openstack
/
keystone
Code Issues Proposed changes

Use unit.new_project_ref consistently 

Replace all hand created project refs with calls to new_project_ref().
In unit tests, rename 'tenant' variables to 'project' where appropriate.
Change-Id: Id6d0462ba527c6950db1d25f19cb25dfaf01a002
This commit is contained in:
Sean Perry 2015-11-11 10:06:15 -08:00
parent 933e118eee
commit df360b8ca0
15 changed files with 398 additions and 688 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
keystone/tests/unit/common/test_notifications.py
View File

@ -323,7 +323,7 @@ class NotificationsForEntities(BaseNotificationTest):
cadftaxonomy.SECURITY_GROUP)
def test_create_project(self):
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref = unit.new_project_ref(domain_id=self.domain_id)
self.resource_api.create_project(project_ref['id'], project_ref)
self._assert_last_note(
project_ref['id'], CREATED_OPERATION, 'project')
@ -370,7 +370,7 @@ class NotificationsForEntities(BaseNotificationTest):
cadftaxonomy.SECURITY_GROUP)
def test_delete_project(self):
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref = unit.new_project_ref(domain_id=self.domain_id)
self.resource_api.create_project(project_ref['id'], project_ref)
self.resource_api.delete_project(project_ref['id'])
self._assert_last_note(
@ -572,7 +572,7 @@ class NotificationsForEntities(BaseNotificationTest):
cadftaxonomy.SECURITY_GROUP)
def test_update_project(self):
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref = unit.new_project_ref(domain_id=self.domain_id)
self.resource_api.create_project(project_ref['id'], project_ref)
self.resource_api.update_project(project_ref['id'], project_ref)
self._assert_notify_sent(
@ -581,7 +581,7 @@ class NotificationsForEntities(BaseNotificationTest):
'project', cadftaxonomy.SECURITY_PROJECT)
def test_disable_project(self):
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref = unit.new_project_ref(domain_id=self.domain_id)
self.resource_api.create_project(project_ref['id'], project_ref)
project_ref['enabled'] = False
self.resource_api.update_project(project_ref['id'], project_ref)
@ -589,8 +589,8 @@ class NotificationsForEntities(BaseNotificationTest):
public=False)
def test_disable_of_disabled_project_does_not_notify(self):
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref['enabled'] = False
project_ref = unit.new_project_ref(domain_id=self.domain_id,
enabled=False)
self.resource_api.create_project(project_ref['id'], project_ref)
# The project_ref above is not changed during the create process. We
# can use the same ref to perform the update.
@ -599,7 +599,7 @@ class NotificationsForEntities(BaseNotificationTest):
public=False)
def test_update_project_does_not_send_disable(self):
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref = unit.new_project_ref(domain_id=self.domain_id)
self.resource_api.create_project(project_ref['id'], project_ref)
project_ref['enabled'] = True
self.resource_api.update_project(project_ref['id'], project_ref)
@ -812,7 +812,7 @@ class TestEventCallbacks(test_v3.RestfulTestCase):
def test_notification_received(self):
callback = register_callback(CREATED_OPERATION, 'project')
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref = unit.new_project_ref(domain_id=self.domain_id)
self.resource_api.create_project(project_ref['id'], project_ref)
self.assertTrue(callback.called)
@ -857,7 +857,7 @@ class TestEventCallbacks(test_v3.RestfulTestCase):
callback_called.append(True)
Foo()
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref = unit.new_project_ref(domain_id=self.domain_id)
self.resource_api.create_project(project_ref['id'], project_ref)
self.assertEqual([True], callback_called)
@ -880,7 +880,7 @@ class TestEventCallbacks(test_v3.RestfulTestCase):
callback_called.append('cb1')
Foo()
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref = unit.new_project_ref(domain_id=self.domain_id)
self.resource_api.create_project(project_ref['id'], project_ref)
self.assertItemsEqual(['cb1', 'cb0'], callback_called)
@ -922,7 +922,7 @@ class TestEventCallbacks(test_v3.RestfulTestCase):
# something like:
# self.assertRaises(TypeError, Foo)
Foo()
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref = unit.new_project_ref(domain_id=self.domain_id)
self.assertRaises(TypeError, self.resource_api.create_project,
project_ref['id'], project_ref)
@ -1089,7 +1089,7 @@ class CadfNotificationsWrapperTestCase(test_v3.RestfulTestCase):
# A notification is sent when add_role_to_user_and_project is called on
# the assignment manager.
project_ref = self.new_project_ref(self.domain_id)
project_ref = unit.new_project_ref(self.domain_id)
project = self.resource_api.create_project(
project_ref['id'], project_ref)
tenant_id = project['id']

3
keystone/tests/unit/core.py
View File

@ -303,11 +303,12 @@ def new_domain_ref(**kwargs):
return ref
def new_project_ref(domain_id=None, parent_id=None, is_domain=False):
def new_project_ref(domain_id=None, parent_id=None, is_domain=False, **kwargs):
ref = new_ref()
ref['domain_id'] = domain_id
ref['parent_id'] = parent_id
ref['is_domain'] = is_domain
ref.update(kwargs)
return ref

6
keystone/tests/unit/test_associate_project_endpoint_extension.py
View File

@ -393,7 +393,7 @@ class EndpointFilterTokenRequestTestCase(EndpointFilterTestCase):
def test_project_scoped_token_using_endpoint_filter(self):
"""Verify endpoints from project scoped token filtered."""
# create a project to work with
ref = self.new_project_ref(domain_id=self.domain_id)
ref = unit.new_project_ref(domain_id=self.domain_id)
r = self.post('/projects', body={'project': ref})
project = self.assertValidProjectResponse(r, ref)
@ -1110,7 +1110,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
self.DEFAULT_ENDPOINT_GROUP_URL, self.DEFAULT_ENDPOINT_GROUP_BODY)
# create new project and associate with endpoint_group
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref = unit.new_project_ref(domain_id=self.domain_id)
r = self.post('/projects', body={'project': project_ref})
project = self.assertValidProjectResponse(r, project_ref)
url = self._get_project_endpoint_group_url(endpoint_group_id,
@ -1132,7 +1132,7 @@ class EndpointGroupCRUDTestCase(EndpointFilterTestCase):
self.DEFAULT_ENDPOINT_GROUP_URL, self.DEFAULT_ENDPOINT_GROUP_BODY)
# create new project and associate with endpoint_group
project_ref = self.new_project_ref(domain_id=self.domain_id)
project_ref = unit.new_project_ref(domain_id=self.domain_id)
r = self.post('/projects', body={'project': project_ref})
project = self.assertValidProjectResponse(r, project_ref)
url = self._get_project_endpoint_group_url(endpoint_group_id,

8
keystone/tests/unit/test_auth.py
View File

@ -428,8 +428,7 @@ class AuthWithToken(AuthTest):
def test_deleting_role_revokes_token(self):
role_controller = assignment.controllers.Role()
project1 = {'id': 'Project1', 'name': uuid.uuid4().hex,
'domain_id': DEFAULT_DOMAIN_ID}
project1 = unit.new_project_ref(domain_id=DEFAULT_DOMAIN_ID)
self.resource_api.create_project(project1['id'], project1)
role_one = unit.new_role_ref(id='role_one')
self.role_api.create_role(role_one['id'], role_one)
@ -464,10 +463,7 @@ class AuthWithToken(AuthTest):
no_context = {}
admin_context = dict(is_admin=True, query_string={})
project = {
'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'domain_id': DEFAULT_DOMAIN_ID}
project = unit.new_project_ref(domain_id=DEFAULT_DOMAIN_ID)
self.resource_api.create_project(project['id'], project)
role = unit.new_role_ref()
self.role_api.create_role(role['id'], role)

647
keystone/tests/unit/test_backend.py
View File

File diff suppressed because it is too large Load Diff

119
keystone/tests/unit/test_backend_ldap.py
View File

@ -416,11 +416,9 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
group2 = unit.new_group_ref(domain_id=domain['id'])
group2 = self.identity_api.create_group(group2)
project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'domain_id': domain['id']}
project1 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project1['id'], project1)
project2 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'domain_id': domain['id']}
project2 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project2['id'], project2)
self.identity_api.add_user_to_group(new_user['id'],
@ -495,9 +493,7 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
new_user = self.identity_api.create_user(new_user)
new_group = unit.new_group_ref(domain_id=new_domain['id'])
new_group = self.identity_api.create_group(new_group)
new_project = {'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'domain_id': new_domain['id']}
new_project = unit.new_project_ref(domain_id=new_domain['id'])
self.resource_api.create_project(new_project['id'], new_project)
# First check how many role grant already exist
@ -530,9 +526,7 @@ class BaseLDAPIdentity(test_backend.IdentityTests):
new_domain = self._get_domain_fixture()
new_user = self.new_user_ref(domain_id=new_domain['id'])
new_user = self.identity_api.create_user(new_user)
new_project = {'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'domain_id': new_domain['id']}
new_project = unit.new_project_ref(domain_id=new_domain['id'])
self.resource_api.create_project(new_project['id'], new_project)
self.assignment_api.create_grant(user_id=new_user['id'],
project_id=new_project['id'],
@ -963,26 +957,25 @@ class LDAPIdentity(BaseLDAPIdentity, unit.TestCase):
def test_configurable_allowed_project_actions(self):
domain = self._get_domain_fixture()
tenant = {'id': u'fäké1', 'name': u'fäké1', 'enabled': True,
'domain_id': domain['id']}
self.resource_api.create_project(u'fäké1', tenant)
tenant_ref = self.resource_api.get_project(u'fäké1')
self.assertEqual(u'fäké1', tenant_ref['id'])
project = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project['id'], project)
project_ref = self.resource_api.get_project(project['id'])
self.assertEqual(project['id'], project_ref['id'])
tenant['enabled'] = False
self.resource_api.update_project(u'fäké1', tenant)
project['enabled'] = False
self.resource_api.update_project(project['id'], project)
self.resource_api.delete_project(u'fäké1')
self.resource_api.delete_project(project['id'])
self.assertRaises(exception.ProjectNotFound,
self.resource_api.get_project,
u'fäké1')
project['id'])
def test_configurable_subtree_delete(self):
self.config_fixture.config(group='ldap', allow_subtree_delete=True)
self.load_backends()
project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'domain_id': CONF.identity.default_domain_id}
project1 = unit.new_project_ref(
domain_id=CONF.identity.default_domain_id)
self.resource_api.create_project(project1['id'], project1)
role1 = unit.new_role_ref()
@ -1015,11 +1008,11 @@ class LDAPIdentity(BaseLDAPIdentity, unit.TestCase):
self.load_backends()
domain = self._get_domain_fixture()
tenant = {'id': u'fäké1', 'name': u'fäké1', 'domain_id': domain['id']}
project = unit.new_project_ref(domain_id=domain['id'])
self.assertRaises(exception.ForbiddenAction,
self.resource_api.create_project,
u'fäké1',
tenant)
project['id'],
project)
self.tenant_bar['enabled'] = False
self.assertRaises(exception.ForbiddenAction,
@ -1559,13 +1552,9 @@ class LDAPIdentity(BaseLDAPIdentity, unit.TestCase):
# NOTE(topol): LDAP implementation does not currently support the
# updating of a project name so this method override
# provides a different update test
project = {'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'domain_id': CONF.identity.default_domain_id,
'description': uuid.uuid4().hex,
'enabled': True,
'parent_id': None,
'is_domain': False}
project = unit.new_project_ref(
domain_id=CONF.identity.default_domain_id)
self.resource_api.create_project(project['id'], project)
project_ref = self.resource_api.get_project(project['id'])
@ -1586,9 +1575,8 @@ class LDAPIdentity(BaseLDAPIdentity, unit.TestCase):
# NOTE(morganfainberg): LDAP implementation does not currently support
# updating project names. This method override provides a different
# update test.
project = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'domain_id': CONF.identity.default_domain_id,
'description': uuid.uuid4().hex}
project = unit.new_project_ref(
domain_id=CONF.identity.default_domain_id)
project_id = project['id']
# Create a project
self.resource_api.create_project(project_id, project)
@ -1638,24 +1626,13 @@ class LDAPIdentity(BaseLDAPIdentity, unit.TestCase):
def _assert_create_hierarchy_not_allowed(self):
domain = self._get_domain_fixture()
project1 = {'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'description': '',
'domain_id': domain['id'],
'enabled': True,
'parent_id': None,
'is_domain': False}
project1 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project1['id'], project1)
# Creating project2 under project1. LDAP will not allow
# the creation of a project with parent_id being set
project2 = {'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'description': '',
'domain_id': domain['id'],
'enabled': True,
'parent_id': project1['id'],
'is_domain': False}
project2 = unit.new_project_ref(domain_id=domain['id'],
parent_id=project1['id'])
self.assertRaises(exception.InvalidParentProject,
self.resource_api.create_project,
@ -1677,13 +1654,8 @@ class LDAPIdentity(BaseLDAPIdentity, unit.TestCase):
and the only domain it has (default) is immutable.
"""
domain = self._get_domain_fixture()
project = {'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'description': '',
'domain_id': domain['id'],
'enabled': True,
'parent_id': None,
'is_domain': True}
project = unit.new_project_ref(domain_id=domain['id'],
is_domain=True)
self.assertRaises(exception.ValidationError,
self.resource_api.create_project,
@ -1691,13 +1663,7 @@ class LDAPIdentity(BaseLDAPIdentity, unit.TestCase):
def test_update_is_domain_field(self):
domain = self._get_domain_fixture()
project = {'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'description': '',
'domain_id': domain['id'],
'enabled': True,
'parent_id': None,
'is_domain': False}
project = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project['id'], project)
# Try to update the is_domain field to True
@ -1723,9 +1689,7 @@ class LDAPIdentity(BaseLDAPIdentity, unit.TestCase):
def test_set_default_is_domain_project(self):
# Tests the internal method _set_default_is_domain_project, which
# allows either a project ref or a list of project refs
new_project_ref = {'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'description': uuid.uuid4().hex}
new_project_ref = unit.new_project_ref()
# Calling it with a dict is valid
updated_project_ref = (self.resource_api.driver.
@ -1734,9 +1698,7 @@ class LDAPIdentity(BaseLDAPIdentity, unit.TestCase):
self.assertFalse(updated_project_ref['is_domain'])
# So it is with a list of refs
another_new_project_ref = {'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'description': uuid.uuid4().hex}
another_new_project_ref = unit.new_project_ref()
refs_list = [new_project_ref, another_new_project_ref]
new_refs_list = (self.resource_api.driver.
_set_default_is_domain_project(refs_list))
@ -1832,8 +1794,8 @@ class LDAPIdentity(BaseLDAPIdentity, unit.TestCase):
user1 = self.new_user_ref(domain_id=CONF.identity.default_domain_id)
user1 = self.identity_api.create_user(user1)
project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'domain_id': CONF.identity.default_domain_id}
project1 = unit.new_project_ref(
domain_id=CONF.identity.default_domain_id)
self.resource_api.create_project(project1['id'], project1)
self.assignment_api.add_role_to_user_and_project(
@ -2116,13 +2078,8 @@ class LDAPIdentityEnabledEmulation(LDAPIdentity):
# NOTE(topol): LDAPIdentityEnabledEmulation will create an
# enabled key in the project dictionary so this
# method override handles this side-effect
project = {
'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'domain_id': CONF.identity.default_domain_id,
'description': uuid.uuid4().hex,
'parent_id': None,
'is_domain': False}
project = unit.new_project_ref(
domain_id=CONF.identity.default_domain_id)
self.resource_api.create_project(project['id'], project)
project_ref = self.resource_api.get_project(project['id'])
@ -2779,13 +2736,7 @@ class MultiLDAPandSQLIdentity(BaseLDAPIdentity, unit.SQLDriverOverrides,
def test_delete_domain_with_user_added(self):
domain = unit.new_domain_ref()
project = {'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex,
'domain_id': domain['id'],
'description': uuid.uuid4().hex,
'parent_id': None,
'enabled': True,
'is_domain': False}
project = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_domain(domain['id'], domain)
self.resource_api.create_project(project['id'], project)
project_ref = self.resource_api.get_project(project['id'])

32
keystone/tests/unit/test_backend_sql.py
View File

@ -219,10 +219,7 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
# like LDAP.
# create a ref with a lowercase name
ref = {
'id': uuid.uuid4().hex,
'name': uuid.uuid4().hex.lower(),
'domain_id': DEFAULT_DOMAIN_ID}
ref = unit.new_project_ref(domain_id=DEFAULT_DOMAIN_ID)
self.resource_api.create_project(ref['id'], ref)
# assign a new ID with the same name, but this time in uppercase
@ -231,19 +228,18 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
self.resource_api.create_project(ref['id'], ref)
def test_create_null_project_name(self):
tenant = {'id': uuid.uuid4().hex,
'name': None,
'domain_id': DEFAULT_DOMAIN_ID}
project = unit.new_project_ref(name=None,
domain_id=DEFAULT_DOMAIN_ID)
self.assertRaises(exception.ValidationError,
self.resource_api.create_project,
tenant['id'],
tenant)
project['id'],
project)
self.assertRaises(exception.ProjectNotFound,
self.resource_api.get_project,
tenant['id'])
project['id'])
self.assertRaises(exception.ProjectNotFound,
self.resource_api.get_project_by_name,
tenant['name'],
project['name'],
DEFAULT_DOMAIN_ID)
def test_delete_project_with_user_association(self):
@ -265,20 +261,16 @@ class SqlIdentity(SqlTests, test_backend.IdentityTests):
This behavior is specific to the SQL driver.
"""
tenant_id = uuid.uuid4().hex
arbitrary_key = uuid.uuid4().hex
arbitrary_value = uuid.uuid4().hex
tenant = {
'id': tenant_id,
'name': uuid.uuid4().hex,
'domain_id': DEFAULT_DOMAIN_ID,
arbitrary_key: arbitrary_value}
ref = self.resource_api.create_project(tenant_id, tenant)
project = unit.new_project_ref(domain_id=DEFAULT_DOMAIN_ID)
project[arbitrary_key] = arbitrary_value
ref = self.resource_api.create_project(project['id'], project)
self.assertEqual(arbitrary_value, ref[arbitrary_key])
self.assertIsNone(ref.get('extra'))
tenant['name'] = uuid.uuid4().hex
ref = self.resource_api.update_project(tenant_id, tenant)
project['name'] = uuid.uuid4().hex
ref = self.resource_api.update_project(project['id'], project)
self.assertEqual(arbitrary_value, ref[arbitrary_key])
self.assertEqual(arbitrary_value, ref['extra'][arbitrary_key])

12
keystone/tests/unit/test_middleware.py
View File

@ -147,8 +147,6 @@ class AuthContextMiddlewareTest(test_backend_sql.SqlTests):
self._load_sample_data()
def _load_sample_data(self):
self.project_id = uuid.uuid4().hex
self.project_name = uuid.uuid4().hex
self.protocol_id = 'x509'
# 1) Create a domain for the user.
@ -158,13 +156,9 @@ class AuthContextMiddlewareTest(test_backend_sql.SqlTests):
self.resource_api.create_domain(self.domain_id, self.domain)
# 2) Create a project for the user.
self.project = {
'description': uuid.uuid4().hex,
'domain_id': self.domain_id,
'enabled': True,
'id': self.project_id,
'name': self.project_name,
}
self.project = unit.new_project_ref(domain_id=self.domain_id)
self.project_id = self.project['id']
self.project_name = self.project['name']
self.resource_api.create_project(self.project_id, self.project)

7
keystone/tests/unit/test_v2_controller.py
View File

@ -77,8 +77,7 @@ class TenantTestCase(unit.TestCase):
"""Test that list projects only returns those in the default domain."""
domain = unit.new_domain_ref()
self.resource_api.create_domain(domain['id'], domain)
project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'domain_id': domain['id']}
project1 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project1['id'], project1)
# Check the real total number of projects, we should have the above
# plus those in the default features
@ -98,8 +97,8 @@ class TenantTestCase(unit.TestCase):
self.assertIn(tenant_copy, refs['tenants'])
def _create_is_domain_project(self):
project = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'domain_id': 'default', 'is_domain': True}
project = unit.new_project_ref(domain_id='default',
is_domain=True)
project_ref = self.resource_api.create_project(project['id'], project)
return self.tenant_controller.v3_to_v2_project(project_ref)

14
keystone/tests/unit/test_v2_keystoneclient.py
View File

@ -198,6 +198,7 @@ class ClientDrivenTestCase(unit.TestCase):
def test_authenticate_disabled_tenant(self):
admin_client = self.get_client(admin=True)
# v2 style, needs to be created by hand
tenant = {
'name': uuid.uuid4().hex,
'description': uuid.uuid4().hex,
@ -935,11 +936,9 @@ class ClientDrivenTestCase(unit.TestCase):
# Add two arbitrary tenants to user for testing purposes
for i in range(2):
tenant_id = uuid.uuid4().hex
tenant = {'name': 'tenant-%s' % tenant_id, 'id': tenant_id,
'domain_id': DEFAULT_DOMAIN_ID}
self.resource_api.create_project(tenant_id, tenant)
self.assignment_api.add_user_to_project(tenant_id,
tenant = unit.new_project_ref(domain_id=DEFAULT_DOMAIN_ID)
self.resource_api.create_project(tenant['id'], tenant)
self.assignment_api.add_user_to_project(tenant['id'],
self.user_foo['id'])
tenants = client.tenants.list()
@ -961,8 +960,9 @@ class ClientDrivenTestCase(unit.TestCase):
# Add two arbitrary tenants to user for testing purposes
for i in range(2):
tenant_id = uuid.uuid4().hex
tenant = {'name': 'tenant-%s' % tenant_id, 'id': tenant_id,
'domain_id': DEFAULT_DOMAIN_ID}
tenant = unit.new_project_ref(name='tenant-%s' % tenant_id,
id=tenant_id,
domain_id=DEFAULT_DOMAIN_ID)
self.resource_api.create_project(tenant_id, tenant)
self.assignment_api.add_user_to_project(tenant_id,
self.user_foo['id'])

15
keystone/tests/unit/test_v3.py
View File

@ -196,10 +196,8 @@ class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase,
self.domain_id = self.domain['id']
self.resource_api.create_domain(self.domain_id, self.domain)
self.project_id = uuid.uuid4().hex
self.project = self.new_project_ref(
domain_id=self.domain_id)
self.project['id'] = self.project_id
self.project = unit.new_project_ref(domain_id=self.domain_id)
self.project_id = self.project['id']
self.resource_api.create_project(self.project_id, self.project)
self.user = unit.create_user(self.identity_api,
@ -207,7 +205,7 @@ class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase,
self.user_id = self.user['id']
self.default_domain_project_id = uuid.uuid4().hex
self.default_domain_project = self.new_project_ref(
self.default_domain_project = unit.new_project_ref(
domain_id=DEFAULT_DOMAIN_ID)
self.default_domain_project['id'] = self.default_domain_project_id
self.resource_api.create_project(self.default_domain_project_id,
@ -252,10 +250,6 @@ class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase,
"""Populates a ref with attributes common to some API entities."""
return unit.new_ref()
def new_project_ref(self, domain_id=None, parent_id=None, is_domain=False):
return unit.new_project_ref(domain_id=domain_id, parent_id=parent_id,
is_domain=is_domain)
def new_credential_ref(self, user_id, project_id=None, cred_type=None):
return unit.new_credential_ref(user_id, project_id=project_id,
cred_type=cred_type)
@ -275,8 +269,7 @@ class RestfulTestCase(unit.SQLDriverOverrides, rest.RestfulTestCase,
def create_new_default_project_for_user(self, user_id, domain_id,
enable_project=True):
ref = self.new_project_ref(domain_id=domain_id)
ref['enabled'] = enable_project
ref = unit.new_project_ref(domain_id=domain_id, enabled=enable_project)
r = self.post('/projects', body={'project': ref})
project = self.assertValidProjectResponse(r, ref)
# set the user's preferred project

166
keystone/tests/unit/test_v3_assignment.py
View File

@ -107,15 +107,14 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
self.domain2 = unit.new_domain_ref()
self.resource_api.create_domain(self.domain2['id'], self.domain2)
self.project2 = self.new_project_ref(
domain_id=self.domain2['id'])
self.resource_api.create_project(self.project2['id'], self.project2)
project2 = unit.new_project_ref(domain_id=self.domain2['id'])
self.resource_api.create_project(project2['id'], project2)
user2 = unit.create_user(self.identity_api,
domain_id=self.domain2['id'],
project_id=self.project2['id'])
project_id=project2['id'])
self.assignment_api.add_user_to_project(self.project2['id'],
self.assignment_api.add_user_to_project(project2['id'],
user2['id'])
# First check a user in that domain can authenticate. The v2 user
@ -126,7 +125,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
'userId': user2['id'],
'password': user2['password']
},
'tenantId': self.project2['id']
'tenantId': project2['id']
}
}
self.admin_request(
@ -136,7 +135,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
auth_data = self.build_authentication_request(
user_id=user2['id'],
password=user2['password'],
project_id=self.project2['id'])
project_id=project2['id'])
self.v3_create_token(auth_data)
# Now disable the domain
@ -154,7 +153,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
'userId': user2['id'],
'password': user2['password']
},
'tenantId': self.project2['id']
'tenantId': project2['id']
}
}
self.admin_request(
@ -165,7 +164,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
auth_data = self.build_authentication_request(
user_id=user2['id'],
password=user2['password'],
project_id=self.project2['id'])
project_id=project2['id'])
self.v3_create_token(auth_data,
expected_status=http_client.UNAUTHORIZED)
@ -173,7 +172,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
username=user2['name'],
user_domain_id=self.domain2['id'],
password=user2['password'],
project_id=self.project2['id'])
project_id=project2['id'])
self.v3_create_token(auth_data,
expected_status=http_client.UNAUTHORIZED)
@ -208,12 +207,11 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
self.domain2 = unit.new_domain_ref()
self.resource_api.create_domain(self.domain2['id'], self.domain2)
self.project2 = self.new_project_ref(
domain_id=self.domain2['id'])
self.resource_api.create_project(self.project2['id'], self.project2)
project2 = unit.new_project_ref(domain_id=self.domain2['id'])
self.resource_api.create_project(project2['id'], project2)
user2 = unit.new_user_ref(domain_id=self.domain2['id'],
project_id=self.project2['id'])
project_id=project2['id'])
user2 = self.identity_api.create_user(user2)
group2 = unit.new_group_ref(domain_id=self.domain2['id'])
@ -221,7 +219,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
self.credential2 = self.new_credential_ref(
user_id=user2['id'],
project_id=self.project2['id'])
project_id=project2['id'])
self.credential_api.create_credential(
self.credential2['id'],
self.credential2)
@ -241,7 +239,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
self.domain2['id'])
self.assertRaises(exception.ProjectNotFound,
self.resource_api.get_project,
self.project2['id'])
project2['id'])
self.assertRaises(exception.GroupNotFound,
self.identity_api.get_group,
group2['id'])
@ -370,11 +368,10 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
domain = unit.new_domain_ref()
self.resource_api.create_domain(domain['id'], domain)
root_project = self.new_project_ref(
domain_id=domain['id'])
root_project = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(root_project['id'], root_project)
leaf_project = self.new_project_ref(
leaf_project = unit.new_project_ref(
domain_id=domain['id'],
parent_id=root_project['id'])
self.resource_api.create_project(leaf_project['id'], leaf_project)
@ -470,7 +467,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
def test_create_project(self):
"""Call ``POST /projects``."""
ref = self.new_project_ref(domain_id=self.domain_id)
ref = unit.new_project_ref(domain_id=self.domain_id)
r = self.post(
'/projects',
body={'project': ref})
@ -483,7 +480,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
def test_create_project_invalid_domain_id(self):
"""Call ``POST /projects``."""
ref = self.new_project_ref(domain_id=uuid.uuid4().hex)
ref = unit.new_project_ref(domain_id=uuid.uuid4().hex)
self.post('/projects', body={'project': ref},
expected_status=http_client.BAD_REQUEST)
@ -494,7 +491,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
NotImplemented.
"""
ref = self.new_project_ref(domain_id=self.domain_id, is_domain=True)
ref = unit.new_project_ref(domain_id=self.domain_id, is_domain=True)
self.post('/projects',
body={'project': ref},
expected_status=http_client.NOT_IMPLEMENTED)
@ -520,7 +517,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
# Without parent_id and domain_id passed as None, the domain_id should
# be normalized to the domain on the token, when using a domain
# scoped token.
ref = self.new_project_ref()
ref = unit.new_project_ref()
r = self.post(
'/projects',
auth=auth,
@ -549,9 +546,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
# Without domain_id and parent_id, the domain_id should be
# normalized to the domain on the token, when using a domain
# scoped token.
ref = self.new_project_ref()
ref.pop('domain_id')
ref.pop('parent_id')
ref = unit.new_project_ref()
r = self.post(
'/projects',
auth=auth,
@ -563,7 +558,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
"""Call ``POST /projects``."""
# With only the parent_id, the domain_id should be
# normalized to the parent's domain_id
ref_child = self.new_project_ref(parent_id=self.project['id'])
ref_child = unit.new_project_ref(parent_id=self.project['id'])
r = self.post(
'/projects',
@ -582,13 +577,13 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
:returns projects: a list of the projects in the created hierarchy.
"""
new_ref = self.new_project_ref(domain_id=self.domain_id)
new_ref = unit.new_project_ref(domain_id=self.domain_id)
resp = self.post('/projects', body={'project': new_ref})
projects = [resp.result]
for i in range(hierarchy_size):
new_ref = self.new_project_ref(
new_ref = unit.new_project_ref(
domain_id=self.domain_id,
parent_id=projects[i]['project']['id'])
resp = self.post('/projects',
@ -604,7 +599,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
projects = self._create_projects_hierarchy(hierarchy_size=2)
# Add another child to projects[1] - it will be projects[3]
new_ref = self.new_project_ref(
new_ref = unit.new_project_ref(
domain_id=self.domain_id,
parent_id=projects[1]['project']['id'])
resp = self.post('/projects',
@ -813,7 +808,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
projects = self._create_projects_hierarchy(hierarchy_size=2)
# Add another child to projects[0] - it will be projects[3]
new_ref = self.new_project_ref(
new_ref = unit.new_project_ref(
domain_id=self.domain_id,
parent_id=projects[0]['project']['id'])
resp = self.post('/projects',
@ -822,7 +817,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
projects.append(resp.result)
# Add another child to projects[1] - it will be projects[4]
new_ref = self.new_project_ref(
new_ref = unit.new_project_ref(
domain_id=self.domain_id,
parent_id=projects[1]['project']['id'])
resp = self.post('/projects',
@ -959,7 +954,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
def test_update_project(self):
"""Call ``PATCH /projects/{project_id}``."""
ref = self.new_project_ref(domain_id=self.domain_id)
ref = unit.new_project_ref(domain_id=self.domain_id)
del ref['id']
r = self.patch(
'/projects/%(project_id)s' % {
@ -969,7 +964,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
def test_update_project_domain_id(self):
"""Call ``PATCH /projects/{project_id}`` with domain_id."""
project = self.new_project_ref(domain_id=self.domain['id'])
project = unit.new_project_ref(domain_id=self.domain['id'])
self.resource_api.create_project(project['id'], project)
project['domain_id'] = CONF.identity.default_domain_id
r = self.patch('/projects/%(project_id)s' % {
@ -999,7 +994,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
The is_domain flag is immutable.
"""
project = self.new_project_ref(domain_id=self.domain['id'])
project = unit.new_project_ref(domain_id=self.domain['id'])
resp = self.post('/projects',
body={'project': project})
self.assertFalse(resp.result['project']['is_domain'])
@ -1045,12 +1040,11 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
r = self.credential_api.get_credential(self.credential['id'])
self.assertDictEqual(self.credential, r)
# Create a second credential with a different project
self.project2 = self.new_project_ref(
domain_id=self.domain['id'])
self.resource_api.create_project(self.project2['id'], self.project2)
project2 = unit.new_project_ref(domain_id=self.domain['id'])
self.resource_api.create_project(project2['id'], project2)
self.credential2 = self.new_credential_ref(
user_id=self.user['id'],
project_id=self.project2['id'])
project_id=project2['id'])
self.credential_api.create_credential(
self.credential2['id'],
self.credential2)
@ -1646,9 +1640,8 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
group1 = self.identity_api.create_group(group1)
self.identity_api.add_user_to_group(user1['id'], group1['id'])
self.identity_api.add_user_to_group(user2['id'], group1['id'])
self.project1 = self.new_project_ref(
domain_id=self.domain['id'])
self.resource_api.create_project(self.project1['id'], self.project1)
project1 = unit.new_project_ref(domain_id=self.domain['id'])
self.resource_api.create_project(project1['id'], project1)
self.role1 = unit.new_role_ref()
self.role_api.create_role(self.role1['id'], self.role1)
self.role2 = unit.new_role_ref()
@ -1667,19 +1660,21 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
self.put(ud_entity['links']['assignment'])
gp_entity = self.build_role_assignment_entity(
project_id=self.project1['id'], group_id=group1['id'],
project_id=project1['id'],
group_id=group1['id'],
role_id=self.role1['id'])
self.put(gp_entity['links']['assignment'])
up_entity = self.build_role_assignment_entity(
project_id=self.project1['id'], user_id=user1['id'],
project_id=project1['id'],
user_id=user1['id'],
role_id=self.role2['id'])
self.put(up_entity['links']['assignment'])
# Now list by various filters to make sure we get back the right ones
collection_url = ('/role_assignments?scope.project.id=%s' %
self.project1['id'])
project1['id'])
r = self.get(collection_url)
self.assertValidRoleAssignmentListResponse(r,
expected_length=2,
@ -1726,7 +1721,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
'/role_assignments?user.id=%(user_id)s'
'&scope.project.id=%(project_id)s' % {
'user_id': user1['id'],
'project_id': self.project1['id']})
'project_id': project1['id']})
r = self.get(collection_url)
self.assertValidRoleAssignmentListResponse(r,
expected_length=1,
@ -1748,14 +1743,15 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
self.assertRoleAssignmentInListResponse(r, ud_entity)
# ...and the two via group membership...
gp1_link = self.build_role_assignment_link(
project_id=self.project1['id'], group_id=group1['id'],
project_id=project1['id'],
group_id=group1['id'],
role_id=self.role1['id'])
gd1_link = self.build_role_assignment_link(domain_id=self.domain_id,
group_id=group1['id'],
role_id=self.role1['id'])
up1_entity = self.build_role_assignment_entity(
link=gp1_link, project_id=self.project1['id'],
link=gp1_link, project_id=project1['id'],
user_id=user1['id'], role_id=self.role1['id'])
ud1_entity = self.build_role_assignment_entity(
link=gd1_link, domain_id=self.domain_id, user_id=user1['id'],
@ -1771,7 +1767,7 @@ class AssignmentTestCase(test_v3.RestfulTestCase,
'/role_assignments?effective&user.id=%(user_id)s'
'&scope.project.id=%(project_id)s' % {
'user_id': user1['id'],
'project_id': self.project1['id']})
'project_id': project1['id']})
r = self.get(collection_url)
self.assertValidRoleAssignmentListResponse(r,
expected_length=2,
@ -1804,7 +1800,7 @@ class RoleAssignmentBaseTestCase(test_v3.RestfulTestCase,
subprojects = []
for i in range(breadth):
subprojects.append(self.new_project_ref(
subprojects.append(unit.new_project_ref(
domain_id=self.domain_id, parent_id=parent_id))
self.resource_api.create_project(subprojects[-1]['id'],
subprojects[-1])
@ -1820,7 +1816,7 @@ class RoleAssignmentBaseTestCase(test_v3.RestfulTestCase,
self.resource_api.create_domain(self.domain_id, self.domain)
# Create a project hierarchy
self.project = self.new_project_ref(domain_id=self.domain_id)
self.project = unit.new_project_ref(domain_id=self.domain_id)
self.project_id = self.project['id']
self.resource_api.create_project(self.project_id, self.project)
@ -2400,11 +2396,9 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase,
domain = unit.new_domain_ref()
self.resource_api.create_domain(domain['id'], domain)
user1 = unit.create_user(self.identity_api, domain_id=domain['id'])
project1 = self.new_project_ref(
domain_id=domain['id'])
project1 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project1['id'], project1)
project2 = self.new_project_ref(
domain_id=domain['id'])
project2 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project2['id'], project2)
# Add some roles to the project
self.assignment_api.add_role_to_user_and_project(
@ -2492,11 +2486,9 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase,
domain = unit.new_domain_ref()
self.resource_api.create_domain(domain['id'], domain)
user1 = unit.create_user(self.identity_api, domain_id=domain['id'])
project1 = self.new_project_ref(
domain_id=domain['id'])
project1 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project1['id'], project1)
project2 = self.new_project_ref(
domain_id=domain['id'])
project2 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project2['id'], project2)
# Add some roles to the project
self.assignment_api.add_role_to_user_and_project(
@ -2587,11 +2579,9 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase,
group1['id'])
self.identity_api.add_user_to_group(user2['id'],
group1['id'])
project1 = self.new_project_ref(
domain_id=domain['id'])
project1 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project1['id'], project1)
project2 = self.new_project_ref(
domain_id=domain['id'])
project2 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project2['id'], project2)
# Add some roles to the project
self.assignment_api.add_role_to_user_and_project(
@ -2679,11 +2669,9 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase,
user1 = unit.create_user(self.identity_api, domain_id=domain['id'])
group1 = unit.new_group_ref(domain_id=domain['id'])
group1 = self.identity_api.create_group(group1)
project1 = self.new_project_ref(
domain_id=domain['id'])
project1 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project1['id'], project1)
project2 = self.new_project_ref(
domain_id=domain['id'])
project2 = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project2['id'], project2)
# Add some spoiler roles to the projects
self.assignment_api.add_role_to_user_and_project(
@ -2751,8 +2739,8 @@ class AssignmentInheritanceTestCase(test_v3.RestfulTestCase,
"""
# Create project hierarchy
root = self.new_project_ref(domain_id=self.domain['id'])
leaf = self.new_project_ref(domain_id=self.domain['id'],
root = unit.new_project_ref(domain_id=self.domain['id'])
leaf = unit.new_project_ref(domain_id=self.domain['id'],
parent_id=root['id'])
self.resource_api.create_project(root['id'], root)
@ -3076,19 +3064,19 @@ class AssignmentV3toV2MethodsTestCase(unit.TestCase):
self.domain_id = CONF.identity.default_domain_id
self.parent_id = uuid.uuid4().hex
# Project with only domain_id in ref
self.project1 = {'id': self.project_id,
'name': self.project_id,
'domain_id': self.domain_id}
self.project1 = unit.new_project_ref(id=self.project_id,
name=self.project_id,
domain_id=self.domain_id)
# Project with both domain_id and parent_id in ref
self.project2 = {'id': self.project_id,
'name': self.project_id,
'domain_id': self.domain_id,
'parent_id': self.parent_id}
self.project2 = unit.new_project_ref(id=self.project_id,
name=self.project_id,
domain_id=self.domain_id,
parent_id=self.parent_id)
# Project with no domain_id and parent_id in ref
self.project3 = {'id': self.project_id,
'name': self.project_id,
'domain_id': self.domain_id,
'parent_id': self.parent_id}
self.project3 = unit.new_project_ref(id=self.project_id,
name=self.project_id,
domain_id=self.domain_id,
parent_id=self.parent_id)
# Expected result with no domain_id and parent_id
self.expected_project = {'id': self.project_id,
'name': self.project_id}
@ -3157,6 +3145,17 @@ class AssignmentV3toV2MethodsTestCase(unit.TestCase):
def test_v3_to_v2_project_method(self):
self._setup_initial_projects()
# TODO(shaleh): these optional fields are not handled well by the
# v3_to_v2 code. Manually remove them for now. Eventually update
# new_project_ref to not return optional values
del self.project1['enabled']
del self.project1['description']
del self.project2['enabled']
del self.project2['description']
del self.project3['enabled']
del self.project3['description']
updated_project1 = controller.V2Controller.v3_to_v2_project(
self.project1)
self.assertIs(self.project1, updated_project1)
@ -3173,6 +3172,13 @@ class AssignmentV3toV2MethodsTestCase(unit.TestCase):
def test_v3_to_v2_project_method_list(self):
self._setup_initial_projects()
project_list = [self.project1, self.project2, self.project3]
# TODO(shaleh): these optional fields are not handled well by the
# v3_to_v2 code. Manually remove them for now. Eventually update
# new_project_ref to not return optional values
for p in project_list:
del p['enabled']
del p['description']
updated_list = controller.V2Controller.v3_to_v2_project(project_list)
self.assertEqual(len(updated_list), len(project_list))

17
keystone/tests/unit/test_v3_auth.py
View File

@ -774,9 +774,9 @@ class TestTokenRevokeById(test_v3.RestfulTestCase):
self.resource_api.create_domain(self.domainA['id'], self.domainA)
self.domainB = unit.new_domain_ref()
self.resource_api.create_domain(self.domainB['id'], self.domainB)
self.projectA = self.new_project_ref(domain_id=self.domainA['id'])
self.projectA = unit.new_project_ref(domain_id=self.domainA['id'])
self.resource_api.create_project(self.projectA['id'], self.projectA)
self.projectB = self.new_project_ref(domain_id=self.domainA['id'])
self.projectB = unit.new_project_ref(domain_id=self.domainA['id'])
self.resource_api.create_project(self.projectB['id'], self.projectB)
# Now create some users
@ -896,7 +896,7 @@ class TestTokenRevokeById(test_v3.RestfulTestCase):
expected_status=http_client.NOT_FOUND)
def role_data_fixtures(self):
self.projectC = self.new_project_ref(domain_id=self.domainA['id'])
self.projectC = unit.new_project_ref(domain_id=self.domainA['id'])
self.resource_api.create_project(self.projectC['id'], self.projectC)
self.user4 = unit.create_user(self.identity_api,
domain_id=self.domainB['id'])
@ -1845,7 +1845,7 @@ class TestAuth(test_v3.RestfulTestCase):
self.assertValidProjectScopedTokenResponse(r)
def _second_project_as_default(self):
ref = self.new_project_ref(domain_id=self.domain_id)
ref = unit.new_project_ref(domain_id=self.domain_id)
r = self.post('/projects', body={'project': ref})
project = self.assertValidProjectResponse(r, ref)
@ -1981,7 +1981,7 @@ class TestAuth(test_v3.RestfulTestCase):
disabled_endpoint_id)
def test_project_id_scoped_token_with_user_id_unauthorized(self):
project = self.new_project_ref(domain_id=self.domain_id)
project = unit.new_project_ref(domain_id=self.domain_id)
self.resource_api.create_project(project['id'], project)
auth_data = self.build_authentication_request(
@ -2015,7 +2015,7 @@ class TestAuth(test_v3.RestfulTestCase):
"""
domainA = unit.new_domain_ref()
self.resource_api.create_domain(domainA['id'], domainA)
projectA = self.new_project_ref(domain_id=domainA['id'])
projectA = unit.new_project_ref(domain_id=domainA['id'])
self.resource_api.create_project(projectA['id'], projectA)
user1 = unit.create_user(self.identity_api, domain_id=domainA['id'])
@ -2119,8 +2119,7 @@ class TestAuth(test_v3.RestfulTestCase):
# create domain, project and group and grant roles to user
domain1 = unit.new_domain_ref()
self.resource_api.create_domain(domain1['id'], domain1)
project1 = {'id': uuid.uuid4().hex, 'name': uuid.uuid4().hex,
'domain_id': domain1['id']}
project1 = unit.new_project_ref(domain_id=domain1['id'])
self.resource_api.create_project(project1['id'], project1)
user_foo = unit.create_user(self.identity_api,
domain_id=test_v3.DEFAULT_DOMAIN_ID)
@ -2619,7 +2618,7 @@ class TestAuth(test_v3.RestfulTestCase):
self.resource_api.create_domain(domain['id'], domain)
# create a project in the disabled domain
project = self.new_project_ref(domain_id=domain['id'])
project = unit.new_project_ref(domain_id=domain['id'])
self.resource_api.create_project(project['id'], project)
# assign some role to self.user for the project in the disabled domain

10
keystone/tests/unit/test_v3_federation.py
View File

@ -233,21 +233,21 @@ class FederatedSetupMixin(object):
self.domainD)
# Create and add projects
self.proj_employees = self.new_project_ref(
self.proj_employees = unit.new_project_ref(
domain_id=self.domainA['id'])
self.resource_api.create_project(self.proj_employees['id'],
self.proj_employees)
self.proj_customers = self.new_project_ref(
self.proj_customers = unit.new_project_ref(
domain_id=self.domainA['id'])
self.resource_api.create_project(self.proj_customers['id'],
self.proj_customers)
self.project_all = self.new_project_ref(
self.project_all = unit.new_project_ref(
domain_id=self.domainA['id'])
self.resource_api.create_project(self.project_all['id'],
self.project_all)
self.project_inherited = self.new_project_ref(
self.project_inherited = unit.new_project_ref(
domain_id=self.domainD['id'])
self.resource_api.create_project(self.project_inherited['id'],
self.project_inherited)
@ -1819,7 +1819,7 @@ class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin):
self.config_fixture.config(group='os_inherit', enabled=True)
# Create a subproject
subproject_inherited = self.new_project_ref(
subproject_inherited = unit.new_project_ref(
domain_id=self.domainD['id'],
parent_id=self.project_inherited['id'])
self.resource_api.create_project(subproject_inherited['id'],

6
keystone/tests/unit/test_v3_protection.py
View File

@ -352,7 +352,7 @@ class IdentityTestPolicySample(test_v3.RestfulTestCase):
self.role_api.create_role(self.admin_role['id'], self.admin_role)
# Create and assign roles to the project
self.project = self.new_project_ref(
self.project = unit.new_project_ref(
domain_id=CONF.identity.default_domain_id)
self.resource_api.create_project(self.project['id'], self.project)
self.assignment_api.create_grant(self.role['id'],
@ -637,7 +637,7 @@ class IdentityTestv3CloudPolicySample(test_v3.RestfulTestCase,
domain_id=self.domainA['id'])
# Create and assign roles to the project
self.project = self.new_project_ref(domain_id=self.domainA['id'])
self.project = unit.new_project_ref(domain_id=self.domainA['id'])
self.resource_api.create_project(self.project['id'], self.project)
self.assignment_api.create_grant(self.admin_role['id'],
user_id=self.project_admin_user['id'],
@ -689,7 +689,7 @@ class IdentityTestv3CloudPolicySample(test_v3.RestfulTestCase,
self.delete(entity_url, auth=self.auth,
expected_status=status_no_data)
proj_ref = self.new_project_ref(domain_id=domain_id)
proj_ref = unit.new_project_ref(domain_id=domain_id)
self.post('/projects', auth=self.auth, body={'project': proj_ref},
expected_status=status_created)