Split trust backend tests
Where to put a new test ? Is this behavior covered yet ? These and other questions require understanding the test coverage to be answered. test_backend.py is a huge test file, making it hard to understand what cases are currently covered for each backend. This chain of changes proposes to split it by the backends it covers; the tests will be placed into 'unit/{backend}/test_backends.py'. This change splits the tests for the trust backend. Change-Id: I88b9d3976ab1e35e32a493f07c8f5be1ece7f531
This commit is contained in:
parent
2a7db0e316
commit
6f7a9113b6
|
@ -13,12 +13,10 @@
|
|||
# under the License.
|
||||
|
||||
import copy
|
||||
import datetime
|
||||
import uuid
|
||||
|
||||
import mock
|
||||
from oslo_config import cfg
|
||||
from oslo_utils import timeutils
|
||||
from six.moves import range
|
||||
from testtools import matchers
|
||||
|
||||
|
@ -992,159 +990,6 @@ class IdentityTests(object):
|
|||
self.assertDictEqual(updated_user_ref, user_ref)
|
||||
|
||||
|
||||
class TrustTests(object):
|
||||
def create_sample_trust(self, new_id, remaining_uses=None):
|
||||
self.trustor = self.user_foo
|
||||
self.trustee = self.user_two
|
||||
expires_at = datetime.datetime.utcnow().replace(year=2032)
|
||||
trust_data = (self.trust_api.create_trust
|
||||
(new_id,
|
||||
{'trustor_user_id': self.trustor['id'],
|
||||
'trustee_user_id': self.user_two['id'],
|
||||
'project_id': self.tenant_bar['id'],
|
||||
'expires_at': expires_at,
|
||||
'impersonation': True,
|
||||
'remaining_uses': remaining_uses},
|
||||
roles=[{"id": "member"},
|
||||
{"id": "other"},
|
||||
{"id": "browser"}]))
|
||||
return trust_data
|
||||
|
||||
def test_delete_trust(self):
|
||||
new_id = uuid.uuid4().hex
|
||||
trust_data = self.create_sample_trust(new_id)
|
||||
trust_id = trust_data['id']
|
||||
self.assertIsNotNone(trust_data)
|
||||
trust_data = self.trust_api.get_trust(trust_id)
|
||||
self.assertEqual(new_id, trust_data['id'])
|
||||
self.trust_api.delete_trust(trust_id)
|
||||
self.assertRaises(exception.TrustNotFound,
|
||||
self.trust_api.get_trust,
|
||||
trust_id)
|
||||
|
||||
def test_delete_trust_not_found(self):
|
||||
trust_id = uuid.uuid4().hex
|
||||
self.assertRaises(exception.TrustNotFound,
|
||||
self.trust_api.delete_trust,
|
||||
trust_id)
|
||||
|
||||
def test_get_trust(self):
|
||||
new_id = uuid.uuid4().hex
|
||||
trust_data = self.create_sample_trust(new_id)
|
||||
trust_id = trust_data['id']
|
||||
self.assertIsNotNone(trust_data)
|
||||
trust_data = self.trust_api.get_trust(trust_id)
|
||||
self.assertEqual(new_id, trust_data['id'])
|
||||
self.trust_api.delete_trust(trust_data['id'])
|
||||
|
||||
def test_get_deleted_trust(self):
|
||||
new_id = uuid.uuid4().hex
|
||||
trust_data = self.create_sample_trust(new_id)
|
||||
self.assertIsNotNone(trust_data)
|
||||
self.assertIsNone(trust_data['deleted_at'])
|
||||
self.trust_api.delete_trust(new_id)
|
||||
self.assertRaises(exception.TrustNotFound,
|
||||
self.trust_api.get_trust,
|
||||
new_id)
|
||||
deleted_trust = self.trust_api.get_trust(trust_data['id'],
|
||||
deleted=True)
|
||||
self.assertEqual(trust_data['id'], deleted_trust['id'])
|
||||
self.assertIsNotNone(deleted_trust.get('deleted_at'))
|
||||
|
||||
def test_create_trust(self):
|
||||
new_id = uuid.uuid4().hex
|
||||
trust_data = self.create_sample_trust(new_id)
|
||||
|
||||
self.assertEqual(new_id, trust_data['id'])
|
||||
self.assertEqual(self.trustee['id'], trust_data['trustee_user_id'])
|
||||
self.assertEqual(self.trustor['id'], trust_data['trustor_user_id'])
|
||||
self.assertTrue(timeutils.normalize_time(trust_data['expires_at']) >
|
||||
timeutils.utcnow())
|
||||
|
||||
self.assertEqual([{'id': 'member'},
|
||||
{'id': 'other'},
|
||||
{'id': 'browser'}], trust_data['roles'])
|
||||
|
||||
def test_list_trust_by_trustee(self):
|
||||
for i in range(3):
|
||||
self.create_sample_trust(uuid.uuid4().hex)
|
||||
trusts = self.trust_api.list_trusts_for_trustee(self.trustee['id'])
|
||||
self.assertEqual(3, len(trusts))
|
||||
self.assertEqual(trusts[0]["trustee_user_id"], self.trustee['id'])
|
||||
trusts = self.trust_api.list_trusts_for_trustee(self.trustor['id'])
|
||||
self.assertEqual(0, len(trusts))
|
||||
|
||||
def test_list_trust_by_trustor(self):
|
||||
for i in range(3):
|
||||
self.create_sample_trust(uuid.uuid4().hex)
|
||||
trusts = self.trust_api.list_trusts_for_trustor(self.trustor['id'])
|
||||
self.assertEqual(3, len(trusts))
|
||||
self.assertEqual(trusts[0]["trustor_user_id"], self.trustor['id'])
|
||||
trusts = self.trust_api.list_trusts_for_trustor(self.trustee['id'])
|
||||
self.assertEqual(0, len(trusts))
|
||||
|
||||
def test_list_trusts(self):
|
||||
for i in range(3):
|
||||
self.create_sample_trust(uuid.uuid4().hex)
|
||||
trusts = self.trust_api.list_trusts()
|
||||
self.assertEqual(3, len(trusts))
|
||||
|
||||
def test_trust_has_remaining_uses_positive(self):
|
||||
# create a trust with limited uses, check that we have uses left
|
||||
trust_data = self.create_sample_trust(uuid.uuid4().hex,
|
||||
remaining_uses=5)
|
||||
self.assertEqual(5, trust_data['remaining_uses'])
|
||||
# create a trust with unlimited uses, check that we have uses left
|
||||
trust_data = self.create_sample_trust(uuid.uuid4().hex)
|
||||
self.assertIsNone(trust_data['remaining_uses'])
|
||||
|
||||
def test_trust_has_remaining_uses_negative(self):
|
||||
# try to create a trust with no remaining uses, check that it fails
|
||||
self.assertRaises(exception.ValidationError,
|
||||
self.create_sample_trust,
|
||||
uuid.uuid4().hex,
|
||||
remaining_uses=0)
|
||||
# try to create a trust with negative remaining uses,
|
||||
# check that it fails
|
||||
self.assertRaises(exception.ValidationError,
|
||||
self.create_sample_trust,
|
||||
uuid.uuid4().hex,
|
||||
remaining_uses=-12)
|
||||
|
||||
def test_consume_use(self):
|
||||
# consume a trust repeatedly until it has no uses anymore
|
||||
trust_data = self.create_sample_trust(uuid.uuid4().hex,
|
||||
remaining_uses=2)
|
||||
self.trust_api.consume_use(trust_data['id'])
|
||||
t = self.trust_api.get_trust(trust_data['id'])
|
||||
self.assertEqual(1, t['remaining_uses'])
|
||||
self.trust_api.consume_use(trust_data['id'])
|
||||
# This was the last use, the trust isn't available anymore
|
||||
self.assertRaises(exception.TrustNotFound,
|
||||
self.trust_api.get_trust,
|
||||
trust_data['id'])
|
||||
|
||||
def test_duplicate_trusts_not_allowed(self):
|
||||
self.trustor = self.user_foo
|
||||
self.trustee = self.user_two
|
||||
trust_data = {'trustor_user_id': self.trustor['id'],
|
||||
'trustee_user_id': self.user_two['id'],
|
||||
'project_id': self.tenant_bar['id'],
|
||||
'expires_at': timeutils.parse_isotime(
|
||||
'2032-02-18T18:10:00Z'),
|
||||
'impersonation': True,
|
||||
'remaining_uses': None}
|
||||
roles = [{"id": "member"},
|
||||
{"id": "other"},
|
||||
{"id": "browser"}]
|
||||
self.trust_api.create_trust(uuid.uuid4().hex, trust_data, roles)
|
||||
self.assertRaises(exception.Conflict,
|
||||
self.trust_api.create_trust,
|
||||
uuid.uuid4().hex,
|
||||
trust_data,
|
||||
roles)
|
||||
|
||||
|
||||
class CatalogTests(object):
|
||||
|
||||
_legacy_endpoint_id_in_endpoint = True
|
||||
|
|
|
@ -37,6 +37,7 @@ from keystone.tests.unit.ksfixtures import database
|
|||
from keystone.tests.unit.resource import test_backends as resource_tests
|
||||
from keystone.tests.unit import test_backend
|
||||
from keystone.tests.unit.token import test_backends as token_tests
|
||||
from keystone.tests.unit.trust import test_backends as trust_tests
|
||||
from keystone.token.persistence.backends import sql as token_sql
|
||||
|
||||
|
||||
|
@ -617,7 +618,7 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests,
|
|||
_exercise_project_api(resource.NULL_DOMAIN_ID)
|
||||
|
||||
|
||||
class SqlTrust(SqlTests, test_backend.TrustTests):
|
||||
class SqlTrust(SqlTests, trust_tests.TrustTests):
|
||||
pass
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,172 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import datetime
|
||||
import uuid
|
||||
|
||||
from oslo_utils import timeutils
|
||||
from six.moves import range
|
||||
|
||||
from keystone import exception
|
||||
|
||||
|
||||
class TrustTests(object):
|
||||
def create_sample_trust(self, new_id, remaining_uses=None):
|
||||
self.trustor = self.user_foo
|
||||
self.trustee = self.user_two
|
||||
expires_at = datetime.datetime.utcnow().replace(year=2032)
|
||||
trust_data = (self.trust_api.create_trust
|
||||
(new_id,
|
||||
{'trustor_user_id': self.trustor['id'],
|
||||
'trustee_user_id': self.user_two['id'],
|
||||
'project_id': self.tenant_bar['id'],
|
||||
'expires_at': expires_at,
|
||||
'impersonation': True,
|
||||
'remaining_uses': remaining_uses},
|
||||
roles=[{"id": "member"},
|
||||
{"id": "other"},
|
||||
{"id": "browser"}]))
|
||||
return trust_data
|
||||
|
||||
def test_delete_trust(self):
|
||||
new_id = uuid.uuid4().hex
|
||||
trust_data = self.create_sample_trust(new_id)
|
||||
trust_id = trust_data['id']
|
||||
self.assertIsNotNone(trust_data)
|
||||
trust_data = self.trust_api.get_trust(trust_id)
|
||||
self.assertEqual(new_id, trust_data['id'])
|
||||
self.trust_api.delete_trust(trust_id)
|
||||
self.assertRaises(exception.TrustNotFound,
|
||||
self.trust_api.get_trust,
|
||||
trust_id)
|
||||
|
||||
def test_delete_trust_not_found(self):
|
||||
trust_id = uuid.uuid4().hex
|
||||
self.assertRaises(exception.TrustNotFound,
|
||||
self.trust_api.delete_trust,
|
||||
trust_id)
|
||||
|
||||
def test_get_trust(self):
|
||||
new_id = uuid.uuid4().hex
|
||||
trust_data = self.create_sample_trust(new_id)
|
||||
trust_id = trust_data['id']
|
||||
self.assertIsNotNone(trust_data)
|
||||
trust_data = self.trust_api.get_trust(trust_id)
|
||||
self.assertEqual(new_id, trust_data['id'])
|
||||
self.trust_api.delete_trust(trust_data['id'])
|
||||
|
||||
def test_get_deleted_trust(self):
|
||||
new_id = uuid.uuid4().hex
|
||||
trust_data = self.create_sample_trust(new_id)
|
||||
self.assertIsNotNone(trust_data)
|
||||
self.assertIsNone(trust_data['deleted_at'])
|
||||
self.trust_api.delete_trust(new_id)
|
||||
self.assertRaises(exception.TrustNotFound,
|
||||
self.trust_api.get_trust,
|
||||
new_id)
|
||||
deleted_trust = self.trust_api.get_trust(trust_data['id'],
|
||||
deleted=True)
|
||||
self.assertEqual(trust_data['id'], deleted_trust['id'])
|
||||
self.assertIsNotNone(deleted_trust.get('deleted_at'))
|
||||
|
||||
def test_create_trust(self):
|
||||
new_id = uuid.uuid4().hex
|
||||
trust_data = self.create_sample_trust(new_id)
|
||||
|
||||
self.assertEqual(new_id, trust_data['id'])
|
||||
self.assertEqual(self.trustee['id'], trust_data['trustee_user_id'])
|
||||
self.assertEqual(self.trustor['id'], trust_data['trustor_user_id'])
|
||||
self.assertTrue(timeutils.normalize_time(trust_data['expires_at']) >
|
||||
timeutils.utcnow())
|
||||
|
||||
self.assertEqual([{'id': 'member'},
|
||||
{'id': 'other'},
|
||||
{'id': 'browser'}], trust_data['roles'])
|
||||
|
||||
def test_list_trust_by_trustee(self):
|
||||
for i in range(3):
|
||||
self.create_sample_trust(uuid.uuid4().hex)
|
||||
trusts = self.trust_api.list_trusts_for_trustee(self.trustee['id'])
|
||||
self.assertEqual(3, len(trusts))
|
||||
self.assertEqual(trusts[0]["trustee_user_id"], self.trustee['id'])
|
||||
trusts = self.trust_api.list_trusts_for_trustee(self.trustor['id'])
|
||||
self.assertEqual(0, len(trusts))
|
||||
|
||||
def test_list_trust_by_trustor(self):
|
||||
for i in range(3):
|
||||
self.create_sample_trust(uuid.uuid4().hex)
|
||||
trusts = self.trust_api.list_trusts_for_trustor(self.trustor['id'])
|
||||
self.assertEqual(3, len(trusts))
|
||||
self.assertEqual(trusts[0]["trustor_user_id"], self.trustor['id'])
|
||||
trusts = self.trust_api.list_trusts_for_trustor(self.trustee['id'])
|
||||
self.assertEqual(0, len(trusts))
|
||||
|
||||
def test_list_trusts(self):
|
||||
for i in range(3):
|
||||
self.create_sample_trust(uuid.uuid4().hex)
|
||||
trusts = self.trust_api.list_trusts()
|
||||
self.assertEqual(3, len(trusts))
|
||||
|
||||
def test_trust_has_remaining_uses_positive(self):
|
||||
# create a trust with limited uses, check that we have uses left
|
||||
trust_data = self.create_sample_trust(uuid.uuid4().hex,
|
||||
remaining_uses=5)
|
||||
self.assertEqual(5, trust_data['remaining_uses'])
|
||||
# create a trust with unlimited uses, check that we have uses left
|
||||
trust_data = self.create_sample_trust(uuid.uuid4().hex)
|
||||
self.assertIsNone(trust_data['remaining_uses'])
|
||||
|
||||
def test_trust_has_remaining_uses_negative(self):
|
||||
# try to create a trust with no remaining uses, check that it fails
|
||||
self.assertRaises(exception.ValidationError,
|
||||
self.create_sample_trust,
|
||||
uuid.uuid4().hex,
|
||||
remaining_uses=0)
|
||||
# try to create a trust with negative remaining uses,
|
||||
# check that it fails
|
||||
self.assertRaises(exception.ValidationError,
|
||||
self.create_sample_trust,
|
||||
uuid.uuid4().hex,
|
||||
remaining_uses=-12)
|
||||
|
||||
def test_consume_use(self):
|
||||
# consume a trust repeatedly until it has no uses anymore
|
||||
trust_data = self.create_sample_trust(uuid.uuid4().hex,
|
||||
remaining_uses=2)
|
||||
self.trust_api.consume_use(trust_data['id'])
|
||||
t = self.trust_api.get_trust(trust_data['id'])
|
||||
self.assertEqual(1, t['remaining_uses'])
|
||||
self.trust_api.consume_use(trust_data['id'])
|
||||
# This was the last use, the trust isn't available anymore
|
||||
self.assertRaises(exception.TrustNotFound,
|
||||
self.trust_api.get_trust,
|
||||
trust_data['id'])
|
||||
|
||||
def test_duplicate_trusts_not_allowed(self):
|
||||
self.trustor = self.user_foo
|
||||
self.trustee = self.user_two
|
||||
trust_data = {'trustor_user_id': self.trustor['id'],
|
||||
'trustee_user_id': self.user_two['id'],
|
||||
'project_id': self.tenant_bar['id'],
|
||||
'expires_at': timeutils.parse_isotime(
|
||||
'2032-02-18T18:10:00Z'),
|
||||
'impersonation': True,
|
||||
'remaining_uses': None}
|
||||
roles = [{"id": "member"},
|
||||
{"id": "other"},
|
||||
{"id": "browser"}]
|
||||
self.trust_api.create_trust(uuid.uuid4().hex, trust_data, roles)
|
||||
self.assertRaises(exception.Conflict,
|
||||
self.trust_api.create_trust,
|
||||
uuid.uuid4().hex,
|
||||
trust_data,
|
||||
roles)
|
Loading…
Reference in New Issue