Add test showing password logged
There was no test that showed that the password is logged when a user is created or admin changes user password. Change-Id: I5ffa04e9ac359355cff47a622731f1bf6a27ea7b Partial-Bug: #1465922
This commit is contained in:
parent
e0eeb1813c
commit
c2c3a0ff86
|
@ -12,8 +12,10 @@
|
||||||
# License for the specific language governing permissions and limitations
|
# License for the specific language governing permissions and limitations
|
||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
|
import logging
|
||||||
import uuid
|
import uuid
|
||||||
|
|
||||||
|
import fixtures
|
||||||
from oslo_config import cfg
|
from oslo_config import cfg
|
||||||
from testtools import matchers
|
from testtools import matchers
|
||||||
|
|
||||||
|
@ -434,6 +436,45 @@ class IdentityTestCase(test_v3.RestfulTestCase):
|
||||||
self.delete('/groups/%(group_id)s' % {
|
self.delete('/groups/%(group_id)s' % {
|
||||||
'group_id': self.group_id})
|
'group_id': self.group_id})
|
||||||
|
|
||||||
|
def test_create_user_password_not_logged(self):
|
||||||
|
# When a user is created, the password isn't logged at any level.
|
||||||
|
|
||||||
|
# FIXME(blk-u): This doesn't work as expected, see bug 1465922
|
||||||
|
|
||||||
|
log_fix = self.useFixture(fixtures.FakeLogger(level=logging.DEBUG))
|
||||||
|
|
||||||
|
ref = self.new_user_ref(domain_id=self.domain_id)
|
||||||
|
self.post(
|
||||||
|
'/users',
|
||||||
|
body={'user': ref})
|
||||||
|
|
||||||
|
# This should be assert*Not*In, see bug 1465922
|
||||||
|
self.assertIn(ref['password'], log_fix.output)
|
||||||
|
|
||||||
|
def test_update_password_not_logged(self):
|
||||||
|
# When admin modifies user password, the password isn't logged at any
|
||||||
|
# level.
|
||||||
|
|
||||||
|
# FIXME(blk-u): This doesn't work as expected, see bug 1465922
|
||||||
|
|
||||||
|
log_fix = self.useFixture(fixtures.FakeLogger(level=logging.DEBUG))
|
||||||
|
|
||||||
|
# bootstrap a user as admin
|
||||||
|
user_ref = self.new_user_ref(domain_id=self.domain['id'])
|
||||||
|
password = user_ref['password']
|
||||||
|
user_ref = self.identity_api.create_user(user_ref)
|
||||||
|
|
||||||
|
# administrative password reset
|
||||||
|
new_password = uuid.uuid4().hex
|
||||||
|
self.patch('/users/%s' % user_ref['id'],
|
||||||
|
body={'user': {'password': new_password}},
|
||||||
|
expected_status=200)
|
||||||
|
|
||||||
|
self.assertNotIn(password, log_fix.output)
|
||||||
|
|
||||||
|
# This should be assert*Not*In, see bug 1465922
|
||||||
|
self.assertIn(new_password, log_fix.output)
|
||||||
|
|
||||||
|
|
||||||
class IdentityV3toV2MethodsTestCase(tests.TestCase):
|
class IdentityV3toV2MethodsTestCase(tests.TestCase):
|
||||||
"""Test users V3 to V2 conversion methods."""
|
"""Test users V3 to V2 conversion methods."""
|
||||||
|
@ -582,3 +623,21 @@ class UserSelfServiceChangingPasswordsTestCase(test_v3.RestfulTestCase):
|
||||||
self.change_password(password=uuid.uuid4().hex,
|
self.change_password(password=uuid.uuid4().hex,
|
||||||
original_password=self.user_ref['password'],
|
original_password=self.user_ref['password'],
|
||||||
expected_status=401)
|
expected_status=401)
|
||||||
|
|
||||||
|
def test_changing_password_not_logged(self):
|
||||||
|
# When a user changes their password, the password isn't logged at any
|
||||||
|
# level.
|
||||||
|
|
||||||
|
# FIXME(blk-u): This doesn't work as expected, see bug 1465922
|
||||||
|
|
||||||
|
log_fix = self.useFixture(fixtures.FakeLogger(level=logging.DEBUG))
|
||||||
|
|
||||||
|
# change password
|
||||||
|
new_password = uuid.uuid4().hex
|
||||||
|
self.change_password(password=new_password,
|
||||||
|
original_password=self.user_ref['password'],
|
||||||
|
expected_status=204)
|
||||||
|
|
||||||
|
# These should be assert*Not*In, see bug 1465922
|
||||||
|
self.assertIn(self.user_ref['password'], log_fix.output)
|
||||||
|
self.assertIn(new_password, log_fix.output)
|
||||||
|
|
Loading…
Reference in New Issue