust_id)s/roles/%(role_id)s' % {
+            '/OS-TRUST/trusts/%(trust_id)s/roles/%(role_id)s' % {
                'trust_id': trust['id'],
                'role_id': self.role['id']},
            expected_status=204)
        r = self.get(
-            '/RH-TRUST/trusts/%(trust_id)s/roles/%(role_id)s' % {
+            '/OS-TRUST/trusts/%(trust_id)s/roles/%(role_id)s' % {
                'trust_id': trust['id'],
                'role_id': self.role['id']},
            expected_status=200)
        self.assertValidRoleResponse(r, self.role)

-        r = self.get('/RH-TRUST/trusts', expected_status=200)
+        r = self.get('/OS-TRUST/trusts', expected_status=200)
        self.assertValidTrustListResponse(r, trust)

        # trusts are immutable
        self.patch(
-            '/RH-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']},
+            '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']},
            body={'trust': ref},
            expected_status=404)

        self.delete(
-            '/RH-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']},
+            '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']},
            expected_status=204)

        self.get(
-            '/RH-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']},
+            '/OS-TRUST/trusts/%(trust_id)s' % {'trust_id': trust['id']},
            expected_status=404)

    def test_create_trust_trustee_404(self):
@ -1105,14 +1105,14 @@ class TestTrustAuth(TestAuthInfo):
            trustor_user_id=self.user_id,
            trustee_user_id=uuid.uuid4().hex)
        del ref['id']
-        self.post('/RH-TRUST/trusts', body={'trust': ref}, expected_status=404)
+        self.post('/OS-TRUST/trusts', body={'trust': ref}, expected_status=404)

    def test_create_trust_trustor_trustee_backwards(self):
        ref = self.new_trust_ref(
            trustor_user_id=self.trustee_user_id,
            trustee_user_id=self.user_id)
        del ref['id']
-        self.post('/RH-TRUST/trusts', body={'trust': ref}, expected_status=403)
+        self.post('/OS-TRUST/trusts', body={'trust': ref}, expected_status=403)

    def test_create_trust_project_404(self):
        ref = self.new_trust_ref(
@ -1121,7 +1121,7 @@ class TestTrustAuth(TestAuthInfo):
            project_id=uuid.uuid4().hex,
            role_ids=[self.role_id])
        del ref['id']
-        self.post('/RH-TRUST/trusts', body={'trust': ref}, expected_status=404)
+        self.post('/OS-TRUST/trusts', body={'trust': ref}, expected_status=404)

    def test_create_trust_role_id_404(self):
        ref = self.new_trust_ref(
@ -1130,7 +1130,7 @@ class TestTrustAuth(TestAuthInfo):
            project_id=self.project_id,
            role_ids=[uuid.uuid4().hex])
        del ref['id']
-        self.post('/RH-TRUST/trusts', body={'trust': ref}, expected_status=404)
+        self.post('/OS-TRUST/trusts', body={'trust': ref}, expected_status=404)

    def test_create_trust_role_name_404(self):
        ref = self.new_trust_ref(
@ -1139,7 +1139,7 @@ class TestTrustAuth(TestAuthInfo):
            project_id=self.project_id,
            role_names=[uuid.uuid4().hex])
        del ref['id']
-        self.post('/RH-TRUST/trusts', body={'trust': ref}, expected_status=404)
+        self.post('/OS-TRUST/trusts', body={'trust': ref}, expected_status=404)

    def test_create_expired_trust(self):
        ref = self.new_trust_ref(
@ -1149,10 +1149,10 @@ class TestTrustAuth(TestAuthInfo):
            expires=dict(seconds=-1),
            role_ids=[self.role_id])
        del ref['id']
-        r = self.post('/RH-TRUST/trusts', body={'trust': ref})
+        r = self.post('/OS-TRUST/trusts', body={'trust': ref})
        trust = self.assertValidTrustResponse(r, ref)

-        self.get('/RH-TRUST/trusts/%(trust_id)s' % {
+        self.get('/OS-TRUST/trusts/%(trust_id)s' % {
            'trust_id': trust['id']},
            expected_status=404)

@ -1172,7 +1172,7 @@ class TestTrustAuth(TestAuthInfo):
            role_ids=[self.role_id])
        del ref['id']

-        r = self.post('/RH-TRUST/trusts', body={'trust': ref})
+        r = self.post('/OS-TRUST/trusts', body={'trust': ref})
        trust = self.assertValidTrustResponse(r)

        auth_data = self.build_authentication_request(
@ -1209,7 +1209,7 @@ class TestTrustAuth(TestAuthInfo):
        r = self.post('/auth/tokens', body=auth_data)
        token = r.getheader('X-Subject-Token')

-        r = self.post('/RH-TRUST/trusts', body={'trust': ref}, token=token)
+        r = self.post('/OS-TRUST/trusts', body={'trust': ref}, token=token)
        trust = self.assertValidTrustResponse(r)

        auth_data = self.build_authentication_request(
@ -1251,7 +1251,7 @@ class TestTrustAuth(TestAuthInfo):
        r = self.post('/auth/tokens', body=auth_data)
        token = r.getheader('X-Subject-Token')

-        r = self.post('/RH-TRUST/trusts', body={'trust': ref}, token=token)
+        r = self.post('/OS-TRUST/trusts', body={'trust': ref}, token=token)
        trust = self.assertValidTrustResponse(r)

        auth_data = self.build_authentication_request(
@ -1292,7 +1292,7 @@ class TestTrustAuth(TestAuthInfo):
        r = self.post('/auth/tokens', body=auth_data)
        token = r.getheader('X-Subject-Token')

-        r = self.post('/RH-TRUST/trusts', body={'trust': ref}, token=token)
+        r = self.post('/OS-TRUST/trusts', body={'trust': ref}, token=token)
        trust = self.assertValidTrustResponse(r)

        auth_data = self.build_authentication_request(
@ -1321,7 +1321,7 @@ class TestTrustAuth(TestAuthInfo):
            role_ids=[self.role_id])
        del ref['id']

-        r = self.post('/RH-TRUST/trusts', body={'trust': ref})
+        r = self.post('/OS-TRUST/trusts', body={'trust': ref})
        trust = self.assertValidTrustResponse(r)

        auth_data = self.build_authentication_request(
@ -1352,7 +1352,7 @@ class TestTrustAuth(TestAuthInfo):
            role_ids=[self.role_id])
        del ref['id']

-        r = self.post('/RH-TRUST/trusts', body={'trust': ref})
+        r = self.post('/OS-TRUST/trusts', body={'trust': ref})
        trust = self.assertValidTrustResponse(r)

        auth_data = self.build_authentication_request(
@ -1381,19 +1381,19 @@ class TestTrustAuth(TestAuthInfo):
            role_ids=[self.role_id])
        del ref['id']

-        r = self.post('/RH-TRUST/trusts', body={'trust': ref})
+        r = self.post('/OS-TRUST/trusts', body={'trust': ref})

        trust = self.assertValidTrustResponse(r, ref)

-        self.delete('/RH-TRUST/trusts/%(trust_id)s' % {
+        self.delete('/OS-TRUST/trusts/%(trust_id)s' % {
            'trust_id': trust['id']},
            expected_status=204)

-        self.get('/RH-TRUST/trusts/%(trust_id)s' % {
+        self.get('/OS-TRUST/trusts/%(trust_id)s' % {
            'trust_id': trust['id']},
            expected_status=404)

-        self.get('/RH-TRUST/trusts/%(trust_id)s' % {
+        self.get('/OS-TRUST/trusts/%(trust_id)s' % {
            'trust_id': trust['id']},
            expected_status=404)

@ -1414,15 +1414,15 @@ class TestTrustAuth(TestAuthInfo):
        del ref['id']

        for i in range(0, 3):
-            r = self.post('/RH-TRUST/trusts', body={'trust': ref})
+            r = self.post('/OS-TRUST/trusts', body={'trust': ref})
            trust = self.assertValidTrustResponse(r, ref)

-        r = self.get('/RH-TRUST/trusts?trustor_user_id=%s' %
+        r = self.get('/OS-TRUST/trusts?trustor_user_id=%s' %
                     self.user_id, expected_status=200)
        trusts = r.body['trusts']
        self.assertEqual(len(trusts), 3)

-        r = self.get('/RH-TRUST/trusts?trustee_user_id=%s' %
+        r = self.get('/OS-TRUST/trusts?trustee_user_id=%s' %
                     self.user_id, expected_status=200)
        trusts = r.body['trusts']
        self.assertEqual(len(trusts), 0)
@ -1437,7 +1437,7 @@ class TestTrustAuth(TestAuthInfo):
            role_ids=[self.role_id])
        del ref['id']

-        r = self.post('/RH-TRUST/trusts', body={'trust': ref})
+        r = self.post('/OS-TRUST/trusts', body={'trust': ref})
        trust = self.assertValidTrustResponse(r)

        auth_data = self.build_authentication_request(
@ -1449,7 +1449,7 @@ class TestTrustAuth(TestAuthInfo):
        self.assertValidProjectTrustScopedTokenResponse(r, self.user)
        trust_token = r.getheader('X-Subject-Token')

-        self.get('/RH-TRUST/trusts?trustor_user_id=%s' %
+        self.get('/OS-TRUST/trusts?trustor_user_id=%s' %
                 self.user_id, expected_status=200,
                 token=trust_token)

@ -1463,6 +1463,6 @@ class TestTrustAuth(TestAuthInfo):
                       auth=auth_data,
                       expected_status=200))

-        self.get('/RH-TRUST/trusts?trustor_user_id=%s' %
+        self.get('/OS-TRUST/trusts?trustor_user_id=%s' %
                 self.user_id, expected_status=401,
                 token=trust_token)