Remove roles from OS-TRUST list responses

According to the docs, the list responses should not contain
the roles, only the detailed response when you get a trust
explicitly by ID.  So remove the roles and modify the tests
appropriately.

Note it was also observed that expires_at is present in all
GET resonses, but not in the docs, but this has been agreed
as a docs error so will be addressed via a docs patch.

Change-Id: I5387021a53f3284add9e5e71e9e005c4dd31b76c
Closes-Bug: #1245590
This commit is contained in:
Steven Hardy 2013-12-05 17:37:49 +00:00
parent 6ce1425441
commit ab0e2c7667
3 changed files with 35 additions and 17 deletions

View File

@ -921,7 +921,7 @@ class RestfulTestCase(rest.RestfulTestCase):
return self.assertValidListResponse(
resp,
'trusts',
self.assertValidTrust,
self.assertValidTrustSummary,
*args,
**kwargs)
@ -933,7 +933,10 @@ class RestfulTestCase(rest.RestfulTestCase):
*args,
**kwargs)
def assertValidTrust(self, entity, ref=None):
def assertValidTrustSummary(self, entity, ref=None):
return self.assertValidTrust(entity, ref, summary=True)
def assertValidTrust(self, entity, ref=None, summary=False):
self.assertIsNotNone(entity.get('trustor_user_id'))
self.assertIsNotNone(entity.get('trustee_user_id'))
@ -941,21 +944,23 @@ class RestfulTestCase(rest.RestfulTestCase):
if entity['expires_at'] is not None:
self.assertValidISO8601ExtendedFormatDatetime(entity['expires_at'])
# always disallow project xor project_id (neither or both is allowed)
has_roles = bool(entity.get('roles'))
has_project = bool(entity.get('project_id'))
self.assertFalse(has_roles ^ has_project)
if summary:
# Trust list contains no roles, but getting a specific
# trust by ID provides the detailed reponse containing roles
self.assertNotIn('roles', entity)
self.assertIn('project_id', entity)
else:
for role in entity['roles']:
self.assertIsNotNone(role)
self.assertValidEntity(role)
self.assertValidRole(role)
for role in entity['roles']:
self.assertIsNotNone(role)
self.assertValidEntity(role)
self.assertValidRole(role)
self.assertValidListLinks(entity.get('roles_links'))
self.assertValidListLinks(entity.get('roles_links'))
# these were used during dev and shouldn't land in final impl
self.assertNotIn('role_ids', entity)
self.assertNotIn('role_names', entity)
# always disallow role xor project_id (neither or both is allowed)
has_roles = bool(entity.get('roles'))
has_project = bool(entity.get('project_id'))
self.assertFalse(has_roles ^ has_project)
if ref:
self.assertEqual(ref['trustor_user_id'], entity['trustor_user_id'])

View File

@ -2216,10 +2216,16 @@ class TestTrustAuth(TestAuthInfo):
r = self.post('/OS-TRUST/trusts', body={'trust': ref})
self.assertValidTrustResponse(r, ref)
r = self.get('/OS-TRUST/trusts', expected_status=200)
trusts = r.result['trusts']
self.assertEqual(len(trusts), 3)
self.assertValidTrustListResponse(r)
r = self.get('/OS-TRUST/trusts?trustor_user_id=%s' %
self.user_id, expected_status=200)
trusts = r.result['trusts']
self.assertEqual(len(trusts), 3)
self.assertValidTrustListResponse(r)
r = self.get('/OS-TRUST/trusts?trustee_user_id=%s' %
self.user_id, expected_status=200)

View File

@ -208,9 +208,16 @@ class TrustV3(controller.V3Controller):
if user_id != calling_user_id:
raise exception.Forbidden()
trusts += self.trust_api.list_trusts_for_trustee(user_id)
global_roles = self.assignment_api.list_roles()
for trust in trusts:
self._fill_in_roles(context, trust, global_roles)
# get_trust returns roles, list_trusts does not
# It seems in some circumstances, roles does not
# exist in the query response, so check first
if 'roles' in trust:
del trust['roles']
if trust.get('expires_at') is not None:
trust['expires_at'] = (timeutils.isotime
(trust['expires_at'],
subsecond=True))
return TrustV3.wrap_collection(context, trusts)
@controller.protected()