Use freezegun to increment the clock in test_v3_filters
In preparation for making Fernet the default token provider, we must freeze and increment the clock in certain tests. This is because Fernet does not support sub-second precision and if a Fernet token is validated in the same second that a revocation event has occured, it will be considered invalid. This commit makes it so that we freeze the clock in test_list_users_filtered_by_funny_name() and increment it by one second when we go to list users by name. This fix was originally a part of https://review.openstack.org/#/c/258650 but this is an attempt to break 258650 into smaller, more reviewable, pieces. Partial-Bug: 1561054 Change-Id: I3ea4af702e6914775156c605799992a41e8e75c5
This commit is contained in:
Lance Bragstad
@@ -13,6 +13,9 @@
|
|||||||
# License for the specific language governing permissions and limitations
|
# License for the specific language governing permissions and limitations
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
|
import datetime
|
||||||
|
|
||||||
|
import freezegun
|
||||||
from oslo_serialization import jsonutils
|
from oslo_serialization import jsonutils
|
||||||
from six.moves import range
|
from six.moves import range
|
||||||
|
|
||||||
@@ -208,16 +211,26 @@ class IdentityTestFilteredCase(filtering.FilterTests,
|
|||||||
- Ensure we can filter on it
|
- Ensure we can filter on it
|
||||||
|
|
||||||
"""
|
"""
|
||||||
self._set_policy({"identity:list_users": []})
|
# NOTE(lbragstad): Since Fernet tokens do not support sub-second
|
||||||
user = self.user1
|
# precision we must freeze the clock and ensure we increment the time
|
||||||
user['name'] = '%my%name%'
|
# by a full second after a recovation event has occured. Otherwise the
|
||||||
self.identity_api.update_user(user['id'], user)
|
# token will be considered revoked even though it is actually a valid
|
||||||
|
# token.
|
||||||
|
time = datetime.datetime.utcnow()
|
||||||
|
with freezegun.freeze_time(time) as frozen_datetime:
|
||||||
|
|
||||||
url_by_name = '/users?name=%my%name%'
|
self._set_policy({"identity:list_users": []})
|
||||||
r = self.get(url_by_name, auth=self.auth)
|
user = self.user1
|
||||||
|
user['name'] = '%my%name%'
|
||||||
|
self.identity_api.update_user(user['id'], user)
|
||||||
|
|
||||||
self.assertEqual(1, len(r.result.get('users')))
|
frozen_datetime.tick(delta=datetime.timedelta(seconds=1))
|
||||||
self.assertEqual(user['id'], r.result.get('users')[0]['id'])
|
|
||||||
|
url_by_name = '/users?name=%my%name%'
|
||||||
|
r = self.get(url_by_name, auth=self.auth)
|
||||||
|
|
||||||
|
self.assertEqual(1, len(r.result.get('users')))
|
||||||
|
self.assertEqual(user['id'], r.result.get('users')[0]['id'])
|
||||||
|
|
||||||
def test_inexact_filters(self):
|
def test_inexact_filters(self):
|
||||||
# Create 20 users
|
# Create 20 users
|
||||||
|
|||||||
@@ -7,6 +7,7 @@ pep257==0.7.0 # MIT License
|
|||||||
flake8-docstrings==0.2.1.post1 # MIT
|
flake8-docstrings==0.2.1.post1 # MIT
|
||||||
bashate>=0.2 # Apache-2.0
|
bashate>=0.2 # Apache-2.0
|
||||||
os-testr>=0.7.0 # Apache-2.0
|
os-testr>=0.7.0 # Apache-2.0
|
||||||
|
freezegun # Apache-2.0
|
||||||
|
|
||||||
# Include drivers for opportunistic testing.
|
# Include drivers for opportunistic testing.
|
||||||
oslo.db[fixtures,mysql,postgresql]>=4.1.0 # Apache-2.0
|
oslo.db[fixtures,mysql,postgresql]>=4.1.0 # Apache-2.0
|
||||||
|
|||||||
Reference in New Issue
Block a user