Simplify federated_domain_name processing
federated_domain_name has a default so it's always going to be set to something. There's no need for the code to be complicated by checking if it's not set. Change-Id: Iba152bfc55b976e1bcb4aad97866e6110c297aa3
This commit is contained in:
parent
53237b5d9b
commit
8a2486883f
|
@ -515,9 +515,7 @@ FILE_OPTIONS = {
|
|||
'an admin will not be able to create a domain with '
|
||||
'this name or update an existing domain to this '
|
||||
'name. You are not advised to change this value '
|
||||
'unless you really have to. Changing this option '
|
||||
'to empty string or None will not have any impact and '
|
||||
'default name will be used.'),
|
||||
'unless you really have to.'),
|
||||
cfg.MultiStrOpt('trusted_dashboard', default=[],
|
||||
help='A list of trusted dashboard hosts. Before '
|
||||
'accepting a Single Sign-On request to return a '
|
||||
|
|
|
@ -12,5 +12,4 @@
|
|||
|
||||
FEDERATION = 'OS-FEDERATION'
|
||||
IDENTITY_PROVIDER = 'OS-FEDERATION:identity_provider'
|
||||
FEDERATED_DOMAIN_KEYWORD = 'Federated'
|
||||
PROTOCOL = 'OS-FEDERATION:protocol'
|
||||
|
|
|
@ -21,7 +21,6 @@ from oslo_log import log
|
|||
from oslo_utils import timeutils
|
||||
import six
|
||||
|
||||
from keystone.contrib.federation import constants as federation_constants
|
||||
from keystone import exception
|
||||
from keystone.i18n import _, _LW
|
||||
|
||||
|
@ -528,8 +527,7 @@ class RuleProcessor(object):
|
|||
|
||||
if user_type == UserType.EPHEMERAL:
|
||||
user['domain'] = {
|
||||
'id': (CONF.federation.federated_domain_name or
|
||||
federation_constants.FEDERATED_DOMAIN_KEYWORD)
|
||||
'id': CONF.federation.federated_domain_name
|
||||
}
|
||||
|
||||
# initialize the group_ids as a set to eliminate duplicates
|
||||
|
|
|
@ -23,7 +23,6 @@ from keystone.common import clean
|
|||
from keystone.common import dependency
|
||||
from keystone.common import driver_hints
|
||||
from keystone.common import manager
|
||||
from keystone.contrib.federation import constants as federation_constants
|
||||
from keystone import exception
|
||||
from keystone.i18n import _, _LE, _LW
|
||||
from keystone import notifications
|
||||
|
@ -139,15 +138,13 @@ class Manager(manager.Manager):
|
|||
"""
|
||||
# NOTE(marek-denis): We cannot create this attribute in the __init__ as
|
||||
# config values are always initialized to default value.
|
||||
federated_domain = (
|
||||
CONF.federation.federated_domain_name or
|
||||
federation_constants.FEDERATED_DOMAIN_KEYWORD).lower()
|
||||
federated_domain = CONF.federation.federated_domain_name.lower()
|
||||
if (domain.get('name') and domain['name'].lower() == federated_domain):
|
||||
raise AssertionError(_('Domain cannot be named %s')
|
||||
% federated_domain)
|
||||
% domain['name'])
|
||||
if (domain_id.lower() == federated_domain):
|
||||
raise AssertionError(_('Domain cannot have ID %s')
|
||||
% federated_domain)
|
||||
% domain_id)
|
||||
|
||||
def assert_project_enabled(self, project_id, project=None):
|
||||
"""Assert the project is enabled and its associated domain is enabled.
|
||||
|
|
|
@ -467,40 +467,6 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
|
|||
self.resource_api.update_domain,
|
||||
domain['id'], domain)
|
||||
|
||||
def test_set_federated_domain_when_config_empty(self):
|
||||
"""Make sure we are operable even if config value is not properly
|
||||
set.
|
||||
|
||||
This includes operations like create, update, delete.
|
||||
|
||||
"""
|
||||
federated_name = 'Federated'
|
||||
self.config_fixture.config(group='federation',
|
||||
federated_domain_name='')
|
||||
domain = self.new_domain_ref()
|
||||
domain['id'] = federated_name
|
||||
self.assertRaises(AssertionError,
|
||||
self.resource_api.create_domain,
|
||||
domain['id'], domain)
|
||||
self.assertRaises(exception.DomainNotFound,
|
||||
self.resource_api.delete_domain,
|
||||
domain['id'])
|
||||
self.assertRaises(AssertionError,
|
||||
self.resource_api.update_domain,
|
||||
domain['id'], domain)
|
||||
|
||||
# swap id with name
|
||||
domain['id'], domain['name'] = domain['name'], domain['id']
|
||||
self.assertRaises(AssertionError,
|
||||
self.resource_api.create_domain,
|
||||
domain['id'], domain)
|
||||
self.assertRaises(exception.DomainNotFound,
|
||||
self.resource_api.delete_domain,
|
||||
domain['id'])
|
||||
self.assertRaises(AssertionError,
|
||||
self.resource_api.update_domain,
|
||||
domain['id'], domain)
|
||||
|
||||
# Project CRUD tests
|
||||
|
||||
def test_list_projects(self):
|
||||
|
|
|
@ -33,7 +33,6 @@ if not xmldsig:
|
|||
|
||||
from keystone.auth import controllers as auth_controllers
|
||||
from keystone.auth.plugins import mapped
|
||||
from keystone.contrib.federation import constants as federation_constants
|
||||
from keystone.contrib.federation import controllers as federation_controllers
|
||||
from keystone.contrib.federation import idp as keystone_idp
|
||||
from keystone.contrib.federation import utils as mapping_utils
|
||||
|
@ -1470,7 +1469,7 @@ class MappingRuleEngineTests(FederationTests):
|
|||
self.assertIn('domain', user)
|
||||
domain = user['domain']
|
||||
domain_name_or_id = domain.get('id') or domain.get('name')
|
||||
domain_ref = domain_id or federation_constants.FEDERATED_DOMAIN_KEYWORD
|
||||
domain_ref = domain_id or 'Federated'
|
||||
self.assertEqual(domain_ref, domain_name_or_id)
|
||||
|
||||
def test_rule_engine_any_one_of_and_direct_mapping(self):
|
||||
|
|
|
@ -579,11 +579,6 @@ class BaseProvider(provider.Provider):
|
|||
return token_id, token_data
|
||||
|
||||
def _handle_mapped_tokens(self, auth_context, project_id, domain_id):
|
||||
def get_federated_domain():
|
||||
return (CONF.federation.federated_domain_name or
|
||||
federation_constants.FEDERATED_DOMAIN_KEYWORD)
|
||||
|
||||
federated_domain = get_federated_domain()
|
||||
user_id = auth_context['user_id']
|
||||
group_ids = auth_context['group_ids']
|
||||
idp = auth_context[federation_constants.IDENTITY_PROVIDER]
|
||||
|
@ -598,8 +593,8 @@ class BaseProvider(provider.Provider):
|
|||
'protocol': {'id': protocol}
|
||||
},
|
||||
'domain': {
|
||||
'id': federated_domain,
|
||||
'name': federated_domain
|
||||
'id': CONF.federation.federated_domain_name,
|
||||
'name': CONF.federation.federated_domain_name
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue