From b6da8a1b8976579e4bf4025b58a69a9be539c847 Mon Sep 17 00:00:00 2001 From: wangxiyuan Date: Mon, 9 Apr 2018 17:25:14 +0800 Subject: [PATCH] Update IdP sql model Base on the database schema, the domain_id column in identity_provider is not unique and has the ForeignKey for project.id. But the IdP sql model is different. It marks the domain_id is unique and the ForeignKey is lost. This patch removes the unique restriction and adds the FK back, ultimately making the relationship between domains and identity provider 1:many. Change-Id: I13ecb0ab0434f5614f31d151e708f299cf8e8adb Partial-bug: #1760843 --- keystone/federation/backends/sql.py | 3 ++- keystone/tests/unit/test_v3_federation.py | 4 ++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/keystone/federation/backends/sql.py b/keystone/federation/backends/sql.py index e2a075529b..ba26e55606 100644 --- a/keystone/federation/backends/sql.py +++ b/keystone/federation/backends/sql.py @@ -55,7 +55,8 @@ class IdentityProviderModel(sql.ModelBase, sql.ModelDictMixin): mutable_attributes = frozenset(['description', 'enabled', 'remote_ids']) id = sql.Column(sql.String(64), primary_key=True) - domain_id = sql.Column(sql.String(64), nullable=False, unique=True) + domain_id = sql.Column(sql.String(64), sql.ForeignKey('project.id'), + nullable=False) enabled = sql.Column(sql.Boolean, nullable=False) description = sql.Column(sql.Text(), nullable=True) remote_ids = orm.relationship('IdPRemoteIdsModel', diff --git a/keystone/tests/unit/test_v3_federation.py b/keystone/tests/unit/test_v3_federation.py index a890aa3548..beb7cfcaef 100644 --- a/keystone/tests/unit/test_v3_federation.py +++ b/keystone/tests/unit/test_v3_federation.py @@ -45,6 +45,7 @@ from keystone.tests.unit import federation_fixtures from keystone.tests.unit import ksfixtures from keystone.tests.unit import mapping_fixtures from keystone.tests.unit import test_v3 +from keystone.tests.unit import utils as test_utils from keystone.token.providers import common as token_common @@ -993,6 +994,9 @@ class FederatedIdentityProviderTests(test_v3.RestfulTestCase): # since it wasn't auto-generated self.assertIsNotNone(PROVIDERS.resource_api.get_domain(domain['id'])) + @test_utils.wip("Keystone never supported IdP:domain = 1:1. This test " + "should be fixed to make sure IdP:domain is n:1", + bug='1760843') def test_create_idp_domain_id_unique_constraint(self): # create domain and add domain_id to keys to check domain = unit.new_domain_ref()