Fix identity tests when domain specific drivers are enabled

This updates users and groups identity tests to check the existence
of domain specific drivers and, therefore, the existence of users
and groups on different domain drivers.

This adds a new feature flag to be used when domain specific drivers
are enabled.

Change-Id: Iedb470c51fa2174ab7651e6b7e22eff1f25f7aac
This commit is contained in:
Leticia Wanderley 2017-08-04 00:22:34 -03:00
parent e669940831
commit 9cafd3d045
4 changed files with 44 additions and 2 deletions

View File

@ -0,0 +1,7 @@
---
features:
- |
A new boolean config option ``domain_specific_drivers``
is added to the section ``identity-feature-enabled``.
This option must be enabled when testing an environment that
is configured to use domain-specific identity drivers.

View File

@ -14,9 +14,12 @@
# under the License.
from tempest.api.identity import base
from tempest import config
from tempest.lib.common.utils import data_utils
from tempest.lib import decorators
CONF = config.CONF
class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):
@ -130,7 +133,14 @@ class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):
self.addCleanup(self.groups_client.delete_group, group['id'])
group_ids.append(group['id'])
# List and Verify Groups
body = self.groups_client.list_groups()['groups']
# When domain specific drivers are enabled the operations
# of listing all users and listing all groups are not supported,
# they need a domain filter to be specified
if CONF.identity_feature_enabled.domain_specific_drivers:
body = self.groups_client.list_groups(
domain_id=self.domain['id'])['groups']
else:
body = self.groups_client.list_groups()['groups']
for g in body:
fetched_ids.append(g['id'])
missing_groups = [g for g in group_ids if g not in fetched_ids]

View File

@ -14,9 +14,12 @@
# under the License.
from tempest.api.identity import base
from tempest import config
from tempest.lib.common.utils import data_utils
from tempest.lib import decorators
CONF = config.CONF
class UsersV3TestJSON(base.BaseIdentityV3AdminTest):
@ -82,6 +85,11 @@ class UsersV3TestJSON(base.BaseIdentityV3AdminTest):
def test_list_users_with_name(self):
# List users with name
params = {'name': self.domain_enabled_user['name']}
# When domain specific drivers are enabled the operations
# of listing all users and listing all groups are not supported,
# they need a domain filter to be specified
if CONF.identity_feature_enabled.domain_specific_drivers:
params['domain_id'] = self.domain_enabled_user['domain_id']
self._list_users_with_params(params, 'name',
self.domain_enabled_user,
self.non_domain_enabled_user)
@ -89,7 +97,18 @@ class UsersV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('b30d4651-a2ea-4666-8551-0c0e49692635')
def test_list_users(self):
# List users
body = self.users_client.list_users()['users']
# When domain specific drivers are enabled the operations
# of listing all users and listing all groups are not supported,
# they need a domain filter to be specified
if CONF.identity_feature_enabled.domain_specific_drivers:
body_enabled_user = self.users_client.list_users(
domain_id=self.domain_enabled_user['domain_id'])['users']
body_non_enabled_user = self.users_client.list_users(
domain_id=self.non_domain_enabled_user['domain_id'])['users']
body = (body_enabled_user + body_non_enabled_user)
else:
body = self.users_client.list_users()['users']
fetched_ids = [u['id'] for u in body]
missing_users = [u['id'] for u in self.users
if u['id'] not in fetched_ids]

View File

@ -234,6 +234,12 @@ IdentityFeatureGroup = [
deprecated_reason="This feature flag was introduced to "
"support testing of old OpenStack versions, "
"which are not supported anymore"),
cfg.BoolOpt('domain_specific_drivers',
default=False,
help='Are domain specific drivers enabled? '
'This configuration value should be same as '
'[identity]->domain_specific_drivers_enabled '
'in keystone.conf.'),
cfg.BoolOpt('security_compliance',
default=False,
help='Does the environment have the security compliance '