diff options
| author | Yogeshwar Srikrishnan <yoga80@yahoo.com> | 2011-05-25 11:04:19 -0500 |
|---|---|---|
| committer | Yogeshwar Srikrishnan <yoga80@yahoo.com> | 2011-05-25 11:04:19 -0500 |
| commit | bd27344fcd95edc044a88367ea644b01fb2e2ae8 (patch) | |
| tree | 4f99a8fabc4af13fbba39b9e5a4dffabef38c993 | |
| parent | e9be213735e5922a7d24a0f60c6554427303d89d (diff) | |
| download | keystone-bd27344fcd95edc044a88367ea644b01fb2e2ae8.tar.gz keystone-bd27344fcd95edc044a88367ea644b01fb2e2ae8.tar.xz keystone-bd27344fcd95edc044a88367ea644b01fb2e2ae8.zip | |
Adding more tests for roleref operations.
| -rw-r--r-- | keystone/server.py | 1 | ||||
| -rw-r--r-- | test/unit/test_common.py | 1 | ||||
| -rw-r--r-- | test/unit/test_roles.py | 388 |
3 files changed, 380 insertions, 10 deletions
diff --git a/keystone/server.py b/keystone/server.py index af9580ff..469f4bab 100644 --- a/keystone/server.py +++ b/keystone/server.py @@ -582,6 +582,7 @@ class RolesController(wsgi.Controller): return utils.send_result(200, req, roleRefs) + @utils.wrap_error def delete_role_ref(self, req, user_id, role_ref_id): rval = service.delete_role_ref(utils.get_auth_token(req), role_ref_id) diff --git a/test/unit/test_common.py b/test/unit/test_common.py index 126a3f62..beba7dfa 100644 --- a/test/unit/test_common.py +++ b/test/unit/test_common.py @@ -725,7 +725,6 @@ def create_role_ref(user_id, role_id, tenant_id, auth_token): resp, content = header.request(url, "POST", body=json.dumps(body), headers={"Content-Type": "application/json", "X-Auth-Token": auth_token}) - print url, resp, content return (resp, content) def create_role_ref_xml(user_id, role_id, tenant_id, auth_token): diff --git a/test/unit/test_roles.py b/test/unit/test_roles.py index fa736f6a..10b16d27 100644 --- a/test/unit/test_roles.py +++ b/test/unit/test_roles.py @@ -164,8 +164,6 @@ class GetRoleTest(RolesTest): if role_id != 'Admin': self.fail("Not the expected Role") - - def test_get_role_xml(self): self.role = 'Admin' header = httplib2.Http(".cache") @@ -204,21 +202,136 @@ class GetRoleTest(RolesTest): elif int(resp['status']) == 503: self.fail('Service Not Available') self.assertEqual(404, int(resp['status'])) + + def test_get_role_xml_bad(self): + header = httplib2.Http(".cache") + url = '%sroles/%s' % (utils.URL, 'tenant_bad') + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.auth_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + + def test_get_role_expired_token(self): + self.role = 'Admin' + header = httplib2.Http(".cache") + url = '%sroles/%s' % (utils.URL, self.role) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.exp_auth_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) - def test_get_role_bad_xml(self): + def test_get_role_xml_using_expired_token(self): + self.role = 'Admin' header = httplib2.Http(".cache") - resp, content = utils.create_tenant(self.tenant, str(self.auth_token)) - url = '%sroles/%s' % (utils.URL, 'role_bad') + url = '%sroles/%s' % (utils.URL, self.role) #test for Content-Type = application/json resp, content = header.request(url, "GET", body='', headers={"Content-Type": "application/xml", - "X-Auth-Token": self.auth_token, + "X-Auth-Token": self.exp_auth_token, "ACCEPT": "application/xml"}) if int(resp['status']) == 500: self.fail('Identity Fault') elif int(resp['status']) == 503: self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_role_using_disabled_token(self): + self.role = 'Admin' + header = httplib2.Http(".cache") + url = '%sroles/%s' % (utils.URL, self.role) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.disabled_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_role_xml_using_disabled_token(self): + self.role = 'Admin' + header = httplib2.Http(".cache") + url = '%sroles/%s' % (utils.URL, self.role) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.disabled_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_role_using_missing_token(self): + self.role = 'Admin' + header = httplib2.Http(".cache") + url = '%sroles/%s' % (utils.URL, self.role) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.missing_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + + def test_get_role_xml_using_missing_token(self): + self.role = 'Admin' + header = httplib2.Http(".cache") + url = '%sroles/%s' % (utils.URL, self.role) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.missing_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + + def test_get_role_using_invalid_token(self): + self.role = 'Admin' + header = httplib2.Http(".cache") + url = '%sroles/%s' % (utils.URL, self.role) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": self.invalid_token}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') self.assertEqual(404, int(resp['status'])) + + def test_get_role_xml_using_invalid_token(self): + self.role = 'Admin' + header = httplib2.Http(".cache") + url = '%sroles/%s' % (utils.URL, self.role) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='', + headers={"Content-Type": "application/xml", + "X-Auth-Token": self.invalid_token, + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + class CreateRoleRefTest(RolesTest): def test_role_ref_create_json(self): @@ -233,7 +346,36 @@ class CreateRoleRefTest(RolesTest): resp, content = utils.create_role_ref_xml(self.user, 'Admin', self.tenant, str(self.auth_token)) resp_val = int(resp['status']) - self.assertEqual(201, resp_val) + self.assertEqual(201, resp_val) + + def test_role_ref_create_json_using_expired_token(self): + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.exp_auth_token)) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_role_ref_create_json_using_disabled_token(self): + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.disabled_token)) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_role_ref_create_json_using_missing_token(self): + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.missing_token)) + resp_val = int(resp['status']) + self.assertEqual(401, resp_val) + + def test_role_ref_create_json_using_invalid_token(self): + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.invalid_token)) + resp_val = int(resp['status']) + self.assertEqual(404, resp_val) + class GetRoleRefsTest(RolesTest): def test_get_rolerefs(self): @@ -280,7 +422,140 @@ class GetRoleRefsTest(RolesTest): "roleRefs") if roles == None: self.fail("Expecting Role Refs") - + + def test_get_rolerefs_using_expired_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + url = '%susers/%s/roleRefs' % (URL, self.user) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.exp_auth_token)}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_rolerefs_xml_using_expired_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + url = '%susers/%s/roleRefs' % (URL, self.user) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.exp_auth_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_rolerefs_using_disabled_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + url = '%susers/%s/roleRefs' % (URL, self.user) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.disabled_token)}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_rolerefs_xml_using_disabled_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + url = '%susers/%s/roleRefs' % (URL, self.user) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.disabled_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(403, int(resp['status'])) + + def test_get_rolerefs_using_missing_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + url = '%susers/%s/roleRefs' % (URL, self.user) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.missing_token)}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + + def test_get_rolerefs_xml_using_missing_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + url = '%susers/%s/roleRefs' % (URL, self.user) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.missing_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(401, int(resp['status'])) + + def test_get_rolerefs_using_invalid_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + url = '%susers/%s/roleRefs' % (URL, self.user) + #test for Content-Type = application/json + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.invalid_token)}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + + def test_get_rolerefs_xml_using_missing_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + url = '%susers/%s/roleRefs' % (URL, self.user) + #test for Content-Type = application/xml + resp, content = header.request(url, "GET", body='{}', + headers={"Content-Type": "application/xml", + "X-Auth-Token": str(self.invalid_token), + "ACCEPT": "application/xml"}) + if int(resp['status']) == 500: + self.fail('Identity Fault') + elif int(resp['status']) == 503: + self.fail('Service Not Available') + self.assertEqual(404, int(resp['status'])) + + class DeleteRoleRefTest(RolesTest): def test_delete_roleref(self): header = httplib2.Http(".cache") @@ -305,7 +580,102 @@ class DeleteRoleRefTest(RolesTest): "X-Auth-Token": str(self.auth_token)}) resp_val = int(resp['status']) self.assertEqual(204, resp_val) - return (resp, content) + + def test_delete_roleref_using_expired_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "roleRef" in obj: + raise fault.BadRequestFault("Expecting RoleRef") + roleRef = obj["roleRef"] + if not "id" in roleRef: + role_ref_id = None + else: + role_ref_id = roleRef["id"] + if role_ref_id is None: + raise fault.BadRequestFault("Expecting RoleRefId") + url = '%susers/%s/roleRefs/%s' % (URL, self.user, role_ref_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.exp_auth_token)}) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_delete_roleref_using_disabled_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "roleRef" in obj: + raise fault.BadRequestFault("Expecting RoleRef") + roleRef = obj["roleRef"] + if not "id" in roleRef: + role_ref_id = None + else: + role_ref_id = roleRef["id"] + if role_ref_id is None: + raise fault.BadRequestFault("Expecting RoleRefId") + url = '%susers/%s/roleRefs/%s' % (URL, self.user, role_ref_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.disabled_token)}) + resp_val = int(resp['status']) + self.assertEqual(403, resp_val) + + def test_delete_roleref_using_missing_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "roleRef" in obj: + raise fault.BadRequestFault("Expecting RoleRef") + roleRef = obj["roleRef"] + if not "id" in roleRef: + role_ref_id = None + else: + role_ref_id = roleRef["id"] + if role_ref_id is None: + raise fault.BadRequestFault("Expecting RoleRefId") + url = '%susers/%s/roleRefs/%s' % (URL, self.user, role_ref_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.missing_token)}) + resp_val = int(resp['status']) + self.assertEqual(401, resp_val) + + def test_delete_roleref_using_invalid_token(self): + header = httplib2.Http(".cache") + utils.add_user_json(self.tenant, self.user, self.auth_token) + resp, content = utils.create_role_ref(self.user, 'Admin', self.tenant, + str(self.auth_token)) + resp_val = int(resp['status']) + self.assertEqual(201, resp_val) + obj = json.loads(content) + if not "roleRef" in obj: + raise fault.BadRequestFault("Expecting RoleRef") + roleRef = obj["roleRef"] + if not "id" in roleRef: + role_ref_id = None + else: + role_ref_id = roleRef["id"] + if role_ref_id is None: + raise fault.BadRequestFault("Expecting RoleRefId") + url = '%susers/%s/roleRefs/%s' % (URL, self.user, role_ref_id) + resp, content = header.request(url, "DELETE", body='', + headers={"Content-Type": "application/json", + "X-Auth-Token": str(self.invalid_token)}) + resp_val = int(resp['status']) + self.assertEqual(404, resp_val) if __name__ == '__main__': |