openstack/keystone
Code Issues Proposed changes

Merge "Reduce total number of fixtures"

Browse Source
This commit is contained in:
Jenkins 2012-11-14 21:14:21 +00:00 committed by Gerrit Code Review
commit dd382c07e7
5 changed files with 116 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
keystone/test.py
View File

@ -216,11 +216,6 @@ class TestCase(NoModule, unittest.TestCase):
"""
# TODO(termie): doing something from json, probably based on Django's
# loaddata will be much preferred.
if hasattr(self, 'catalog_api'):
for service in fixtures.SERVICES:
rv = self.catalog_api.create_service(service['id'], service)
setattr(self, 'service_%s' % service['id'], rv)
if hasattr(self, 'identity_api'):
for tenant in fixtures.TENANTS:
rv = self.identity_api.create_tenant(tenant['id'], tenant)

85
tests/default_fixtures.py
View File

@ -14,61 +14,54 @@
# License for the specific language governing permissions and limitations
# under the License.
# NOTE(dolph): please try to avoid additional fixtures if possible; test suite
# performance may be negatively affected.
TENANTS = [
{'id': 'bar', 'name': 'BAR'},
{'id': 'baz', 'name': 'BAZ'},
{'id': 'tenent4add', 'name': 'tenant4add'},
{'id': 'attr',
'name': 'attr_name',
'description': 'description',
'enabled': True},
{
'id': 'bar',
'name': 'BAR',
}, {
'id': 'baz',
'name': 'BAZ',
'description': 'description',
'enabled': True,
}
]
# NOTE(ja): a role of keystone_admin and attribute "is_admin" is done in setUp
USERS = [
{'id': 'foo', 'name': 'FOO', 'password': 'foo2', 'tenants': ['bar']},
{'id': 'two', 'name': 'TWO', 'password': 'two2', 'tenants': ['baz']},
{'id': 'no_meta',
'name': 'NO_META',
'password': 'no_meta2',
'tenants': ['baz']},
{'id': 'attr',
'name': 'attr',
'email': 'attr@example.com',
'enabled': True,
'tenant_id': 'baz',
'password': 'attr_passwd',
'tenants': ['baz']},
{
'id': 'foo',
'name': 'FOO',
'password': 'foo2',
'tenants': ['bar']
}, {
'id': 'two',
'name': 'TWO',
'password': 'two2',
'email': 'attr@example.com',
'enabled': True,
'tenant_id': 'baz',
'password': 'attr_passwd',
'tenants': ['baz'],
}
]
METADATA = [
{'user_id': 'foo', 'tenant_id': 'bar', 'extra': 'extra'},
{'user_id': 'two', 'tenant_id': 'baz', 'extra': 'extra'},
{
'user_id': 'foo',
'tenant_id': 'bar',
'extra': 'extra',
}
]
ROLES = [
{'id': 'keystone_admin', 'name': 'Keystone Admin'},
{'id': 'useless', 'name': 'Useless'},
{'id': 'attr', 'name': 'attr'},
]
SERVICES = [
{
'id': 'COMPUTE_ID',
'type': 'compute',
'name': 'Nova',
'description': 'OpenStack Compute service'
},
{
'id': 'IDENTITY_ID',
'type': 'identity',
'name': 'Keystone',
'description': 'OpenStack Identity service'
},
{
'id': 'IMAGE_ID',
'type': 'image',
'name': 'Glance',
'description': 'OpenStack Image service'
},
{
'id': 'keystone_admin',
'name': 'Keystone Admin',
}, {
'id': 'member',
'name': 'Member',
}
]

45
tests/test_backend.py
View File

@ -82,11 +82,16 @@ class IdentityTests(object):
self.assertIn('keystone_admin', metadata_ref['roles'])
def test_authenticate_no_metadata(self):
user = self.user_no_meta
tenant = self.tenant_baz
user = {
'id': 'no_meta',
'name': 'NO_META',
'password': 'no_meta2',
}
self.identity_api.create_user(user['id'], user)
self.identity_api.add_user_to_tenant(self.tenant_baz['id'], user['id'])
user_ref, tenant_ref, metadata_ref = self.identity_api.authenticate(
user_id=user['id'],
tenant_id=tenant['id'],
tenant_id=self.tenant_baz['id'],
password=user['password'])
# NOTE(termie): the password field is left in user_foo to make
# it easier to authenticate in tests, but should
@ -94,7 +99,7 @@ class IdentityTests(object):
user.pop('password')
self.assertEquals(metadata_ref, {})
self.assertDictEqual(user_ref, user)
self.assertDictEqual(tenant_ref, tenant)
self.assertDictEqual(tenant_ref, self.tenant_baz)
def test_password_hashed(self):
user_ref = self.identity_api._get_user(self.user_foo['id'])
@ -327,14 +332,14 @@ class IdentityTests(object):
roles_ref = self.identity_api.get_roles_for_user_and_tenant(
self.user_foo['id'], self.tenant_bar['id'])
self.assertIn('keystone_admin', roles_ref)
self.assertNotIn('useless', roles_ref)
self.assertNotIn('member', roles_ref)
self.identity_api.add_role_to_user_and_tenant(
self.user_foo['id'], self.tenant_bar['id'], 'useless')
self.user_foo['id'], self.tenant_bar['id'], 'member')
roles_ref = self.identity_api.get_roles_for_user_and_tenant(
self.user_foo['id'], self.tenant_bar['id'])
self.assertIn('keystone_admin', roles_ref)
self.assertIn('useless', roles_ref)
self.assertIn('member', roles_ref)
def test_get_roles_for_user_and_tenant_404(self):
self.assertRaises(exception.UserNotFound,
@ -368,17 +373,17 @@ class IdentityTests(object):
def test_remove_role_from_user_and_tenant(self):
self.identity_api.add_role_to_user_and_tenant(
self.user_foo['id'], self.tenant_bar['id'], 'useless')
self.user_foo['id'], self.tenant_bar['id'], 'member')
self.identity_api.remove_role_from_user_and_tenant(
self.user_foo['id'], self.tenant_bar['id'], 'useless')
self.user_foo['id'], self.tenant_bar['id'], 'member')
roles_ref = self.identity_api.get_roles_for_user_and_tenant(
self.user_foo['id'], self.tenant_bar['id'])
self.assertNotIn('useless', roles_ref)
self.assertNotIn('member', roles_ref)
self.assertRaises(exception.NotFound,
self.identity_api.remove_role_from_user_and_tenant,
self.user_foo['id'],
self.tenant_bar['id'],
'useless')
'member')
def test_role_crud(self):
role = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
@ -630,7 +635,7 @@ class IdentityTests(object):
tenant = {'id': 'fake1', 'name': 'fake1'}
self.identity_api.create_tenant('fake1', tenant)
self.identity_api.add_role_to_user_and_tenant(
self.user_foo['id'], tenant['id'], 'useless')
self.user_foo['id'], tenant['id'], 'member')
self.identity_api.delete_tenant(tenant['id'])
self.assertRaises(exception.NotFound,
self.identity_api.get_tenant,
@ -843,18 +848,24 @@ class CommonHelperTests(test.TestCase):
class CatalogTests(object):
def test_service_crud(self):
# create
service_id = uuid.uuid4().hex
new_service = {
'id': uuid.uuid4().hex,
'id': service_id,
'type': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'description': uuid.uuid4().hex,
}
res = self.catalog_api.create_service(
new_service['id'],
service_id,
new_service.copy())
self.assertDictEqual(res, new_service)
service_id = new_service['id']
# list
services = self.catalog_api.list_services()
self.assertIn(service_id, services)
# delete
self.catalog_api.delete_service(service_id)
self.assertRaises(exception.ServiceNotFound,
self.catalog_man.delete_service, {}, service_id)
@ -892,7 +903,3 @@ class CatalogTests(object):
self.assertRaises(exception.EndpointNotFound,
self.catalog_api.delete_endpoint,
uuid.uuid4().hex)
def test_service_list(self):
services = self.catalog_api.list_services()
self.assertEqual(3, len(services))

83
tests/test_backend_ldap.py
View File

@ -187,21 +187,21 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
CONF.ldap.role_allow_delete = False
self.identity_api = identity_ldap.Identity()
role = {'id': 'fake1', 'name': 'fake1'}
role = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex}
self.assertRaises(exception.ForbiddenAction,
self.identity_api.create_role,
'fake1',
role['id'],
role)
self.role_useless['name'] = 'useful'
self.role_member['name'] = uuid.uuid4().hex
self.assertRaises(exception.ForbiddenAction,
self.identity_api.update_role,
self.role_useless['id'],
self.role_useless)
self.role_member['id'],
self.role_member)
self.assertRaises(exception.ForbiddenAction,
self.identity_api.delete_role,
self.role_useless['id'])
self.role_member['id'])
def test_user_filter(self):
self.config([test.etcdir('keystone.conf.sample'),
@ -234,14 +234,14 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
self.config([test.etcdir('keystone.conf.sample'),
test.testsdir('test_overrides.conf'),
test.testsdir('backend_ldap.conf')])
role_ref = self.identity_api.get_role(self.role_useless['id'])
self.assertDictEqual(role_ref, self.role_useless)
role_ref = self.identity_api.get_role(self.role_member['id'])
self.assertDictEqual(role_ref, self.role_member)
CONF.ldap.role_filter = '(CN=DOES_NOT_MATCH)'
self.identity_api = identity_ldap.Identity()
self.assertRaises(exception.RoleNotFound,
self.identity_api.get_role,
self.role_useless['id'])
self.role_member['id'])
def test_dumb_member(self):
self.config([test.etcdir('keystone.conf.sample'),
@ -266,20 +266,20 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
clear_database()
self.identity_api = identity_ldap.Identity()
self.load_fixtures(default_fixtures)
user_ref = self.identity_api.get_user(self.user_attr['id'])
self.assertEqual(user_ref['id'], self.user_attr['id'])
self.assertEqual(user_ref['name'], self.user_attr['name'])
self.assertEqual(user_ref['email'], self.user_attr['email'])
self.assertEqual(user_ref['enabled'], self.user_attr['enabled'])
user_ref = self.identity_api.get_user(self.user_two['id'])
self.assertEqual(user_ref['id'], self.user_two['id'])
self.assertEqual(user_ref['name'], self.user_two['name'])
self.assertEqual(user_ref['email'], self.user_two['email'])
self.assertEqual(user_ref['enabled'], self.user_two['enabled'])
CONF.ldap.user_name_attribute = 'email'
CONF.ldap.user_mail_attribute = 'sn'
self.identity_api = identity_ldap.Identity()
user_ref = self.identity_api.get_user(self.user_attr['id'])
self.assertEqual(user_ref['id'], self.user_attr['id'])
self.assertEqual(user_ref['name'], self.user_attr['email'])
self.assertEqual(user_ref['email'], self.user_attr['name'])
self.assertEqual(user_ref['enabled'], self.user_attr['enabled'])
user_ref = self.identity_api.get_user(self.user_two['id'])
self.assertEqual(user_ref['id'], self.user_two['id'])
self.assertEqual(user_ref['name'], self.user_two['email'])
self.assertEqual(user_ref['email'], self.user_two['name'])
self.assertEqual(user_ref['enabled'], self.user_two['enabled'])
def test_user_attribute_ignore(self):
self.config([test.etcdir('keystone.conf.sample'),
@ -290,8 +290,8 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
clear_database()
self.identity_api = identity_ldap.Identity()
self.load_fixtures(default_fixtures)
user_ref = self.identity_api.get_user(self.user_attr['id'])
self.assertEqual(user_ref['id'], self.user_attr['id'])
user_ref = self.identity_api.get_user(self.user_two['id'])
self.assertEqual(user_ref['id'], self.user_two['id'])
self.assertNotIn('name', user_ref)
self.assertNotIn('email', user_ref)
self.assertNotIn('password', user_ref)
@ -309,21 +309,22 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
clear_database()
self.identity_api = identity_ldap.Identity()
self.load_fixtures(default_fixtures)
tenant_ref = self.identity_api.get_tenant(self.tenant_attr['id'])
self.assertEqual(tenant_ref['id'], self.tenant_attr['id'])
self.assertEqual(tenant_ref['name'], self.tenant_attr['name'])
self.assertEqual(tenant_ref['description'],
self.tenant_attr['description'])
self.assertEqual(tenant_ref['enabled'], self.tenant_attr['enabled'])
tenant_ref = self.identity_api.get_tenant(self.tenant_baz['id'])
self.assertEqual(tenant_ref['id'], self.tenant_baz['id'])
self.assertEqual(tenant_ref['name'], self.tenant_baz['name'])
self.assertEqual(
tenant_ref['description'],
self.tenant_baz['description'])
self.assertEqual(tenant_ref['enabled'], self.tenant_baz['enabled'])
CONF.ldap.tenant_name_attribute = 'desc'
CONF.ldap.tenant_desc_attribute = 'ou'
self.identity_api = identity_ldap.Identity()
tenant_ref = self.identity_api.get_tenant(self.tenant_attr['id'])
self.assertEqual(tenant_ref['id'], self.tenant_attr['id'])
self.assertEqual(tenant_ref['name'], self.tenant_attr['description'])
self.assertEqual(tenant_ref['description'], self.tenant_attr['name'])
self.assertEqual(tenant_ref['enabled'], self.tenant_attr['enabled'])
tenant_ref = self.identity_api.get_tenant(self.tenant_baz['id'])
self.assertEqual(tenant_ref['id'], self.tenant_baz['id'])
self.assertEqual(tenant_ref['name'], self.tenant_baz['description'])
self.assertEqual(tenant_ref['description'], self.tenant_baz['name'])
self.assertEqual(tenant_ref['enabled'], self.tenant_baz['enabled'])
def test_tenant_attribute_ignore(self):
self.config([test.etcdir('keystone.conf.sample'),
@ -335,8 +336,8 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
clear_database()
self.identity_api = identity_ldap.Identity()
self.load_fixtures(default_fixtures)
tenant_ref = self.identity_api.get_tenant(self.tenant_attr['id'])
self.assertEqual(tenant_ref['id'], self.tenant_attr['id'])
tenant_ref = self.identity_api.get_tenant(self.tenant_baz['id'])
self.assertEqual(tenant_ref['id'], self.tenant_baz['id'])
self.assertNotIn('name', tenant_ref)
self.assertNotIn('description', tenant_ref)
self.assertNotIn('enabled', tenant_ref)
@ -349,14 +350,14 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
clear_database()
self.identity_api = identity_ldap.Identity()
self.load_fixtures(default_fixtures)
role_ref = self.identity_api.get_role(self.role_attr['id'])
self.assertEqual(role_ref['id'], self.role_attr['id'])
self.assertEqual(role_ref['name'], self.role_attr['name'])
role_ref = self.identity_api.get_role(self.role_member['id'])
self.assertEqual(role_ref['id'], self.role_member['id'])
self.assertEqual(role_ref['name'], self.role_member['name'])
CONF.ldap.role_name_attribute = 'sn'
self.identity_api = identity_ldap.Identity()
role_ref = self.identity_api.get_role(self.role_attr['id'])
self.assertEqual(role_ref['id'], self.role_attr['id'])
role_ref = self.identity_api.get_role(self.role_member['id'])
self.assertEqual(role_ref['id'], self.role_member['id'])
self.assertNotIn('name', role_ref)
def test_role_attribute_ignore(self):
@ -367,8 +368,8 @@ class LDAPIdentity(test.TestCase, test_backend.IdentityTests):
clear_database()
self.identity_api = identity_ldap.Identity()
self.load_fixtures(default_fixtures)
role_ref = self.identity_api.get_role(self.role_attr['id'])
self.assertEqual(role_ref['id'], self.role_attr['id'])
role_ref = self.identity_api.get_role(self.role_member['id'])
self.assertEqual(role_ref['id'], self.role_member['id'])
self.assertNotIn('name', role_ref)
def test_user_enable_attribute_mask(self):

18
tests/test_keystoneclient.py
View File

@ -797,12 +797,12 @@ class KcMasterTestCase(CompatTestCase, KeystoneClientTests):
client = self.get_client(admin=True)
client.roles.add_user_role(tenant=self.tenant_baz['id'],
user=self.user_two['id'],
role=self.role_useless['id'])
role=self.role_member['id'])
user_refs = client.tenants.list_users(tenant=self.tenant_baz['id'])
self.assert_(self.user_two['id'] in [x.id for x in user_refs])
client.roles.remove_user_role(tenant=self.tenant_baz['id'],
user=self.user_two['id'],
role=self.role_useless['id'])
role=self.role_member['id'])
user_refs = client.tenants.list_users(tenant=self.tenant_baz['id'])
self.assert_(self.user_two['id'] not in [x.id for x in user_refs])
@ -813,12 +813,12 @@ class KcMasterTestCase(CompatTestCase, KeystoneClientTests):
client.roles.add_user_role,
tenant=uuid.uuid4().hex,
user=self.user_foo['id'],
role=self.role_useless['id'])
role=self.role_member['id'])
self.assertRaises(client_exceptions.NotFound,
client.roles.add_user_role,
tenant=self.tenant_baz['id'],
user=uuid.uuid4().hex,
role=self.role_useless['id'])
role=self.role_member['id'])
self.assertRaises(client_exceptions.NotFound,
client.roles.add_user_role,
tenant=self.tenant_baz['id'],
@ -832,12 +832,12 @@ class KcMasterTestCase(CompatTestCase, KeystoneClientTests):
client.roles.remove_user_role,
tenant=uuid.uuid4().hex,
user=self.user_foo['id'],
role=self.role_useless['id'])
role=self.role_member['id'])
self.assertRaises(client_exceptions.NotFound,
client.roles.remove_user_role,
tenant=self.tenant_baz['id'],
user=uuid.uuid4().hex,
role=self.role_useless['id'])
role=self.role_member['id'])
self.assertRaises(client_exceptions.NotFound,
client.roles.remove_user_role,
tenant=self.tenant_baz['id'],
@ -847,7 +847,7 @@ class KcMasterTestCase(CompatTestCase, KeystoneClientTests):
client.roles.remove_user_role,
tenant=self.tenant_baz['id'],
user=self.user_foo['id'],
role=self.role_useless['id'])
role=self.role_member['id'])
def test_tenant_list_marker(self):
client = self.get_client()
@ -1004,7 +1004,7 @@ class KcEssex3TestCase(CompatTestCase, KeystoneClientTests):
client = self.get_client(admin=True)
client.roles.add_user_to_tenant(tenant_id=self.tenant_baz['id'],
user_id=self.user_two['id'],
role_id=self.role_useless['id'])
role_id=self.role_member['id'])
role_refs = client.roles.get_user_role_refs(
user_id=self.user_two['id'])
self.assert_(self.tenant_baz['id'] in [x.tenantId for x in role_refs])
@ -1014,7 +1014,7 @@ class KcEssex3TestCase(CompatTestCase, KeystoneClientTests):
roleref_refs = client.roles.get_user_role_refs(
user_id=self.user_two['id'])
for roleref_ref in roleref_refs:
if (roleref_ref.roleId == self.role_useless['id']
if (roleref_ref.roleId == self.role_member['id']
and roleref_ref.tenantId == self.tenant_baz['id']):
# use python's scope fall through to leave roleref_ref set
break