Merge "Adding description for testcases - identity part4"

This commit is contained in:
Zuul 2020-07-29 15:34:26 +00:00 committed by Gerrit Code Review
commit bb31c0c497
9 changed files with 77 additions and 19 deletions

View File

@ -20,9 +20,11 @@ from tempest.lib import decorators
class ApplicationCredentialsV3AdminTest(base.BaseApplicationCredentialsV3Test,
base.BaseIdentityV3AdminTest):
"""Test keystone application credentials"""
@decorators.idempotent_id('3b3dd48f-3388-406a-a9e6-4d078a552d0e')
def test_create_application_credential_with_roles(self):
"""Test creating keystone application credential with roles"""
role = self.setup_test_role()
self.os_admin.roles_v3_client.create_user_role_on_project(
self.project_id,

View File

@ -20,6 +20,8 @@ from tempest.lib import decorators
class CredentialsTestJSON(base.BaseIdentityV3AdminTest):
"""Test keystone credentials"""
# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@ -47,6 +49,7 @@ class CredentialsTestJSON(base.BaseIdentityV3AdminTest):
@decorators.attr(type='smoke')
@decorators.idempotent_id('7cd59bf9-bda4-4c72-9467-d21cab278355')
def test_credentials_create_get_update_delete(self):
"""Test creating, getting, updating, deleting of credentials"""
blob = '{"access": "%s", "secret": "%s"}' % (
data_utils.rand_name('Access'), data_utils.rand_name('Secret'))
cred = self.creds_client.create_credential(
@ -82,6 +85,7 @@ class CredentialsTestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('13202c00-0021-42a1-88d4-81b44d448aab')
def test_credentials_list_delete(self):
"""Test listing credentials"""
created_cred_ids = list()
fetched_cred_ids = list()

View File

@ -21,6 +21,8 @@ from tempest.lib import exceptions as lib_exc
class DomainConfigurationTestJSON(base.BaseIdentityV3AdminTest):
"""Test domain configuration"""
# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@ -51,10 +53,12 @@ class DomainConfigurationTestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('11a02bf0-6f94-4380-b3b0-c8dc18fc0d22')
def test_show_default_group_config_and_options(self):
# The API supports only the identity and ldap groups. For the ldap
# group, a valid value is url or user_tree_dn. For the identity group,
# a valid value is driver.
"""Test showing default keystone group config and options
The API supports only the identity and ldap groups. For the ldap
group, a valid value is url or user_tree_dn. For the identity group,
a valid value is driver.
"""
# Check that the default config has the identity and ldap groups.
config = self.client.show_default_config_settings()['config']
self.assertIsInstance(config, dict)
@ -93,6 +97,7 @@ class DomainConfigurationTestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('9e3ff13c-f597-4f01-9377-d6c06c2a1477')
def test_create_domain_config_and_show_config_groups_and_options(self):
"""Test creating and showing keystone config groups and options"""
domain, created_config = self._create_domain_and_config(
self.custom_config)
@ -117,6 +122,7 @@ class DomainConfigurationTestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('7161023e-5dd0-4612-9da0-1bac6ac30b63')
def test_create_update_and_delete_domain_config(self):
"""Test creating, updating and deleting keystone domain config"""
domain, created_config = self._create_domain_and_config(
self.custom_config)
@ -140,6 +146,7 @@ class DomainConfigurationTestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('c7510fa2-6661-4170-9c6b-4783a80651e9')
def test_create_update_and_delete_domain_config_groups_and_opts(self):
"""Test create/update/delete keystone domain config groups and opts"""
domain, _ = self._create_domain_and_config(self.custom_config)
# Check that updating configuration groups work.

View File

@ -20,6 +20,8 @@ from tempest.lib import decorators
class EndPointGroupsTest(base.BaseIdentityV3AdminTest):
"""Test endpoint groups"""
# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@ -68,6 +70,7 @@ class EndPointGroupsTest(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('7c69e7a1-f865-402d-a2ea-44493017315a')
def test_create_list_show_check_delete_endpoint_group(self):
"""Test create/list/show/check/delete of endpoint group"""
service_id = self._create_service()
self.addCleanup(self.services_client.delete_service, service_id)
name = data_utils.rand_name('service_group')
@ -127,6 +130,7 @@ class EndPointGroupsTest(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('51c8fc38-fa84-4e76-b5b6-6fc37770fb26')
def test_update_endpoint_group(self):
"""Test updating endpoint group"""
# Creating an endpoint group so as to check update endpoint group
# with new values
service1_id = self._create_service()

View File

@ -20,6 +20,8 @@ from tempest.lib import exceptions as lib_exc
class EndpointsNegativeTestJSON(base.BaseIdentityV3AdminTest):
"""Negative tests of endpoint"""
# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@ -48,7 +50,10 @@ class EndpointsNegativeTestJSON(base.BaseIdentityV3AdminTest):
@decorators.attr(type=['negative'])
@decorators.idempotent_id('ac6c137e-4d3d-448f-8c83-4f13d0942651')
def test_create_with_enabled_False(self):
# Enabled should be a boolean, not a string like 'False'
"""Test creating endpoint with invalid enabled value 'False'
Enabled should be a boolean, not a string like 'False'
"""
interface = 'public'
url = data_utils.rand_url()
region = data_utils.rand_name('region')
@ -59,7 +64,10 @@ class EndpointsNegativeTestJSON(base.BaseIdentityV3AdminTest):
@decorators.attr(type=['negative'])
@decorators.idempotent_id('9c43181e-0627-484a-8c79-923e8a59598b')
def test_create_with_enabled_True(self):
# Enabled should be a boolean, not a string like 'True'
"""Test creating endpoint with invalid enabled value 'True'
Enabled should be a boolean, not a string like 'True'
"""
interface = 'public'
url = data_utils.rand_url()
region = data_utils.rand_name('region')
@ -88,11 +96,17 @@ class EndpointsNegativeTestJSON(base.BaseIdentityV3AdminTest):
@decorators.attr(type=['negative'])
@decorators.idempotent_id('65e41f32-5eb7-498f-a92a-a6ccacf7439a')
def test_update_with_enabled_False(self):
# Enabled should be a boolean, not a string like 'False'
"""Test updating endpoint with invalid enabled value 'False'
Enabled should be a boolean, not a string like 'False'
"""
self._assert_update_raises_bad_request('False')
@decorators.attr(type=['negative'])
@decorators.idempotent_id('faba3587-f066-4757-a48e-b4a3f01803bb')
def test_update_with_enabled_True(self):
# Enabled should be a boolean, not a string like 'True'
"""Test updating endpoint with invalid enabled value 'True'
Enabled should be a boolean, not a string like 'True'
"""
self._assert_update_raises_bad_request('True')

View File

@ -23,6 +23,8 @@ CONF = config.CONF
class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):
"""Test keystone groups"""
# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@ -35,6 +37,7 @@ class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('2e80343b-6c81-4ac3-88c7-452f3e9d5129')
def test_group_create_update_get(self):
"""Test creating, updating and getting keystone group"""
# Verify group creation works.
name = data_utils.rand_name('Group')
description = data_utils.rand_name('Description')
@ -78,6 +81,7 @@ class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):
'immutable user source and solely '
'provides read-only access to users.')
def test_group_users_add_list_delete(self):
"""Test adding/listing/deleting group users"""
group = self.setup_test_group(domain_id=self.domain['id'])
# add user into group
users = []
@ -104,6 +108,7 @@ class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):
'immutable user source and solely '
'provides read-only access to users.')
def test_list_user_groups(self):
"""Test listing user groups when the user is in two groups"""
# create a user
user = self.create_test_user()
# create two groups, and add user into them
@ -127,7 +132,7 @@ class GroupsV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('cc9a57a5-a9ed-4f2d-a29f-4f979a06ec71')
def test_list_groups(self):
# Test to list groups
"""Test listing groups"""
group_ids = list()
fetched_ids = list()
for _ in range(3):

View File

@ -21,6 +21,8 @@ CONF = config.CONF
class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
"""Test keystone inherits"""
# NOTE: force_tenant_isolation is true in the base class by default but
# overridden to false here to allow test execution for clouds using the
# pre-provisioned credentials provider.
@ -72,6 +74,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
'Skipped because environment has an immutable user '
'source and solely provides read-only access to users.')
def test_inherit_assign_list_check_revoke_roles_on_domains_user(self):
"""Test assign/list/check/revoke inherited role on domain user"""
# Create role
src_role = self.setup_test_role()
# Assign role on domains user
@ -96,6 +99,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('c7a8dda2-be50-4fb4-9a9c-e830771078b1')
def test_inherit_assign_list_check_revoke_roles_on_domains_group(self):
"""Test assign/list/check/revoke inherited role on domain group"""
# Create role
src_role = self.setup_test_role()
# Assign role on domains group
@ -123,6 +127,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
'Skipped because environment has an immutable user '
'source and solely provides read-only access to users.')
def test_inherit_assign_check_revoke_roles_on_projects_user(self):
"""Test assign/list/check/revoke inherited role on project user"""
# Create role
src_role = self.setup_test_role()
# Assign role on projects user
@ -138,6 +143,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('26021436-d5a4-4256-943c-ded01e0d4b45')
def test_inherit_assign_check_revoke_roles_on_projects_group(self):
"""Test assign/list/check/revoke inherited role on project group"""
# Create role
src_role = self.setup_test_role()
# Assign role on projects group
@ -157,6 +163,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
'Skipped because environment has an immutable user '
'source and solely provides read-only access to users.')
def test_inherit_assign_list_revoke_user_roles_on_domain(self):
"""Test assign/list/check/revoke inherited role on domain"""
# Create role
src_role = self.setup_test_role()
@ -204,6 +211,7 @@ class InheritsV3TestJSON(base.BaseIdentityV3AdminTest):
'Skipped because environment has an immutable user '
'source and solely provides read-only access to users.')
def test_inherit_assign_list_revoke_user_roles_on_project_tree(self):
"""Test assign/list/check/revoke inherited role on project tree"""
# Create role
src_role = self.setup_test_role()

View File

@ -27,6 +27,7 @@ CONF = config.CONF
class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):
"""Test keystone trusts"""
@classmethod
def skip_checks(cls):
@ -195,8 +196,11 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('5a0a91a4-baef-4a14-baba-59bf4d7fcace')
def test_trust_impersonate(self):
# Test case to check we can create, get and delete a trust
# updates are not supported for trusts
"""Test keystone trust with impersonation enabled
To check we can create, get and delete a trust.
Updates are not supported for trusts
"""
trust = self.create_trust()
self.validate_trust(trust)
@ -207,8 +211,11 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('ed2a8779-a7ac-49dc-afd7-30f32f936ed2')
def test_trust_noimpersonate(self):
# Test case to check we can create, get and delete a trust
# with impersonation=False
"""Test keystone trust with impersonation disabled
To check we can create, get and delete a trust
with impersonation=False
"""
trust = self.create_trust(impersonate=False)
self.validate_trust(trust, impersonate=False)
@ -219,8 +226,11 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('0ed14b66-cefd-4b5c-a964-65759453e292')
def test_trust_expire(self):
# Test case to check we can create, get and delete a trust
# with an expiry specified
"""Test expire attribute of keystone trust
To check we can create, get and delete a trust
with an expiry specified
"""
expires_at = timeutils.utcnow() + datetime.timedelta(hours=1)
# NOTE(ylobankov) In some cases the expiry time may be rounded up
# because of microseconds. In fact, it depends on database and its
@ -246,8 +256,10 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('3e48f95d-e660-4fa9-85e0-5a3d85594384')
def test_trust_expire_invalid(self):
# Test case to check we can check an invalid expiry time
# is rejected with the correct error
"""Test invalid expire attribute of a keystone trust
To check an invalid expiry time is rejected with the correct error
"""
# with an expiry specified
expires_str = 'bad.123Z'
self.assertRaises(lib_exc.BadRequest,
@ -256,6 +268,7 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.idempotent_id('6268b345-87ca-47c0-9ce3-37792b43403a')
def test_get_trusts_query(self):
"""Test getting keystone trusts"""
self.create_trust()
trusts_get = self.trustor_client.list_trusts(
trustor_user_id=self.trustor_user_id)['trusts']
@ -265,7 +278,7 @@ class TrustsV3TestJSON(base.BaseIdentityV3AdminTest):
@decorators.attr(type='smoke')
@decorators.idempotent_id('4773ebd5-ecbf-4255-b8d8-b63e6f72b65d')
def test_get_trusts_all(self):
"""Test getting all keystone trusts"""
# Simple function that can be used for cleanup
def set_scope(auth_provider, scope):
auth_provider.scope = scope

View File

@ -23,11 +23,12 @@ CONF = config.CONF
class UsersNegativeTest(base.BaseIdentityV3AdminTest):
"""Negative tests of keystone users"""
@decorators.attr(type=['negative'])
@decorators.idempotent_id('e75f006c-89cc-477b-874d-588e4eab4b17')
def test_create_user_for_non_existent_domain(self):
# Attempt to create a user in a non-existent domain should fail
"""Attempt to create a user in a non-existent domain should fail"""
u_name = data_utils.rand_name('user')
u_email = u_name + '@testmail.tm'
u_password = data_utils.rand_password()
@ -39,7 +40,7 @@ class UsersNegativeTest(base.BaseIdentityV3AdminTest):
@decorators.attr(type=['negative'])
@decorators.idempotent_id('b3c9fccc-4134-46f5-b600-1da6fb0a3b1f')
def test_authentication_for_disabled_user(self):
# Attempt to authenticate for disabled user should fail
"""Attempt to authenticate for disabled user should fail"""
password = data_utils.rand_password()
user = self.setup_test_user(password)
self.disable_user(user['name'], user['domain_id'])