Remove roles from OS-TRUST list responses
According to the docs, the list responses should not contain the roles, only the detailed response when you get a trust explicitly by ID. So remove the roles and modify the tests appropriately. Note it was also observed that expires_at is present in all GET resonses, but not in the docs, but this has been agreed as a docs error so will be addressed via a docs patch. Change-Id: I5387021a53f3284add9e5e71e9e005c4dd31b76c Closes-Bug: #1245590
This commit is contained in:
parent
6ce1425441
commit
ab0e2c7667
|
@ -921,7 +921,7 @@ class RestfulTestCase(rest.RestfulTestCase):
|
|||
return self.assertValidListResponse(
|
||||
resp,
|
||||
'trusts',
|
||||
self.assertValidTrust,
|
||||
self.assertValidTrustSummary,
|
||||
*args,
|
||||
**kwargs)
|
||||
|
||||
|
@ -933,7 +933,10 @@ class RestfulTestCase(rest.RestfulTestCase):
|
|||
*args,
|
||||
**kwargs)
|
||||
|
||||
def assertValidTrust(self, entity, ref=None):
|
||||
def assertValidTrustSummary(self, entity, ref=None):
|
||||
return self.assertValidTrust(entity, ref, summary=True)
|
||||
|
||||
def assertValidTrust(self, entity, ref=None, summary=False):
|
||||
self.assertIsNotNone(entity.get('trustor_user_id'))
|
||||
self.assertIsNotNone(entity.get('trustee_user_id'))
|
||||
|
||||
|
@ -941,21 +944,23 @@ class RestfulTestCase(rest.RestfulTestCase):
|
|||
if entity['expires_at'] is not None:
|
||||
self.assertValidISO8601ExtendedFormatDatetime(entity['expires_at'])
|
||||
|
||||
# always disallow project xor project_id (neither or both is allowed)
|
||||
has_roles = bool(entity.get('roles'))
|
||||
has_project = bool(entity.get('project_id'))
|
||||
self.assertFalse(has_roles ^ has_project)
|
||||
if summary:
|
||||
# Trust list contains no roles, but getting a specific
|
||||
# trust by ID provides the detailed reponse containing roles
|
||||
self.assertNotIn('roles', entity)
|
||||
self.assertIn('project_id', entity)
|
||||
else:
|
||||
for role in entity['roles']:
|
||||
self.assertIsNotNone(role)
|
||||
self.assertValidEntity(role)
|
||||
self.assertValidRole(role)
|
||||
|
||||
for role in entity['roles']:
|
||||
self.assertIsNotNone(role)
|
||||
self.assertValidEntity(role)
|
||||
self.assertValidRole(role)
|
||||
self.assertValidListLinks(entity.get('roles_links'))
|
||||
|
||||
self.assertValidListLinks(entity.get('roles_links'))
|
||||
|
||||
# these were used during dev and shouldn't land in final impl
|
||||
self.assertNotIn('role_ids', entity)
|
||||
self.assertNotIn('role_names', entity)
|
||||
# always disallow role xor project_id (neither or both is allowed)
|
||||
has_roles = bool(entity.get('roles'))
|
||||
has_project = bool(entity.get('project_id'))
|
||||
self.assertFalse(has_roles ^ has_project)
|
||||
|
||||
if ref:
|
||||
self.assertEqual(ref['trustor_user_id'], entity['trustor_user_id'])
|
||||
|
|
|
@ -2216,10 +2216,16 @@ class TestTrustAuth(TestAuthInfo):
|
|||
r = self.post('/OS-TRUST/trusts', body={'trust': ref})
|
||||
self.assertValidTrustResponse(r, ref)
|
||||
|
||||
r = self.get('/OS-TRUST/trusts', expected_status=200)
|
||||
trusts = r.result['trusts']
|
||||
self.assertEqual(len(trusts), 3)
|
||||
self.assertValidTrustListResponse(r)
|
||||
|
||||
r = self.get('/OS-TRUST/trusts?trustor_user_id=%s' %
|
||||
self.user_id, expected_status=200)
|
||||
trusts = r.result['trusts']
|
||||
self.assertEqual(len(trusts), 3)
|
||||
self.assertValidTrustListResponse(r)
|
||||
|
||||
r = self.get('/OS-TRUST/trusts?trustee_user_id=%s' %
|
||||
self.user_id, expected_status=200)
|
||||
|
|
|
@ -208,9 +208,16 @@ class TrustV3(controller.V3Controller):
|
|||
if user_id != calling_user_id:
|
||||
raise exception.Forbidden()
|
||||
trusts += self.trust_api.list_trusts_for_trustee(user_id)
|
||||
global_roles = self.assignment_api.list_roles()
|
||||
for trust in trusts:
|
||||
self._fill_in_roles(context, trust, global_roles)
|
||||
# get_trust returns roles, list_trusts does not
|
||||
# It seems in some circumstances, roles does not
|
||||
# exist in the query response, so check first
|
||||
if 'roles' in trust:
|
||||
del trust['roles']
|
||||
if trust.get('expires_at') is not None:
|
||||
trust['expires_at'] = (timeutils.isotime
|
||||
(trust['expires_at'],
|
||||
subsecond=True))
|
||||
return TrustV3.wrap_collection(context, trusts)
|
||||
|
||||
@controller.protected()
|
||||
|
|
Loading…
Reference in New Issue