clean up keystoneclient setup

4 files changed, 45 insertions, 36 deletions

diff --git a/keystonelight/keystone_compat.py b/keystonelight/keystone_compat.py
index 85f947fa..0055955e 100644
--- a/keystonelight/keystone_compat.py
+++ b/keystonelight/keystone_compat.py
@@ -150,7 +150,14 @@ class KeystoneController(service.BaseApplication):
                     tenant_id=tenant_ref['id'],
                     extras=extras_ref)
 
-        return self._format_authenticate(token_ref, catalog_ref)
+        # TODO(termie): optimize this call at some point and put it into the
+        #               the return for extras
+        # fill out the roles in the extras
+        roles_ref = []
+        for role_id in extras_ref.get('roles', []):
+            roles_ref.append(self.identity_api.get_role(context, role_id))
+
+        return self._format_authenticate(token_ref, roles_ref, catalog_ref)
 
     #admin-only
     def validate_token(self, context, token_id, belongs_to=None):
@@ -220,11 +227,9 @@ class KeystoneController(service.BaseApplication):
                 context, tenant_id=tenant_id, data=tenant_ref)
         return {'tenant': tenant}
 
-    def _format_token(self, token_ref):
+    def _format_token(self, token_ref, roles_ref):
         user_ref = token_ref['user']
         extras_ref = token_ref['extras']
-        roles = extras_ref.get('roles', [])
-        roles_ref = [{'id': 1, 'name': x} for x in roles]
         o = {'access': {'token': {'id': token_ref['id'],
                                   'expires': token_ref['expires']
                                   },
@@ -242,8 +247,8 @@ class KeystoneController(service.BaseApplication):
             o['access']['token']['tenant'] = token_ref['tenant']
         return o
 
-    def _format_authenticate(self, token_ref, catalog_ref):
-        o = self._format_token(token_ref)
+    def _format_authenticate(self, token_ref, roles_ref, catalog_ref):
+        o = self._format_token(token_ref, roles_ref)
         o['access']['serviceCatalog'] = self._format_catalog(catalog_ref)
         return o
 
diff --git a/keystonelight/test.py b/keystonelight/test.py
index bcfee343..a0efb40d 100644
--- a/keystonelight/test.py
+++ b/keystonelight/test.py
@@ -96,8 +96,22 @@ class TestCase(unittest.TestCase):
         sys.path.remove(path)
     super(TestCase, self).tearDown()
 
+  #TODO(termie): probably make this take an argument and use that for `options`
+  def load_backends(self):
+    """Hacky shortcut to load the backends for data manipulation.
+
+    Expects self.options to have already been set.
+
+    """
+    self.identity_api = utils.import_object(
+        self.options['identity_driver'], options=self.options)
+    self.token_api = utils.import_object(
+        self.options['token_driver'], options=self.options)
+    self.catalog_api = utils.import_object(
+        self.options['catalog_driver'], options=self.options)
+
   def load_fixtures(self, fixtures):
-    """Really quite basic and naive fixture loading based on a python module.
+    """Hacky basic and naive fixture loading based on a python module.
 
     Expects that the various APIs into the various services are already
     defined on `self`.
diff --git a/tests/test_backend_kvs.py b/tests/test_backend_kvs.py
index 8ec1e607..d23605b6 100644
--- a/tests/test_backend_kvs.py
+++ b/tests/test_backend_kvs.py
@@ -9,8 +9,8 @@ import default_fixtures
 class KvsIdentity(test.TestCase):
   def setUp(self):
     super(KvsIdentity, self).setUp()
-    options = self.appconfig('default')
-    self.identity_api = kvs.KvsIdentity(options=options, db={})
+    self.options = self.appconfig('default')
+    self.identity_api = kvs.KvsIdentity(options=self.options, db={})
     self.load_fixtures(default_fixtures)
 
   def test_authenticate_bad_user(self):
diff --git a/tests/test_keystoneclient_compat.py b/tests/test_keystoneclient_compat.py
index 1c64ddb3..e0eec5f4 100644
--- a/tests/test_keystoneclient_compat.py
+++ b/tests/test_keystoneclient_compat.py
@@ -2,6 +2,8 @@ from keystonelight import models
 from keystonelight import test
 from keystonelight import utils
 
+import default_fixtures
+
 
 KEYSTONECLIENT_REPO = 'git://github.com/openstack/python-keystoneclient.git'
 
@@ -37,32 +39,18 @@ class MasterCompatTestCase(CompatTestCase):
 
         self.app = self.loadapp('keystoneclient_compat_master')
         self.options = self.appconfig('keystoneclient_compat_master')
-
-        self.identity_backend = utils.import_object(
-            self.options['identity_driver'], options=self.options)
-        self.token_backend = utils.import_object(
-            self.options['token_driver'], options=self.options)
-        self.catalog_backend = utils.import_object(
-            self.options['catalog_driver'], options=self.options)
+        self.load_backends()
+        self.load_fixtures(default_fixtures)
 
         self.server = self.serveapp('keystoneclient_compat_master')
 
-        self.tenant_bar = self.identity_backend.create_tenant(
-            'bar',
-            models.Tenant(id='bar', name='BAR'))
-
-        self.user_foo = self.identity_backend.create_user(
-            'foo',
-            models.User(id='foo',
-                        name='FOO',
-                        tenants=[self.tenant_bar['id']],
-                        password='foo'))
-
-        self.extras_bar_foo = self.identity_backend.create_extras(
+        # TODO(termie): is_admin is being deprecated once the policy stuff
+        #               is all working
+        # TODO(termie): add an admin user to the fixtures and use that user
+        # override the fixtures, for now
+        self.extras_foobar = self.identity_api.update_extras(
             self.user_foo['id'], self.tenant_bar['id'],
-            dict(roles=[],
-                 is_admin='1',
-                 roles_links=[]))
+            dict(roles=['keystone_admin'], is_admin='1'))
 
     # def test_authenticate(self):
     #     from keystoneclient.v2_0 import client as ks_client
@@ -77,7 +65,7 @@ class MasterCompatTestCase(CompatTestCase):
     def test_authenticate_tenant_name_and_tenants(self):
         client = self._client(auth_url=self._url(),
                               username='FOO',
-                              password='foo',
+                              password='foo2',
                               tenant_name='BAR')
         tenants = client.tenants.list()
         self.assertEquals(tenants[0].id, self.tenant_bar['id'])
@@ -85,7 +73,7 @@ class MasterCompatTestCase(CompatTestCase):
     def test_authenticate_tenant_id_and_tenants(self):
         client = self._client(auth_url=self._url(),
                               username='FOO',
-                              password='foo',
+                              password='foo2',
                               tenant_id='bar')
         tenants = client.tenants.list()
         self.assertEquals(tenants[0].id, self.tenant_bar['id'])
@@ -93,11 +81,13 @@ class MasterCompatTestCase(CompatTestCase):
     # FIXME(ja): this test should require the "keystone:admin" roled
     #            (probably the role set via --keystone_admin_role flag)
     # FIXME(ja): add a test that admin endpoint is only sent to admin user
-    # FIXME(ja): add a test that admin endpoint returns unauthorized if not admin
+    # FIXME(ja): add a test that admin endpoint returns unauthorized if not
+    #            admin
     def test_tenant_create(self):
         client = self._client(auth_url=self._url(),
                               username='FOO',
-                              password='foo',
+                              password='foo2',
                               tenant_name='BAR')
-        client.tenants.create("hello", description="My new tenant!", enabled=True)
+        client.tenants.create(
+            "hello", description="My new tenant!", enabled=True)
         # FIXME(ja): assert tenant was created