Merge "Fixing mapping schema to allow local user"

2016-03-10 19:22:24 +00:00 · 2016-03-10 19:22:24 +00:00 · e4e16cefab
parent ecb5613147 f82fa39834
commit e4e16cefab
2 changed files with 42 additions and 7 deletions
--- a/keystone/federation/utils.py
+++ b/keystone/federation/utils.py
@ -29,6 +29,13 @@ CONF = cfg.CONF
 LOG = log.getLogger(__name__)


+class UserType(object):
+    """User mapping type."""
+
+    EPHEMERAL = 'ephemeral'
+    LOCAL = 'local'
+
+
 MAPPING_SCHEMA = {
    "type": "object",
    "required": ['rules'],
@ -60,6 +67,11 @@ MAPPING_SCHEMA = {
                                                "name": {"type": "string"}
                                            },
                                            "additionalProperties": False,
+                                        },
+                                        "type": {
+                                            "type": "string",
+                                            "enum": [UserType.EPHEMERAL,
+                                                     UserType.LOCAL]
                                        }
                                    },
                                    "additionalProperties": False
@ -412,13 +424,6 @@ def get_assertion_params_from_env(context):
        yield (k, v)


-class UserType(object):
-    """User mapping type."""
-
-    EPHEMERAL = 'ephemeral'
-    LOCAL = 'local'
-
-
 class RuleProcessor(object):
    """A class to process assertions and mapping rules."""

--- a/keystone/tests/unit/test_v3_federation.py
+++ b/keystone/tests/unit/test_v3_federation.py
@ -10,6 +10,7 @@
 # License for the specific language governing permissions and limitations
 # under the License.

+import copy
 import os
 import random
 from testtools import matchers
@ -1531,6 +1532,35 @@ class MappingCRUDTests(test_v3.RestfulTestCase):
        self.put(url, expected_status=http_client.BAD_REQUEST,
                 body={'mapping': mapping})

+    def test_create_mapping_with_local_user_and_local_domain(self):
+        url = self.MAPPING_URL + uuid.uuid4().hex
+        resp = self.put(
+            url,
+            body={
+                'mapping': mapping_fixtures.MAPPING_LOCAL_USER_LOCAL_DOMAIN
+            },
+            expected_status=http_client.CREATED)
+        self.assertValidMappingResponse(
+            resp, mapping_fixtures.MAPPING_LOCAL_USER_LOCAL_DOMAIN)
+
+    def test_create_mapping_with_ephemeral(self):
+        url = self.MAPPING_URL + uuid.uuid4().hex
+        resp = self.put(
+            url,
+            body={'mapping': mapping_fixtures.MAPPING_EPHEMERAL_USER},
+            expected_status=http_client.CREATED)
+        self.assertValidMappingResponse(
+            resp, mapping_fixtures.MAPPING_EPHEMERAL_USER)
+
+    def test_create_mapping_with_bad_user_type(self):
+        url = self.MAPPING_URL + uuid.uuid4().hex
+        # get a copy of a known good map
+        bad_mapping = copy.deepcopy(mapping_fixtures.MAPPING_EPHEMERAL_USER)
+        # now sabotage the user type
+        bad_mapping['rules'][0]['local'][0]['user']['type'] = uuid.uuid4().hex
+        self.put(url, expected_status=http_client.BAD_REQUEST,
+                 body={'mapping': bad_mapping})
+

 class FederatedTokenTests(test_v3.RestfulTestCase, FederatedSetupMixin):