Ensure there isn't duplication in federated auth

In I9a150ded6c4b556627147d2671be15d6a3794ba5 a comments was made that we should test /auth/projects and /auth/domains in addition to /OS-FEDERATION/project and /OS-FEDERATION/domains. This commit ensures both API behave the same when pruning duplicate projects and domains. Change-Id: I3bc4f0776a875093ecdf5a7dc80583965585eef9
2017-06-29 18:18:38 +00:00 · 2017-06-29 18:18:38 +00:00 · f94ac3a1ab
parent bebd7056ad
commit f94ac3a1ab
1 changed files with 18 additions and 2 deletions
--- a/keystone/tests/unit/test_v3_federation.py
+++ b/keystone/tests/unit/test_v3_federation.py
@ -3091,7 +3091,7 @@ class FederatedUserTests(test_v3.RestfulTestCase, FederatedSetupMixin):
                                         user_id=user_id,
                                         domain_id=domain_from_group['id'])

-        # get user domains and test for duplicates
+        # get user domains via /OS-FEDERATION/domains and test for duplicates
        r = self.get('/OS-FEDERATION/domains', token=unscoped_token)
        user_domains = r.result['domains']
        user_domain_ids = []
@ -3099,6 +3099,14 @@ class FederatedUserTests(test_v3.RestfulTestCase, FederatedSetupMixin):
            self.assertNotIn(domain['id'], user_domain_ids)
            user_domain_ids.append(domain['id'])

+        # get user domains via /auth/domains and test for duplicates
+        r = self.get('/auth/domains', token=unscoped_token)
+        user_domains = r.result['domains']
+        user_domain_ids = []
+        for domain in user_domains:
+            self.assertNotIn(domain['id'], user_domain_ids)
+            user_domain_ids.append(domain['id'])
+
    def test_list_head_projects_for_user_duplicates(self):
        # create role
        role_ref = unit.new_role_ref()
@ -3123,7 +3131,7 @@ class FederatedUserTests(test_v3.RestfulTestCase, FederatedSetupMixin):
        self.assignment_api.add_role_to_user_and_project(
            user_id, project_from_group['id'], role_ref['id'])

-        # get user projects and test for duplicates
+        # get user projects via /OS-FEDERATION/projects and test for duplicates
        r = self.get('/OS-FEDERATION/projects', token=unscoped_token)
        user_projects = r.result['projects']
        user_project_ids = []
@ -3131,6 +3139,14 @@ class FederatedUserTests(test_v3.RestfulTestCase, FederatedSetupMixin):
            self.assertNotIn(project['id'], user_project_ids)
            user_project_ids.append(project['id'])

+        # get user projects via /auth/projects and test for duplicates
+        r = self.get('/auth/projects', token=unscoped_token)
+        user_projects = r.result['projects']
+        user_project_ids = []
+        for project in user_projects:
+            self.assertNotIn(project['id'], user_project_ids)
+            user_project_ids.append(project['id'])
+
    def test_delete_protocol_after_federated_authentication(self):
        # Create a protocol
        protocol = self.proto_ref(mapping_id=self.mapping['id'])