Remove six usage
This repo does not support Python 2 anymore, so we don't need six for compatibility between Python2 and 3, convert six usage to Python 3 code. Change-Id: Icba56808f38277b27af2ae5aac4b8507dee71b3b
This commit is contained in:
parent
7bb26ffd15
commit
4530041931
@ -12,10 +12,7 @@
|
||||
|
||||
# Common base resource for EC2 and S3 Authentication
|
||||
|
||||
import sys
|
||||
|
||||
from oslo_serialization import jsonutils
|
||||
import six
|
||||
from werkzeug import exceptions
|
||||
|
||||
from keystone.common import provider_api
|
||||
@ -102,10 +99,7 @@ class ResourceBase(ks_flask.ResourceBase):
|
||||
PROVIDERS.resource_api.assert_project_enabled(
|
||||
project_id=project_ref['id'], project=project_ref)
|
||||
except AssertionError as e:
|
||||
six.reraise(
|
||||
ks_exceptions.Unauthorized,
|
||||
ks_exceptions.Unauthorized(e),
|
||||
sys.exc_info()[2])
|
||||
raise ks_exceptions.Unauthorized from e
|
||||
|
||||
roles = PROVIDERS.assignment_api.get_roles_for_user_and_project(
|
||||
user_ref['id'], project_ref['id'])
|
||||
|
@ -19,7 +19,6 @@
|
||||
|
||||
import flask
|
||||
from oslo_log import log
|
||||
import six
|
||||
|
||||
from keystone.auth import core
|
||||
from keystone.common import provider_api
|
||||
@ -55,7 +54,7 @@ def _check_and_set_default_scoping(auth_info, auth_context):
|
||||
try:
|
||||
user_ref = PROVIDERS.identity_api.get_user(auth_context['user_id'])
|
||||
except exception.UserNotFound as e:
|
||||
LOG.warning(six.text_type(e))
|
||||
LOG.warning(e)
|
||||
raise exception.Unauthorized(e)
|
||||
|
||||
default_project_id = user_ref.get('default_project_id')
|
||||
@ -235,7 +234,7 @@ def authenticate_for_token(auth=None):
|
||||
|
||||
return token
|
||||
except exception.TrustNotFound as e:
|
||||
LOG.warning(six.text_type(e))
|
||||
LOG.warning(e)
|
||||
raise exception.Unauthorized(e)
|
||||
|
||||
|
||||
|
@ -15,11 +15,11 @@ import string
|
||||
|
||||
import flask
|
||||
import flask_restful
|
||||
import http.client
|
||||
from oslo_log import log
|
||||
from oslo_serialization import jsonutils
|
||||
from oslo_utils import strutils
|
||||
from six.moves import http_client
|
||||
from six.moves import urllib
|
||||
import urllib
|
||||
import werkzeug.exceptions
|
||||
|
||||
from keystone.api._shared import authentication
|
||||
@ -107,7 +107,7 @@ class _AuthFederationWebSSOBase(ks_flask.ResourceBase):
|
||||
src = string.Template(template.read())
|
||||
subs = {'host': host, 'token': token_id}
|
||||
body = src.substitute(subs)
|
||||
resp = flask.make_response(body, http_client.OK)
|
||||
resp = flask.make_response(body, http.client.OK)
|
||||
resp.charset = 'utf-8'
|
||||
resp.headers['Content-Type'] = 'text/html'
|
||||
return resp
|
||||
@ -298,7 +298,7 @@ class AuthTokenResource(_AuthFederationWebSSOBase):
|
||||
token_resp = render_token.render_token_response_from_model(
|
||||
token, include_catalog=include_catalog)
|
||||
resp_body = jsonutils.dumps(token_resp)
|
||||
response = flask.make_response(resp_body, http_client.OK)
|
||||
response = flask.make_response(resp_body, http.client.OK)
|
||||
response.headers['X-Subject-Token'] = token_id
|
||||
response.headers['Content-Type'] = 'application/json'
|
||||
return response
|
||||
@ -317,7 +317,7 @@ class AuthTokenResource(_AuthFederationWebSSOBase):
|
||||
token, include_catalog=include_catalog
|
||||
)
|
||||
resp_body = jsonutils.dumps(resp_data)
|
||||
response = flask.make_response(resp_body, http_client.CREATED)
|
||||
response = flask.make_response(resp_body, http.client.CREATED)
|
||||
response.headers['X-Subject-Token'] = token.id
|
||||
response.headers['Content-Type'] = 'application/json'
|
||||
return response
|
||||
@ -331,7 +331,7 @@ class AuthTokenResource(_AuthFederationWebSSOBase):
|
||||
token_id = flask.request.headers.get(
|
||||
authorization.SUBJECT_TOKEN_HEADER)
|
||||
PROVIDERS.token_provider_api.revoke_token(token_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class AuthFederationWebSSOResource(_AuthFederationWebSSOBase):
|
||||
@ -404,7 +404,7 @@ class AuthFederationSaml2Resource(_AuthFederationWebSSOBase):
|
||||
validation.lazy_validate(federation_schema.saml_create, auth)
|
||||
response, service_provider = saml.create_base_saml_assertion(auth)
|
||||
headers = _build_response_headers(service_provider)
|
||||
response = flask.make_response(response.to_string(), http_client.OK)
|
||||
response = flask.make_response(response.to_string(), http.client.OK)
|
||||
for header, value in headers:
|
||||
response.headers[header] = value
|
||||
return response
|
||||
@ -431,7 +431,7 @@ class AuthFederationSaml2ECPResource(_AuthFederationWebSSOBase):
|
||||
saml_assertion, relay_state_prefix)
|
||||
headers = _build_response_headers(service_provider)
|
||||
response = flask.make_response(
|
||||
ecp_assertion.to_string(), http_client.OK)
|
||||
ecp_assertion.to_string(), http.client.OK)
|
||||
for header, value in headers:
|
||||
response.headers[header] = value
|
||||
return response
|
||||
|
@ -15,8 +15,8 @@
|
||||
import hashlib
|
||||
|
||||
import flask
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common import provider_api
|
||||
from keystone.common import rbac_enforcer
|
||||
@ -150,7 +150,7 @@ class CredentialResource(ks_flask.ResourceBase):
|
||||
self._normalize_dict(credential), trust_id=trust_id)
|
||||
ref = PROVIDERS.credential_api.create_credential(
|
||||
ref['id'], ref, initiator=self.audit_initiator)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
def patch(self, credential_id):
|
||||
# Update Credential
|
||||
@ -176,7 +176,7 @@ class CredentialResource(ks_flask.ResourceBase):
|
||||
|
||||
return (PROVIDERS.credential_api.delete_credential(
|
||||
credential_id, initiator=self.audit_initiator),
|
||||
http_client.NO_CONTENT)
|
||||
http.client.NO_CONTENT)
|
||||
|
||||
|
||||
class CredentialAPI(ks_flask.APIBase):
|
||||
|
@ -12,8 +12,8 @@
|
||||
|
||||
import flask
|
||||
from flask import request
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common import json_home
|
||||
import keystone.conf
|
||||
@ -79,7 +79,7 @@ def get_versions():
|
||||
{'versions': {
|
||||
'values': list(versions.values())}}),
|
||||
mimetype=MimeTypes.JSON,
|
||||
status=http_client.MULTIPLE_CHOICES)
|
||||
status=http.client.MULTIPLE_CHOICES)
|
||||
response.headers['Location'] = preferred_location
|
||||
return response
|
||||
|
||||
|
@ -15,7 +15,7 @@
|
||||
import flask
|
||||
import flask_restful
|
||||
import functools
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import json_home
|
||||
from keystone.common import provider_api
|
||||
@ -127,7 +127,7 @@ class DomainResource(ks_flask.ResourceBase):
|
||||
domain = self._normalize_dict(domain)
|
||||
ref = PROVIDERS.resource_api.create_domain(
|
||||
domain['id'], domain, initiator=self.audit_initiator)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
def patch(self, domain_id):
|
||||
"""Update domain.
|
||||
@ -150,7 +150,7 @@ class DomainResource(ks_flask.ResourceBase):
|
||||
ENFORCER.enforce_call(action='identity:delete_domain')
|
||||
PROVIDERS.resource_api.delete_domain(
|
||||
domain_id, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class DomainConfigBase(ks_flask.ResourceBase):
|
||||
@ -217,7 +217,7 @@ class DomainConfigBase(ks_flask.ResourceBase):
|
||||
PROVIDERS.resource_api.get_domain(domain_id)
|
||||
PROVIDERS.domain_config_api.delete_config(
|
||||
domain_id, group, option=option)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class DomainConfigResource(DomainConfigBase):
|
||||
@ -247,7 +247,7 @@ class DomainConfigResource(DomainConfigBase):
|
||||
if original_config:
|
||||
return {self.member_key: ref}
|
||||
else:
|
||||
return {self.member_key: ref}, http_client.CREATED
|
||||
return {self.member_key: ref}, http.client.CREATED
|
||||
|
||||
|
||||
class DomainConfigGroupResource(DomainConfigBase):
|
||||
@ -337,7 +337,7 @@ class DomainUserResource(ks_flask.ResourceBase):
|
||||
PROVIDERS.assignment_api.get_grant(
|
||||
role_id, domain_id=domain_id, user_id=user_id,
|
||||
inherited_to_projects=False)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, domain_id=None, user_id=None, role_id=None):
|
||||
"""Create a role to a user on a domain.
|
||||
@ -350,7 +350,7 @@ class DomainUserResource(ks_flask.ResourceBase):
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
role_id, domain_id=domain_id, user_id=user_id,
|
||||
inherited_to_projects=False, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, domain_id=None, user_id=None, role_id=None):
|
||||
"""Revoke a role from user on a domain.
|
||||
@ -364,7 +364,7 @@ class DomainUserResource(ks_flask.ResourceBase):
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
role_id, domain_id=domain_id, user_id=user_id,
|
||||
inherited_to_projects=False, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class DomainGroupListResource(flask_restful.Resource):
|
||||
@ -398,7 +398,7 @@ class DomainGroupResource(ks_flask.ResourceBase):
|
||||
PROVIDERS.assignment_api.get_grant(
|
||||
role_id, domain_id=domain_id, group_id=group_id,
|
||||
inherited_to_projects=False)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, domain_id=None, group_id=None, role_id=None):
|
||||
"""Grant a role to a group on a domain.
|
||||
@ -411,7 +411,7 @@ class DomainGroupResource(ks_flask.ResourceBase):
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
role_id, domain_id=domain_id, group_id=group_id,
|
||||
inherited_to_projects=False, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, domain_id=None, group_id=None, role_id=None):
|
||||
"""Revoke a role from a group on a domain.
|
||||
@ -425,7 +425,7 @@ class DomainGroupResource(ks_flask.ResourceBase):
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
role_id, domain_id=domain_id, group_id=group_id,
|
||||
inherited_to_projects=False, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class DomainAPI(ks_flask.APIBase):
|
||||
|
@ -13,9 +13,9 @@
|
||||
# This file handles all flask-restful resources for /v3/ec2tokens
|
||||
|
||||
import flask
|
||||
import http.client
|
||||
from keystoneclient.contrib.ec2 import utils as ec2_utils
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.api._shared import EC2_S3_Resource
|
||||
from keystone.api._shared import json_home_relations
|
||||
@ -67,7 +67,7 @@ class EC2TokensResource(EC2_S3_Resource.ResourceBase):
|
||||
token = self.handle_authenticate()
|
||||
token_reference = render_token.render_token_response_from_model(token)
|
||||
resp_body = jsonutils.dumps(token_reference)
|
||||
response = flask.make_response(resp_body, http_client.OK)
|
||||
response = flask.make_response(resp_body, http.client.OK)
|
||||
response.headers['X-Subject-Token'] = token.id
|
||||
response.headers['Content-Type'] = 'application/json'
|
||||
return response
|
||||
|
@ -13,7 +13,7 @@
|
||||
# This file handles all flask-restful resources for /v3/services
|
||||
|
||||
import flask_restful
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.api._shared import json_home_relations
|
||||
from keystone.catalog import schema
|
||||
@ -97,7 +97,7 @@ class EndpointResource(ks_flask.ResourceBase):
|
||||
endpoint = self._validate_endpoint_region(endpoint)
|
||||
ref = PROVIDERS.catalog_api.create_endpoint(
|
||||
endpoint['id'], endpoint, initiator=self.audit_initiator)
|
||||
return self.wrap_member(_filter_endpoint(ref)), http_client.CREATED
|
||||
return self.wrap_member(_filter_endpoint(ref)), http.client.CREATED
|
||||
|
||||
def patch(self, endpoint_id):
|
||||
ENFORCER.enforce_call(action='identity:update_endpoint')
|
||||
@ -113,7 +113,7 @@ class EndpointResource(ks_flask.ResourceBase):
|
||||
ENFORCER.enforce_call(action='identity:delete_endpoint')
|
||||
PROVIDERS.catalog_api.delete_endpoint(endpoint_id,
|
||||
initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class EndpointPolicyEndpointResource(flask_restful.Resource):
|
||||
|
@ -15,7 +15,7 @@
|
||||
import flask
|
||||
import flask_restful
|
||||
import functools
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import json_home
|
||||
from keystone.common import provider_api
|
||||
@ -107,7 +107,7 @@ class GroupsResource(ks_flask.ResourceBase):
|
||||
group = self._normalize_domain_id(group)
|
||||
ref = PROVIDERS.identity_api.create_group(
|
||||
group, initiator=self.audit_initiator)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
def patch(self, group_id):
|
||||
"""Update group.
|
||||
@ -133,7 +133,7 @@ class GroupsResource(ks_flask.ResourceBase):
|
||||
ENFORCER.enforce_call(action='identity:delete_group')
|
||||
PROVIDERS.identity_api.delete_group(
|
||||
group_id, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class GroupUsersResource(ks_flask.ResourceBase):
|
||||
@ -194,7 +194,7 @@ class UserGroupCRUDResource(flask_restful.Resource):
|
||||
build_target=functools.partial(self._build_enforcement_target_attr,
|
||||
user_id, group_id))
|
||||
PROVIDERS.identity_api.check_user_in_group(user_id, group_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, group_id, user_id):
|
||||
"""Add user to group.
|
||||
@ -207,7 +207,7 @@ class UserGroupCRUDResource(flask_restful.Resource):
|
||||
user_id, group_id))
|
||||
PROVIDERS.identity_api.add_user_to_group(
|
||||
user_id, group_id, initiator=notifications.build_audit_initiator())
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, group_id, user_id):
|
||||
"""Remove user from group.
|
||||
@ -220,7 +220,7 @@ class UserGroupCRUDResource(flask_restful.Resource):
|
||||
user_id, group_id))
|
||||
PROVIDERS.identity_api.remove_user_from_group(
|
||||
user_id, group_id, initiator=notifications.build_audit_initiator())
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class GroupAPI(ks_flask.APIBase):
|
||||
|
@ -14,7 +14,7 @@
|
||||
|
||||
import flask
|
||||
import flask_restful
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import json_home
|
||||
from keystone.common import provider_api
|
||||
@ -110,7 +110,7 @@ class LimitsResource(ks_flask.ResourceBase):
|
||||
refs = PROVIDERS.unified_limit_api.create_limits(limits)
|
||||
refs = self.wrap_collection(refs)
|
||||
refs.pop('links')
|
||||
return refs, http_client.CREATED
|
||||
return refs, http.client.CREATED
|
||||
|
||||
def patch(self, limit_id):
|
||||
ENFORCER.enforce_call(action='identity:update_limit')
|
||||
@ -124,7 +124,7 @@ class LimitsResource(ks_flask.ResourceBase):
|
||||
def delete(self, limit_id):
|
||||
ENFORCER.enforce_call(action='identity:delete_limit')
|
||||
return (PROVIDERS.unified_limit_api.delete_limit(limit_id),
|
||||
http_client.NO_CONTENT)
|
||||
http.client.NO_CONTENT)
|
||||
|
||||
|
||||
class LimitModelResource(flask_restful.Resource):
|
||||
|
@ -13,7 +13,7 @@
|
||||
# This file handles all flask-restful resources for /OS-EP-FILTER
|
||||
|
||||
import flask_restful
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.api._shared import json_home_relations
|
||||
from keystone.api import endpoints as _endpoints_api
|
||||
@ -90,7 +90,7 @@ class EndpointGroupsResource(ks_flask.ResourceBase):
|
||||
self._require_valid_filter(ep_group)
|
||||
ep_group = self._assign_unique_id(ep_group)
|
||||
return self.wrap_member(PROVIDERS.catalog_api.create_endpoint_group(
|
||||
ep_group['id'], ep_group)), http_client.CREATED
|
||||
ep_group['id'], ep_group)), http.client.CREATED
|
||||
|
||||
def patch(self, endpoint_group_id):
|
||||
ENFORCER.enforce_call(action='identity:update_endpoint_group')
|
||||
@ -105,7 +105,7 @@ class EndpointGroupsResource(ks_flask.ResourceBase):
|
||||
def delete(self, endpoint_group_id):
|
||||
ENFORCER.enforce_call(action='identity:delete_endpoint_group')
|
||||
return (PROVIDERS.catalog_api.delete_endpoint_group(endpoint_group_id),
|
||||
http_client.NO_CONTENT)
|
||||
http.client.NO_CONTENT)
|
||||
|
||||
|
||||
class EPFilterEndpointProjectsResource(flask_restful.Resource):
|
||||
@ -127,19 +127,19 @@ class EPFilterProjectsEndpointsResource(flask_restful.Resource):
|
||||
PROVIDERS.resource_api.get_project(project_id)
|
||||
PROVIDERS.catalog_api.check_endpoint_in_project(
|
||||
endpoint_id, project_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, project_id, endpoint_id):
|
||||
ENFORCER.enforce_call(action='identity:add_endpoint_to_project')
|
||||
PROVIDERS.catalog_api.get_endpoint(endpoint_id)
|
||||
PROVIDERS.resource_api.get_project(project_id)
|
||||
PROVIDERS.catalog_api.add_endpoint_to_project(endpoint_id, project_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, project_id, endpoint_id):
|
||||
ENFORCER.enforce_call(action='identity:remove_endpoint_from_project')
|
||||
return (PROVIDERS.catalog_api.remove_endpoint_from_project(
|
||||
endpoint_id, project_id), http_client.NO_CONTENT)
|
||||
endpoint_id, project_id), http.client.NO_CONTENT)
|
||||
|
||||
|
||||
class EPFilterProjectEndpointsListResource(flask_restful.Resource):
|
||||
@ -219,7 +219,7 @@ class EPFilterGroupsProjectsResource(ks_flask.ResourceBase):
|
||||
PROVIDERS.catalog_api.get_endpoint_group(endpoint_group_id)
|
||||
PROVIDERS.catalog_api.add_endpoint_group_to_project(
|
||||
endpoint_group_id, project_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, endpoint_group_id, project_id):
|
||||
ENFORCER.enforce_call(
|
||||
@ -228,7 +228,7 @@ class EPFilterGroupsProjectsResource(ks_flask.ResourceBase):
|
||||
PROVIDERS.catalog_api.get_endpoint_group(endpoint_group_id)
|
||||
PROVIDERS.catalog_api.remove_endpoint_group_from_project(
|
||||
endpoint_group_id, project_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class EPFilterAPI(ks_flask.APIBase):
|
||||
|
@ -14,8 +14,8 @@
|
||||
|
||||
import flask
|
||||
import flask_restful
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.api._shared import authentication
|
||||
from keystone.api._shared import json_home_relations
|
||||
@ -137,7 +137,7 @@ class IdentityProvidersResource(_ResourceBase):
|
||||
idp.setdefault('enabled', False)
|
||||
idp_ref = PROVIDERS.federation_api.create_idp(
|
||||
idp_id, idp)
|
||||
return self.wrap_member(idp_ref), http_client.CREATED
|
||||
return self.wrap_member(idp_ref), http.client.CREATED
|
||||
|
||||
def patch(self, idp_id):
|
||||
ENFORCER.enforce_call(action='identity:update_identity_provider')
|
||||
@ -151,7 +151,7 @@ class IdentityProvidersResource(_ResourceBase):
|
||||
def delete(self, idp_id):
|
||||
ENFORCER.enforce_call(action='identity:delete_identity_provider')
|
||||
PROVIDERS.federation_api.delete_idp(idp_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class _IdentityProvidersProtocolsResourceBase(_ResourceBase):
|
||||
@ -218,7 +218,7 @@ class IDPProtocolsCRUDResource(_IdentityProvidersProtocolsResourceBase):
|
||||
protocol = self._normalize_dict(protocol)
|
||||
ref = PROVIDERS.federation_api.create_protocol(idp_id, protocol_id,
|
||||
protocol)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
def patch(self, idp_id, protocol_id):
|
||||
"""Update protocol for an IDP.
|
||||
@ -241,7 +241,7 @@ class IDPProtocolsCRUDResource(_IdentityProvidersProtocolsResourceBase):
|
||||
"""
|
||||
ENFORCER.enforce_call(action='identity:delete_protocol')
|
||||
PROVIDERS.federation_api.delete_protocol(idp_id, protocol_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class MappingResource(_ResourceBase):
|
||||
@ -282,7 +282,7 @@ class MappingResource(_ResourceBase):
|
||||
utils.validate_mapping_structure(mapping)
|
||||
mapping_ref = PROVIDERS.federation_api.create_mapping(
|
||||
mapping_id, mapping)
|
||||
return self.wrap_member(mapping_ref), http_client.CREATED
|
||||
return self.wrap_member(mapping_ref), http.client.CREATED
|
||||
|
||||
def patch(self, mapping_id):
|
||||
"""Update a mapping.
|
||||
@ -304,7 +304,7 @@ class MappingResource(_ResourceBase):
|
||||
"""
|
||||
ENFORCER.enforce_call(action='identity:delete_mapping')
|
||||
PROVIDERS.federation_api.delete_mapping(mapping_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class ServiceProvidersResource(_ResourceBase):
|
||||
@ -355,7 +355,7 @@ class ServiceProvidersResource(_ResourceBase):
|
||||
sp.setdefault('relay_state_prefix',
|
||||
CONF.saml.relay_state_prefix)
|
||||
sp_ref = PROVIDERS.federation_api.create_sp(sp_id, sp)
|
||||
return self.wrap_member(sp_ref), http_client.CREATED
|
||||
return self.wrap_member(sp_ref), http.client.CREATED
|
||||
|
||||
def patch(self, sp_id):
|
||||
"""Update a service provider.
|
||||
@ -376,7 +376,7 @@ class ServiceProvidersResource(_ResourceBase):
|
||||
"""
|
||||
ENFORCER.enforce_call(action='identity:delete_service_provider')
|
||||
PROVIDERS.federation_api.delete_sp(sp_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class SAML2MetadataResource(flask_restful.Resource):
|
||||
@ -393,7 +393,7 @@ class SAML2MetadataResource(flask_restful.Resource):
|
||||
except IOError as e:
|
||||
# Raise HTTP 500 in case Metadata file cannot be read.
|
||||
raise exception.MetadataFileError(reason=e)
|
||||
resp = flask.make_response(metadata, http_client.OK)
|
||||
resp = flask.make_response(metadata, http.client.OK)
|
||||
resp.headers['Content-Type'] = 'text/xml'
|
||||
return resp
|
||||
|
||||
@ -436,7 +436,7 @@ class OSFederationAuthResource(flask_restful.Resource):
|
||||
token = authentication.authenticate_for_token(auth)
|
||||
token_data = render_token.render_token_response_from_model(token)
|
||||
resp_data = jsonutils.dumps(token_data)
|
||||
flask_resp = flask.make_response(resp_data, http_client.CREATED)
|
||||
flask_resp = flask.make_response(resp_data, http.client.CREATED)
|
||||
flask_resp.headers['X-Subject-Token'] = token.id
|
||||
flask_resp.headers['Content-Type'] = 'application/json'
|
||||
return flask_resp
|
||||
|
@ -14,8 +14,8 @@
|
||||
|
||||
import flask_restful
|
||||
import functools
|
||||
import http.client
|
||||
from oslo_log import log
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.api._shared import json_home_relations
|
||||
from keystone.common import json_home
|
||||
@ -118,7 +118,7 @@ class OSInheritDomainGroupRolesResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.get_grant(
|
||||
domain_id=domain_id, group_id=group_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, domain_id, group_id, role_id):
|
||||
"""Create an inherited grant for a group on a domain.
|
||||
@ -135,7 +135,7 @@ class OSInheritDomainGroupRolesResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
domain_id=domain_id, group_id=group_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, domain_id, group_id, role_id):
|
||||
"""Revoke an inherited grant for a group on a domain.
|
||||
@ -152,7 +152,7 @@ class OSInheritDomainGroupRolesResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
domain_id=domain_id, group_id=group_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class OSInheritDomainGroupRolesListResource(flask_restful.Resource):
|
||||
@ -189,7 +189,7 @@ class OSInheritDomainUserRolesResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.get_grant(
|
||||
domain_id=domain_id, user_id=user_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, domain_id, user_id, role_id):
|
||||
"""Create an inherited grant for a user on a domain.
|
||||
@ -206,7 +206,7 @@ class OSInheritDomainUserRolesResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
domain_id=domain_id, user_id=user_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, domain_id, user_id, role_id):
|
||||
"""Revoke a grant from a user on a domain.
|
||||
@ -223,7 +223,7 @@ class OSInheritDomainUserRolesResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
domain_id=domain_id, user_id=user_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class OSInheritDomainUserRolesListResource(flask_restful.Resource):
|
||||
@ -260,7 +260,7 @@ class OSInheritProjectUserResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.get_grant(
|
||||
project_id=project_id, user_id=user_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, project_id, user_id, role_id):
|
||||
"""Create an inherited grant for a user on a project.
|
||||
@ -277,7 +277,7 @@ class OSInheritProjectUserResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
project_id=project_id, user_id=user_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, project_id, user_id, role_id):
|
||||
"""Revoke an inherited grant for a user on a project.
|
||||
@ -294,7 +294,7 @@ class OSInheritProjectUserResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
project_id=project_id, user_id=user_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class OSInheritProjectGroupResource(flask_restful.Resource):
|
||||
@ -313,7 +313,7 @@ class OSInheritProjectGroupResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.get_grant(
|
||||
project_id=project_id, group_id=group_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, project_id, group_id, role_id):
|
||||
"""Create an inherited grant for a group on a project.
|
||||
@ -330,7 +330,7 @@ class OSInheritProjectGroupResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
project_id=project_id, group_id=group_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, project_id, group_id, role_id):
|
||||
"""Revoke an inherited grant for a group on a project.
|
||||
@ -347,7 +347,7 @@ class OSInheritProjectGroupResource(flask_restful.Resource):
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
project_id=project_id, group_id=group_id, role_id=role_id,
|
||||
inherited_to_projects=True)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class OSInheritAPI(ks_flask.APIBase):
|
||||
|
@ -14,10 +14,10 @@
|
||||
|
||||
import flask
|
||||
import flask_restful
|
||||
import http.client
|
||||
from oslo_log import log
|
||||
from oslo_utils import timeutils
|
||||
from six.moves import http_client
|
||||
from six.moves.urllib import parse as urlparse
|
||||
from urllib import parse as urlparse
|
||||
from werkzeug import exceptions
|
||||
|
||||
from keystone.api._shared import json_home_relations
|
||||
@ -108,7 +108,7 @@ class ConsumerResource(ks_flask.ResourceBase):
|
||||
consumer = self._assign_unique_id(consumer)
|
||||
ref = PROVIDERS.oauth_api.create_consumer(
|
||||
consumer, initiator=self.audit_initiator)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
def delete(self, consumer_id):
|
||||
ENFORCER.enforce_call(action='identity:delete_consumer')
|
||||
@ -122,7 +122,7 @@ class ConsumerResource(ks_flask.ResourceBase):
|
||||
notifications.invalidate_token_cache_notification(reason)
|
||||
PROVIDERS.oauth_api.delete_consumer(
|
||||
consumer_id, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def patch(self, consumer_id):
|
||||
ENFORCER.enforce_call(action='identity:update_consumer')
|
||||
@ -184,7 +184,7 @@ class RequestTokenResource(_OAuth1ResourceBase):
|
||||
expiry_bit = '&oauth_expires_at=%s' % token_ref['expires_at']
|
||||
result += expiry_bit
|
||||
|
||||
resp = flask.make_response(result, http_client.CREATED)
|
||||
resp = flask.make_response(result, http.client.CREATED)
|
||||
resp.headers['Content-Type'] = 'application/x-www-form-urlencoded'
|
||||
return resp
|
||||
|
||||
@ -276,7 +276,7 @@ class AccessTokenResource(_OAuth1ResourceBase):
|
||||
expiry_bit = '&oauth_expires_at=%s' % (token_ref['expires_at'])
|
||||
result += expiry_bit
|
||||
|
||||
resp = flask.make_response(result, http_client.CREATED)
|
||||
resp = flask.make_response(result, http.client.CREATED)
|
||||
resp.headers['Content-Type'] = 'application/x-www-form-urlencoded'
|
||||
return resp
|
||||
|
||||
|
@ -13,8 +13,8 @@
|
||||
# This file handles all flask-restful resources for /policy
|
||||
|
||||
import flask_restful
|
||||
import http.client
|
||||
from oslo_log import versionutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.api._shared import json_home_relations
|
||||
from keystone.common import json_home
|
||||
@ -72,7 +72,7 @@ class PolicyResource(ks_flask.ResourceBase):
|
||||
ref = PROVIDERS.policy_api.create_policy(
|
||||
policy['id'], policy, initiator=self.audit_initiator
|
||||
)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
@versionutils.deprecated(
|
||||
as_of=versionutils.deprecated.QUEENS,
|
||||
@ -97,7 +97,7 @@ class PolicyResource(ks_flask.ResourceBase):
|
||||
res = PROVIDERS.policy_api.delete_policy(
|
||||
policy_id, initiator=self.audit_initiator
|
||||
)
|
||||
return (res, http_client.NO_CONTENT)
|
||||
return (res, http.client.NO_CONTENT)
|
||||
|
||||
|
||||
class EndpointPolicyResource(flask_restful.Resource):
|
||||
@ -128,7 +128,7 @@ class EndpointPolicyAssociations(flask_restful.Resource):
|
||||
PROVIDERS.endpoint_policy_api.check_policy_association(
|
||||
policy_id, endpoint_id=endpoint_id
|
||||
)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, policy_id, endpoint_id):
|
||||
action = 'identity:create_policy_association_for_endpoint'
|
||||
@ -138,7 +138,7 @@ class EndpointPolicyAssociations(flask_restful.Resource):
|
||||
PROVIDERS.endpoint_policy_api.create_policy_association(
|
||||
policy_id, endpoint_id=endpoint_id
|
||||
)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, policy_id, endpoint_id):
|
||||
action = 'identity:delete_policy_association_for_endpoint'
|
||||
@ -148,7 +148,7 @@ class EndpointPolicyAssociations(flask_restful.Resource):
|
||||
PROVIDERS.endpoint_policy_api.delete_policy_association(
|
||||
policy_id, endpoint_id=endpoint_id
|
||||
)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class ServicePolicyAssociations(flask_restful.Resource):
|
||||
@ -161,7 +161,7 @@ class ServicePolicyAssociations(flask_restful.Resource):
|
||||
PROVIDERS.endpoint_policy_api.check_policy_association(
|
||||
policy_id, service_id=service_id
|
||||
)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, policy_id, service_id):
|
||||
action = 'identity:create_policy_association_for_service'
|
||||
@ -171,7 +171,7 @@ class ServicePolicyAssociations(flask_restful.Resource):
|
||||
PROVIDERS.endpoint_policy_api.create_policy_association(
|
||||
policy_id, service_id=service_id
|
||||
)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, policy_id, service_id):
|
||||
action = 'identity:delete_policy_association_for_service'
|
||||
@ -181,7 +181,7 @@ class ServicePolicyAssociations(flask_restful.Resource):
|
||||
PROVIDERS.endpoint_policy_api.delete_policy_association(
|
||||
policy_id, service_id=service_id
|
||||
)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class ServiceRegionPolicyAssociations(flask_restful.Resource):
|
||||
@ -195,7 +195,7 @@ class ServiceRegionPolicyAssociations(flask_restful.Resource):
|
||||
PROVIDERS.endpoint_policy_api.check_policy_association(
|
||||
policy_id, service_id=service_id, region_id=region_id
|
||||
)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, policy_id, service_id, region_id):
|
||||
action = 'identity:create_policy_association_for_region_and_service'
|
||||
@ -206,7 +206,7 @@ class ServiceRegionPolicyAssociations(flask_restful.Resource):
|
||||
PROVIDERS.endpoint_policy_api.create_policy_association(
|
||||
policy_id, service_id=service_id, region_id=region_id
|
||||
)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, policy_id, service_id, region_id):
|
||||
action = 'identity:delete_policy_association_for_region_and_service'
|
||||
@ -217,7 +217,7 @@ class ServiceRegionPolicyAssociations(flask_restful.Resource):
|
||||
PROVIDERS.endpoint_policy_api.delete_policy_association(
|
||||
policy_id, service_id=service_id, region_id=region_id
|
||||
)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class PolicyAPI(ks_flask.APIBase):
|
||||
|
@ -15,7 +15,7 @@
|
||||
import functools
|
||||
|
||||
import flask
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import json_home
|
||||
from keystone.common import provider_api
|
||||
@ -179,7 +179,7 @@ class ProjectResource(ks_flask.ResourceBase):
|
||||
initiator=self.audit_initiator)
|
||||
except (exception.DomainNotFound, exception.ProjectNotFound) as e:
|
||||
raise exception.ValidationError(e)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
def patch(self, project_id):
|
||||
"""Update project.
|
||||
@ -211,7 +211,7 @@ class ProjectResource(ks_flask.ResourceBase):
|
||||
PROVIDERS.resource_api.delete_project(
|
||||
project_id,
|
||||
initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class _ProjectTagResourceBase(ks_flask.ResourceBase):
|
||||
@ -268,7 +268,7 @@ class ProjectTagsResource(_ProjectTagResourceBase):
|
||||
build_target=_build_project_target_enforcement
|
||||
)
|
||||
PROVIDERS.resource_api.update_project_tags(project_id, [])
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class ProjectTagResource(_ProjectTagResourceBase):
|
||||
@ -282,7 +282,7 @@ class ProjectTagResource(_ProjectTagResourceBase):
|
||||
build_target=_build_project_target_enforcement,
|
||||
)
|
||||
PROVIDERS.resource_api.get_project_tag(project_id, value)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, project_id, value):
|
||||
"""Add a single tag to a project.
|
||||
@ -304,7 +304,7 @@ class ProjectTagResource(_ProjectTagResourceBase):
|
||||
initiator=self.audit_initiator
|
||||
)
|
||||
url = '/'.join((ks_flask.base_url(), project_id, 'tags', value))
|
||||
response = flask.make_response('', http_client.CREATED)
|
||||
response = flask.make_response('', http.client.CREATED)
|
||||
response.headers['Location'] = url
|
||||
return response
|
||||
|
||||
@ -318,7 +318,7 @@ class ProjectTagResource(_ProjectTagResourceBase):
|
||||
build_target=_build_project_target_enforcement
|
||||
)
|
||||
PROVIDERS.resource_api.delete_project_tag(project_id, value)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class _ProjectGrantResourceBase(ks_flask.ResourceBase):
|
||||
@ -375,7 +375,7 @@ class ProjectUserGrantResource(_ProjectGrantResourceBase):
|
||||
PROVIDERS.assignment_api.get_grant(
|
||||
role_id=role_id, user_id=user_id, project_id=project_id,
|
||||
inherited_to_projects=inherited)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, project_id, user_id, role_id):
|
||||
"""Grant role for user on project.
|
||||
@ -392,7 +392,7 @@ class ProjectUserGrantResource(_ProjectGrantResourceBase):
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
role_id=role_id, user_id=user_id, project_id=project_id,
|
||||
inherited_to_projects=inherited, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, project_id, user_id, role_id):
|
||||
"""Delete grant of role for user on project.
|
||||
@ -410,7 +410,7 @@ class ProjectUserGrantResource(_ProjectGrantResourceBase):
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
role_id=role_id, user_id=user_id, project_id=project_id,
|
||||
inherited_to_projects=inherited, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class ProjectUserListGrantResource(_ProjectGrantResourceBase):
|
||||
@ -448,7 +448,7 @@ class ProjectGroupGrantResource(_ProjectGrantResourceBase):
|
||||
PROVIDERS.assignment_api.get_grant(
|
||||
role_id=role_id, group_id=group_id, project_id=project_id,
|
||||
inherited_to_projects=inherited)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, project_id, group_id, role_id):
|
||||
"""Grant role for group on project.
|
||||
@ -465,7 +465,7 @@ class ProjectGroupGrantResource(_ProjectGrantResourceBase):
|
||||
PROVIDERS.assignment_api.create_grant(
|
||||
role_id=role_id, group_id=group_id, project_id=project_id,
|
||||
inherited_to_projects=inherited, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, project_id, group_id, role_id):
|
||||
"""Delete grant of role for group on project.
|
||||
@ -483,7 +483,7 @@ class ProjectGroupGrantResource(_ProjectGrantResourceBase):
|
||||
PROVIDERS.assignment_api.delete_grant(
|
||||
role_id=role_id, group_id=group_id, project_id=project_id,
|
||||
inherited_to_projects=inherited, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class ProjectGroupListGrantResource(_ProjectGrantResourceBase):
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
# This file handles all flask-restful resources for /v3/regions
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.catalog import schema
|
||||
from keystone.common import provider_api
|
||||
@ -59,7 +59,7 @@ class RegionResource(ks_flask.ResourceBase):
|
||||
region = self._assign_unique_id(region)
|
||||
ref = PROVIDERS.catalog_api.create_region(
|
||||
region, initiator=self.audit_initiator)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
def put(self, region_id):
|
||||
ENFORCER.enforce_call(action='identity:create_region')
|
||||
@ -77,7 +77,7 @@ class RegionResource(ks_flask.ResourceBase):
|
||||
|
||||
ref = PROVIDERS.catalog_api.create_region(
|
||||
region, initiator=self.audit_initiator)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
def patch(self, region_id):
|
||||
ENFORCER.enforce_call(action='identity:update_region')
|
||||
@ -90,7 +90,7 @@ class RegionResource(ks_flask.ResourceBase):
|
||||
def delete(self, region_id):
|
||||
ENFORCER.enforce_call(action='identity:delete_region')
|
||||
return PROVIDERS.catalog_api.delete_region(
|
||||
region_id, initiator=self.audit_initiator), http_client.NO_CONTENT
|
||||
region_id, initiator=self.audit_initiator), http.client.NO_CONTENT
|
||||
|
||||
|
||||
class RegionAPI(ks_flask.APIBase):
|
||||
|
@ -13,7 +13,7 @@
|
||||
# This file handles all flask-restful resources for /v3/registered_limits
|
||||
|
||||
import flask
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import json_home
|
||||
from keystone.common import provider_api
|
||||
@ -62,7 +62,7 @@ class RegisteredLimitResource(ks_flask.ResourceBase):
|
||||
registered_limits)
|
||||
refs = self.wrap_collection(refs)
|
||||
refs.pop('links')
|
||||
return refs, http_client.CREATED
|
||||
return refs, http.client.CREATED
|
||||
|
||||
def patch(self, registered_limit_id):
|
||||
ENFORCER.enforce_call(action='identity:update_registered_limit')
|
||||
@ -78,7 +78,7 @@ class RegisteredLimitResource(ks_flask.ResourceBase):
|
||||
def delete(self, registered_limit_id):
|
||||
ENFORCER.enforce_call(action='identity:delete_registered_limit')
|
||||
return (PROVIDERS.unified_limit_api.delete_registered_limit(
|
||||
registered_limit_id), http_client.NO_CONTENT)
|
||||
registered_limit_id), http.client.NO_CONTENT)
|
||||
|
||||
|
||||
class RegisteredLimitsAPI(ks_flask.APIBase):
|
||||
|
@ -14,7 +14,7 @@
|
||||
|
||||
import flask
|
||||
import flask_restful
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.api._shared import implied_roles as shared
|
||||
from keystone.assignment import schema
|
||||
@ -114,7 +114,7 @@ class RoleResource(ks_flask.ResourceBase):
|
||||
role = self._normalize_dict(role)
|
||||
ref = PROVIDERS.role_api.create_role(
|
||||
role['id'], role, initiator=self.audit_initiator)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
def patch(self, role_id):
|
||||
"""Update role.
|
||||
@ -170,7 +170,7 @@ class RoleResource(ks_flask.ResourceBase):
|
||||
member_target_type='role',
|
||||
member_target=role)
|
||||
PROVIDERS.role_api.delete_role(role_id, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
def _build_enforcement_target_ref():
|
||||
@ -222,7 +222,7 @@ class RoleImplicationResource(flask_restful.Resource):
|
||||
# for a future fix. This should just return the above "get" however,
|
||||
# we document and implment this as a NO_CONTENT response. NO_CONTENT
|
||||
# here is incorrect. It is maintained as is for API contract reasons.
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def get(self, prior_role_id, implied_role_id):
|
||||
"""Get implied role.
|
||||
@ -258,7 +258,7 @@ class RoleImplicationResource(flask_restful.Resource):
|
||||
build_target=_build_enforcement_target_ref)
|
||||
PROVIDERS.role_api.create_implied_role(prior_role_id, implied_role_id)
|
||||
response_json = self._get_implied_role(prior_role_id, implied_role_id)
|
||||
return response_json, http_client.CREATED
|
||||
return response_json, http.client.CREATED
|
||||
|
||||
def delete(self, prior_role_id, implied_role_id):
|
||||
"""Delete implied role.
|
||||
@ -268,7 +268,7 @@ class RoleImplicationResource(flask_restful.Resource):
|
||||
ENFORCER.enforce_call(action='identity:delete_implied_role',
|
||||
build_target=_build_enforcement_target_ref)
|
||||
PROVIDERS.role_api.delete_implied_role(prior_role_id, implied_role_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class RoleAPI(ks_flask.APIBase):
|
||||
|
@ -17,9 +17,8 @@ import hashlib
|
||||
import hmac
|
||||
|
||||
import flask
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
import six
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.api._shared import EC2_S3_Resource
|
||||
from keystone.api._shared import json_home_relations
|
||||
@ -39,9 +38,6 @@ def _calculate_signature_v1(string_to_sign, secret_key):
|
||||
sign requests
|
||||
"""
|
||||
key = str(secret_key).encode('utf-8')
|
||||
if six.PY2:
|
||||
b64_encode = base64.encodestring
|
||||
else:
|
||||
b64_encode = base64.encodebytes
|
||||
signed = b64_encode(hmac.new(key, string_to_sign, hashlib.sha1)
|
||||
.digest()).decode('utf-8').strip()
|
||||
@ -100,7 +96,7 @@ class S3Resource(EC2_S3_Resource.ResourceBase):
|
||||
token = self.handle_authenticate()
|
||||
token_reference = render_token.render_token_response_from_model(token)
|
||||
resp_body = jsonutils.dumps(token_reference)
|
||||
response = flask.make_response(resp_body, http_client.OK)
|
||||
response = flask.make_response(resp_body, http.client.OK)
|
||||
response.headers['Content-Type'] = 'application/json'
|
||||
return response
|
||||
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
# This file handles all flask-restful resources for /v3/services
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.catalog import schema
|
||||
from keystone.common import provider_api
|
||||
@ -52,7 +52,7 @@ class ServicesResource(ks_flask.ResourceBase):
|
||||
service = self._assign_unique_id(self._normalize_dict(service))
|
||||
ref = PROVIDERS.catalog_api.create_service(
|
||||
service['id'], service, initiator=self.audit_initiator)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
def patch(self, service_id):
|
||||
ENFORCER.enforce_call(action='identity:update_service')
|
||||
@ -66,7 +66,7 @@ class ServicesResource(ks_flask.ResourceBase):
|
||||
def delete(self, service_id):
|
||||
ENFORCER.enforce_call(action='identity:delete_service')
|
||||
return PROVIDERS.catalog_api.delete_service(
|
||||
service_id, initiator=self.audit_initiator), http_client.NO_CONTENT
|
||||
service_id, initiator=self.audit_initiator), http.client.NO_CONTENT
|
||||
|
||||
|
||||
class ServiceAPI(ks_flask.APIBase):
|
||||
|
@ -15,7 +15,7 @@
|
||||
import flask
|
||||
import flask_restful
|
||||
import functools
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import json_home
|
||||
from keystone.common import provider_api
|
||||
@ -73,7 +73,7 @@ class SystemUsersResource(flask_restful.Resource):
|
||||
ENFORCER.enforce_call(action='identity:check_system_grant_for_user',
|
||||
build_target=_build_enforcement_target)
|
||||
PROVIDERS.assignment_api.check_system_grant_for_user(user_id, role_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, user_id, role_id):
|
||||
"""Grant a role to a user on the system.
|
||||
@ -83,7 +83,7 @@ class SystemUsersResource(flask_restful.Resource):
|
||||
ENFORCER.enforce_call(action='identity:create_system_grant_for_user',
|
||||
build_target=_build_enforcement_target)
|
||||
PROVIDERS.assignment_api.create_system_grant_for_user(user_id, role_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, user_id, role_id):
|
||||
"""Revoke a role from user on the system.
|
||||
@ -96,7 +96,7 @@ class SystemUsersResource(flask_restful.Resource):
|
||||
_build_enforcement_target,
|
||||
allow_non_existing=True))
|
||||
PROVIDERS.assignment_api.delete_system_grant_for_user(user_id, role_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class SystemGroupsRolesListResource(flask_restful.Resource):
|
||||
@ -122,7 +122,7 @@ class SystemGroupsRolestResource(flask_restful.Resource):
|
||||
build_target=_build_enforcement_target)
|
||||
PROVIDERS.assignment_api.check_system_grant_for_group(
|
||||
group_id, role_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def put(self, group_id, role_id):
|
||||
"""Grant a role to a group on the system.
|
||||
@ -133,7 +133,7 @@ class SystemGroupsRolestResource(flask_restful.Resource):
|
||||
build_target=_build_enforcement_target)
|
||||
PROVIDERS.assignment_api.create_system_grant_for_group(
|
||||
group_id, role_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
def delete(self, group_id, role_id):
|
||||
"""Revoke a role from the group on the system.
|
||||
@ -147,7 +147,7 @@ class SystemGroupsRolestResource(flask_restful.Resource):
|
||||
allow_non_existing=True))
|
||||
PROVIDERS.assignment_api.delete_system_grant_for_group(
|
||||
group_id, role_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class SystemAPI(ks_flask.APIBase):
|
||||
|
@ -17,9 +17,9 @@
|
||||
|
||||
import flask
|
||||
import flask_restful
|
||||
import http.client
|
||||
from oslo_log import log
|
||||
from oslo_policy import _checks as op_checks
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.api._shared import json_home_relations
|
||||
from keystone.common import context
|
||||
@ -305,7 +305,7 @@ class TrustResource(ks_flask.ResourceBase):
|
||||
initiator=self.audit_initiator)
|
||||
_normalize_trust_expires_at(return_trust)
|
||||
_normalize_trust_roles(return_trust)
|
||||
return self.wrap_member(return_trust), http_client.CREATED
|
||||
return self.wrap_member(return_trust), http.client.CREATED
|
||||
|
||||
def delete(self, trust_id):
|
||||
ENFORCER.enforce_call(action='identity:delete_trust',
|
||||
@ -336,7 +336,7 @@ class TrustResource(ks_flask.ResourceBase):
|
||||
raise exception.ForbiddenAction(action=action)
|
||||
PROVIDERS.trust_api.delete_trust(trust_id,
|
||||
initiator=self.audit_initiator)
|
||||
return '', http_client.NO_CONTENT
|
||||
return '', http.client.NO_CONTENT
|
||||
|
||||
|
||||
# NOTE(morgan): Since this Resource is not being used with the automatic
|
||||
|
@ -17,8 +17,8 @@ import os
|
||||
import uuid
|
||||
|
||||
import flask
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
from werkzeug import exceptions
|
||||
|
||||
from keystone.api._shared import json_home_relations
|
||||
@ -209,7 +209,7 @@ class UserResource(ks_flask.ResourceBase):
|
||||
ref = PROVIDERS.identity_api.create_user(
|
||||
user_data,
|
||||
initiator=self.audit_initiator)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
def patch(self, user_id):
|
||||
"""Update a user.
|
||||
@ -238,7 +238,7 @@ class UserResource(ks_flask.ResourceBase):
|
||||
build_target=_build_user_target_enforcement
|
||||
)
|
||||
PROVIDERS.identity_api.delete_user(user_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class UserChangePasswordResource(ks_flask.ResourceBase):
|
||||
@ -262,7 +262,7 @@ class UserChangePasswordResource(ks_flask.ResourceBase):
|
||||
raise ks_exception.Unauthorized(
|
||||
_('Error when changing user password: %s') % e
|
||||
)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class UserProjectsResource(ks_flask.ResourceBase):
|
||||
@ -370,7 +370,7 @@ class UserOSEC2CredentialsResourceListCreate(_UserOSEC2CredBaseResource):
|
||||
)
|
||||
PROVIDERS.credential_api.create_credential(credential_id, cred_data)
|
||||
ref = _convert_v3_to_ec2_credential(cred_data)
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
|
||||
class UserOSEC2CredentialsResourceGetDelete(_UserOSEC2CredBaseResource):
|
||||
@ -408,7 +408,7 @@ class UserOSEC2CredentialsResourceGetDelete(_UserOSEC2CredBaseResource):
|
||||
ec2_cred_id = utils.hash_access_key(credential_id)
|
||||
self._get_cred_data(ec2_cred_id)
|
||||
PROVIDERS.credential_api.delete_credential(ec2_cred_id)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class _OAuth1ResourceBase(ks_flask.ResourceBase):
|
||||
@ -476,7 +476,7 @@ class OAuth1AccessTokenCRUDResource(_OAuth1ResourceBase):
|
||||
notifications.invalidate_token_cache_notification(reason)
|
||||
PROVIDERS.oauth_api.delete_access_token(
|
||||
user_id, access_token_id, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class OAuth1AccessTokenRoleListResource(ks_flask.ResourceBase):
|
||||
@ -621,7 +621,7 @@ class UserAppCredListCreateResource(ks_flask.ResourceBase):
|
||||
# https://specs.openstack.org/openstack/api-wg/guidelines/http.html#failure-code-clarifications
|
||||
raise ks_exception.ApplicationCredentialValidationError(
|
||||
detail=str(e))
|
||||
return self.wrap_member(ref), http_client.CREATED
|
||||
return self.wrap_member(ref), http.client.CREATED
|
||||
|
||||
|
||||
class UserAppCredGetDeleteResource(ks_flask.ResourceBase):
|
||||
@ -650,7 +650,7 @@ class UserAppCredGetDeleteResource(ks_flask.ResourceBase):
|
||||
_check_unrestricted_application_credential(token)
|
||||
PROVIDERS.application_credential_api.delete_application_credential(
|
||||
application_credential_id, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class UserAccessRuleListResource(ks_flask.ResourceBase):
|
||||
@ -701,7 +701,7 @@ class UserAccessRuleGetDeleteResource(ks_flask.ResourceBase):
|
||||
)
|
||||
PROVIDERS.application_credential_api.delete_access_rule(
|
||||
access_rule_id, initiator=self.audit_initiator)
|
||||
return None, http_client.NO_CONTENT
|
||||
return None, http.client.NO_CONTENT
|
||||
|
||||
|
||||
class UserAPI(ks_flask.APIBase):
|
||||
|
@ -14,13 +14,10 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
from keystone import exception
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class ApplicationCredentialDriverBase(object):
|
||||
class ApplicationCredentialDriverBase(object, metaclass=abc.ABCMeta):
|
||||
|
||||
@abc.abstractmethod
|
||||
def authenticate(self, application_credential_id, secret):
|
||||
|
@ -14,8 +14,6 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
import keystone.conf
|
||||
from keystone import exception
|
||||
|
||||
@ -23,8 +21,7 @@ from keystone import exception
|
||||
CONF = keystone.conf.CONF
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class AssignmentDriverBase(object):
|
||||
class AssignmentDriverBase(object, metaclass=abc.ABCMeta):
|
||||
|
||||
def _get_list_limit(self):
|
||||
return CONF.assignment.list_limit or CONF.list_limit
|
||||
|
@ -14,8 +14,6 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
import keystone.conf
|
||||
from keystone import exception
|
||||
|
||||
@ -31,8 +29,7 @@ NULL_DOMAIN_ID = '<<null>>'
|
||||
CONF = keystone.conf.CONF
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class RoleDriverBase(object):
|
||||
class RoleDriverBase(object, metaclass=abc.ABCMeta):
|
||||
|
||||
def _get_list_limit(self):
|
||||
return CONF.role.list_limit or CONF.list_limit
|
||||
|
@ -11,10 +11,8 @@
|
||||
# under the License.
|
||||
|
||||
from functools import partial
|
||||
import sys
|
||||
|
||||
from oslo_log import log
|
||||
import six
|
||||
import stevedore
|
||||
|
||||
from keystone.common import driver_hints
|
||||
@ -146,9 +144,8 @@ class AuthInfo(provider_api.ProviderAPIMixin, object):
|
||||
project_id=project_ref['id'],
|
||||
project=project_ref)
|
||||
except AssertionError as e:
|
||||
LOG.warning(six.text_type(e))
|
||||
six.reraise(exception.Unauthorized, exception.Unauthorized(e),
|
||||
sys.exc_info()[2])
|
||||
LOG.warning(e)
|
||||
raise exception.Unauthorized from e
|
||||
|
||||
def _assert_domain_is_enabled(self, domain_ref):
|
||||
try:
|
||||
@ -156,9 +153,8 @@ class AuthInfo(provider_api.ProviderAPIMixin, object):
|
||||
domain_id=domain_ref['id'],
|
||||
domain=domain_ref)
|
||||
except AssertionError as e:
|
||||
LOG.warning(six.text_type(e))
|
||||
six.reraise(exception.Unauthorized, exception.Unauthorized(e),
|
||||
sys.exc_info()[2])
|
||||
LOG.warning(e)
|
||||
raise exception.Unauthorized from e
|
||||
|
||||
def _lookup_domain(self, domain_info):
|
||||
domain_id = domain_info.get('id')
|
||||
@ -177,7 +173,7 @@ class AuthInfo(provider_api.ProviderAPIMixin, object):
|
||||
else:
|
||||
domain_ref = PROVIDERS.resource_api.get_domain(domain_id)
|
||||
except exception.DomainNotFound as e:
|
||||
LOG.warning(six.text_type(e))
|
||||
LOG.warning(e)
|
||||
raise exception.Unauthorized(e)
|
||||
self._assert_domain_is_enabled(domain_ref)
|
||||
return domain_ref
|
||||
@ -210,7 +206,7 @@ class AuthInfo(provider_api.ProviderAPIMixin, object):
|
||||
# disabled.
|
||||
self._lookup_domain({'id': domain_id})
|
||||
except exception.ProjectNotFound as e:
|
||||
LOG.warning(six.text_type(e))
|
||||
LOG.warning(e)
|
||||
raise exception.Unauthorized(e)
|
||||
self._assert_project_is_enabled(project_ref)
|
||||
return project_ref
|
||||
@ -254,7 +250,7 @@ class AuthInfo(provider_api.ProviderAPIMixin, object):
|
||||
if len(app_creds) != 1:
|
||||
message = "Could not find application credential: %s" % name
|
||||
tr_message = _("Could not find application credential: %s") % name
|
||||
LOG.warning(six.text_type(message))
|
||||
LOG.warning(message)
|
||||
raise exception.Unauthorized(tr_message)
|
||||
return app_creds[0]
|
||||
|
||||
@ -515,7 +511,7 @@ class UserMFARulesValidator(provider_api.ProviderAPIMixin, object):
|
||||
# No empty rules are allowed.
|
||||
_ok_rule = True
|
||||
for item in r_list:
|
||||
if not isinstance(item, six.string_types):
|
||||
if not isinstance(item, str):
|
||||
# Rules may only contain strings for method names
|
||||
# Reject a rule with non-string values
|
||||
LOG.info('Ignoring Rule %(rule)r; rule contains '
|
||||
|
@ -15,8 +15,6 @@
|
||||
import abc
|
||||
import collections
|
||||
|
||||
import six
|
||||
|
||||
from keystone.common import provider_api
|
||||
from keystone import exception
|
||||
|
||||
@ -25,8 +23,8 @@ AuthHandlerResponse = collections.namedtuple(
|
||||
'AuthHandlerResponse', 'status, response_body, response_data')
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class AuthMethodHandler(provider_api.ProviderAPIMixin, object):
|
||||
class AuthMethodHandler(provider_api.ProviderAPIMixin, object,
|
||||
metaclass=abc.ABCMeta):
|
||||
"""Abstract base class for an authentication plugin."""
|
||||
|
||||
def __init__(self):
|
||||
|
@ -12,13 +12,10 @@
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import sys
|
||||
|
||||
from oslo_log import log
|
||||
from pycadf import cadftaxonomy as taxonomy
|
||||
from pycadf import reason
|
||||
from pycadf import resource
|
||||
import six
|
||||
|
||||
from keystone.common import driver_hints
|
||||
from keystone.common import provider_api
|
||||
@ -121,9 +118,8 @@ class BaseUserInfo(provider_api.ProviderAPIMixin, object):
|
||||
domain_id=domain_ref['id'],
|
||||
domain=domain_ref)
|
||||
except AssertionError as e:
|
||||
LOG.warning(six.text_type(e))
|
||||
six.reraise(exception.Unauthorized, exception.Unauthorized(e),
|
||||
sys.exc_info()[2])
|
||||
LOG.warning(e)
|
||||
raise exception.Unauthorized from e
|
||||
|
||||
def _assert_user_is_enabled(self, user_ref):
|
||||
try:
|
||||
@ -131,9 +127,8 @@ class BaseUserInfo(provider_api.ProviderAPIMixin, object):
|
||||
user_id=user_ref['id'],
|
||||
user=user_ref)
|
||||
except AssertionError as e:
|
||||
LOG.warning(six.text_type(e))
|
||||
six.reraise(exception.Unauthorized, exception.Unauthorized(e),
|
||||
sys.exc_info()[2])
|
||||
LOG.warning(e)
|
||||
raise exception.Unauthorized from e
|
||||
|
||||
def _lookup_domain(self, domain_info):
|
||||
domain_id = domain_info.get('id')
|
||||
@ -148,7 +143,7 @@ class BaseUserInfo(provider_api.ProviderAPIMixin, object):
|
||||
else:
|
||||
domain_ref = PROVIDERS.resource_api.get_domain(domain_id)
|
||||
except exception.DomainNotFound as e:
|
||||
LOG.warning(six.text_type(e))
|
||||
LOG.warning(e)
|
||||
raise exception.Unauthorized(e)
|
||||
self._assert_domain_is_enabled(domain_ref)
|
||||
return domain_ref
|
||||
@ -178,7 +173,7 @@ class BaseUserInfo(provider_api.ProviderAPIMixin, object):
|
||||
user_ref['domain_id'])
|
||||
self._assert_domain_is_enabled(domain_ref)
|
||||
except exception.UserNotFound as e:
|
||||
LOG.warning(six.text_type(e))
|
||||
LOG.warning(e)
|
||||
|
||||
# We need to special case USER NOT FOUND here for CADF
|
||||
# notifications as the normal path for notification(s) come from
|
||||
|
@ -17,7 +17,6 @@
|
||||
import abc
|
||||
|
||||
import flask
|
||||
import six
|
||||
|
||||
from keystone.auth.plugins import base
|
||||
from keystone.common import provider_api
|
||||
@ -30,8 +29,7 @@ CONF = keystone.conf.CONF
|
||||
PROVIDERS = provider_api.ProviderAPIs
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class Base(base.AuthMethodHandler):
|
||||
class Base(base.AuthMethodHandler, metaclass=abc.ABCMeta):
|
||||
def authenticate(self, auth_payload):
|
||||
"""Use REMOTE_USER to look up the user in the identity backend.
|
||||
|
||||
|
@ -16,7 +16,7 @@ import uuid
|
||||
import flask
|
||||
from oslo_log import log
|
||||
from pycadf import cadftaxonomy as taxonomy
|
||||
from six.moves.urllib import parse
|
||||
from urllib import parse
|
||||
|
||||
from keystone.auth import plugins as auth_plugins
|
||||
from keystone.auth.plugins import base
|
||||
|
@ -14,7 +14,6 @@
|
||||
|
||||
import flask
|
||||
from oslo_log import log
|
||||
import six
|
||||
|
||||
from keystone.auth.plugins import base
|
||||
from keystone.auth.plugins import mapped
|
||||
@ -124,5 +123,5 @@ def token_authenticate(token):
|
||||
return response_data
|
||||
|
||||
except AssertionError as e:
|
||||
LOG.error(six.text_type(e))
|
||||
LOG.error(e)
|
||||
raise exception.Unauthorized(e)
|
||||
|
@ -29,7 +29,6 @@ from cryptography.hazmat.primitives import hashes
|
||||
from cryptography.hazmat.primitives.twofactor import totp as crypto_totp
|
||||
from oslo_log import log
|
||||
from oslo_utils import timeutils
|
||||
import six
|
||||
|
||||
from keystone.auth import plugins
|
||||
from keystone.auth.plugins import base
|
||||
@ -57,7 +56,7 @@ def _generate_totp_passcodes(secret, included_previous_windows=0):
|
||||
:param bytes secret: A base32 encoded secret for the TOTP authentication
|
||||
:returns: totp passcode as bytes
|
||||
"""
|
||||
if isinstance(secret, six.text_type):
|
||||
if isinstance(secret, str):
|
||||
# NOTE(dstanek): since this may be coming from the JSON stored in the
|
||||
# database it may be UTF-8 encoded
|
||||
secret = secret.encode('utf-8')
|
||||
|
@ -14,8 +14,6 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
from keystone import exception
|
||||
@ -24,8 +22,8 @@ from keystone import exception
|
||||
CONF = keystone.conf.CONF
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class CatalogDriverBase(provider_api.ProviderAPIMixin, object):
|
||||
class CatalogDriverBase(provider_api.ProviderAPIMixin, object,
|
||||
metaclass=abc.ABCMeta):
|
||||
"""Interface description for the Catalog driver."""
|
||||
|
||||
def _get_list_limit(self):
|
||||
|
@ -15,7 +15,7 @@ from __future__ import print_function
|
||||
import os
|
||||
import re
|
||||
|
||||
from six.moves import configparser
|
||||
import configparser
|
||||
|
||||
import keystone.conf
|
||||
|
||||
|
@ -18,7 +18,6 @@ import time
|
||||
import types
|
||||
|
||||
from oslo_log import log
|
||||
import six
|
||||
import stevedore
|
||||
|
||||
from keystone.common import provider_api
|
||||
@ -155,8 +154,7 @@ class _TraceMeta(type):
|
||||
return type.__new__(meta, classname, bases, final_cls_dict)
|
||||
|
||||
|
||||
@six.add_metaclass(_TraceMeta)
|
||||
class Manager(object):
|
||||
class Manager(object, metaclass=_TraceMeta):
|
||||
"""Base class for intermediary request layer.
|
||||
|
||||
The Manager layer exists to support additional logic that applies to all
|
||||
|
@ -12,8 +12,6 @@
|
||||
|
||||
"""Options specific to resources managed by Keystone (Domain, User, etc)."""
|
||||
|
||||
import six
|
||||
|
||||
from keystone.common import validation
|
||||
from keystone.i18n import _
|
||||
|
||||
@ -202,14 +200,14 @@ class ResourceOption(object):
|
||||
validator(s) used at the API layer
|
||||
:type json_schema_validation: dict
|
||||
"""
|
||||
if not isinstance(option_id, six.string_types) and len(option_id) == 4:
|
||||
if not isinstance(option_id, str) and len(option_id) == 4:
|
||||
raise TypeError(_('`option_id` must be a string, got %r')
|
||||
% option_id)
|
||||
elif len(option_id) != 4:
|
||||
raise ValueError(_('`option_id` must be 4 characters in '
|
||||
|
||||
'length. Got %r') % option_id)
|
||||
if not isinstance(option_name, six.string_types):
|
||||
if not isinstance(option_name, str):
|
||||
raise TypeError(_('`option_name` must be a string. '
|
||||
'Got %r') % option_name)
|
||||
|
||||
|
@ -31,7 +31,6 @@ from oslo_serialization import jsonutils
|
||||
from oslo_utils import timeutils
|
||||
from osprofiler import opts as profiler
|
||||
import osprofiler.sqlalchemy
|
||||
import six
|
||||
import sqlalchemy as sql
|
||||
from sqlalchemy.ext import declarative
|
||||
from sqlalchemy.orm.attributes import flag_modified, InstrumentedAttribute
|
||||
@ -103,8 +102,8 @@ def initialize_decorator(init):
|
||||
if isinstance(attr, InstrumentedAttribute):
|
||||
column = attr.property.columns[0]
|
||||
if isinstance(column.type, String):
|
||||
if not isinstance(v, six.text_type):
|
||||
v = six.text_type(v)
|
||||
if not isinstance(v, str):
|
||||
v = str(v)
|
||||
if column.type.length and column.type.length < len(v):
|
||||
raise exception.StringLengthExceeded(
|
||||
string=v, type=k, length=column.type.length)
|
||||
@ -521,7 +520,7 @@ def handle_conflicts(conflict_type='object'):
|
||||
# exception details out with the raised Conflict exception
|
||||
# as it can contain raw SQL.
|
||||
LOG.debug(_conflict_msg, {'conflict_type': conflict_type,
|
||||
'details': six.text_type(e)})
|
||||
'details': e})
|
||||
name = None
|
||||
field = None
|
||||
domain_id = None
|
||||
@ -560,7 +559,7 @@ def handle_conflicts(conflict_type='object'):
|
||||
# exception details out with the raised Conflict exception
|
||||
# as it can contain raw SQL.
|
||||
LOG.debug(_conflict_msg, {'conflict_type': conflict_type,
|
||||
'details': six.text_type(e)})
|
||||
'details': e})
|
||||
# NOTE(morganfainberg): This is really a case where the SQL
|
||||
# failed to store the data. This is not something that the
|
||||
# user has done wrong. Example would be a ForeignKey is
|
||||
|
@ -21,7 +21,6 @@ from migrate import exceptions
|
||||
from migrate.versioning import api as versioning_api
|
||||
from oslo_db import exception as db_exception
|
||||
from oslo_db.sqlalchemy import migration
|
||||
import six
|
||||
import sqlalchemy
|
||||
|
||||
from keystone.common import sql
|
||||
@ -189,7 +188,7 @@ def get_init_version(abs_path=None):
|
||||
def _assert_not_schema_downgrade(version=None):
|
||||
if version is not None:
|
||||
try:
|
||||
current_ver = int(six.text_type(get_db_version()))
|
||||
current_ver = int(str(get_db_version()))
|
||||
if int(version) < current_ver:
|
||||
raise migration.exception.DBMigrationError(
|
||||
_("Unable to downgrade schema"))
|
||||
|
@ -29,8 +29,8 @@ from oslo_serialization import jsonutils
|
||||
from oslo_utils import reflection
|
||||
from oslo_utils import strutils
|
||||
from oslo_utils import timeutils
|
||||
import six
|
||||
from six import moves
|
||||
import urllib
|
||||
|
||||
|
||||
from keystone.common import password_hashing
|
||||
import keystone.conf
|
||||
@ -66,8 +66,6 @@ def resource_uuid(value):
|
||||
return value
|
||||
except ValueError:
|
||||
if len(value) <= 64:
|
||||
if six.PY2 and isinstance(value, six.text_type):
|
||||
value = value.encode('utf-8')
|
||||
return uuid.uuid5(RESOURCE_ID_NAMESPACE, value).hex
|
||||
raise ValueError(_('Length of transformable resource id > 64, '
|
||||
'which is max allowed characters'))
|
||||
@ -101,7 +99,7 @@ class SmarterEncoder(jsonutils.json.JSONEncoder):
|
||||
|
||||
def hash_access_key(access):
|
||||
hash_ = hashlib.sha256()
|
||||
if not isinstance(access, six.binary_type):
|
||||
if not isinstance(access, bytes):
|
||||
access = access.encode('utf-8')
|
||||
hash_.update(access)
|
||||
return hash_.hexdigest()
|
||||
@ -136,7 +134,7 @@ def auth_str_equal(provided, known):
|
||||
result = 0
|
||||
p_len = len(provided)
|
||||
k_len = len(known)
|
||||
for i in moves.range(p_len):
|
||||
for i in range(p_len):
|
||||
a = ord(provided[i]) if i < p_len else 0
|
||||
b = ord(known[i]) if i < k_len else 0
|
||||
result |= a ^ b
|
||||
@ -193,7 +191,7 @@ def get_unix_user(user=None):
|
||||
:returns: tuple of (uid, name)
|
||||
|
||||
"""
|
||||
if isinstance(user, six.string_types):
|
||||
if isinstance(user, str):
|
||||
try:
|
||||
user_info = pwd.getpwnam(user)
|
||||
except KeyError:
|
||||
@ -251,7 +249,7 @@ def get_unix_group(group=None):
|
||||
:returns: tuple of (gid, name)
|
||||
|
||||
"""
|
||||
if isinstance(group, six.string_types):
|
||||
if isinstance(group, str):
|
||||
try:
|
||||
group_info = grp.getgrnam(group)
|
||||
except KeyError:
|
||||
@ -374,15 +372,15 @@ def lower_case_hostname(url):
|
||||
# NOTE(gyee): according to
|
||||
# https://www.w3.org/TR/WD-html40-970708/htmlweb.html, the netloc portion
|
||||
# of the URL is case-insensitive
|
||||
parsed = moves.urllib.parse.urlparse(url)
|
||||
parsed = urllib.parse.urlparse(url)
|
||||
# Note: _replace method for named tuples is public and defined in docs
|
||||
replaced = parsed._replace(netloc=parsed.netloc.lower())
|
||||
return moves.urllib.parse.urlunparse(replaced)
|
||||
return urllib.parse.urlunparse(replaced)
|
||||
|
||||
|
||||
def remove_standard_port(url):
|
||||
# remove the default ports specified in RFC2616 and 2818
|
||||
o = moves.urllib.parse.urlparse(url)
|
||||
o = urllib.parse.urlparse(url)
|
||||
separator = ':'
|
||||
(host, separator, port) = o.netloc.partition(separator)
|
||||
if o.scheme.lower() == 'http' and port == '80':
|
||||
@ -394,7 +392,7 @@ def remove_standard_port(url):
|
||||
if o.scheme.lower() == 'https' and port == '443':
|
||||
o = o._replace(netloc=host)
|
||||
|
||||
return moves.urllib.parse.urlunparse(o)
|
||||
return urllib.parse.urlunparse(o)
|
||||
|
||||
|
||||
def format_url(url, substitutions, silent_keyerror_failures=None):
|
||||
|
@ -16,7 +16,6 @@ import re
|
||||
import jsonschema
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log
|
||||
import six
|
||||
|
||||
from keystone import exception
|
||||
from keystone.i18n import _
|
||||
@ -30,7 +29,7 @@ LOG = log.getLogger(__name__)
|
||||
def validate_password(password):
|
||||
pattern = CONF.security_compliance.password_regex
|
||||
if pattern:
|
||||
if not isinstance(password, six.string_types):
|
||||
if not isinstance(password, str):
|
||||
detail = _("Password must be a string type")
|
||||
raise exception.PasswordValidationError(detail=detail)
|
||||
try:
|
||||
@ -81,10 +80,10 @@ class SchemaValidator(object):
|
||||
# too long, then we should build the masking in here so that
|
||||
# we don't expose sensitive user information in the event it
|
||||
# fails validation.
|
||||
path = '/'.join(map(six.text_type, ex.path))
|
||||
path = '/'.join(map(str, ex.path))
|
||||
detail = _("Invalid input for field '%(path)s': "
|
||||
"%(message)s") % {'path': path,
|
||||
'message': six.text_type(ex)}
|
||||
'message': str(ex)}
|
||||
else:
|
||||
detail = six.text_type(ex)
|
||||
detail = str(ex)
|
||||
raise exception.SchemaValidationError(detail=detail)
|
||||
|
@ -15,7 +15,6 @@
|
||||
import abc
|
||||
|
||||
from oslo_log import log
|
||||
import six
|
||||
|
||||
from keystone import exception
|
||||
|
||||
@ -23,8 +22,7 @@ from keystone import exception
|
||||
LOG = log.getLogger(__name__)
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class CredentialDriverBase(object):
|
||||
class CredentialDriverBase(object, metaclass=abc.ABCMeta):
|
||||
# credential crud
|
||||
|
||||
@abc.abstractmethod
|
||||
|
@ -13,7 +13,6 @@
|
||||
# under the License.
|
||||
|
||||
from oslo_db import api as oslo_db_api
|
||||
import six
|
||||
from sqlalchemy.ext.hybrid import hybrid_property
|
||||
|
||||
from keystone.common import driver_hints
|
||||
@ -45,7 +44,7 @@ class CredentialModel(sql.ModelBase, sql.ModelDictMixinWithExtras):
|
||||
# Make sure to hand over the encrypted credential as a string value
|
||||
# to the backend driver to avoid the sql drivers (esp. psycopg2)
|
||||
# treating this as binary data and e.g. hex-escape it.
|
||||
if six.PY3 and isinstance(encrypted_blob, six.binary_type):
|
||||
if isinstance(encrypted_blob, bytes):
|
||||
encrypted_blob = encrypted_blob.decode('utf-8')
|
||||
self._encrypted_blob = encrypted_blob
|
||||
|
||||
|
@ -12,11 +12,8 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class Provider(object):
|
||||
class Provider(object, metaclass=abc.ABCMeta):
|
||||
"""Interface for credential providers that support encryption."""
|
||||
|
||||
@abc.abstractmethod
|
||||
|
@ -14,7 +14,6 @@ import hashlib
|
||||
|
||||
from cryptography import fernet
|
||||
from oslo_log import log
|
||||
import six
|
||||
|
||||
from keystone.common import fernet_utils
|
||||
import keystone.conf
|
||||
@ -55,7 +54,7 @@ def get_multi_fernet_keys():
|
||||
|
||||
def primary_key_hash(keys):
|
||||
"""Calculate a hash of the primary key used for encryption."""
|
||||
if isinstance(keys[0], six.text_type):
|
||||
if isinstance(keys[0], str):
|
||||
keys[0] = keys[0].encode('utf-8')
|
||||
# NOTE(lhinds) This is marked as #nosec since bandit will see SHA1 which
|
||||
# is marked as insecure. However, this hash function is used alongside
|
||||
@ -103,7 +102,7 @@ class Provider(core.Provider):
|
||||
crypto = fernet.MultiFernet(fernet_keys)
|
||||
|
||||
try:
|
||||
if isinstance(credential, six.text_type):
|
||||
if isinstance(credential, str):
|
||||
credential = credential.encode('utf-8')
|
||||
return crypto.decrypt(credential).decode('utf-8')
|
||||
except (fernet.InvalidToken, TypeError, ValueError):
|
||||
|
@ -11,13 +11,11 @@
|
||||
# under the License.
|
||||
|
||||
import abc
|
||||
import six
|
||||
|
||||
from keystone import exception
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class EndpointPolicyDriverBase(object):
|
||||
class EndpointPolicyDriverBase(object, metaclass=abc.ABCMeta):
|
||||
"""Interface description for an Endpoint Policy driver."""
|
||||
|
||||
@abc.abstractmethod
|
||||
|
@ -12,10 +12,9 @@
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import http.client
|
||||
from oslo_log import log
|
||||
from oslo_utils import encodeutils
|
||||
import six
|
||||
from six.moves import http_client
|
||||
|
||||
import keystone.conf
|
||||
from keystone.i18n import _
|
||||
@ -60,8 +59,7 @@ class _KeystoneExceptionMeta(type):
|
||||
return cls
|
||||
|
||||
|
||||
@six.add_metaclass(_KeystoneExceptionMeta)
|
||||
class Error(Exception):
|
||||
class Error(Exception, metaclass=_KeystoneExceptionMeta):
|
||||
"""Base error class.
|
||||
|
||||
Child classes should define an HTTP status code, title, and a
|
||||
@ -102,8 +100,8 @@ class ValidationError(Error):
|
||||
" The server could not comply with the request"
|
||||
" since it is either malformed or otherwise"
|
||||
" incorrect. The client is assumed to be in error.")
|
||||
code = int(http_client.BAD_REQUEST)
|
||||
title = http_client.responses[http_client.BAD_REQUEST]
|
||||
code = int(http.client.BAD_REQUEST)
|
||||
title = http.client.responses[http.client.BAD_REQUEST]
|
||||
|
||||
|
||||
class URLValidationError(ValidationError):
|
||||
@ -154,8 +152,8 @@ class ValidationTimeStampError(Error):
|
||||
" The server could not comply with the request"
|
||||
" since it is either malformed or otherwise"
|
||||
" incorrect. The client is assumed to be in error.")
|
||||
code = int(http_client.BAD_REQUEST)
|
||||
title = http_client.responses[http_client.BAD_REQUEST]
|
||||
code = int(http.client.BAD_REQUEST)
|
||||
title = http.client.responses[http.client.BAD_REQUEST]
|
||||
|
||||
|
||||
class InvalidOperatorError(ValidationError):
|
||||
@ -169,8 +167,8 @@ class ValidationExpirationError(Error):
|
||||
" The server could not comply with the request"
|
||||
" since it is either malformed or otherwise"
|
||||
" incorrect. The client is assumed to be in error.")
|
||||
code = int(http_client.BAD_REQUEST)
|
||||
title = http_client.responses[http_client.BAD_REQUEST]
|
||||
code = int(http.client.BAD_REQUEST)
|
||||
title = http.client.responses[http.client.BAD_REQUEST]
|
||||
|
||||
|
||||
class StringLengthExceeded(ValidationError):
|
||||
@ -192,8 +190,8 @@ class ApplicationCredentialValidationError(ValidationError):
|
||||
class CircularRegionHierarchyError(Error):
|
||||
message_format = _("The specified parent region %(parent_region_id)s "
|
||||
"would create a circular region hierarchy.")
|
||||
code = int(http_client.BAD_REQUEST)
|
||||
title = http_client.responses[http_client.BAD_REQUEST]
|
||||
code = int(http.client.BAD_REQUEST)
|
||||
title = http.client.responses[http.client.BAD_REQUEST]
|
||||
|
||||
|
||||
class ForbiddenNotSecurity(Error):
|
||||
@ -204,8 +202,8 @@ class ForbiddenNotSecurity(Error):
|
||||
|
||||
"""
|
||||
|
||||
code = int(http_client.FORBIDDEN)
|
||||
title = http_client.responses[http_client.FORBIDDEN]
|
||||
code = int(http.client.FORBIDDEN)
|
||||
title = http.client.responses[http.client.FORBIDDEN]
|
||||
|
||||
|
||||
class PasswordVerificationError(ForbiddenNotSecurity):
|
||||
@ -265,7 +263,7 @@ class SecurityError(Error):
|
||||
def _build_message(self, message, **kwargs):
|
||||
"""Only returns detailed messages in insecure_debug mode."""
|
||||
if message and CONF.insecure_debug:
|
||||
if isinstance(message, six.string_types):
|
||||
if isinstance(message, str):
|
||||
# Only do replacement if message is string. The message is
|
||||
# sometimes a different exception or bytes, which would raise
|
||||
# TypeError.
|
||||
@ -279,8 +277,8 @@ class SecurityError(Error):
|
||||
|
||||
class Unauthorized(SecurityError):
|
||||
message_format = _("The request you have made requires authentication.")
|
||||
code = int(http_client.UNAUTHORIZED)
|
||||
title = http_client.responses[http_client.UNAUTHORIZED]
|
||||
code = int(http.client.UNAUTHORIZED)
|
||||
title = http.client.responses[http.client.UNAUTHORIZED]
|
||||
|
||||
|
||||
class InsufficientAuthMethods(Error):
|
||||
@ -349,8 +347,8 @@ class AdditionalAuthRequired(AuthPluginException):
|
||||
class Forbidden(SecurityError):
|
||||
message_format = _("You are not authorized to perform the"
|
||||
" requested action.")
|
||||
code = int(http_client.FORBIDDEN)
|
||||
title = http_client.responses[http_client.FORBIDDEN]
|
||||
code = int(http.client.FORBIDDEN)
|
||||
title = http.client.responses[http.client.FORBIDDEN]
|
||||
|
||||
|
||||
class ForbiddenAction(Forbidden):
|
||||
@ -391,8 +389,8 @@ class LimitTreeExceedError(Exception):
|
||||
|
||||
class NotFound(Error):
|
||||
message_format = _("Could not find: %(target)s.")
|
||||
code = int(http_client.NOT_FOUND)
|
||||
title = http_client.responses[http_client.NOT_FOUND]
|
||||
code = int(http.client.NOT_FOUND)
|
||||
title = http.client.responses[http.client.NOT_FOUND]
|
||||
|
||||
|
||||
class EndpointNotFound(NotFound):
|
||||
@ -556,8 +554,8 @@ class AccessRuleNotFound(NotFound):
|
||||
class Conflict(Error):
|
||||
message_format = _("Conflict occurred attempting to store %(type)s -"
|
||||
" %(details)s.")
|
||||
code = int(http_client.CONFLICT)
|
||||
title = http_client.responses[http_client.CONFLICT]
|
||||
code = int(http.client.CONFLICT)
|
||||
title = http.client.responses[http.client.CONFLICT]
|
||||
|
||||
|
||||
class UnexpectedError(SecurityError):
|
||||
@ -579,8 +577,8 @@ class UnexpectedError(SecurityError):
|
||||
return super(UnexpectedError, self)._build_message(
|
||||
message or self.debug_message_format, **kwargs)
|
||||
|
||||
code = int(http_client.INTERNAL_SERVER_ERROR)
|
||||
title = http_client.responses[http_client.INTERNAL_SERVER_ERROR]
|
||||
code = int(http.client.INTERNAL_SERVER_ERROR)
|
||||
title = http.client.responses[http.client.INTERNAL_SERVER_ERROR]
|
||||
|
||||
|
||||
class TrustConsumeMaximumAttempt(UnexpectedError):
|
||||
@ -618,15 +616,15 @@ class AssignmentTypeCalculationError(UnexpectedError):
|
||||
class NotImplemented(Error):
|
||||
message_format = _("The action you have requested has not"
|
||||
" been implemented.")
|
||||
code = int(http_client.NOT_IMPLEMENTED)
|
||||
title = http_client.responses[http_client.NOT_IMPLEMENTED]
|
||||
code = int(http.client.NOT_IMPLEMENTED)
|
||||
title = http.client.responses[http.client.NOT_IMPLEMENTED]
|
||||
|
||||
|
||||
class Gone(Error):
|
||||
message_format = _("The service you have requested is no"
|
||||
" longer available on this server.")
|
||||
code = int(http_client.GONE)
|
||||
title = http_client.responses[http_client.GONE]
|
||||
code = int(http.client.GONE)
|
||||
title = http.client.responses[http.client.GONE]
|
||||
|
||||
|
||||
class ConfigFileNotFound(UnexpectedError):
|
||||
|
@ -14,13 +14,10 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
from keystone import exception
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class FederationDriverBase(object):
|
||||
class FederationDriverBase(object, metaclass=abc.ABCMeta):
|
||||
|
||||
@abc.abstractmethod
|
||||
def create_idp(self, idp_id, idp):
|
||||
|
@ -14,7 +14,6 @@
|
||||
|
||||
from oslo_log import log
|
||||
from oslo_serialization import jsonutils
|
||||
import six
|
||||
from sqlalchemy import orm
|
||||
|
||||
from keystone.common import sql
|
||||
@ -169,7 +168,7 @@ class Federation(base.FederationDriverBase):
|
||||
|
||||
def _handle_idp_conflict(self, e):
|
||||
conflict_type = 'identity_provider'
|
||||
details = six.text_type(e)
|
||||
details = str(e)
|
||||
LOG.debug(self._CONFLICT_LOG_MSG, {'conflict_type': conflict_type,
|
||||
'details': details})
|
||||
if 'remote_id' in details:
|
||||
|
@ -20,7 +20,6 @@ import jsonschema
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log
|
||||
from oslo_utils import timeutils
|
||||
import six
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -437,7 +436,7 @@ def get_assertion_params_from_env():
|
||||
# These bytes may be decodable as ISO-8859-1 according to Section
|
||||
# 3.2.4 of RFC 7230. Let's assume that our web server plugins are
|
||||
# correctly encoding the data.
|
||||
if not isinstance(v, six.text_type) and getattr(v, 'decode', False):
|
||||
if not isinstance(v, str) and getattr(v, 'decode', False):
|
||||
v = v.decode('ISO-8859-1')
|
||||
yield (k, v)
|
||||
|
||||
@ -526,7 +525,7 @@ class RuleProcessor(object):
|
||||
# any multiple values are stored in the arrays.
|
||||
LOG.debug('assertion data: %s', assertion_data)
|
||||
assertion = {n: v.split(';') for n, v in assertion_data.items()
|
||||
if isinstance(v, six.string_types)}
|
||||
if isinstance(v, str)}
|
||||
LOG.debug('assertion: %s', assertion)
|
||||
identity_values = []
|
||||
|
||||
|
@ -14,8 +14,6 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
import keystone.conf
|
||||
from keystone import exception
|
||||
|
||||
@ -48,8 +46,7 @@ def filter_user(user_ref):
|
||||
return user_ref
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class IdentityDriverBase(object):
|
||||
class IdentityDriverBase(object, metaclass=abc.ABCMeta):
|
||||
"""Interface description for an Identity driver.
|
||||
|
||||
The schema for users and groups is different depending on whether the
|
||||
|
@ -25,9 +25,6 @@ import ldap.filter
|
||||
import ldappool
|
||||
from oslo_log import log
|
||||
from oslo_utils import reflection
|
||||
import six
|
||||
from six.moves import zip
|
||||
from six import PY2
|
||||
|
||||
from keystone.common import driver_hints
|
||||
from keystone import exception
|
||||
@ -70,9 +67,9 @@ def utf8_encode(value):
|
||||
:returns: UTF-8 encoded version of value
|
||||
:raises TypeError: If value is not basestring
|
||||
"""
|
||||
if isinstance(value, six.text_type):
|
||||
if isinstance(value, str):
|
||||
return _utf8_encoder(value)[0]
|
||||
elif isinstance(value, six.binary_type):
|
||||
elif isinstance(value, bytes):
|
||||
return value
|
||||
else:
|
||||
value_cls_name = reflection.get_class_name(
|
||||
@ -94,9 +91,9 @@ def utf8_decode(value):
|
||||
:returns: value as unicode
|
||||
:raises UnicodeDecodeError: for invalid UTF-8 encoding
|
||||
"""
|
||||
if isinstance(value, six.binary_type):
|
||||
if isinstance(value, bytes):
|
||||
return _utf8_decoder(value)[0]
|
||||
return six.text_type(value)
|
||||
return str(value)
|
||||
|
||||
|
||||
def py2ldap(val):
|
||||
@ -113,7 +110,7 @@ def py2ldap(val):
|
||||
if isinstance(val, bool):
|
||||
return u'TRUE' if val else u'FALSE'
|
||||
else:
|
||||
return six.text_type(val)
|
||||
return str(val)
|
||||
|
||||
|
||||
def enabled2py(val):
|
||||
@ -332,8 +329,7 @@ def dn_startswith(descendant_dn, dn):
|
||||
return is_dn_equal(descendant_dn[-len(dn):], dn)
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class LDAPHandler(object):
|
||||
class LDAPHandler(object, metaclass=abc.ABCMeta):
|
||||
"""Abstract class which defines methods for a LDAP API provider.
|
||||
|
||||
Native Keystone values cannot be passed directly into and from the
|
||||
@ -516,13 +512,6 @@ class PythonLDAPHandler(LDAPHandler):
|
||||
debug_level=debug_level,
|
||||
timeout=conn_timeout)
|
||||
|
||||
if PY2:
|
||||
# NOTE: Once https://github.com/python-ldap/python-ldap/issues/249
|
||||
# is released, we can pass bytes_strictness='warn' as a parameter
|
||||
# to ldap.initialize instead of setting it after ldap.initialize.
|
||||
self.conn = ldap.initialize(url, bytes_mode=False)
|
||||
self.conn.bytes_strictness = 'warn'
|
||||
else:
|
||||
self.conn = ldap.initialize(url)
|
||||
self.conn.protocol_version = ldap.VERSION3
|
||||
|
||||
@ -1272,7 +1261,7 @@ class BaseLdap(object):
|
||||
def _id_to_dn_string(self, object_id):
|
||||
return u'%s=%s,%s' % (self.id_attr,
|
||||
ldap.dn.escape_dn_chars(
|
||||
six.text_type(object_id)),
|
||||
str(object_id)),
|
||||
self.tree_dn)
|
||||
|
||||
def _id_to_dn(self, object_id):
|
||||
@ -1284,7 +1273,7 @@ class BaseLdap(object):
|
||||
u'(&(%(id_attr)s=%(id)s)(objectclass=%(objclass)s))' %
|
||||
{'id_attr': self.id_attr,
|
||||
'id': ldap.filter.escape_filter_chars(
|
||||
six.text_type(object_id)),
|
||||
str(object_id)),
|
||||
'objclass': self.object_class},
|
||||
attrlist=DN_ONLY)
|
||||
if search_result:
|
||||
@ -1478,7 +1467,7 @@ class BaseLdap(object):
|
||||
u'(objectClass=%(object_class)s))'
|
||||
% {'id_attr': self.id_attr,
|
||||
'id': ldap.filter.escape_filter_chars(
|
||||
six.text_type(object_id)),
|
||||
str(object_id)),
|
||||
'filter': (ldap_filter or self.ldap_filter or ''),
|
||||
'object_class': self.object_class})
|
||||
with self.get_connection() as conn:
|
||||
@ -1579,7 +1568,7 @@ class BaseLdap(object):
|
||||
def get_by_name(self, name, ldap_filter=None):
|
||||
query = (u'(%s=%s)' % (self.attribute_mapping['name'],
|
||||
ldap.filter.escape_filter_chars(
|
||||
six.text_type(name))))
|
||||
str(name))))
|
||||
res = self.get_all(query)
|
||||
try:
|
||||
return res[0]
|
||||
|
@ -17,7 +17,6 @@ import uuid
|
||||
import ldap.filter
|
||||
from oslo_log import log
|
||||
from oslo_log import versionutils
|
||||
import six
|
||||
|
||||
import keystone.conf
|
||||
from keystone import exception
|
||||
@ -267,7 +266,7 @@ class UserApi(common_ldap.EnabledEmuMixIn, common_ldap.BaseLdap):
|
||||
# This could be a bool or a string. If it's a string,
|
||||
# we need to convert it so we can invert it properly.
|
||||
enabled = obj.get('enabled', self.enabled_default)
|
||||
if isinstance(enabled, six.string_types):
|
||||
if isinstance(enabled, str):
|
||||
if enabled.lower() == 'true':
|
||||
enabled = True
|
||||
else:
|
||||
|
@ -10,8 +10,6 @@
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import six
|
||||
|
||||
from keystone.common import resource_options
|
||||
from keystone.common.validation import parameter_types
|
||||
from keystone.i18n import _
|
||||
@ -47,7 +45,7 @@ def _mfa_rules_validator_list_of_lists_of_strings_no_duplicates(value):
|
||||
# Add the sublist to the tracker
|
||||
sublists.append(sublist)
|
||||
for element in sublist:
|
||||
if not isinstance(element, six.string_types):
|
||||
if not isinstance(element, str):
|
||||
# Element of sublist is not a string, TypeError
|
||||
raise TypeError(msg)
|
||||
if element in string_set:
|
||||
|
@ -16,8 +16,6 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
from keystone.common import manager
|
||||
import keystone.conf
|
||||
from keystone import exception
|
||||
@ -36,8 +34,7 @@ class Manager(manager.Manager):
|
||||
super(Manager, self).__init__(CONF.identity_mapping.generator)
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class IDGenerator(object):
|
||||
class IDGenerator(object, metaclass=abc.ABCMeta):
|
||||
"""Interface description for an ID Generator provider."""
|
||||
|
||||
@abc.abstractmethod
|
||||
|
@ -14,14 +14,12 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
from keystone.common import provider_api
|
||||
from keystone import exception
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class MappingDriverBase(provider_api.ProviderAPIMixin, object):
|
||||
class MappingDriverBase(provider_api.ProviderAPIMixin, object,
|
||||
metaclass=abc.ABCMeta):
|
||||
"""Interface description for an ID Mapping driver."""
|
||||
|
||||
@abc.abstractmethod
|
||||
|
@ -14,13 +14,10 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
from keystone import exception
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class ShadowUsersDriverBase(object):
|
||||
class ShadowUsersDriverBase(object, metaclass=abc.ABCMeta):
|
||||
"""Interface description for an Shadow Users driver."""
|
||||
|
||||
@abc.abstractmethod
|
||||
|
@ -15,8 +15,6 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
import keystone.conf
|
||||
from keystone import exception
|
||||
|
||||
@ -24,8 +22,7 @@ from keystone import exception
|
||||
CONF = keystone.conf.CONF
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class UnifiedLimitDriverBase(object):
|
||||
class UnifiedLimitDriverBase(object, metaclass=abc.ABCMeta):
|
||||
|
||||
def _get_list_limit(self):
|
||||
return CONF.unified_limit.list_limit or CONF.list_limit
|
||||
|
@ -11,7 +11,6 @@
|
||||
# under the License.
|
||||
import abc
|
||||
|
||||
import six
|
||||
import stevedore
|
||||
|
||||
import keystone.conf
|
||||
@ -33,8 +32,7 @@ def load_driver(driver_name, *args):
|
||||
raise ImportError(msg % {'name': driver_name, 'namespace': namespace})
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class ModelBase(object):
|
||||
class ModelBase(object, metaclass=abc.ABCMeta):
|
||||
"""Interface for a limit model driver."""
|
||||
|
||||
NAME = None
|
||||
|
@ -15,7 +15,6 @@
|
||||
from oslo_log import log
|
||||
from oslo_serialization import msgpackutils
|
||||
from oslo_utils import reflection
|
||||
import six
|
||||
|
||||
from keystone.auth import core
|
||||
from keystone.common import cache
|
||||
@ -57,7 +56,7 @@ class ReceiptModel(object):
|
||||
|
||||
@expires_at.setter
|
||||
def expires_at(self, value):
|
||||
if not isinstance(value, six.string_types):
|
||||
if not isinstance(value, str):
|
||||
raise ValueError('expires_at must be a string.')
|
||||
self.__expires_at = value
|
||||
|
||||
@ -67,7 +66,7 @@ class ReceiptModel(object):
|
||||
|
||||
@issued_at.setter
|
||||
def issued_at(self, value):
|
||||
if not isinstance(value, six.string_types):
|
||||
if not isinstance(value, str):
|
||||
raise ValueError('issued_at must be a string.')
|
||||
self.__issued_at = value
|
||||
|
||||
|
@ -15,7 +15,6 @@
|
||||
from oslo_log import log
|
||||
from oslo_serialization import msgpackutils
|
||||
from oslo_utils import reflection
|
||||
import six
|
||||
|
||||
from keystone.common import cache
|
||||
from keystone.common import provider_api
|
||||
@ -101,7 +100,7 @@ class TokenModel(object):
|
||||
|
||||
@expires_at.setter
|
||||
def expires_at(self, value):
|
||||
if not isinstance(value, six.string_types):
|
||||
if not isinstance(value, str):
|
||||
raise ValueError('expires_at must be a string.')
|
||||
self.__expires_at = value
|
||||
|
||||
@ -111,7 +110,7 @@ class TokenModel(object):
|
||||
|
||||
@issued_at.setter
|
||||
def issued_at(self, value):
|
||||
if not isinstance(value, six.string_types):
|
||||
if not isinstance(value, str):
|
||||
raise ValueError('issued_at must be a string.')
|
||||
self.__issued_at = value
|
||||
|
||||
|
@ -15,8 +15,6 @@
|
||||
import abc
|
||||
import string
|
||||
|
||||
import six
|
||||
|
||||
from keystone import exception
|
||||
|
||||
|
||||
@ -55,8 +53,7 @@ def filter_consumer(consumer_ref):
|
||||
return consumer_ref
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class Oauth1DriverBase(object):
|
||||
class Oauth1DriverBase(object, metaclass=abc.ABCMeta):
|
||||
"""Interface description for an OAuth1 driver."""
|
||||
|
||||
@abc.abstractmethod
|
||||
|
@ -14,8 +14,6 @@
|
||||
|
||||
"""oAuthlib request validator."""
|
||||
|
||||
import six
|
||||
|
||||
from keystone.common import provider_api
|
||||
from keystone import exception
|
||||
from keystone.oauth1.backends import base
|
||||
@ -178,7 +176,7 @@ class OAuthValidator(provider_api.ProviderAPIMixin, oauth1.RequestValidator):
|
||||
|
||||
def verify_request_token(self, token, request):
|
||||
# there aren't strong expectations on the request token format
|
||||
return isinstance(token, six.string_types)
|
||||
return isinstance(token, str)
|
||||
|
||||
def verify_realms(self, token, realms, request):
|
||||
return True
|
||||
|
@ -11,7 +11,6 @@
|
||||
# under the License.
|
||||
|
||||
import abc
|
||||
import six
|
||||
|
||||
import keystone.conf
|
||||
from keystone import exception
|
||||
@ -20,8 +19,7 @@ from keystone import exception
|
||||
CONF = keystone.conf.CONF
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class PolicyDriverBase(object):
|
||||
class PolicyDriverBase(object, metaclass=abc.ABCMeta):
|
||||
|
||||
def _get_list_limit(self):
|
||||
return CONF.policy.list_limit or CONF.list_limit
|
||||
|
@ -13,8 +13,8 @@
|
||||
# under the License.
|
||||
|
||||
import flask
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common import authorization
|
||||
from keystone.common import provider_api
|
||||
@ -68,7 +68,7 @@ def build_receipt(mfa_error):
|
||||
issue_receipt(mfa_error.user_id, mfa_error.methods)
|
||||
resp_data = _render_receipt_response_from_model(receipt)
|
||||
resp_body = jsonutils.dumps(resp_data)
|
||||
response = flask.make_response(resp_body, http_client.UNAUTHORIZED)
|
||||
response = flask.make_response(resp_body, http.client.UNAUTHORIZED)
|
||||
response.headers[authorization.AUTH_RECEIPT_HEADER] = receipt.id
|
||||
response.headers['Content-Type'] = 'application/json'
|
||||
return response
|
||||
|
@ -18,7 +18,6 @@ import datetime
|
||||
|
||||
from oslo_log import log
|
||||
from oslo_utils import timeutils
|
||||
import six
|
||||
|
||||
from keystone.common import cache
|
||||
from keystone.common import manager
|
||||
@ -159,7 +158,7 @@ class Manager(manager.Manager):
|
||||
|
||||
if isinstance(expires_at, datetime.datetime):
|
||||
receipt.expires_at = utils.isotime(expires_at, subsecond=True)
|
||||
if isinstance(expires_at, six.string_types):
|
||||
if isinstance(expires_at, str):
|
||||
receipt.expires_at = expires_at
|
||||
elif not expires_at:
|
||||
receipt.expires_at = utils.isotime(
|
||||
|
@ -14,13 +14,10 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
from keystone import exception
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class Provider(object):
|
||||
class Provider(object, metaclass=abc.ABCMeta):
|
||||
"""Interface description for a Receipt provider."""
|
||||
|
||||
@abc.abstractmethod
|
||||
|
@ -71,8 +71,8 @@ class ReceiptFormatter(object):
|
||||
def pack(self, payload):
|
||||
"""Pack a payload for transport as a receipt.
|
||||
|
||||
:type payload: six.binary_type
|
||||
:rtype: six.text_type
|
||||
:type payload: bytes
|
||||
:rtype: str
|
||||
|
||||
"""
|
||||
# base64 padding (if any) is not URL-safe
|
||||
@ -81,8 +81,8 @@ class ReceiptFormatter(object):
|
||||
def unpack(self, receipt):
|
||||
"""Unpack a receipt, and validate the payload.
|
||||
|
||||
:type receipt: six.text_type
|
||||
:rtype: six.binary_type
|
||||
:type receipt: str
|
||||
:rtype: bytes
|
||||
|
||||
"""
|
||||
receipt = ReceiptFormatter.restore_padding(receipt)
|
||||
@ -98,7 +98,7 @@ class ReceiptFormatter(object):
|
||||
"""Restore padding based on receipt size.
|
||||
|
||||
:param receipt: receipt to restore padding on
|
||||
:type receipt: six.text_type
|
||||
:type receipt: str
|
||||
:returns: receipt with correct padding
|
||||
|
||||
"""
|
||||
@ -113,14 +113,14 @@ class ReceiptFormatter(object):
|
||||
def creation_time(cls, fernet_receipt):
|
||||
"""Return the creation time of a valid Fernet receipt.
|
||||
|
||||
:type fernet_receipt: six.text_type
|
||||
:type fernet_receipt: str
|
||||
|
||||
"""
|
||||
fernet_receipt = ReceiptFormatter.restore_padding(fernet_receipt)
|
||||
# fernet_receipt is six.text_type
|
||||
# fernet_receipt is str
|
||||
|
||||
# Fernet receipts are base64 encoded, so we need to unpack them first
|
||||
# urlsafe_b64decode() requires six.binary_type
|
||||
# urlsafe_b64decode() requires bytes
|
||||
receipt_bytes = base64.urlsafe_b64decode(
|
||||
fernet_receipt.encode('utf-8'))
|
||||
|
||||
@ -159,7 +159,7 @@ class ReceiptFormatter(object):
|
||||
def validate_receipt(self, receipt):
|
||||
"""Validate a Fernet receipt and returns the payload attributes.
|
||||
|
||||
:type receipt: six.text_type
|
||||
:type receipt: str
|
||||
|
||||
"""
|
||||
serialized_payload = self.unpack(receipt)
|
||||
@ -280,20 +280,20 @@ class ReceiptPayload(object):
|
||||
def base64_encode(cls, s):
|
||||
"""Encode a URL-safe string.
|
||||
|
||||
:type s: six.text_type
|
||||
:rtype: six.text_type
|
||||
:type s: str
|
||||
:rtype: str
|
||||
|
||||
"""
|
||||
# urlsafe_b64encode() returns six.binary_type so need to convert to
|
||||
# six.text_type, might as well do it before stripping.
|
||||
# urlsafe_b64encode() returns bytes so need to convert to
|
||||
# str, might as well do it before stripping.
|
||||
return base64.urlsafe_b64encode(s).decode('utf-8').rstrip('=')
|
||||
|
||||
@classmethod
|
||||
def random_urlsafe_str_to_bytes(cls, s):
|
||||
"""Convert string from :func:`random_urlsafe_str()` to six.binary_type.
|
||||
"""Convert string from :func:`random_urlsafe_str()` to bytes.
|
||||
|
||||
:type s: six.text_type
|
||||
:rtype: six.binary_type
|
||||
:type s: str
|
||||
:rtype: bytes
|
||||
|
||||
"""
|
||||
# urlsafe_b64decode() requires str, unicode isn't accepted.
|
||||
|
@ -14,8 +14,6 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
import keystone.conf
|
||||
from keystone import exception
|
||||
|
||||
@ -39,8 +37,7 @@ def get_project_from_domain(domain_ref):
|
||||
NULL_DOMAIN_ID = '<<keystone.domain.root>>'
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class ResourceDriverBase(object):
|
||||
class ResourceDriverBase(object, metaclass=abc.ABCMeta):
|
||||
|
||||
def _get_list_limit(self):
|
||||
return CONF.resource.list_limit or CONF.list_limit
|
||||
|
@ -10,7 +10,6 @@
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from six import text_type
|
||||
from sqlalchemy import orm
|
||||
from sqlalchemy.orm import collections
|
||||
|
||||
@ -102,7 +101,7 @@ class Project(sql.ModelBase, sql.ModelDictMixinWithExtras):
|
||||
for tag in values:
|
||||
tag_ref = ProjectTag()
|
||||
tag_ref.project_id = self.id
|
||||
tag_ref.name = text_type(tag)
|
||||
tag_ref.name = str(tag)
|
||||
new_tags.append(tag_ref)
|
||||
self._tags = new_tags
|
||||
|
||||
|
@ -14,13 +14,10 @@
|
||||
|
||||
import abc
|
||||
|
||||
import six
|
||||
|
||||
from keystone import exception
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class DomainConfigDriverBase(object):
|
||||
class DomainConfigDriverBase(object, metaclass=abc.ABCMeta):
|
||||
"""Interface description for a Domain Config driver."""
|
||||
|
||||
@abc.abstractmethod
|
||||
|
@ -13,7 +13,6 @@
|
||||
"""Main entry point into the Resource service."""
|
||||
|
||||
from oslo_log import log
|
||||
import six
|
||||
|
||||
from keystone import assignment
|
||||
from keystone.common import cache
|
||||
@ -1476,7 +1475,7 @@ class DomainConfigManager(manager.Manager):
|
||||
sensitive_dict = {s['option']: s['value'] for s in sensitive}
|
||||
|
||||
for each_whitelisted in whitelisted:
|
||||
if not isinstance(each_whitelisted['value'], six.string_types):
|
||||
if not isinstance(each_whitelisted['value'], str):
|
||||
# We only support substitutions into string types, if its an
|
||||
# integer, list etc. then just continue onto the next one
|
||||
continue
|
||||
|
@ -16,7 +16,6 @@ import abc
|
||||
import datetime
|
||||
|
||||
from oslo_utils import timeutils
|
||||
import six
|
||||
|
||||
import keystone.conf
|
||||
from keystone import exception
|
||||
@ -32,8 +31,7 @@ def revoked_before_cutoff_time():
|
||||
return oldest
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class RevokeDriverBase(object):
|
||||
class RevokeDriverBase(object, metaclass=abc.ABCMeta):
|
||||
"""Interface for recording and reporting revocation events."""
|
||||
|
||||
@abc.abstractmethod
|
||||
|
@ -19,7 +19,6 @@ import flask
|
||||
import oslo_i18n
|
||||
from oslo_log import log
|
||||
from oslo_middleware import healthcheck
|
||||
import six
|
||||
|
||||
try:
|
||||
# werkzeug 0.15.x
|
||||
@ -85,9 +84,9 @@ def _handle_keystone_exception(error):
|
||||
"Authorization failed. %(exception)s from %(remote_addr)s",
|
||||
{'exception': error, 'remote_addr': flask.request.remote_addr})
|
||||
elif isinstance(error, exception.UnexpectedError):
|
||||
LOG.exception(six.text_type(error))
|
||||
LOG.exception(str(error))
|
||||
else:
|
||||
LOG.warning(six.text_type(error))
|
||||
LOG.warning(str(error))
|
||||
|
||||
# Render the exception to something user "friendly"
|
||||
error_message = error.args[0]
|
||||
@ -95,7 +94,7 @@ def _handle_keystone_exception(error):
|
||||
if message is error_message:
|
||||
# translate() didn't do anything because it wasn't a Message,
|
||||
# convert to a string.
|
||||
message = six.text_type(message)
|
||||
message = str(message)
|
||||
|
||||
body = dict(
|
||||
error={
|
||||
|
@ -22,11 +22,10 @@ import flask
|
||||
from flask import blueprints
|
||||
import flask_restful
|
||||
import flask_restful.utils
|
||||
import http.client
|
||||
from oslo_log import log
|
||||
from oslo_log import versionutils
|
||||
from oslo_serialization import jsonutils
|
||||
import six
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common import authorization
|
||||
from keystone.common import context
|
||||
@ -156,13 +155,12 @@ def _assert_rbac_enforcement_called(resp):
|
||||
|
||||
def _remove_content_type_on_204(resp):
|
||||
# Remove content-type if the resp is 204.
|
||||
if resp.status_code == http_client.NO_CONTENT:
|
||||
if resp.status_code == http.client.NO_CONTENT:
|
||||
resp.headers.pop('content-type', None)
|
||||
return resp
|
||||
|
||||
|
||||
@six.add_metaclass(abc.ABCMeta)
|
||||
class APIBase(object):
|
||||
class APIBase(object, metaclass=abc.ABCMeta):
|
||||
|
||||
@property
|
||||
@abc.abstractmethod
|
||||
@ -807,7 +805,7 @@ class ResourceBase(flask_restful.Resource):
|
||||
val = False
|
||||
if filter_name in flask.request.args:
|
||||
filter_value = flask.request.args.get(filter_name)
|
||||
if (isinstance(filter_value, six.string_types) and
|
||||
if (isinstance(filter_value, str) and
|
||||
filter_value == '0'):
|
||||
val = False
|
||||
else:
|
||||
|
@ -16,12 +16,11 @@ import itertools
|
||||
import re
|
||||
import wsgiref.util
|
||||
|
||||
import http.client
|
||||
from keystonemiddleware import auth_token
|
||||
import oslo_i18n
|
||||
from oslo_log import log
|
||||
from oslo_serialization import jsonutils
|
||||
import six
|
||||
from six.moves import http_client
|
||||
import webob.dec
|
||||
import webob.exc
|
||||
|
||||
@ -103,16 +102,16 @@ def middleware_exceptions(method):
|
||||
try:
|
||||
return method(self, request)
|
||||
except exception.Error as e:
|
||||
LOG.warning(six.text_type(e))
|
||||
LOG.warning(e)
|
||||
return render_exception(e, request=request,
|
||||
user_locale=best_match_language(request))
|
||||
except TypeError as e:
|
||||
LOG.exception(six.text_type(e))
|
||||
LOG.exception(e)
|
||||
return render_exception(exception.ValidationError(e),
|
||||
request=request,
|
||||
user_locale=best_match_language(request))
|
||||
except Exception as e:
|
||||
LOG.exception(six.text_type(e))
|
||||
LOG.exception(e)
|
||||
return render_exception(exception.UnexpectedError(exception=e),
|
||||
request=request,
|
||||
user_locale=best_match_language(request))
|
||||
@ -130,8 +129,8 @@ def render_response(body=None, status=None, headers=None, method=None):
|
||||
|
||||
if body is None:
|
||||
body = b''
|
||||
status = status or (http_client.NO_CONTENT,
|
||||
http_client.responses[http_client.NO_CONTENT])
|
||||
status = status or (http.client.NO_CONTENT,
|
||||
http.client.responses[http.client.NO_CONTENT])
|
||||
else:
|
||||
content_types = [v for h, v in headers if h == 'Content-Type']
|
||||
if content_types:
|
||||
@ -143,8 +142,8 @@ def render_response(body=None, status=None, headers=None, method=None):
|
||||
body = jsonutils.dump_as_bytes(body, cls=utils.SmarterEncoder)
|
||||
if content_type is None:
|
||||
headers.append(('Content-Type', 'application/json'))
|
||||
status = status or (http_client.OK,
|
||||
http_client.responses[http_client.OK])
|
||||
status = status or (http.client.OK,
|
||||
http.client.responses[http.client.OK])
|
||||
|
||||
# NOTE(davechen): `mod_wsgi` follows the standards from pep-3333 and
|
||||
# requires the value in response header to be binary type(str) on python2,
|
||||
@ -205,7 +204,7 @@ def render_exception(error, context=None, request=None, user_locale=None):
|
||||
if message is error_message:
|
||||
# translate() didn't do anything because it wasn't a Message,
|
||||
# convert to a string.
|
||||
message = six.text_type(message)
|
||||
message = str(message)
|
||||
|
||||
body = {'error': {
|
||||
'code': error.code,
|
||||
|
@ -26,8 +26,6 @@ please see pycodestyle.py.
|
||||
import ast
|
||||
import re
|
||||
|
||||
import six
|
||||
|
||||
|
||||
class BaseASTChecker(ast.NodeVisitor):
|
||||
"""Provides a simple framework for writing AST-based checks.
|
||||
@ -183,7 +181,7 @@ class CheckForTranslationIssues(BaseASTChecker):
|
||||
if obj_name is None:
|
||||
return None
|
||||
return obj_name + '.' + method_name
|
||||
elif isinstance(node, six.string_types):
|
||||
elif isinstance(node, str):
|
||||
return node
|
||||
else: # could be Subscript, Call or many more
|
||||
return None
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
import uuid
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -133,7 +133,7 @@ class _ProjectUsersTests(object):
|
||||
user['id'], access_rule_id)
|
||||
c.get(
|
||||
path, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_own_non_existent_access_rule_not_found(self):
|
||||
@ -142,7 +142,7 @@ class _ProjectUsersTests(object):
|
||||
'/v3/users/%s/access_rules/%s' % (
|
||||
self.user_id, uuid.uuid4().hex),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND
|
||||
expected_status_code=http.client.NOT_FOUND
|
||||
)
|
||||
|
||||
def test_cannot_get_non_existent_access_rule_other_user_forbidden(self):
|
||||
@ -153,7 +153,7 @@ class _ProjectUsersTests(object):
|
||||
'/v3/users/%s/access_rules/%s' % (
|
||||
user['id'], uuid.uuid4().hex),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_list_access_rules_for_other_users(self):
|
||||
@ -186,7 +186,7 @@ class _ProjectUsersTests(object):
|
||||
with self.test_client() as c:
|
||||
path = '/v3/users/%s/access_rules' % user['id']
|
||||
c.get(path, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_delete_access_rules_for_others(self):
|
||||
user = unit.new_user_ref(domain_id=CONF.identity.default_domain_id)
|
||||
@ -222,7 +222,7 @@ class _ProjectUsersTests(object):
|
||||
user['id'], access_rule_id)
|
||||
c.delete(
|
||||
path, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_delete_non_existent_access_rule_other_user_forbidden(self):
|
||||
@ -233,7 +233,7 @@ class _ProjectUsersTests(object):
|
||||
'/v3/users/%s/access_rules/%s' % (
|
||||
user['id'], uuid.uuid4().hex),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -281,7 +281,7 @@ class _SystemUserAccessRuleTests(object):
|
||||
'/v3/users/%s/access_rules/%s' % (
|
||||
user['id'], uuid.uuid4().hex),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND
|
||||
expected_status_code=http.client.NOT_FOUND
|
||||
)
|
||||
|
||||
|
||||
@ -352,7 +352,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
|
||||
user['id'], access_rule_id)
|
||||
c.delete(
|
||||
path, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_non_existent_access_rule_forbidden(self):
|
||||
@ -363,7 +363,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
|
||||
'/v3/users/%s/access_rules/%s' % (
|
||||
user['id'], uuid.uuid4().hex),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -434,7 +434,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
|
||||
user['id'], access_rule_id)
|
||||
c.delete(
|
||||
path, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
with self.test_client() as c:
|
||||
@ -442,7 +442,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
|
||||
user['id'], access_rule_id)
|
||||
c.delete(
|
||||
path, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_non_existent_access_rule_forbidden(self):
|
||||
@ -453,7 +453,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
|
||||
'/v3/users/%s/access_rules/%s' % (
|
||||
user['id'], uuid.uuid4().hex),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -526,7 +526,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
'/v3/users/%s/access_rules/%s' % (
|
||||
user['id'], uuid.uuid4().hex),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND
|
||||
expected_status_code=http.client.NOT_FOUND
|
||||
)
|
||||
|
||||
|
||||
|
@ -13,8 +13,8 @@
|
||||
import datetime
|
||||
import uuid
|
||||
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common.policies import base as base_policy
|
||||
from keystone.common import provider_api
|
||||
@ -127,7 +127,7 @@ class _DomainAndProjectUserTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/users/%s/application_credentials' % (
|
||||
self.app_cred_user_id),
|
||||
expected_status_code=http_client.FORBIDDEN,
|
||||
expected_status_code=http.client.FORBIDDEN,
|
||||
headers=self.headers)
|
||||
|
||||
def test_user_cannot_get_application_credential(self):
|
||||
@ -137,7 +137,7 @@ class _DomainAndProjectUserTests(object):
|
||||
c.get('/v3/users/%s/application_credentials/%s' % (
|
||||
self.app_cred_user_id,
|
||||
app_cred['id']),
|
||||
expected_status_code=http_client.FORBIDDEN,
|
||||
expected_status_code=http.client.FORBIDDEN,
|
||||
headers=self.headers)
|
||||
|
||||
def test_user_cannot_lookup_application_credential(self):
|
||||
@ -147,7 +147,7 @@ class _DomainAndProjectUserTests(object):
|
||||
c.get('/v3/users/%s/application_credentials?name=%s' % (
|
||||
self.app_cred_user_id,
|
||||
app_cred['name']),
|
||||
expected_status_code=http_client.FORBIDDEN,
|
||||
expected_status_code=http.client.FORBIDDEN,
|
||||
headers=self.headers)
|
||||
|
||||
def test_user_cannot_delete_application_credential(self):
|
||||
@ -158,7 +158,7 @@ class _DomainAndProjectUserTests(object):
|
||||
'/v3/users/%s/application_credentials/%s' % (
|
||||
self.app_cred_user_id,
|
||||
app_cred['id']),
|
||||
expected_status_code=http_client.FORBIDDEN,
|
||||
expected_status_code=http.client.FORBIDDEN,
|
||||
headers=self.headers)
|
||||
|
||||
def test_user_cannot_lookup_non_existent_application_credential(self):
|
||||
@ -166,7 +166,7 @@ class _DomainAndProjectUserTests(object):
|
||||
c.get('/v3/users/%s/application_credentials?name=%s' % (
|
||||
self.app_cred_user_id,
|
||||
uuid.uuid4().hex),
|
||||
expected_status_code=http_client.FORBIDDEN,
|
||||
expected_status_code=http.client.FORBIDDEN,
|
||||
headers=self.headers)
|
||||
|
||||
def test_user_cannot_create_app_credential_for_another_user(self):
|
||||
@ -187,7 +187,7 @@ class _DomainAndProjectUserTests(object):
|
||||
c.post(
|
||||
'/v3/users/%s/application_credentials' % another_user_id,
|
||||
json=app_cred_body,
|
||||
expected_status_code=http_client.FORBIDDEN,
|
||||
expected_status_code=http.client.FORBIDDEN,
|
||||
headers=self.headers)
|
||||
|
||||
|
||||
@ -233,7 +233,7 @@ class _SystemUserAndOwnerTests(object):
|
||||
|
||||
def _test_delete_application_credential(
|
||||
self,
|
||||
expected_status_code=http_client.NO_CONTENT):
|
||||
expected_status_code=http.client.NO_CONTENT):
|
||||
app_cred = self._create_application_credential()
|
||||
|
||||
with self.test_client() as c:
|
||||
@ -262,7 +262,7 @@ class _SystemUserAndOwnerTests(object):
|
||||
c.post(
|
||||
'/v3/users/%s/application_credentials' % another_user_id,
|
||||
json=app_cred_body,
|
||||
expected_status_code=http_client.FORBIDDEN,
|
||||
expected_status_code=http.client.FORBIDDEN,
|
||||
headers=self.headers)
|
||||
|
||||
|
||||
@ -300,7 +300,7 @@ class SystemReaderTests(_TestAppCredBase,
|
||||
|
||||
def test_system_reader_cannot_delete_application_credential_for_user(self):
|
||||
self._test_delete_application_credential(
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
|
||||
class SystemMemberTests(_TestAppCredBase,
|
||||
@ -337,7 +337,7 @@ class SystemMemberTests(_TestAppCredBase,
|
||||
|
||||
def test_system_reader_cannot_delete_application_credential_for_user(self):
|
||||
self._test_delete_application_credential(
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
|
||||
class SystemAdminTests(_TestAppCredBase,
|
||||
@ -412,7 +412,7 @@ class OwnerTests(_TestAppCredBase,
|
||||
c.post(
|
||||
'/v3/users/%s/application_credentials' % self.user_id,
|
||||
json=app_cred_body,
|
||||
expected_status_code=http_client.CREATED,
|
||||
expected_status_code=http.client.CREATED,
|
||||
headers=self.headers)
|
||||
|
||||
def test_owner_can_delete_application_credential(self):
|
||||
|
@ -11,7 +11,7 @@
|
||||
# under the License.
|
||||
|
||||
import copy
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
import uuid
|
||||
|
||||
from oslo_serialization import jsonutils
|
||||
@ -1021,7 +1021,7 @@ class _DomainUserTests(object):
|
||||
('/v3/role_assignments?scope.project.id=%s&include_subtree' %
|
||||
assignments['project_id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -1031,7 +1031,7 @@ class _ProjectUserTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/role_assignments', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_filter_role_assignments_by_user_of_project(self):
|
||||
@ -1042,7 +1042,7 @@ class _ProjectUserTests(object):
|
||||
c.get(
|
||||
'/v3/role_assignments?user.id=%s' % user_id,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_filter_role_assignments_by_group_of_project(self):
|
||||
@ -1053,7 +1053,7 @@ class _ProjectUserTests(object):
|
||||
c.get(
|
||||
'/v3/role_assignments?group.id=%s' % group_id,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_filter_role_assignments_by_system(self):
|
||||
@ -1061,7 +1061,7 @@ class _ProjectUserTests(object):
|
||||
c.get(
|
||||
'/v3/role_assignments?scope.system=all',
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_filter_role_assignments_by_domain(self):
|
||||
@ -1070,7 +1070,7 @@ class _ProjectUserTests(object):
|
||||
'/v3/role_assignments?scope.domain.id=%s'
|
||||
% self.domain_id,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_filter_role_assignments_by_other_project(self):
|
||||
@ -1084,7 +1084,7 @@ class _ProjectUserTests(object):
|
||||
'/v3/role_assignments?scope.project.id=%s'
|
||||
% project1,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_filter_role_assignments_by_other_project_user(self):
|
||||
@ -1099,7 +1099,7 @@ class _ProjectUserTests(object):
|
||||
c.get(
|
||||
'/v3/role_assignments?user.id=%s' % user_id,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_filter_role_assignments_by_other_project_group(self):
|
||||
@ -1114,7 +1114,7 @@ class _ProjectUserTests(object):
|
||||
c.get(
|
||||
'/v3/role_assignments?group.id=%s' % group_id,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -1138,7 +1138,7 @@ class _ProjectReaderMemberTests(object):
|
||||
('/v3/role_assignments?scope.project.id=%s&include_subtree' %
|
||||
self.project_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -1628,5 +1628,5 @@ class ProjectAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
('/v3/role_assignments?scope.project.id=%s&include_subtree' %
|
||||
project['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
import uuid
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -49,7 +49,7 @@ class _SystemReaderAndMemberOauth1ConsumerTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post('/v3/OS-OAUTH1/consumers',
|
||||
json={'consumer': {}},
|
||||
expected_status_code=http_client.FORBIDDEN,
|
||||
expected_status_code=http.client.FORBIDDEN,
|
||||
headers=self.headers)
|
||||
|
||||
def test_user_cannot_update_consumer(self):
|
||||
@ -58,7 +58,7 @@ class _SystemReaderAndMemberOauth1ConsumerTests(object):
|
||||
with self.test_client() as c:
|
||||
c.patch('/v3/OS-OAUTH1/consumers/%s' % ref['id'],
|
||||
json={'consumer': {'description': uuid.uuid4().hex}},
|
||||
expected_status_code=http_client.FORBIDDEN,
|
||||
expected_status_code=http.client.FORBIDDEN,
|
||||
headers=self.headers)
|
||||
|
||||
def test_user_cannot_delete_consumer(self):
|
||||
@ -66,7 +66,7 @@ class _SystemReaderAndMemberOauth1ConsumerTests(object):
|
||||
{'id': uuid.uuid4().hex})
|
||||
with self.test_client() as c:
|
||||
c.delete('/v3/OS-OAUTH1/consumers/%s' % ref['id'],
|
||||
expected_status_code=http_client.FORBIDDEN,
|
||||
expected_status_code=http.client.FORBIDDEN,
|
||||
headers=self.headers)
|
||||
|
||||
|
||||
|
@ -12,8 +12,8 @@
|
||||
|
||||
import uuid
|
||||
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common.policies import base as bp
|
||||
from keystone.common import provider_api
|
||||
@ -192,14 +192,14 @@ class _ProjectUsersTests(object):
|
||||
path = '/v3/credentials/%s' % credential_id
|
||||
c.get(
|
||||
path, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_non_existant_credential_forbidden(self):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_list_credentials_for_other_users(self):
|
||||
@ -351,7 +351,7 @@ class _ProjectUsersTests(object):
|
||||
path = '/v3/credentials/%s' % credential_id
|
||||
c.patch(
|
||||
path, json=update, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_non_existant_credential_forbidden(self):
|
||||
@ -361,7 +361,7 @@ class _ProjectUsersTests(object):
|
||||
c.patch(
|
||||
'/v3/credentials/%s' % uuid.uuid4().hex, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_credentials_for_other_users(self):
|
||||
@ -379,7 +379,7 @@ class _ProjectUsersTests(object):
|
||||
}
|
||||
c.post(
|
||||
'/v3/credentials', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_credentials_for_others(self):
|
||||
@ -418,14 +418,14 @@ class _ProjectUsersTests(object):
|
||||
path = '/v3/credentials/%s' % credential_id
|
||||
c.delete(
|
||||
path, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_non_existant_credential_forbidden(self):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -474,7 +474,7 @@ class _SystemUserCredentialTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND
|
||||
expected_status_code=http.client.NOT_FOUND
|
||||
)
|
||||
|
||||
def test_user_can_filter_credentials_by_type_for_others(self):
|
||||
@ -617,7 +617,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
|
||||
}
|
||||
c.post(
|
||||
'/v3/credentials', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_credentials_for_others(self):
|
||||
@ -657,7 +657,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
|
||||
path = '/v3/credentials/%s' % credential_id
|
||||
c.patch(
|
||||
path, json=update, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_non_existant_credential_forbidden(self):
|
||||
@ -667,7 +667,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/credentials/%s' % uuid.uuid4().hex, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_credentials_for_others(self):
|
||||
@ -706,14 +706,14 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
|
||||
path = '/v3/credentials/%s' % credential_id
|
||||
c.delete(
|
||||
path, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_non_existant_credential_forbidden(self):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -765,7 +765,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
|
||||
}
|
||||
c.post(
|
||||
'/v3/credentials', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_credentials_for_others(self):
|
||||
@ -805,7 +805,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
|
||||
path = '/v3/credentials/%s' % credential_id
|
||||
c.patch(
|
||||
path, json=update, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_non_existant_credential_forbidden(self):
|
||||
@ -815,7 +815,7 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/credentials/%s' % uuid.uuid4().hex, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_credentials_for_others(self):
|
||||
@ -854,14 +854,14 @@ class SystemMemberTests(base_classes.TestCaseWithBootstrap,
|
||||
path = '/v3/credentials/%s' % credential_id
|
||||
c.delete(
|
||||
path, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_non_existant_credential_forbidden(self):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -954,7 +954,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/credentials/%s' % uuid.uuid4().hex, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND
|
||||
expected_status_code=http.client.NOT_FOUND
|
||||
)
|
||||
|
||||
def test_user_can_delete_credentials_for_others(self):
|
||||
@ -997,7 +997,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/credentials/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND
|
||||
expected_status_code=http.client.NOT_FOUND
|
||||
)
|
||||
|
||||
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
import uuid
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -122,7 +122,7 @@ class _SystemUserDomainConfigTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/%s/config/ldap'
|
||||
% invalid_domain_id, headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND)
|
||||
expected_status_code=http.client.NOT_FOUND)
|
||||
|
||||
def test_user_can_get_non_existent_config(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -130,7 +130,7 @@ class _SystemUserDomainConfigTests(object):
|
||||
)
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/%s/config' % domain['id'], headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND)
|
||||
expected_status_code=http.client.NOT_FOUND)
|
||||
|
||||
def test_user_can_get_non_existent_config_group_invalid_domain(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -142,7 +142,7 @@ class _SystemUserDomainConfigTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/%s/config/ldap'
|
||||
% invalid_domain_id, headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND)
|
||||
expected_status_code=http.client.NOT_FOUND)
|
||||
|
||||
def test_user_can_get_domain_config_option(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -163,7 +163,7 @@ class _SystemUserDomainConfigTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/%s/config/ldap/user_tree_dn'
|
||||
% domain['id'], headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND)
|
||||
expected_status_code=http.client.NOT_FOUND)
|
||||
|
||||
def test_user_can_get_non_existent_config_option_invalid_domain(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -175,7 +175,7 @@ class _SystemUserDomainConfigTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/%s/config/ldap/user_tree_dn'
|
||||
% invalid_domain_id, headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND)
|
||||
expected_status_code=http.client.NOT_FOUND)
|
||||
|
||||
def test_user_can_get_security_compliance_domain_config(self):
|
||||
# Set the security compliance configuration options
|
||||
@ -247,7 +247,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
|
||||
% domain['id'],
|
||||
json={'config': unit.new_domain_config_ref()},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_update_domain_config(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -261,7 +261,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
|
||||
c.patch('/v3/domains/%s/config'
|
||||
% domain['id'], json={'config': new_config},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_update_domain_group_config(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -275,7 +275,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
|
||||
c.patch('/v3/domains/%s/config/ldap'
|
||||
% domain['id'], json={'config': new_config},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_update_domain_config_option(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -289,7 +289,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
|
||||
% domain['id'],
|
||||
json={'config': new_config},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_delete_domain_config(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -300,7 +300,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete('/v3/domains/%s/config' % domain['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_delete_domain_group_config(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -311,7 +311,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete('/v3/domains/%s/config/ldap'
|
||||
% domain['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_delete_domain_config_option(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -322,7 +322,7 @@ class _SystemReaderMemberDomainAndProjectUserDomainConfigTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete('/v3/domains/%s/config/ldap/url'
|
||||
% domain['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
|
||||
class _DomainAndProjectUserDomainConfigTests(object):
|
||||
@ -336,7 +336,7 @@ class _DomainAndProjectUserDomainConfigTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/%s/config'
|
||||
% domain['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_get_domain_group_config(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -347,7 +347,7 @@ class _DomainAndProjectUserDomainConfigTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/%s/config/ldap'
|
||||
% domain['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_get_non_existant_config(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -355,7 +355,7 @@ class _DomainAndProjectUserDomainConfigTests(object):
|
||||
)
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/%s/config' % domain['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_get_domain_config_option(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -366,22 +366,22 @@ class _DomainAndProjectUserDomainConfigTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/%s/config/ldap/url'
|
||||
% domain['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_get_domain_config_default(self):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/config/default', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_get_domain_group_config_default(self):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/config/ldap/default', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_get_domain_config_option_default(self):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/domains/config/ldap/url/default', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
|
||||
class SystemReaderTests(
|
||||
@ -492,7 +492,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
% domain['id'],
|
||||
json={'config': unit.new_domain_config_ref()},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.CREATED)
|
||||
expected_status_code=http.client.CREATED)
|
||||
|
||||
def test_user_cannot_create_invalid_domain_config(self):
|
||||
invalid_domain_id = uuid.uuid4().hex
|
||||
@ -501,7 +501,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
% invalid_domain_id,
|
||||
json={'config': unit.new_domain_config_ref()},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND)
|
||||
expected_status_code=http.client.NOT_FOUND)
|
||||
|
||||
def test_user_can_update_domain_config(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -581,7 +581,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.delete('/v3/domains/%s/config' % invalid_domain_id,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND)
|
||||
expected_status_code=http.client.NOT_FOUND)
|
||||
|
||||
|
||||
class DomainUserTests(
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
import uuid
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -60,7 +60,7 @@ class _SystemReaderAndMemberDomainRoleTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/roles', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_domain_roles(self):
|
||||
@ -74,7 +74,7 @@ class _SystemReaderAndMemberDomainRoleTests(object):
|
||||
with self.test_client() as c:
|
||||
c.patch(
|
||||
'/v3/roles/%s' % role['id'], json=update, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_domain_roles(self):
|
||||
@ -86,7 +86,7 @@ class _SystemReaderAndMemberDomainRoleTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/roles/%s' % role['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -101,7 +101,7 @@ class _DomainAndProjectUserDomainRoleTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/roles', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_a_domain_role(self):
|
||||
@ -113,7 +113,7 @@ class _DomainAndProjectUserDomainRoleTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/roles/%s' % role['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_domain_roles(self):
|
||||
@ -123,7 +123,7 @@ class _DomainAndProjectUserDomainRoleTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/roles', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_domain_roles(self):
|
||||
@ -137,7 +137,7 @@ class _DomainAndProjectUserDomainRoleTests(object):
|
||||
with self.test_client() as c:
|
||||
c.patch(
|
||||
'/v3/roles/%s' % role['id'], json=update, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_domain_roles(self):
|
||||
@ -149,7 +149,7 @@ class _DomainAndProjectUserDomainRoleTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/roles/%s' % role['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
|
@ -12,8 +12,8 @@
|
||||
|
||||
import uuid
|
||||
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common.policies import domain as dp
|
||||
from keystone.common import provider_api
|
||||
@ -100,7 +100,7 @@ class _SystemMemberAndReaderDomainTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/domains', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_a_domain(self):
|
||||
@ -113,7 +113,7 @@ class _SystemMemberAndReaderDomainTests(object):
|
||||
c.patch(
|
||||
'/v3/domains/%s' % domain['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_a_domain(self):
|
||||
@ -124,7 +124,7 @@ class _SystemMemberAndReaderDomainTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/domains/%s' % domain['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -143,14 +143,14 @@ class _DomainAndProjectUserDomainTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/domains/%s' % domain['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_list_domains(self):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/domains', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_filter_domains_by_name(self):
|
||||
@ -166,18 +166,18 @@ class _DomainAndProjectUserDomainTests(object):
|
||||
c.get(
|
||||
'/v3/domains?name=%s' % domain_name,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_filter_domains_by_enabled(self):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/domains?enabled=true', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
c.get(
|
||||
'/v3/domains?enabled=false', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_a_domain(self):
|
||||
@ -190,7 +190,7 @@ class _DomainAndProjectUserDomainTests(object):
|
||||
c.patch(
|
||||
'/v3/domains/%s' % domain['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_a_domain(self):
|
||||
@ -199,7 +199,7 @@ class _DomainAndProjectUserDomainTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/domains', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_a_domain(self):
|
||||
@ -212,11 +212,11 @@ class _DomainAndProjectUserDomainTests(object):
|
||||
path = '/v3/domains/%s' % domain['id']
|
||||
c.patch(
|
||||
path, json=update, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
c.delete(
|
||||
path, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_non_existant_domain_forbidden(self):
|
||||
@ -225,7 +225,7 @@ class _DomainAndProjectUserDomainTests(object):
|
||||
c.get(
|
||||
'/v3/domains/%s' % uuid.uuid4().hex,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
|
@ -10,8 +10,8 @@
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common.policies import base as bp
|
||||
from keystone.common import provider_api
|
||||
@ -85,7 +85,7 @@ class _UserEC2CredentialTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post('/v3/users/%s/credentials/OS-EC2' % self.user_id,
|
||||
json={'tenant_id': project['id']}, headers=self.headers,
|
||||
expected_status_code=http_client.CREATED)
|
||||
expected_status_code=http.client.CREATED)
|
||||
|
||||
def test_user_delete_their_ec2_credentials(self):
|
||||
project = unit.new_project_ref(
|
||||
@ -122,7 +122,7 @@ class _UserEC2CredentialTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post('/v3/users/%s/credentials/OS-EC2' % user['id'],
|
||||
json={'tenant_id': project['id']}, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_delete_ec2_credentials_for_others(self):
|
||||
user = unit.new_user_ref(domain_id=CONF.identity.default_domain_id)
|
||||
@ -152,7 +152,7 @@ class _UserEC2CredentialTests(object):
|
||||
c.delete('/v3/users/%s/credentials/OS-EC2/%s' % (
|
||||
self.user_id, credential_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
|
||||
class _SystemUserTests(object):
|
||||
@ -185,7 +185,7 @@ class _SystemUserTests(object):
|
||||
path = '/v3/users/%s/credentials/OS-EC2/%s' % (
|
||||
self.user_id, credential_id)
|
||||
c.get(path, headers=self.headers,
|
||||
expected_status_code=http_client.OK)
|
||||
expected_status_code=http.client.OK)
|
||||
|
||||
|
||||
class _SystemReaderAndMemberTests(object):
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
import uuid
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -153,7 +153,7 @@ class _SystemReaderAndMemberUserEndpointGroupsTests(object):
|
||||
c.post(
|
||||
'/v3/OS-EP-FILTER/endpoint_groups', json=create,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_endpoint_groups(self):
|
||||
@ -170,7 +170,7 @@ class _SystemReaderAndMemberUserEndpointGroupsTests(object):
|
||||
'/v3/OS-EP-FILTER/endpoint_groups/%s' % endpoint_group['id'],
|
||||
json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_endpoint_groups(self):
|
||||
@ -184,7 +184,7 @@ class _SystemReaderAndMemberUserEndpointGroupsTests(object):
|
||||
c.delete(
|
||||
'/v3/OS-EP-FILTER/endpoint_groups/%s' % endpoint_group['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_add_endpoint_group_to_project(self):
|
||||
@ -202,7 +202,7 @@ class _SystemReaderAndMemberUserEndpointGroupsTests(object):
|
||||
c.put('/v3/OS-EP-FILTER/endpoint_groups/%s/projects/%s'
|
||||
% (endpoint_group['id'], project['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_remove_endpoint_group_from_project(self):
|
||||
@ -220,7 +220,7 @@ class _SystemReaderAndMemberUserEndpointGroupsTests(object):
|
||||
c.delete('/v3/OS-EP-FILTER/endpoint_groups/%s/projects/%s'
|
||||
% (endpoint_group['id'], project['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -235,7 +235,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
|
||||
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/OS-EP-FILTER/endpoint_groups', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_get_an_endpoint_group(self):
|
||||
endpoint_group = unit.new_endpoint_group_ref(
|
||||
@ -246,7 +246,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/OS-EP-FILTER/endpoint_groups/%s' % endpoint_group['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_list_projects_associated_with_endpoint_groups(self):
|
||||
project = PROVIDERS.resource_api.create_project(
|
||||
@ -265,7 +265,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
|
||||
c.get('/v3/OS-EP-FILTER/endpoint_groups/%s/projects'
|
||||
% endpoint_group['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_list_endpoints_associated_with_endpoint_groups(self):
|
||||
service = PROVIDERS.catalog_api.create_service(
|
||||
@ -284,7 +284,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
|
||||
c.get('/v3/OS-EP-FILTER/endpoint_groups/%s/endpoints'
|
||||
% endpoint_group['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_get_endpoints_associated_with_endpoint_groups(self):
|
||||
project = PROVIDERS.resource_api.create_project(
|
||||
@ -303,7 +303,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
|
||||
c.get('/v3/OS-EP-FILTER/endpoint_groups/%s/projects/%s'
|
||||
% (endpoint_group['id'], project['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_list_endpoint_groups_with_their_projects(self):
|
||||
project = PROVIDERS.resource_api.create_project(
|
||||
@ -322,7 +322,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
|
||||
c.get('/v3/OS-EP-FILTER/projects/%s/endpoint_groups'
|
||||
% project['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_create_endpoint_groups(self):
|
||||
create = {
|
||||
@ -338,7 +338,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
|
||||
c.post(
|
||||
'/v3/OS-EP-FILTER/endpoint_groups', json=create,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_endpoint_groups(self):
|
||||
@ -355,7 +355,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
|
||||
'/v3/OS-EP-FILTER/endpoint_groups/%s' % endpoint_group['id'],
|
||||
json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_endpoint_groups(self):
|
||||
@ -369,7 +369,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
|
||||
c.delete(
|
||||
'/v3/OS-EP-FILTER/endpoint_groups/%s' % endpoint_group['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_add_endpoint_group_to_project(self):
|
||||
@ -387,7 +387,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
|
||||
c.put('/v3/OS-EP-FILTER/endpoint_groups/%s/projects/%s'
|
||||
% (endpoint_group['id'], project['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_remove_endpoint_group_from_project(self):
|
||||
@ -405,7 +405,7 @@ class _DomainAndProjectUserEndpointGroupTests(object):
|
||||
c.delete('/v3/OS-EP-FILTER/endpoint_groups/%s/projects/%s'
|
||||
% (endpoint_group['id'], project['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
import uuid
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -74,7 +74,7 @@ class _SystemReaderAndMemberUserEndpointTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/endpoints', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_endpoints(self):
|
||||
@ -92,7 +92,7 @@ class _SystemReaderAndMemberUserEndpointTests(object):
|
||||
c.patch(
|
||||
'/v3/endpoints/%s' % endpoint['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_endpoints(self):
|
||||
@ -107,7 +107,7 @@ class _SystemReaderAndMemberUserEndpointTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/endpoints/%s' % endpoint['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -125,7 +125,7 @@ class _DomainAndProjectUserEndpointTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/endpoints', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_list_endpoints(self):
|
||||
@ -143,7 +143,7 @@ class _DomainAndProjectUserEndpointTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/endpoints', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_an_endpoint(self):
|
||||
@ -158,7 +158,7 @@ class _DomainAndProjectUserEndpointTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/endpoints/%s' % endpoint['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_endpoints(self):
|
||||
@ -176,7 +176,7 @@ class _DomainAndProjectUserEndpointTests(object):
|
||||
c.patch(
|
||||
'/v3/endpoints/%s' % endpoint['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_endpoints(self):
|
||||
@ -191,7 +191,7 @@ class _DomainAndProjectUserEndpointTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/endpoints/%s' % endpoint['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
|
@ -12,8 +12,8 @@
|
||||
|
||||
import uuid
|
||||
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common.policies import grant as gp
|
||||
from keystone.common import provider_api
|
||||
@ -141,7 +141,7 @@ class _SystemUserGrantTests(object):
|
||||
project['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_can_check_grant_for_user_on_domain(self):
|
||||
@ -164,7 +164,7 @@ class _SystemUserGrantTests(object):
|
||||
domain['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_can_check_grant_for_group_on_project(self):
|
||||
@ -191,7 +191,7 @@ class _SystemUserGrantTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_can_check_grant_for_group_on_domain(self):
|
||||
@ -214,7 +214,7 @@ class _SystemUserGrantTests(object):
|
||||
domain['id'], group['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
|
||||
@ -237,7 +237,7 @@ class _SystemMemberAndReaderGrantTests(object):
|
||||
project['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_user_on_domain(self):
|
||||
@ -255,7 +255,7 @@ class _SystemMemberAndReaderGrantTests(object):
|
||||
domain['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_group_on_project(self):
|
||||
@ -277,7 +277,7 @@ class _SystemMemberAndReaderGrantTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_group_on_domain(self):
|
||||
@ -295,7 +295,7 @@ class _SystemMemberAndReaderGrantTests(object):
|
||||
domain['id'], group['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_user_on_project(self):
|
||||
@ -320,7 +320,7 @@ class _SystemMemberAndReaderGrantTests(object):
|
||||
project['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_user_on_domain(self):
|
||||
@ -343,7 +343,7 @@ class _SystemMemberAndReaderGrantTests(object):
|
||||
domain['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_group_on_project(self):
|
||||
@ -370,7 +370,7 @@ class _SystemMemberAndReaderGrantTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_group_on_domain(self):
|
||||
@ -393,7 +393,7 @@ class _SystemMemberAndReaderGrantTests(object):
|
||||
domain['id'], group['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -499,7 +499,7 @@ class _DomainUserTests(object):
|
||||
project['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_can_check_grant_for_user_on_domain(self):
|
||||
@ -519,7 +519,7 @@ class _DomainUserTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_can_check_grant_for_group_on_project(self):
|
||||
@ -544,7 +544,7 @@ class _DomainUserTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_can_check_grant_for_group_on_domain(self):
|
||||
@ -564,7 +564,7 @@ class _DomainUserTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_cannot_list_grants_for_user_other_domain_on_project_own_domain(self): # noqa: E501
|
||||
@ -588,7 +588,7 @@ class _DomainUserTests(object):
|
||||
c.get(
|
||||
'/v3/projects/%s/users/%s/roles' % (project['id'], user['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_list_grants_for_user_own_domain_on_project_other_domain(self): # noqa: E501
|
||||
@ -613,7 +613,7 @@ class _DomainUserTests(object):
|
||||
c.get(
|
||||
'/v3/projects/%s/users/%s/roles' % (project['id'], user['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_list_grants_for_user_own_domain_on_other_domain(self):
|
||||
@ -633,7 +633,7 @@ class _DomainUserTests(object):
|
||||
c.get(
|
||||
'/v3/domains/%s/users/%s/roles' % (domain_id, user['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_list_grants_for_user_other_domain_on_own_domain(self):
|
||||
@ -653,7 +653,7 @@ class _DomainUserTests(object):
|
||||
c.get(
|
||||
'/v3/domains/%s/users/%s/roles' % (domain_id, user['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_list_grants_for_group_other_domain_on_project_own_domain(self): # noqa: E501
|
||||
@ -678,7 +678,7 @@ class _DomainUserTests(object):
|
||||
'/v3/projects/%s/groups/%s/roles' % (
|
||||
project['id'], group['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_list_grants_for_group_own_domain_on_project_other_domain(self): # noqa: E501
|
||||
@ -704,7 +704,7 @@ class _DomainUserTests(object):
|
||||
'/v3/projects/%s/groups/%s/roles' % (
|
||||
project['id'], group['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_list_grants_for_group_own_domain_on_other_domain(self):
|
||||
@ -725,7 +725,7 @@ class _DomainUserTests(object):
|
||||
'/v3/domains/%s/groups/%s/roles' % (
|
||||
domain_id, group['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_list_grants_for_group_other_domain_on_own_domain(self):
|
||||
@ -746,7 +746,7 @@ class _DomainUserTests(object):
|
||||
'/v3/domains/%s/groups/%s/roles' % (
|
||||
domain_id, group['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_user_other_domain_on_project_own_domain(self): # noqa: E501
|
||||
@ -772,7 +772,7 @@ class _DomainUserTests(object):
|
||||
project['id'], user['id'],
|
||||
self.bootstrapper.reader_role_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_user_own_domain_on_project_other_domain(self): # noqa: E501
|
||||
@ -799,7 +799,7 @@ class _DomainUserTests(object):
|
||||
project['id'], user['id'],
|
||||
self.bootstrapper.reader_role_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_user_own_domain_on_project_own_domain_with_role_other_domain(self): # noqa: E501
|
||||
@ -830,7 +830,7 @@ class _DomainUserTests(object):
|
||||
project['id'], user['id'],
|
||||
role['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_user_own_domain_on_other_domain(self):
|
||||
@ -853,7 +853,7 @@ class _DomainUserTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_user_other_domain_on_own_domain(self):
|
||||
@ -876,7 +876,7 @@ class _DomainUserTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_user_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
|
||||
@ -904,7 +904,7 @@ class _DomainUserTests(object):
|
||||
role['id']
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_group_other_domain_on_project_own_domain(self): # noqa: E501
|
||||
@ -930,7 +930,7 @@ class _DomainUserTests(object):
|
||||
project['id'], group['id'],
|
||||
self.bootstrapper.reader_role_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_group_own_domain_on_project_other_domain(self): # noqa: E501
|
||||
@ -956,7 +956,7 @@ class _DomainUserTests(object):
|
||||
project['id'], group['id'],
|
||||
self.bootstrapper.reader_role_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_group_own_domain_on_project_own_domain_with_role_other_domain(self): # noqa: E501
|
||||
@ -987,7 +987,7 @@ class _DomainUserTests(object):
|
||||
project['id'], group['id'],
|
||||
role['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_group_own_domain_on_other_domain(self):
|
||||
@ -1009,7 +1009,7 @@ class _DomainUserTests(object):
|
||||
domain_id, group['id'],
|
||||
self.bootstrapper.reader_role_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_group_other_domain_on_own_domain(self):
|
||||
@ -1031,7 +1031,7 @@ class _DomainUserTests(object):
|
||||
domain_id, group['id'],
|
||||
self.bootstrapper.reader_role_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_check_grant_for_group_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
|
||||
@ -1057,7 +1057,7 @@ class _DomainUserTests(object):
|
||||
domain_id, group['id'],
|
||||
role['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_user_other_domain_on_project_own_domain(self): # noqa: E501
|
||||
@ -1080,7 +1080,7 @@ class _DomainUserTests(object):
|
||||
project['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_user_own_domain_on_project_other_domain(self): # noqa: E501
|
||||
@ -1103,7 +1103,7 @@ class _DomainUserTests(object):
|
||||
project['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_user_own_domain_on_project_own_domain_with_role_other_domain(self): # noqa: E501
|
||||
@ -1129,7 +1129,7 @@ class _DomainUserTests(object):
|
||||
project['id'], user['id'], role['id']
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_user_other_domain_on_own_domain(self):
|
||||
@ -1146,7 +1146,7 @@ class _DomainUserTests(object):
|
||||
domain_id, user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_user_own_domain_on_other_domain(self):
|
||||
@ -1163,7 +1163,7 @@ class _DomainUserTests(object):
|
||||
domain_id, user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_user_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
|
||||
@ -1184,7 +1184,7 @@ class _DomainUserTests(object):
|
||||
domain_id, user['id'], role['id']
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_group_other_domain_on_project_own_domain(self): # noqa: E501
|
||||
@ -1209,7 +1209,7 @@ class _DomainUserTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_group_own_domain_on_project_other_domain(self): # noqa: E501
|
||||
@ -1234,7 +1234,7 @@ class _DomainUserTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_group_own_domain_on_project_own_domain_with_role_other_domain(self): # noqa: E501
|
||||
@ -1263,7 +1263,7 @@ class _DomainUserTests(object):
|
||||
role['id']
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_group_other_domain_on_own_domain(self):
|
||||
@ -1280,7 +1280,7 @@ class _DomainUserTests(object):
|
||||
domain_id, group['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_group_own_domain_on_other_domain(self):
|
||||
@ -1297,7 +1297,7 @@ class _DomainUserTests(object):
|
||||
domain_id, group['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_group_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
|
||||
@ -1318,7 +1318,7 @@ class _DomainUserTests(object):
|
||||
domain_id, group['id'], role['id']
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_user_other_domain_on_project_own_domain(self): # noqa: E501
|
||||
@ -1346,7 +1346,7 @@ class _DomainUserTests(object):
|
||||
project['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_user_own_domain_on_project_other_domain(self): # noqa: E501
|
||||
@ -1374,7 +1374,7 @@ class _DomainUserTests(object):
|
||||
project['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_user_other_domain_on_own_domain(self):
|
||||
@ -1396,7 +1396,7 @@ class _DomainUserTests(object):
|
||||
domain_id, user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_user_own_domain_on_other_domain(self):
|
||||
@ -1418,7 +1418,7 @@ class _DomainUserTests(object):
|
||||
domain_id, user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_user_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
|
||||
@ -1444,7 +1444,7 @@ class _DomainUserTests(object):
|
||||
domain_id, user['id'], role['id']
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_group_other_domain_on_project_own_domain(self): # noqa: E501
|
||||
@ -1474,7 +1474,7 @@ class _DomainUserTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_group_own_domain_on_project_other_domain(self): # noqa: E501
|
||||
@ -1504,7 +1504,7 @@ class _DomainUserTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_group_other_domain_on_own_domain(self):
|
||||
@ -1526,7 +1526,7 @@ class _DomainUserTests(object):
|
||||
domain_id, group['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_group_own_domain_on_other_domain(self):
|
||||
@ -1548,7 +1548,7 @@ class _DomainUserTests(object):
|
||||
domain_id, group['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_group_own_domain_on_own_domain_with_role_other_domain(self): # noqa: E501
|
||||
@ -1575,7 +1575,7 @@ class _DomainUserTests(object):
|
||||
domain_id, group['id'], role['id']
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -1859,7 +1859,7 @@ class _DomainMemberAndReaderTests(object):
|
||||
project['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_user_on_domain(self):
|
||||
@ -1877,7 +1877,7 @@ class _DomainMemberAndReaderTests(object):
|
||||
domain['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_group_on_project(self):
|
||||
@ -1897,7 +1897,7 @@ class _DomainMemberAndReaderTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_create_grant_for_group_on_domain(self):
|
||||
@ -1915,7 +1915,7 @@ class _DomainMemberAndReaderTests(object):
|
||||
domain['id'], group['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_user_on_project(self):
|
||||
@ -1938,7 +1938,7 @@ class _DomainMemberAndReaderTests(object):
|
||||
project['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_user_on_domain(self):
|
||||
@ -1961,7 +1961,7 @@ class _DomainMemberAndReaderTests(object):
|
||||
domain['id'], user['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_group_on_project(self):
|
||||
@ -1988,7 +1988,7 @@ class _DomainMemberAndReaderTests(object):
|
||||
self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_cannot_revoke_grant_from_group_on_domain(self):
|
||||
@ -2011,7 +2011,7 @@ class _DomainMemberAndReaderTests(object):
|
||||
domain['id'], group['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -2245,5 +2245,5 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
domain['id'], group['id'], self.bootstrapper.reader_role_id
|
||||
),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
@ -12,8 +12,8 @@
|
||||
|
||||
import uuid
|
||||
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common.policies import group as gp
|
||||
from keystone.common import provider_api
|
||||
@ -113,14 +113,14 @@ class _SystemUserGroupTests(object):
|
||||
c.get(
|
||||
'/v3/groups/%s/users/%s' % (group['id'], user['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_user_cannot_get_non_existent_group_not_found(self):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/groups/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND
|
||||
expected_status_code=http.client.NOT_FOUND
|
||||
)
|
||||
|
||||
|
||||
@ -142,7 +142,7 @@ class _SystemAndDomainMemberAndReaderGroupTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/groups', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_group(self):
|
||||
@ -159,7 +159,7 @@ class _SystemAndDomainMemberAndReaderGroupTests(object):
|
||||
c.patch(
|
||||
'/v3/groups/%s' % group['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_group(self):
|
||||
@ -173,7 +173,7 @@ class _SystemAndDomainMemberAndReaderGroupTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/groups/%s' % group['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_add_users_to_group(self):
|
||||
@ -191,7 +191,7 @@ class _SystemAndDomainMemberAndReaderGroupTests(object):
|
||||
c.put(
|
||||
'/v3/groups/%s/users/%s' % (group['id'], user['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_remove_users_from_group(self):
|
||||
@ -211,7 +211,7 @@ class _SystemAndDomainMemberAndReaderGroupTests(object):
|
||||
c.delete(
|
||||
'/v3/groups/%s/users/%s' % (group['id'], user['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -442,13 +442,13 @@ class _DomainUserGroupTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/groups/%s' % group['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_get_non_existent_group_forbidden(self):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/groups/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_can_list_groups_in_domain_for_user_in_domain(self):
|
||||
@ -479,13 +479,13 @@ class _DomainUserGroupTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/users/%s/groups' % user['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_list_groups_for_non_existent_user_forbidden(self):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/users/%s/groups' % uuid.uuid4().hex,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_list_groups_in_other_domain_user_in_own_domain(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -563,13 +563,13 @@ class _DomainUserGroupTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/groups/%s/users' % group['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_list_users_in_non_existent_group_forbidden(self):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/groups/%s/users' % uuid.uuid4().hex,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_can_check_user_in_own_domain_group_in_own_domain(self):
|
||||
user = PROVIDERS.identity_api.create_user(
|
||||
@ -583,11 +583,11 @@ class _DomainUserGroupTests(object):
|
||||
c.head('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': group['id'], 'user': user['id']},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT)
|
||||
expected_status_code=http.client.NO_CONTENT)
|
||||
c.get('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': group['id'], 'user': user['id']},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT)
|
||||
expected_status_code=http.client.NO_CONTENT)
|
||||
|
||||
def test_user_cannot_check_user_in_other_domain_group_in_own_domain(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -604,11 +604,11 @@ class _DomainUserGroupTests(object):
|
||||
c.head('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': group['id'], 'user': user['id']},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
c.get('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': group['id'], 'user': user['id']},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
|
||||
class DomainReaderTests(base_classes.TestCaseWithBootstrap,
|
||||
@ -836,7 +836,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
|
||||
with self.test_client() as c:
|
||||
c.post('/v3/groups', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_can_update_group_in_own_domain(self):
|
||||
group = PROVIDERS.identity_api.create_group(
|
||||
@ -862,7 +862,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/groups/%s' % group['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_can_delete_group_in_own_domain(self):
|
||||
@ -886,7 +886,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.delete(
|
||||
'/v3/groups/%s' % group['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_can_remove_user_in_own_domain_from_group_in_own_domain(self):
|
||||
@ -917,7 +917,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.delete('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': group['id'], 'user': user['id']},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_remove_user_own_domain_from_group_other_domain(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -934,7 +934,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.delete('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': group['id'], 'user': user['id']},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_remove_non_existent_user_from_group_forbidden(self):
|
||||
group = PROVIDERS.identity_api.create_group(
|
||||
@ -944,7 +944,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.delete('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': group['id'], 'user': uuid.uuid4().hex},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_remove_user_from_non_existent_group_forbidden(self):
|
||||
user = PROVIDERS.identity_api.create_user(
|
||||
@ -954,7 +954,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.delete('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': uuid.uuid4().hex, 'user': user['id']},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_can_add_user_in_own_domain_to_group_in_own_domain(self):
|
||||
group = PROVIDERS.identity_api.create_group(
|
||||
@ -982,7 +982,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.put('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': group['id'], 'user': user['id']},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_add_user_own_domain_to_group_other_domain(self):
|
||||
domain = PROVIDERS.resource_api.create_domain(
|
||||
@ -998,7 +998,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.put('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': group['id'], 'user': user['id']},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_add_non_existent_user_to_group_forbidden(self):
|
||||
group = PROVIDERS.identity_api.create_group(
|
||||
@ -1008,7 +1008,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.put('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': group['id'], 'user': uuid.uuid4().hex},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_add_user_from_non_existent_group_forbidden(self):
|
||||
user = PROVIDERS.identity_api.create_user(
|
||||
@ -1018,7 +1018,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.put('/v3/groups/%(group)s/users/%(user)s' % {
|
||||
'group': uuid.uuid4().hex, 'user': user['id']},
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
|
||||
class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
@ -1089,7 +1089,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/users/%s/groups' % user['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_list_groups(self):
|
||||
@ -1103,7 +1103,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/groups', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_a_group(self):
|
||||
@ -1117,7 +1117,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/groups/%s' % group['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_list_group_members(self):
|
||||
@ -1136,7 +1136,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/groups/%s/users' % group['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_check_if_user_in_group(self):
|
||||
@ -1156,12 +1156,12 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
c.get(
|
||||
'/v3/groups/%s/users/%s' % (group['id'], user['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_non_existent_group_forbidden(self):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/groups/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
import uuid
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -65,7 +65,7 @@ class _SystemReaderAndMemberIdentityProviderTests(object):
|
||||
c.put(
|
||||
'/v3/OS-FEDERATION/identity_providers/%s' % uuid.uuid4().hex,
|
||||
json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_identity_providers(self):
|
||||
@ -79,7 +79,7 @@ class _SystemReaderAndMemberIdentityProviderTests(object):
|
||||
c.patch(
|
||||
'/v3/OS-FEDERATION/identity_providers/%s' % idp['id'],
|
||||
json=update, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_identity_providers(self):
|
||||
@ -91,7 +91,7 @@ class _SystemReaderAndMemberIdentityProviderTests(object):
|
||||
c.delete(
|
||||
'/v3/OS-FEDERATION/identity_providers/%s' % idp['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -105,7 +105,7 @@ class _DomainAndProjectUserIdentityProviderTests(object):
|
||||
c.put(
|
||||
'/v3/OS-FEDERATION/identity_providers/%s' % uuid.uuid4().hex,
|
||||
json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_identity_providers(self):
|
||||
@ -119,7 +119,7 @@ class _DomainAndProjectUserIdentityProviderTests(object):
|
||||
c.patch(
|
||||
'/v3/OS-FEDERATION/identity_providers/%s' % idp['id'],
|
||||
json=update, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_list_identity_providers(self):
|
||||
@ -130,7 +130,7 @@ class _DomainAndProjectUserIdentityProviderTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/OS-FEDERATION/identity_providers', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_an_identity_provider(self):
|
||||
@ -142,7 +142,7 @@ class _DomainAndProjectUserIdentityProviderTests(object):
|
||||
c.get(
|
||||
'/v3/OS-FEDERATION/identity_providers/%s' % idp['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_identity_providers(self):
|
||||
@ -154,7 +154,7 @@ class _DomainAndProjectUserIdentityProviderTests(object):
|
||||
c.delete(
|
||||
'/v3/OS-FEDERATION/identity_providers/%s' % idp['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -259,7 +259,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.put(
|
||||
'/v3/OS-FEDERATION/identity_providers/%s' % uuid.uuid4().hex,
|
||||
json=create, headers=self.headers,
|
||||
expected_status_code=http_client.CREATED
|
||||
expected_status_code=http.client.CREATED
|
||||
)
|
||||
|
||||
def test_user_can_update_identity_providers(self):
|
||||
|
@ -10,7 +10,7 @@
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -58,7 +58,7 @@ class _SystemUserImpliedRoleTests(object):
|
||||
'/v3/roles/%s/implies/%s' % (
|
||||
self.prior_role_id, self.implied_role_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT)
|
||||
expected_status_code=http.client.NO_CONTENT)
|
||||
|
||||
def test_user_can_list_role_inference_rules(self):
|
||||
PROVIDERS.role_api.create_implied_role(self.prior_role_id,
|
||||
@ -81,7 +81,7 @@ class _SystemReaderAndMemberImpliedRoleTests(object):
|
||||
'/v3/roles/%s/implies/%s' % (
|
||||
self.prior_role_id, self.implied_role_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_implied_roles(self):
|
||||
@ -93,7 +93,7 @@ class _SystemReaderAndMemberImpliedRoleTests(object):
|
||||
'/v3/roles/%s/implies/%s' % (
|
||||
self.prior_role_id, self.implied_role_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -206,7 +206,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
'/v3/roles/%s/implies/%s' % (
|
||||
self.prior_role_id, self.implied_role_id),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.CREATED
|
||||
expected_status_code=http.client.CREATED
|
||||
)
|
||||
|
||||
def test_user_can_delete_implied_roles(self):
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
import uuid
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -134,7 +134,7 @@ class _UserLimitTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/limits', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_limits(self):
|
||||
@ -146,7 +146,7 @@ class _UserLimitTests(object):
|
||||
c.patch(
|
||||
'/v3/limits/%s' % limit_id, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_limits(self):
|
||||
@ -156,7 +156,7 @@ class _UserLimitTests(object):
|
||||
c.delete(
|
||||
'/v3/limits/%s' % limit_id,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -377,7 +377,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/limits/%s' % project_limit_id, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_domain_limits_for_other_domain(self):
|
||||
@ -386,7 +386,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/limits/%s' % domain_limit_id, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_can_list_limits_within_domain(self):
|
||||
@ -439,7 +439,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/limits', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_limits_for_other_domain(self):
|
||||
@ -471,7 +471,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/limits', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_limits_for_projects_in_domain(self):
|
||||
@ -507,7 +507,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/limits', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_limits_for_projects_outside_domain(self):
|
||||
@ -544,7 +544,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/limits', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_limits_for_domain(self):
|
||||
@ -558,7 +558,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/limits/%s' % domain_limit_id, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_limits_for_other_domain(self):
|
||||
@ -570,7 +570,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/limits/%s' % domain_limit_id, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_limits_for_projects_in_domain(self):
|
||||
@ -583,7 +583,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.patch(
|
||||
'/v3/limits/%s' % project_limit_id, headers=self.headers,
|
||||
json=update, expected_status_code=http_client.FORBIDDEN
|
||||
json=update, expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_limits_for_projects_outside_domain(self):
|
||||
@ -594,7 +594,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.patch(
|
||||
'/v3/limits/%s' % project_limit_id, headers=self.headers,
|
||||
json=update, expected_status_code=http_client.FORBIDDEN
|
||||
json=update, expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_limits_for_domain(self):
|
||||
@ -605,7 +605,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/limits/%s' % domain_limit_id, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_limits_for_other_domain(self):
|
||||
@ -614,7 +614,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/limits/%s' % domain_limit_id, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_limits_for_projects_in_domain(self):
|
||||
@ -625,7 +625,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/limits/%s' % project_limit_id, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_limits_for_projects_outside_domain(self):
|
||||
@ -634,7 +634,7 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/limits/%s' % project_limit_id, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -693,7 +693,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/limits/%s' % project_limit_id, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_domain_limit(self):
|
||||
@ -702,7 +702,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/limits/%s' % domain_limit_id, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_can_list_limits(self):
|
||||
@ -775,7 +775,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/limits', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_limits(self):
|
||||
@ -787,7 +787,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/limits/%s' % limit_id, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_limits(self):
|
||||
@ -797,7 +797,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
c.delete(
|
||||
'/v3/limits/%s' % limit_id,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
import uuid
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -71,7 +71,7 @@ class _SystemReaderAndMemberUserMappingTests(object):
|
||||
c.put(
|
||||
'/v3/OS-FEDERATION/mappings/%s' % mapping_id, json=create,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_mappings(self):
|
||||
@ -93,7 +93,7 @@ class _SystemReaderAndMemberUserMappingTests(object):
|
||||
c.patch(
|
||||
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
|
||||
json=update, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_mappings(self):
|
||||
@ -106,7 +106,7 @@ class _SystemReaderAndMemberUserMappingTests(object):
|
||||
c.delete(
|
||||
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -128,7 +128,7 @@ class _DomainAndProjectUserMappingTests(object):
|
||||
c.put(
|
||||
'/v3/OS-FEDERATION/mappings/%s' % mapping_id, json=create,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_list_mappings(self):
|
||||
@ -140,7 +140,7 @@ class _DomainAndProjectUserMappingTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/OS-FEDERATION/mappings', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_a_mapping(self):
|
||||
@ -153,7 +153,7 @@ class _DomainAndProjectUserMappingTests(object):
|
||||
c.get(
|
||||
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_mappings(self):
|
||||
@ -175,7 +175,7 @@ class _DomainAndProjectUserMappingTests(object):
|
||||
c.patch(
|
||||
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
|
||||
json=update, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_mappings(self):
|
||||
@ -188,7 +188,7 @@ class _DomainAndProjectUserMappingTests(object):
|
||||
c.delete(
|
||||
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -241,7 +241,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
|
||||
c.put(
|
||||
'/v3/OS-FEDERATION/mappings/%s' % mapping_id, json=create,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_mappings(self):
|
||||
@ -263,7 +263,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
|
||||
json=update, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_mappings(self):
|
||||
@ -276,7 +276,7 @@ class SystemReaderTests(base_classes.TestCaseWithBootstrap,
|
||||
c.delete(
|
||||
'/v3/OS-FEDERATION/mappings/%s' % mapping['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -355,7 +355,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.put(
|
||||
'/v3/OS-FEDERATION/mappings/%s' % mapping_id, json=create,
|
||||
headers=self.headers, expected_status_code=http_client.CREATED
|
||||
headers=self.headers, expected_status_code=http.client.CREATED
|
||||
)
|
||||
|
||||
def test_user_can_update_mappings(self):
|
||||
|
@ -13,7 +13,7 @@
|
||||
import json
|
||||
import uuid
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -66,7 +66,7 @@ class _SystemReaderAndMemberPoliciesTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/policies', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_policy(self):
|
||||
@ -79,7 +79,7 @@ class _SystemReaderAndMemberPoliciesTests(object):
|
||||
c.patch(
|
||||
'/v3/policies/%s' % policy['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_policy(self):
|
||||
@ -89,7 +89,7 @@ class _SystemReaderAndMemberPoliciesTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/policies/%s' % policy['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -101,7 +101,7 @@ class _DomainAndProjectUserPolicyTests(object):
|
||||
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/policies', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_get_policy(self):
|
||||
policy = unit.new_policy_ref()
|
||||
@ -109,7 +109,7 @@ class _DomainAndProjectUserPolicyTests(object):
|
||||
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/policies/%s' % policy['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_create_policy(self):
|
||||
create = {
|
||||
@ -124,7 +124,7 @@ class _DomainAndProjectUserPolicyTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/policies', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_policy(self):
|
||||
@ -137,7 +137,7 @@ class _DomainAndProjectUserPolicyTests(object):
|
||||
c.patch(
|
||||
'/v3/policies/%s' % policy['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_policy(self):
|
||||
@ -147,7 +147,7 @@ class _DomainAndProjectUserPolicyTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/policies/%s' % policy['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
|
@ -12,7 +12,7 @@
|
||||
|
||||
import uuid
|
||||
|
||||
from six.moves import http_client
|
||||
import http.client
|
||||
|
||||
from keystone.common import provider_api
|
||||
import keystone.conf
|
||||
@ -47,7 +47,7 @@ class _SystemUserPoliciesAssociationTests(object):
|
||||
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
|
||||
% (policy['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT)
|
||||
expected_status_code=http.client.NO_CONTENT)
|
||||
|
||||
def test_user_can_check_policy_association_for_service(self):
|
||||
policy = unit.new_policy_ref()
|
||||
@ -64,7 +64,7 @@ class _SystemUserPoliciesAssociationTests(object):
|
||||
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
|
||||
% (policy['id'], service['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT)
|
||||
expected_status_code=http.client.NO_CONTENT)
|
||||
|
||||
def test_user_can_check_policy_association_for_region_and_service(self):
|
||||
policy = unit.new_policy_ref()
|
||||
@ -84,7 +84,7 @@ class _SystemUserPoliciesAssociationTests(object):
|
||||
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
|
||||
% (policy['id'], service['id'], region['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT)
|
||||
expected_status_code=http.client.NO_CONTENT)
|
||||
|
||||
def test_user_can_get_policy_for_endpoint(self):
|
||||
policy = unit.new_policy_ref()
|
||||
@ -143,7 +143,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
|
||||
% (policy['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_policy_association_for_endpoint(self):
|
||||
@ -162,7 +162,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
|
||||
% (policy['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_policy_association_for_service(self):
|
||||
@ -176,7 +176,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
|
||||
% (policy['id'], service['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_policy_association_for_service(self):
|
||||
@ -191,7 +191,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
|
||||
% (policy['id'], service['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_policy_assoc_for_region_and_service(self):
|
||||
@ -207,7 +207,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
|
||||
% (policy['id'], service['id'], region['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_policy_assoc_for_region_and_service(self):
|
||||
@ -223,7 +223,7 @@ class _SystemReaderAndMemberPoliciesAssociationTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
|
||||
% (policy['id'], service['id'], region['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -248,7 +248,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
|
||||
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
|
||||
% (policy['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_check_policy_association_for_service(self):
|
||||
policy = unit.new_policy_ref()
|
||||
@ -265,7 +265,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
|
||||
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
|
||||
% (policy['id'], service['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_check_policy_association_for_region_and_service(self):
|
||||
policy = unit.new_policy_ref()
|
||||
@ -285,7 +285,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
|
||||
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
|
||||
% (policy['id'], service['id'], region['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_get_policy_for_endpoint(self):
|
||||
policy = unit.new_policy_ref()
|
||||
@ -304,7 +304,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
|
||||
c.get('/v3/endpoints/%s/OS-ENDPOINT-POLICY/policy'
|
||||
% (endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_list_endpoints_for_policy(self):
|
||||
policy = unit.new_policy_ref()
|
||||
@ -322,7 +322,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints'
|
||||
% (policy['id']), headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_policy_association_for_endpoint(self):
|
||||
@ -341,7 +341,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
|
||||
% (policy['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_policy_association_for_endpoint(self):
|
||||
@ -360,7 +360,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
|
||||
% (policy['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_policy_association_for_service(self):
|
||||
@ -374,7 +374,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
|
||||
% (policy['id'], service['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_policy_association_for_service(self):
|
||||
@ -389,7 +389,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
|
||||
% (policy['id'], service['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_policy_assoc_for_region_and_service(self):
|
||||
@ -405,7 +405,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
|
||||
% (policy['id'], service['id'], region['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_policy_assoc_for_region_and_service(self):
|
||||
@ -421,7 +421,7 @@ class _DomainAndProjectUserPolicyAssociationsTests(object):
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
|
||||
% (policy['id'], service['id'], region['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -535,7 +535,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
|
||||
% (policy['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_user_can_delete_policy_association_for_endpoint(self):
|
||||
@ -554,7 +554,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/endpoints/%s'
|
||||
% (policy['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_user_can_create_policy_association_for_service(self):
|
||||
@ -568,7 +568,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
|
||||
% (policy['id'], service['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_user_can_delete_policy_association_for_service(self):
|
||||
@ -583,7 +583,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s'
|
||||
% (policy['id'], service['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_user_can_create_policy_association_for_region_and_service(self):
|
||||
@ -599,7 +599,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
|
||||
% (policy['id'], service['id'], region['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_user_can_delete_policy_association_for_region_and_service(self):
|
||||
@ -615,7 +615,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
'/v3/policies/%s/OS-ENDPOINT-POLICY/services/%s/regions/%s'
|
||||
% (policy['id'], service['id'], region['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
|
||||
|
@ -12,8 +12,8 @@
|
||||
|
||||
import uuid
|
||||
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common.policies import base as bp
|
||||
from keystone.common import provider_api
|
||||
@ -74,7 +74,7 @@ class _SystemUserProjectEndpointTests(object):
|
||||
c.get('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
|
||||
% (project['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT)
|
||||
expected_status_code=http.client.NO_CONTENT)
|
||||
|
||||
def test_user_can_list_endpoints_for_project(self):
|
||||
project = PROVIDERS.resource_api.create_project(
|
||||
@ -118,7 +118,7 @@ class _SystemReaderAndMemberProjectEndpointTests(object):
|
||||
c.put('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
|
||||
% (project['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_remove_endpoint_from_project(self):
|
||||
project = PROVIDERS.resource_api.create_project(
|
||||
@ -137,7 +137,7 @@ class _SystemReaderAndMemberProjectEndpointTests(object):
|
||||
c.delete('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
|
||||
% (project['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
|
||||
class _DomainAndProjectUserProjectEndpointTests(object):
|
||||
@ -161,7 +161,7 @@ class _DomainAndProjectUserProjectEndpointTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/OS-EP-FILTER/endpoints/%s/projects' % endpoint['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_check_endpoint_in_project(self):
|
||||
project = PROVIDERS.resource_api.create_project(
|
||||
@ -183,7 +183,7 @@ class _DomainAndProjectUserProjectEndpointTests(object):
|
||||
c.get('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
|
||||
% (project['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
def test_user_cannot_list_endpoints_for_project(self):
|
||||
project = PROVIDERS.resource_api.create_project(
|
||||
@ -204,7 +204,7 @@ class _DomainAndProjectUserProjectEndpointTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get('/v3/OS-EP-FILTER/projects/%s/endpoints' % project['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN)
|
||||
expected_status_code=http.client.FORBIDDEN)
|
||||
|
||||
|
||||
class SystemReaderTests(base_classes.TestCaseWithBootstrap,
|
||||
@ -318,7 +318,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.put('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
|
||||
% (project['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT)
|
||||
expected_status_code=http.client.NO_CONTENT)
|
||||
|
||||
def test_user_can_remove_endpoint_from_project(self):
|
||||
project = PROVIDERS.resource_api.create_project(
|
||||
@ -339,7 +339,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.delete('/v3/OS-EP-FILTER/projects/%s/endpoints/%s'
|
||||
% (project['id'], endpoint['id']),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT)
|
||||
expected_status_code=http.client.NO_CONTENT)
|
||||
|
||||
|
||||
class DomainUserTests(base_classes.TestCaseWithBootstrap,
|
||||
|
@ -12,8 +12,8 @@
|
||||
|
||||
import uuid
|
||||
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common.policies import project as pp
|
||||
from keystone.common import provider_api
|
||||
@ -75,7 +75,7 @@ class _SystemUserTests(object):
|
||||
c.get(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_user_can_list_project_tags(self):
|
||||
@ -109,7 +109,7 @@ class _SystemMemberAndReaderTagTests(object):
|
||||
c.put(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_project_tag(self):
|
||||
@ -126,7 +126,7 @@ class _SystemMemberAndReaderTagTests(object):
|
||||
with self.test_client() as c:
|
||||
c.put(
|
||||
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
|
||||
json=update, expected_status_code=http_client.FORBIDDEN
|
||||
json=update, expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_project_tag(self):
|
||||
@ -142,7 +142,7 @@ class _SystemMemberAndReaderTagTests(object):
|
||||
c.delete(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -160,7 +160,7 @@ class _DomainAndProjectUserTagTests(object):
|
||||
c.put(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_project_tag(self):
|
||||
@ -177,7 +177,7 @@ class _DomainAndProjectUserTagTests(object):
|
||||
with self.test_client() as c:
|
||||
c.put(
|
||||
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
|
||||
json=update, expected_status_code=http_client.FORBIDDEN
|
||||
json=update, expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_project_tag(self):
|
||||
@ -193,7 +193,7 @@ class _DomainAndProjectUserTagTests(object):
|
||||
c.delete(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -301,7 +301,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.put(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.CREATED
|
||||
expected_status_code=http.client.CREATED
|
||||
)
|
||||
|
||||
def test_user_can_update_project_tag(self):
|
||||
@ -319,7 +319,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.put(
|
||||
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
|
||||
json=update,
|
||||
expected_status_code=http_client.OK
|
||||
expected_status_code=http.client.OK
|
||||
)
|
||||
|
||||
def test_user_can_delete_project_tag(self):
|
||||
@ -352,7 +352,7 @@ class _DomainUserTagTests(object):
|
||||
c.get(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_user_can_list_tags_for_project_in_domain(self):
|
||||
@ -382,7 +382,7 @@ class _DomainUserTagTests(object):
|
||||
c.put(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_project_tag_outside_domain(self):
|
||||
@ -400,7 +400,7 @@ class _DomainUserTagTests(object):
|
||||
with self.test_client() as c:
|
||||
c.put(
|
||||
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
|
||||
json=update, expected_status_code=http_client.FORBIDDEN
|
||||
json=update, expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_project_tag_outside_domain(self):
|
||||
@ -416,7 +416,7 @@ class _DomainUserTagTests(object):
|
||||
c.delete(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_tag_for_project_outside_domain(self):
|
||||
@ -432,7 +432,7 @@ class _DomainUserTagTests(object):
|
||||
c.get(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_list_tags_for_project_outside_domain(self):
|
||||
@ -448,7 +448,7 @@ class _DomainUserTagTests(object):
|
||||
c.get(
|
||||
'/v3/projects/%s/tags' % project['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -465,7 +465,7 @@ class _DomainMemberAndReaderTagTests(object):
|
||||
c.put(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_project_tag_in_domain(self):
|
||||
@ -482,7 +482,7 @@ class _DomainMemberAndReaderTagTests(object):
|
||||
with self.test_client() as c:
|
||||
c.put(
|
||||
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
|
||||
json=update, expected_status_code=http_client.FORBIDDEN
|
||||
json=update, expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_project_tag_in_domain(self):
|
||||
@ -497,7 +497,7 @@ class _DomainMemberAndReaderTagTests(object):
|
||||
c.delete(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -553,7 +553,7 @@ class DomainAdminUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.put(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers, expected_status_code=http_client.CREATED
|
||||
headers=self.headers, expected_status_code=http.client.CREATED
|
||||
)
|
||||
|
||||
def test_user_can_update_project_tag_in_domain(self):
|
||||
@ -570,7 +570,7 @@ class DomainAdminUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
r = c.put(
|
||||
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
|
||||
json=update, expected_status_code=http_client.OK
|
||||
json=update, expected_status_code=http.client.OK
|
||||
)
|
||||
self.assertTrue(len(r.json['tags']) == 1)
|
||||
self.assertEqual(new_tag, r.json['tags'][0])
|
||||
@ -688,7 +688,7 @@ class _ProjectUserTagTests(object):
|
||||
c.get(
|
||||
'/v3/projects/%s/tags/%s' % (self.project_id, tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NO_CONTENT
|
||||
expected_status_code=http.client.NO_CONTENT
|
||||
)
|
||||
|
||||
def test_user_can_list_tags_for_project(self):
|
||||
@ -714,7 +714,7 @@ class _ProjectUserTagTests(object):
|
||||
c.put(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_tag_for_other_project(self):
|
||||
@ -731,7 +731,7 @@ class _ProjectUserTagTests(object):
|
||||
with self.test_client() as c:
|
||||
c.put(
|
||||
'/v3/projects/%s/tags' % project['id'], headers=self.headers,
|
||||
json=update, expected_status_code=http_client.FORBIDDEN
|
||||
json=update, expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_tag_for_other_project(self):
|
||||
@ -747,7 +747,7 @@ class _ProjectUserTagTests(object):
|
||||
c.delete(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_get_tag_for_other_project(self):
|
||||
@ -763,7 +763,7 @@ class _ProjectUserTagTests(object):
|
||||
c.get(
|
||||
'/v3/projects/%s/tags/%s' % (project['id'], tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_list_tags_for_other_project(self):
|
||||
@ -779,7 +779,7 @@ class _ProjectUserTagTests(object):
|
||||
c.get(
|
||||
'/v3/projects/%s/tags' % project['id'],
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -791,7 +791,7 @@ class _ProjectMemberAndReaderTagTests(object):
|
||||
c.put(
|
||||
'/v3/projects/%s/tags/%s' % (self.project_id, tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_project_tag(self):
|
||||
@ -803,7 +803,7 @@ class _ProjectMemberAndReaderTagTests(object):
|
||||
with self.test_client() as c:
|
||||
c.put(
|
||||
'/v3/projects/%s/tags' % self.project_id, headers=self.headers,
|
||||
json=update, expected_status_code=http_client.FORBIDDEN
|
||||
json=update, expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_project_tag(self):
|
||||
@ -814,7 +814,7 @@ class _ProjectMemberAndReaderTagTests(object):
|
||||
c.delete(
|
||||
'/v3/projects/%s/tags/%s' % (self.project_id, tag),
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -860,7 +860,7 @@ class ProjectAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.put(
|
||||
'/v3/projects/%s/tags/%s' % (self.project_id, tag),
|
||||
headers=self.headers, expected_status_code=http_client.CREATED
|
||||
headers=self.headers, expected_status_code=http.client.CREATED
|
||||
)
|
||||
|
||||
def test_user_can_update_project_tag(self):
|
||||
@ -872,7 +872,7 @@ class ProjectAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.put(
|
||||
'/v3/projects/%s/tags' % self.project_id, headers=self.headers,
|
||||
json=update, expected_status_code=http_client.OK
|
||||
json=update, expected_status_code=http.client.OK
|
||||
)
|
||||
|
||||
def test_user_can_delete_project_tag(self):
|
||||
|
@ -12,8 +12,8 @@
|
||||
|
||||
import uuid
|
||||
|
||||
import http.client
|
||||
from oslo_serialization import jsonutils
|
||||
from six.moves import http_client
|
||||
|
||||
from keystone.common.policies import project as pp
|
||||
from keystone.common import provider_api
|
||||
@ -80,7 +80,7 @@ class _SystemUserTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND
|
||||
expected_status_code=http.client.NOT_FOUND
|
||||
)
|
||||
|
||||
|
||||
@ -97,7 +97,7 @@ class _SystemMemberAndReaderProjectTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/projects', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_projects(self):
|
||||
@ -112,7 +112,7 @@ class _SystemMemberAndReaderProjectTests(object):
|
||||
c.patch(
|
||||
'/v3/projects/%s' % project['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_non_existent_project_forbidden(self):
|
||||
@ -122,7 +122,7 @@ class _SystemMemberAndReaderProjectTests(object):
|
||||
c.patch(
|
||||
'/v3/projects/%s' % uuid.uuid4().hex, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_projects(self):
|
||||
@ -134,14 +134,14 @@ class _SystemMemberAndReaderProjectTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/projects/%s' % project['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_non_existent_project_forbidden(self):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -188,7 +188,7 @@ class _DomainUsersTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/projects/%s' % project['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_can_list_projects_for_user_in_domain(self):
|
||||
@ -237,7 +237,7 @@ class _DomainUsersTests(object):
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/users/%s/projects' % user['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -250,7 +250,7 @@ class _DomainMemberAndReaderProjectTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/projects', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_projects_in_other_domains(self):
|
||||
@ -263,7 +263,7 @@ class _DomainMemberAndReaderProjectTests(object):
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/projects', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_projects_within_domain(self):
|
||||
@ -278,7 +278,7 @@ class _DomainMemberAndReaderProjectTests(object):
|
||||
c.patch(
|
||||
'/v3/projects/%s' % project['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_projects_in_other_domain(self):
|
||||
@ -293,7 +293,7 @@ class _DomainMemberAndReaderProjectTests(object):
|
||||
c.patch(
|
||||
'/v3/projects/%s' % project['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_non_existent_project_forbidden(self):
|
||||
@ -303,7 +303,7 @@ class _DomainMemberAndReaderProjectTests(object):
|
||||
c.patch(
|
||||
'/v3/projects/%s' % uuid.uuid4().hex, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_projects_within_domain(self):
|
||||
@ -315,7 +315,7 @@ class _DomainMemberAndReaderProjectTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/projects/%s' % project['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_projects_in_other_domain(self):
|
||||
@ -327,14 +327,14 @@ class _DomainMemberAndReaderProjectTests(object):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/projects/%s' % project['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_non_existent_projects_forbidden(self):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -461,7 +461,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/projects/%s' % uuid.uuid4().hex, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND
|
||||
expected_status_code=http.client.NOT_FOUND
|
||||
)
|
||||
|
||||
def test_user_can_delete_projects(self):
|
||||
@ -477,7 +477,7 @@ class SystemAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.NOT_FOUND
|
||||
expected_status_code=http.client.NOT_FOUND
|
||||
)
|
||||
|
||||
def test_user_can_list_their_projects(self):
|
||||
@ -661,7 +661,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/projects', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_can_update_projects_within_domain(self):
|
||||
@ -690,7 +690,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/projects/%s' % project['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_non_existent_project_forbidden(self):
|
||||
@ -706,7 +706,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/projects/%s' % uuid.uuid4().hex, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_can_delete_projects_within_domain(self):
|
||||
@ -727,7 +727,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/projects/%s' % project['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_non_existent_projects_forbidden(self):
|
||||
@ -740,7 +740,7 @@ class DomainAdminTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
|
||||
@ -809,7 +809,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/projects', headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_list_projects_for_others(self):
|
||||
@ -833,7 +833,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/users/%s/projects' % user['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_can_list_their_projects(self):
|
||||
@ -860,7 +860,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.get(
|
||||
'/v3/projects/%s' % project['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_create_projects(self):
|
||||
@ -873,7 +873,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.post(
|
||||
'/v3/projects', json=create, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_projects(self):
|
||||
@ -888,7 +888,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/projects/%s' % project['id'], json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_update_non_existent_project_forbidden(self):
|
||||
@ -898,7 +898,7 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
c.patch(
|
||||
'/v3/projects/%s' % uuid.uuid4().hex, json=update,
|
||||
headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_projects(self):
|
||||
@ -910,12 +910,12 @@ class ProjectUserTests(base_classes.TestCaseWithBootstrap,
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/projects/%s' % project['id'], headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
||||
def test_user_cannot_delete_non_existent_project_forbidden(self):
|
||||
with self.test_client() as c:
|
||||
c.delete(
|
||||
'/v3/projects/%s' % uuid.uuid4().hex, headers=self.headers,
|
||||
expected_status_code=http_client.FORBIDDEN
|
||||
expected_status_code=http.client.FORBIDDEN
|
||||
)
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user