Browse Source

Merge "Add tests for project users for policy association"

changes/61/681161/1
Zuul 1 week ago
parent
commit
913eab8651
1 changed files with 68 additions and 0 deletions
  1. 68
    0
      keystone/tests/unit/protection/v3/test_policy_association.py

+ 68
- 0
keystone/tests/unit/protection/v3/test_policy_association.py View File

@@ -651,3 +651,71 @@ class DomainUserTests(base_classes.TestCaseWithBootstrap,
651 651
             r = c.post('/v3/auth/tokens', json=auth)
652 652
             self.token_id = r.headers['X-Subject-Token']
653 653
             self.headers = {'X-Auth-Token': self.token_id}
654
+
655
+
656
+class ProjectUserTests(base_classes.TestCaseWithBootstrap,
657
+                       common_auth.AuthTestMixin,
658
+                       _DomainAndProjectUserPolicyAssociationsTests):
659
+
660
+    def setUp(self):
661
+        super(ProjectUserTests, self).setUp()
662
+        self.loadapp()
663
+        self.useFixture(ksfixtures.Policy(self.config_fixture))
664
+        self.config_fixture.config(group='oslo_policy', enforce_scope=True)
665
+
666
+        self.user_id = self.bootstrapper.admin_user_id
667
+        auth = self.build_authentication_request(
668
+            user_id=self.user_id,
669
+            password=self.bootstrapper.admin_password,
670
+            project_id=self.bootstrapper.project_id
671
+        )
672
+
673
+        # Grab a token using the persona we're testing and prepare headers
674
+        # for requests we'll be making in the tests.
675
+        with self.test_client() as c:
676
+            r = c.post('/v3/auth/tokens', json=auth)
677
+            self.token_id = r.headers['X-Subject-Token']
678
+            self.headers = {'X-Auth-Token': self.token_id}
679
+
680
+
681
+class ProjectUserTestsWithoutEnforceScope(
682
+        base_classes.TestCaseWithBootstrap,
683
+        common_auth.AuthTestMixin,
684
+        _DomainAndProjectUserPolicyAssociationsTests):
685
+
686
+    def setUp(self):
687
+        super(ProjectUserTestsWithoutEnforceScope, self).setUp()
688
+        self.loadapp()
689
+        self.useFixture(ksfixtures.Policy(self.config_fixture))
690
+
691
+        # Explicityly set enforce_scope to False to make sure we maintain
692
+        # backwards compatibility with project users.
693
+        self.config_fixture.config(group='oslo_policy', enforce_scope=False)
694
+
695
+        domain = PROVIDERS.resource_api.create_domain(
696
+            uuid.uuid4().hex, unit.new_domain_ref()
697
+        )
698
+        user = unit.new_user_ref(domain_id=domain['id'])
699
+        self.user_id = PROVIDERS.identity_api.create_user(user)['id']
700
+
701
+        self.project_id = PROVIDERS.resource_api.create_project(
702
+            uuid.uuid4().hex, unit.new_project_ref(domain_id=domain['id'])
703
+        )['id']
704
+
705
+        PROVIDERS.assignment_api.create_grant(
706
+            self.bootstrapper.member_role_id, user_id=self.user_id,
707
+            project_id=self.project_id
708
+        )
709
+
710
+        auth = self.build_authentication_request(
711
+            user_id=self.user_id,
712
+            password=user['password'],
713
+            project_id=self.project_id
714
+        )
715
+
716
+        # Grab a token using the persona we're testing and prepare headers
717
+        # for requests we'll be making in the tests.
718
+        with self.test_client() as c:
719
+            r = c.post('/v3/auth/tokens', json=auth)
720
+            self.token_id = r.headers['X-Subject-Token']
721
+            self.headers = {'X-Auth-Token': self.token_id}

Loading…
Cancel
Save