Cleanup from business logic refactor

This patchset resolves a few minor nits including proper translation
of a couple strings in exceptions, order of addCleanup in
test_keystoneclient, a simple white-space change to make a line
more readable, and adding a bug reference to a comment.  All of these
changes are in response to comments on the deletion business logic
refactor that moved business logic from the controllers to the *_api
managers.

Change-Id: I2a446611a0fb91b946e986342ae5ede926b8dd44
bp: assignment-controller-first-class

keystone/assignment/core.py

@@ -297,8 +297,9 @@ class Manager(manager.Manager):
         # explicitly forbid deleting the default domain (this should be a
         # carefully orchestrated manual process involving configuration
         # changes, etc)
-        if domain_id == DEFAULT_DOMAIN['id']:
-            raise exception.ForbiddenAction(action='delete the default domain')
+        if domain_id == CONF.identity.default_domain_id:
+            raise exception.ForbiddenAction(action=_('delete the default '
+                                                     'domain'))
 
         domain = self.driver.get_domain(domain_id)
 
@@ -308,7 +309,7 @@ class Manager(manager.Manager):
         # to get a valid token to issue this delete.
         if domain['enabled']:
             raise exception.ForbiddenAction(
-                action='delete a domain that is not disabled')
+                action=_('delete a domain that is not disabled'))
 
         self._delete_domain_contents(domain_id)
         self.driver.delete_domain(domain_id)
@@ -351,7 +352,7 @@ class Manager(manager.Manager):
                                'domainid': domain_id})
 
         for group in group_refs:
-            # NOTE(morganfainberg): Cleanup any existing groups.
+            # Cleanup any existing groups.
             if group['domain_id'] == domain_id:
                 try:
                     self.identity_api.delete_group(group['id'],
@@ -414,7 +415,8 @@ class Manager(manager.Manager):
             # the controller. Now error or proper action will always come from
             # the `delete_role` method logic. Work needs to be done to make
             # the behavior between drivers consistent (capable of revoking
-            # tokens for the same circumstances).
+            # tokens for the same circumstances).  This is related to the bug
+            # https://bugs.launchpad.net/keystone/+bug/1221805
             pass
         self.driver.delete_role(role_id)
         self.get_role.invalidate(self, role_id)

keystone/identity/core.py

@@ -431,8 +431,8 @@ class Manager(manager.Manager):
         # We get the list of users before we attempt the group
         # deletion, so that we can remove these tokens after we know
         # the group deletion succeeded.
-        user_ids = [u['id']
-                    for u in self.list_users_in_group(group_id, domain_scope)]
+        user_ids = [
+            u['id'] for u in self.list_users_in_group(group_id, domain_scope)]
         self.token_api.delete_tokens_for_users(user_ids)
         driver.delete_group(group_id)
 

keystone/tests/test_keystoneclient.py

@@ -46,10 +46,10 @@ class CompatTestCase(tests.NoModule, tests.TestCase):
         # be addressed allowing for non-SQL based testing to occur.
         self.load_backends()
         self.engine = session.get_engine()
-        sql.ModelBase.metadata.create_all(bind=self.engine)
         self.addCleanup(session.cleanup)
         self.addCleanup(sql.ModelBase.metadata.drop_all,
                         bind=self.engine)
+        sql.ModelBase.metadata.create_all(bind=self.engine)
 
     def setUp(self):
         super(CompatTestCase, self).setUp()