Browse Source

Merge "Adding description for testcases - identity part4"

changes/73/686073/7
Zuul 1 week ago
committed by Gerrit Code Review
parent
commit
bb31c0c497
9 changed files with 77 additions and 19 deletions
  1. +2
    -0
      tempest/api/identity/admin/v3/test_application_credentials.py
  2. +4
    -0
      tempest/api/identity/admin/v3/test_credentials.py
  3. +10
    -3
      tempest/api/identity/admin/v3/test_domain_configuration.py
  4. +4
    -0
      tempest/api/identity/admin/v3/test_endpoint_groups.py
  5. +18
    -4
      tempest/api/identity/admin/v3/test_endpoints_negative.py
  6. +6
    -1
      tempest/api/identity/admin/v3/test_groups.py
  7. +8
    -0
      tempest/api/identity/admin/v3/test_inherits.py
  8. +22
    -9
      tempest/api/identity/admin/v3/test_trusts.py
  9. +3
    -2
      tempest/api/identity/admin/v3/test_users_negative.py

+ 2
- 0
tempest/api/identity/admin/v3/test_application_credentials.py View File

@@ -20,9 +20,11 @@ from tempest.lib import decorators

class ApplicationCredentialsV3AdminTest(base.BaseApplicationCredentialsV3Test,
base.BaseIdentityV3AdminTest):
"""Test keystone application credentials"""

@decorators.idempotent_id('3b3dd48f-3388-406a-a9e6-4d078a552d0e')
def test_create_application_credential_with_roles(self):
"""Test creating keystone application credential with roles"""
role = self.setup_test_role()
self.os_admin.roles_v3_client.create_user_role_on_project(
self.project_id,


+ 4
- 0
tempest/api/identity/admin/v3/test_credentials.py View File

@@ -20,6 +20,8 @@ from tempest.lib import decorators


class CredentialsTestJSON(base.BaseIdentityV3AdminTest):
"""Test keystone credentials"""

# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@@ -47,6 +49,7 @@ class CredentialsTestJSON(base.BaseIdentityV3AdminTest):
@decorators.attr(type='smoke')
@decorators.idempotent_id('7cd59bf9-bda4-4c72-9467-d21cab278355')
def test_credentials_create_get_update_delete(self):
"""Test creating, getting, updating, deleting of credentials"""
blob = '{"access": "%s", "secret": "%s"}' % (
data_utils.rand_name('Access'), data_utils.rand_name('Secret'))
cred = self.creds_client.create_credential(
@@ -82,6 +85,7 @@ class CredentialsTestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('13202c00-0021-42a1-88d4-81b44d448aab')
def test_credentials_list_delete(self):
"""Test listing credentials"""
created_cred_ids = list()
fetched_cred_ids = list()



+ 10
- 3
tempest/api/identity/admin/v3/test_domain_configuration.py View File

@@ -21,6 +21,8 @@ from tempest.lib import exceptions as lib_exc


class DomainConfigurationTestJSON(base.BaseIdentityV3AdminTest):
"""Test domain configuration"""

# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@@ -51,10 +53,12 @@ class DomainConfigurationTestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('11a02bf0-6f94-4380-b3b0-c8dc18fc0d22')
def test_show_default_group_config_and_options(self):
# The API supports only the identity and ldap groups. For the ldap
# group, a valid value is url or user_tree_dn. For the identity group,
# a valid value is driver.
"""Test showing default keystone group config and options

The API supports only the identity and ldap groups. For the ldap
group, a valid value is url or user_tree_dn. For the identity group,
a valid value is driver.
"""
# Check that the default config has the identity and ldap groups.
config = self.client.show_default_config_settings()['config']
self.assertIsInstance(config, dict)
@@ -93,6 +97,7 @@ class DomainConfigurationTestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('9e3ff13c-f597-4f01-9377-d6c06c2a1477')
def test_create_domain_config_and_show_config_groups_and_options(self):
"""Test creating and showing keystone config groups and options"""
domain, created_config = self._create_domain_and_config(
self.custom_config)

@@ -117,6 +122,7 @@ class DomainConfigurationTestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('7161023e-5dd0-4612-9da0-1bac6ac30b63')
def test_create_update_and_delete_domain_config(self):
"""Test creating, updating and deleting keystone domain config"""
domain, created_config = self._create_domain_and_config(
self.custom_config)

@@ -140,6 +146,7 @@ class DomainConfigurationTestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('c7510fa2-6661-4170-9c6b-4783a80651e9')
def test_create_update_and_delete_domain_config_groups_and_opts(self):
"""Test create/update/delete keystone domain config groups and opts"""
domain, _ = self._create_domain_and_config(self.custom_config)

# Check that updating configuration groups work.


+ 4
- 0
tempest/api/identity/admin/v3/test_endpoint_groups.py View File

@@ -20,6 +20,8 @@ from tempest.lib import decorators


class EndPointGroupsTest(base.BaseIdentityV3AdminTest):
"""Test endpoint groups"""

# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@@ -68,6 +70,7 @@ class EndPointGroupsTest(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('7c69e7a1-f865-402d-a2ea-44493017315a')
def test_create_list_show_check_delete_endpoint_group(self):
"""Test create/list/show/check/delete of endpoint group"""
service_id = self._create_service()
self.addCleanup(self.services_client.delete_service, service_id)
name = data_utils.rand_name('service_group')
@@ -127,6 +130,7 @@ class EndPointGroupsTest(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('51c8fc38-fa84-4e76-b5b6-6fc37770fb26')
def test_update_endpoint_group(self):
"""Test updating endpoint group"""
# Creating an endpoint group so as to check update endpoint group
# with new values
service1_id = self._create_service()


+ 18
- 4
tempest/api/identity/admin/v3/test_endpoints_negative.py View File

@@ -20,6 +20,8 @@ from tempest.lib import exceptions as lib_exc


class EndpointsNegativeTestJSON(base.BaseIdentityV3AdminTest):
"""Negative tests of endpoint"""

# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@@ -48,7 +50,10 @@ class EndpointsNegativeTestJSON(base.BaseIdentityV3AdminTest):
@decorators.attr(type=['negative'])
@decorators.idempotent_id('ac6c137e-4d3d-448f-8c83-4f13d0942651')
def test_create_with_enabled_False(self):
# Enabled should be a boolean, not a string like 'False'
"""Test creating endpoint with invalid enabled value 'False'

Enabled should be a boolean, not a string like 'False'
"""
interface = 'public'
url = data_utils.rand_url()
region = data_utils.rand_name('region')
@@ -59,7 +64,10 @@ class EndpointsNegativeTestJSON(base.BaseIdentityV3AdminTest):
@decorators.attr(type=['negative'])
@decorators.idempotent_id('9c43181e-0627-484a-8c79-923e8a59598b')
def test_create_with_enabled_True(self):
# Enabled should be a boolean, not a string like 'True'
"""Test creating endpoint with invalid enabled value 'True'

Enabled should be a boolean, not a string like 'True'
"""
interface = 'public'
url = data_utils.rand_url()
region = data_utils.rand_name('region')
@@ -88,11 +96,17 @@ class EndpointsNegativeTestJSON(base.BaseIdentityV3AdminTest):
@decorators.attr(type=['negative'])
@decorators.idempotent_id('65e41f32-5eb7-498f-a92a-a6ccacf7439a')
def test_update_with_enabled_False(self):
# Enabled should be a boolean, not a string like 'False'
"""Test updating endpoint with invalid enabled value 'False'

Enabled should be a boolean, not a string like 'False'
"""
self._assert_update_raises_bad_request('False')

@decorators.attr(type=['negative'])
@decorators.idempotent_id('faba3587-f066-4757-a48e-b4a3f01803bb')
def test_update_with_enabled_True(self):
# Enabled should be a boolean, not a string like 'True'
"""Test updating endpoint with invalid enabled value 'True'

Enabled should be a boolean, not a string like 'True'
"""
self._assert_update_raises_bad_request('True')

+ 6
- 1
tempest/api/identity/admin/v3/test_groups.py View File

@@ -23,6 +23,8 @@ CONF = config.CONF


class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):
"""Test keystone groups"""

# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@@ -35,6 +37,7 @@ class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('2e80343b-6c81-4ac3-88c7-452f3e9d5129')
def test_group_create_update_get(self):
"""Test creating, updating and getting keystone group"""
# Verify group creation works.
name = data_utils.rand_name('Group')
description = data_utils.rand_name('Description')
@@ -78,6 +81,7 @@ class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):
'immutable user source and solely '
'provides read-only access to users.')
def test_group_users_add_list_delete(self):
"""Test adding/listing/deleting group users"""
group = self.setup_test_group(domain_id=self.domain['id'])
# add user into group
users = []
@@ -104,6 +108,7 @@ class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):
'immutable user source and solely '
'provides read-only access to users.')
def test_list_user_groups(self):
"""Test listing user groups when the user is in two groups"""
# create a user
user = self.create_test_user()
# create two groups, and add user into them
@@ -127,7 +132,7 @@ class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('cc9a57a5-a9ed-4f2d-a29f-4f979a06ec71')
def test_list_groups(self):
# Test to list groups
"""Test listing groups"""
group_ids = list()
fetched_ids = list()
for _ in range(3):


+ 8
- 0
tempest/api/identity/admin/v3/test_inherits.py View File

@@ -21,6 +21,8 @@ CONF = config.CONF


class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
"""Test keystone inherits"""

# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@@ -72,6 +74,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
'Skipped because environment has an immutable user '
'source and solely provides read-only access to users.')
def test_inherit_assign_list_check_revoke_roles_on_domains_user(self):
"""Test assign/list/check/revoke inherited role on domain user"""
# Create role
src_role = self.setup_test_role()
# Assign role on domains user
@@ -96,6 +99,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('c7a8dda2-be50-4fb4-9a9c-e830771078b1')
def test_inherit_assign_list_check_revoke_roles_on_domains_group(self):
"""Test assign/list/check/revoke inherited role on domain group"""
# Create role
src_role = self.setup_test_role()
# Assign role on domains group
@@ -123,6 +127,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
'Skipped because environment has an immutable user '
'source and solely provides read-only access to users.')
def test_inherit_assign_check_revoke_roles_on_projects_user(self):
"""Test assign/list/check/revoke inherited role on project user"""
# Create role
src_role = self.setup_test_role()
# Assign role on projects user
@@ -138,6 +143,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('26021436-d5a4-4256-943c-ded01e0d4b45')
def test_inherit_assign_check_revoke_roles_on_projects_group(self):
"""Test assign/list/check/revoke inherited role on project group"""
# Create role
src_role = self.setup_test_role()
# Assign role on projects group
@@ -157,6 +163,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
'Skipped because environment has an immutable user '
'source and solely provides read-only access to users.')
def test_inherit_assign_list_revoke_user_roles_on_domain(self):
"""Test assign/list/check/revoke inherited role on domain"""
# Create role
src_role = self.setup_test_role()

@@ -204,6 +211,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
'Skipped because environment has an immutable user '
'source and solely provides read-only access to users.')
def test_inherit_assign_list_revoke_user_roles_on_project_tree(self):
"""Test assign/list/check/revoke inherited role on project tree"""
# Create role
src_role = self.setup_test_role()



+ 22
- 9
tempest/api/identity/admin/v3/test_trusts.py View File

@@ -27,6 +27,7 @@ CONF = config.CONF


class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):
"""Test keystone trusts"""

@classmethod
def skip_checks(cls):
@@ -195,8 +196,11 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('5a0a91a4-baef-4a14-baba-59bf4d7fcace')
def test_trust_impersonate(self):
# Test case to check we can create, get and delete a trust
# updates are not supported for trusts
"""Test keystone trust with impersonation enabled

To check we can create, get and delete a trust.
Updates are not supported for trusts
"""
trust = self.create_trust()
self.validate_trust(trust)

@@ -207,8 +211,11 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('ed2a8779-a7ac-49dc-afd7-30f32f936ed2')
def test_trust_noimpersonate(self):
# Test case to check we can create, get and delete a trust
# with impersonation=False
"""Test keystone trust with impersonation disabled

To check we can create, get and delete a trust
with impersonation=False
"""
trust = self.create_trust(impersonate=False)
self.validate_trust(trust, impersonate=False)

@@ -219,8 +226,11 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('0ed14b66-cefd-4b5c-a964-65759453e292')
def test_trust_expire(self):
# Test case to check we can create, get and delete a trust
# with an expiry specified
"""Test expire attribute of keystone trust

To check we can create, get and delete a trust
with an expiry specified
"""
expires_at = timeutils.utcnow() + datetime.timedelta(hours=1)
# NOTE(ylobankov) In some cases the expiry time may be rounded up
# because of microseconds. In fact, it depends on database and its
@@ -246,8 +256,10 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('3e48f95d-e660-4fa9-85e0-5a3d85594384')
def test_trust_expire_invalid(self):
# Test case to check we can check an invalid expiry time
# is rejected with the correct error
"""Test invalid expire attribute of a keystone trust

To check an invalid expiry time is rejected with the correct error
"""
# with an expiry specified
expires_str = 'bad.123Z'
self.assertRaises(lib_exc.BadRequest,
@@ -256,6 +268,7 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):

@decorators.idempotent_id('6268b345-87ca-47c0-9ce3-37792b43403a')
def test_get_trusts_query(self):
"""Test getting keystone trusts"""
self.create_trust()
trusts_get = self.trustor_client.list_trusts(
trustor_user_id=self.trustor_user_id)['trusts']
@@ -265,7 +278,7 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.attr(type='smoke')
@decorators.idempotent_id('4773ebd5-ecbf-4255-b8d8-b63e6f72b65d')
def test_get_trusts_all(self):
"""Test getting all keystone trusts"""
# Simple function that can be used for cleanup
def set_scope(auth_provider, scope):
auth_provider.scope = scope


+ 3
- 2
tempest/api/identity/admin/v3/test_users_negative.py View File

@@ -23,11 +23,12 @@ CONF = config.CONF


class UsersNegativeTest(base.BaseIdentityV3AdminTest):
"""Negative tests of keystone users"""

@decorators.attr(type=['negative'])
@decorators.idempotent_id('e75f006c-89cc-477b-874d-588e4eab4b17')
def test_create_user_for_non_existent_domain(self):
# Attempt to create a user in a non-existent domain should fail
"""Attempt to create a user in a non-existent domain should fail"""
u_name = data_utils.rand_name('user')
u_email = u_name + '@testmail.tm'
u_password = data_utils.rand_password()
@@ -39,7 +40,7 @@ class UsersNegativeTest(base.BaseIdentityV3AdminTest):
@decorators.attr(type=['negative'])
@decorators.idempotent_id('b3c9fccc-4134-46f5-b600-1da6fb0a3b1f')
def test_authentication_for_disabled_user(self):
# Attempt to authenticate for disabled user should fail
"""Attempt to authenticate for disabled user should fail"""
password = data_utils.rand_password()
user = self.setup_test_user(password)
self.disable_user(user['name'], user['domain_id'])


Loading…
Cancel
Save