openstack/keystone
Code Issues Proposed changes

Fix live ldap tests

Browse Source 
Clean up clear_live_database so that all fixture data is removed. Make sure we
use the configured trees for each ldap object in tests. Ensure all live tests
pass or are skipped where appropriate.

Fixes: bug #1154277

Change-Id: I2eb4efe78e2c9d2a18bce339765b3ab5d20ac8f5
This commit is contained in:
Allan Feid 2013-03-12 15:47:45 -04:00 committed by Adam Young
parent aa6ec45fc0
commit a066b69fbe
5 changed files with 122 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
keystone/identity/backends/ldap/core.py
View File

@ -176,7 +176,9 @@ class Identity(identity.Driver):
data = tenant.copy() data = tenant.copy()
if 'id' not in data or data['id'] is None: if 'id' not in data or data['id'] is None:
data['id'] = str(uuid.uuid4().hex) data['id'] = str(uuid.uuid4().hex)
return self.project.create(tenant) if 'description' in data and data['description'] in ['', None]:
data.pop('description')
return self.project.create(data)
def update_project(self, tenant_id, tenant): def update_project(self, tenant_id, tenant):
if 'name' in tenant: if 'name' in tenant:

79
tests/_ldap_livetest.py
View File

@ -14,6 +14,9 @@
# License for the specific language governing permissions and limitations # License for the specific language governing permissions and limitations
# under the License. # under the License.
import ldap
import ldap.modlist
import nose.exc
import subprocess import subprocess
from keystone import config from keystone import config
@ -27,44 +30,70 @@ import test_backend_ldap
CONF = config.CONF CONF = config.CONF
def delete_object(name): def create_object(dn, attrs):
conn = ldap.initialize(CONF.ldap.url)
conn.simple_bind_s(CONF.ldap.user, CONF.ldap.password)
ldif = ldap.modlist.addModlist(attrs)
conn.add_s(dn, ldif)
conn.unbind_s()
class LiveLDAPIdentity(test_backend_ldap.LDAPIdentity):
def clear_database(self):
devnull = open('/dev/null', 'w') devnull = open('/dev/null', 'w')
dn = '%s,%s' % (name, CONF.ldap.suffix)
subprocess.call(['ldapdelete', subprocess.call(['ldapdelete',
'-x', '-x',
'-D', CONF.ldap.user, '-D', CONF.ldap.user,
'-H', CONF.ldap.url, '-H', CONF.ldap.url,
'-w', CONF.ldap.password, '-w', CONF.ldap.password,
dn], '-r', CONF.ldap.suffix],
stderr=devnull) stderr=devnull)
if CONF.ldap.suffix.startswith('ou='):
tree_dn_attrs = {'objectclass': 'organizationalUnit',
'ou': 'openstack'}
else:
tree_dn_attrs = {'objectclass': ['dcObject', 'organizationalUnit'],
'dc': 'openstack',
'ou': 'openstack'}
create_object(CONF.ldap.suffix, tree_dn_attrs)
create_object(CONF.ldap.user_tree_dn,
{'objectclass': 'organizationalUnit',
'ou': 'Users'})
create_object(CONF.ldap.role_tree_dn,
{'objectclass': 'organizationalUnit',
'ou': 'Roles'})
create_object(CONF.ldap.tenant_tree_dn,
{'objectclass': 'organizationalUnit',
'ou': 'Projects'})
def clear_live_database(): # NOTE(crazed): This feature is currently being added
roles = ['keystone_admin', 'fake1', 'fake2', 'useless'] create_object("ou=Groups,%s" % CONF.ldap.suffix,
groups = ['baz', 'bar', 'tenent4add', 'fake1', 'fake2'] {'objectclass': 'organizationalUnit',
users = ['foo', 'two', 'fake1', 'fake2', 'no_meta'] 'ou': 'Groups'})
for group in groups: def _set_config(self):
for role in roles:
delete_object('cn=%s,cn=%s,ou=Groups' % (role, group))
delete_object('cn=%s,ou=Groups' % group)
for user in users:
delete_object('cn=%s,ou=Users' % user)
for role in roles:
delete_object('cn=%s,ou=Roles' % role)
class LiveLDAPIdentity(test_backend_ldap.LDAPIdentity):
def setUp(self):
super(LiveLDAPIdentity, self).setUp()
self.config([test.etcdir('keystone.conf.sample'), self.config([test.etcdir('keystone.conf.sample'),
test.testsdir('test_overrides.conf'), test.testsdir('test_overrides.conf'),
test.testsdir('backend_liveldap.conf')]) test.testsdir('backend_liveldap.conf')])
clear_live_database()
self.identity_api = identity_ldap.Identity() def test_build_tree(self):
self.load_fixtures(default_fixtures) """Regression test for building the tree names
"""
#logic is different from the fake backend.
user_api = identity_ldap.UserApi(CONF)
self.assertTrue(user_api)
self.assertEquals(user_api.tree_dn, CONF.ldap.user_tree_dn)
def tearDown(self): def tearDown(self):
test.TestCase.tearDown(self) test.TestCase.tearDown(self)
def test_user_enable_attribute_mask(self):
raise nose.exc.SkipTest('Test is for Active Directory Only')
def test_configurable_allowed_project_actions(self):
raise nose.exc.SkipTest('Blocked by bug 1155234')
def test_project_crud(self):
raise nose.exc.SkipTest('Blocked by bug 1155234')

21
tests/backend_liveldap.conf
View File

@ -1,9 +1,16 @@
[ldap] [ldap]
url = ldap://localhost url = ldap://localhost
suffix = dc=younglogic,dc=com user = dc=Manager,dc=openstack,dc=org
user_tree_dn = ou=Users,dc=younglogic,dc=com password = test
role_tree_dn = ou=Roles,dc=younglogic,dc=com suffix = dc=openstack,dc=org
tenant_tree_dn = ou=Groups,dc=younglogic,dc=com role_tree_dn = ou=Roles,dc=openstack,dc=org
user = dc=Manager,dc=younglogic,dc=com tenant_tree_dn = ou=Projects,dc=openstack,dc=org
password = freeipa4all user_tree_dn = ou=Users,dc=openstack,dc=org
backend_entities = ['Tenant', 'User', 'UserRoleAssociation', 'Role'] tenant_enabled_emulation = True
user_enabled_emulation = True
user_mail_attribute = mail
use_dumb_member = True
[identity]
driver = keystone.identity.backends.ldap.Identity

22
tests/test_backend.py
View File

@ -117,7 +117,7 @@ class IdentityTests(object):
'domain_id': DEFAULT_DOMAIN_ID, 'domain_id': DEFAULT_DOMAIN_ID,
'password': 'no_meta2', 'password': 'no_meta2',
} }
self.identity_man.create_user({}, user['id'], user) self.identity_api.create_user(user['id'], user)
self.identity_api.add_user_to_project(self.tenant_baz['id'], self.identity_api.add_user_to_project(self.tenant_baz['id'],
user['id']) user['id'])
user_ref, tenant_ref, metadata_ref = self.identity_api.authenticate( user_ref, tenant_ref, metadata_ref = self.identity_api.authenticate(
@ -350,8 +350,8 @@ class IdentityTests(object):
'domain_id': DEFAULT_DOMAIN_ID, 'domain_id': DEFAULT_DOMAIN_ID,
'password': 'fakepass', 'password': 'fakepass',
'tenants': ['bar']} 'tenants': ['bar']}
self.identity_man.create_user({}, 'fake1', user1) self.identity_api.create_user('fake1', user1)
self.identity_man.create_user({}, 'fake2', user2) self.identity_api.create_user('fake2', user2)
user2['name'] = 'fake1' user2['name'] = 'fake1'
self.assertRaises(exception.Conflict, self.assertRaises(exception.Conflict,
self.identity_api.update_user, self.identity_api.update_user,
@ -364,7 +364,7 @@ class IdentityTests(object):
'domain_id': DEFAULT_DOMAIN_ID, 'domain_id': DEFAULT_DOMAIN_ID,
'password': 'fakepass', 'password': 'fakepass',
'tenants': ['bar']} 'tenants': ['bar']}
self.identity_man.create_user({}, 'fake1', user) self.identity_api.create_user('fake1', user)
user['id'] = 'fake2' user['id'] = 'fake2'
self.assertRaises(exception.ValidationError, self.assertRaises(exception.ValidationError,
self.identity_api.update_user, self.identity_api.update_user,
@ -458,7 +458,7 @@ class IdentityTests(object):
def test_update_project_id_does_nothing(self): def test_update_project_id_does_nothing(self):
tenant = {'id': 'fake1', 'name': 'fake1', tenant = {'id': 'fake1', 'name': 'fake1',
'domain_id': DEFAULT_DOMAIN_ID} 'domain_id': DEFAULT_DOMAIN_ID}
self.identity_man.create_project({}, 'fake1', tenant) self.identity_api.create_project('fake1', tenant)
tenant['id'] = 'fake2' tenant['id'] = 'fake2'
self.identity_api.update_project('fake1', tenant) self.identity_api.update_project('fake1', tenant)
tenant_ref = self.identity_api.get_project('fake1') tenant_ref = self.identity_api.get_project('fake1')
@ -1389,7 +1389,7 @@ class IdentityTests(object):
'name': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'domain_id': DEFAULT_DOMAIN_ID, 'domain_id': DEFAULT_DOMAIN_ID,
'password': uuid.uuid4().hex} 'password': uuid.uuid4().hex}
self.identity_man.create_user({}, user['id'], user) self.identity_api.create_user(user['id'], user)
self.identity_api.add_user_to_project(self.tenant_bar['id'], self.identity_api.add_user_to_project(self.tenant_bar['id'],
user['id']) user['id'])
self.identity_api.delete_user(user['id']) self.identity_api.delete_user(user['id'])
@ -1402,7 +1402,7 @@ class IdentityTests(object):
'name': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'domain_id': DEFAULT_DOMAIN_ID, 'domain_id': DEFAULT_DOMAIN_ID,
'password': uuid.uuid4().hex} 'password': uuid.uuid4().hex}
self.identity_man.create_user({}, user['id'], user) self.identity_api.create_user(user['id'], user)
self.identity_api.add_role_to_user_and_project( self.identity_api.add_role_to_user_and_project(
user['id'], user['id'],
self.tenant_bar['id'], self.tenant_bar['id'],
@ -1606,7 +1606,7 @@ class IdentityTests(object):
def test_delete_project_with_role_assignments(self): def test_delete_project_with_role_assignments(self):
tenant = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex, tenant = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'domain_id': DEFAULT_DOMAIN_ID} 'domain_id': DEFAULT_DOMAIN_ID}
self.identity_man.create_project({}, tenant['id'], tenant) self.identity_api.create_project(tenant['id'], tenant)
self.identity_api.add_role_to_user_and_project( self.identity_api.add_role_to_user_and_project(
self.user_foo['id'], tenant['id'], 'member') self.user_foo['id'], tenant['id'], 'member')
self.identity_api.delete_project(tenant['id']) self.identity_api.delete_project(tenant['id'])
@ -1647,7 +1647,7 @@ class IdentityTests(object):
def test_update_user_enable(self): def test_update_user_enable(self):
user = {'id': 'fake1', 'name': 'fake1', 'enabled': True, user = {'id': 'fake1', 'name': 'fake1', 'enabled': True,
'domain_id': DEFAULT_DOMAIN_ID} 'domain_id': DEFAULT_DOMAIN_ID}
self.identity_man.create_user({}, 'fake1', user) self.identity_api.create_user('fake1', user)
user_ref = self.identity_api.get_user('fake1') user_ref = self.identity_api.get_user('fake1')
self.assertEqual(user_ref['enabled'], True) self.assertEqual(user_ref['enabled'], True)
@ -1664,7 +1664,7 @@ class IdentityTests(object):
def test_update_project_enable(self): def test_update_project_enable(self):
tenant = {'id': 'fake1', 'name': 'fake1', 'enabled': True, tenant = {'id': 'fake1', 'name': 'fake1', 'enabled': True,
'domain_id': DEFAULT_DOMAIN_ID} 'domain_id': DEFAULT_DOMAIN_ID}
self.identity_man.create_project({}, 'fake1', tenant) self.identity_api.create_project('fake1', tenant)
tenant_ref = self.identity_api.get_project('fake1') tenant_ref = self.identity_api.get_project('fake1')
self.assertEqual(tenant_ref['enabled'], True) self.assertEqual(tenant_ref['enabled'], True)
@ -1914,7 +1914,7 @@ class IdentityTests(object):
def test_user_crud(self): def test_user_crud(self):
user = {'domain_id': uuid.uuid4().hex, 'id': uuid.uuid4().hex, user = {'domain_id': uuid.uuid4().hex, 'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex, 'password': 'passw0rd'} 'name': uuid.uuid4().hex, 'password': 'passw0rd'}
self.identity_man.create_user({}, user['id'], user) self.identity_api.create_user(user['id'], user)
user_ref = self.identity_api.get_user(user['id']) user_ref = self.identity_api.get_user(user['id'])
del user['password'] del user['password']
user_ref_dict = dict((x, user_ref[x]) for x in user_ref) user_ref_dict = dict((x, user_ref[x]) for x in user_ref)

57
tests/test_backend_ldap.py
View File

@ -32,18 +32,21 @@ import test_backend
CONF = config.CONF CONF = config.CONF
def clear_database(): class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
def clear_database(self):
db = fakeldap.FakeShelve().get_instance() db = fakeldap.FakeShelve().get_instance()
db.clear() db.clear()
def _set_config(self):
class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
def setUp(self):
super(LDAPIdentity, self).setUp()
self.config([test.etcdir('keystone.conf.sample'), self.config([test.etcdir('keystone.conf.sample'),
test.testsdir('test_overrides.conf'), test.testsdir('test_overrides.conf'),
test.testsdir('backend_ldap.conf')]) test.testsdir('backend_ldap.conf')])
clear_database()
def setUp(self):
super(LDAPIdentity, self).setUp()
self._set_config()
self.clear_database()
self.identity_man = identity.Manager() self.identity_man = identity.Manager()
self.identity_api = self.identity_man.driver self.identity_api = self.identity_man.driver
self.load_fixtures(default_fixtures) self.load_fixtures(default_fixtures)
@ -62,7 +65,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
'name': 'fake1', 'name': 'fake1',
'password': 'fakepass1', 'password': 'fakepass1',
'tenants': ['bar']} 'tenants': ['bar']}
self.identity_man.create_user({}, 'fake1', user) self.identity_api.create_user('fake1', user)
user_ref = self.identity_api.get_user('fake1') user_ref = self.identity_api.get_user('fake1')
self.assertEqual(user_ref['id'], 'fake1') self.assertEqual(user_ref['id'], 'fake1')
@ -103,7 +106,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
self.identity_api = identity.backends.ldap.Identity() self.identity_api = identity.backends.ldap.Identity()
tenant = {'id': 'fake1', 'name': 'fake1', 'enabled': True} tenant = {'id': 'fake1', 'name': 'fake1', 'enabled': True}
self.identity_man.create_project({}, 'fake1', tenant) self.identity_api.create_project('fake1', tenant)
tenant_ref = self.identity_api.get_project('fake1') tenant_ref = self.identity_api.get_project('fake1')
self.assertEqual(tenant_ref['id'], 'fake1') self.assertEqual(tenant_ref['id'], 'fake1')
@ -208,7 +211,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
def test_dumb_member(self): def test_dumb_member(self):
CONF.ldap.use_dumb_member = True CONF.ldap.use_dumb_member = True
CONF.ldap.dumb_member = 'cn=dumb,cn=example,cn=com' CONF.ldap.dumb_member = 'cn=dumb,cn=example,cn=com'
clear_database() self.clear_database()
self.identity_api = identity.backends.ldap.Identity() self.identity_api = identity.backends.ldap.Identity()
self.load_fixtures(default_fixtures) self.load_fixtures(default_fixtures)
self.assertRaises(exception.UserNotFound, self.assertRaises(exception.UserNotFound,
@ -217,35 +220,32 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
def test_user_attribute_mapping(self): def test_user_attribute_mapping(self):
CONF.ldap.user_name_attribute = 'sn' CONF.ldap.user_name_attribute = 'sn'
CONF.ldap.user_mail_attribute = 'email' CONF.ldap.user_mail_attribute = 'mail'
CONF.ldap.user_enabled_attribute = 'enabled' CONF.ldap.user_enabled_attribute = 'enabled'
clear_database() self.clear_database()
self.identity_api = identity.backends.ldap.Identity() self.identity_api = identity.backends.ldap.Identity()
self.load_fixtures(default_fixtures) self.load_fixtures(default_fixtures)
user_ref = self.identity_api.get_user(self.user_two['id']) user_ref = self.identity_api.get_user(self.user_two['id'])
self.assertEqual(user_ref['id'], self.user_two['id']) self.assertEqual(user_ref['id'], self.user_two['id'])
self.assertEqual(user_ref['name'], self.user_two['name']) self.assertEqual(user_ref['name'], self.user_two['name'])
self.assertEqual(user_ref['email'], self.user_two['email']) self.assertEqual(user_ref['email'], self.user_two['email'])
self.assertEqual(user_ref['enabled'], self.user_two['enabled'])
CONF.ldap.user_name_attribute = 'email' CONF.ldap.user_name_attribute = 'mail'
CONF.ldap.user_mail_attribute = 'sn' CONF.ldap.user_mail_attribute = 'sn'
self.identity_api = identity.backends.ldap.Identity() self.identity_api = identity.backends.ldap.Identity()
user_ref = self.identity_api.get_user(self.user_two['id']) user_ref = self.identity_api.get_user(self.user_two['id'])
self.assertEqual(user_ref['id'], self.user_two['id']) self.assertEqual(user_ref['id'], self.user_two['id'])
self.assertEqual(user_ref['name'], self.user_two['email']) self.assertEqual(user_ref['name'], self.user_two['email'])
self.assertEqual(user_ref['email'], self.user_two['name']) self.assertEqual(user_ref['email'], self.user_two['name'])
self.assertEqual(user_ref['enabled'], self.user_two['enabled'])
def test_user_attribute_ignore(self): def test_user_attribute_ignore(self):
CONF.ldap.user_attribute_ignore = ['name', 'email', 'password', CONF.ldap.user_attribute_ignore = ['email', 'password',
'tenant_id', 'enabled', 'tenants'] 'tenant_id', 'enabled', 'tenants']
clear_database() self.clear_database()
self.identity_api = identity.backends.ldap.Identity() self.identity_api = identity.backends.ldap.Identity()
self.load_fixtures(default_fixtures) self.load_fixtures(default_fixtures)
user_ref = self.identity_api.get_user(self.user_two['id']) user_ref = self.identity_api.get_user(self.user_two['id'])
self.assertEqual(user_ref['id'], self.user_two['id']) self.assertEqual(user_ref['id'], self.user_two['id'])
self.assertNotIn('name', user_ref)
self.assertNotIn('email', user_ref) self.assertNotIn('email', user_ref)
self.assertNotIn('password', user_ref) self.assertNotIn('password', user_ref)
self.assertNotIn('tenant_id', user_ref) self.assertNotIn('tenant_id', user_ref)
@ -254,9 +254,9 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
def test_project_attribute_mapping(self): def test_project_attribute_mapping(self):
CONF.ldap.tenant_name_attribute = 'ou' CONF.ldap.tenant_name_attribute = 'ou'
CONF.ldap.tenant_desc_attribute = 'desc' CONF.ldap.tenant_desc_attribute = 'description'
CONF.ldap.tenant_enabled_attribute = 'enabled' CONF.ldap.tenant_enabled_attribute = 'enabled'
clear_database() self.clear_database()
self.identity_api = identity.backends.ldap.Identity() self.identity_api = identity.backends.ldap.Identity()
self.load_fixtures(default_fixtures) self.load_fixtures(default_fixtures)
tenant_ref = self.identity_api.get_project(self.tenant_baz['id']) tenant_ref = self.identity_api.get_project(self.tenant_baz['id'])
@ -267,7 +267,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
self.tenant_baz['description']) self.tenant_baz['description'])
self.assertEqual(tenant_ref['enabled'], self.tenant_baz['enabled']) self.assertEqual(tenant_ref['enabled'], self.tenant_baz['enabled'])
CONF.ldap.tenant_name_attribute = 'desc' CONF.ldap.tenant_name_attribute = 'description'
CONF.ldap.tenant_desc_attribute = 'ou' CONF.ldap.tenant_desc_attribute = 'ou'
self.identity_api = identity.backends.ldap.Identity() self.identity_api = identity.backends.ldap.Identity()
tenant_ref = self.identity_api.get_project(self.tenant_baz['id']) tenant_ref = self.identity_api.get_project(self.tenant_baz['id'])
@ -280,7 +280,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
CONF.ldap.tenant_attribute_ignore = ['name', CONF.ldap.tenant_attribute_ignore = ['name',
'description', 'description',
'enabled'] 'enabled']
clear_database() self.clear_database()
self.identity_api = identity.backends.ldap.Identity() self.identity_api = identity.backends.ldap.Identity()
self.load_fixtures(default_fixtures) self.load_fixtures(default_fixtures)
tenant_ref = self.identity_api.get_project(self.tenant_baz['id']) tenant_ref = self.identity_api.get_project(self.tenant_baz['id'])
@ -291,7 +291,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
def test_role_attribute_mapping(self): def test_role_attribute_mapping(self):
CONF.ldap.role_name_attribute = 'ou' CONF.ldap.role_name_attribute = 'ou'
clear_database() self.clear_database()
self.identity_api = identity.backends.ldap.Identity() self.identity_api = identity.backends.ldap.Identity()
self.load_fixtures(default_fixtures) self.load_fixtures(default_fixtures)
role_ref = self.identity_api.get_role(self.role_member['id']) role_ref = self.identity_api.get_role(self.role_member['id'])
@ -306,7 +306,7 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
def test_role_attribute_ignore(self): def test_role_attribute_ignore(self):
CONF.ldap.role_attribute_ignore = ['name'] CONF.ldap.role_attribute_ignore = ['name']
clear_database() self.clear_database()
self.identity_api = identity.backends.ldap.Identity() self.identity_api = identity.backends.ldap.Identity()
self.load_fixtures(default_fixtures) self.load_fixtures(default_fixtures)
role_ref = self.identity_api.get_role(self.role_member['id']) role_ref = self.identity_api.get_role(self.role_member['id'])
@ -317,10 +317,10 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
CONF.ldap.user_enabled_attribute = 'enabled' CONF.ldap.user_enabled_attribute = 'enabled'
CONF.ldap.user_enabled_mask = 2 CONF.ldap.user_enabled_mask = 2
CONF.ldap.user_enabled_default = 512 CONF.ldap.user_enabled_default = 512
clear_database() self.clear_database()
self.identity_api = identity.backends.ldap.Identity() self.identity_api = identity.backends.ldap.Identity()
user = {'id': 'fake1', 'name': 'fake1', 'enabled': True} user = {'id': 'fake1', 'name': 'fake1', 'enabled': True}
self.identity_man.create_user({}, 'fake1', user) self.identity_api.create_user('fake1', user)
user_ref = self.identity_api.get_user('fake1') user_ref = self.identity_api.get_user('fake1')
self.assertEqual(user_ref['enabled'], True) self.assertEqual(user_ref['enabled'], True)
@ -426,6 +426,11 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
} }
self.identity_api.create_project(project['id'], project) self.identity_api.create_project(project['id'], project)
project_ref = self.identity_api.get_project(project['id']) project_ref = self.identity_api.get_project(project['id'])
# NOTE(crazed): If running live test with emulation, there will be
# an enabled key in the project_ref.
if self.identity_api.project.enabled_emulation:
project['enabled'] = True
self.assertDictEqual(project_ref, project) self.assertDictEqual(project_ref, project)
project['description'] = uuid.uuid4().hex project['description'] = uuid.uuid4().hex
@ -513,7 +518,7 @@ class LDAPIdentityEnabledEmulation(LDAPIdentity):
test.testsdir('backend_ldap.conf')]) test.testsdir('backend_ldap.conf')])
CONF.ldap.user_enabled_emulation = True CONF.ldap.user_enabled_emulation = True
CONF.ldap.tenant_enabled_emulation = True CONF.ldap.tenant_enabled_emulation = True
clear_database() self.clear_database()
self.identity_man = identity.Manager() self.identity_man = identity.Manager()
self.identity_api = self.identity_man.driver self.identity_api = self.identity_man.driver
self.load_fixtures(default_fixtures) self.load_fixtures(default_fixtures)