diff options
| author | Jesse Andrews <anotherjesse@gmail.com> | 2012-01-25 19:40:19 -0800 |
|---|---|---|
| committer | Jesse Andrews <anotherjesse@gmail.com> | 2012-01-25 19:40:19 -0800 |
| commit | fa4cdc40356e25b6097306396b57c38e7b9ee363 (patch) | |
| tree | af15a648bf193d0a0ee9b1f0c582b19a62c7500e | |
| parent | d4f2bf5fdefca433ee81075dd28be6f1b7387b50 (diff) | |
| parent | 1efee11f587a73969c68a6c77fc97d786a1903e6 (diff) | |
| download | keystone-fa4cdc40356e25b6097306396b57c38e7b9ee363.tar.gz keystone-fa4cdc40356e25b6097306396b57c38e7b9ee363.tar.xz keystone-fa4cdc40356e25b6097306396b57c38e7b9ee363.zip | |
Merge pull request #23 from termie/auth_invalid_tenant
add tests that auth with tenant user isn't member of
| -rw-r--r-- | tests/default_fixtures.py | 1 | ||||
| -rw-r--r-- | tests/test_keystoneclient.py | 19 |
2 files changed, 18 insertions, 2 deletions
diff --git a/tests/default_fixtures.py b/tests/default_fixtures.py index 22ac95f0..6d455bdf 100644 --- a/tests/default_fixtures.py +++ b/tests/default_fixtures.py @@ -3,6 +3,7 @@ TENANTS = [ {'id': 'baz', 'name': 'BAZ'}, ] +# NOTE(ja): a role of keystone_admin and attribute "is_admin" is done in setUp USERS = [ {'id': 'foo', 'name': 'FOO', 'password': 'foo2', 'tenants': ['bar',]}, {'id': 'two', 'name': 'TWO', 'password': 'two2', 'tenants': ['baz',]}, diff --git a/tests/test_keystoneclient.py b/tests/test_keystoneclient.py index 6265c175..477aa304 100644 --- a/tests/test_keystoneclient.py +++ b/tests/test_keystoneclient.py @@ -88,6 +88,14 @@ class KcMasterTestCase(CompatTestCase): tenants = client.tenants.list() self.assertEquals(tenants[0].id, self.tenant_bar['id']) + def test_authenticate_invalid_tenant_id(self): + from keystoneclient import exceptions as client_exceptions + self.assertRaises(client_exceptions.AuthorizationFailure, + self._client, + username=self.user_foo['name'], + password=self.user_foo['password'], + tenant_id='baz') + def test_authenticate_token_no_tenant(self): client = self.get_client() token = client.auth_token @@ -102,6 +110,13 @@ class KcMasterTestCase(CompatTestCase): tenants = token_client.tenants.list() self.assertEquals(tenants[0].id, self.tenant_bar['id']) + def test_authenticate_token_invalid_tenant_id(self): + from keystoneclient import exceptions as client_exceptions + client = self.get_client() + token = client.auth_token + self.assertRaises(client_exceptions.AuthorizationFailure, + self._client, token=token, tenant_id='baz') + def test_authenticate_token_tenant_name(self): client = self.get_client() token = client.auth_token @@ -219,8 +234,8 @@ class KcMasterTestCase(CompatTestCase): user = client.users.update_password(user=user, password='password2') - test_client = self._client(username=test_username, - password='password2') + self._client(username=test_username, + password='password2') user = client.users.update_tenant(user=user, tenant='bar') # TODO(ja): once keystonelight supports default tenant |