Remove six usage

This repo does not support Python 2 anymore, so we don't need
six for compatibility between Python2 and 3, convert six usage to Python
3 code.

Change-Id: Icba56808f38277b27af2ae5aac4b8507dee71b3b
This commit is contained in:
Vishakha Agarwal 2020-01-29 13:04:23 +05:30
parent 7bb26ffd15
commit 4530041931
168 changed files with 2060 additions and 2257 deletions

View File

@ -12,10 +12,7 @@
# Common base resource for EC2 and S3 Authentication
import sys
from oslo_serialization import jsonutils
import six
from werkzeug import exceptions
from keystone.common import provider_api
@ -102,10 +99,7 @@ class ResourceBase(ks_flask.ResourceBase):
PROVIDERS.resource_api.assert_project_enabled(
project_id=project_ref['id'], project=project_ref)
except AssertionError as e:
six.reraise(
ks_exceptions.Unauthorized,
ks_exceptions.Unauthorized(e),
sys.exc_info()[2])
raise ks_exceptions.Unauthorized from e
roles = PROVIDERS.assignment_api.get_roles_for_user_and_project(
user_ref['id'], project_ref['id'])

View File

@ -19,7 +19,6 @@
import flask
from oslo_log import log
import six
from keystone.auth import core
from keystone.common import provider_api
@ -55,7 +54,7 @@ def _check_and_set_default_scoping(auth_info, auth_context):
try:
user_ref = PROVIDERS.identity_api.get_user(auth_context['user_id'])
except exception.UserNotFound as e:
LOG.warning(six.text_type(e))
LOG.warning(e)
raise exception.Unauthorized(e)
default_project_id = user_ref.get('default_project_id')
@ -235,7 +234,7 @@ def authenticate_for_token(auth=None):
return token
except exception.TrustNotFound as e:
LOG.warning(six.text_type(e))
LOG.warning(e)
raise exception.Unauthorized(e)

View File

@ -15,11 +15,11 @@ import string
import flask
import flask_restful
import http.client
from oslo_log import log
from oslo_serialization import jsonutils
from oslo_utils import strutils
from six.moves import http_client
from six.moves import urllib
import urllib
import werkzeug.exceptions
from keystone.api._shared import authentication
@ -107,7 +107,7 @@ class _AuthFederationWebSSOBase(ks_flask.ResourceBase):
src = string.Template(template.read())
subs = {'host': host, 'token': token_id}
body = src.substitute(subs)
resp = flask.make_response(body, http_client.OK)
resp = flask.make_response(body, http.client.OK)
resp.charset = 'utf-8'
resp.headers['Content-Type'] = 'text/html'
return resp
@ -298,7 +298,7 @@ class AuthTokenResource(_AuthFederationWebSSOBase):
token_resp = render_token.render_token_response_from_model(
token, include_catalog=include_catalog)
resp_body = jsonutils.dumps(token_resp)
response = flask.make_response(resp_body, http_client.OK)
response = flask.make_response(resp_body, http.client.OK)
response.headers['X-Subject-Token'] = token_id
response.headers['Content-Type'] = 'application/json'
return response
@ -317,7 +317,7 @@ class AuthTokenResource(_AuthFederationWebSSOBase):
token, include_catalog=include_catalog
)
resp_body = jsonutils.dumps(resp_data)
response = flask.make_response(resp_body, http_client.CREATED)
response = flask.make_response(resp_body, http.client.CREATED)
response.headers['X-Subject-Token'] = token.id
response.headers['Content-Type'] = 'application/json'
return response
@ -331,7 +331,7 @@ class AuthTokenResource(_AuthFederationWebSSOBase):
token_id = flask.request.headers.get(
authorization.SUBJECT_TOKEN_HEADER)
PROVIDERS.token_provider_api.revoke_token(token_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class AuthFederationWebSSOResource(_AuthFederationWebSSOBase):
@ -404,7 +404,7 @@ class AuthFederationSaml2Resource(_AuthFederationWebSSOBase):
validation.lazy_validate(federation_schema.saml_create, auth)
response, service_provider = saml.create_base_saml_assertion(auth)
headers = _build_response_headers(service_provider)
response = flask.make_response(response.to_string(), http_client.OK)
response = flask.make_response(response.to_string(), http.client.OK)
for header, value in headers:
response.headers[header] = value
return response
@ -431,7 +431,7 @@ class AuthFederationSaml2ECPResource(_AuthFederationWebSSOBase):
saml_assertion, relay_state_prefix)
headers = _build_response_headers(service_provider)
response = flask.make_response(
ecp_assertion.to_string(), http_client.OK)
ecp_assertion.to_string(), http.client.OK)
for header, value in headers:
response.headers[header] = value
return response

View File

@ -15,8 +15,8 @@
import hashlib
import flask
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common import provider_api
from keystone.common import rbac_enforcer
@ -150,7 +150,7 @@ class CredentialResource(ks_flask.ResourceBase):
self._normalize_dict(credential), trust_id=trust_id)
ref = PROVIDERS.credential_api.create_credential(
ref['id'], ref, initiator=self.audit_initiator)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
def patch(self, credential_id):
# Update Credential
@ -176,7 +176,7 @@ class CredentialResource(ks_flask.ResourceBase):
return (PROVIDERS.credential_api.delete_credential(
credential_id, initiator=self.audit_initiator),
http_client.NO_CONTENT)
http.client.NO_CONTENT)
class CredentialAPI(ks_flask.APIBase):

View File

@ -12,8 +12,8 @@
import flask
from flask import request
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common import json_home
import keystone.conf
@ -79,7 +79,7 @@ def get_versions():
{'versions': {
'values': list(versions.values())}}),
mimetype=MimeTypes.JSON,
status=http_client.MULTIPLE_CHOICES)
status=http.client.MULTIPLE_CHOICES)
response.headers['Location'] = preferred_location
return response

View File

@ -15,7 +15,7 @@
import flask
import flask_restful
import functools
from six.moves import http_client
import http.client
from keystone.common import json_home
from keystone.common import provider_api
@ -127,7 +127,7 @@ class DomainResource(ks_flask.ResourceBase):
domain = self._normalize_dict(domain)
ref = PROVIDERS.resource_api.create_domain(
domain['id'], domain, initiator=self.audit_initiator)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
def patch(self, domain_id):
"""Update domain.
@ -150,7 +150,7 @@ class DomainResource(ks_flask.ResourceBase):
ENFORCER.enforce_call(action='identity:delete_domain')
PROVIDERS.resource_api.delete_domain(
domain_id, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class DomainConfigBase(ks_flask.ResourceBase):
@ -217,7 +217,7 @@ class DomainConfigBase(ks_flask.ResourceBase):
PROVIDERS.resource_api.get_domain(domain_id)
PROVIDERS.domain_config_api.delete_config(
domain_id, group, option=option)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class DomainConfigResource(DomainConfigBase):
@ -247,7 +247,7 @@ class DomainConfigResource(DomainConfigBase):
if original_config:
return {self.member_key: ref}
else:
return {self.member_key: ref}, http_client.CREATED
return {self.member_key: ref}, http.client.CREATED
class DomainConfigGroupResource(DomainConfigBase):
@ -337,7 +337,7 @@ class DomainUserResource(ks_flask.ResourceBase):
PROVIDERS.assignment_api.get_grant(
role_id, domain_id=domain_id, user_id=user_id,
inherited_to_projects=False)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, domain_id=None, user_id=None, role_id=None):
"""Create a role to a user on a domain.
@ -350,7 +350,7 @@ class DomainUserResource(ks_flask.ResourceBase):
PROVIDERS.assignment_api.create_grant(
role_id, domain_id=domain_id, user_id=user_id,
inherited_to_projects=False, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, domain_id=None, user_id=None, role_id=None):
"""Revoke a role from user on a domain.
@ -364,7 +364,7 @@ class DomainUserResource(ks_flask.ResourceBase):
PROVIDERS.assignment_api.delete_grant(
role_id, domain_id=domain_id, user_id=user_id,
inherited_to_projects=False, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class DomainGroupListResource(flask_restful.Resource):
@ -398,7 +398,7 @@ class DomainGroupResource(ks_flask.ResourceBase):
PROVIDERS.assignment_api.get_grant(
role_id, domain_id=domain_id, group_id=group_id,
inherited_to_projects=False)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, domain_id=None, group_id=None, role_id=None):
"""Grant a role to a group on a domain.
@ -411,7 +411,7 @@ class DomainGroupResource(ks_flask.ResourceBase):
PROVIDERS.assignment_api.create_grant(
role_id, domain_id=domain_id, group_id=group_id,
inherited_to_projects=False, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, domain_id=None, group_id=None, role_id=None):
"""Revoke a role from a group on a domain.
@ -425,7 +425,7 @@ class DomainGroupResource(ks_flask.ResourceBase):
PROVIDERS.assignment_api.delete_grant(
role_id, domain_id=domain_id, group_id=group_id,
inherited_to_projects=False, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class DomainAPI(ks_flask.APIBase):

View File

@ -13,9 +13,9 @@
# This file handles all flask-restful resources for /v3/ec2tokens
import flask
import http.client
from keystoneclient.contrib.ec2 import utils as ec2_utils
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.api._shared import EC2_S3_Resource
from keystone.api._shared import json_home_relations
@ -67,7 +67,7 @@ class EC2TokensResource(EC2_S3_Resource.ResourceBase):
token = self.handle_authenticate()
token_reference = render_token.render_token_response_from_model(token)
resp_body = jsonutils.dumps(token_reference)
response = flask.make_response(resp_body, http_client.OK)
response = flask.make_response(resp_body, http.client.OK)
response.headers['X-Subject-Token'] = token.id
response.headers['Content-Type'] = 'application/json'
return response

View File

@ -13,7 +13,7 @@
# This file handles all flask-restful resources for /v3/services
import flask_restful
from six.moves import http_client
import http.client
from keystone.api._shared import json_home_relations
from keystone.catalog import schema
@ -97,7 +97,7 @@ class EndpointResource(ks_flask.ResourceBase):
endpoint = self._validate_endpoint_region(endpoint)
ref = PROVIDERS.catalog_api.create_endpoint(
endpoint['id'], endpoint, initiator=self.audit_initiator)
return self.wrap_member(_filter_endpoint(ref)), http_client.CREATED
return self.wrap_member(_filter_endpoint(ref)), http.client.CREATED
def patch(self, endpoint_id):
ENFORCER.enforce_call(action='identity:update_endpoint')
@ -113,7 +113,7 @@ class EndpointResource(ks_flask.ResourceBase):
ENFORCER.enforce_call(action='identity:delete_endpoint')
PROVIDERS.catalog_api.delete_endpoint(endpoint_id,
initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class EndpointPolicyEndpointResource(flask_restful.Resource):

View File

@ -15,7 +15,7 @@
import flask
import flask_restful
import functools
from six.moves import http_client
import http.client
from keystone.common import json_home
from keystone.common import provider_api
@ -107,7 +107,7 @@ class GroupsResource(ks_flask.ResourceBase):
group = self._normalize_domain_id(group)
ref = PROVIDERS.identity_api.create_group(
group, initiator=self.audit_initiator)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
def patch(self, group_id):
"""Update group.
@ -133,7 +133,7 @@ class GroupsResource(ks_flask.ResourceBase):
ENFORCER.enforce_call(action='identity:delete_group')
PROVIDERS.identity_api.delete_group(
group_id, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class GroupUsersResource(ks_flask.ResourceBase):
@ -194,7 +194,7 @@ class UserGroupCRUDResource(flask_restful.Resource):
build_target=functools.partial(self._build_enforcement_target_attr,
user_id, group_id))
PROVIDERS.identity_api.check_user_in_group(user_id, group_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, group_id, user_id):
"""Add user to group.
@ -207,7 +207,7 @@ class UserGroupCRUDResource(flask_restful.Resource):
user_id, group_id))
PROVIDERS.identity_api.add_user_to_group(
user_id, group_id, initiator=notifications.build_audit_initiator())
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, group_id, user_id):
"""Remove user from group.
@ -220,7 +220,7 @@ class UserGroupCRUDResource(flask_restful.Resource):
user_id, group_id))
PROVIDERS.identity_api.remove_user_from_group(
user_id, group_id, initiator=notifications.build_audit_initiator())
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class GroupAPI(ks_flask.APIBase):

View File

@ -14,7 +14,7 @@
import flask
import flask_restful
from six.moves import http_client
import http.client
from keystone.common import json_home
from keystone.common import provider_api
@ -110,7 +110,7 @@ class LimitsResource(ks_flask.ResourceBase):
refs = PROVIDERS.unified_limit_api.create_limits(limits)
refs = self.wrap_collection(refs)
refs.pop('links')
return refs, http_client.CREATED
return refs, http.client.CREATED
def patch(self, limit_id):
ENFORCER.enforce_call(action='identity:update_limit')
@ -124,7 +124,7 @@ class LimitsResource(ks_flask.ResourceBase):
def delete(self, limit_id):
ENFORCER.enforce_call(action='identity:delete_limit')
return (PROVIDERS.unified_limit_api.delete_limit(limit_id),
http_client.NO_CONTENT)
http.client.NO_CONTENT)
class LimitModelResource(flask_restful.Resource):

View File

@ -13,7 +13,7 @@
# This file handles all flask-restful resources for /OS-EP-FILTER
import flask_restful
from six.moves import http_client
import http.client
from keystone.api._shared import json_home_relations
from keystone.api import endpoints as _endpoints_api
@ -90,7 +90,7 @@ class EndpointGroupsResource(ks_flask.ResourceBase):
self._require_valid_filter(ep_group)
ep_group = self._assign_unique_id(ep_group)
return self.wrap_member(PROVIDERS.catalog_api.create_endpoint_group(
ep_group['id'], ep_group)), http_client.CREATED
ep_group['id'], ep_group)), http.client.CREATED
def patch(self, endpoint_group_id):
ENFORCER.enforce_call(action='identity:update_endpoint_group')
@ -105,7 +105,7 @@ class EndpointGroupsResource(ks_flask.ResourceBase):
def delete(self, endpoint_group_id):
ENFORCER.enforce_call(action='identity:delete_endpoint_group')
return (PROVIDERS.catalog_api.delete_endpoint_group(endpoint_group_id),
http_client.NO_CONTENT)
http.client.NO_CONTENT)
class EPFilterEndpointProjectsResource(flask_restful.Resource):
@ -127,19 +127,19 @@ class EPFilterProjectsEndpointsResource(flask_restful.Resource):
PROVIDERS.resource_api.get_project(project_id)
PROVIDERS.catalog_api.check_endpoint_in_project(
endpoint_id, project_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, project_id, endpoint_id):
ENFORCER.enforce_call(action='identity:add_endpoint_to_project')
PROVIDERS.catalog_api.get_endpoint(endpoint_id)
PROVIDERS.resource_api.get_project(project_id)
PROVIDERS.catalog_api.add_endpoint_to_project(endpoint_id, project_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, project_id, endpoint_id):
ENFORCER.enforce_call(action='identity:remove_endpoint_from_project')
return (PROVIDERS.catalog_api.remove_endpoint_from_project(
endpoint_id, project_id), http_client.NO_CONTENT)
endpoint_id, project_id), http.client.NO_CONTENT)
class EPFilterProjectEndpointsListResource(flask_restful.Resource):
@ -219,7 +219,7 @@ class EPFilterGroupsProjectsResource(ks_flask.ResourceBase):
PROVIDERS.catalog_api.get_endpoint_group(endpoint_group_id)
PROVIDERS.catalog_api.add_endpoint_group_to_project(
endpoint_group_id, project_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, endpoint_group_id, project_id):
ENFORCER.enforce_call(
@ -228,7 +228,7 @@ class EPFilterGroupsProjectsResource(ks_flask.ResourceBase):
PROVIDERS.catalog_api.get_endpoint_group(endpoint_group_id)
PROVIDERS.catalog_api.remove_endpoint_group_from_project(
endpoint_group_id, project_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class EPFilterAPI(ks_flask.APIBase):

View File

@ -14,8 +14,8 @@
import flask
import flask_restful
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.api._shared import authentication
from keystone.api._shared import json_home_relations
@ -137,7 +137,7 @@ class IdentityProvidersResource(_ResourceBase):
idp.setdefault('enabled', False)
idp_ref = PROVIDERS.federation_api.create_idp(
idp_id, idp)
return self.wrap_member(idp_ref), http_client.CREATED
return self.wrap_member(idp_ref), http.client.CREATED
def patch(self, idp_id):
ENFORCER.enforce_call(action='identity:update_identity_provider')
@ -151,7 +151,7 @@ class IdentityProvidersResource(_ResourceBase):
def delete(self, idp_id):
ENFORCER.enforce_call(action='identity:delete_identity_provider')
PROVIDERS.federation_api.delete_idp(idp_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class _IdentityProvidersProtocolsResourceBase(_ResourceBase):
@ -218,7 +218,7 @@ class IDPProtocolsCRUDResource(_IdentityProvidersProtocolsResourceBase):
protocol = self._normalize_dict(protocol)
ref = PROVIDERS.federation_api.create_protocol(idp_id, protocol_id,
protocol)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
def patch(self, idp_id, protocol_id):
"""Update protocol for an IDP.
@ -241,7 +241,7 @@ class IDPProtocolsCRUDResource(_IdentityProvidersProtocolsResourceBase):
"""
ENFORCER.enforce_call(action='identity:delete_protocol')
PROVIDERS.federation_api.delete_protocol(idp_id, protocol_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class MappingResource(_ResourceBase):
@ -282,7 +282,7 @@ class MappingResource(_ResourceBase):
utils.validate_mapping_structure(mapping)
mapping_ref = PROVIDERS.federation_api.create_mapping(
mapping_id, mapping)
return self.wrap_member(mapping_ref), http_client.CREATED
return self.wrap_member(mapping_ref), http.client.CREATED
def patch(self, mapping_id):
"""Update a mapping.
@ -304,7 +304,7 @@ class MappingResource(_ResourceBase):
"""
ENFORCER.enforce_call(action='identity:delete_mapping')
PROVIDERS.federation_api.delete_mapping(mapping_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class ServiceProvidersResource(_ResourceBase):
@ -355,7 +355,7 @@ class ServiceProvidersResource(_ResourceBase):
sp.setdefault('relay_state_prefix',
CONF.saml.relay_state_prefix)
sp_ref = PROVIDERS.federation_api.create_sp(sp_id, sp)
return self.wrap_member(sp_ref), http_client.CREATED
return self.wrap_member(sp_ref), http.client.CREATED
def patch(self, sp_id):
"""Update a service provider.
@ -376,7 +376,7 @@ class ServiceProvidersResource(_ResourceBase):
"""
ENFORCER.enforce_call(action='identity:delete_service_provider')
PROVIDERS.federation_api.delete_sp(sp_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class SAML2MetadataResource(flask_restful.Resource):
@ -393,7 +393,7 @@ class SAML2MetadataResource(flask_restful.Resource):
except IOError as e:
# Raise HTTP 500 in case Metadata file cannot be read.
raise exception.MetadataFileError(reason=e)
resp = flask.make_response(metadata, http_client.OK)
resp = flask.make_response(metadata, http.client.OK)
resp.headers['Content-Type'] = 'text/xml'
return resp
@ -436,7 +436,7 @@ class OSFederationAuthResource(flask_restful.Resource):
token = authentication.authenticate_for_token(auth)
token_data = render_token.render_token_response_from_model(token)
resp_data = jsonutils.dumps(token_data)
flask_resp = flask.make_response(resp_data, http_client.CREATED)
flask_resp = flask.make_response(resp_data, http.client.CREATED)
flask_resp.headers['X-Subject-Token'] = token.id
flask_resp.headers['Content-Type'] = 'application/json'
return flask_resp

View File

@ -14,8 +14,8 @@
import flask_restful
import functools
import http.client
from oslo_log import log
from six.moves import http_client
from keystone.api._shared import json_home_relations
from keystone.common import json_home
@ -118,7 +118,7 @@ class OSInheritDomainGroupRolesResource(flask_restful.Resource):
PROVIDERS.assignment_api.get_grant(
domain_id=domain_id, group_id=group_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, domain_id, group_id, role_id):
"""Create an inherited grant for a group on a domain.
@ -135,7 +135,7 @@ class OSInheritDomainGroupRolesResource(flask_restful.Resource):
PROVIDERS.assignment_api.create_grant(
domain_id=domain_id, group_id=group_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, domain_id, group_id, role_id):
"""Revoke an inherited grant for a group on a domain.
@ -152,7 +152,7 @@ class OSInheritDomainGroupRolesResource(flask_restful.Resource):
PROVIDERS.assignment_api.delete_grant(
domain_id=domain_id, group_id=group_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class OSInheritDomainGroupRolesListResource(flask_restful.Resource):
@ -189,7 +189,7 @@ class OSInheritDomainUserRolesResource(flask_restful.Resource):
PROVIDERS.assignment_api.get_grant(
domain_id=domain_id, user_id=user_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, domain_id, user_id, role_id):
"""Create an inherited grant for a user on a domain.
@ -206,7 +206,7 @@ class OSInheritDomainUserRolesResource(flask_restful.Resource):
PROVIDERS.assignment_api.create_grant(
domain_id=domain_id, user_id=user_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, domain_id, user_id, role_id):
"""Revoke a grant from a user on a domain.
@ -223,7 +223,7 @@ class OSInheritDomainUserRolesResource(flask_restful.Resource):
PROVIDERS.assignment_api.delete_grant(
domain_id=domain_id, user_id=user_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class OSInheritDomainUserRolesListResource(flask_restful.Resource):
@ -260,7 +260,7 @@ class OSInheritProjectUserResource(flask_restful.Resource):
PROVIDERS.assignment_api.get_grant(
project_id=project_id, user_id=user_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, project_id, user_id, role_id):
"""Create an inherited grant for a user on a project.
@ -277,7 +277,7 @@ class OSInheritProjectUserResource(flask_restful.Resource):
PROVIDERS.assignment_api.create_grant(
project_id=project_id, user_id=user_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, project_id, user_id, role_id):
"""Revoke an inherited grant for a user on a project.
@ -294,7 +294,7 @@ class OSInheritProjectUserResource(flask_restful.Resource):
PROVIDERS.assignment_api.delete_grant(
project_id=project_id, user_id=user_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class OSInheritProjectGroupResource(flask_restful.Resource):
@ -313,7 +313,7 @@ class OSInheritProjectGroupResource(flask_restful.Resource):
PROVIDERS.assignment_api.get_grant(
project_id=project_id, group_id=group_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, project_id, group_id, role_id):
"""Create an inherited grant for a group on a project.
@ -330,7 +330,7 @@ class OSInheritProjectGroupResource(flask_restful.Resource):
PROVIDERS.assignment_api.create_grant(
project_id=project_id, group_id=group_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, project_id, group_id, role_id):
"""Revoke an inherited grant for a group on a project.
@ -347,7 +347,7 @@ class OSInheritProjectGroupResource(flask_restful.Resource):
PROVIDERS.assignment_api.delete_grant(
project_id=project_id, group_id=group_id, role_id=role_id,
inherited_to_projects=True)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class OSInheritAPI(ks_flask.APIBase):

View File

@ -14,10 +14,10 @@
import flask
import flask_restful
import http.client
from oslo_log import log
from oslo_utils import timeutils
from six.moves import http_client
from six.moves.urllib import parse as urlparse
from urllib import parse as urlparse
from werkzeug import exceptions
from keystone.api._shared import json_home_relations
@ -108,7 +108,7 @@ class ConsumerResource(ks_flask.ResourceBase):
consumer = self._assign_unique_id(consumer)
ref = PROVIDERS.oauth_api.create_consumer(
consumer, initiator=self.audit_initiator)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
def delete(self, consumer_id):
ENFORCER.enforce_call(action='identity:delete_consumer')
@ -122,7 +122,7 @@ class ConsumerResource(ks_flask.ResourceBase):
notifications.invalidate_token_cache_notification(reason)
PROVIDERS.oauth_api.delete_consumer(
consumer_id, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def patch(self, consumer_id):
ENFORCER.enforce_call(action='identity:update_consumer')
@ -184,7 +184,7 @@ class RequestTokenResource(_OAuth1ResourceBase):
expiry_bit = '&oauth_expires_at=%s' % token_ref['expires_at']
result += expiry_bit
resp = flask.make_response(result, http_client.CREATED)
resp = flask.make_response(result, http.client.CREATED)
resp.headers['Content-Type'] = 'application/x-www-form-urlencoded'
return resp
@ -276,7 +276,7 @@ class AccessTokenResource(_OAuth1ResourceBase):
expiry_bit = '&oauth_expires_at=%s' % (token_ref['expires_at'])
result += expiry_bit
resp = flask.make_response(result, http_client.CREATED)
resp = flask.make_response(result, http.client.CREATED)
resp.headers['Content-Type'] = 'application/x-www-form-urlencoded'
return resp

View File

@ -13,8 +13,8 @@
# This file handles all flask-restful resources for /policy
import flask_restful
import http.client
from oslo_log import versionutils
from six.moves import http_client
from keystone.api._shared import json_home_relations
from keystone.common import json_home
@ -72,7 +72,7 @@ class PolicyResource(ks_flask.ResourceBase):
ref = PROVIDERS.policy_api.create_policy(
policy['id'], policy, initiator=self.audit_initiator
)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
@versionutils.deprecated(
as_of=versionutils.deprecated.QUEENS,
@ -97,7 +97,7 @@ class PolicyResource(ks_flask.ResourceBase):
res = PROVIDERS.policy_api.delete_policy(
policy_id, initiator=self.audit_initiator
)
return (res, http_client.NO_CONTENT)
return (res, http.client.NO_CONTENT)
class EndpointPolicyResource(flask_restful.Resource):
@ -128,7 +128,7 @@ class EndpointPolicyAssociations(flask_restful.Resource):
PROVIDERS.endpoint_policy_api.check_policy_association(
policy_id, endpoint_id=endpoint_id
)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, policy_id, endpoint_id):
action = 'identity:create_policy_association_for_endpoint'
@ -138,7 +138,7 @@ class EndpointPolicyAssociations(flask_restful.Resource):
PROVIDERS.endpoint_policy_api.create_policy_association(
policy_id, endpoint_id=endpoint_id
)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, policy_id, endpoint_id):
action = 'identity:delete_policy_association_for_endpoint'
@ -148,7 +148,7 @@ class EndpointPolicyAssociations(flask_restful.Resource):
PROVIDERS.endpoint_policy_api.delete_policy_association(
policy_id, endpoint_id=endpoint_id
)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class ServicePolicyAssociations(flask_restful.Resource):
@ -161,7 +161,7 @@ class ServicePolicyAssociations(flask_restful.Resource):
PROVIDERS.endpoint_policy_api.check_policy_association(
policy_id, service_id=service_id
)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, policy_id, service_id):
action = 'identity:create_policy_association_for_service'
@ -171,7 +171,7 @@ class ServicePolicyAssociations(flask_restful.Resource):
PROVIDERS.endpoint_policy_api.create_policy_association(
policy_id, service_id=service_id
)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, policy_id, service_id):
action = 'identity:delete_policy_association_for_service'
@ -181,7 +181,7 @@ class ServicePolicyAssociations(flask_restful.Resource):
PROVIDERS.endpoint_policy_api.delete_policy_association(
policy_id, service_id=service_id
)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class ServiceRegionPolicyAssociations(flask_restful.Resource):
@ -195,7 +195,7 @@ class ServiceRegionPolicyAssociations(flask_restful.Resource):
PROVIDERS.endpoint_policy_api.check_policy_association(
policy_id, service_id=service_id, region_id=region_id
)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, policy_id, service_id, region_id):
action = 'identity:create_policy_association_for_region_and_service'
@ -206,7 +206,7 @@ class ServiceRegionPolicyAssociations(flask_restful.Resource):
PROVIDERS.endpoint_policy_api.create_policy_association(
policy_id, service_id=service_id, region_id=region_id
)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, policy_id, service_id, region_id):
action = 'identity:delete_policy_association_for_region_and_service'
@ -217,7 +217,7 @@ class ServiceRegionPolicyAssociations(flask_restful.Resource):
PROVIDERS.endpoint_policy_api.delete_policy_association(
policy_id, service_id=service_id, region_id=region_id
)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class PolicyAPI(ks_flask.APIBase):

View File

@ -15,7 +15,7 @@
import functools
import flask
from six.moves import http_client
import http.client
from keystone.common import json_home
from keystone.common import provider_api
@ -179,7 +179,7 @@ class ProjectResource(ks_flask.ResourceBase):
initiator=self.audit_initiator)
except (exception.DomainNotFound, exception.ProjectNotFound) as e:
raise exception.ValidationError(e)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
def patch(self, project_id):
"""Update project.
@ -211,7 +211,7 @@ class ProjectResource(ks_flask.ResourceBase):
PROVIDERS.resource_api.delete_project(
project_id,
initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class _ProjectTagResourceBase(ks_flask.ResourceBase):
@ -268,7 +268,7 @@ class ProjectTagsResource(_ProjectTagResourceBase):
build_target=_build_project_target_enforcement
)
PROVIDERS.resource_api.update_project_tags(project_id, [])
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class ProjectTagResource(_ProjectTagResourceBase):
@ -282,7 +282,7 @@ class ProjectTagResource(_ProjectTagResourceBase):
build_target=_build_project_target_enforcement,
)
PROVIDERS.resource_api.get_project_tag(project_id, value)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, project_id, value):
"""Add a single tag to a project.
@ -304,7 +304,7 @@ class ProjectTagResource(_ProjectTagResourceBase):
initiator=self.audit_initiator
)
url = '/'.join((ks_flask.base_url(), project_id, 'tags', value))
response = flask.make_response('', http_client.CREATED)
response = flask.make_response('', http.client.CREATED)
response.headers['Location'] = url
return response
@ -318,7 +318,7 @@ class ProjectTagResource(_ProjectTagResourceBase):
build_target=_build_project_target_enforcement
)
PROVIDERS.resource_api.delete_project_tag(project_id, value)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class _ProjectGrantResourceBase(ks_flask.ResourceBase):
@ -375,7 +375,7 @@ class ProjectUserGrantResource(_ProjectGrantResourceBase):
PROVIDERS.assignment_api.get_grant(
role_id=role_id, user_id=user_id, project_id=project_id,
inherited_to_projects=inherited)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, project_id, user_id, role_id):
"""Grant role for user on project.
@ -392,7 +392,7 @@ class ProjectUserGrantResource(_ProjectGrantResourceBase):
PROVIDERS.assignment_api.create_grant(
role_id=role_id, user_id=user_id, project_id=project_id,
inherited_to_projects=inherited, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, project_id, user_id, role_id):
"""Delete grant of role for user on project.
@ -410,7 +410,7 @@ class ProjectUserGrantResource(_ProjectGrantResourceBase):
PROVIDERS.assignment_api.delete_grant(
role_id=role_id, user_id=user_id, project_id=project_id,
inherited_to_projects=inherited, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class ProjectUserListGrantResource(_ProjectGrantResourceBase):
@ -448,7 +448,7 @@ class ProjectGroupGrantResource(_ProjectGrantResourceBase):
PROVIDERS.assignment_api.get_grant(
role_id=role_id, group_id=group_id, project_id=project_id,
inherited_to_projects=inherited)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, project_id, group_id, role_id):
"""Grant role for group on project.
@ -465,7 +465,7 @@ class ProjectGroupGrantResource(_ProjectGrantResourceBase):
PROVIDERS.assignment_api.create_grant(
role_id=role_id, group_id=group_id, project_id=project_id,
inherited_to_projects=inherited, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, project_id, group_id, role_id):
"""Delete grant of role for group on project.
@ -483,7 +483,7 @@ class ProjectGroupGrantResource(_ProjectGrantResourceBase):
PROVIDERS.assignment_api.delete_grant(
role_id=role_id, group_id=group_id, project_id=project_id,
inherited_to_projects=inherited, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class ProjectGroupListGrantResource(_ProjectGrantResourceBase):

View File

@ -12,7 +12,7 @@
# This file handles all flask-restful resources for /v3/regions
from six.moves import http_client
import http.client
from keystone.catalog import schema
from keystone.common import provider_api
@ -59,7 +59,7 @@ class RegionResource(ks_flask.ResourceBase):
region = self._assign_unique_id(region)
ref = PROVIDERS.catalog_api.create_region(
region, initiator=self.audit_initiator)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
def put(self, region_id):
ENFORCER.enforce_call(action='identity:create_region')
@ -77,7 +77,7 @@ class RegionResource(ks_flask.ResourceBase):
ref = PROVIDERS.catalog_api.create_region(
region, initiator=self.audit_initiator)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
def patch(self, region_id):
ENFORCER.enforce_call(action='identity:update_region')
@ -90,7 +90,7 @@ class RegionResource(ks_flask.ResourceBase):
def delete(self, region_id):
ENFORCER.enforce_call(action='identity:delete_region')
return PROVIDERS.catalog_api.delete_region(
region_id, initiator=self.audit_initiator), http_client.NO_CONTENT
region_id, initiator=self.audit_initiator), http.client.NO_CONTENT
class RegionAPI(ks_flask.APIBase):

View File

@ -13,7 +13,7 @@
# This file handles all flask-restful resources for /v3/registered_limits
import flask
from six.moves import http_client
import http.client
from keystone.common import json_home
from keystone.common import provider_api
@ -62,7 +62,7 @@ class RegisteredLimitResource(ks_flask.ResourceBase):
registered_limits)
refs = self.wrap_collection(refs)
refs.pop('links')
return refs, http_client.CREATED
return refs, http.client.CREATED
def patch(self, registered_limit_id):
ENFORCER.enforce_call(action='identity:update_registered_limit')
@ -78,7 +78,7 @@ class RegisteredLimitResource(ks_flask.ResourceBase):
def delete(self, registered_limit_id):
ENFORCER.enforce_call(action='identity:delete_registered_limit')
return (PROVIDERS.unified_limit_api.delete_registered_limit(
registered_limit_id), http_client.NO_CONTENT)
registered_limit_id), http.client.NO_CONTENT)
class RegisteredLimitsAPI(ks_flask.APIBase):

View File

@ -14,7 +14,7 @@
import flask
import flask_restful
from six.moves import http_client
import http.client
from keystone.api._shared import implied_roles as shared
from keystone.assignment import schema
@ -114,7 +114,7 @@ class RoleResource(ks_flask.ResourceBase):
role = self._normalize_dict(role)
ref = PROVIDERS.role_api.create_role(
role['id'], role, initiator=self.audit_initiator)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
def patch(self, role_id):
"""Update role.
@ -170,7 +170,7 @@ class RoleResource(ks_flask.ResourceBase):
member_target_type='role',
member_target=role)
PROVIDERS.role_api.delete_role(role_id, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def _build_enforcement_target_ref():
@ -222,7 +222,7 @@ class RoleImplicationResource(flask_restful.Resource):
# for a future fix. This should just return the above "get" however,
# we document and implment this as a NO_CONTENT response. NO_CONTENT
# here is incorrect. It is maintained as is for API contract reasons.
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def get(self, prior_role_id, implied_role_id):
"""Get implied role.
@ -258,7 +258,7 @@ class RoleImplicationResource(flask_restful.Resource):
build_target=_build_enforcement_target_ref)
PROVIDERS.role_api.create_implied_role(prior_role_id, implied_role_id)
response_json = self._get_implied_role(prior_role_id, implied_role_id)
return response_json, http_client.CREATED
return response_json, http.client.CREATED
def delete(self, prior_role_id, implied_role_id):
"""Delete implied role.
@ -268,7 +268,7 @@ class RoleImplicationResource(flask_restful.Resource):
ENFORCER.enforce_call(action='identity:delete_implied_role',
build_target=_build_enforcement_target_ref)
PROVIDERS.role_api.delete_implied_role(prior_role_id, implied_role_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class RoleAPI(ks_flask.APIBase):

View File

@ -17,9 +17,8 @@ import hashlib
import hmac
import flask
import http.client
from oslo_serialization import jsonutils
import six
from six.moves import http_client
from keystone.api._shared import EC2_S3_Resource
from keystone.api._shared import json_home_relations
@ -39,10 +38,7 @@ def _calculate_signature_v1(string_to_sign, secret_key):
sign requests
"""
key = str(secret_key).encode('utf-8')
if six.PY2:
b64_encode = base64.encodestring
else:
b64_encode = base64.encodebytes
b64_encode = base64.encodebytes
signed = b64_encode(hmac.new(key, string_to_sign, hashlib.sha1)
.digest()).decode('utf-8').strip()
return signed
@ -100,7 +96,7 @@ class S3Resource(EC2_S3_Resource.ResourceBase):
token = self.handle_authenticate()
token_reference = render_token.render_token_response_from_model(token)
resp_body = jsonutils.dumps(token_reference)
response = flask.make_response(resp_body, http_client.OK)
response = flask.make_response(resp_body, http.client.OK)
response.headers['Content-Type'] = 'application/json'
return response

View File

@ -12,7 +12,7 @@
# This file handles all flask-restful resources for /v3/services
from six.moves import http_client
import http.client
from keystone.catalog import schema
from keystone.common import provider_api
@ -52,7 +52,7 @@ class ServicesResource(ks_flask.ResourceBase):
service = self._assign_unique_id(self._normalize_dict(service))
ref = PROVIDERS.catalog_api.create_service(
service['id'], service, initiator=self.audit_initiator)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
def patch(self, service_id):
ENFORCER.enforce_call(action='identity:update_service')
@ -66,7 +66,7 @@ class ServicesResource(ks_flask.ResourceBase):
def delete(self, service_id):
ENFORCER.enforce_call(action='identity:delete_service')
return PROVIDERS.catalog_api.delete_service(
service_id, initiator=self.audit_initiator), http_client.NO_CONTENT
service_id, initiator=self.audit_initiator), http.client.NO_CONTENT
class ServiceAPI(ks_flask.APIBase):

View File

@ -15,7 +15,7 @@
import flask
import flask_restful
import functools
from six.moves import http_client
import http.client
from keystone.common import json_home
from keystone.common import provider_api
@ -73,7 +73,7 @@ class SystemUsersResource(flask_restful.Resource):
ENFORCER.enforce_call(action='identity:check_system_grant_for_user',
build_target=_build_enforcement_target)
PROVIDERS.assignment_api.check_system_grant_for_user(user_id, role_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, user_id, role_id):
"""Grant a role to a user on the system.
@ -83,7 +83,7 @@ class SystemUsersResource(flask_restful.Resource):
ENFORCER.enforce_call(action='identity:create_system_grant_for_user',
build_target=_build_enforcement_target)
PROVIDERS.assignment_api.create_system_grant_for_user(user_id, role_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, user_id, role_id):
"""Revoke a role from user on the system.
@ -96,7 +96,7 @@ class SystemUsersResource(flask_restful.Resource):
_build_enforcement_target,
allow_non_existing=True))
PROVIDERS.assignment_api.delete_system_grant_for_user(user_id, role_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class SystemGroupsRolesListResource(flask_restful.Resource):
@ -122,7 +122,7 @@ class SystemGroupsRolestResource(flask_restful.Resource):
build_target=_build_enforcement_target)
PROVIDERS.assignment_api.check_system_grant_for_group(
group_id, role_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def put(self, group_id, role_id):
"""Grant a role to a group on the system.
@ -133,7 +133,7 @@ class SystemGroupsRolestResource(flask_restful.Resource):
build_target=_build_enforcement_target)
PROVIDERS.assignment_api.create_system_grant_for_group(
group_id, role_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
def delete(self, group_id, role_id):
"""Revoke a role from the group on the system.
@ -147,7 +147,7 @@ class SystemGroupsRolestResource(flask_restful.Resource):
allow_non_existing=True))
PROVIDERS.assignment_api.delete_system_grant_for_group(
group_id, role_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class SystemAPI(ks_flask.APIBase):

View File

@ -17,9 +17,9 @@
import flask
import flask_restful
import http.client
from oslo_log import log
from oslo_policy import _checks as op_checks
from six.moves import http_client
from keystone.api._shared import json_home_relations
from keystone.common import context
@ -305,7 +305,7 @@ class TrustResource(ks_flask.ResourceBase):
initiator=self.audit_initiator)
_normalize_trust_expires_at(return_trust)
_normalize_trust_roles(return_trust)
return self.wrap_member(return_trust), http_client.CREATED
return self.wrap_member(return_trust), http.client.CREATED
def delete(self, trust_id):
ENFORCER.enforce_call(action='identity:delete_trust',
@ -336,7 +336,7 @@ class TrustResource(ks_flask.ResourceBase):
raise exception.ForbiddenAction(action=action)
PROVIDERS.trust_api.delete_trust(trust_id,
initiator=self.audit_initiator)
return '', http_client.NO_CONTENT
return '', http.client.NO_CONTENT
# NOTE(morgan): Since this Resource is not being used with the automatic

View File

@ -17,8 +17,8 @@ import os
import uuid
import flask
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from werkzeug import exceptions
from keystone.api._shared import json_home_relations
@ -209,7 +209,7 @@ class UserResource(ks_flask.ResourceBase):
ref = PROVIDERS.identity_api.create_user(
user_data,
initiator=self.audit_initiator)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
def patch(self, user_id):
"""Update a user.
@ -238,7 +238,7 @@ class UserResource(ks_flask.ResourceBase):
build_target=_build_user_target_enforcement
)
PROVIDERS.identity_api.delete_user(user_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class UserChangePasswordResource(ks_flask.ResourceBase):
@ -262,7 +262,7 @@ class UserChangePasswordResource(ks_flask.ResourceBase):
raise ks_exception.Unauthorized(
_('Error when changing user password: %s') % e
)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class UserProjectsResource(ks_flask.ResourceBase):
@ -370,7 +370,7 @@ class UserOSEC2CredentialsResourceListCreate(_UserOSEC2CredBaseResource):
)
PROVIDERS.credential_api.create_credential(credential_id, cred_data)
ref = _convert_v3_to_ec2_credential(cred_data)
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
class UserOSEC2CredentialsResourceGetDelete(_UserOSEC2CredBaseResource):
@ -408,7 +408,7 @@ class UserOSEC2CredentialsResourceGetDelete(_UserOSEC2CredBaseResource):
ec2_cred_id = utils.hash_access_key(credential_id)
self._get_cred_data(ec2_cred_id)
PROVIDERS.credential_api.delete_credential(ec2_cred_id)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class _OAuth1ResourceBase(ks_flask.ResourceBase):
@ -476,7 +476,7 @@ class OAuth1AccessTokenCRUDResource(_OAuth1ResourceBase):
notifications.invalidate_token_cache_notification(reason)
PROVIDERS.oauth_api.delete_access_token(
user_id, access_token_id, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class OAuth1AccessTokenRoleListResource(ks_flask.ResourceBase):
@ -621,7 +621,7 @@ class UserAppCredListCreateResource(ks_flask.ResourceBase):
# https://specs.openstack.org/openstack/api-wg/guidelines/http.html#failure-code-clarifications
raise ks_exception.ApplicationCredentialValidationError(
detail=str(e))
return self.wrap_member(ref), http_client.CREATED
return self.wrap_member(ref), http.client.CREATED
class UserAppCredGetDeleteResource(ks_flask.ResourceBase):
@ -650,7 +650,7 @@ class UserAppCredGetDeleteResource(ks_flask.ResourceBase):
_check_unrestricted_application_credential(token)
PROVIDERS.application_credential_api.delete_application_credential(
application_credential_id, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class UserAccessRuleListResource(ks_flask.ResourceBase):
@ -701,7 +701,7 @@ class UserAccessRuleGetDeleteResource(ks_flask.ResourceBase):
)
PROVIDERS.application_credential_api.delete_access_rule(
access_rule_id, initiator=self.audit_initiator)
return None, http_client.NO_CONTENT
return None, http.client.NO_CONTENT
class UserAPI(ks_flask.APIBase):

View File

@ -14,13 +14,10 @@
import abc
import six
from keystone import exception
@six.add_metaclass(abc.ABCMeta)
class ApplicationCredentialDriverBase(object):
class ApplicationCredentialDriverBase(object, metaclass=abc.ABCMeta):
@abc.abstractmethod
def authenticate(self, application_credential_id, secret):

View File

@ -14,8 +14,6 @@
import abc
import six
import keystone.conf
from keystone import exception
@ -23,8 +21,7 @@ from keystone import exception
CONF = keystone.conf.CONF
@six.add_metaclass(abc.ABCMeta)
class AssignmentDriverBase(object):
class AssignmentDriverBase(object, metaclass=abc.ABCMeta):
def _get_list_limit(self):
return CONF.assignment.list_limit or CONF.list_limit

View File

@ -14,8 +14,6 @@
import abc
import six
import keystone.conf
from keystone import exception
@ -31,8 +29,7 @@ NULL_DOMAIN_ID = '<<null>>'
CONF = keystone.conf.CONF
@six.add_metaclass(abc.ABCMeta)
class RoleDriverBase(object):
class RoleDriverBase(object, metaclass=abc.ABCMeta):
def _get_list_limit(self):
return CONF.role.list_limit or CONF.list_limit

View File

@ -11,10 +11,8 @@
# under the License.
from functools import partial
import sys
from oslo_log import log
import six
import stevedore
from keystone.common import driver_hints
@ -146,9 +144,8 @@ class AuthInfo(provider_api.ProviderAPIMixin, object):
project_id=project_ref['id'],
project=project_ref)
except AssertionError as e:
LOG.warning(six.text_type(e))
six.reraise(exception.Unauthorized, exception.Unauthorized(e),
sys.exc_info()[2])
LOG.warning(e)
raise exception.Unauthorized from e
def _assert_domain_is_enabled(self, domain_ref):
try:
@ -156,9 +153,8 @@ class AuthInfo(provider_api.ProviderAPIMixin, object):
domain_id=domain_ref['id'],
domain=domain_ref)
except AssertionError as e:
LOG.warning(six.text_type(e))
six.reraise(exception.Unauthorized, exception.Unauthorized(e),
sys.exc_info()[2])
LOG.warning(e)
raise exception.Unauthorized from e
def _lookup_domain(self, domain_info):
domain_id = domain_info.get('id')
@ -177,7 +173,7 @@ class AuthInfo(provider_api.ProviderAPIMixin, object):
else:
domain_ref = PROVIDERS.resource_api.get_domain(domain_id)
except exception.DomainNotFound as e:
LOG.warning(six.text_type(e))
LOG.warning(e)
raise exception.Unauthorized(e)
self._assert_domain_is_enabled(domain_ref)
return domain_ref
@ -210,7 +206,7 @@ class AuthInfo(provider_api.ProviderAPIMixin, object):
# disabled.
self._lookup_domain({'id': domain_id})
except exception.ProjectNotFound as e:
LOG.warning(six.text_type(e))
LOG.warning(e)
raise exception.Unauthorized(e)
self._assert_project_is_enabled(project_ref)
return project_ref
@ -254,7 +250,7 @@ class AuthInfo(provider_api.ProviderAPIMixin, object):
if len(app_creds) != 1:
message = "Could not find application credential: %s" % name
tr_message = _("Could not find application credential: %s") % name
LOG.warning(six.text_type(message))
LOG.warning(message)
raise exception.Unauthorized(tr_message)
return app_creds[0]
@ -515,7 +511,7 @@ class UserMFARulesValidator(provider_api.ProviderAPIMixin, object):
# No empty rules are allowed.
_ok_rule = True
for item in r_list:
if not isinstance(item, six.string_types):
if not isinstance(item, str):
# Rules may only contain strings for method names
# Reject a rule with non-string values
LOG.info('Ignoring Rule %(rule)r; rule contains '

View File

@ -15,8 +15,6 @@
import abc
import collections
import six
from keystone.common import provider_api
from keystone import exception
@ -25,8 +23,8 @@ AuthHandlerResponse = collections.namedtuple(
'AuthHandlerResponse', 'status, response_body, response_data')
@six.add_metaclass(abc.ABCMeta)
class AuthMethodHandler(provider_api.ProviderAPIMixin, object):
class AuthMethodHandler(provider_api.ProviderAPIMixin, object,
metaclass=abc.ABCMeta):
"""Abstract base class for an authentication plugin."""
def __init__(self):

View File

@ -12,13 +12,10 @@
# License for the specific language governing permissions and limitations
# under the License.
import sys
from oslo_log import log
from pycadf import cadftaxonomy as taxonomy
from pycadf import reason
from pycadf import resource
import six
from keystone.common import driver_hints
from keystone.common import provider_api
@ -121,9 +118,8 @@ class BaseUserInfo(provider_api.ProviderAPIMixin, object):
domain_id=domain_ref['id'],
domain=domain_ref)
except AssertionError as e:
LOG.warning(six.text_type(e))
six.reraise(exception.Unauthorized, exception.Unauthorized(e),
sys.exc_info()[2])
LOG.warning(e)
raise exception.Unauthorized from e
def _assert_user_is_enabled(self, user_ref):
try:
@ -131,9 +127,8 @@ class BaseUserInfo(provider_api.ProviderAPIMixin, object):
user_id=user_ref['id'],
user=user_ref)
except AssertionError as e:
LOG.warning(six.text_type(e))
six.reraise(exception.Unauthorized, exception.Unauthorized(e),
sys.exc_info()[2])
LOG.warning(e)
raise exception.Unauthorized from e
def _lookup_domain(self, domain_info):
domain_id = domain_info.get('id')
@ -148,7 +143,7 @@ class BaseUserInfo(provider_api.ProviderAPIMixin, object):
else:
domain_ref = PROVIDERS.resource_api.get_domain(domain_id)
except exception.DomainNotFound as e:
LOG.warning(six.text_type(e))
LOG.warning(e)
raise exception.Unauthorized(e)
self._assert_domain_is_enabled(domain_ref)
return domain_ref
@ -178,7 +173,7 @@ class BaseUserInfo(provider_api.ProviderAPIMixin, object):
user_ref['domain_id'])
self._assert_domain_is_enabled(domain_ref)
except exception.UserNotFound as e:
LOG.warning(six.text_type(e))
LOG.warning(e)
# We need to special case USER NOT FOUND here for CADF
# notifications as the normal path for notification(s) come from

View File

@ -17,7 +17,6 @@
import abc
import flask
import six
from keystone.auth.plugins import base
from keystone.common import provider_api
@ -30,8 +29,7 @@ CONF = keystone.conf.CONF
PROVIDERS = provider_api.ProviderAPIs
@six.add_metaclass(abc.ABCMeta)
class Base(base.AuthMethodHandler):
class Base(base.AuthMethodHandler, metaclass=abc.ABCMeta):
def authenticate(self, auth_payload):
"""Use REMOTE_USER to look up the user in the identity backend.

View File

@ -16,7 +16,7 @@ import uuid
import flask
from oslo_log import log
from pycadf import cadftaxonomy as taxonomy
from six.moves.urllib import parse
from urllib import parse
from keystone.auth import plugins as auth_plugins
from keystone.auth.plugins import base

View File

@ -14,7 +14,6 @@
import flask
from oslo_log import log
import six
from keystone.auth.plugins import base
from keystone.auth.plugins import mapped
@ -124,5 +123,5 @@ def token_authenticate(token):
return response_data
except AssertionError as e:
LOG.error(six.text_type(e))
LOG.error(e)
raise exception.Unauthorized(e)

View File

@ -29,7 +29,6 @@ from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.twofactor import totp as crypto_totp
from oslo_log import log
from oslo_utils import timeutils
import six
from keystone.auth import plugins
from keystone.auth.plugins import base
@ -57,7 +56,7 @@ def _generate_totp_passcodes(secret, included_previous_windows=0):
:param bytes secret: A base32 encoded secret for the TOTP authentication
:returns: totp passcode as bytes
"""
if isinstance(secret, six.text_type):
if isinstance(secret, str):
# NOTE(dstanek): since this may be coming from the JSON stored in the
# database it may be UTF-8 encoded
secret = secret.encode('utf-8')

View File

@ -14,8 +14,6 @@
import abc
import six
from keystone.common import provider_api
import keystone.conf
from keystone import exception
@ -24,8 +22,8 @@ from keystone import exception
CONF = keystone.conf.CONF
@six.add_metaclass(abc.ABCMeta)
class CatalogDriverBase(provider_api.ProviderAPIMixin, object):
class CatalogDriverBase(provider_api.ProviderAPIMixin, object,
metaclass=abc.ABCMeta):
"""Interface description for the Catalog driver."""
def _get_list_limit(self):

View File

@ -15,7 +15,7 @@ from __future__ import print_function
import os
import re
from six.moves import configparser
import configparser
import keystone.conf

View File

@ -18,7 +18,6 @@ import time
import types
from oslo_log import log
import six
import stevedore
from keystone.common import provider_api
@ -155,8 +154,7 @@ class _TraceMeta(type):
return type.__new__(meta, classname, bases, final_cls_dict)
@six.add_metaclass(_TraceMeta)
class Manager(object):
class Manager(object, metaclass=_TraceMeta):
"""Base class for intermediary request layer.
The Manager layer exists to support additional logic that applies to all

View File

@ -12,8 +12,6 @@
"""Options specific to resources managed by Keystone (Domain, User, etc)."""
import six
from keystone.common import validation
from keystone.i18n import _
@ -202,14 +200,14 @@ class ResourceOption(object):
validator(s) used at the API layer
:type json_schema_validation: dict
"""
if not isinstance(option_id, six.string_types) and len(option_id) == 4:
if not isinstance(option_id, str) and len(option_id) == 4:
raise TypeError(_('`option_id` must be a string, got %r')
% option_id)
elif len(option_id) != 4:
raise ValueError(_('`option_id` must be 4 characters in '
'length. Got %r') % option_id)
if not isinstance(option_name, six.string_types):
if not isinstance(option_name, str):
raise TypeError(_('`option_name` must be a string. '
'Got %r') % option_name)

View File

@ -31,7 +31,6 @@ from oslo_serialization import jsonutils
from oslo_utils import timeutils
from osprofiler import opts as profiler
import osprofiler.sqlalchemy
import six
import sqlalchemy as sql
from sqlalchemy.ext import declarative
from sqlalchemy.orm.attributes import flag_modified, InstrumentedAttribute
@ -103,8 +102,8 @@ def initialize_decorator(init):
if isinstance(attr, InstrumentedAttribute):
column = attr.property.columns[0]
if isinstance(column.type, String):
if not isinstance(v, six.text_type):
v = six.text_type(v)
if not isinstance(v, str):
v = str(v)
if column.type.length and column.type.length < len(v):
raise exception.StringLengthExceeded(
string=v, type=k, length=column.type.length)
@ -521,7 +520,7 @@ def handle_conflicts(conflict_type='object'):
# exception details out with the raised Conflict exception
# as it can contain raw SQL.
LOG.debug(_conflict_msg, {'conflict_type': conflict_type,
'details': six.text_type(e)})
'details': e})
name = None
field = None
domain_id = None
@ -560,7 +559,7 @@ def handle_conflicts(conflict_type='object'):
# exception details out with the raised Conflict exception
# as it can contain raw SQL.
LOG.debug(_conflict_msg, {'conflict_type': conflict_type,
'details': six.text_type(e)})
'details': e})
# NOTE(morganfainberg): This is really a case where the SQL
# failed to store the data. This is not something that the
# user has done wrong. Example would be a ForeignKey is

View File

@ -21,7 +21,6 @@ from migrate import exceptions
from migrate.versioning import api as versioning_api
from oslo_db import exception as db_exception
from oslo_db.sqlalchemy import migration
import six
import sqlalchemy
from keystone.common import sql
@ -189,7 +188,7 @@ def get_init_version(abs_path=None):
def _assert_not_schema_downgrade(version=None):
if version is not None:
try:
current_ver = int(six.text_type(get_db_version()))
current_ver = int(str(get_db_version()))
if int(version) < current_ver:
raise migration.exception.DBMigrationError(
_("Unable to downgrade schema"))

View File

@ -29,8 +29,8 @@ from oslo_serialization import jsonutils
from oslo_utils import reflection
from oslo_utils import strutils
from oslo_utils import timeutils
import six
from six import moves
import urllib
from keystone.common import password_hashing
import keystone.conf
@ -66,8 +66,6 @@ def resource_uuid(value):
return value
except ValueError:
if len(value) <= 64:
if six.PY2 and isinstance(value, six.text_type):
value = value.encode('utf-8')
return uuid.uuid5(RESOURCE_ID_NAMESPACE, value).hex
raise ValueError(_('Length of transformable resource id > 64, '
'which is max allowed characters'))
@ -101,7 +99,7 @@ class SmarterEncoder(jsonutils.json.JSONEncoder):
def hash_access_key(access):
hash_ = hashlib.sha256()
if not isinstance(access, six.binary_type):
if not isinstance(access, bytes):
access = access.encode('utf-8')
hash_.update(access)
return hash_.hexdigest()
@ -136,7 +134,7 @@ def auth_str_equal(provided, known):
result = 0
p_len = len(provided)
k_len = len(known)
for i in moves.range(p_len):
for i in range(p_len):
a = ord(provided[i]) if i < p_len else 0
b = ord(known[i]) if i < k_len else 0
result |= a ^ b
@ -193,7 +191,7 @@ def get_unix_user(user=None):
:returns: tuple of (uid, name)
"""
if isinstance(user, six.string_types):
if isinstance(user, str):
try:
user_info = pwd.getpwnam(user)
except KeyError:
@ -251,7 +249,7 @@ def get_unix_group(group=None):
:returns: tuple of (gid, name)
"""
if isinstance(group, six.string_types):
if isinstance(group, str):
try:
group_info = grp.getgrnam(group)
except KeyError:
@ -374,15 +372,15 @@ def lower_case_hostname(url):
# NOTE(gyee): according to
# https://www.w3.org/TR/WD-html40-970708/htmlweb.html, the netloc portion
# of the URL is case-insensitive
parsed = moves.urllib.parse.urlparse(url)
parsed = urllib.parse.urlparse(url)
# Note: _replace method for named tuples is public and defined in docs
replaced = parsed._replace(netloc=parsed.netloc.lower())
return moves.urllib.parse.urlunparse(replaced)
return urllib.parse.urlunparse(replaced)
def remove_standard_port(url):
# remove the default ports specified in RFC2616 and 2818
o = moves.urllib.parse.urlparse(url)
o = urllib.parse.urlparse(url)
separator = ':'
(host, separator, port) = o.netloc.partition(separator)
if o.scheme.lower() == 'http' and port == '80':
@ -394,7 +392,7 @@ def remove_standard_port(url):
if o.scheme.lower() == 'https' and port == '443':
o = o._replace(netloc=host)
return moves.urllib.parse.urlunparse(o)
return urllib.parse.urlunparse(o)
def format_url(url, substitutions, silent_keyerror_failures=None):

View File

@ -16,7 +16,6 @@ import re
import jsonschema
from oslo_config import cfg
from oslo_log import log
import six
from keystone import exception
from keystone.i18n import _
@ -30,7 +29,7 @@ LOG = log.getLogger(__name__)
def validate_password(password):
pattern = CONF.security_compliance.password_regex
if pattern:
if not isinstance(password, six.string_types):
if not isinstance(password, str):
detail = _("Password must be a string type")
raise exception.PasswordValidationError(detail=detail)
try:
@ -81,10 +80,10 @@ class SchemaValidator(object):
# too long, then we should build the masking in here so that
# we don't expose sensitive user information in the event it
# fails validation.
path = '/'.join(map(six.text_type, ex.path))
path = '/'.join(map(str, ex.path))
detail = _("Invalid input for field '%(path)s': "
"%(message)s") % {'path': path,
'message': six.text_type(ex)}
'message': str(ex)}
else:
detail = six.text_type(ex)
detail = str(ex)
raise exception.SchemaValidationError(detail=detail)

View File

@ -15,7 +15,6 @@
import abc
from oslo_log import log
import six
from keystone import exception
@ -23,8 +22,7 @@ from keystone import exception
LOG = log.getLogger(__name__)
@six.add_metaclass(abc.ABCMeta)
class CredentialDriverBase(object):
class CredentialDriverBase(object, metaclass=abc.ABCMeta):
# credential crud
@abc.abstractmethod

View File

@ -13,7 +13,6 @@
# under the License.
from oslo_db import api as oslo_db_api
import six
from sqlalchemy.ext.hybrid import hybrid_property
from keystone.common import driver_hints
@ -45,7 +44,7 @@ class CredentialModel(sql.ModelBase, sql.ModelDictMixinWithExtras):
# Make sure to hand over the encrypted credential as a string value
# to the backend driver to avoid the sql drivers (esp. psycopg2)
# treating this as binary data and e.g. hex-escape it.
if six.PY3 and isinstance(encrypted_blob, six.binary_type):
if isinstance(encrypted_blob, bytes):
encrypted_blob = encrypted_blob.decode('utf-8')
self._encrypted_blob = encrypted_blob

View File

@ -12,11 +12,8 @@
import abc
import six
@six.add_metaclass(abc.ABCMeta)
class Provider(object):
class Provider(object, metaclass=abc.ABCMeta):
"""Interface for credential providers that support encryption."""
@abc.abstractmethod

View File

@ -14,7 +14,6 @@ import hashlib
from cryptography import fernet
from oslo_log import log
import six
from keystone.common import fernet_utils
import keystone.conf
@ -55,7 +54,7 @@ def get_multi_fernet_keys():
def primary_key_hash(keys):
"""Calculate a hash of the primary key used for encryption."""
if isinstance(keys[0], six.text_type):
if isinstance(keys[0], str):
keys[0] = keys[0].encode('utf-8')
# NOTE(lhinds) This is marked as #nosec since bandit will see SHA1 which
# is marked as insecure. However, this hash function is used alongside
@ -103,7 +102,7 @@ class Provider(core.Provider):
crypto = fernet.MultiFernet(fernet_keys)
try:
if isinstance(credential, six.text_type):
if isinstance(credential, str):
credential = credential.encode('utf-8')
return crypto.decrypt(credential).decode('utf-8')
except (fernet.InvalidToken, TypeError, ValueError):

View File

@ -11,13 +11,11 @@
# under the License.
import abc
import six
from keystone import exception
@six.add_metaclass(abc.ABCMeta)
class EndpointPolicyDriverBase(object):
class EndpointPolicyDriverBase(object, metaclass=abc.ABCMeta):
"""Interface description for an Endpoint Policy driver."""
@abc.abstractmethod

View File

@ -12,10 +12,9 @@
# License for the specific language governing permissions and limitations
# under the License.
import http.client
from oslo_log import log
from oslo_utils import encodeutils
import six
from six.moves import http_client
import keystone.conf
from keystone.i18n import _
@ -60,8 +59,7 @@ class _KeystoneExceptionMeta(type):
return cls
@six.add_metaclass(_KeystoneExceptionMeta)
class Error(Exception):
class Error(Exception, metaclass=_KeystoneExceptionMeta):
"""Base error class.
Child classes should define an HTTP status code, title, and a
@ -102,8 +100,8 @@ class ValidationError(Error):
" The server could not comply with the request"
" since it is either malformed or otherwise"
" incorrect. The client is assumed to be in error.")
code = int(http_client.BAD_REQUEST)
title = http_client.responses[http_client.BAD_REQUEST]
code = int(http.client.BAD_REQUEST)
title = http.client.responses[http.client.BAD_REQUEST]
class URLValidationError(ValidationError):
@ -154,8 +152,8 @@ class ValidationTimeStampError(Error):
" The server could not comply with the request"
" since it is either malformed or otherwise"
" incorrect. The client is assumed to be in error.")
code = int(http_client.BAD_REQUEST)
title = http_client.responses[http_client.BAD_REQUEST]
code = int(http.client.BAD_REQUEST)
title = http.client.responses[http.client.BAD_REQUEST]
class InvalidOperatorError(ValidationError):
@ -169,8 +167,8 @@ class ValidationExpirationError(Error):
" The server could not comply with the request"
" since it is either malformed or otherwise"
" incorrect. The client is assumed to be in error.")
code = int(http_client.BAD_REQUEST)
title = http_client.responses[http_client.BAD_REQUEST]
code = int(http.client.BAD_REQUEST)
title = http.client.responses[http.client.BAD_REQUEST]
class StringLengthExceeded(ValidationError):
@ -192,8 +190,8 @@ class ApplicationCredentialValidationError(ValidationError):
class CircularRegionHierarchyError(Error):
message_format = _("The specified parent region %(parent_region_id)s "
"would create a circular region hierarchy.")
code = int(http_client.BAD_REQUEST)
title = http_client.responses[http_client.BAD_REQUEST]
code = int(http.client.BAD_REQUEST)
title = http.client.responses[http.client.BAD_REQUEST]
class ForbiddenNotSecurity(Error):
@ -204,8 +202,8 @@ class ForbiddenNotSecurity(Error):
"""
code = int(http_client.FORBIDDEN)
title = http_client.responses[http_client.FORBIDDEN]
code = int(http.client.FORBIDDEN)
title = http.client.responses[http.client.FORBIDDEN]
class PasswordVerificationError(ForbiddenNotSecurity):
@ -265,7 +263,7 @@ class SecurityError(Error):
def _build_message(self, message, **kwargs):
"""Only returns detailed messages in insecure_debug mode."""
if message and CONF.insecure_debug:
if isinstance(message, six.string_types):
if isinstance(message, str):
# Only do replacement if message is string. The message is
# sometimes a different exception or bytes, which would raise
# TypeError.
@ -279,8 +277,8 @@ class SecurityError(Error):
class Unauthorized(SecurityError):
message_format = _("The request you have made requires authentication.")
code = int(http_client.UNAUTHORIZED)
title = http_client.responses[http_client.UNAUTHORIZED]
code = int(http.client.UNAUTHORIZED)
title = http.client.responses[http.client.UNAUTHORIZED]
class InsufficientAuthMethods(Error):
@ -349,8 +347,8 @@ class AdditionalAuthRequired(AuthPluginException):
class Forbidden(SecurityError):
message_format = _("You are not authorized to perform the"
" requested action.")
code = int(http_client.FORBIDDEN)
title = http_client.responses[http_client.FORBIDDEN]
code = int(http.client.FORBIDDEN)
title = http.client.responses[http.client.FORBIDDEN]
class ForbiddenAction(Forbidden):
@ -391,8 +389,8 @@ class LimitTreeExceedError(Exception):
class NotFound(Error):
message_format = _("Could not find: %(target)s.")
code = int(http_client.NOT_FOUND)
title = http_client.responses[http_client.NOT_FOUND]
code = int(http.client.NOT_FOUND)
title = http.client.responses[http.client.NOT_FOUND]
class EndpointNotFound(NotFound):
@ -556,8 +554,8 @@ class AccessRuleNotFound(NotFound):
class Conflict(Error):
message_format = _("Conflict occurred attempting to store %(type)s -"
" %(details)s.")
code = int(http_client.CONFLICT)
title = http_client.responses[http_client.CONFLICT]
code = int(http.client.CONFLICT)
title = http.client.responses[http.client.CONFLICT]
class UnexpectedError(SecurityError):
@ -579,8 +577,8 @@ class UnexpectedError(SecurityError):
return super(UnexpectedError, self)._build_message(
message or self.debug_message_format, **kwargs)
code = int(http_client.INTERNAL_SERVER_ERROR)
title = http_client.responses[http_client.INTERNAL_SERVER_ERROR]
code = int(http.client.INTERNAL_SERVER_ERROR)
title = http.client.responses[http.client.INTERNAL_SERVER_ERROR]
class TrustConsumeMaximumAttempt(UnexpectedError):
@ -618,15 +616,15 @@ class AssignmentTypeCalculationError(UnexpectedError):
class NotImplemented(Error):
message_format = _("The action you have requested has not"
" been implemented.")
code = int(http_client.NOT_IMPLEMENTED)
title = http_client.responses[http_client.NOT_IMPLEMENTED]
code = int(http.client.NOT_IMPLEMENTED)
title = http.client.responses[http.client.NOT_IMPLEMENTED]
class Gone(Error):
message_format = _("The service you have requested is no"
" longer available on this server.")
code = int(http_client.GONE)
title = http_client.responses[http_client.GONE]
code = int(http.client.GONE)
title = http.client.responses[http.client.GONE]
class ConfigFileNotFound(UnexpectedError):

View File

@ -14,13 +14,10 @@
import abc
import six
from keystone import exception
@six.add_metaclass(abc.ABCMeta)
class FederationDriverBase(object):
class FederationDriverBase(object, metaclass=abc.ABCMeta):
@abc.abstractmethod
def create_idp(self, idp_id, idp):

View File

@ -14,7 +14,6 @@
from oslo_log import log
from oslo_serialization import jsonutils
import six
from sqlalchemy import orm
from keystone.common import sql
@ -169,7 +168,7 @@ class Federation(base.FederationDriverBase):
def _handle_idp_conflict(self, e):
conflict_type = 'identity_provider'
details = six.text_type(e)
details = str(e)
LOG.debug(self._CONFLICT_LOG_MSG, {'conflict_type': conflict_type,
'details': details})
if 'remote_id' in details:

View File

@ -20,7 +20,6 @@ import jsonschema
from oslo_config import cfg
from oslo_log import log
from oslo_utils import timeutils
import six
from keystone.common import provider_api
import keystone.conf
@ -437,7 +436,7 @@ def get_assertion_params_from_env():
# These bytes may be decodable as ISO-8859-1 according to Section
# 3.2.4 of RFC 7230. Let's assume that our web server plugins are
# correctly encoding the data.
if not isinstance(v, six.text_type) and getattr(v, 'decode', False):
if not isinstance(v, str) and getattr(v, 'decode', False):
v = v.decode('ISO-8859-1')
yield (k, v)
@ -526,7 +525,7 @@ class RuleProcessor(object):
# any multiple values are stored in the arrays.
LOG.debug('assertion data: %s', assertion_data)
assertion = {n: v.split(';') for n, v in assertion_data.items()
if isinstance(v, six.string_types)}
if isinstance(v, str)}
LOG.debug('assertion: %s', assertion)
identity_values = []

View File

@ -14,8 +14,6 @@
import abc
import six
import keystone.conf
from keystone import exception
@ -48,8 +46,7 @@ def filter_user(user_ref):
return user_ref
@six.add_metaclass(abc.ABCMeta)
class IdentityDriverBase(object):
class IdentityDriverBase(object, metaclass=abc.ABCMeta):
"""Interface description for an Identity driver.
The schema for users and groups is different depending on whether the

View File

@ -25,9 +25,6 @@ import ldap.filter
import ldappool
from oslo_log import log
from oslo_utils import reflection
import six
from six.moves import zip
from six import PY2
from keystone.common import driver_hints
from keystone import exception
@ -70,9 +67,9 @@ def utf8_encode(value):
:returns: UTF-8 encoded version of value
:raises TypeError: If value is not basestring
"""
if isinstance(value, six.text_type):
if isinstance(value, str):
return _utf8_encoder(value)[0]
elif isinstance(value, six.binary_type):
elif isinstance(value, bytes):
return value
else:
value_cls_name = reflection.get_class_name(
@ -94,9 +91,9 @@ def utf8_decode(value):
:returns: value as unicode
:raises UnicodeDecodeError: for invalid UTF-8 encoding
"""
if isinstance(value, six.binary_type):
if isinstance(value, bytes):
return _utf8_decoder(value)[0]
return six.text_type(value)
return str(value)
def py2ldap(val):
@ -113,7 +110,7 @@ def py2ldap(val):
if isinstance(val, bool):
return u'TRUE' if val else u'FALSE'
else:
return six.text_type(val)
return str(val)
def enabled2py(val):
@ -332,8 +329,7 @@ def dn_startswith(descendant_dn, dn):
return is_dn_equal(descendant_dn[-len(dn):], dn)
@six.add_metaclass(abc.ABCMeta)
class LDAPHandler(object):
class LDAPHandler(object, metaclass=abc.ABCMeta):
"""Abstract class which defines methods for a LDAP API provider.
Native Keystone values cannot be passed directly into and from the
@ -516,14 +512,7 @@ class PythonLDAPHandler(LDAPHandler):
debug_level=debug_level,
timeout=conn_timeout)
if PY2:
# NOTE: Once https://github.com/python-ldap/python-ldap/issues/249
# is released, we can pass bytes_strictness='warn' as a parameter
# to ldap.initialize instead of setting it after ldap.initialize.
self.conn = ldap.initialize(url, bytes_mode=False)
self.conn.bytes_strictness = 'warn'
else:
self.conn = ldap.initialize(url)
self.conn = ldap.initialize(url)
self.conn.protocol_version = ldap.VERSION3
if alias_dereferencing is not None:
@ -1272,7 +1261,7 @@ class BaseLdap(object):
def _id_to_dn_string(self, object_id):
return u'%s=%s,%s' % (self.id_attr,
ldap.dn.escape_dn_chars(
six.text_type(object_id)),
str(object_id)),
self.tree_dn)
def _id_to_dn(self, object_id):
@ -1284,7 +1273,7 @@ class BaseLdap(object):
u'(&(%(id_attr)s=%(id)s)(objectclass=%(objclass)s))' %
{'id_attr': self.id_attr,
'id': ldap.filter.escape_filter_chars(
six.text_type(object_id)),
str(object_id)),
'objclass': self.object_class},
attrlist=DN_ONLY)
if search_result:
@ -1478,7 +1467,7 @@ class BaseLdap(object):
u'(objectClass=%(object_class)s))'
% {'id_attr': self.id_attr,
'id': ldap.filter.escape_filter_chars(
six.text_type(object_id)),
str(object_id)),
'filter': (ldap_filter or self.ldap_filter or ''),
'object_class': self.object_class})
with self.get_connection() as conn:
@ -1579,7 +1568,7 @@ class BaseLdap(object):
def get_by_name(self, name, ldap_filter=None):
query = (u'(%s=%s)' % (self.attribute_mapping['name'],
ldap.filter.escape_filter_chars(
six.text_type(name))))
str(name))))
res = self.get_all(query)
try:
return res[0]

View File

@ -17,7 +17,6 @@ import uuid
import ldap.filter
from oslo_log import log
from oslo_log import versionutils
import six
import keystone.conf
from keystone import exception
@ -267,7 +266,7 @@ class UserApi(common_ldap.EnabledEmuMixIn, common_ldap.BaseLdap):
# This could be a bool or a string. If it's a string,
# we need to convert it so we can invert it properly.
enabled = obj.get('enabled', self.enabled_default)
if isinstance(enabled, six.string_types):
if isinstance(enabled, str):
if enabled.lower() == 'true':
enabled = True
else:

View File

@ -10,8 +10,6 @@
# License for the specific language governing permissions and limitations
# under the License.
import six
from keystone.common import resource_options
from keystone.common.validation import parameter_types
from keystone.i18n import _
@ -47,7 +45,7 @@ def _mfa_rules_validator_list_of_lists_of_strings_no_duplicates(value):
# Add the sublist to the tracker
sublists.append(sublist)
for element in sublist:
if not isinstance(element, six.string_types):
if not isinstance(element, str):
# Element of sublist is not a string, TypeError
raise TypeError(msg)
if element in string_set:

View File

@ -16,8 +16,6 @@
import abc
import six
from keystone.common import manager
import keystone.conf
from keystone import exception
@ -36,8 +34,7 @@ class Manager(manager.Manager):
super(Manager, self).__init__(CONF.identity_mapping.generator)
@six.add_metaclass(abc.ABCMeta)
class IDGenerator(object):
class IDGenerator(object, metaclass=abc.ABCMeta):
"""Interface description for an ID Generator provider."""
@abc.abstractmethod

View File

@ -14,14 +14,12 @@
import abc
import six
from keystone.common import provider_api
from keystone import exception
@six.add_metaclass(abc.ABCMeta)
class MappingDriverBase(provider_api.ProviderAPIMixin, object):
class MappingDriverBase(provider_api.ProviderAPIMixin, object,
metaclass=abc.ABCMeta):
"""Interface description for an ID Mapping driver."""
@abc.abstractmethod

View File

@ -14,13 +14,10 @@
import abc
import six
from keystone import exception
@six.add_metaclass(abc.ABCMeta)
class ShadowUsersDriverBase(object):
class ShadowUsersDriverBase(object, metaclass=abc.ABCMeta):
"""Interface description for an Shadow Users driver."""
@abc.abstractmethod

View File

@ -15,8 +15,6 @@
import abc
import six
import keystone.conf
from keystone import exception
@ -24,8 +22,7 @@ from keystone import exception
CONF = keystone.conf.CONF
@six.add_metaclass(abc.ABCMeta)
class UnifiedLimitDriverBase(object):
class UnifiedLimitDriverBase(object, metaclass=abc.ABCMeta):
def _get_list_limit(self):
return CONF.unified_limit.list_limit or CONF.list_limit

View File

@ -11,7 +11,6 @@
# under the License.
import abc
import six
import stevedore
import keystone.conf
@ -33,8 +32,7 @@ def load_driver(driver_name, *args):
raise ImportError(msg % {'name': driver_name, 'namespace': namespace})
@six.add_metaclass(abc.ABCMeta)
class ModelBase(object):
class ModelBase(object, metaclass=abc.ABCMeta):
"""Interface for a limit model driver."""
NAME = None

View File

@ -15,7 +15,6 @@
from oslo_log import log
from oslo_serialization import msgpackutils
from oslo_utils import reflection
import six
from keystone.auth import core
from keystone.common import cache
@ -57,7 +56,7 @@ class ReceiptModel(object):
@expires_at.setter
def expires_at(self, value):
if not isinstance(value, six.string_types):
if not isinstance(value, str):
raise ValueError('expires_at must be a string.')
self.__expires_at = value
@ -67,7 +66,7 @@ class ReceiptModel(object):
@issued_at.setter
def issued_at(self, value):
if not isinstance(value, six.string_types):
if not isinstance(value, str):
raise ValueError('issued_at must be a string.')
self.__issued_at = value

View File

@ -15,7 +15,6 @@
from oslo_log import log
from oslo_serialization import msgpackutils
from oslo_utils import reflection
import six
from keystone.common import cache
from keystone.common import provider_api
@ -101,7 +100,7 @@ class TokenModel(object):
@expires_at.setter
def expires_at(self, value):
if not isinstance(value, six.string_types):
if not isinstance(value, str):
raise ValueError('expires_at must be a string.')
self.__expires_at = value
@ -111,7 +110,7 @@ class TokenModel(object):
@issued_at.setter
def issued_at(self, value):
if not isinstance(value, six.string_types):
if not isinstance(value, str):
raise ValueError('issued_at must be a string.')
self.__issued_at = value

View File

@ -15,8 +15,6 @@
import abc
import string
import six
from keystone import exception
@ -55,8 +53,7 @@ def filter_consumer(consumer_ref):
return consumer_ref
@six.add_metaclass(abc.ABCMeta)
class Oauth1DriverBase(object):
class Oauth1DriverBase(object, metaclass=abc.ABCMeta):
"""Interface description for an OAuth1 driver."""
@abc.abstractmethod

View File

@ -14,8 +14,6 @@
"""oAuthlib request validator."""
import six
from keystone.common import provider_api
from keystone import exception
from keystone.oauth1.backends import base
@ -178,7 +176,7 @@ class OAuthValidator(provider_api.ProviderAPIMixin, oauth1.RequestValidator):
def verify_request_token(self, token, request):
# there aren't strong expectations on the request token format
return isinstance(token, six.string_types)
return isinstance(token, str)
def verify_realms(self, token, realms, request):
return True

View File

@ -11,7 +11,6 @@
# under the License.
import abc
import six
import keystone.conf
from keystone import exception
@ -20,8 +19,7 @@ from keystone import exception
CONF = keystone.conf.CONF
@six.add_metaclass(abc.ABCMeta)
class PolicyDriverBase(object):
class PolicyDriverBase(object, metaclass=abc.ABCMeta):
def _get_list_limit(self):
return CONF.policy.list_limit or CONF.list_limit

View File

@ -13,8 +13,8 @@
# under the License.
import flask
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common import authorization
from keystone.common import provider_api
@ -68,7 +68,7 @@ def build_receipt(mfa_error):
issue_receipt(mfa_error.user_id, mfa_error.methods)
resp_data = _render_receipt_response_from_model(receipt)
resp_body = jsonutils.dumps(resp_data)
response = flask.make_response(resp_body, http_client.UNAUTHORIZED)
response = flask.make_response(resp_body, http.client.UNAUTHORIZED)
response.headers[authorization.AUTH_RECEIPT_HEADER] = receipt.id
response.headers['Content-Type'] = 'application/json'
return response

View File

@ -18,7 +18,6 @@ import datetime
from oslo_log import log
from oslo_utils import timeutils
import six
from keystone.common import cache
from keystone.common import manager
@ -159,7 +158,7 @@ class Manager(manager.Manager):
if isinstance(expires_at, datetime.datetime):
receipt.expires_at = utils.isotime(expires_at, subsecond=True)
if isinstance(expires_at, six.string_types):
if isinstance(expires_at, str):
receipt.expires_at = expires_at
elif not expires_at:
receipt.expires_at = utils.isotime(

View File

@ -14,13 +14,10 @@
import abc
import six
from keystone import exception
@six.add_metaclass(abc.ABCMeta)
class Provider(object):
class Provider(object, metaclass=abc.ABCMeta):
"""Interface description for a Receipt provider."""
@abc.abstractmethod

View File

@ -71,8 +71,8 @@ class ReceiptFormatter(object):
def pack(self, payload):
"""Pack a payload for transport as a receipt.
:type payload: six.binary_type
:rtype: six.text_type
:type payload: bytes
:rtype: str
"""
# base64 padding (if any) is not URL-safe
@ -81,8 +81,8 @@ class ReceiptFormatter(object):
def unpack(self, receipt):
"""Unpack a receipt, and validate the payload.
:type receipt: six.text_type
:rtype: six.binary_type
:type receipt: str
:rtype: bytes
"""
receipt = ReceiptFormatter.restore_padding(receipt)
@ -98,7 +98,7 @@ class ReceiptFormatter(object):
"""Restore padding based on receipt size.
:param receipt: receipt to restore padding on
:type receipt: six.text_type
:type receipt: str
:returns: receipt with correct padding
"""
@ -113,14 +113,14 @@ class ReceiptFormatter(object):
def creation_time(cls, fernet_receipt):
"""Return the creation time of a valid Fernet receipt.
:type fernet_receipt: six.text_type
:type fernet_receipt: str
"""
fernet_receipt = ReceiptFormatter.restore_padding(fernet_receipt)
# fernet_receipt is six.text_type
# fernet_receipt is str
# Fernet receipts are base64 encoded, so we need to unpack them first
# urlsafe_b64decode() requires six.binary_type
# urlsafe_b64decode() requires bytes
receipt_bytes = base64.urlsafe_b64decode(
fernet_receipt.encode('utf-8'))
@ -159,7 +159,7 @@ class ReceiptFormatter(object):
def validate_receipt(self, receipt):
"""Validate a Fernet receipt and returns the payload attributes.
:type receipt: six.text_type
:type receipt: str
"""
serialized_payload = self.unpack(receipt)
@ -280,20 +280,20 @@ class ReceiptPayload(object):
def base64_encode(cls, s):
"""Encode a URL-safe string.
:type s: six.text_type
:rtype: six.text_type
:type s: str
:rtype: str
"""
# urlsafe_b64encode() returns six.binary_type so need to convert to
# six.text_type, might as well do it before stripping.
# urlsafe_b64encode() returns bytes so need to convert to
# str, might as well do it before stripping.
return base64.urlsafe_b64encode(s).decode('utf-8').rstrip('=')
@classmethod
def random_urlsafe_str_to_bytes(cls, s):
"""Convert string from :func:`random_urlsafe_str()` to six.binary_type.
"""Convert string from :func:`random_urlsafe_str()` to bytes.
:type s: six.text_type
:rtype: six.binary_type
:type s: str
:rtype: bytes
"""
# urlsafe_b64decode() requires str, unicode isn't accepted.

View File

@ -14,8 +14,6 @@
import abc
import six
import keystone.conf
from keystone import exception
@ -39,8 +37,7 @@ def get_project_from_domain(domain_ref):
NULL_DOMAIN_ID = '<<keystone.domain.root>>'
@six.add_metaclass(abc.ABCMeta)
class ResourceDriverBase(object):
class ResourceDriverBase(object, metaclass=abc.ABCMeta):
def _get_list_limit(self):
return CONF.resource.list_limit or CONF.list_limit

View File

@ -10,7 +10,6 @@
# License for the specific language governing permissions and limitations
# under the License.
from six import text_type
from sqlalchemy import orm
from sqlalchemy.orm import collections
@ -102,7 +101,7 @@ class Project(sql.ModelBase, sql.ModelDictMixinWithExtras):
for tag in values:
tag_ref = ProjectTag()
tag_ref.project_id = self.id
tag_ref.name = text_type(tag)
tag_ref.name = str(tag)
new_tags.append(tag_ref)
self._tags = new_tags

View File

@ -14,13 +14,10 @@
import abc
import six
from keystone import exception
@six.add_metaclass(abc.ABCMeta)
class DomainConfigDriverBase(object):
class DomainConfigDriverBase(object, metaclass=abc.ABCMeta):
"""Interface description for a Domain Config driver."""
@abc.abstractmethod

View File

@ -13,7 +13,6 @@
"""Main entry point into the Resource service."""
from oslo_log import log
import six
from keystone import assignment
from keystone.common import cache
@ -1476,7 +1475,7 @@ class DomainConfigManager(manager.Manager):
sensitive_dict = {s['option']: s['value'] for s in sensitive}
for each_whitelisted in whitelisted:
if not isinstance(each_whitelisted['value'], six.string_types):
if not isinstance(each_whitelisted['value'], str):
# We only support substitutions into string types, if its an
# integer, list etc. then just continue onto the next one
continue

View File

@ -16,7 +16,6 @@ import abc
import datetime
from oslo_utils import timeutils
import six
import keystone.conf
from keystone import exception
@ -32,8 +31,7 @@ def revoked_before_cutoff_time():
return oldest
@six.add_metaclass(abc.ABCMeta)
class RevokeDriverBase(object):
class RevokeDriverBase(object, metaclass=abc.ABCMeta):
"""Interface for recording and reporting revocation events."""
@abc.abstractmethod

View File

@ -19,7 +19,6 @@ import flask
import oslo_i18n
from oslo_log import log
from oslo_middleware import healthcheck
import six
try:
# werkzeug 0.15.x
@ -85,9 +84,9 @@ def _handle_keystone_exception(error):
"Authorization failed. %(exception)s from %(remote_addr)s",
{'exception': error, 'remote_addr': flask.request.remote_addr})
elif isinstance(error, exception.UnexpectedError):
LOG.exception(six.text_type(error))
LOG.exception(str(error))
else:
LOG.warning(six.text_type(error))
LOG.warning(str(error))
# Render the exception to something user "friendly"
error_message = error.args[0]
@ -95,7 +94,7 @@ def _handle_keystone_exception(error):
if message is error_message:
# translate() didn't do anything because it wasn't a Message,
# convert to a string.
message = six.text_type(message)
message = str(message)
body = dict(
error={

View File

@ -22,11 +22,10 @@ import flask
from flask import blueprints
import flask_restful
import flask_restful.utils
import http.client
from oslo_log import log
from oslo_log import versionutils
from oslo_serialization import jsonutils
import six
from six.moves import http_client
from keystone.common import authorization
from keystone.common import context
@ -156,13 +155,12 @@ def _assert_rbac_enforcement_called(resp):
def _remove_content_type_on_204(resp):
# Remove content-type if the resp is 204.
if resp.status_code == http_client.NO_CONTENT:
if resp.status_code == http.client.NO_CONTENT:
resp.headers.pop('content-type', None)
return resp
@six.add_metaclass(abc.ABCMeta)
class APIBase(object):
class APIBase(object, metaclass=abc.ABCMeta):
@property
@abc.abstractmethod
@ -807,7 +805,7 @@ class ResourceBase(flask_restful.Resource):
val = False
if filter_name in flask.request.args:
filter_value = flask.request.args.get(filter_name)
if (isinstance(filter_value, six.string_types) and
if (isinstance(filter_value, str) and
filter_value == '0'):
val = False
else:

View File

@ -16,12 +16,11 @@ import itertools
import re
import wsgiref.util
import http.client
from keystonemiddleware import auth_token
import oslo_i18n
from oslo_log import log
from oslo_serialization import jsonutils
import six
from six.moves import http_client
import webob.dec
import webob.exc
@ -103,16 +102,16 @@ def middleware_exceptions(method):
try:
return method(self, request)
except exception.Error as e:
LOG.warning(six.text_type(e))
LOG.warning(e)
return render_exception(e, request=request,
user_locale=best_match_language(request))
except TypeError as e:
LOG.exception(six.text_type(e))
LOG.exception(e)
return render_exception(exception.ValidationError(e),
request=request,
user_locale=best_match_language(request))
except Exception as e:
LOG.exception(six.text_type(e))
LOG.exception(e)
return render_exception(exception.UnexpectedError(exception=e),
request=request,
user_locale=best_match_language(request))
@ -130,8 +129,8 @@ def render_response(body=None, status=None, headers=None, method=None):
if body is None:
body = b''
status = status or (http_client.NO_CONTENT,
http_client.responses[http_client.NO_CONTENT])
status = status or (http.client.NO_CONTENT,
http.client.responses[http.client.NO_CONTENT])
else:
content_types = [v for h, v in headers if h == 'Content-Type']
if content_types:
@ -143,8 +142,8 @@ def render_response(body=None, status=None, headers=None, method=None):
body = jsonutils.dump_as_bytes(body, cls=utils.SmarterEncoder)
if content_type is None:
headers.append(('Content-Type', 'application/json'))
status = status or (http_client.OK,
http_client.responses[http_client.OK])
status = status or (http.client.OK,
http.client.responses[http.client.OK])
# NOTE(davechen): `mod_wsgi` follows the standards from pep-3333 and
# requires the value in response header to be binary type(str) on python2,
@ -205,7 +204,7 @@ def render_exception(error, context=None, request=None, user_locale=None):
if message is error_message:
# translate() didn't do anything because it wasn't a Message,
# convert to a string.
message = six.text_type(message)
message = str(message)
body = {'error': {
'code': error.code,

View File

@ -26,8 +26,6 @@ please see pycodestyle.py.
import ast
import re
import six
class BaseASTChecker(ast.NodeVisitor):
"""Provides a simple framework for writing AST-based checks.
@ -183,7 +181,7 @@ class CheckForTranslationIssues(BaseASTChecker):
if obj_name is None:
return None
return obj_name + '.' + method_name
elif isinstance(node, six.string_types):
elif isinstance(node, str):
return node
else: # could be Subscript, Call or many more
return None

View File

@ -12,7 +12,7 @@
import uuid
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -133,7 +133,7 @@ class _ProjectUsersTests(object):
user['id'], access_rule_id)
c.get(
path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_own_non_existent_access_rule_not_found(self):
@ -142,7 +142,7 @@ class _ProjectUsersTests(object):
'/v3/users/%s/access_rules/%s' % (
self.user_id, uuid.uuid4().hex),
headers=self.headers,
expected_status_code=http_client.NOT_FOUND
expected_status_code=http.client.NOT_FOUND
)
def test_cannot_get_non_existent_access_rule_other_user_forbidden(self):
@ -153,7 +153,7 @@ class _ProjectUsersTests(object):
'/v3/users/%s/access_rules/%s' % (
user['id'], uuid.uuid4().hex),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_list_access_rules_for_other_users(self):
@ -186,7 +186,7 @@ class _ProjectUsersTests(object):
with self.test_client() as c:
path = '/v3/users/%s/access_rules' % user['id']
c.get(path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_delete_access_rules_for_others(self):
user = unit.new_user_ref(domain_id=CONF.identity.default_domain_id)
@ -222,7 +222,7 @@ class _ProjectUsersTests(object):
user['id'], access_rule_id)
c.delete(
path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_delete_non_existent_access_rule_other_user_forbidden(self):
@ -233,7 +233,7 @@ class _ProjectUsersTests(object):
'/v3/users/%s/access_rules/%s' % (
user['id'], uuid.uuid4().hex),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -281,7 +281,7 @@ class _SystemUserAccessRuleTests(object):
'/v3/users/%s/access_rules/%s' % (
user['id'], uuid.uuid4().hex),
headers=self.headers,
expected_status_code=http_client.NOT_FOUND
expected_status_code=http.client.NOT_FOUND
)
@ -352,7 +352,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
user['id'], access_rule_id)
c.delete(
path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_non_existent_access_rule_forbidden(self):
@ -363,7 +363,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
'/v3/users/%s/access_rules/%s' % (
user['id'], uuid.uuid4().hex),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -434,7 +434,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
user['id'], access_rule_id)
c.delete(
path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
with self.test_client() as c:
@ -442,7 +442,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
user['id'], access_rule_id)
c.delete(
path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_non_existent_access_rule_forbidden(self):
@ -453,7 +453,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
'/v3/users/%s/access_rules/%s' % (
user['id'], uuid.uuid4().hex),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -526,7 +526,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
'/v3/users/%s/access_rules/%s' % (
user['id'], uuid.uuid4().hex),
headers=self.headers,
expected_status_code=http_client.NOT_FOUND
expected_status_code=http.client.NOT_FOUND
)

View File

@ -13,8 +13,8 @@
import datetime
import uuid
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common.policies import base as base_policy
from keystone.common import provider_api
@ -127,7 +127,7 @@ class _DomainAndProjectUserTests(object):
with self.test_client() as c:
c.get('/v3/users/%s/application_credentials' % (
self.app_cred_user_id),
expected_status_code=http_client.FORBIDDEN,
expected_status_code=http.client.FORBIDDEN,
headers=self.headers)
def test_user_cannot_get_application_credential(self):
@ -137,7 +137,7 @@ class _DomainAndProjectUserTests(object):
c.get('/v3/users/%s/application_credentials/%s' % (
self.app_cred_user_id,
app_cred['id']),
expected_status_code=http_client.FORBIDDEN,
expected_status_code=http.client.FORBIDDEN,
headers=self.headers)
def test_user_cannot_lookup_application_credential(self):
@ -147,7 +147,7 @@ class _DomainAndProjectUserTests(object):
c.get('/v3/users/%s/application_credentials?name=%s' % (
self.app_cred_user_id,
app_cred['name']),
expected_status_code=http_client.FORBIDDEN,
expected_status_code=http.client.FORBIDDEN,
headers=self.headers)
def test_user_cannot_delete_application_credential(self):
@ -158,7 +158,7 @@ class _DomainAndProjectUserTests(object):
'/v3/users/%s/application_credentials/%s' % (
self.app_cred_user_id,
app_cred['id']),
expected_status_code=http_client.FORBIDDEN,
expected_status_code=http.client.FORBIDDEN,
headers=self.headers)
def test_user_cannot_lookup_non_existent_application_credential(self):
@ -166,7 +166,7 @@ class _DomainAndProjectUserTests(object):
c.get('/v3/users/%s/application_credentials?name=%s' % (
self.app_cred_user_id,
uuid.uuid4().hex),
expected_status_code=http_client.FORBIDDEN,
expected_status_code=http.client.FORBIDDEN,
headers=self.headers)
def test_user_cannot_create_app_credential_for_another_user(self):
@ -187,7 +187,7 @@ class _DomainAndProjectUserTests(object):
c.post(
'/v3/users/%s/application_credentials' % another_user_id,
json=app_cred_body,
expected_status_code=http_client.FORBIDDEN,
expected_status_code=http.client.FORBIDDEN,
headers=self.headers)
@ -233,7 +233,7 @@ class _SystemUserAndOwnerTests(object):
def _test_delete_application_credential(
self,
expected_status_code=http_client.NO_CONTENT):
expected_status_code=http.client.NO_CONTENT):
app_cred = self._create_application_credential()
with self.test_client() as c:
@ -262,7 +262,7 @@ class _SystemUserAndOwnerTests(object):
c.post(
'/v3/users/%s/application_credentials' % another_user_id,
json=app_cred_body,
expected_status_code=http_client.FORBIDDEN,
expected_status_code=http.client.FORBIDDEN,
headers=self.headers)
@ -300,7 +300,7 @@ class SystemReaderTests(_TestAppCredBase,
def test_system_reader_cannot_delete_application_credential_for_user(self):
self._test_delete_application_credential(
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
class SystemMemberTests(_TestAppCredBase,
@ -337,7 +337,7 @@ class SystemMemberTests(_TestAppCredBase,
def test_system_reader_cannot_delete_application_credential_for_user(self):
self._test_delete_application_credential(
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
class SystemAdminTests(_TestAppCredBase,
@ -412,7 +412,7 @@ class OwnerTests(_TestAppCredBase,
c.post(
'/v3/users/%s/application_credentials' % self.user_id,
json=app_cred_body,
expected_status_code=http_client.CREATED,
expected_status_code=http.client.CREATED,
headers=self.headers)
def test_owner_can_delete_application_credential(self):

View File

@ -11,7 +11,7 @@
# under the License.
import copy
from six.moves import http_client
import http.client
import uuid
from oslo_serialization import jsonutils
@ -1021,7 +1021,7 @@ class _DomainUserTests(object):
('/v3/role_assignments?scope.project.id=%s&include_subtree' %
assignments['project_id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -1031,7 +1031,7 @@ class _ProjectUserTests(object):
with self.test_client() as c:
c.get(
'/v3/role_assignments', headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_filter_role_assignments_by_user_of_project(self):
@ -1042,7 +1042,7 @@ class _ProjectUserTests(object):
c.get(
'/v3/role_assignments?user.id=%s' % user_id,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_filter_role_assignments_by_group_of_project(self):
@ -1053,7 +1053,7 @@ class _ProjectUserTests(object):
c.get(
'/v3/role_assignments?group.id=%s' % group_id,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_filter_role_assignments_by_system(self):
@ -1061,7 +1061,7 @@ class _ProjectUserTests(object):
c.get(
'/v3/role_assignments?scope.system=all',
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_filter_role_assignments_by_domain(self):
@ -1070,7 +1070,7 @@ class _ProjectUserTests(object):
'/v3/role_assignments?scope.domain.id=%s'
% self.domain_id,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_filter_role_assignments_by_other_project(self):
@ -1084,7 +1084,7 @@ class _ProjectUserTests(object):
'/v3/role_assignments?scope.project.id=%s'
% project1,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_filter_role_assignments_by_other_project_user(self):
@ -1099,7 +1099,7 @@ class _ProjectUserTests(object):
c.get(
'/v3/role_assignments?user.id=%s' % user_id,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_filter_role_assignments_by_other_project_group(self):
@ -1114,7 +1114,7 @@ class _ProjectUserTests(object):
c.get(
'/v3/role_assignments?group.id=%s' % group_id,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -1138,7 +1138,7 @@ class _ProjectReaderMemberTests(object):
('/v3/role_assignments?scope.project.id=%s&include_subtree' %
self.project_id),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -1628,5 +1628,5 @@ class ProjectAdminTests(base_classes.TestCaseWithBootstrap,
('/v3/role_assignments?scope.project.id=%s&include_subtree' %
project['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)

View File

@ -12,7 +12,7 @@
import uuid
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -49,7 +49,7 @@ class _SystemReaderAndMemberOauth1ConsumerTests(object):
with self.test_client() as c:
c.post('/v3/OS-OAUTH1/consumers',
json={'consumer': {}},
expected_status_code=http_client.FORBIDDEN,
expected_status_code=http.client.FORBIDDEN,
headers=self.headers)
def test_user_cannot_update_consumer(self):
@ -58,7 +58,7 @@ class _SystemReaderAndMemberOauth1ConsumerTests(object):
with self.test_client() as c:
c.patch('/v3/OS-OAUTH1/consumers/%s' % ref['id'],
json={'consumer': {'description': uuid.uuid4().hex}},
expected_status_code=http_client.FORBIDDEN,
expected_status_code=http.client.FORBIDDEN,
headers=self.headers)
def test_user_cannot_delete_consumer(self):
@ -66,7 +66,7 @@ class _SystemReaderAndMemberOauth1ConsumerTests(object):
{'id': uuid.uuid4().hex})
with self.test_client() as c:
c.delete('/v3/OS-OAUTH1/consumers/%s' % ref['id'],
expected_status_code=http_client.FORBIDDEN,
expected_status_code=http.client.FORBIDDEN,
headers=self.headers)

View File

@ -12,8 +12,8 @@
import uuid
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common.policies import base as bp
from keystone.common import provider_api
@ -192,14 +192,14 @@ class _ProjectUsersTests(object):
path = '/v3/credentials/%s' % credential_id
c.get(
path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_non_existant_credential_forbidden(self):
with self.test_client() as c:
c.get(
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_list_credentials_for_other_users(self):
@ -351,7 +351,7 @@ class _ProjectUsersTests(object):
path = '/v3/credentials/%s' % credential_id
c.patch(
path, json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_non_existant_credential_forbidden(self):
@ -361,7 +361,7 @@ class _ProjectUsersTests(object):
c.patch(
'/v3/credentials/%s' % uuid.uuid4().hex, json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_credentials_for_other_users(self):
@ -379,7 +379,7 @@ class _ProjectUsersTests(object):
}
c.post(
'/v3/credentials', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_credentials_for_others(self):
@ -418,14 +418,14 @@ class _ProjectUsersTests(object):
path = '/v3/credentials/%s' % credential_id
c.delete(
path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_non_existant_credential_forbidden(self):
with self.test_client() as c:
c.delete(
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -474,7 +474,7 @@ class _SystemUserCredentialTests(object):
with self.test_client() as c:
c.get(
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.NOT_FOUND
expected_status_code=http.client.NOT_FOUND
)
def test_user_can_filter_credentials_by_type_for_others(self):
@ -617,7 +617,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
}
c.post(
'/v3/credentials', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_credentials_for_others(self):
@ -657,7 +657,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
path = '/v3/credentials/%s' % credential_id
c.patch(
path, json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_non_existant_credential_forbidden(self):
@ -667,7 +667,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/credentials/%s' % uuid.uuid4().hex, json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_credentials_for_others(self):
@ -706,14 +706,14 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
path = '/v3/credentials/%s' % credential_id
c.delete(
path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_non_existant_credential_forbidden(self):
with self.test_client() as c:
c.delete(
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -765,7 +765,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
}
c.post(
'/v3/credentials', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_credentials_for_others(self):
@ -805,7 +805,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
path = '/v3/credentials/%s' % credential_id
c.patch(
path, json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_non_existant_credential_forbidden(self):
@ -815,7 +815,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/credentials/%s' % uuid.uuid4().hex, json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_credentials_for_others(self):
@ -854,14 +854,14 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
path = '/v3/credentials/%s' % credential_id
c.delete(
path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_non_existant_credential_forbidden(self):
with self.test_client() as c:
c.delete(
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -954,7 +954,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/credentials/%s' % uuid.uuid4().hex, json=update,
headers=self.headers,
expected_status_code=http_client.NOT_FOUND
expected_status_code=http.client.NOT_FOUND
)
def test_user_can_delete_credentials_for_others(self):
@ -997,7 +997,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.delete(
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.NOT_FOUND
expected_status_code=http.client.NOT_FOUND
)

View File

@ -12,7 +12,7 @@
import uuid
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -122,7 +122,7 @@ class _SystemUserDomainConfigTests(object):
with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap'
% invalid_domain_id, headers=self.headers,
expected_status_code=http_client.NOT_FOUND)
expected_status_code=http.client.NOT_FOUND)
def test_user_can_get_non_existent_config(self):
domain = PROVIDERS.resource_api.create_domain(
@ -130,7 +130,7 @@ class _SystemUserDomainConfigTests(object):
)
with self.test_client() as c:
c.get('/v3/domains/%s/config' % domain['id'], headers=self.headers,
expected_status_code=http_client.NOT_FOUND)
expected_status_code=http.client.NOT_FOUND)
def test_user_can_get_non_existent_config_group_invalid_domain(self):
domain = PROVIDERS.resource_api.create_domain(
@ -142,7 +142,7 @@ class _SystemUserDomainConfigTests(object):
with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap'
% invalid_domain_id, headers=self.headers,
expected_status_code=http_client.NOT_FOUND)
expected_status_code=http.client.NOT_FOUND)
def test_user_can_get_domain_config_option(self):
domain = PROVIDERS.resource_api.create_domain(
@ -163,7 +163,7 @@ class _SystemUserDomainConfigTests(object):
with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap/user_tree_dn'
% domain['id'], headers=self.headers,
expected_status_code=http_client.NOT_FOUND)
expected_status_code=http.client.NOT_FOUND)
def test_user_can_get_non_existent_config_option_invalid_domain(self):
domain = PROVIDERS.resource_api.create_domain(
@ -175,7 +175,7 @@ class _SystemUserDomainConfigTests(object):
with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap/user_tree_dn'
% invalid_domain_id, headers=self.headers,
expected_status_code=http_client.NOT_FOUND)
expected_status_code=http.client.NOT_FOUND)
def test_user_can_get_security_compliance_domain_config(self):
# Set the security compliance configuration options
@ -247,7 +247,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
% domain['id'],
json={'config': unit.new_domain_config_ref()},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_update_domain_config(self):
domain = PROVIDERS.resource_api.create_domain(
@ -261,7 +261,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
c.patch('/v3/domains/%s/config'
% domain['id'], json={'config': new_config},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_update_domain_group_config(self):
domain = PROVIDERS.resource_api.create_domain(
@ -275,7 +275,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
c.patch('/v3/domains/%s/config/ldap'
% domain['id'], json={'config': new_config},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_update_domain_config_option(self):
domain = PROVIDERS.resource_api.create_domain(
@ -289,7 +289,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
% domain['id'],
json={'config': new_config},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_delete_domain_config(self):
domain = PROVIDERS.resource_api.create_domain(
@ -300,7 +300,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
with self.test_client() as c:
c.delete('/v3/domains/%s/config' % domain['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_delete_domain_group_config(self):
domain = PROVIDERS.resource_api.create_domain(
@ -311,7 +311,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
with self.test_client() as c:
c.delete('/v3/domains/%s/config/ldap'
% domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_delete_domain_config_option(self):
domain = PROVIDERS.resource_api.create_domain(
@ -322,7 +322,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
with self.test_client() as c:
c.delete('/v3/domains/%s/config/ldap/url'
% domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
class _DomainAndProjectUserDomainConfigTests(object):
@ -336,7 +336,7 @@ class _DomainAndProjectUserDomainConfigTests(object):
with self.test_client() as c:
c.get('/v3/domains/%s/config'
% domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_domain_group_config(self):
domain = PROVIDERS.resource_api.create_domain(
@ -347,7 +347,7 @@ class _DomainAndProjectUserDomainConfigTests(object):
with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap'
% domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_non_existant_config(self):
domain = PROVIDERS.resource_api.create_domain(
@ -355,7 +355,7 @@ class _DomainAndProjectUserDomainConfigTests(object):
)
with self.test_client() as c:
c.get('/v3/domains/%s/config' % domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_domain_config_option(self):
domain = PROVIDERS.resource_api.create_domain(
@ -366,22 +366,22 @@ class _DomainAndProjectUserDomainConfigTests(object):
with self.test_client() as c:
c.get('/v3/domains/%s/config/ldap/url'
% domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_domain_config_default(self):
with self.test_client() as c:
c.get('/v3/domains/config/default', headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_domain_group_config_default(self):
with self.test_client() as c:
c.get('/v3/domains/config/ldap/default', headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_domain_config_option_default(self):
with self.test_client() as c:
c.get('/v3/domains/config/ldap/url/default', headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
class SystemReaderTests(
@ -492,7 +492,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
% domain['id'],
json={'config': unit.new_domain_config_ref()},
headers=self.headers,
expected_status_code=http_client.CREATED)
expected_status_code=http.client.CREATED)
def test_user_cannot_create_invalid_domain_config(self):
invalid_domain_id = uuid.uuid4().hex
@ -501,7 +501,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
% invalid_domain_id,
json={'config': unit.new_domain_config_ref()},
headers=self.headers,
expected_status_code=http_client.NOT_FOUND)
expected_status_code=http.client.NOT_FOUND)
def test_user_can_update_domain_config(self):
domain = PROVIDERS.resource_api.create_domain(
@ -581,7 +581,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.delete('/v3/domains/%s/config' % invalid_domain_id,
headers=self.headers,
expected_status_code=http_client.NOT_FOUND)
expected_status_code=http.client.NOT_FOUND)
class DomainUserTests(

View File

@ -12,7 +12,7 @@
import uuid
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -60,7 +60,7 @@ class _SystemReaderAndMemberDomainRoleTests(object):
with self.test_client() as c:
c.post(
'/v3/roles', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_domain_roles(self):
@ -74,7 +74,7 @@ class _SystemReaderAndMemberDomainRoleTests(object):
with self.test_client() as c:
c.patch(
'/v3/roles/%s' % role['id'], json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_domain_roles(self):
@ -86,7 +86,7 @@ class _SystemReaderAndMemberDomainRoleTests(object):
with self.test_client() as c:
c.delete(
'/v3/roles/%s' % role['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -101,7 +101,7 @@ class _DomainAndProjectUserDomainRoleTests(object):
with self.test_client() as c:
c.get(
'/v3/roles', headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_a_domain_role(self):
@ -113,7 +113,7 @@ class _DomainAndProjectUserDomainRoleTests(object):
with self.test_client() as c:
c.get(
'/v3/roles/%s' % role['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_domain_roles(self):
@ -123,7 +123,7 @@ class _DomainAndProjectUserDomainRoleTests(object):
with self.test_client() as c:
c.post(
'/v3/roles', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_domain_roles(self):
@ -137,7 +137,7 @@ class _DomainAndProjectUserDomainRoleTests(object):
with self.test_client() as c:
c.patch(
'/v3/roles/%s' % role['id'], json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_domain_roles(self):
@ -149,7 +149,7 @@ class _DomainAndProjectUserDomainRoleTests(object):
with self.test_client() as c:
c.delete(
'/v3/roles/%s' % role['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)

View File

@ -12,8 +12,8 @@
import uuid
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common.policies import domain as dp
from keystone.common import provider_api
@ -100,7 +100,7 @@ class _SystemMemberAndReaderDomainTests(object):
with self.test_client() as c:
c.post(
'/v3/domains', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_a_domain(self):
@ -113,7 +113,7 @@ class _SystemMemberAndReaderDomainTests(object):
c.patch(
'/v3/domains/%s' % domain['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_a_domain(self):
@ -124,7 +124,7 @@ class _SystemMemberAndReaderDomainTests(object):
with self.test_client() as c:
c.delete(
'/v3/domains/%s' % domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -143,14 +143,14 @@ class _DomainAndProjectUserDomainTests(object):
with self.test_client() as c:
c.get(
'/v3/domains/%s' % domain['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_list_domains(self):
with self.test_client() as c:
c.get(
'/v3/domains', headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_filter_domains_by_name(self):
@ -166,18 +166,18 @@ class _DomainAndProjectUserDomainTests(object):
c.get(
'/v3/domains?name=%s' % domain_name,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_filter_domains_by_enabled(self):
with self.test_client() as c:
c.get(
'/v3/domains?enabled=true', headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
c.get(
'/v3/domains?enabled=false', headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_a_domain(self):
@ -190,7 +190,7 @@ class _DomainAndProjectUserDomainTests(object):
c.patch(
'/v3/domains/%s' % domain['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_a_domain(self):
@ -199,7 +199,7 @@ class _DomainAndProjectUserDomainTests(object):
with self.test_client() as c:
c.post(
'/v3/domains', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_a_domain(self):
@ -212,11 +212,11 @@ class _DomainAndProjectUserDomainTests(object):
path = '/v3/domains/%s' % domain['id']
c.patch(
path, json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
c.delete(
path, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_non_existant_domain_forbidden(self):
@ -225,7 +225,7 @@ class _DomainAndProjectUserDomainTests(object):
c.get(
'/v3/domains/%s' % uuid.uuid4().hex,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)

View File

@ -10,8 +10,8 @@
# License for the specific language governing permissions and limitations
# under the License.
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common.policies import base as bp
from keystone.common import provider_api
@ -85,7 +85,7 @@ class _UserEC2CredentialTests(object):
with self.test_client() as c:
c.post('/v3/users/%s/credentials/OS-EC2' % self.user_id,
json={'tenant_id': project['id']}, headers=self.headers,
expected_status_code=http_client.CREATED)
expected_status_code=http.client.CREATED)
def test_user_delete_their_ec2_credentials(self):
project = unit.new_project_ref(
@ -122,7 +122,7 @@ class _UserEC2CredentialTests(object):
with self.test_client() as c:
c.post('/v3/users/%s/credentials/OS-EC2' % user['id'],
json={'tenant_id': project['id']}, headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_delete_ec2_credentials_for_others(self):
user = unit.new_user_ref(domain_id=CONF.identity.default_domain_id)
@ -152,7 +152,7 @@ class _UserEC2CredentialTests(object):
c.delete('/v3/users/%s/credentials/OS-EC2/%s' % (
self.user_id, credential_id),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
class _SystemUserTests(object):
@ -185,7 +185,7 @@ class _SystemUserTests(object):
path = '/v3/users/%s/credentials/OS-EC2/%s' % (
self.user_id, credential_id)
c.get(path, headers=self.headers,
expected_status_code=http_client.OK)
expected_status_code=http.client.OK)
class _SystemReaderAndMemberTests(object):

View File

@ -12,7 +12,7 @@
import uuid
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -153,7 +153,7 @@ class _SystemReaderAndMemberUserEndpointGroupsTests(object):
c.post(
'/v3/OS-EP-FILTER/endpoint_groups', json=create,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_endpoint_groups(self):
@ -170,7 +170,7 @@ class _SystemReaderAndMemberUserEndpointGroupsTests(object):
'/v3/OS-EP-FILTER/endpoint_groups/%s' % endpoint_group['id'],
json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_endpoint_groups(self):
@ -184,7 +184,7 @@ class _SystemReaderAndMemberUserEndpointGroupsTests(object):
c.delete(
'/v3/OS-EP-FILTER/endpoint_groups/%s' % endpoint_group['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_add_endpoint_group_to_project(self):
@ -202,7 +202,7 @@ class _SystemReaderAndMemberUserEndpointGroupsTests(object):
c.put('/v3/OS-EP-FILTER/endpoint_groups/%s/projects/%s'
% (endpoint_group['id'], project['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_remove_endpoint_group_from_project(self):
@ -220,7 +220,7 @@ class _SystemReaderAndMemberUserEndpointGroupsTests(object):
c.delete('/v3/OS-EP-FILTER/endpoint_groups/%s/projects/%s'
% (endpoint_group['id'], project['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -235,7 +235,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
with self.test_client() as c:
c.get('/v3/OS-EP-FILTER/endpoint_groups', headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_an_endpoint_group(self):
endpoint_group = unit.new_endpoint_group_ref(
@ -246,7 +246,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
with self.test_client() as c:
c.get('/v3/OS-EP-FILTER/endpoint_groups/%s' % endpoint_group['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_list_projects_associated_with_endpoint_groups(self):
project = PROVIDERS.resource_api.create_project(
@ -265,7 +265,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
c.get('/v3/OS-EP-FILTER/endpoint_groups/%s/projects'
% endpoint_group['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_list_endpoints_associated_with_endpoint_groups(self):
service = PROVIDERS.catalog_api.create_service(
@ -284,7 +284,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
c.get('/v3/OS-EP-FILTER/endpoint_groups/%s/endpoints'
% endpoint_group['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_endpoints_associated_with_endpoint_groups(self):
project = PROVIDERS.resource_api.create_project(
@ -303,7 +303,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
c.get('/v3/OS-EP-FILTER/endpoint_groups/%s/projects/%s'
% (endpoint_group['id'], project['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_list_endpoint_groups_with_their_projects(self):
project = PROVIDERS.resource_api.create_project(
@ -322,7 +322,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
c.get('/v3/OS-EP-FILTER/projects/%s/endpoint_groups'
% project['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_create_endpoint_groups(self):
create = {
@ -338,7 +338,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
c.post(
'/v3/OS-EP-FILTER/endpoint_groups', json=create,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_endpoint_groups(self):
@ -355,7 +355,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
'/v3/OS-EP-FILTER/endpoint_groups/%s' % endpoint_group['id'],
json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_endpoint_groups(self):
@ -369,7 +369,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
c.delete(
'/v3/OS-EP-FILTER/endpoint_groups/%s' % endpoint_group['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_add_endpoint_group_to_project(self):
@ -387,7 +387,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
c.put('/v3/OS-EP-FILTER/endpoint_groups/%s/projects/%s'
% (endpoint_group['id'], project['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_remove_endpoint_group_from_project(self):
@ -405,7 +405,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
c.delete('/v3/OS-EP-FILTER/endpoint_groups/%s/projects/%s'
% (endpoint_group['id'], project['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)

View File

@ -12,7 +12,7 @@
import uuid
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -74,7 +74,7 @@ class _SystemReaderAndMemberUserEndpointTests(object):
with self.test_client() as c:
c.post(
'/v3/endpoints', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_endpoints(self):
@ -92,7 +92,7 @@ class _SystemReaderAndMemberUserEndpointTests(object):
c.patch(
'/v3/endpoints/%s' % endpoint['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_endpoints(self):
@ -107,7 +107,7 @@ class _SystemReaderAndMemberUserEndpointTests(object):
with self.test_client() as c:
c.delete(
'/v3/endpoints/%s' % endpoint['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -125,7 +125,7 @@ class _DomainAndProjectUserEndpointTests(object):
with self.test_client() as c:
c.post(
'/v3/endpoints', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_list_endpoints(self):
@ -143,7 +143,7 @@ class _DomainAndProjectUserEndpointTests(object):
with self.test_client() as c:
c.get(
'/v3/endpoints', headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_an_endpoint(self):
@ -158,7 +158,7 @@ class _DomainAndProjectUserEndpointTests(object):
with self.test_client() as c:
c.get(
'/v3/endpoints/%s' % endpoint['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_endpoints(self):
@ -176,7 +176,7 @@ class _DomainAndProjectUserEndpointTests(object):
c.patch(
'/v3/endpoints/%s' % endpoint['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_endpoints(self):
@ -191,7 +191,7 @@ class _DomainAndProjectUserEndpointTests(object):
with self.test_client() as c:
c.delete(
'/v3/endpoints/%s' % endpoint['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)

View File

@ -12,8 +12,8 @@
import uuid
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common.policies import grant as gp
from keystone.common import provider_api
@ -141,7 +141,7 @@ class _SystemUserGrantTests(object):
project['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_can_check_grant_for_user_on_domain(self):
@ -164,7 +164,7 @@ class _SystemUserGrantTests(object):
domain['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_can_check_grant_for_group_on_project(self):
@ -191,7 +191,7 @@ class _SystemUserGrantTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_can_check_grant_for_group_on_domain(self):
@ -214,7 +214,7 @@ class _SystemUserGrantTests(object):
domain['id'], group['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
@ -237,7 +237,7 @@ class _SystemMemberAndReaderGrantTests(object):
project['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_user_on_domain(self):
@ -255,7 +255,7 @@ class _SystemMemberAndReaderGrantTests(object):
domain['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_group_on_project(self):
@ -277,7 +277,7 @@ class _SystemMemberAndReaderGrantTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_group_on_domain(self):
@ -295,7 +295,7 @@ class _SystemMemberAndReaderGrantTests(object):
domain['id'], group['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_user_on_project(self):
@ -320,7 +320,7 @@ class _SystemMemberAndReaderGrantTests(object):
project['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_user_on_domain(self):
@ -343,7 +343,7 @@ class _SystemMemberAndReaderGrantTests(object):
domain['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_group_on_project(self):
@ -370,7 +370,7 @@ class _SystemMemberAndReaderGrantTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_group_on_domain(self):
@ -393,7 +393,7 @@ class _SystemMemberAndReaderGrantTests(object):
domain['id'], group['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -499,7 +499,7 @@ class _DomainUserTests(object):
project['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_can_check_grant_for_user_on_domain(self):
@ -519,7 +519,7 @@ class _DomainUserTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_can_check_grant_for_group_on_project(self):
@ -544,7 +544,7 @@ class _DomainUserTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_can_check_grant_for_group_on_domain(self):
@ -564,7 +564,7 @@ class _DomainUserTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_cannot_list_grants_for_user_other_domain_on_project_own_domain(self): # noqa: E501
@ -588,7 +588,7 @@ class _DomainUserTests(object):
c.get(
'/v3/projects/%s/users/%s/roles' % (project['id'], user['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_list_grants_for_user_own_domain_on_project_other_domain(self): # noqa: E501
@ -613,7 +613,7 @@ class _DomainUserTests(object):
c.get(
'/v3/projects/%s/users/%s/roles' % (project['id'], user['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_list_grants_for_user_own_domain_on_other_domain(self):
@ -633,7 +633,7 @@ class _DomainUserTests(object):
c.get(
'/v3/domains/%s/users/%s/roles' % (domain_id, user['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_list_grants_for_user_other_domain_on_own_domain(self):
@ -653,7 +653,7 @@ class _DomainUserTests(object):
c.get(
'/v3/domains/%s/users/%s/roles' % (domain_id, user['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_list_grants_for_group_other_domain_on_project_own_domain(self): # noqa: E501
@ -678,7 +678,7 @@ class _DomainUserTests(object):
'/v3/projects/%s/groups/%s/roles' % (
project['id'], group['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_list_grants_for_group_own_domain_on_project_other_domain(self): # noqa: E501
@ -704,7 +704,7 @@ class _DomainUserTests(object):
'/v3/projects/%s/groups/%s/roles' % (
project['id'], group['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_list_grants_for_group_own_domain_on_other_domain(self):
@ -725,7 +725,7 @@ class _DomainUserTests(object):
'/v3/domains/%s/groups/%s/roles' % (
domain_id, group['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_list_grants_for_group_other_domain_on_own_domain(self):
@ -746,7 +746,7 @@ class _DomainUserTests(object):
'/v3/domains/%s/groups/%s/roles' % (
domain_id, group['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_user_other_domain_on_project_own_domain(self): # noqa: E501
@ -772,7 +772,7 @@ class _DomainUserTests(object):
project['id'], user['id'],
self.bootstrapper.reader_role_id),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_user_own_domain_on_project_other_domain(self): # noqa: E501
@ -799,7 +799,7 @@ class _DomainUserTests(object):
project['id'], user['id'],
self.bootstrapper.reader_role_id),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_user_own_domain_on_project_own_domain_with_role_other_domain(self): # noqa: E501
@ -830,7 +830,7 @@ class _DomainUserTests(object):
project['id'], user['id'],
role['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_user_own_domain_on_other_domain(self):
@ -853,7 +853,7 @@ class _DomainUserTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_user_other_domain_on_own_domain(self):
@ -876,7 +876,7 @@ class _DomainUserTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_user_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
@ -904,7 +904,7 @@ class _DomainUserTests(object):
role['id']
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_group_other_domain_on_project_own_domain(self): # noqa: E501
@ -930,7 +930,7 @@ class _DomainUserTests(object):
project['id'], group['id'],
self.bootstrapper.reader_role_id),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_group_own_domain_on_project_other_domain(self): # noqa: E501
@ -956,7 +956,7 @@ class _DomainUserTests(object):
project['id'], group['id'],
self.bootstrapper.reader_role_id),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_group_own_domain_on_project_own_domain_with_role_other_domain(self): # noqa: E501
@ -987,7 +987,7 @@ class _DomainUserTests(object):
project['id'], group['id'],
role['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_group_own_domain_on_other_domain(self):
@ -1009,7 +1009,7 @@ class _DomainUserTests(object):
domain_id, group['id'],
self.bootstrapper.reader_role_id),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_group_other_domain_on_own_domain(self):
@ -1031,7 +1031,7 @@ class _DomainUserTests(object):
domain_id, group['id'],
self.bootstrapper.reader_role_id),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_check_grant_for_group_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
@ -1057,7 +1057,7 @@ class _DomainUserTests(object):
domain_id, group['id'],
role['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_user_other_domain_on_project_own_domain(self): # noqa: E501
@ -1080,7 +1080,7 @@ class _DomainUserTests(object):
project['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_user_own_domain_on_project_other_domain(self): # noqa: E501
@ -1103,7 +1103,7 @@ class _DomainUserTests(object):
project['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_user_own_domain_on_project_own_domain_with_role_other_domain(self): # noqa: E501
@ -1129,7 +1129,7 @@ class _DomainUserTests(object):
project['id'], user['id'], role['id']
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_user_other_domain_on_own_domain(self):
@ -1146,7 +1146,7 @@ class _DomainUserTests(object):
domain_id, user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_user_own_domain_on_other_domain(self):
@ -1163,7 +1163,7 @@ class _DomainUserTests(object):
domain_id, user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_user_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
@ -1184,7 +1184,7 @@ class _DomainUserTests(object):
domain_id, user['id'], role['id']
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_group_other_domain_on_project_own_domain(self): # noqa: E501
@ -1209,7 +1209,7 @@ class _DomainUserTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_group_own_domain_on_project_other_domain(self): # noqa: E501
@ -1234,7 +1234,7 @@ class _DomainUserTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_group_own_domain_on_project_own_domain_with_role_other_domain(self): # noqa: E501
@ -1263,7 +1263,7 @@ class _DomainUserTests(object):
role['id']
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_group_other_domain_on_own_domain(self):
@ -1280,7 +1280,7 @@ class _DomainUserTests(object):
domain_id, group['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_group_own_domain_on_other_domain(self):
@ -1297,7 +1297,7 @@ class _DomainUserTests(object):
domain_id, group['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_group_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
@ -1318,7 +1318,7 @@ class _DomainUserTests(object):
domain_id, group['id'], role['id']
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_user_other_domain_on_project_own_domain(self): # noqa: E501
@ -1346,7 +1346,7 @@ class _DomainUserTests(object):
project['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_user_own_domain_on_project_other_domain(self): # noqa: E501
@ -1374,7 +1374,7 @@ class _DomainUserTests(object):
project['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_user_other_domain_on_own_domain(self):
@ -1396,7 +1396,7 @@ class _DomainUserTests(object):
domain_id, user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_user_own_domain_on_other_domain(self):
@ -1418,7 +1418,7 @@ class _DomainUserTests(object):
domain_id, user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_user_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
@ -1444,7 +1444,7 @@ class _DomainUserTests(object):
domain_id, user['id'], role['id']
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_group_other_domain_on_project_own_domain(self): # noqa: E501
@ -1474,7 +1474,7 @@ class _DomainUserTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_group_own_domain_on_project_other_domain(self): # noqa: E501
@ -1504,7 +1504,7 @@ class _DomainUserTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_group_other_domain_on_own_domain(self):
@ -1526,7 +1526,7 @@ class _DomainUserTests(object):
domain_id, group['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_group_own_domain_on_other_domain(self):
@ -1548,7 +1548,7 @@ class _DomainUserTests(object):
domain_id, group['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_group_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
@ -1575,7 +1575,7 @@ class _DomainUserTests(object):
domain_id, group['id'], role['id']
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -1859,7 +1859,7 @@ class _DomainMemberAndReaderTests(object):
project['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_user_on_domain(self):
@ -1877,7 +1877,7 @@ class _DomainMemberAndReaderTests(object):
domain['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_group_on_project(self):
@ -1897,7 +1897,7 @@ class _DomainMemberAndReaderTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_create_grant_for_group_on_domain(self):
@ -1915,7 +1915,7 @@ class _DomainMemberAndReaderTests(object):
domain['id'], group['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_user_on_project(self):
@ -1938,7 +1938,7 @@ class _DomainMemberAndReaderTests(object):
project['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_user_on_domain(self):
@ -1961,7 +1961,7 @@ class _DomainMemberAndReaderTests(object):
domain['id'], user['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_group_on_project(self):
@ -1988,7 +1988,7 @@ class _DomainMemberAndReaderTests(object):
self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_cannot_revoke_grant_from_group_on_domain(self):
@ -2011,7 +2011,7 @@ class _DomainMemberAndReaderTests(object):
domain['id'], group['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -2245,5 +2245,5 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
domain['id'], group['id'], self.bootstrapper.reader_role_id
),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)

View File

@ -12,8 +12,8 @@
import uuid
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common.policies import group as gp
from keystone.common import provider_api
@ -113,14 +113,14 @@ class _SystemUserGroupTests(object):
c.get(
'/v3/groups/%s/users/%s' % (group['id'], user['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_user_cannot_get_non_existent_group_not_found(self):
with self.test_client() as c:
c.get(
'/v3/groups/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.NOT_FOUND
expected_status_code=http.client.NOT_FOUND
)
@ -142,7 +142,7 @@ class _SystemAndDomainMemberAndReaderGroupTests(object):
with self.test_client() as c:
c.post(
'/v3/groups', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_group(self):
@ -159,7 +159,7 @@ class _SystemAndDomainMemberAndReaderGroupTests(object):
c.patch(
'/v3/groups/%s' % group['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_group(self):
@ -173,7 +173,7 @@ class _SystemAndDomainMemberAndReaderGroupTests(object):
with self.test_client() as c:
c.delete(
'/v3/groups/%s' % group['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_add_users_to_group(self):
@ -191,7 +191,7 @@ class _SystemAndDomainMemberAndReaderGroupTests(object):
c.put(
'/v3/groups/%s/users/%s' % (group['id'], user['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_remove_users_from_group(self):
@ -211,7 +211,7 @@ class _SystemAndDomainMemberAndReaderGroupTests(object):
c.delete(
'/v3/groups/%s/users/%s' % (group['id'], user['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -442,13 +442,13 @@ class _DomainUserGroupTests(object):
with self.test_client() as c:
c.get('/v3/groups/%s' % group['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_non_existent_group_forbidden(self):
with self.test_client() as c:
c.get(
'/v3/groups/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_can_list_groups_in_domain_for_user_in_domain(self):
@ -479,13 +479,13 @@ class _DomainUserGroupTests(object):
with self.test_client() as c:
c.get('/v3/users/%s/groups' % user['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_list_groups_for_non_existent_user_forbidden(self):
with self.test_client() as c:
c.get('/v3/users/%s/groups' % uuid.uuid4().hex,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_list_groups_in_other_domain_user_in_own_domain(self):
domain = PROVIDERS.resource_api.create_domain(
@ -563,13 +563,13 @@ class _DomainUserGroupTests(object):
with self.test_client() as c:
c.get('/v3/groups/%s/users' % group['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_list_users_in_non_existent_group_forbidden(self):
with self.test_client() as c:
c.get('/v3/groups/%s/users' % uuid.uuid4().hex,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_can_check_user_in_own_domain_group_in_own_domain(self):
user = PROVIDERS.identity_api.create_user(
@ -583,11 +583,11 @@ class _DomainUserGroupTests(object):
c.head('/v3/groups/%(group)s/users/%(user)s' % {
'group': group['id'], 'user': user['id']},
headers=self.headers,
expected_status_code=http_client.NO_CONTENT)
expected_status_code=http.client.NO_CONTENT)
c.get('/v3/groups/%(group)s/users/%(user)s' % {
'group': group['id'], 'user': user['id']},
headers=self.headers,
expected_status_code=http_client.NO_CONTENT)
expected_status_code=http.client.NO_CONTENT)
def test_user_cannot_check_user_in_other_domain_group_in_own_domain(self):
domain = PROVIDERS.resource_api.create_domain(
@ -604,11 +604,11 @@ class _DomainUserGroupTests(object):
c.head('/v3/groups/%(group)s/users/%(user)s' % {
'group': group['id'], 'user': user['id']},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
c.get('/v3/groups/%(group)s/users/%(user)s' % {
'group': group['id'], 'user': user['id']},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
class DomainReaderTests(base_classes.TestCaseWithBootstrap,
@ -836,7 +836,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.post('/v3/groups', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_can_update_group_in_own_domain(self):
group = PROVIDERS.identity_api.create_group(
@ -862,7 +862,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/groups/%s' % group['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_can_delete_group_in_own_domain(self):
@ -886,7 +886,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.delete(
'/v3/groups/%s' % group['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_can_remove_user_in_own_domain_from_group_in_own_domain(self):
@ -917,7 +917,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.delete('/v3/groups/%(group)s/users/%(user)s' % {
'group': group['id'], 'user': user['id']},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_remove_user_own_domain_from_group_other_domain(self):
domain = PROVIDERS.resource_api.create_domain(
@ -934,7 +934,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.delete('/v3/groups/%(group)s/users/%(user)s' % {
'group': group['id'], 'user': user['id']},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_remove_non_existent_user_from_group_forbidden(self):
group = PROVIDERS.identity_api.create_group(
@ -944,7 +944,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.delete('/v3/groups/%(group)s/users/%(user)s' % {
'group': group['id'], 'user': uuid.uuid4().hex},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_remove_user_from_non_existent_group_forbidden(self):
user = PROVIDERS.identity_api.create_user(
@ -954,7 +954,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.delete('/v3/groups/%(group)s/users/%(user)s' % {
'group': uuid.uuid4().hex, 'user': user['id']},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_can_add_user_in_own_domain_to_group_in_own_domain(self):
group = PROVIDERS.identity_api.create_group(
@ -982,7 +982,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.put('/v3/groups/%(group)s/users/%(user)s' % {
'group': group['id'], 'user': user['id']},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_add_user_own_domain_to_group_other_domain(self):
domain = PROVIDERS.resource_api.create_domain(
@ -998,7 +998,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.put('/v3/groups/%(group)s/users/%(user)s' % {
'group': group['id'], 'user': user['id']},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_add_non_existent_user_to_group_forbidden(self):
group = PROVIDERS.identity_api.create_group(
@ -1008,7 +1008,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.put('/v3/groups/%(group)s/users/%(user)s' % {
'group': group['id'], 'user': uuid.uuid4().hex},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_add_user_from_non_existent_group_forbidden(self):
user = PROVIDERS.identity_api.create_user(
@ -1018,7 +1018,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.put('/v3/groups/%(group)s/users/%(user)s' % {
'group': uuid.uuid4().hex, 'user': user['id']},
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
class ProjectUserTests(base_classes.TestCaseWithBootstrap,
@ -1089,7 +1089,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.get(
'/v3/users/%s/groups' % user['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_list_groups(self):
@ -1103,7 +1103,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.get(
'/v3/groups', headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_a_group(self):
@ -1117,7 +1117,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.get(
'/v3/groups/%s' % group['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_list_group_members(self):
@ -1136,7 +1136,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.get(
'/v3/groups/%s/users' % group['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_check_if_user_in_group(self):
@ -1156,12 +1156,12 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
c.get(
'/v3/groups/%s/users/%s' % (group['id'], user['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_non_existent_group_forbidden(self):
with self.test_client() as c:
c.get(
'/v3/groups/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)

View File

@ -12,7 +12,7 @@
import uuid
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -65,7 +65,7 @@ class _SystemReaderAndMemberIdentityProviderTests(object):
c.put(
'/v3/OS-FEDERATION/identity_providers/%s' % uuid.uuid4().hex,
json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_identity_providers(self):
@ -79,7 +79,7 @@ class _SystemReaderAndMemberIdentityProviderTests(object):
c.patch(
'/v3/OS-FEDERATION/identity_providers/%s' % idp['id'],
json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_identity_providers(self):
@ -91,7 +91,7 @@ class _SystemReaderAndMemberIdentityProviderTests(object):
c.delete(
'/v3/OS-FEDERATION/identity_providers/%s' % idp['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -105,7 +105,7 @@ class _DomainAndProjectUserIdentityProviderTests(object):
c.put(
'/v3/OS-FEDERATION/identity_providers/%s' % uuid.uuid4().hex,
json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_identity_providers(self):
@ -119,7 +119,7 @@ class _DomainAndProjectUserIdentityProviderTests(object):
c.patch(
'/v3/OS-FEDERATION/identity_providers/%s' % idp['id'],
json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_list_identity_providers(self):
@ -130,7 +130,7 @@ class _DomainAndProjectUserIdentityProviderTests(object):
with self.test_client() as c:
c.get(
'/v3/OS-FEDERATION/identity_providers', headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_an_identity_provider(self):
@ -142,7 +142,7 @@ class _DomainAndProjectUserIdentityProviderTests(object):
c.get(
'/v3/OS-FEDERATION/identity_providers/%s' % idp['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_identity_providers(self):
@ -154,7 +154,7 @@ class _DomainAndProjectUserIdentityProviderTests(object):
c.delete(
'/v3/OS-FEDERATION/identity_providers/%s' % idp['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -259,7 +259,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
c.put(
'/v3/OS-FEDERATION/identity_providers/%s' % uuid.uuid4().hex,
json=create, headers=self.headers,
expected_status_code=http_client.CREATED
expected_status_code=http.client.CREATED
)
def test_user_can_update_identity_providers(self):

View File

@ -10,7 +10,7 @@
# License for the specific language governing permissions and limitations
# under the License.
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -58,7 +58,7 @@ class _SystemUserImpliedRoleTests(object):
'/v3/roles/%s/implies/%s' % (
self.prior_role_id, self.implied_role_id),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT)
expected_status_code=http.client.NO_CONTENT)
def test_user_can_list_role_inference_rules(self):
PROVIDERS.role_api.create_implied_role(self.prior_role_id,
@ -81,7 +81,7 @@ class _SystemReaderAndMemberImpliedRoleTests(object):
'/v3/roles/%s/implies/%s' % (
self.prior_role_id, self.implied_role_id),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_implied_roles(self):
@ -93,7 +93,7 @@ class _SystemReaderAndMemberImpliedRoleTests(object):
'/v3/roles/%s/implies/%s' % (
self.prior_role_id, self.implied_role_id),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -206,7 +206,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
'/v3/roles/%s/implies/%s' % (
self.prior_role_id, self.implied_role_id),
headers=self.headers,
expected_status_code=http_client.CREATED
expected_status_code=http.client.CREATED
)
def test_user_can_delete_implied_roles(self):

View File

@ -12,7 +12,7 @@
import uuid
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -134,7 +134,7 @@ class _UserLimitTests(object):
with self.test_client() as c:
c.post(
'/v3/limits', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_limits(self):
@ -146,7 +146,7 @@ class _UserLimitTests(object):
c.patch(
'/v3/limits/%s' % limit_id, json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_limits(self):
@ -156,7 +156,7 @@ class _UserLimitTests(object):
c.delete(
'/v3/limits/%s' % limit_id,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -377,7 +377,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.get(
'/v3/limits/%s' % project_limit_id, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_domain_limits_for_other_domain(self):
@ -386,7 +386,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.get(
'/v3/limits/%s' % domain_limit_id, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_can_list_limits_within_domain(self):
@ -439,7 +439,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.post(
'/v3/limits', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_limits_for_other_domain(self):
@ -471,7 +471,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.post(
'/v3/limits', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_limits_for_projects_in_domain(self):
@ -507,7 +507,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.post(
'/v3/limits', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_limits_for_projects_outside_domain(self):
@ -544,7 +544,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.post(
'/v3/limits', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_limits_for_domain(self):
@ -558,7 +558,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/limits/%s' % domain_limit_id, json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_limits_for_other_domain(self):
@ -570,7 +570,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/limits/%s' % domain_limit_id, json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_limits_for_projects_in_domain(self):
@ -583,7 +583,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.patch(
'/v3/limits/%s' % project_limit_id, headers=self.headers,
json=update, expected_status_code=http_client.FORBIDDEN
json=update, expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_limits_for_projects_outside_domain(self):
@ -594,7 +594,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.patch(
'/v3/limits/%s' % project_limit_id, headers=self.headers,
json=update, expected_status_code=http_client.FORBIDDEN
json=update, expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_limits_for_domain(self):
@ -605,7 +605,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.delete(
'/v3/limits/%s' % domain_limit_id, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_limits_for_other_domain(self):
@ -614,7 +614,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.delete(
'/v3/limits/%s' % domain_limit_id, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_limits_for_projects_in_domain(self):
@ -625,7 +625,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.delete(
'/v3/limits/%s' % project_limit_id, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_limits_for_projects_outside_domain(self):
@ -634,7 +634,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.delete(
'/v3/limits/%s' % project_limit_id, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -693,7 +693,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.get(
'/v3/limits/%s' % project_limit_id, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_domain_limit(self):
@ -702,7 +702,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.get(
'/v3/limits/%s' % domain_limit_id, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_can_list_limits(self):
@ -775,7 +775,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.post(
'/v3/limits', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_limits(self):
@ -787,7 +787,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/limits/%s' % limit_id, json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_limits(self):
@ -797,7 +797,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
c.delete(
'/v3/limits/%s' % limit_id,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)

View File

@ -12,7 +12,7 @@
import uuid
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -71,7 +71,7 @@ class _SystemReaderAndMemberUserMappingTests(object):
c.put(
'/v3/OS-FEDERATION/mappings/%s' % mapping_id, json=create,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_mappings(self):
@ -93,7 +93,7 @@ class _SystemReaderAndMemberUserMappingTests(object):
c.patch(
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_mappings(self):
@ -106,7 +106,7 @@ class _SystemReaderAndMemberUserMappingTests(object):
c.delete(
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -128,7 +128,7 @@ class _DomainAndProjectUserMappingTests(object):
c.put(
'/v3/OS-FEDERATION/mappings/%s' % mapping_id, json=create,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_list_mappings(self):
@ -140,7 +140,7 @@ class _DomainAndProjectUserMappingTests(object):
with self.test_client() as c:
c.get(
'/v3/OS-FEDERATION/mappings', headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_a_mapping(self):
@ -153,7 +153,7 @@ class _DomainAndProjectUserMappingTests(object):
c.get(
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_mappings(self):
@ -175,7 +175,7 @@ class _DomainAndProjectUserMappingTests(object):
c.patch(
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_mappings(self):
@ -188,7 +188,7 @@ class _DomainAndProjectUserMappingTests(object):
c.delete(
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -241,7 +241,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
c.put(
'/v3/OS-FEDERATION/mappings/%s' % mapping_id, json=create,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_mappings(self):
@ -263,7 +263,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
json=update, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_mappings(self):
@ -276,7 +276,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
c.delete(
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -355,7 +355,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.put(
'/v3/OS-FEDERATION/mappings/%s' % mapping_id, json=create,
headers=self.headers, expected_status_code=http_client.CREATED
headers=self.headers, expected_status_code=http.client.CREATED
)
def test_user_can_update_mappings(self):

View File

@ -13,7 +13,7 @@
import json
import uuid
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -66,7 +66,7 @@ class _SystemReaderAndMemberPoliciesTests(object):
with self.test_client() as c:
c.post(
'/v3/policies', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_policy(self):
@ -79,7 +79,7 @@ class _SystemReaderAndMemberPoliciesTests(object):
c.patch(
'/v3/policies/%s' % policy['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_policy(self):
@ -89,7 +89,7 @@ class _SystemReaderAndMemberPoliciesTests(object):
with self.test_client() as c:
c.delete(
'/v3/policies/%s' % policy['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -101,7 +101,7 @@ class _DomainAndProjectUserPolicyTests(object):
with self.test_client() as c:
c.get('/v3/policies', headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_policy(self):
policy = unit.new_policy_ref()
@ -109,7 +109,7 @@ class _DomainAndProjectUserPolicyTests(object):
with self.test_client() as c:
c.get('/v3/policies/%s' % policy['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_create_policy(self):
create = {
@ -124,7 +124,7 @@ class _DomainAndProjectUserPolicyTests(object):
with self.test_client() as c:
c.post(
'/v3/policies', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_policy(self):
@ -137,7 +137,7 @@ class _DomainAndProjectUserPolicyTests(object):
c.patch(
'/v3/policies/%s' % policy['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_policy(self):
@ -147,7 +147,7 @@ class _DomainAndProjectUserPolicyTests(object):
with self.test_client() as c:
c.delete(
'/v3/policies/%s' % policy['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)

View File

@ -12,7 +12,7 @@
import uuid
from six.moves import http_client
import http.client
from keystone.common import provider_api
import keystone.conf
@ -47,7 +47,7 @@ class _SystemUserPoliciesAssociationTests(object):
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
% (policy['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT)
expected_status_code=http.client.NO_CONTENT)
def test_user_can_check_policy_association_for_service(self):
policy = unit.new_policy_ref()
@ -64,7 +64,7 @@ class _SystemUserPoliciesAssociationTests(object):
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
% (policy['id'], service['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT)
expected_status_code=http.client.NO_CONTENT)
def test_user_can_check_policy_association_for_region_and_service(self):
policy = unit.new_policy_ref()
@ -84,7 +84,7 @@ class _SystemUserPoliciesAssociationTests(object):
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
% (policy['id'], service['id'], region['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT)
expected_status_code=http.client.NO_CONTENT)
def test_user_can_get_policy_for_endpoint(self):
policy = unit.new_policy_ref()
@ -143,7 +143,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
% (policy['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_policy_association_for_endpoint(self):
@ -162,7 +162,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
% (policy['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_policy_association_for_service(self):
@ -176,7 +176,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
% (policy['id'], service['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_policy_association_for_service(self):
@ -191,7 +191,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
% (policy['id'], service['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_policy_assoc_for_region_and_service(self):
@ -207,7 +207,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
% (policy['id'], service['id'], region['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_policy_assoc_for_region_and_service(self):
@ -223,7 +223,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
% (policy['id'], service['id'], region['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -248,7 +248,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
% (policy['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_check_policy_association_for_service(self):
policy = unit.new_policy_ref()
@ -265,7 +265,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
% (policy['id'], service['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_check_policy_association_for_region_and_service(self):
policy = unit.new_policy_ref()
@ -285,7 +285,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
% (policy['id'], service['id'], region['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_get_policy_for_endpoint(self):
policy = unit.new_policy_ref()
@ -304,7 +304,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
c.get('/v3/endpoints/%s/OS-ENDPOINT-POLICY/policy'
% (endpoint['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_list_endpoints_for_policy(self):
policy = unit.new_policy_ref()
@ -322,7 +322,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
with self.test_client() as c:
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints'
% (policy['id']), headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_policy_association_for_endpoint(self):
@ -341,7 +341,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
% (policy['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_policy_association_for_endpoint(self):
@ -360,7 +360,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
% (policy['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_policy_association_for_service(self):
@ -374,7 +374,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
% (policy['id'], service['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_policy_association_for_service(self):
@ -389,7 +389,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
% (policy['id'], service['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_policy_assoc_for_region_and_service(self):
@ -405,7 +405,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
% (policy['id'], service['id'], region['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_policy_assoc_for_region_and_service(self):
@ -421,7 +421,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
% (policy['id'], service['id'], region['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -535,7 +535,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
% (policy['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_user_can_delete_policy_association_for_endpoint(self):
@ -554,7 +554,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
% (policy['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_user_can_create_policy_association_for_service(self):
@ -568,7 +568,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
% (policy['id'], service['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_user_can_delete_policy_association_for_service(self):
@ -583,7 +583,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
% (policy['id'], service['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_user_can_create_policy_association_for_region_and_service(self):
@ -599,7 +599,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
% (policy['id'], service['id'], region['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_user_can_delete_policy_association_for_region_and_service(self):
@ -615,7 +615,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
% (policy['id'], service['id'], region['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)

View File

@ -12,8 +12,8 @@
import uuid
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common.policies import base as bp
from keystone.common import provider_api
@ -74,7 +74,7 @@ class _SystemUserProjectEndpointTests(object):
c.get('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
% (project['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT)
expected_status_code=http.client.NO_CONTENT)
def test_user_can_list_endpoints_for_project(self):
project = PROVIDERS.resource_api.create_project(
@ -118,7 +118,7 @@ class _SystemReaderAndMemberProjectEndpointTests(object):
c.put('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
% (project['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_remove_endpoint_from_project(self):
project = PROVIDERS.resource_api.create_project(
@ -137,7 +137,7 @@ class _SystemReaderAndMemberProjectEndpointTests(object):
c.delete('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
% (project['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
class _DomainAndProjectUserProjectEndpointTests(object):
@ -161,7 +161,7 @@ class _DomainAndProjectUserProjectEndpointTests(object):
with self.test_client() as c:
c.get('/v3/OS-EP-FILTER/endpoints/%s/projects' % endpoint['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_check_endpoint_in_project(self):
project = PROVIDERS.resource_api.create_project(
@ -183,7 +183,7 @@ class _DomainAndProjectUserProjectEndpointTests(object):
c.get('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
% (project['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
def test_user_cannot_list_endpoints_for_project(self):
project = PROVIDERS.resource_api.create_project(
@ -204,7 +204,7 @@ class _DomainAndProjectUserProjectEndpointTests(object):
with self.test_client() as c:
c.get('/v3/OS-EP-FILTER/projects/%s/endpoints' % project['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN)
expected_status_code=http.client.FORBIDDEN)
class SystemReaderTests(base_classes.TestCaseWithBootstrap,
@ -318,7 +318,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
c.put('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
% (project['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT)
expected_status_code=http.client.NO_CONTENT)
def test_user_can_remove_endpoint_from_project(self):
project = PROVIDERS.resource_api.create_project(
@ -339,7 +339,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
c.delete('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
% (project['id'], endpoint['id']),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT)
expected_status_code=http.client.NO_CONTENT)
class DomainUserTests(base_classes.TestCaseWithBootstrap,

View File

@ -12,8 +12,8 @@
import uuid
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common.policies import project as pp
from keystone.common import provider_api
@ -75,7 +75,7 @@ class _SystemUserTests(object):
c.get(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_user_can_list_project_tags(self):
@ -109,7 +109,7 @@ class _SystemMemberAndReaderTagTests(object):
c.put(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_project_tag(self):
@ -126,7 +126,7 @@ class _SystemMemberAndReaderTagTests(object):
with self.test_client() as c:
c.put(
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
json=update, expected_status_code=http_client.FORBIDDEN
json=update, expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_project_tag(self):
@ -142,7 +142,7 @@ class _SystemMemberAndReaderTagTests(object):
c.delete(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -160,7 +160,7 @@ class _DomainAndProjectUserTagTests(object):
c.put(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_project_tag(self):
@ -177,7 +177,7 @@ class _DomainAndProjectUserTagTests(object):
with self.test_client() as c:
c.put(
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
json=update, expected_status_code=http_client.FORBIDDEN
json=update, expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_project_tag(self):
@ -193,7 +193,7 @@ class _DomainAndProjectUserTagTests(object):
c.delete(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -301,7 +301,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
c.put(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.CREATED
expected_status_code=http.client.CREATED
)
def test_user_can_update_project_tag(self):
@ -319,7 +319,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
c.put(
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
json=update,
expected_status_code=http_client.OK
expected_status_code=http.client.OK
)
def test_user_can_delete_project_tag(self):
@ -352,7 +352,7 @@ class _DomainUserTagTests(object):
c.get(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_user_can_list_tags_for_project_in_domain(self):
@ -382,7 +382,7 @@ class _DomainUserTagTests(object):
c.put(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_project_tag_outside_domain(self):
@ -400,7 +400,7 @@ class _DomainUserTagTests(object):
with self.test_client() as c:
c.put(
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
json=update, expected_status_code=http_client.FORBIDDEN
json=update, expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_project_tag_outside_domain(self):
@ -416,7 +416,7 @@ class _DomainUserTagTests(object):
c.delete(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_tag_for_project_outside_domain(self):
@ -432,7 +432,7 @@ class _DomainUserTagTests(object):
c.get(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_list_tags_for_project_outside_domain(self):
@ -448,7 +448,7 @@ class _DomainUserTagTests(object):
c.get(
'/v3/projects/%s/tags' % project['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -465,7 +465,7 @@ class _DomainMemberAndReaderTagTests(object):
c.put(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_project_tag_in_domain(self):
@ -482,7 +482,7 @@ class _DomainMemberAndReaderTagTests(object):
with self.test_client() as c:
c.put(
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
json=update, expected_status_code=http_client.FORBIDDEN
json=update, expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_project_tag_in_domain(self):
@ -497,7 +497,7 @@ class _DomainMemberAndReaderTagTests(object):
c.delete(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -553,7 +553,7 @@ class DomainAdminUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.put(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers, expected_status_code=http_client.CREATED
headers=self.headers, expected_status_code=http.client.CREATED
)
def test_user_can_update_project_tag_in_domain(self):
@ -570,7 +570,7 @@ class DomainAdminUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
r = c.put(
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
json=update, expected_status_code=http_client.OK
json=update, expected_status_code=http.client.OK
)
self.assertTrue(len(r.json['tags']) == 1)
self.assertEqual(new_tag, r.json['tags'][0])
@ -688,7 +688,7 @@ class _ProjectUserTagTests(object):
c.get(
'/v3/projects/%s/tags/%s' % (self.project_id, tag),
headers=self.headers,
expected_status_code=http_client.NO_CONTENT
expected_status_code=http.client.NO_CONTENT
)
def test_user_can_list_tags_for_project(self):
@ -714,7 +714,7 @@ class _ProjectUserTagTests(object):
c.put(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_tag_for_other_project(self):
@ -731,7 +731,7 @@ class _ProjectUserTagTests(object):
with self.test_client() as c:
c.put(
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
json=update, expected_status_code=http_client.FORBIDDEN
json=update, expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_tag_for_other_project(self):
@ -747,7 +747,7 @@ class _ProjectUserTagTests(object):
c.delete(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_get_tag_for_other_project(self):
@ -763,7 +763,7 @@ class _ProjectUserTagTests(object):
c.get(
'/v3/projects/%s/tags/%s' % (project['id'], tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_list_tags_for_other_project(self):
@ -779,7 +779,7 @@ class _ProjectUserTagTests(object):
c.get(
'/v3/projects/%s/tags' % project['id'],
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -791,7 +791,7 @@ class _ProjectMemberAndReaderTagTests(object):
c.put(
'/v3/projects/%s/tags/%s' % (self.project_id, tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_project_tag(self):
@ -803,7 +803,7 @@ class _ProjectMemberAndReaderTagTests(object):
with self.test_client() as c:
c.put(
'/v3/projects/%s/tags' % self.project_id, headers=self.headers,
json=update, expected_status_code=http_client.FORBIDDEN
json=update, expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_project_tag(self):
@ -814,7 +814,7 @@ class _ProjectMemberAndReaderTagTests(object):
c.delete(
'/v3/projects/%s/tags/%s' % (self.project_id, tag),
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -860,7 +860,7 @@ class ProjectAdminTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.put(
'/v3/projects/%s/tags/%s' % (self.project_id, tag),
headers=self.headers, expected_status_code=http_client.CREATED
headers=self.headers, expected_status_code=http.client.CREATED
)
def test_user_can_update_project_tag(self):
@ -872,7 +872,7 @@ class ProjectAdminTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.put(
'/v3/projects/%s/tags' % self.project_id, headers=self.headers,
json=update, expected_status_code=http_client.OK
json=update, expected_status_code=http.client.OK
)
def test_user_can_delete_project_tag(self):

View File

@ -12,8 +12,8 @@
import uuid
import http.client
from oslo_serialization import jsonutils
from six.moves import http_client
from keystone.common.policies import project as pp
from keystone.common import provider_api
@ -80,7 +80,7 @@ class _SystemUserTests(object):
with self.test_client() as c:
c.get(
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.NOT_FOUND
expected_status_code=http.client.NOT_FOUND
)
@ -97,7 +97,7 @@ class _SystemMemberAndReaderProjectTests(object):
with self.test_client() as c:
c.post(
'/v3/projects', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_projects(self):
@ -112,7 +112,7 @@ class _SystemMemberAndReaderProjectTests(object):
c.patch(
'/v3/projects/%s' % project['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_non_existent_project_forbidden(self):
@ -122,7 +122,7 @@ class _SystemMemberAndReaderProjectTests(object):
c.patch(
'/v3/projects/%s' % uuid.uuid4().hex, json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_projects(self):
@ -134,14 +134,14 @@ class _SystemMemberAndReaderProjectTests(object):
with self.test_client() as c:
c.delete(
'/v3/projects/%s' % project['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_non_existent_project_forbidden(self):
with self.test_client() as c:
c.delete(
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -188,7 +188,7 @@ class _DomainUsersTests(object):
with self.test_client() as c:
c.get(
'/v3/projects/%s' % project['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_can_list_projects_for_user_in_domain(self):
@ -237,7 +237,7 @@ class _DomainUsersTests(object):
with self.test_client() as c:
c.get(
'/v3/users/%s/projects' % user['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -250,7 +250,7 @@ class _DomainMemberAndReaderProjectTests(object):
with self.test_client() as c:
c.post(
'/v3/projects', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_projects_in_other_domains(self):
@ -263,7 +263,7 @@ class _DomainMemberAndReaderProjectTests(object):
with self.test_client() as c:
c.post(
'/v3/projects', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_projects_within_domain(self):
@ -278,7 +278,7 @@ class _DomainMemberAndReaderProjectTests(object):
c.patch(
'/v3/projects/%s' % project['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_projects_in_other_domain(self):
@ -293,7 +293,7 @@ class _DomainMemberAndReaderProjectTests(object):
c.patch(
'/v3/projects/%s' % project['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_non_existent_project_forbidden(self):
@ -303,7 +303,7 @@ class _DomainMemberAndReaderProjectTests(object):
c.patch(
'/v3/projects/%s' % uuid.uuid4().hex, json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_projects_within_domain(self):
@ -315,7 +315,7 @@ class _DomainMemberAndReaderProjectTests(object):
with self.test_client() as c:
c.delete(
'/v3/projects/%s' % project['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_projects_in_other_domain(self):
@ -327,14 +327,14 @@ class _DomainMemberAndReaderProjectTests(object):
with self.test_client() as c:
c.delete(
'/v3/projects/%s' % project['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_non_existent_projects_forbidden(self):
with self.test_client() as c:
c.delete(
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -461,7 +461,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/projects/%s' % uuid.uuid4().hex, json=update,
headers=self.headers,
expected_status_code=http_client.NOT_FOUND
expected_status_code=http.client.NOT_FOUND
)
def test_user_can_delete_projects(self):
@ -477,7 +477,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.delete(
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.NOT_FOUND
expected_status_code=http.client.NOT_FOUND
)
def test_user_can_list_their_projects(self):
@ -661,7 +661,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.post(
'/v3/projects', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_can_update_projects_within_domain(self):
@ -690,7 +690,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/projects/%s' % project['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_non_existent_project_forbidden(self):
@ -706,7 +706,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/projects/%s' % uuid.uuid4().hex, json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_can_delete_projects_within_domain(self):
@ -727,7 +727,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.delete(
'/v3/projects/%s' % project['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_non_existent_projects_forbidden(self):
@ -740,7 +740,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.delete(
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
@ -809,7 +809,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.get(
'/v3/projects', headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_list_projects_for_others(self):
@ -833,7 +833,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.get(
'/v3/users/%s/projects' % user['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_can_list_their_projects(self):
@ -860,7 +860,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.get(
'/v3/projects/%s' % project['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_create_projects(self):
@ -873,7 +873,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.post(
'/v3/projects', json=create, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_projects(self):
@ -888,7 +888,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/projects/%s' % project['id'], json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_update_non_existent_project_forbidden(self):
@ -898,7 +898,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
c.patch(
'/v3/projects/%s' % uuid.uuid4().hex, json=update,
headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_projects(self):
@ -910,12 +910,12 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
with self.test_client() as c:
c.delete(
'/v3/projects/%s' % project['id'], headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)
def test_user_cannot_delete_non_existent_project_forbidden(self):
with self.test_client() as c:
c.delete(
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
expected_status_code=http_client.FORBIDDEN
expected_status_code=http.client.FORBIDDEN
)

Some files were not shown because too many files have changed in this diff Show More