The goal is to move the responsibility of reference checks away from
controllers and into the underlying managers & drivers, which can
handle the task with equal or greater efficiency.
- Tenant references from create_user/update_user are NOT tested
due to inconsistencies between backends
- Additional test coverage improvements
Also fixes bug 999209, bug 999608, bug 1006029, bug 1006055, bug 1006287,
bug 1006334, and bug 1006344.
Change-Id: I7de592e7dd4518038436b9a9fdaab559b00a0537
Using a cached copy of the SQLite Data base speeds up the tests:
Before this change
Ran 44 tests in 126.154s
OK
Slowest 5 tests took 15.87 secs:
3.34 test_delete_role (test_backend_sql.SqlIdentity)
3.17 test_delete_user_with_tenant_association (test_backend_sql.SqlIdentity)
3.17 test_create_tenant_invalid_name_fails (test_backend_sql.SqlIdentity)
3.10 test_get_user (test_backend_sql.SqlIdentity)
3.10 test_get_tenant_bad_tenant (test_backend_sql.SqlIdentity)
After this change:
Ran 44 tests in 58.996s
OK
Slowest 5 tests took 8.64 secs:
2.57 test_add_user_to_tenant (test_backend_sql.SqlIdentity)
1.58 test_update_tenant_long_name_fails (test_backend_sql.SqlIdentity)
1.51 test_rename_duplicate_user_name_fails (test_backend_sql.SqlIdentity)
1.50 test_delete_tenant_with_user_association (test_backend_sql.SqlIdentity)
1.49 test_delete_user_with_tenant_association (test_backend_sql.SqlIdentity)
Slowest test was where the database was initialized
Change-Id: Idf046763e8718762695bbcedce4d223f654054db
The main culprit here was prettytable - but because of the way this was
working, it was causing intermittent transient network issues from pypi in
the devstack gates.
Change-Id: I62117116c850361c5e2de7e6485c14ef43007c1d
Implements the "follow up suggestion" in blueprint sql-identiy-pam
Moved the call to utils.check_password call to its own subroutine.
This allows anyone creating a subclass for sql.Identity to just replace
this new 'check_password' method rather than the entire
'authenticate' method. (This is modeled after ldap/core.py which
already does this.) If the logic in 'authenticate' changes, any
derrived classes won't need to be modified.
Updated to make method private.
Change-Id: I1a06596861fd016f63f5f1a5fe8180993f04f4f5
* keystone/middleware/auth_token.py: Catch the
correct exception so that the memcache and iso8601
modules can be optional as intended.
* tests/test_auth_token_middleware.py: Test
the ImportError path
* keystone/test.py: Add a new mixin class to
support disabling importing of a module.
Bug: 1003715
Change-Id: I87cc2f3bc79b17a52ea672bac7e0ebcf9e1fce57
Fixes bug #998185
This commit causes the token expiry time to be maintained when
one token is being created from another
Change-Id: I7b61692a60d9227423b93c267864a5abe939ca33
Changes since last sync:
- make reset() clear defaults and overrides
- automatically create option groups
- allow options to be marked as required
- use a list comprehension instead of map()
Change-Id: Id259a7ffe791a7e272fcc8bb21d7d0bc4f9e591d
- Make it consistent between the source documentation and the rst
documentation.
- Note about the default being https.
Change-Id: Ic78ef79198eee9b514bb52fce12d7224e9ab65ae
Fixes bug 999998.
Swift auth middleware uses a new format for expressing
a container ACL for a user: <tenant_name>:<user>. This
fix add supports for checking ACL using the old format
of <tenant_id>:<user>.
Change-Id: I44985b191afb174605c35041741056ae1e78fa77
- Don't use deprecated headers X_USER and X_ROLE but the newest one
X_USER_NAME and X_ROLES.
- Fixes bug 999447.
Change-Id: I12752c7668863cbb47ee4b6e484cc494133443e8