From f94ac3a1ab1e50d0750571fc3e9d4f7443d17c80 Mon Sep 17 00:00:00 2001 From: Lance Bragstad Date: Thu, 29 Jun 2017 18:18:38 +0000 Subject: [PATCH] Ensure there isn't duplication in federated auth In I9a150ded6c4b556627147d2671be15d6a3794ba5 a comments was made that we should test /auth/projects and /auth/domains in addition to /OS-FEDERATION/project and /OS-FEDERATION/domains. This commit ensures both API behave the same when pruning duplicate projects and domains. Change-Id: I3bc4f0776a875093ecdf5a7dc80583965585eef9 --- keystone/tests/unit/test_v3_federation.py | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/keystone/tests/unit/test_v3_federation.py b/keystone/tests/unit/test_v3_federation.py index 06ee8a701e..630ba19e80 100644 --- a/keystone/tests/unit/test_v3_federation.py +++ b/keystone/tests/unit/test_v3_federation.py @@ -3091,7 +3091,7 @@ class FederatedUserTests(test_v3.RestfulTestCase, FederatedSetupMixin): user_id=user_id, domain_id=domain_from_group['id']) - # get user domains and test for duplicates + # get user domains via /OS-FEDERATION/domains and test for duplicates r = self.get('/OS-FEDERATION/domains', token=unscoped_token) user_domains = r.result['domains'] user_domain_ids = [] @@ -3099,6 +3099,14 @@ class FederatedUserTests(test_v3.RestfulTestCase, FederatedSetupMixin): self.assertNotIn(domain['id'], user_domain_ids) user_domain_ids.append(domain['id']) + # get user domains via /auth/domains and test for duplicates + r = self.get('/auth/domains', token=unscoped_token) + user_domains = r.result['domains'] + user_domain_ids = [] + for domain in user_domains: + self.assertNotIn(domain['id'], user_domain_ids) + user_domain_ids.append(domain['id']) + def test_list_head_projects_for_user_duplicates(self): # create role role_ref = unit.new_role_ref() @@ -3123,7 +3131,7 @@ class FederatedUserTests(test_v3.RestfulTestCase, FederatedSetupMixin): self.assignment_api.add_role_to_user_and_project( user_id, project_from_group['id'], role_ref['id']) - # get user projects and test for duplicates + # get user projects via /OS-FEDERATION/projects and test for duplicates r = self.get('/OS-FEDERATION/projects', token=unscoped_token) user_projects = r.result['projects'] user_project_ids = [] @@ -3131,6 +3139,14 @@ class FederatedUserTests(test_v3.RestfulTestCase, FederatedSetupMixin): self.assertNotIn(project['id'], user_project_ids) user_project_ids.append(project['id']) + # get user projects via /auth/projects and test for duplicates + r = self.get('/auth/projects', token=unscoped_token) + user_projects = r.result['projects'] + user_project_ids = [] + for project in user_projects: + self.assertNotIn(project['id'], user_project_ids) + user_project_ids.append(project['id']) + def test_delete_protocol_after_federated_authentication(self): # Create a protocol protocol = self.proto_ref(mapping_id=self.mapping['id'])